From 8aa540d2f783474d1d2e06f16744bf67b9c1facc Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Fri, 10 Mar 2006 21:46:48 +0000 Subject: Imported GNU Classpath 0.90 Imported GNU Classpath 0.90 * scripts/makemake.tcl: Set gnu/java/awt/peer/swing to ignore. * gnu/classpath/jdwp/VMFrame.java (SIZE): New constant. * java/lang/VMCompiler.java: Use gnu.java.security.hash.MD5. * java/lang/Math.java: New override file. * java/lang/Character.java: Merged from Classpath. (start, end): Now 'int's. (canonicalName): New field. (CANONICAL_NAME, NO_SPACES_NAME, CONSTANT_NAME): New constants. (UnicodeBlock): Added argument. (of): New overload. (forName): New method. Updated unicode blocks. (sets): Updated. * sources.am: Regenerated. * Makefile.in: Likewise. From-SVN: r111942 --- libjava/classpath/gnu/CORBA/IOR.java | 54 + .../gnu/CORBA/NamingService/NamingMap.java | 13 +- .../NamingService/NamingServiceTransient.java | 2 +- .../gnu/CORBA/NamingService/TransientContext.java | 35 +- .../classpath/gnu/classpath/ServiceFactory.java | 7 +- .../classpath/ServiceProviderLoadingAction.java | 6 +- .../classpath/gnu/classpath/debug/Component.java | 4 +- .../gnu/classpath/debug/Simple1LineFormatter.java | 153 + libjava/classpath/gnu/classpath/jdwp/Jdwp.java | 6 +- .../gnu/classpath/jdwp/event/EventRequest.java | 15 +- .../classpath/gnu/classpath/jdwp/id/JdwpId.java | 12 +- .../classpath/gnu/classpath/jdwp/id/ObjectId.java | 10 +- .../gnu/classpath/jdwp/id/ReferenceTypeId.java | 10 +- .../jdwp/processor/VirtualMachineCommandSet.java | 14 +- .../gnu/java/awt/peer/GLightweightPeer.java | 6 +- .../gnu/java/awt/peer/gtk/GtkButtonPeer.java | 7 +- .../java/awt/peer/gtk/GtkCheckboxMenuItemPeer.java | 9 +- .../gnu/java/awt/peer/gtk/GtkCheckboxPeer.java | 57 +- .../gnu/java/awt/peer/gtk/GtkComponentPeer.java | 157 +- .../gnu/java/awt/peer/gtk/GtkContainerPeer.java | 25 +- .../gnu/java/awt/peer/gtk/GtkFileDialogPeer.java | 31 +- .../gnu/java/awt/peer/gtk/GtkFramePeer.java | 13 +- .../gnu/java/awt/peer/gtk/GtkGenericPeer.java | 39 +- .../classpath/gnu/java/awt/peer/gtk/GtkImage.java | 20 +- .../gnu/java/awt/peer/gtk/GtkLabelPeer.java | 9 +- .../gnu/java/awt/peer/gtk/GtkListPeer.java | 9 +- .../gnu/java/awt/peer/gtk/GtkMenuBarPeer.java | 79 +- .../java/awt/peer/gtk/GtkMenuComponentPeer.java | 59 +- .../gnu/java/awt/peer/gtk/GtkMenuItemPeer.java | 99 +- .../gnu/java/awt/peer/gtk/GtkMenuPeer.java | 32 +- .../gnu/java/awt/peer/gtk/GtkPanelPeer.java | 33 +- .../gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java | 7 +- .../gnu/java/awt/peer/gtk/GtkScrollbarPeer.java | 22 +- .../gnu/java/awt/peer/gtk/GtkTextAreaPeer.java | 6 +- .../gnu/java/awt/peer/gtk/GtkTextFieldPeer.java | 2 - .../gnu/java/awt/peer/gtk/GtkToolkit.java | 170 +- .../gnu/java/awt/peer/gtk/GtkWindowPeer.java | 54 +- .../gnu/java/awt/peer/swing/SwingButtonPeer.java | 224 ++ .../gnu/java/awt/peer/swing/SwingCanvasPeer.java | 64 + .../gnu/java/awt/peer/swing/SwingComponent.java | 89 + .../java/awt/peer/swing/SwingComponentPeer.java | 994 ++++++ .../java/awt/peer/swing/SwingContainerPeer.java | 241 ++ .../gnu/java/awt/peer/swing/SwingFramePeer.java | 196 ++ .../gnu/java/awt/peer/swing/SwingLabelPeer.java | 196 ++ .../gnu/java/awt/peer/swing/SwingMenuBarPeer.java | 295 ++ .../gnu/java/awt/peer/swing/SwingMenuItemPeer.java | 157 + .../gnu/java/awt/peer/swing/SwingMenuPeer.java | 284 ++ .../gnu/java/awt/peer/swing/SwingPanelPeer.java | 67 + .../java/awt/peer/swing/SwingTextFieldPeer.java | 367 ++ .../gnu/java/awt/peer/swing/SwingToolkit.java | 165 + .../gnu/java/awt/peer/swing/SwingWindowPeer.java | 72 + .../classpath/gnu/java/awt/peer/swing/package.html | 71 + .../gnu/java/beans/DefaultExceptionListener.java | 66 + .../beans/decoder/DefaultExceptionListener.java | 57 - libjava/classpath/gnu/java/lang/CharData.java | 2228 +++++++----- .../classpath/gnu/java/net/CRLFInputStream.java | 19 +- .../classpath/gnu/java/net/LineInputStream.java | 31 +- .../gnu/java/net/protocol/file/Connection.java | 18 +- .../gnu/java/net/protocol/ftp/ActiveModeDTP.java | 1 + .../java/net/protocol/ftp/FTPURLConnection.java | 45 +- .../java/net/protocol/http/ChunkedInputStream.java | 102 +- .../gnu/java/net/protocol/http/HTTPConnection.java | 274 +- .../java/net/protocol/http/HTTPURLConnection.java | 186 +- .../gnu/java/net/protocol/http/Headers.java | 283 +- .../gnu/java/net/protocol/http/Request.java | 58 +- .../gnu/java/net/protocol/http/Response.java | 24 +- .../net/protocol/http/ResponseHeaderHandler.java | 2 +- .../gnu/java/net/protocol/jar/Connection.java | 8 +- .../gnu/java/nio/channels/FileChannelImpl.java | 2 +- .../classpath/gnu/java/nio/charset/Provider.java | 3 +- .../gnu/java/nio/charset/iconv/IconvDecoder.java | 1 - .../gnu/java/nio/charset/iconv/IconvEncoder.java | 1 - .../gnu/java/nio/charset/iconv/IconvProvider.java | 2 - libjava/classpath/gnu/java/rmi/dgc/DGCImpl.java | 178 +- .../gnu/java/rmi/registry/RegistryImpl.java | 2 +- .../gnu/java/rmi/server/CombinedClassLoader.java | 149 + .../gnu/java/rmi/server/RMIObjectInputStream.java | 64 +- .../gnu/java/rmi/server/UnicastServerRef.java | 650 ++-- .../classpath/gnu/java/security/Properties.java | 374 +++ libjava/classpath/gnu/java/security/Registry.java | 455 +++ .../classpath/gnu/java/security/der/DERValue.java | 29 +- .../classpath/gnu/java/security/der/DERWriter.java | 10 +- .../classpath/gnu/java/security/hash/BaseHash.java | 206 ++ .../gnu/java/security/hash/HashFactory.java | 178 + .../classpath/gnu/java/security/hash/Haval.java | 759 +++++ .../gnu/java/security/hash/IMessageDigest.java | 135 + libjava/classpath/gnu/java/security/hash/MD2.java | 301 ++ libjava/classpath/gnu/java/security/hash/MD4.java | 328 ++ libjava/classpath/gnu/java/security/hash/MD5.java | 365 ++ .../gnu/java/security/hash/RipeMD128.java | 291 ++ .../gnu/java/security/hash/RipeMD160.java | 328 ++ .../classpath/gnu/java/security/hash/Sha160.java | 308 ++ .../classpath/gnu/java/security/hash/Sha256.java | 278 ++ .../classpath/gnu/java/security/hash/Sha384.java | 322 ++ .../classpath/gnu/java/security/hash/Sha512.java | 322 ++ .../classpath/gnu/java/security/hash/Tiger.java | 943 ++++++ .../gnu/java/security/hash/Whirlpool.java | 626 ++++ .../gnu/java/security/jce/hash/HavalSpi.java | 68 + .../gnu/java/security/jce/hash/MD2Spi.java | 69 + .../gnu/java/security/jce/hash/MD4Spi.java | 69 + .../gnu/java/security/jce/hash/MD5Spi.java | 68 + .../security/jce/hash/MessageDigestAdapter.java | 147 + .../gnu/java/security/jce/hash/RipeMD128Spi.java | 68 + .../gnu/java/security/jce/hash/RipeMD160Spi.java | 68 + .../gnu/java/security/jce/hash/Sha160Spi.java | 68 + .../gnu/java/security/jce/hash/Sha256Spi.java | 68 + .../gnu/java/security/jce/hash/Sha384Spi.java | 68 + .../gnu/java/security/jce/hash/Sha512Spi.java | 68 + .../gnu/java/security/jce/hash/TigerSpi.java | 69 + .../gnu/java/security/jce/hash/WhirlpoolSpi.java | 68 + .../gnu/java/security/jce/prng/HavalRandomSpi.java | 66 + .../gnu/java/security/jce/prng/MD2RandomSpi.java | 66 + .../gnu/java/security/jce/prng/MD4RandomSpi.java | 66 + .../gnu/java/security/jce/prng/MD5RandomSpi.java | 66 + .../java/security/jce/prng/RipeMD128RandomSpi.java | 66 + .../java/security/jce/prng/RipeMD160RandomSpi.java | 66 + .../security/jce/prng/SecureRandomAdapter.java | 126 + .../java/security/jce/prng/Sha160RandomSpi.java | 66 + .../java/security/jce/prng/Sha256RandomSpi.java | 66 + .../java/security/jce/prng/Sha384RandomSpi.java | 66 + .../java/security/jce/prng/Sha512RandomSpi.java | 66 + .../gnu/java/security/jce/prng/TigerRandomSpi.java | 66 + .../java/security/jce/prng/WhirlpoolRandomSpi.java | 66 + .../gnu/java/security/jce/sig/DSSKeyFactory.java | 238 ++ .../security/jce/sig/DSSKeyPairGeneratorSpi.java | 169 + .../gnu/java/security/jce/sig/DSSParameters.java | 220 ++ .../security/jce/sig/DSSParametersGenerator.java | 125 + .../java/security/jce/sig/DSSRawSignatureSpi.java | 70 + .../java/security/jce/sig/EncodedKeyFactory.java | 453 +++ .../security/jce/sig/KeyPairGeneratorAdapter.java | 109 + .../gnu/java/security/jce/sig/MD2withRSA.java | 56 + .../gnu/java/security/jce/sig/MD5withRSA.java | 56 + .../gnu/java/security/jce/sig/RSAKeyFactory.java | 265 ++ .../security/jce/sig/RSAKeyPairGeneratorSpi.java | 115 + .../security/jce/sig/RSAPSSRawSignatureSpi.java | 69 + .../gnu/java/security/jce/sig/SHA160withDSS.java | 54 + .../gnu/java/security/jce/sig/SHA160withRSA.java | 56 + .../gnu/java/security/jce/sig/SHA256withRSA.java | 56 + .../gnu/java/security/jce/sig/SHA384withRSA.java | 56 + .../gnu/java/security/jce/sig/SHA512withRSA.java | 56 + .../java/security/jce/sig/SignatureAdapter.java | 263 ++ .../gnu/java/security/key/IKeyPairCodec.java | 132 + .../gnu/java/security/key/IKeyPairGenerator.java | 82 + .../gnu/java/security/key/KeyPairCodecFactory.java | 362 ++ .../java/security/key/KeyPairGeneratorFactory.java | 148 + .../gnu/java/security/key/dss/DSSKey.java | 182 + .../java/security/key/dss/DSSKeyPairGenerator.java | 445 +++ .../security/key/dss/DSSKeyPairPKCS8Codec.java | 235 ++ .../java/security/key/dss/DSSKeyPairRawCodec.java | 383 +++ .../java/security/key/dss/DSSKeyPairX509Codec.java | 248 ++ .../gnu/java/security/key/dss/DSSPrivateKey.java | 201 ++ .../gnu/java/security/key/dss/DSSPublicKey.java | 201 ++ .../gnu/java/security/key/dss/FIPS186.java | 296 ++ .../gnu/java/security/key/rsa/GnuRSAKey.java | 181 + .../java/security/key/rsa/GnuRSAPrivateKey.java | 299 ++ .../gnu/java/security/key/rsa/GnuRSAPublicKey.java | 185 + .../java/security/key/rsa/RSAKeyPairGenerator.java | 264 ++ .../security/key/rsa/RSAKeyPairPKCS8Codec.java | 284 ++ .../java/security/key/rsa/RSAKeyPairRawCodec.java | 332 ++ .../java/security/key/rsa/RSAKeyPairX509Codec.java | 248 ++ .../classpath/gnu/java/security/prng/BasePRNG.java | 199 ++ .../gnu/java/security/prng/EntropySource.java | 62 + .../classpath/gnu/java/security/prng/IRandom.java | 180 + .../java/security/prng/LimitReachedException.java | 69 + .../gnu/java/security/prng/MDGenerator.java | 135 + .../gnu/java/security/prng/PRNGFactory.java | 109 + .../gnu/java/security/prng/RandomEvent.java | 82 + .../java/security/prng/RandomEventListener.java | 50 + .../gnu/java/security/provider/DSAKeyFactory.java | 134 - .../security/provider/DSAKeyPairGenerator.java | 194 -- .../gnu/java/security/provider/DSAParameters.java | 150 - .../gnu/java/security/provider/DSASignature.java | 251 -- .../provider/DiffieHellmanKeyFactoryImpl.java | 123 - .../DiffieHellmanKeyPairGeneratorImpl.java | 86 - .../java/security/provider/EncodedKeyFactory.java | 303 -- .../classpath/gnu/java/security/provider/Gnu.java | 248 +- .../gnu/java/security/provider/GnuDHPublicKey.java | 115 - .../java/security/provider/GnuDSAPrivateKey.java | 147 - .../java/security/provider/GnuDSAPublicKey.java | 137 - .../java/security/provider/GnuRSAPrivateKey.java | 164 - .../java/security/provider/GnuRSAPublicKey.java | 109 - .../gnu/java/security/provider/MD2withRSA.java | 54 - .../gnu/java/security/provider/MD4withRSA.java | 54 - .../classpath/gnu/java/security/provider/MD5.java | 338 -- .../gnu/java/security/provider/MD5withRSA.java | 54 - .../provider/PKIXCertPathValidatorImpl.java | 9 +- .../classpath/gnu/java/security/provider/RSA.java | 311 -- .../gnu/java/security/provider/RSAKeyFactory.java | 181 - .../classpath/gnu/java/security/provider/SHA.java | 242 -- .../gnu/java/security/provider/SHA1PRNG.java | 137 - .../gnu/java/security/provider/SHA1withRSA.java | 61 - .../gnu/java/security/sig/BaseSignature.java | 261 ++ .../gnu/java/security/sig/ISignature.java | 169 + .../gnu/java/security/sig/ISignatureCodec.java | 68 + .../java/security/sig/SignatureCodecFactory.java | 226 ++ .../gnu/java/security/sig/SignatureFactory.java | 113 + .../gnu/java/security/sig/dss/DSSSignature.java | 347 ++ .../security/sig/dss/DSSSignatureRawCodec.java | 191 ++ .../security/sig/dss/DSSSignatureX509Codec.java | 193 ++ .../gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java | 306 ++ .../gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java | 299 ++ .../gnu/java/security/sig/rsa/EMSA_PSS.java | 432 +++ .../classpath/gnu/java/security/sig/rsa/RSA.java | 356 ++ .../security/sig/rsa/RSAPKCS1V1_5Signature.java | 247 ++ .../sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java | 153 + .../sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java | 128 + .../gnu/java/security/sig/rsa/RSAPSSSignature.java | 348 ++ .../security/sig/rsa/RSAPSSSignatureRawCodec.java | 159 + .../java/security/sig/rsa/RSASignatureFactory.java | 176 + .../classpath/gnu/java/security/util/Base64.java | 396 +++ .../classpath/gnu/java/security/util/DerUtil.java | 64 + .../gnu/java/security/util/ExpirableObject.java | 172 + .../gnu/java/security/util/FormatUtil.java | 140 + libjava/classpath/gnu/java/security/util/PRNG.java | 156 + .../classpath/gnu/java/security/util/Prime2.java | 417 +++ .../classpath/gnu/java/security/util/Sequence.java | 149 + .../gnu/java/security/util/SimpleList.java | 171 + libjava/classpath/gnu/java/security/util/Util.java | 692 ++++ .../gnu/java/security/x509/X509Certificate.java | 8 +- .../gnu/java/security/x509/ext/GeneralNames.java | 21 +- .../gnu/java/util/prefs/EventDispatcher.java | 112 + .../gnu/java/util/prefs/FileBasedFactory.java | 12 +- .../gnu/java/util/prefs/FileBasedPreferences.java | 273 ++ .../gnu/java/util/prefs/MemoryBasedFactory.java | 2 +- .../java/util/prefs/MemoryBasedPreferences.java | 4 +- .../classpath/gnu/java/util/prefs/NodeWriter.java | 33 +- .../gnu/javax/crypto/DiffieHellmanImpl.java | 159 - .../gnu/javax/crypto/GnuDHPrivateKey.java | 90 - .../gnu/javax/crypto/assembly/Assembly.java | 298 ++ .../gnu/javax/crypto/assembly/Cascade.java | 405 +++ .../gnu/javax/crypto/assembly/CascadeStage.java | 109 + .../javax/crypto/assembly/CascadeTransformer.java | 139 + .../javax/crypto/assembly/DeflateTransformer.java | 233 ++ .../gnu/javax/crypto/assembly/Direction.java | 92 + .../javax/crypto/assembly/LoopbackTransformer.java | 116 + .../gnu/javax/crypto/assembly/ModeStage.java | 129 + .../gnu/javax/crypto/assembly/Operation.java | 89 + .../javax/crypto/assembly/PaddingTransformer.java | 178 + .../classpath/gnu/javax/crypto/assembly/Stage.java | 218 ++ .../gnu/javax/crypto/assembly/Transformer.java | 460 +++ .../crypto/assembly/TransformerException.java | 158 + .../classpath/gnu/javax/crypto/cipher/Anubis.java | 583 ++++ .../gnu/javax/crypto/cipher/BaseCipher.java | 304 ++ .../gnu/javax/crypto/cipher/Blowfish.java | 749 +++++ .../classpath/gnu/javax/crypto/cipher/Cast5.java | 1391 ++++++++ .../gnu/javax/crypto/cipher/CipherFactory.java | 169 + libjava/classpath/gnu/javax/crypto/cipher/DES.java | 894 +++++ .../gnu/javax/crypto/cipher/IBlockCipher.java | 205 ++ .../gnu/javax/crypto/cipher/IBlockCipherSpi.java | 128 + .../classpath/gnu/javax/crypto/cipher/Khazad.java | 521 +++ .../gnu/javax/crypto/cipher/NullCipher.java | 129 + .../gnu/javax/crypto/cipher/Rijndael.java | 859 +++++ .../classpath/gnu/javax/crypto/cipher/Serpent.java | 1830 ++++++++++ .../classpath/gnu/javax/crypto/cipher/Square.java | 520 +++ .../gnu/javax/crypto/cipher/TripleDES.java | 196 ++ .../classpath/gnu/javax/crypto/cipher/Twofish.java | 909 +++++ .../gnu/javax/crypto/cipher/WeakKeyException.java | 71 + .../gnu/javax/crypto/jce/DiffieHellmanImpl.java | 155 + .../classpath/gnu/javax/crypto/jce/GnuCrypto.java | 620 ++++ .../classpath/gnu/javax/crypto/jce/GnuSasl.java | 114 + .../javax/crypto/jce/PBKDF2SecretKeyFactory.java | 229 ++ .../gnu/javax/crypto/jce/cipher/AESSpi.java | 104 + .../gnu/javax/crypto/jce/cipher/ARCFourSpi.java | 208 ++ .../gnu/javax/crypto/jce/cipher/AnubisSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/BlowfishSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/Cast5Spi.java | 68 + .../gnu/javax/crypto/jce/cipher/CipherAdapter.java | 507 +++ .../gnu/javax/crypto/jce/cipher/DESSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/KhazadSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/NullCipherSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/PBES2.java | 1352 ++++++++ .../gnu/javax/crypto/jce/cipher/RijndaelSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/SerpentSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/SquareSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/TripleDESSpi.java | 59 + .../gnu/javax/crypto/jce/cipher/TwofishSpi.java | 59 + .../crypto/jce/key/AnubisKeyGeneratorImpl.java | 53 + .../crypto/jce/key/AnubisSecretKeyFactoryImpl.java | 53 + .../crypto/jce/key/BlowfishKeyGeneratorImpl.java | 53 + .../jce/key/BlowfishSecretKeyFactoryImpl.java | 53 + .../crypto/jce/key/Cast5KeyGeneratorImpl.java | 53 + .../crypto/jce/key/Cast5SecretKeyFactoryImpl.java | 53 + .../javax/crypto/jce/key/DESKeyGeneratorImpl.java | 73 + .../crypto/jce/key/DESSecretKeyFactoryImpl.java | 80 + .../crypto/jce/key/DESedeSecretKeyFactoryImpl.java | 80 + .../crypto/jce/key/KhazadKeyGeneratorImpl.java | 52 + .../crypto/jce/key/KhazadSecretKeyFactoryImpl.java | 52 + .../crypto/jce/key/RijndaelKeyGeneratorImpl.java | 52 + .../jce/key/RijndaelSecretKeyFactoryImpl.java | 52 + .../javax/crypto/jce/key/SecretKeyFactoryImpl.java | 87 + .../crypto/jce/key/SecretKeyGeneratorImpl.java | 120 + .../crypto/jce/key/SerpentKeyGeneratorImpl.java | 52 + .../jce/key/SerpentSecretKeyFactoryImpl.java | 52 + .../crypto/jce/key/SquareKeyGeneratorImpl.java | 52 + .../crypto/jce/key/SquareSecretKeyFactoryImpl.java | 52 + .../crypto/jce/key/TripleDESKeyGeneratorImpl.java | 52 + .../crypto/jce/key/TwofishKeyGeneratorImpl.java | 52 + .../jce/key/TwofishSecretKeyFactoryImpl.java | 52 + .../gnu/javax/crypto/jce/keyring/GnuKeyring.java | 413 +++ .../gnu/javax/crypto/jce/mac/HMacHavalSpi.java | 67 + .../gnu/javax/crypto/jce/mac/HMacMD2Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacMD4Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacMD5Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacSHA160Spi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacSHA256Spi.java | 67 + .../gnu/javax/crypto/jce/mac/HMacSHA384Spi.java | 67 + .../gnu/javax/crypto/jce/mac/HMacSHA512Spi.java | 67 + .../gnu/javax/crypto/jce/mac/HMacTigerSpi.java | 59 + .../gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java | 59 + .../gnu/javax/crypto/jce/mac/MacAdapter.java | 156 + .../gnu/javax/crypto/jce/mac/OMacAnubisImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacCast5Impl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacDESImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacImpl.java | 137 + .../gnu/javax/crypto/jce/mac/OMacKhazadImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacSerpentImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacSquareImpl.java | 53 + .../javax/crypto/jce/mac/OMacTripleDESImpl.java | 53 + .../gnu/javax/crypto/jce/mac/OMacTwofishImpl.java | 53 + .../gnu/javax/crypto/jce/mac/TMMH16Spi.java | 91 + .../gnu/javax/crypto/jce/mac/UHash32Spi.java | 59 + .../gnu/javax/crypto/jce/mac/UMac32Spi.java | 91 + .../crypto/jce/params/BlockCipherParameters.java | 209 ++ .../crypto/jce/params/DEREncodingException.java | 53 + .../gnu/javax/crypto/jce/params/DERReader.java | 160 + .../gnu/javax/crypto/jce/params/DERWriter.java | 154 + .../javax/crypto/jce/prng/ARCFourRandomSpi.java | 120 + .../gnu/javax/crypto/jce/prng/CSPRNGSpi.java | 114 + .../gnu/javax/crypto/jce/prng/FortunaImpl.java | 85 + .../gnu/javax/crypto/jce/prng/ICMRandomSpi.java | 260 ++ .../gnu/javax/crypto/jce/prng/UMacRandomSpi.java | 207 ++ .../gnu/javax/crypto/jce/sig/DHKeyFactory.java | 232 ++ .../crypto/jce/sig/DHKeyPairGeneratorSpi.java | 91 + .../gnu/javax/crypto/jce/sig/DHParameters.java | 220 ++ .../crypto/jce/sig/DHParametersGenerator.java | 152 + .../crypto/jce/spec/BlockCipherParameterSpec.java | 139 + .../javax/crypto/jce/spec/TMMHParameterSpec.java | 129 + .../javax/crypto/jce/spec/UMac32ParameterSpec.java | 82 + .../javax/crypto/key/BaseKeyAgreementParty.java | 208 ++ .../gnu/javax/crypto/key/GnuSecretKey.java | 149 + .../gnu/javax/crypto/key/IKeyAgreementParty.java | 105 + .../gnu/javax/crypto/key/IncomingMessage.java | 356 ++ .../javax/crypto/key/KeyAgreementException.java | 187 ++ .../gnu/javax/crypto/key/KeyAgreementFactory.java | 181 + .../gnu/javax/crypto/key/OutgoingMessage.java | 255 ++ .../javax/crypto/key/dh/DHKeyPairPKCS8Codec.java | 229 ++ .../gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java | 370 ++ .../javax/crypto/key/dh/DHKeyPairX509Codec.java | 244 ++ .../crypto/key/dh/DiffieHellmanKeyAgreement.java | 134 + .../javax/crypto/key/dh/DiffieHellmanReceiver.java | 147 + .../javax/crypto/key/dh/DiffieHellmanSender.java | 156 + .../javax/crypto/key/dh/ElGamalKeyAgreement.java | 130 + .../gnu/javax/crypto/key/dh/ElGamalReceiver.java | 121 + .../gnu/javax/crypto/key/dh/ElGamalSender.java | 134 + .../gnu/javax/crypto/key/dh/GnuDHKey.java | 184 + .../javax/crypto/key/dh/GnuDHKeyPairGenerator.java | 290 ++ .../gnu/javax/crypto/key/dh/GnuDHPrivateKey.java | 196 ++ .../gnu/javax/crypto/key/dh/GnuDHPublicKey.java | 194 ++ .../classpath/gnu/javax/crypto/key/dh/RFC2631.java | 255 ++ .../gnu/javax/crypto/key/srp6/SRP6Host.java | 213 ++ .../javax/crypto/key/srp6/SRP6KeyAgreement.java | 172 + .../gnu/javax/crypto/key/srp6/SRP6SaslClient.java | 101 + .../gnu/javax/crypto/key/srp6/SRP6SaslServer.java | 101 + .../gnu/javax/crypto/key/srp6/SRP6TLSClient.java | 191 ++ .../gnu/javax/crypto/key/srp6/SRP6TLSServer.java | 220 ++ .../gnu/javax/crypto/key/srp6/SRP6User.java | 203 ++ .../gnu/javax/crypto/key/srp6/SRPAlgorithm.java | 175 + .../gnu/javax/crypto/key/srp6/SRPKey.java | 170 + .../javax/crypto/key/srp6/SRPKeyPairGenerator.java | 351 ++ .../javax/crypto/key/srp6/SRPKeyPairRawCodec.java | 380 +++ .../gnu/javax/crypto/key/srp6/SRPPrivateKey.java | 250 ++ .../gnu/javax/crypto/key/srp6/SRPPublicKey.java | 194 ++ .../javax/crypto/keyring/AuthenticatedEntry.java | 222 ++ .../gnu/javax/crypto/keyring/BaseKeyring.java | 198 ++ .../gnu/javax/crypto/keyring/BinaryDataEntry.java | 128 + .../gnu/javax/crypto/keyring/CertPathEntry.java | 133 + .../gnu/javax/crypto/keyring/CertificateEntry.java | 150 + .../gnu/javax/crypto/keyring/CompressedEntry.java | 113 + .../gnu/javax/crypto/keyring/EncryptedEntry.java | 235 ++ .../classpath/gnu/javax/crypto/keyring/Entry.java | 178 + .../gnu/javax/crypto/keyring/EnvelopeEntry.java | 398 +++ .../javax/crypto/keyring/GnuPrivateKeyring.java | 328 ++ .../gnu/javax/crypto/keyring/GnuPublicKeyring.java | 146 + .../gnu/javax/crypto/keyring/IKeyring.java | 164 + .../gnu/javax/crypto/keyring/IPrivateKeyring.java | 142 + .../gnu/javax/crypto/keyring/IPublicKeyring.java | 81 + .../crypto/keyring/MalformedKeyringException.java | 58 + .../crypto/keyring/MaskableEnvelopeEntry.java | 148 + .../javax/crypto/keyring/MeteredInputStream.java | 137 + .../crypto/keyring/PasswordAuthenticatedEntry.java | 285 ++ .../crypto/keyring/PasswordEncryptedEntry.java | 301 ++ .../crypto/keyring/PasswordProtectedEntry.java | 66 + .../gnu/javax/crypto/keyring/PrimitiveEntry.java | 129 + .../gnu/javax/crypto/keyring/PrivateKeyEntry.java | 221 ++ .../gnu/javax/crypto/keyring/Properties.java | 227 ++ .../gnu/javax/crypto/keyring/PublicKeyEntry.java | 192 ++ .../classpath/gnu/javax/crypto/mac/BaseMac.java | 148 + libjava/classpath/gnu/javax/crypto/mac/HMac.java | 328 ++ .../gnu/javax/crypto/mac/HMacFactory.java | 128 + libjava/classpath/gnu/javax/crypto/mac/IMac.java | 197 ++ .../classpath/gnu/javax/crypto/mac/MacFactory.java | 164 + .../gnu/javax/crypto/mac/MacInputStream.java | 138 + .../gnu/javax/crypto/mac/MacOutputStream.java | 140 + libjava/classpath/gnu/javax/crypto/mac/OMAC.java | 402 +++ libjava/classpath/gnu/javax/crypto/mac/TMMH16.java | 402 +++ .../classpath/gnu/javax/crypto/mac/UHash32.java | 957 ++++++ libjava/classpath/gnu/javax/crypto/mac/UMac32.java | 491 +++ .../classpath/gnu/javax/crypto/mode/BaseMode.java | 352 ++ libjava/classpath/gnu/javax/crypto/mode/CBC.java | 143 + libjava/classpath/gnu/javax/crypto/mode/CFB.java | 175 + libjava/classpath/gnu/javax/crypto/mode/CTR.java | 221 ++ libjava/classpath/gnu/javax/crypto/mode/EAX.java | 352 ++ libjava/classpath/gnu/javax/crypto/mode/ECB.java | 137 + .../gnu/javax/crypto/mode/IAuthenticatedMode.java | 60 + libjava/classpath/gnu/javax/crypto/mode/ICM.java | 228 ++ libjava/classpath/gnu/javax/crypto/mode/IMode.java | 145 + .../gnu/javax/crypto/mode/ModeFactory.java | 192 ++ libjava/classpath/gnu/javax/crypto/mode/OFB.java | 194 ++ .../classpath/gnu/javax/crypto/pad/BasePad.java | 153 + libjava/classpath/gnu/javax/crypto/pad/IPad.java | 110 + .../classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java | 184 + libjava/classpath/gnu/javax/crypto/pad/PKCS7.java | 149 + .../classpath/gnu/javax/crypto/pad/PadFactory.java | 136 + libjava/classpath/gnu/javax/crypto/pad/SSL3.java | 98 + libjava/classpath/gnu/javax/crypto/pad/TBC.java | 156 + libjava/classpath/gnu/javax/crypto/pad/TLS1.java | 105 + .../javax/crypto/pad/WrongPaddingException.java | 63 + .../classpath/gnu/javax/crypto/prng/ARCFour.java | 161 + .../classpath/gnu/javax/crypto/prng/CSPRNG.java | 1268 +++++++ .../classpath/gnu/javax/crypto/prng/Fortuna.java | 366 ++ .../gnu/javax/crypto/prng/ICMGenerator.java | 379 +++ libjava/classpath/gnu/javax/crypto/prng/IPBE.java | 69 + .../classpath/gnu/javax/crypto/prng/PBKDF2.java | 216 ++ .../gnu/javax/crypto/prng/PRNGFactory.java | 143 + .../gnu/javax/crypto/prng/UMacGenerator.java | 228 ++ .../classpath/gnu/javax/crypto/sasl/AuthInfo.java | 143 + .../javax/crypto/sasl/AuthInfoProviderFactory.java | 89 + .../gnu/javax/crypto/sasl/ClientFactory.java | 210 ++ .../gnu/javax/crypto/sasl/ClientMechanism.java | 365 ++ .../crypto/sasl/ConfidentialityException.java | 84 + .../gnu/javax/crypto/sasl/IAuthInfoProvider.java | 117 + .../crypto/sasl/IAuthInfoProviderFactory.java | 62 + .../sasl/IllegalMechanismStateException.java | 86 + .../gnu/javax/crypto/sasl/InputBuffer.java | 339 ++ .../gnu/javax/crypto/sasl/IntegrityException.java | 83 + .../crypto/sasl/NoSuchMechanismException.java | 62 + .../gnu/javax/crypto/sasl/NoSuchUserException.java | 67 + .../gnu/javax/crypto/sasl/OutputBuffer.java | 225 ++ .../javax/crypto/sasl/SaslEncodingException.java | 66 + .../gnu/javax/crypto/sasl/SaslInputStream.java | 459 +++ .../gnu/javax/crypto/sasl/SaslOutputStream.java | 218 ++ .../classpath/gnu/javax/crypto/sasl/SaslUtil.java | 89 + .../gnu/javax/crypto/sasl/ServerFactory.java | 194 ++ .../gnu/javax/crypto/sasl/ServerMechanism.java | 371 ++ .../crypto/sasl/UserAlreadyExistsException.java | 70 + .../crypto/sasl/anonymous/AnonymousClient.java | 120 + .../crypto/sasl/anonymous/AnonymousServer.java | 107 + .../javax/crypto/sasl/anonymous/AnonymousUtil.java | 109 + .../sasl/crammd5/CramMD5AuthInfoProvider.java | 200 ++ .../javax/crypto/sasl/crammd5/CramMD5Client.java | 201 ++ .../javax/crypto/sasl/crammd5/CramMD5Registry.java | 66 + .../javax/crypto/sasl/crammd5/CramMD5Server.java | 185 + .../gnu/javax/crypto/sasl/crammd5/CramMD5Util.java | 137 + .../javax/crypto/sasl/crammd5/PasswordFile.java | 301 ++ .../gnu/javax/crypto/sasl/plain/PasswordFile.java | 309 ++ .../crypto/sasl/plain/PlainAuthInfoProvider.java | 206 ++ .../gnu/javax/crypto/sasl/plain/PlainClient.java | 193 ++ .../gnu/javax/crypto/sasl/plain/PlainRegistry.java | 67 + .../gnu/javax/crypto/sasl/plain/PlainServer.java | 196 ++ .../classpath/gnu/javax/crypto/sasl/srp/CALG.java | 292 ++ .../gnu/javax/crypto/sasl/srp/ClientStore.java | 173 + .../classpath/gnu/javax/crypto/sasl/srp/IALG.java | 159 + .../classpath/gnu/javax/crypto/sasl/srp/KDF.java | 169 + .../gnu/javax/crypto/sasl/srp/PasswordFile.java | 699 ++++ .../classpath/gnu/javax/crypto/sasl/srp/SRP.java | 285 ++ .../javax/crypto/sasl/srp/SRPAuthInfoProvider.java | 218 ++ .../gnu/javax/crypto/sasl/srp/SRPClient.java | 1211 +++++++ .../gnu/javax/crypto/sasl/srp/SRPRegistry.java | 219 ++ .../gnu/javax/crypto/sasl/srp/SRPServer.java | 1156 +++++++ .../gnu/javax/crypto/sasl/srp/SecurityContext.java | 164 + .../gnu/javax/crypto/sasl/srp/ServerStore.java | 196 ++ .../gnu/javax/crypto/sasl/srp/StoreEntry.java | 89 + libjava/classpath/gnu/javax/net/ssl/Base64.java | 311 ++ .../classpath/gnu/javax/net/ssl/EntropySource.java | 62 + .../gnu/javax/net/ssl/NullManagerParameters.java | 56 + .../gnu/javax/net/ssl/PrivateCredentials.java | 360 ++ .../gnu/javax/net/ssl/SRPManagerParameters.java | 81 + .../gnu/javax/net/ssl/SRPTrustManager.java | 99 + .../gnu/javax/net/ssl/StaticTrustAnchors.java | 1942 +++++++++++ .../gnu/javax/net/ssl/provider/Alert.java | 474 +++ .../gnu/javax/net/ssl/provider/AlertException.java | 76 + .../gnu/javax/net/ssl/provider/Certificate.java | 194 ++ .../javax/net/ssl/provider/CertificateRequest.java | 285 ++ .../javax/net/ssl/provider/CertificateType.java | 104 + .../javax/net/ssl/provider/CertificateVerify.java | 95 + .../gnu/javax/net/ssl/provider/CipherSuite.java | 754 +++++ .../gnu/javax/net/ssl/provider/ClientHello.java | 253 ++ .../javax/net/ssl/provider/ClientKeyExchange.java | 181 + .../javax/net/ssl/provider/CompressionMethod.java | 104 + .../gnu/javax/net/ssl/provider/Constructed.java | 57 + .../gnu/javax/net/ssl/provider/ContentType.java | 135 + .../gnu/javax/net/ssl/provider/Context.java | 334 ++ .../gnu/javax/net/ssl/provider/DiffieHellman.java | 285 ++ .../javax/net/ssl/provider/DigestInputStream.java | 103 + .../javax/net/ssl/provider/DigestOutputStream.java | 107 + .../gnu/javax/net/ssl/provider/Enumerated.java | 79 + .../gnu/javax/net/ssl/provider/Extension.java | 214 ++ .../gnu/javax/net/ssl/provider/Extensions.java | 159 + .../gnu/javax/net/ssl/provider/Finished.java | 143 + .../net/ssl/provider/GNUSecurityParameters.java | 490 +++ .../gnu/javax/net/ssl/provider/Handshake.java | 440 +++ .../net/ssl/provider/JCESecurityParameters.java | 307 ++ .../javax/net/ssl/provider/JDBCSessionContext.java | 356 ++ .../gnu/javax/net/ssl/provider/Jessie.java | 91 + .../javax/net/ssl/provider/JessieDHPrivateKey.java | 99 + .../javax/net/ssl/provider/JessieDHPublicKey.java | 99 + .../net/ssl/provider/JessieRSAPrivateKey.java | 98 + .../javax/net/ssl/provider/JessieRSAPublicKey.java | 98 + .../gnu/javax/net/ssl/provider/KeyPool.java | 119 + .../gnu/javax/net/ssl/provider/MacException.java | 53 + .../javax/net/ssl/provider/OverflowException.java | 57 + .../javax/net/ssl/provider/ProtocolVersion.java | 180 + .../gnu/javax/net/ssl/provider/Random.java | 124 + .../gnu/javax/net/ssl/provider/RecordInput.java | 232 ++ .../javax/net/ssl/provider/RecordInputStream.java | 106 + .../javax/net/ssl/provider/RecordOutputStream.java | 189 ++ .../net/ssl/provider/RecordingInputStream.java | 131 + .../net/ssl/provider/SRPTrustManagerFactory.java | 225 ++ .../gnu/javax/net/ssl/provider/SSLHMac.java | 158 + .../javax/net/ssl/provider/SSLRSASignature.java | 235 ++ .../gnu/javax/net/ssl/provider/SSLRandom.java | 165 + .../javax/net/ssl/provider/SSLServerSocket.java | 283 ++ .../net/ssl/provider/SSLServerSocketFactory.java | 136 + .../gnu/javax/net/ssl/provider/SSLSocket.java | 3530 ++++++++++++++++++++ .../javax/net/ssl/provider/SSLSocketFactory.java | 133 + .../net/ssl/provider/SSLSocketInputStream.java | 181 + .../net/ssl/provider/SSLSocketOutputStream.java | 115 + .../javax/net/ssl/provider/SecurityParameters.java | 178 + .../gnu/javax/net/ssl/provider/ServerHello.java | 216 ++ .../javax/net/ssl/provider/ServerKeyExchange.java | 286 ++ .../gnu/javax/net/ssl/provider/Session.java | 381 +++ .../gnu/javax/net/ssl/provider/SessionContext.java | 250 ++ .../gnu/javax/net/ssl/provider/Signature.java | 158 + .../javax/net/ssl/provider/SynchronizedRandom.java | 104 + .../gnu/javax/net/ssl/provider/TLSHMac.java | 138 + .../gnu/javax/net/ssl/provider/TLSRandom.java | 252 ++ .../classpath/gnu/javax/net/ssl/provider/Util.java | 422 +++ .../net/ssl/provider/X509KeyManagerFactory.java | 359 ++ .../net/ssl/provider/X509TrustManagerFactory.java | 298 ++ .../javax/net/ssl/provider/XMLSessionContext.java | 619 ++++ .../gnu/javax/security/auth/Password.java | 285 ++ .../security/auth/callback/AWTCallbackHandler.java | 452 +++ .../auth/callback/AbstractCallbackHandler.java | 258 ++ .../auth/callback/ConsoleCallbackHandler.java | 289 ++ .../auth/callback/DefaultCallbackHandler.java | 109 + .../javax/security/auth/callback/GnuCallbacks.java | 64 + .../auth/callback/SwingCallbackHandler.java | 587 ++++ .../security/auth/login/ConfigFileParser.java | 338 ++ .../security/auth/login/ConfigFileTokenizer.java | 243 ++ .../security/auth/login/GnuConfiguration.java | 450 +++ libjava/classpath/gnu/regexp/CharIndexed.java | 14 +- .../classpath/gnu/regexp/CharIndexedCharArray.java | 11 +- .../gnu/regexp/CharIndexedInputStream.java | 12 +- .../classpath/gnu/regexp/CharIndexedString.java | 11 +- .../gnu/regexp/CharIndexedStringBuffer.java | 11 +- libjava/classpath/gnu/regexp/RE.java | 778 ++++- libjava/classpath/gnu/regexp/REMatch.java | 60 +- libjava/classpath/gnu/regexp/RESyntax.java | 40 +- libjava/classpath/gnu/regexp/REToken.java | 15 +- libjava/classpath/gnu/regexp/RETokenAny.java | 4 + libjava/classpath/gnu/regexp/RETokenBackRef.java | 16 +- libjava/classpath/gnu/regexp/RETokenChar.java | 6 +- libjava/classpath/gnu/regexp/RETokenEnd.java | 4 + libjava/classpath/gnu/regexp/RETokenEndSub.java | 4 + .../classpath/gnu/regexp/RETokenIndependent.java | 76 + libjava/classpath/gnu/regexp/RETokenLookAhead.java | 4 + .../classpath/gnu/regexp/RETokenLookBehind.java | 116 + .../classpath/gnu/regexp/RETokenNamedProperty.java | 301 ++ libjava/classpath/gnu/regexp/RETokenOneOf.java | 181 +- libjava/classpath/gnu/regexp/RETokenPOSIX.java | 4 + libjava/classpath/gnu/regexp/RETokenRange.java | 21 +- libjava/classpath/gnu/regexp/RETokenRepeated.java | 310 +- libjava/classpath/gnu/regexp/RETokenStart.java | 4 + .../classpath/gnu/regexp/RETokenWordBoundary.java | 5 + libjava/classpath/gnu/xml/aelfred2/XmlParser.java | 1 + .../classpath/gnu/xml/dom/DomCharacterData.java | 37 +- .../classpath/gnu/xml/dom/DomDocumentBuilder.java | 18 +- .../gnu/xml/dom/DomDocumentBuilderFactory.java | 23 + libjava/classpath/gnu/xml/dom/JAXPFactory.java | 23 + .../libxmlj/dom/GnomeDocumentBuilderFactory.java | 26 +- libjava/classpath/gnu/xml/stream/CRLFReader.java | 9 +- .../classpath/gnu/xml/stream/EndEntityImpl.java | 80 - .../gnu/xml/stream/EntityReferenceImpl.java | 46 +- .../gnu/xml/stream/FilteredEventReader.java | 21 +- libjava/classpath/gnu/xml/stream/LocationImpl.java | 89 - libjava/classpath/gnu/xml/stream/SAXParser.java | 83 +- .../classpath/gnu/xml/stream/StartEntityImpl.java | 80 - .../classpath/gnu/xml/stream/UnicodeReader.java | 6 +- .../classpath/gnu/xml/stream/XIncludeFilter.java | 21 +- .../gnu/xml/stream/XMLEventAllocatorImpl.java | 13 +- .../gnu/xml/stream/XMLEventFactoryImpl.java | 9 +- libjava/classpath/gnu/xml/stream/XMLEventImpl.java | 12 +- .../gnu/xml/stream/XMLEventReaderImpl.java | 39 +- .../gnu/xml/stream/XMLEventWriterImpl.java | 2 +- .../gnu/xml/stream/XMLInputFactoryImpl.java | 78 +- .../gnu/xml/stream/XMLOutputFactoryImpl.java | 40 +- libjava/classpath/gnu/xml/stream/XMLParser.java | 179 +- .../gnu/xml/stream/XMLStreamReaderImpl.java | 1037 ------ .../gnu/xml/stream/XMLStreamWriterImpl.java | 331 +- .../gnu/xml/transform/AbstractNumberNode.java | 2 +- .../gnu/xml/transform/ApplyImportsNode.java | 27 +- .../gnu/xml/transform/ApplyTemplatesNode.java | 46 +- .../classpath/gnu/xml/transform/AttributeNode.java | 2 +- .../gnu/xml/transform/CallTemplateNode.java | 86 +- .../classpath/gnu/xml/transform/ChooseNode.java | 28 +- .../classpath/gnu/xml/transform/CommentNode.java | 31 +- libjava/classpath/gnu/xml/transform/CopyNode.java | 73 +- .../classpath/gnu/xml/transform/CopyOfNode.java | 48 +- .../gnu/xml/transform/DocumentFunction.java | 30 +- .../classpath/gnu/xml/transform/ElementNode.java | 4 +- .../classpath/gnu/xml/transform/ForEachNode.java | 36 +- libjava/classpath/gnu/xml/transform/IfNode.java | 36 +- .../classpath/gnu/xml/transform/LiteralNode.java | 7 +- .../classpath/gnu/xml/transform/MessageNode.java | 12 + .../classpath/gnu/xml/transform/OtherwiseNode.java | 31 +- .../classpath/gnu/xml/transform/ParameterNode.java | 65 +- .../xml/transform/ProcessingInstructionNode.java | 32 +- .../classpath/gnu/xml/transform/Stylesheet.java | 60 +- libjava/classpath/gnu/xml/transform/Template.java | 133 +- .../classpath/gnu/xml/transform/TemplateNode.java | 38 +- libjava/classpath/gnu/xml/transform/TextNode.java | 42 +- .../gnu/xml/transform/TransformerImpl.java | 12 +- .../classpath/gnu/xml/transform/ValueOfNode.java | 2 +- libjava/classpath/gnu/xml/transform/WhenNode.java | 36 +- libjava/classpath/gnu/xml/util/XHTMLWriter.java | 2 + libjava/classpath/gnu/xml/util/XMLWriter.java | 2 + .../gnu/xml/validation/datatype/Annotation.java | 61 + .../gnu/xml/validation/datatype/AnySimpleType.java | 59 + .../gnu/xml/validation/datatype/AnyType.java | 58 + .../gnu/xml/validation/datatype/AnyURIType.java | 94 + .../xml/validation/datatype/AtomicSimpleType.java | 78 + .../xml/validation/datatype/Base64BinaryType.java | 131 + .../gnu/xml/validation/datatype/BooleanType.java | 91 + .../gnu/xml/validation/datatype/ByteType.java | 133 + .../gnu/xml/validation/datatype/DateTimeType.java | 335 ++ .../gnu/xml/validation/datatype/DateType.java | 222 ++ .../gnu/xml/validation/datatype/DecimalType.java | 121 + .../gnu/xml/validation/datatype/DoubleType.java | 112 + .../gnu/xml/validation/datatype/DurationType.java | 239 ++ .../gnu/xml/validation/datatype/EntitiesType.java | 107 + .../gnu/xml/validation/datatype/EntityType.java | 88 + .../xml/validation/datatype/EnumerationFacet.java | 69 + .../gnu/xml/validation/datatype/Facet.java | 78 + .../gnu/xml/validation/datatype/FloatType.java | 112 + .../validation/datatype/FractionDigitsFacet.java | 72 + .../gnu/xml/validation/datatype/GDayType.java | 175 + .../gnu/xml/validation/datatype/GMonthDayType.java | 184 + .../gnu/xml/validation/datatype/GMonthType.java | 164 + .../xml/validation/datatype/GYearMonthType.java | 177 + .../gnu/xml/validation/datatype/GYearType.java | 152 + .../gnu/xml/validation/datatype/HexBinaryType.java | 92 + .../gnu/xml/validation/datatype/IDRefType.java | 87 + .../gnu/xml/validation/datatype/IDRefsType.java | 87 + .../gnu/xml/validation/datatype/IDType.java | 87 + .../gnu/xml/validation/datatype/IntType.java | 133 + .../gnu/xml/validation/datatype/IntegerType.java | 110 + .../gnu/xml/validation/datatype/LanguageType.java | 87 + .../gnu/xml/validation/datatype/LengthFacet.java | 72 + .../xml/validation/datatype/ListSimpleType.java | 83 + .../gnu/xml/validation/datatype/LongType.java | 133 + .../xml/validation/datatype/MaxExclusiveFacet.java | 111 + .../xml/validation/datatype/MaxInclusiveFacet.java | 112 + .../xml/validation/datatype/MaxLengthFacet.java | 72 + .../xml/validation/datatype/MinExclusiveFacet.java | 111 + .../xml/validation/datatype/MinInclusiveFacet.java | 112 + .../xml/validation/datatype/MinLengthFacet.java | 72 + .../gnu/xml/validation/datatype/NCNameType.java | 111 + .../gnu/xml/validation/datatype/NMTokenType.java | 102 + .../gnu/xml/validation/datatype/NMTokensType.java | 124 + .../gnu/xml/validation/datatype/NameType.java | 104 + .../validation/datatype/NegativeIntegerType.java | 111 + .../datatype/NonNegativeIntegerType.java | 121 + .../datatype/NonPositiveIntegerType.java | 121 + .../validation/datatype/NormalizedStringType.java | 88 + .../gnu/xml/validation/datatype/NotationType.java | 90 + .../gnu/xml/validation/datatype/PatternFacet.java | 71 + .../validation/datatype/PositiveIntegerType.java | 111 + .../gnu/xml/validation/datatype/QNameType.java | 122 + .../gnu/xml/validation/datatype/ShortType.java | 133 + .../gnu/xml/validation/datatype/SimpleType.java | 257 ++ .../gnu/xml/validation/datatype/StringType.java | 77 + .../gnu/xml/validation/datatype/TimeType.java | 303 ++ .../gnu/xml/validation/datatype/TokenType.java | 96 + .../xml/validation/datatype/TotalDigitsFacet.java | 72 + .../gnu/xml/validation/datatype/Type.java | 65 + .../gnu/xml/validation/datatype/TypeBuilder.java | 279 ++ .../gnu/xml/validation/datatype/TypeLibrary.java | 173 + .../validation/datatype/TypeLibraryFactory.java | 60 + .../xml/validation/datatype/UnionSimpleType.java | 83 + .../xml/validation/datatype/UnsignedByteType.java | 121 + .../xml/validation/datatype/UnsignedIntType.java | 121 + .../xml/validation/datatype/UnsignedLongType.java | 121 + .../xml/validation/datatype/UnsignedShortType.java | 122 + .../xml/validation/datatype/WhiteSpaceFacet.java | 75 + .../xml/validation/relaxng/AnyNameNameClass.java | 58 + .../xml/validation/relaxng/AttributePattern.java | 53 + .../xml/validation/relaxng/ChoiceNameClass.java | 59 + .../gnu/xml/validation/relaxng/ChoicePattern.java | 53 + .../gnu/xml/validation/relaxng/DataPattern.java | 60 + .../gnu/xml/validation/relaxng/Define.java | 52 + .../gnu/xml/validation/relaxng/ElementPattern.java | 53 + .../gnu/xml/validation/relaxng/EmptyPattern.java | 52 + .../xml/validation/relaxng/FullSyntaxBuilder.java | 1651 +++++++++ .../gnu/xml/validation/relaxng/Grammar.java | 70 + .../xml/validation/relaxng/GrammarException.java | 56 + .../xml/validation/relaxng/GrammarValidator.java | 97 + .../gnu/xml/validation/relaxng/GroupPattern.java | 53 + .../xml/validation/relaxng/InterleavePattern.java | 53 + .../gnu/xml/validation/relaxng/ListPattern.java | 52 + .../xml/validation/relaxng/NSNameNameClass.java | 61 + .../gnu/xml/validation/relaxng/NameClass.java | 50 + .../gnu/xml/validation/relaxng/NameNameClass.java | 60 + .../xml/validation/relaxng/NotAllowedPattern.java | 53 + .../xml/validation/relaxng/OneOrMorePattern.java | 52 + .../gnu/xml/validation/relaxng/Param.java | 52 + .../gnu/xml/validation/relaxng/Pattern.java | 48 + .../validation/relaxng/RELAXNGSchemaFactory.java | 151 + .../gnu/xml/validation/relaxng/RefPattern.java | 52 + .../gnu/xml/validation/relaxng/TextPattern.java | 52 + .../gnu/xml/validation/relaxng/ValuePattern.java | 58 + .../gnu/xml/validation/xmlschema/AnyAttribute.java | 67 + .../validation/xmlschema/AttributeDeclaration.java | 99 + .../gnu/xml/validation/xmlschema/AttributeUse.java | 79 + .../gnu/xml/validation/xmlschema/ComplexType.java | 102 + .../validation/xmlschema/ElementDeclaration.java | 125 + .../gnu/xml/validation/xmlschema/Particle.java | 61 + .../validation/xmlschema/ValidationException.java | 58 + .../gnu/xml/validation/xmlschema/XMLSchema.java | 134 + .../xmlschema/XMLSchemaAttributeTypeInfo.java | 100 + .../xml/validation/xmlschema/XMLSchemaBuilder.java | 844 +++++ .../xmlschema/XMLSchemaElementTypeInfo.java | 93 + .../xmlschema/XMLSchemaSchemaFactory.java | 159 + .../validation/xmlschema/XMLSchemaTypeInfo.java | 77 + .../xmlschema/XMLSchemaTypeInfoProvider.java | 82 + .../validation/xmlschema/XMLSchemaValidator.java | 98 + .../xmlschema/XMLSchemaValidatorHandler.java | 394 +++ libjava/classpath/gnu/xml/xpath/LangFunction.java | 12 +- libjava/classpath/gnu/xml/xpath/NodeTypeTest.java | 1 + libjava/classpath/gnu/xml/xpath/Selector.java | 41 +- 753 files changed, 123621 insertions(+), 8122 deletions(-) create mode 100644 libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingButtonPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingCanvasPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingComponent.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingContainerPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingFramePeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingLabelPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingMenuBarPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingMenuItemPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingMenuPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingPanelPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingTextFieldPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingToolkit.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/SwingWindowPeer.java create mode 100644 libjava/classpath/gnu/java/awt/peer/swing/package.html create mode 100644 libjava/classpath/gnu/java/beans/DefaultExceptionListener.java delete mode 100644 libjava/classpath/gnu/java/beans/decoder/DefaultExceptionListener.java create mode 100644 libjava/classpath/gnu/java/rmi/server/CombinedClassLoader.java create mode 100644 libjava/classpath/gnu/java/security/Properties.java create mode 100644 libjava/classpath/gnu/java/security/Registry.java create mode 100644 libjava/classpath/gnu/java/security/hash/BaseHash.java create mode 100644 libjava/classpath/gnu/java/security/hash/HashFactory.java create mode 100644 libjava/classpath/gnu/java/security/hash/Haval.java create mode 100644 libjava/classpath/gnu/java/security/hash/IMessageDigest.java create mode 100644 libjava/classpath/gnu/java/security/hash/MD2.java create mode 100644 libjava/classpath/gnu/java/security/hash/MD4.java create mode 100644 libjava/classpath/gnu/java/security/hash/MD5.java create mode 100644 libjava/classpath/gnu/java/security/hash/RipeMD128.java create mode 100644 libjava/classpath/gnu/java/security/hash/RipeMD160.java create mode 100644 libjava/classpath/gnu/java/security/hash/Sha160.java create mode 100644 libjava/classpath/gnu/java/security/hash/Sha256.java create mode 100644 libjava/classpath/gnu/java/security/hash/Sha384.java create mode 100644 libjava/classpath/gnu/java/security/hash/Sha512.java create mode 100644 libjava/classpath/gnu/java/security/hash/Tiger.java create mode 100644 libjava/classpath/gnu/java/security/hash/Whirlpool.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java create mode 100644 libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java create mode 100644 libjava/classpath/gnu/java/security/key/IKeyPairCodec.java create mode 100644 libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java create mode 100644 libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java create mode 100644 libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSKey.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java create mode 100644 libjava/classpath/gnu/java/security/key/dss/FIPS186.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java create mode 100644 libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java create mode 100644 libjava/classpath/gnu/java/security/prng/BasePRNG.java create mode 100644 libjava/classpath/gnu/java/security/prng/EntropySource.java create mode 100644 libjava/classpath/gnu/java/security/prng/IRandom.java create mode 100644 libjava/classpath/gnu/java/security/prng/LimitReachedException.java create mode 100644 libjava/classpath/gnu/java/security/prng/MDGenerator.java create mode 100644 libjava/classpath/gnu/java/security/prng/PRNGFactory.java create mode 100644 libjava/classpath/gnu/java/security/prng/RandomEvent.java create mode 100644 libjava/classpath/gnu/java/security/prng/RandomEventListener.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DSAKeyFactory.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DSAKeyPairGenerator.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DSAParameters.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DSASignature.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyFactoryImpl.java delete mode 100644 libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyPairGeneratorImpl.java delete mode 100644 libjava/classpath/gnu/java/security/provider/EncodedKeyFactory.java delete mode 100644 libjava/classpath/gnu/java/security/provider/GnuDHPublicKey.java delete mode 100644 libjava/classpath/gnu/java/security/provider/GnuDSAPrivateKey.java delete mode 100644 libjava/classpath/gnu/java/security/provider/GnuDSAPublicKey.java delete mode 100644 libjava/classpath/gnu/java/security/provider/GnuRSAPrivateKey.java delete mode 100644 libjava/classpath/gnu/java/security/provider/GnuRSAPublicKey.java delete mode 100644 libjava/classpath/gnu/java/security/provider/MD2withRSA.java delete mode 100644 libjava/classpath/gnu/java/security/provider/MD4withRSA.java delete mode 100644 libjava/classpath/gnu/java/security/provider/MD5.java delete mode 100644 libjava/classpath/gnu/java/security/provider/MD5withRSA.java delete mode 100644 libjava/classpath/gnu/java/security/provider/RSA.java delete mode 100644 libjava/classpath/gnu/java/security/provider/RSAKeyFactory.java delete mode 100644 libjava/classpath/gnu/java/security/provider/SHA.java delete mode 100644 libjava/classpath/gnu/java/security/provider/SHA1PRNG.java delete mode 100644 libjava/classpath/gnu/java/security/provider/SHA1withRSA.java create mode 100644 libjava/classpath/gnu/java/security/sig/BaseSignature.java create mode 100644 libjava/classpath/gnu/java/security/sig/ISignature.java create mode 100644 libjava/classpath/gnu/java/security/sig/ISignatureCodec.java create mode 100644 libjava/classpath/gnu/java/security/sig/SignatureCodecFactory.java create mode 100644 libjava/classpath/gnu/java/security/sig/SignatureFactory.java create mode 100644 libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java create mode 100644 libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java create mode 100644 libjava/classpath/gnu/java/security/sig/dss/DSSSignatureX509Codec.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSA.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java create mode 100644 libjava/classpath/gnu/java/security/sig/rsa/RSASignatureFactory.java create mode 100644 libjava/classpath/gnu/java/security/util/Base64.java create mode 100644 libjava/classpath/gnu/java/security/util/DerUtil.java create mode 100644 libjava/classpath/gnu/java/security/util/ExpirableObject.java create mode 100644 libjava/classpath/gnu/java/security/util/FormatUtil.java create mode 100644 libjava/classpath/gnu/java/security/util/PRNG.java create mode 100644 libjava/classpath/gnu/java/security/util/Prime2.java create mode 100644 libjava/classpath/gnu/java/security/util/Sequence.java create mode 100644 libjava/classpath/gnu/java/security/util/SimpleList.java create mode 100644 libjava/classpath/gnu/java/security/util/Util.java create mode 100644 libjava/classpath/gnu/java/util/prefs/EventDispatcher.java create mode 100644 libjava/classpath/gnu/java/util/prefs/FileBasedPreferences.java delete mode 100644 libjava/classpath/gnu/javax/crypto/DiffieHellmanImpl.java delete mode 100644 libjava/classpath/gnu/javax/crypto/GnuDHPrivateKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Assembly.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Cascade.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/CascadeStage.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/CascadeTransformer.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/DeflateTransformer.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Direction.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/LoopbackTransformer.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/ModeStage.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Operation.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/PaddingTransformer.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Stage.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/Transformer.java create mode 100644 libjava/classpath/gnu/javax/crypto/assembly/TransformerException.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Anubis.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/BaseCipher.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Blowfish.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Cast5.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/CipherFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/DES.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/IBlockCipher.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/IBlockCipherSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Khazad.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/NullCipher.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Rijndael.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Serpent.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Square.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/TripleDES.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/Twofish.java create mode 100644 libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/sig/DHParameters.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/sig/DHParametersGenerator.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java create mode 100644 libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/Entry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/Properties.java create mode 100644 libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/BaseMac.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/HMac.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/IMac.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/MacFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/OMAC.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/TMMH16.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/UHash32.java create mode 100644 libjava/classpath/gnu/javax/crypto/mac/UMac32.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/BaseMode.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/CBC.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/CFB.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/CTR.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/EAX.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/ECB.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/ICM.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/IMode.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/mode/OFB.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/BasePad.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/IPad.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/PKCS7.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/PadFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/SSL3.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/TBC.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/TLS1.java create mode 100644 libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/ARCFour.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/Fortuna.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/IPBE.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java create mode 100644 libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/Base64.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/EntropySource.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/NullManagerParameters.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/PrivateCredentials.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/SRPManagerParameters.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/SRPTrustManager.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/StaticTrustAnchors.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Alert.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/AlertException.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Certificate.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/CertificateRequest.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/CertificateType.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/CertificateVerify.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/CipherSuite.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ClientHello.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ClientKeyExchange.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/CompressionMethod.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Constructed.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ContentType.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Context.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/DiffieHellman.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/DigestInputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/DigestOutputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Enumerated.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Extension.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Extensions.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Finished.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/GNUSecurityParameters.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Handshake.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JCESecurityParameters.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JDBCSessionContext.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Jessie.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPrivateKey.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPublicKey.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPublicKey.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/MacException.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/OverflowException.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ProtocolVersion.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Random.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/RecordInput.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/RecordInputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/RecordOutputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/RecordingInputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SRPTrustManagerFactory.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLHMac.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLRSASignature.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLRandom.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocket.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocketFactory.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLSocket.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketFactory.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketInputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketOutputStream.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SecurityParameters.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ServerHello.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/ServerKeyExchange.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Session.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SessionContext.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Signature.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/SynchronizedRandom.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/TLSHMac.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/TLSRandom.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/Util.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/X509TrustManagerFactory.java create mode 100644 libjava/classpath/gnu/javax/net/ssl/provider/XMLSessionContext.java create mode 100644 libjava/classpath/gnu/javax/security/auth/Password.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/AWTCallbackHandler.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/AbstractCallbackHandler.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/DefaultCallbackHandler.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/GnuCallbacks.java create mode 100644 libjava/classpath/gnu/javax/security/auth/callback/SwingCallbackHandler.java create mode 100644 libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java create mode 100644 libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java create mode 100644 libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java create mode 100644 libjava/classpath/gnu/regexp/RETokenIndependent.java create mode 100644 libjava/classpath/gnu/regexp/RETokenLookBehind.java create mode 100644 libjava/classpath/gnu/regexp/RETokenNamedProperty.java delete mode 100644 libjava/classpath/gnu/xml/stream/EndEntityImpl.java delete mode 100644 libjava/classpath/gnu/xml/stream/LocationImpl.java delete mode 100644 libjava/classpath/gnu/xml/stream/StartEntityImpl.java delete mode 100644 libjava/classpath/gnu/xml/stream/XMLStreamReaderImpl.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/Annotation.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/AnySimpleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/AnyType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/AnyURIType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/AtomicSimpleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/Base64BinaryType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/BooleanType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/ByteType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/DateTimeType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/DateType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/DecimalType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/DoubleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/DurationType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/EntitiesType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/EntityType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/EnumerationFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/Facet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/FloatType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/FractionDigitsFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/GDayType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/GMonthDayType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/GMonthType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/GYearMonthType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/GYearType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/HexBinaryType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/IDRefType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/IDRefsType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/IDType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/IntType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/IntegerType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/LanguageType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/LengthFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/ListSimpleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/LongType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MaxExclusiveFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MaxInclusiveFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MaxLengthFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MinExclusiveFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MinInclusiveFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/MinLengthFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NCNameType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NMTokenType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NMTokensType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NameType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NegativeIntegerType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NonNegativeIntegerType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NonPositiveIntegerType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NormalizedStringType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/NotationType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/PatternFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/PositiveIntegerType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/QNameType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/ShortType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/SimpleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/StringType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TimeType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TokenType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TotalDigitsFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/Type.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TypeBuilder.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TypeLibrary.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/TypeLibraryFactory.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/UnionSimpleType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/UnsignedByteType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/UnsignedIntType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/UnsignedLongType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/UnsignedShortType.java create mode 100644 libjava/classpath/gnu/xml/validation/datatype/WhiteSpaceFacet.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/AnyNameNameClass.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/AttributePattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/ChoiceNameClass.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/ChoicePattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/DataPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/Define.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/ElementPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/EmptyPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/FullSyntaxBuilder.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/Grammar.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/GrammarException.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/GrammarValidator.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/GroupPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/InterleavePattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/ListPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/NSNameNameClass.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/NameClass.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/NameNameClass.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/NotAllowedPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/OneOrMorePattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/Param.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/Pattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/RELAXNGSchemaFactory.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/RefPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/TextPattern.java create mode 100644 libjava/classpath/gnu/xml/validation/relaxng/ValuePattern.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/AnyAttribute.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/AttributeDeclaration.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/AttributeUse.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/ComplexType.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/ElementDeclaration.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/Particle.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/ValidationException.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchema.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaAttributeTypeInfo.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaBuilder.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaElementTypeInfo.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaSchemaFactory.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfo.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfoProvider.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidator.java create mode 100644 libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidatorHandler.java (limited to 'libjava/classpath/gnu') diff --git a/libjava/classpath/gnu/CORBA/IOR.java b/libjava/classpath/gnu/CORBA/IOR.java index 5d6d315..917e198 100644 --- a/libjava/classpath/gnu/CORBA/IOR.java +++ b/libjava/classpath/gnu/CORBA/IOR.java @@ -140,6 +140,27 @@ public class IOR b.append(' '); return b.toString(); } + + /** + * Get a better formatted multiline string representation. + */ + public String toStringFormatted() + { + StringBuffer b = new StringBuffer(); + b.append("\n Native set " + name(native_set)); + if (conversion != null && conversion.length > 0) + { + b.append("\n Other supported sets:\n "); + for (int i = 0; i < conversion.length; i++) + { + b.append(name(conversion[i])); + b.append(' '); + } + } + b.append("\n"); + return b.toString(); + } + /** * Write into CDR stream. @@ -590,6 +611,39 @@ public class IOR return b.toString(); } + + /** + * Returns a multiline formatted human readable string representation of + * this IOR object. + */ + public String toStringFormatted() + { + StringBuffer b = new StringBuffer(); + b.append("\nObject Id:\n "); + b.append(Id); + b.append("\nObject is accessible at:\n "); + b.append(Internet); + + if (Big_Endian) + b.append("\n Big endian encoding"); + else + b.append("\n Little endian encoding."); + + b.append("\nObject Key\n "); + + for (int i = 0; i < key.length; i++) + { + b.append(Integer.toHexString(key[i] & 0xFF)); + } + + b.append("\nSupported code sets:"); + b.append("\n Wide:"); + b.append(Internet.CodeSets.wide.toStringFormatted()); + b.append(" Narrow:"); + b.append(Internet.CodeSets.wide.toStringFormatted()); + + return b.toString(); + } /** * Returs a stringified reference. diff --git a/libjava/classpath/gnu/CORBA/NamingService/NamingMap.java b/libjava/classpath/gnu/CORBA/NamingService/NamingMap.java index 95deb00..f4e940e 100644 --- a/libjava/classpath/gnu/CORBA/NamingService/NamingMap.java +++ b/libjava/classpath/gnu/CORBA/NamingService/NamingMap.java @@ -58,11 +58,11 @@ public class NamingMap /** * The actual map. */ - private final TreeMap map; + protected final TreeMap map; /** * Creates an instance of the naming map, intialising the comparator - * to the {@link cmpNameComparator}. + * to the {@link NameComponentComparator}. */ public NamingMap() { @@ -70,7 +70,7 @@ public class NamingMap } /** - * Put the given CORBA object, specifying the given name as a key. + * Put the given GIOP object, specifying the given name as a key. * If the entry with the given name already exists, or if the given * object is already mapped under another name, the * {@link AlreadyBound} exception will be thrown. @@ -93,8 +93,11 @@ public class NamingMap else { if (containsValue(object)) - throw new AlreadyBound("Tha object has another name"); + throw new AlreadyBound("The object has another name"); } + + // There are no restrictions in binding the object. + rebind(name, object); } /** @@ -141,7 +144,7 @@ public class NamingMap } /** - * Put the given CORBA object, specifying the given name as a key. + * Put the given GIOP object, specifying the given name as a key. * Remove all pre - existing mappings for the given name and object. * * @param name the name. diff --git a/libjava/classpath/gnu/CORBA/NamingService/NamingServiceTransient.java b/libjava/classpath/gnu/CORBA/NamingService/NamingServiceTransient.java index bf72637..3669879 100644 --- a/libjava/classpath/gnu/CORBA/NamingService/NamingServiceTransient.java +++ b/libjava/classpath/gnu/CORBA/NamingService/NamingServiceTransient.java @@ -136,7 +136,7 @@ public class NamingServiceTransient System.out.println("GNU Classpath transient naming service " + "started at " + iorr.Internet.host + ":" + iorr.Internet.port + " key 'NameService'.\n\n" - + "Copyright (C) 2005 Free Software Foundation\n" + + "Copyright (C) 2006 Free Software Foundation\n" + "This tool comes with ABSOLUTELY NO WARRANTY. " + "This is free software, and you are\nwelcome to " + "redistribute it under conditions, defined in " diff --git a/libjava/classpath/gnu/CORBA/NamingService/TransientContext.java b/libjava/classpath/gnu/CORBA/NamingService/TransientContext.java index 4b7c193..c2d8275 100644 --- a/libjava/classpath/gnu/CORBA/NamingService/TransientContext.java +++ b/libjava/classpath/gnu/CORBA/NamingService/TransientContext.java @@ -59,7 +59,7 @@ import java.util.Map; /** * This class implements the transient naming service, defined by - * {@link NamingContex}. The 'transient' means that the service does + * {@link NamingContext}. The 'transient' means that the service does * not store its state into the persistent memory. If the service is * restarted, the named objects must be re-registered again. * @@ -72,14 +72,39 @@ public class TransientContext implements NamingContext, NamingContextOperations { /** + * Use serial version UID for interoperability. + */ + private static final long serialVersionUID = 2; + + /** * The already named contexts. */ - protected final NamingMap named_contexts = new NamingMap(); + protected final NamingMap named_contexts; /** * The already named objects. */ - protected final NamingMap named_objects = new NamingMap(); + protected final NamingMap named_objects; + + /** + * Create the naming conetxt with default (transient) naming maps. + */ + public TransientContext() + { + this(new NamingMap(), new NamingMap()); + } + + /** + * Create the naming conetxt with the two provided naming maps. + * + * @param context_map the map for contexts + * @param object_map the map for objectss + */ + public TransientContext(NamingMap context_map, NamingMap object_map) + { + named_contexts = context_map; + named_objects = object_map; + } /** * Gives the object a name, valid in this context. @@ -376,7 +401,7 @@ public class TransientContext /** * Create a binding. * - * @param entry the entry, defining the bound object. + * @param an_entry the entry, defining the bound object. * @param type the binding type. * @return the created binding. */ @@ -396,7 +421,7 @@ public class TransientContext * name, and pass the remainder (without the first node) * of the name for that context to resolve. * - * @param name the name to resolve. + * @param a_name the name to resolve. * * @return the resolved context */ diff --git a/libjava/classpath/gnu/classpath/ServiceFactory.java b/libjava/classpath/gnu/classpath/ServiceFactory.java index 711a904..122a79c 100644 --- a/libjava/classpath/gnu/classpath/ServiceFactory.java +++ b/libjava/classpath/gnu/classpath/ServiceFactory.java @@ -282,7 +282,7 @@ public final class ServiceFactory * An iterator over service providers that are listed in service * provider configuration files, which get passed as an Enumeration * of URLs. This is a helper class for {@link - * ServiceFactory#lookupProviders}. + * ServiceFactory#lookupProviders(Class, ClassLoader)}. * * @author Sascha Brawer */ @@ -314,7 +314,8 @@ public final class ServiceFactory * The security context used when loading and initializing service * providers. We want to load and initialize all plug-in service * providers under the same security context, namely the one that - * was active when {@link #lookupProviders} has been called. + * was active when {@link #lookupProviders(Class, ClassLoader)} has + * been called. */ private final AccessControlContext securityContext; @@ -527,7 +528,7 @@ public final class ServiceFactory * framework. This call returns very quickly if no log message will * be produced, so there is not much overhead in the standard case. * - * @param the severity of the message, for instance {@link + * @param level the severity of the message, for instance {@link * Level#WARNING}. * * @param msg the log message, for instance “Could not diff --git a/libjava/classpath/gnu/classpath/ServiceProviderLoadingAction.java b/libjava/classpath/gnu/classpath/ServiceProviderLoadingAction.java index b5e59cb..9f9dc51 100644 --- a/libjava/classpath/gnu/classpath/ServiceProviderLoadingAction.java +++ b/libjava/classpath/gnu/classpath/ServiceProviderLoadingAction.java @@ -48,9 +48,9 @@ import java.security.PrivilegedExceptionAction; * PriviledgedAction in order to restrict the loaded * service providers to the {@link java.security.AccessControlContext} * that was active when {@link - * gnu.classpath.ServiceFactory#lookupProviders} was called, even - * though the actual loading is delayed to the time when the provider - * is actually needed. + * gnu.classpath.ServiceFactory#lookupProviders(Class, ClassLoader)} was + * called, even though the actual loading is delayed to the time when the + * provider is actually needed. * * @author Sascha Brawer */ diff --git a/libjava/classpath/gnu/classpath/debug/Component.java b/libjava/classpath/gnu/classpath/debug/Component.java index 242419c..af030ed 100644 --- a/libjava/classpath/gnu/classpath/debug/Component.java +++ b/libjava/classpath/gnu/classpath/debug/Component.java @@ -89,9 +89,9 @@ public final class Component extends Level public static final Component SSL_HANDSHAKE = new Component ("SSL HANDSHAKE", 0); /** - * Traces the application messages during SSL communications. + * Traces record layer messages during SSL communications. */ - public static final Component SSL_APPLICATION = new Component ("SSL APPLICATION", 1); + public static final Component SSL_RECORD_LAYER = new Component ("SSL RECORD LAYER", 1); /** * Trace details about the SSL key exchange. diff --git a/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java b/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java new file mode 100644 index 0000000..0bdf22a --- /dev/null +++ b/libjava/classpath/gnu/classpath/debug/Simple1LineFormatter.java @@ -0,0 +1,153 @@ +/* Simple1LineFormatter.java -- A simple 1-line logging formatter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.classpath.debug; + +import gnu.classpath.SystemProperties; + +import java.io.PrintWriter; +import java.io.StringWriter; +import java.text.DateFormat; +import java.text.DecimalFormat; +import java.text.NumberFormat; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.logging.Formatter; +import java.util.logging.LogRecord; + +/** + * A simple 1-line formatter to use instead of the 2-line SimpleFormatter used + * by default in the JDK logging handlers. + *

+ * The fixed format of this formatter is as follows: + *

+ *

    + *
  1. Date: As a yyyy-MM-dd string.
    2. + *
  2. Time: As a HH:mm:ss.SSSS Z string.
    3. + *
  3. Thread identifier, right-justified, and framed in an 11-digit field.
    4. + *
  4. Class name, without its package name, left-justified, and framed in a + * 32-character field.
    5. + *
  5. Method name, left-justified, and framed in a 32-character field.
    6. + *
  6. Level name, left-justified, and framed in a 6-character field.
    7. + *
  7. User message and arguments.
    8. + *
  8. Platform-dependent line-separator.
    9. + *
  9. Optionally, if the log-record contains a thrown exception, that + * exception's stack trace is appended to the output.
    10. + *
+ *

+ * Here is an example of the output generated by this formatter: + *

+ * 

+ * 2006-02-27 21:59:12.0881 +1100 -1343151280 EncodedKeyFactory                engineGeneratePublic()           FINER - ENTRY java.security.spec.X509EncodedKeySpec@b00d7fc0
+ * 2006-02-27 21:59:12.0887 +1100 -1343151280 EncodedKeyFactory                engineGeneratePublic()           FINE  - Exception in DSSPublicKey.valueOf(). Ignore
+ * java.security.InvalidParameterException: Unexpected OID: 1.2.840.113549.1.1.1
+ *    at gnu.java.security.key.dss.DSSKeyPairX509Codec.decodePublicKey (DSSKeyPairX509Codec.java:205)
+ *    at gnu.java.security.key.dss.DSSPublicKey.valueOf (DSSPublicKey.java:136)
+ *    at gnu.java.security.jce.sig.EncodedKeyFactory.engineGeneratePublic (EncodedKeyFactory.java:218)
+ *    at java.security.KeyFactory.generatePublic (KeyFactory.java:219)
+ *    at gnu.java.security.x509.X509Certificate.parse (X509Certificate.java:657)
+ *    at gnu.java.security.x509.X509Certificate. (X509Certificate.java:163)
+ *    ...
+ * 2006-02-27 21:59:12.0895 +1100 -1343151280 RSAKeyPairX509Codec              decodePublicKey()                FINER - ENTRY [B@b00d7fd0
+ * 2006-02-27 21:59:12.0897 +1100 -1343151280 RSAKeyPairX509Codec              decodePublicKey()                FINER - RETURN gnu.java.security.key.rsa.GnuRSAPublicKey@b00fb940
+ *
+ */ +public class Simple1LineFormatter + extends Formatter +{ + private static final String DAT_PATTERN = "yyyy-MM-dd HH:mm:ss.SSSS Z "; + private static final DateFormat DAT_FORMAT = new SimpleDateFormat(DAT_PATTERN); + private static final String THREAD_PATTERN = " #########0;-#########0"; + private static final NumberFormat THREAD_FORMAT = new DecimalFormat(THREAD_PATTERN); + private static final String SPACES_32 = " "; + private static final String SPACES_6 = " "; + private static final String LS = SystemProperties.getProperty("line.separator"); + + // default 0-arguments constructor + + public String format(LogRecord record) + { + StringBuffer sb = new StringBuffer(180) + .append(DAT_FORMAT.format(new Date(record.getMillis()))) + .append(THREAD_FORMAT.format(record.getThreadID())) + .append(" "); + String s = record.getSourceClassName(); + if (s == null) + sb.append(SPACES_32); + else + { + s = s.trim(); + int i = s.lastIndexOf("."); + if (i != - 1) + s = s.substring(i + 1); + + s = (s + SPACES_32).substring(0, 32); + } + + sb.append(s).append(" "); + s = record.getSourceMethodName(); + if (s == null) + sb.append(SPACES_32); + else + { + s = s.trim(); + if (s.endsWith("()")) + s = (s.trim() + SPACES_32).substring(0, 32); + else + s = (s.trim() + "()" + SPACES_32).substring(0, 32); + } + + sb.append(s).append(" "); + s = String.valueOf(record.getLevel()); + if (s == null) + sb.append(SPACES_6); + else + s = (s.trim() + SPACES_6).substring(0, 6); + + sb.append(s).append(" - ").append(formatMessage(record)).append(LS); + Throwable cause = record.getThrown(); + if (cause != null) + { + StringWriter sw = new StringWriter(); + cause.printStackTrace(new PrintWriter(sw, true)); + sb.append(sw.toString()); + } + + return sb.toString(); + } +} diff --git a/libjava/classpath/gnu/classpath/jdwp/Jdwp.java b/libjava/classpath/gnu/classpath/jdwp/Jdwp.java index 43a37de..f73e096 100644 --- a/libjava/classpath/gnu/classpath/jdwp/Jdwp.java +++ b/libjava/classpath/gnu/classpath/jdwp/Jdwp.java @@ -1,5 +1,5 @@ /* Jdwp.java -- Virtual machine to JDWP back-end programming interface - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -159,7 +159,7 @@ public class Jdwp { AccessController.doPrivileged (_packetProcessor); } - }); + }, "packet processor"); _ppThread.start (); } @@ -258,7 +258,7 @@ public class Jdwp break; case EventRequest.SUSPEND_THREAD: - VMVirtualMachine.suspendThread (this); + VMVirtualMachine.suspendThread (Thread.currentThread ()); break; case EventRequest.SUSPEND_ALL: diff --git a/libjava/classpath/gnu/classpath/jdwp/event/EventRequest.java b/libjava/classpath/gnu/classpath/jdwp/event/EventRequest.java index eadad28..6c2acf3 100644 --- a/libjava/classpath/gnu/classpath/jdwp/event/EventRequest.java +++ b/libjava/classpath/gnu/classpath/jdwp/event/EventRequest.java @@ -1,5 +1,5 @@ /* EventRequest.java -- an event request from the debugger - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -44,8 +44,9 @@ import gnu.classpath.jdwp.event.filters.*; import gnu.classpath.jdwp.exception.JdwpIllegalArgumentException; import gnu.classpath.jdwp.id.*; +import java.util.Collection; +import java.util.Iterator; import java.util.LinkedList; -import java.util.ListIterator; /** * A class which represents a request by the debugger for an event @@ -320,6 +321,14 @@ public class EventRequest } /** + * Returns the filters attached to this request + */ + public Collection getFilters () + { + return _filters; + } + + /** * Returns the suspend policy for this request */ public byte getSuspendPolicy () @@ -363,7 +372,7 @@ public class EventRequest // Loop through filters; all must match // Note that we must allow EVERY filter to evaluate. This way // things like CountFilter will work. - ListIterator iter = _filters.listIterator (); + Iterator iter = _filters.iterator (); while (iter.hasNext ()) { IEventFilter filter = (IEventFilter) iter.next (); diff --git a/libjava/classpath/gnu/classpath/jdwp/id/JdwpId.java b/libjava/classpath/gnu/classpath/jdwp/id/JdwpId.java index 7f610e3..472650d 100644 --- a/libjava/classpath/gnu/classpath/jdwp/id/JdwpId.java +++ b/libjava/classpath/gnu/classpath/jdwp/id/JdwpId.java @@ -1,5 +1,5 @@ /* JdwpId.java -- base class for all object ID types - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -51,6 +51,11 @@ import java.lang.ref.SoftReference; public abstract class JdwpId { /** + * The size of an ID. The default is 8 bytes (a long). + */ + public static final int SIZE = 8; + + /** * ID assigned to this object */ protected long _id; @@ -122,11 +127,6 @@ public abstract class JdwpId } /** - * Returns size of this type (used by IDSizes) - */ - public abstract int size (); - - /** * Writes the contents of this type to the DataOutputStream * @param outStream the DataOutputStream to use * @throws IOException when an error occurs on the OutputStream diff --git a/libjava/classpath/gnu/classpath/jdwp/id/ObjectId.java b/libjava/classpath/gnu/classpath/jdwp/id/ObjectId.java index 3e2abd4..a4a37fd 100644 --- a/libjava/classpath/gnu/classpath/jdwp/id/ObjectId.java +++ b/libjava/classpath/gnu/classpath/jdwp/id/ObjectId.java @@ -1,5 +1,5 @@ /* ObjectId.java -- object IDs - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -83,14 +83,6 @@ public class ObjectId } /** - * Returns the size of this id type - */ - public int size () - { - return 8; - } - - /** * Returns the object referred to by this ID * * @returns the object diff --git a/libjava/classpath/gnu/classpath/jdwp/id/ReferenceTypeId.java b/libjava/classpath/gnu/classpath/jdwp/id/ReferenceTypeId.java index e7a5d2c..b82acf3 100644 --- a/libjava/classpath/gnu/classpath/jdwp/id/ReferenceTypeId.java +++ b/libjava/classpath/gnu/classpath/jdwp/id/ReferenceTypeId.java @@ -1,5 +1,5 @@ /* ReferenceTypeId.java -- a base class for all reference type IDs - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -62,14 +62,6 @@ public class ReferenceTypeId } /** - * Returns the size of this ID type - */ - public int size () - { - return 8; - } - - /** * Gets the class associated with this ID * * @returns the class diff --git a/libjava/classpath/gnu/classpath/jdwp/processor/VirtualMachineCommandSet.java b/libjava/classpath/gnu/classpath/jdwp/processor/VirtualMachineCommandSet.java index 6bdb236..a7edb28 100644 --- a/libjava/classpath/gnu/classpath/jdwp/processor/VirtualMachineCommandSet.java +++ b/libjava/classpath/gnu/classpath/jdwp/processor/VirtualMachineCommandSet.java @@ -1,6 +1,6 @@ /* VirtualMachineCommandSet.java -- class to implement the VirtualMachine Command Set - Copyright (C) 2005 Free Software Foundation + Copyright (C) 2005, 2006 Free Software Foundation This file is part of GNU Classpath. @@ -40,6 +40,7 @@ exception statement from your version. */ package gnu.classpath.jdwp.processor; import gnu.classpath.jdwp.JdwpConstants; +import gnu.classpath.jdwp.VMFrame; import gnu.classpath.jdwp.VMVirtualMachine; import gnu.classpath.jdwp.exception.JdwpException; import gnu.classpath.jdwp.exception.JdwpInternalErrorException; @@ -298,12 +299,11 @@ public class VirtualMachineCommandSet private void executeIDsizes(ByteBuffer bb, DataOutputStream os) throws JdwpException, IOException { - ObjectId oid = new ObjectId(); - os.writeInt(oid.size()); // fieldId - os.writeInt(oid.size()); // methodId - os.writeInt(oid.size()); // objectId - os.writeInt(new ReferenceTypeId((byte) 0x00).size()); // referenceTypeId - os.writeInt(oid.size()); // frameId + os.writeInt(ObjectId.SIZE); // fieldId FIXME + os.writeInt(ObjectId.SIZE); // methodId FIXME + os.writeInt(ObjectId.SIZE); // objectId + os.writeInt(ReferenceTypeId.SIZE); // referenceTypeId + os.writeInt(VMFrame.SIZE); // frameId } private void executeSuspend(ByteBuffer bb, DataOutputStream os) diff --git a/libjava/classpath/gnu/java/awt/peer/GLightweightPeer.java b/libjava/classpath/gnu/java/awt/peer/GLightweightPeer.java index 25735bb..daaa143d 100644 --- a/libjava/classpath/gnu/java/awt/peer/GLightweightPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/GLightweightPeer.java @@ -229,9 +229,9 @@ public class GLightweightPeer public void repaint(long tm, int x, int y, int width, int height) { - Component p = comp.getParent (); - if(p != null) - p.repaint(tm,x+comp.getX(),y+comp.getY(),width,height); + Component p = comp.getParent(); + if (p != null) + p.repaint(tm, x + comp.getX(), y + comp.getY(), width, height); } public void requestFocus() {} diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java index 054ead6..63d9cd4 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkButtonPeer.java @@ -1,5 +1,5 @@ /* GtkButtonPeer.java -- Implements ButtonPeer with GTK - Copyright (C) 1998, 1999, 2004 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -57,7 +57,10 @@ public class GtkButtonPeer extends GtkComponentPeer public native void connectSignals (); - native void gtkWidgetModifyFont (String name, int style, int size); + /** + * Overridden to set Font of Label inside Button inside EventBox. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); native void gtkSetLabel (String label); native void gtkWidgetSetForeground (int red, int green, int blue); native void gtkWidgetSetBackground (int red, int green, int blue); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxMenuItemPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxMenuItemPeer.java index 01a6e31..be9247e 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxMenuItemPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxMenuItemPeer.java @@ -1,5 +1,5 @@ /* GtkCheckboxMenuItemPeer.java -- Implements CheckboxMenuItemPeer with GTK+ - Copyright (C) 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -46,7 +46,7 @@ import java.awt.peer.CheckboxMenuItemPeer; public class GtkCheckboxMenuItemPeer extends GtkMenuItemPeer implements CheckboxMenuItemPeer { - native void create (String label); + protected native void create (String label); public GtkCheckboxMenuItemPeer (CheckboxMenuItem menu) { @@ -56,6 +56,11 @@ public class GtkCheckboxMenuItemPeer extends GtkMenuItemPeer public native void setState(boolean t); + /** + * Called from the signal handler of the gtk widget. Posts a + * ItemEvent to indicate a state changed, then calls super to post + * an ActionEvent. + */ protected void postMenuActionEvent () { CheckboxMenuItem item = (CheckboxMenuItem)awtWidget; diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java index 3e05cf8..094aa3c 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkCheckboxPeer.java @@ -1,5 +1,5 @@ /* GtkCheckboxPeer.java -- Implements CheckboxPeer with GTK - Copyright (C) 1998, 1999, 2002, 2003 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2002, 2003, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -42,6 +42,8 @@ import java.awt.Checkbox; import java.awt.CheckboxGroup; import java.awt.peer.CheckboxPeer; +import java.awt.event.ItemEvent; + public class GtkCheckboxPeer extends GtkComponentPeer implements CheckboxPeer { @@ -49,12 +51,15 @@ public class GtkCheckboxPeer extends GtkComponentPeer public GtkCheckboxGroupPeer old_group; // The current state of the GTK checkbox. private boolean currentState; - private boolean changing = false; public native void create (GtkCheckboxGroupPeer group); public native void nativeSetCheckboxGroup (GtkCheckboxGroupPeer group); public native void connectSignals (); - native void gtkWidgetModifyFont (String name, int style, int size); + + /** + * Overridden to set Font of label inside button. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); native void gtkButtonSetLabel (String label); native void gtkToggleButtonSetActive (boolean is_active); @@ -71,23 +76,24 @@ public class GtkCheckboxPeer extends GtkComponentPeer CheckboxGroup g = checkbox.getCheckboxGroup (); old_group = GtkCheckboxGroupPeer.getCheckboxGroupPeer (g); create (old_group); - gtkToggleButtonSetActive (checkbox.getState ()); + currentState = checkbox.getState(); + gtkToggleButtonSetActive(currentState); gtkButtonSetLabel (checkbox.getLabel ()); } - public void setState (boolean state) + /** + * Sets native GtkCheckButton is state is different from current + * state. Will set currentState to state to prevent posting an + * event since events should only be posted for user initiated + * clicks on the GtkCheckButton. + */ + synchronized public void setState (boolean state) { - // prevent item_toggled_cb -> postItemEvent -> - // awtComponent.setState -> this.setState -> - // gtkToggleButtonSetActive self-deadlock on the GDK lock. - if (changing && Thread.currentThread() == GtkToolkit.mainThread) + if (currentState != state) { - changing = false; - return; + currentState = state; + gtkToggleButtonSetActive(state); } - - if (currentState != state) - gtkToggleButtonSetActive (state); } public void setLabel (String label) @@ -111,22 +117,15 @@ public class GtkCheckboxPeer extends GtkComponentPeer // Override the superclass postItemEvent so that the peer doesn't // need information that we have. // called back by native side: item_toggled_cb - public void postItemEvent (Object item, int stateChange) + synchronized public void postItemEvent(Object item, boolean state) { - Checkbox currentCheckBox = ((Checkbox)awtComponent); - // A firing of the event is only desired if the state has changed due to a - // button press. The currentCheckBox's state must be different from the - // one that the stateChange is changing to. - // stateChange = 1 if it goes from false -> true - // stateChange = 2 if it goes from true -> false - if (( !currentCheckBox.getState() && stateChange == 1) - || (currentCheckBox.getState() && stateChange == 2)) - { - super.postItemEvent (awtComponent, stateChange); - currentState = !currentCheckBox.getState(); - changing = true; - currentCheckBox.setState(currentState); - } + // Only fire event is state actually changed. + if (currentState != state) + { + currentState = state; + super.postItemEvent(awtComponent, + state ? ItemEvent.SELECTED : ItemEvent.DESELECTED); + } } public void dispose () diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java index fe0dae7..8211839 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkComponentPeer.java @@ -1,5 +1,6 @@ /* GtkComponentPeer.java -- Implements ComponentPeer with GTK - Copyright (C) 1998, 1999, 2002, 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2002, 2004, 2005, 2006 + Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -46,10 +47,10 @@ import java.awt.Component; import java.awt.Container; import java.awt.Cursor; import java.awt.Dimension; +import java.awt.EventQueue; import java.awt.Font; import java.awt.FontMetrics; import java.awt.Graphics; -import java.awt.Graphics2D; import java.awt.GraphicsConfiguration; import java.awt.Image; import java.awt.Insets; @@ -87,8 +88,6 @@ public class GtkComponentPeer extends GtkGenericPeer boolean isInRepaint; - static final Timer repaintTimer = new Timer (true); - /* this isEnabled differs from Component.isEnabled, in that it knows if a parent is disabled. In that case Component.isEnabled may return true, but our isEnabled will always return false */ @@ -146,12 +145,7 @@ public class GtkComponentPeer extends GtkGenericPeer Component parent = awtComponent.getParent (); - // Only set our parent on the GTK side if our parent on the AWT - // side is not showing. Otherwise the gtk peer will be shown - // before we've had a chance to position and size it properly. - if (awtComponent instanceof Window - || (parent != null && ! parent.isShowing ())) - setParentAndBounds (); + setParentAndBounds (); setNativeEventMask (); @@ -202,11 +196,6 @@ public class GtkComponentPeer extends GtkGenericPeer void setComponentBounds () { Rectangle bounds = awtComponent.getBounds (); - - if (bounds.x == 0 && bounds.y == 0 - && bounds.width == 0 && bounds.height == 0) - return; - setBounds (bounds.x, bounds.y, bounds.width, bounds.height); } @@ -303,29 +292,29 @@ public class GtkComponentPeer extends GtkGenericPeer { case PaintEvent.PAINT: case PaintEvent.UPDATE: - { - try - { - Graphics g = getGraphics (); - - // Some peers like GtkFileDialogPeer are repainted by Gtk itself - if (g == null) - break; - - g.setClip (((PaintEvent) event).getUpdateRect()); - - if (id == PaintEvent.PAINT) - awtComponent.paint (g); - else - awtComponent.update (g); - - g.dispose (); - } - catch (InternalError e) - { - System.err.println (e); - } - } + { + try + { + Graphics g = getGraphics(); + + if (!awtComponent.isShowing() || awtComponent.getWidth() < 1 + || awtComponent.getHeight() < 1 || g == null) + break; + + g.setClip(((PaintEvent) event).getUpdateRect()); + + if (id == PaintEvent.PAINT) + awtComponent.paint(g); + else + awtComponent.update(g); + + g.dispose(); + } + catch (InternalError e) + { + System.err.println(e); + } + } break; case KeyEvent.KEY_PRESSED: ke = (KeyEvent) event; @@ -383,19 +372,30 @@ public class GtkComponentPeer extends GtkGenericPeer if (x == 0 && y == 0 && width == 0 && height == 0) return; - repaintTimer.schedule(new RepaintTimerTask(x, y, width, height), tm); + if (tm <= 0) + q().postEvent(new PaintEvent(awtComponent, PaintEvent.UPDATE, + new Rectangle(x, y, width, height))); + else + RepaintTimerTask.schedule(tm, x, y, width, height, awtComponent); } - private class RepaintTimerTask extends TimerTask + /** + * Used for scheduling delayed paint updates on the event queue. + */ + private static class RepaintTimerTask extends TimerTask { + private static final Timer repaintTimer = new Timer(true); + private int x, y, width, height; + private Component awtComponent; - RepaintTimerTask(int x, int y, int width, int height) + RepaintTimerTask(Component c, int x, int y, int width, int height) { this.x = x; this.y = y; this.width = width; this.height = height; + this.awtComponent = c; } public void run() @@ -403,6 +403,12 @@ public class GtkComponentPeer extends GtkGenericPeer q().postEvent (new PaintEvent (awtComponent, PaintEvent.UPDATE, new Rectangle (x, y, width, height))); } + + static void schedule(long tm, int x, int y, int width, int height, + Component c) + { + repaintTimer.schedule(new RepaintTimerTask(c, x, y, width, height), tm); + } } public void requestFocus () @@ -429,8 +435,7 @@ public class GtkComponentPeer extends GtkGenericPeer int new_y = y; Component parent = awtComponent.getParent (); - Component next_parent; - + // Heavyweight components that are children of one or more // lightweight containers have to be handled specially. Because // calls to GLightweightPeer.setBounds do nothing, GTK has no @@ -441,33 +446,19 @@ public class GtkComponentPeer extends GtkGenericPeer // so we need to continue adding offsets until we reach a // container whose position GTK knows -- that is, the first // non-lightweight. - boolean lightweightChild = false; - Insets i; - while (parent.isLightweight ()) + Insets i; + while (parent.isLightweight()) { - lightweightChild = true; - - next_parent = parent.getParent (); - - i = ((Container) parent).getInsets (); - - if (next_parent instanceof Window) - { - new_x += i.left; - new_y += i.top; - } - else - { - new_x += parent.getX () + i.left; - new_y += parent.getY () + i.top; - } - - parent = next_parent; + i = ((Container) parent).getInsets(); + + new_x += parent.getX() + i.left; + new_y += parent.getY() + i.top; + + parent = parent.getParent(); } - // We only need to convert from Java to GTK coordinates if we're // placing a heavyweight component in a Window. - if (parent instanceof Window && !lightweightChild) + if (parent instanceof Window) { GtkWindowPeer peer = (GtkWindowPeer) parent.getPeer (); // important: we want the window peer's insets here, not the @@ -479,12 +470,17 @@ public class GtkComponentPeer extends GtkGenericPeer int menuBarHeight = 0; if (peer instanceof GtkFramePeer) menuBarHeight = ((GtkFramePeer) peer).getMenuBarHeight (); - - new_x = x - insets.left; - new_y = y - insets.top + menuBarHeight; + + new_x -= insets.left; + new_y -= insets.top; + new_y += menuBarHeight; } setNativeBounds (new_x, new_y, width, height); + + // If the height or width were (or are now) smaller than zero + // then we want to adjust the visibility. + setVisible(awtComponent.isVisible()); } void setCursor () @@ -535,6 +531,13 @@ public class GtkComponentPeer extends GtkGenericPeer public void setVisible (boolean b) { + // Only really set visible when component is bigger than zero pixels. + if (b) + { + Rectangle bounds = awtComponent.getBounds(); + b = (bounds.width > 0) && (bounds.height > 0); + } + if (Thread.currentThread() == GtkToolkit.mainThread) setVisibleNativeUnlocked (b); else @@ -571,6 +574,8 @@ public class GtkComponentPeer extends GtkGenericPeer KeyEvent keyEvent = new KeyEvent (awtComponent, id, when, mods, keyCode, keyChar, keyLocation); + EventQueue q = q(); + // Also post a KEY_TYPED event if keyEvent is a key press that // doesn't represent an action or modifier key. if (keyEvent.getID () == KeyEvent.KEY_PRESSED @@ -579,15 +584,17 @@ public class GtkComponentPeer extends GtkGenericPeer && keyCode != KeyEvent.VK_CONTROL && keyCode != KeyEvent.VK_ALT)) { - synchronized (q) - { - q().postEvent (keyEvent); - q().postEvent (new KeyEvent (awtComponent, KeyEvent.KEY_TYPED, when, mods, - KeyEvent.VK_UNDEFINED, keyChar, keyLocation)); + synchronized(q) + { + q.postEvent(keyEvent); + keyEvent = new KeyEvent(awtComponent, KeyEvent.KEY_TYPED, when, + mods, KeyEvent.VK_UNDEFINED, keyChar, + keyLocation); + q.postEvent(keyEvent); } } else - q().postEvent (keyEvent); + q.postEvent(keyEvent); } protected void postFocusEvent (int id, boolean temporary) diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java index b035a98..23737b0 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkContainerPeer.java @@ -1,5 +1,5 @@ /* GtkContainerPeer.java -- Implements ContainerPeer with GTK - Copyright (C) 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -65,29 +65,6 @@ public class GtkContainerPeer extends GtkComponentPeer public void endValidate () { - Component parent = awtComponent.getParent (); - - // Only set our parent on the GTK side if our parent on the AWT - // side is not showing. Otherwise the gtk peer will be shown - // before we've had a chance to position and size it properly. - if (parent != null && parent.isShowing ()) - { - Component[] components = ((Container) awtComponent).getComponents (); - int ncomponents = components.length; - - for (int i = 0; i < ncomponents; i++) - { - ComponentPeer peer = components[i].getPeer (); - - // Skip lightweight peers. - if (peer instanceof GtkComponentPeer) - ((GtkComponentPeer) peer).setParentAndBounds (); - } - - // GTK windows don't have parents. - if (!(awtComponent instanceof Window)) - setParentAndBounds (); - } } public Insets getInsets() diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFileDialogPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFileDialogPeer.java index 333407b..a0ae9e9 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFileDialogPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFileDialogPeer.java @@ -41,8 +41,6 @@ package gnu.java.awt.peer.gtk; import java.awt.Dialog; import java.awt.FileDialog; import java.awt.Graphics; -import java.awt.Window; -import java.awt.event.ComponentEvent; import java.awt.peer.FileDialogPeer; import java.io.File; import java.io.FilenameFilter; @@ -68,7 +66,8 @@ public class GtkFileDialogPeer extends GtkDialogPeer implements FileDialogPeer ((FileDialog) awtComponent).getMode()); FileDialog fd = (FileDialog) awtComponent; - + + nativeSetDirectory(System.getProperty("user.dir")); setDirectory(fd.getDirectory()); setFile(fd.getFile()); @@ -117,13 +116,9 @@ public class GtkFileDialogPeer extends GtkDialogPeer implements FileDialogPeer // is not absolute, let's construct it based on current directory. currentFile = fileName; if (fileName.indexOf(FS) == 0) - { - nativeSetFile (fileName); - } + nativeSetFile(fileName); else - { - nativeSetFile (nativeGetDirectory() + FS + fileName); - } + nativeSetFile(nativeGetDirectory() + FS + fileName); } public void setDirectory (String directory) @@ -132,18 +127,24 @@ public class GtkFileDialogPeer extends GtkDialogPeer implements FileDialogPeer the only way we have to set the directory in FileDialog is by calling its setDirectory which will call us back. */ if ((directory == null && currentDirectory == null) - || (directory != null && directory.equals (currentDirectory))) + || (directory != null && directory.equals(currentDirectory))) return; - if (directory == null || directory.equals ("")) + if (directory == null || directory.equals("")) { currentDirectory = FS; - nativeSetFile (FS); - return; + nativeSetDirectory(FS); + return; } - + + // GtkFileChooser requires absolute directory names. If the given directory + // name is not absolute, construct it based on current directory if it is not + // null. Otherwise, use FS. currentDirectory = directory; - nativeSetDirectory (directory); + if (directory.indexOf(FS) == 0) + nativeSetDirectory(directory); + else + nativeSetDirectory(nativeGetDirectory() + FS + directory); } public void setFilenameFilter (FilenameFilter filter) diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java index 99cca0c..f59e781 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkFramePeer.java @@ -43,10 +43,7 @@ import java.awt.Graphics; import java.awt.Image; import java.awt.MenuBar; import java.awt.Rectangle; -import java.awt.Window; -import java.awt.event.ComponentEvent; import java.awt.event.PaintEvent; -import java.awt.image.ColorModel; import java.awt.peer.FramePeer; import java.awt.peer.MenuBarPeer; @@ -77,7 +74,10 @@ public class GtkFramePeer extends GtkWindowPeer removeMenuBarPeer (); insets.top -= menuBarHeight; menuBarHeight = 0; - awtComponent.validate (); + // if component has already been validated, we need to revalidate. + // otherwise, it will be validated when it is shown. + if (awtComponent.isValid()) + awtComponent.validate (); gtkFixedSetVisible (true); } else if (bar != null && menuBar == null) @@ -92,7 +92,10 @@ public class GtkFramePeer extends GtkWindowPeer setMenuBarWidth (menuBar, menuBarWidth); menuBarHeight = getMenuBarHeight (); insets.top += menuBarHeight; - awtComponent.validate (); + // if component has already been validated, we need to revalidate. + // otherwise, it will be validated when it is shown. + if (awtComponent.isValid()) + awtComponent.validate (); gtkFixedSetVisible (true); } else if (bar != null && menuBar != null) diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkGenericPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkGenericPeer.java index 705eed2..468c46d 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkGenericPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkGenericPeer.java @@ -1,5 +1,5 @@ /* GtkGenericPeer.java - Has a hashcode. Yuck. - Copyright (C) 1998, 1999, 2002 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2002, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,23 +39,28 @@ exception statement from your version. */ package gnu.java.awt.peer.gtk; import java.awt.EventQueue; +import java.awt.Font; import java.awt.Toolkit; import java.awt.event.ActionEvent; public class GtkGenericPeer { + // Used by Native State Association (NSA) functions to map + // gtk_widget to peer object. final int native_state = getUniqueInteger (); // Next native state value we will assign. private static int next_native_state = 0; // The widget or other java-side object we wrap. - protected Object awtWidget; - - // Global event queue. - protected static EventQueue q = null; - - // Dispose of our native state. + protected final Object awtWidget; + + /** + * Dispose of our native state. Calls gtk_widget_destroy on the + * native widget and removes the awtWidget from the native state + * tables. Should be overridden by subclasses if this is not (all) + * that needs to be done. + */ public native void dispose (); static EventQueue q () @@ -68,12 +73,6 @@ public class GtkGenericPeer this.awtWidget = awtWidget; } - public static void enableQueue (EventQueue sq) - { - if (q == null) - q = sq; - } - protected void postActionEvent (String command, int mods) { q().postEvent (new ActionEvent (awtWidget, ActionEvent.ACTION_PERFORMED, @@ -88,8 +87,20 @@ public class GtkGenericPeer // Let's assume this will never wrap. return next_native_state++; } + + /** + * Helper method to set Font for Gtk Widget. + */ + protected void gtkWidgetModifyFont(Font f) + { + gtkWidgetModifyFont(f.getName(), f.getStyle(), f.getSize()); + } - native void gtkWidgetModifyFont (String name, int style, int size); + /** + * Sets font for this Gtk Widget. Should be overridden by peers which + * are composed of different widgets or are contained in bins. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); static void printCurrentThread () { diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java index 82a3463..b48a204 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkImage.java @@ -1,5 +1,5 @@ /* GtkImage.java - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -329,6 +329,24 @@ public class GtkImage extends Image props = new Hashtable(); } + // The singleton GtkImage that is returned on errors by GtkToolkit. + private static GtkImage errorImage; + + /** + * Returns an empty GtkImage with the errorLoading flag set. + * Called from GtkToolKit when some error occured, but an image needs + * to be returned anyway. + */ + static synchronized GtkImage getErrorImage() + { + if (errorImage == null) + { + errorImage = new GtkImage(); + errorImage.errorLoading = true; + } + return errorImage; + } + /** * Native helper function for constructor that takes a pixbuf Pointer. */ diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java index 3d099e9..bbf4230 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkLabelPeer.java @@ -1,5 +1,5 @@ /* GtkLabelPeer.java -- Implements LabelPeer with GTK - Copyright (C) 1998, 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -48,7 +48,12 @@ public class GtkLabelPeer extends GtkComponentPeer implements LabelPeer { native void create (String text, float alignment); - native void gtkWidgetModifyFont (String name, int style, int size); + + /** + * Overridden to set the Font of the label inside the gtk_event_box. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); + native void nativeSetAlignment (float alignment); public native void setText(String text); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkListPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkListPeer.java index ff12fe3..285f794 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkListPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkListPeer.java @@ -1,5 +1,5 @@ /* GtkListPeer.java -- Implements ListPeer with GTK - Copyright (C) 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -59,7 +59,12 @@ public class GtkListPeer extends GtkComponentPeer native void create (int rows); native void connectSignals (); - native void gtkWidgetModifyFont (String name, int style, int size); + + /** + * Overridden to set the Font of the text insode the gtk_scrolled_window. + */ + protected native void gtkWidgetModifyFont (String name, int style, int size); + native void gtkWidgetRequestFocus (); native void getSize (int rows, int visibleRows, int dims[]); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java index a1a1cbd..d203b43 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuBarPeer.java @@ -1,5 +1,5 @@ /* GtkMenuBarPeer.java -- Implements MenuBarPeer with GTK+ - Copyright (C) 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -48,38 +48,69 @@ import java.awt.peer.MenuPeer; public class GtkMenuBarPeer extends GtkMenuComponentPeer implements MenuBarPeer { - - native void create (); - native void addMenu (MenuPeer menu); - - public GtkMenuBarPeer (MenuBar target) + /** Whether we already have an help menu set on this peer. */ + private boolean hasHelpMenu; + + /** + * Creates the gtk+ widget for this peer and puts it in the nsa + * table. Called from the (super class) constructor. + */ + protected native void create(); + + /** + * Adds a new GtkMenuPeer to the end of the GtkMenuBarPeer. + */ + private native void addMenu(GtkMenuPeer menu); + + /** + * Creates a new GtkMenuBarPeer associated with the given MenuBar. + */ + public GtkMenuBarPeer(MenuBar menubar) { - super (target); + super(menubar); } - void setFont () - { - MenuComponent mc = (MenuComponent) awtWidget; - Font f = mc.getFont (); - - if (f == null) - mc.setFont (new Font ("Dialog", Font.PLAIN, 12)); - } - - // FIXME: remove this method or replace it with one that does - // something useful. - /* In Gnome, help menus are no longer right flushed. */ - native void nativeSetHelpMenu(MenuPeer menuPeer); - + /** + * Adds a help menu to this MenuBar. Gnome styleguides say the help + * menu is just the last item in the menubar (they are NOT right + * justified). + */ public void addHelpMenu (Menu menu) { - // nativeSetHelpMenu((MenuPeer) menu.getPeer()); + if (hasHelpMenu) + { + // Remove the (help) menu, which is after all the other items. + delMenu(((MenuBar) awtWidget).getMenuCount()); + hasHelpMenu = false; + } + + if (menu != null) + { + addMenu(menu); + hasHelpMenu = true; + } } + /** + * Deletes the menu at (zero-based) index from this GtkMenuBar. + */ public native void delMenu(int index); - public void addMenu (Menu m) + /** + * Adds the GtkMenuPeer associated with the Menu to this + * GtkMenuBarPeer. Makes sure that any help menus keep the last menu + * on the bar. + */ + public void addMenu(Menu m) { - // FIXME: implement + // Make sure the help menu is the last one. + if (hasHelpMenu) + { + addHelpMenu(null); + addMenu((GtkMenuPeer) m.getPeer()); + addHelpMenu(((MenuBar) awtWidget).getHelpMenu()); + } + else + addMenu((GtkMenuPeer) m.getPeer()); } } diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuComponentPeer.java index 4c63359..55b95a1 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuComponentPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuComponentPeer.java @@ -1,5 +1,5 @@ /* GtkMenuComponentPeer.java -- Implements MenuComponentPeer with GTK+ - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,31 +39,66 @@ exception statement from your version. */ package gnu.java.awt.peer.gtk; import java.awt.Font; +import java.awt.MenuComponent; +import java.awt.MenuContainer; import java.awt.peer.MenuComponentPeer; -public class GtkMenuComponentPeer extends GtkGenericPeer +public abstract class GtkMenuComponentPeer extends GtkGenericPeer implements MenuComponentPeer { - void create () - { - throw new RuntimeException (); - } + /** + * Creates the associated gtk+ widget and stores it in the nsa table + * for this peer. Called by the constructor. + */ + protected abstract void create (); - void setFont () + /** + * Sets font based on MenuComponent font, or containing menu(bar) + * parent font. + */ + private void setFont() { + MenuComponent mc = ((MenuComponent) awtWidget); + Font f = mc.getFont(); + + if (f == null) + { + MenuContainer parent = mc.getParent (); + // Submenus inherit the font of their containing Menu(Bar). + if (parent instanceof MenuComponent) + f = parent.getFont (); + } + + setFont(f); } - public GtkMenuComponentPeer (Object awtWidget) + /** + * Will call the abstract create() that needs to be + * overridden by subclasses, to create the MenuComponent. It will + * then correctly setup the font for the component based on the + * component and/or its containing parent component. + */ + public GtkMenuComponentPeer(MenuComponent component) { - super (awtWidget); - create (); - setFont (); + super(component); + create(); + setFont(); } + /** + * Removes the awtWidget components from the native state tables. + * Subclasses should call super.dispose() if they don't + * remove these themselves. + */ public native void dispose(); + /** + * Sets the font for this particular MenuComponent only (not any + * containing items, if any). + */ public void setFont(Font font) { - // FIXME: implement + if (font != null) + gtkWidgetModifyFont(font); } } diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java index 5728f26..251bab2 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuItemPeer.java @@ -1,5 +1,5 @@ /* GtkMenuItemPeer.java -- Implements MenuItemPeer with GTK+ - Copyright (C) 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -49,70 +49,71 @@ import java.awt.peer.MenuPeer; public class GtkMenuItemPeer extends GtkMenuComponentPeer implements MenuItemPeer { - native void create (String label); - native void connectSignals (); - native void gtkWidgetModifyFont (String name, int style, int size); - - void create () + /** + * Creates the associated gtk+ widget and stores it in the nsa table + * for this peer. Called by the create() method with the label name + * of the associated MenuItem. Needs to be overridden my subclasses + * that want to create a different gtk+ widget. + */ + protected native void create (String label); + + /** + * Called from constructor to enable signals from an item. If a + * subclass needs different (or no) signals connected this method + * should be overridden. + */ + protected native void connectSignals (); + + /** + * Overridden to set font on menu item label. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); + + /** + * Creates the associated gtk+ widget and stores it in the nsa table + * for this peer. Called by the (super class) constructor. + * Overridden to get the label if the assiociated MenuItem and to + * call create(String). + */ + protected void create() { create (((MenuItem) awtWidget).getLabel()); } - public GtkMenuItemPeer (MenuItem item) - { - super (item); - setEnabled (item.isEnabled ()); - setParent (item); - - if (item.getParent() instanceof Menu && ! (item instanceof Menu)) - connectSignals(); - } - - void setFont () + /** + * Creates a new GtkMenuItemPeer associated with the given MenuItem. + * It will call create(), setFont(), setEnabled() and + * connectSignals() in that order. + */ + public GtkMenuItemPeer(MenuItem item) { - MenuComponent mc = ((MenuComponent) awtWidget); - Font f = mc.getFont (); - - if (f == null) - { - MenuComponent parent = (MenuComponent) mc.getParent (); - Font pf = parent.getFont (); - gtkWidgetModifyFont (pf.getName (), pf.getStyle (), pf.getSize ()); - } - else - gtkWidgetModifyFont(f.getName(), f.getStyle(), f.getSize()); + super(item); + setEnabled (item.isEnabled()); + connectSignals(); } - void setParent (MenuItem item) + /** + * Calls setEnabled(false). + */ + public void disable() { - // add ourself differently, based on what type of parent we have - // yes, the typecasting here is nasty. - Object parent = item.getParent (); - if (parent instanceof MenuBar) - { - ((GtkMenuBarPeer)((MenuBar)parent).getPeer ()).addMenu ((MenuPeer) this); - } - else // parent instanceof Menu - { - ((GtkMenuPeer)((Menu)parent).getPeer ()).addItem (this, - item.getShortcut ()); - } + setEnabled(false); } - public void disable () + /** + * Calls setEnabled(true). + */ + public void enable() { - setEnabled (false); - } - - public void enable () - { - setEnabled (true); + setEnabled(true); } public native void setEnabled(boolean b); - public native void setLabel(String label); + /** + * Callback setup through connectSignals(). + */ protected void postMenuActionEvent () { postActionEvent (((MenuItem)awtWidget).getActionCommand (), 0); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuPeer.java index fabcf1f..1d581c1 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkMenuPeer.java @@ -1,5 +1,5 @@ /* GtkMenuPeer.java -- Implements MenuPeer with GTK+ - Copyright (C) 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -49,10 +49,28 @@ import java.awt.peer.MenuPeer; public class GtkMenuPeer extends GtkMenuItemPeer implements MenuPeer { - native void create (String label); - native void addItem (MenuItemPeer item, int key, boolean shiftModifier); + /** + * Creates the associated gtk+ widget and stores it in the nsa table + * for this peer. Called by the create() method with the label name + * of the associated MenuItem. Overridden to greate a Menu widget. + */ + protected native void create (String label); + + private native void addItem(MenuItemPeer item, int key, + boolean shiftModifier); + + /** XXX - Document this and the override in GtkPopupMenuPeer. */ native void setupAccelGroup (GtkGenericPeer container); - native void addTearOff (); + + private native void addTearOff (); + + /** + * Overridden to not connect any signals. + */ + protected void connectSignals() + { + // No signals to connect. + } public GtkMenuPeer (Menu menu) { @@ -63,11 +81,11 @@ public class GtkMenuPeer extends GtkMenuItemPeer MenuContainer parent = menu.getParent (); if (parent instanceof Menu) - setupAccelGroup ((GtkGenericPeer)((Menu)parent).getPeer ()); + setupAccelGroup ((GtkMenuPeer)((Menu)parent).getPeer ()); else if (parent instanceof Component) - setupAccelGroup ((GtkGenericPeer)((Component)parent).getPeer ()); + setupAccelGroup ((GtkComponentPeer)((Component)parent).getPeer ()); else - setupAccelGroup (null); + setupAccelGroup (null); // XXX, should we warn about unknown parent? } public void addItem (MenuItem item) diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java index fb5adde..88bb715 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPanelPeer.java @@ -39,8 +39,11 @@ exception statement from your version. */ package gnu.java.awt.peer.gtk; import java.awt.AWTEvent; +import java.awt.Graphics; import java.awt.Panel; +import java.awt.event.ComponentEvent; import java.awt.event.MouseEvent; +import java.awt.event.PaintEvent; import java.awt.peer.PanelPeer; public class GtkPanelPeer extends GtkContainerPeer @@ -53,17 +56,39 @@ public class GtkPanelPeer extends GtkContainerPeer super (p); } - public void handleEvent (AWTEvent event) + public void handleEvent(AWTEvent event) { int id = event.getID(); - switch (id) { case MouseEvent.MOUSE_PRESSED: - awtComponent.requestFocusInWindow (); + awtComponent.requestFocusInWindow(); break; + case PaintEvent.UPDATE: + case PaintEvent.PAINT: + { + try + { + Graphics g = getGraphics(); + if (! awtComponent.isShowing() || awtComponent.getWidth() < 1 + || awtComponent.getHeight() < 1 || g == null) + return; + + g.setClip(((PaintEvent) event).getUpdateRect()); + + // Do not want to clear anything before painting.); + awtComponent.paint(g); + + g.dispose(); + return; + } + catch (InternalError e) + { + System.err.println(e); + } + } } - super.handleEvent (event); + super.handleEvent(event); } native void connectSignals (); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java index d14c16d..525a910 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkPopupMenuPeer.java @@ -1,5 +1,5 @@ /* GtkPopupMenuPeer.java -- Implements PopupMenuPeer with GTK+ - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -55,11 +55,6 @@ public class GtkPopupMenuPeer extends GtkMenuPeer native void setupAccelGroup (GtkGenericPeer container); - void setParent (MenuItem item) - { - // we don't need to "add" ourselves to our parent - } - native void show (int x, int y, long time); public void show (Component origin, int x, int y) { diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java index aa3a26e..9b31a73 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkScrollbarPeer.java @@ -1,5 +1,5 @@ /* GtkScrollbarPeer.java -- Implements ScrollbarPeer with GTK+ - Copyright (C) 1998, 1999, 2005 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,6 +39,7 @@ exception statement from your version. */ package gnu.java.awt.peer.gtk; import java.awt.Adjustable; +import java.awt.EventQueue; import java.awt.Scrollbar; import java.awt.event.AdjustmentEvent; import java.awt.peer.ScrollbarPeer; @@ -69,12 +70,25 @@ public class GtkScrollbarPeer extends GtkComponentPeer public native void setLineIncrement(int amount); public native void setPageIncrement(int amount); - public native void setValues(int value, int visible, int min, int max); + public void setValues(int value, int visible, int min, int max) + { + Scrollbar sb = (Scrollbar) awtComponent; + if (!sb.getValueIsAdjusting()) + setBarValues(value, visible, min, max); + } + + private native void setBarValues(int value, int visible, int min, int max); + + /** + * Called from the native site when the scrollbar changed. + * Posts a "user generated" AdjustmentEvent to the queue. + */ protected void postAdjustmentEvent (int type, int value) { - q().postEvent (new AdjustmentEvent ((Adjustable)awtComponent, + Scrollbar bar = (Scrollbar) awtComponent; + q().postEvent(new AdjustmentEvent(bar, AdjustmentEvent.ADJUSTMENT_VALUE_CHANGED, - type, value)); + type, value, true)); } } diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextAreaPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextAreaPeer.java index e6896c9..5d9be1a 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextAreaPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextAreaPeer.java @@ -55,7 +55,11 @@ public class GtkTextAreaPeer extends GtkComponentPeer native void create (int width, int height, int scrollbarVisibility); - native void gtkWidgetModifyFont (String name, int style, int size); + /** + * Overridden to set Font for text widget inside scrolled window. + */ + protected native void gtkWidgetModifyFont(String name, int style, int size); + native void gtkWidgetRequestFocus (); public native void connectSignals (); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextFieldPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextFieldPeer.java index 4afdae8..7633048 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextFieldPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkTextFieldPeer.java @@ -112,8 +112,6 @@ public class GtkTextFieldPeer extends GtkComponentPeer native int gtkEntryGetBorderWidth (); - native void gtkWidgetModifyFont (String name, int style, int size); - public GtkTextFieldPeer (TextField tf) { super (tf); diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java index 0889d85..70e25a3 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkToolkit.java @@ -1,5 +1,6 @@ /* GtkToolkit.java -- Implements an AWT Toolkit using GTK for peers - Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006 + Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -159,137 +160,93 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit } /** - * A helper class to return to clients in cases where a BufferedImage is - * desired but its construction fails. + * Helper to return either a Image -- the argument -- or a + * GtkImage with the errorLoading flag set if the argument is null. */ - private class GtkErrorImage extends Image - { - public GtkErrorImage() - { - } - - public int getWidth(ImageObserver observer) - { - return -1; - } - - public int getHeight(ImageObserver observer) - { - return -1; - } - - public ImageProducer getSource() - { - - return new ImageProducer() - { - HashSet consumers = new HashSet(); - public void addConsumer(ImageConsumer ic) - { - consumers.add(ic); - } - - public boolean isConsumer(ImageConsumer ic) - { - return consumers.contains(ic); - } - - public void removeConsumer(ImageConsumer ic) - { - consumers.remove(ic); - } - - public void startProduction(ImageConsumer ic) - { - consumers.add(ic); - Iterator i = consumers.iterator(); - while(i.hasNext()) - { - ImageConsumer c = (ImageConsumer) i.next(); - c.imageComplete(ImageConsumer.IMAGEERROR); - } - } - public void requestTopDownLeftRightResend(ImageConsumer ic) - { - startProduction(ic); - } - }; - } - - public Graphics getGraphics() - { - return null; - } - - public Object getProperty(String name, ImageObserver observer) - { - return null; - } - public Image getScaledInstance(int width, int height, int flags) - { - return new GtkErrorImage(); - } - - public void flush() - { - } - } - - - /** - * Helper to return either a BufferedImage -- the argument -- or a - * GtkErrorImage if the argument is null. - */ - - private Image bufferedImageOrError(BufferedImage b) + private Image imageOrError(Image b) { if (b == null) - return new GtkErrorImage(); + return GtkImage.getErrorImage(); else return b; } - public Image createImage (String filename) { if (filename.length() == 0) return new GtkImage (); - - if (useGraphics2D()) - return bufferedImageOrError(GdkPixbufDecoder.createBufferedImage (filename)); - else - return new GtkImage (filename); + + Image image; + try + { + if (useGraphics2D()) + image = GdkPixbufDecoder.createBufferedImage(filename); + else + image = new GtkImage(filename); + } + catch (IllegalArgumentException iae) + { + image = null; + } + return imageOrError(image); } public Image createImage (URL url) { - if (useGraphics2D()) - return bufferedImageOrError(GdkPixbufDecoder.createBufferedImage (url)); - else - return new GtkImage (url); + Image image; + try + { + if (useGraphics2D()) + image = GdkPixbufDecoder.createBufferedImage(url); + else + image = new GtkImage(url); + } + catch (IllegalArgumentException iae) + { + image = null; + } + return imageOrError(image); } public Image createImage (ImageProducer producer) { - if (useGraphics2D()) - return bufferedImageOrError(GdkPixbufDecoder.createBufferedImage (producer)); - else - return new GtkImage (producer); + Image image; + try + { + if (useGraphics2D()) + image = GdkPixbufDecoder.createBufferedImage(producer); + else + image = new GtkImage(producer); + } + catch (IllegalArgumentException iae) + { + image = null; + } + return imageOrError(image); } public Image createImage (byte[] imagedata, int imageoffset, int imagelength) { - if (useGraphics2D()) - return bufferedImageOrError(GdkPixbufDecoder.createBufferedImage (imagedata, - imageoffset, - imagelength)); - else + Image image; + try + { + if (useGraphics2D()) + image = GdkPixbufDecoder.createBufferedImage(imagedata, + imageoffset, + imagelength); + else + { + byte[] datacopy = new byte[imagelength]; + System.arraycopy(imagedata, imageoffset, datacopy, 0, imagelength); + return new GtkImage(datacopy); + } + } + catch (IllegalArgumentException iae) { - byte[] datacopy = new byte[imagelength]; - System.arraycopy (imagedata, imageoffset, datacopy, 0, imagelength); - return new GtkImage (datacopy); + image = null; } + return imageOrError(image); } /** @@ -608,7 +565,6 @@ public class GtkToolkit extends gnu.java.awt.ClasspathToolkit if (q == null) { q = new EventQueue(); - GtkGenericPeer.enableQueue (q); } } return q; diff --git a/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java b/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java index 57fb87f..6cc1390 100644 --- a/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java +++ b/libjava/classpath/gnu/java/awt/peer/gtk/GtkWindowPeer.java @@ -38,9 +38,12 @@ exception statement from your version. */ package gnu.java.awt.peer.gtk; +import java.awt.AWTEvent; import java.awt.Component; import java.awt.Frame; +import java.awt.Graphics; import java.awt.Window; +import java.awt.event.PaintEvent; import java.awt.event.WindowEvent; import java.awt.peer.WindowPeer; @@ -123,7 +126,23 @@ public class GtkWindowPeer extends GtkContainerPeer native void nativeSetBounds (int x, int y, int width, int height); native void nativeSetBoundsUnlocked (int x, int y, int width, int height); + native void nativeSetLocation (int x, int y); + native void nativeSetLocationUnlocked (int x, int y); + public void setLocation (int x, int y) + { + // prevent window_configure_cb -> awtComponent.setSize -> + // peer.setBounds -> nativeSetBounds self-deadlock on GDK lock. + if (Thread.currentThread() == GtkToolkit.mainThread) + return; + nativeSetLocation (x, y); + } + + public void setLocationUnlocked (int x, int y) + { + nativeSetLocationUnlocked (x, y); + } + public void setBounds (int x, int y, int width, int height) { // prevent window_configure_cb -> awtComponent.setSize -> @@ -192,12 +211,7 @@ public class GtkWindowPeer extends GtkContainerPeer public void show () { - // Prevent the window manager from automatically placing this - // window when it is shown. - setBounds (awtComponent.getX(), - awtComponent.getY(), - awtComponent.getWidth(), - awtComponent.getHeight()); + setLocation(awtComponent.getX(), awtComponent.getY()); setVisible (true); } @@ -235,4 +249,32 @@ public class GtkWindowPeer extends GtkContainerPeer // TODO Auto-generated method stub return false; } + + public void handleEvent(AWTEvent event) + { + int id = event.getID(); + if (id == PaintEvent.UPDATE || id == PaintEvent.PAINT) + { + try + { + Graphics g = getGraphics(); + if (! awtComponent.isShowing() || awtComponent.getWidth() < 1 + || awtComponent.getHeight() < 1 || g == null) + return; + + g.setClip(((PaintEvent) event).getUpdateRect()); + + // Do not want to clear anything before painting. + awtComponent.paint(g); + + g.dispose(); + return; + } + catch (InternalError e) + { + System.err.println(e); + } + } + super.handleEvent(event); + } } diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingButtonPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingButtonPeer.java new file mode 100644 index 0000000..2357fcb --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingButtonPeer.java @@ -0,0 +1,224 @@ +/* SwingButtonPeer.java -- A Swing based peer for AWT buttons + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Button; +import java.awt.Graphics; +import java.awt.Image; +import java.awt.Point; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.awt.peer.ButtonPeer; + +import javax.swing.JButton; +import javax.swing.JComponent; + +/** + * A Swing based peer for the AWT button. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingButtonPeer + extends SwingComponentPeer + implements ButtonPeer +{ + + /** + * A specialized Swing button to be used as AWT button. + * + * @author Roman Kennke (kennke@aicas.com) + */ + class SwingButton + extends JButton + implements SwingComponent + { + /** + * Overridden so that this method returns the correct value even without a + * peer. + * + * @return the screen location of the button + */ + public Point getLocationOnScreen() + { + return SwingButtonPeer.this.getLocationOnScreen(); + } + + /** + * Overridden so that the isShowing method returns the correct value for the + * swing button, even if it has no peer on its own. + * + * @return true if the button is currently showing, + * false otherwise + */ + public boolean isShowing() + { + boolean retVal = false; + if (SwingButtonPeer.this.awtComponent != null) + retVal = SwingButtonPeer.this.awtComponent.isShowing(); + return retVal; + } + + /** + * Overridden, so that the Swing button can create an Image without its + * own peer. + * + * @param w the width of the image + * @param h the height of the image + * + * @return an image + */ + public Image createImage(int w, int h) + { + return SwingButtonPeer.this.createImage(w, h); + } + + /** + * Overridden, so that the Swing button can create a Graphics without its + * own peer. + * + * @return a graphics instance for the button + */ + public Graphics getGraphics() + { + return SwingButtonPeer.this.getGraphics(); + } + + /** + * Returns this button. + * + * @return this button + */ + public JComponent getJComponent() + { + return this; + } + + /** + * Handles mouse events by forwarding it to + * processMouseEvent() after having retargetted it to this + * button. + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseEvent(ev); + } + + /** + * Handles mouse motion events by forwarding it to + * processMouseMotionEvent() after having retargetted it to + * this button. + * + * @param ev the mouse motion event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseMotionEvent(ev); + } + + /** + * Handles key events by forwarding it to + * processKeyEvent() after having retargetted it to this + * button. + * + * @param ev the mouse event + */ + public void handleKeyEvent(KeyEvent ev) + { + ev.setSource(this); + processKeyEvent(ev); + } + } + + /** + * Listens for ActionEvents on the Swing button and triggers corresponding + * ActionEvents on the AWT button. + * + * @author Roman Kennke (kennke@aicas.com) + */ + class SwingButtonListener implements ActionListener + { + + /** + * Receives notification when an action was performend on the button. + * + * @param event the action event + */ + public void actionPerformed(ActionEvent event) + { + Button b = (Button) SwingButtonPeer.this.awtComponent; + ActionListener[] l = b.getActionListeners(); + if (l.length == 0) + return; + ActionEvent ev = new ActionEvent(b, ActionEvent.ACTION_PERFORMED, + b.getActionCommand()); + for (int i = 0; i < l.length; ++i) + l[i].actionPerformed(ev); + } + + } + + /** + * Constructs a new SwingButtonPeer. + * + * @param theButton the AWT button for this peer + */ + public SwingButtonPeer(Button theButton) + { + SwingButton button = new SwingButton(); + button.setText(theButton.getLabel()); + button.addActionListener(new SwingButtonListener()); + init(theButton, button); + } + + /** + * Sets the label of the button. This call is forwarded to the setText method + * of the managed Swing button. + * + * @param label the label to set + */ + public void setLabel(String label) + { + ((SwingButton) swingComponent).setText(label); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingCanvasPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingCanvasPeer.java new file mode 100644 index 0000000..abef9ef --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingCanvasPeer.java @@ -0,0 +1,64 @@ +/* SwingCanvasPeer.java -- A canvas peer based on Swing + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.awt.peer.swing; + +import java.awt.Canvas; +import java.awt.peer.CanvasPeer; +import java.awt.peer.LightweightPeer; + +/** + * A CanvasPeer to be used together with the Swing peers. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingCanvasPeer + extends SwingComponentPeer + implements LightweightPeer, CanvasPeer +{ + + /** + * Creates a new SwingCanvasPeer for the specified Canvas. + * + * @param canvas the canvas. + */ + public SwingCanvasPeer(Canvas canvas) + { + init(canvas, null); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingComponent.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponent.java new file mode 100644 index 0000000..04ca729 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponent.java @@ -0,0 +1,89 @@ +/* SwingComponent.java -- An interface that defines a Swing component for peers + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; + +import javax.swing.JComponent; + +/** + * Defines some additional methods that the Swing components must implement + * in order to work with the Swing peers. This is usually achieved by + * subclassing a Swing component and forwarding the method calls to some + * protected JComponent method. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public interface SwingComponent +{ + + /** + * Returns the actual swing compenent. + * + * @return the actual swing compenent + */ + JComponent getJComponent(); + + /** + * Handles a mouse event. This is usually forwarded to + * {@link Component#processMouseMotionEvent(MouseEvent)} of the swing + * component. + * + * @param ev the mouse event + */ + void handleMouseEvent(MouseEvent ev); + + /** + * Handles a mouse motion event. This is usually forwarded to + * {@link Component#processMouseEvent(MouseEvent)} of the swing + * component. + * + * @param ev the mouse motion event + */ + void handleMouseMotionEvent(MouseEvent ev); + + /** + * Handles a key event. This is usually forwarded to + * {@link Component#processKeyEvent(KeyEvent)} of the swing + * component. + * + * @param ev the key event + */ + void handleKeyEvent(KeyEvent ev); +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java new file mode 100644 index 0000000..5e34bc9 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingComponentPeer.java @@ -0,0 +1,994 @@ +/* SwingComponentPeer.java -- An abstract base class for Swing based peers + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.AWTEvent; +import java.awt.AWTException; +import java.awt.BufferCapabilities; +import java.awt.Color; +import java.awt.Component; +import java.awt.Cursor; +import java.awt.Dimension; +import java.awt.Font; +import java.awt.FontMetrics; +import java.awt.Graphics; +import java.awt.GraphicsConfiguration; +import java.awt.Image; +import java.awt.Point; +import java.awt.Rectangle; +import java.awt.Toolkit; +import java.awt.BufferCapabilities.FlipContents; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.awt.event.PaintEvent; +import java.awt.image.ColorModel; +import java.awt.image.ImageObserver; +import java.awt.image.ImageProducer; +import java.awt.image.VolatileImage; +import java.awt.peer.ComponentPeer; +import java.awt.peer.ContainerPeer; + +/** + * The base class for Swing based component peers. This provides the basic + * functionality needed for Swing based component peers. Many methods are + * implemented to forward to the Swing component. Others however forward + * to the component's parent and expect the toplevel component peer to provide + * a real implementation of it. These are for example the key methods + * {@link #getGraphics()} and {@link #createImage(int, int)}, as well as + * {@link #getLocationOnScreen()}. + * + * This class also provides the necesary hooks into the Swing painting and + * event handling system. In order to achieve this, it traps paint, mouse and + * key events in {@link #handleEvent(AWTEvent)} and calls some special methods + * ({@link #peerPaint(Graphics)}, {@link #handleKeyEvent(KeyEvent)}, + * {@link #handleMouseEvent(MouseEvent)} and + * {@link #handleMouseMotionEvent(MouseEvent)}) that call the corresponding + * Swing methods. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingComponentPeer + implements ComponentPeer +{ + + /** + * The AWT component for this peer. + */ + protected Component awtComponent; + + /** + * The Swing component for this peer. + */ + protected SwingComponent swingComponent; + + /** + * Creates a SwingComponentPeer instance. Subclasses are expected to call + * this constructor and thereafter call {@link #init(Component, JComponent)} + * in order to setup the AWT and Swing components properly. + */ + protected SwingComponentPeer() + { + // Nothing to do here. + } + + /** + * Initializes the AWT and Swing component for this peer. It is expected that + * subclasses call this from within their constructor. + * + * @param awtComp the AWT component for this peer + * @param swingComp the Swing component for this peer + */ + protected void init(Component awtComp, SwingComponent swingComp) + { + awtComponent = awtComp; + swingComponent = swingComp; + } + + /** + * Returns the construction status of the specified image. This is called + * by {@link Component#checkImage(Image, int, int, ImageObserver)}. + * + * @param img the image + * @param width the width of the image + * @param height the height of the image + * @param ob the image observer to be notified of updates of the status + * + * @return a bitwise ORed set of ImageObserver flags + */ + public int checkImage(Image img, int width, int height, ImageObserver ob) + { + return Toolkit.getDefaultToolkit().checkImage(img, width, height, ob); + } + + /** + * Creates an image by starting the specified image producer. This is called + * by {@link Component#createImage(ImageProducer)}. + * + * @param prod the image producer to be used to create the image + * + * @return the created image + */ + public Image createImage(ImageProducer prod) + { + Image image = Toolkit.getDefaultToolkit().createImage(prod); + return image; + } + + /** + * Creates an empty image with the specified width and + * height. + * + * This is implemented to let the parent component create the image. This + * eventually goes up to the top-level component peer, which is then expected + * to deliver the image. + * + * @param width the width of the image to be created + * @param height the height of the image to be created + * + * @return the created image + */ + public Image createImage(int width, int height) + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.createImage(width, height); + } + + /** + * Disables the component. This is called by {@link Component#disable()}. + */ + public void disable() + { + if (swingComponent != null) + swingComponent.getJComponent().setEnabled(false); + } + + /** + * Disposes the component peer. This should release all resources held by the + * peer. This is called when the component is no longer in use. + */ + public void dispose() + { + awtComponent = null; + swingComponent = null; + } + + /** + * Enables the component. This is called by {@link Component#enable()}. + */ + public void enable() + { + if (swingComponent != null) + swingComponent.getJComponent().setEnabled(true); + } + + /** + * Returns the color model of the component. This is currently not used. + * + * @return the color model of the component + */ + public ColorModel getColorModel() + { + // FIXME: When this peer method will be used, we need to provide an + // implementation of this, probably forwarding to the toplevel peer, like + // in the other methods. + return null; + } + + /** + * Returns the font metrics for the specified font. This is called by + * {@link Component#getFontMetrics(Font)}. + * + * This is implemented to query the font metrics from the parent component. + * This will eventually call the top-level component peer, which is then + * expected to deliver a font metrics object. + * + * @param f the font for which to query the font metrics + * + * @return the font metrics for the specified font + */ + public FontMetrics getFontMetrics(Font f) + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.getFontMetrics(f); + } + + /** + * Returns a {@link Graphics} object suitable for drawing on this component. + * This is called by {@link Component#getGraphics()}. + * + * This is implemented to query the graphics from the parent component and + * adjust the clip and translation to match this component. + * This will eventually call the top-level component peer, which is then + * expected to deliver a graphics object. + * + * @return a graphics object suitable for drawing on this component + */ + public Graphics getGraphics() + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + Graphics g = parentPeer.getGraphics(); + g.translate(awtComponent.getX(), awtComponent.getY()); + g.setClip(0, 0, awtComponent.getWidth(), awtComponent.getHeight()); + return g; + } + + /** + * Returns the location of this component in screen coordinates. This is + * called by {@link Component#getLocationOnScreen()}. + * + * This is implemented to query the parent component peer for its screen + * location and adds the offset of this component to it. This will eventually + * call the top-level component's peer, which is then expected to provide + * it's screen location. + * + * @return the location of this component in screen coordinates + */ + public Point getLocationOnScreen() + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + Point location = parentPeer.getLocationOnScreen(); + location.x += awtComponent.getX(); + location.y += awtComponent.getY(); + return location; + } + + /** + * Returns the minimum size for the component. This is called by + * {@link Component#getMinimumSize()}. + * + * This is implemented to return the Swing component's minimum size. + * + * @return the minimum size for the component + */ + public Dimension getMinimumSize() + { + Dimension retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getMinimumSize(); + else + retVal = new Dimension(0, 0); + return retVal; + } + + /** + * Returns the preferred size for the component. This is called by + * {@link Component#getPreferredSize()}. + * + * This is implemented to return the Swing component's preferred size. + * + * @return the preferred size for the component + */ + public Dimension getPreferredSize() + { + Dimension retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getPreferredSize(); + else + retVal = new Dimension(0, 0); + return retVal; + } + + /** + * Returns the toolkit that created this peer. + * + * @return the toolkit that created this peer + */ + public Toolkit getToolkit() + { + return Toolkit.getDefaultToolkit(); + } + + /** + * Handles the given event. This is called from + * {@link Component#dispatchEvent(AWTEvent)} to give the peer a chance to + * react to events for the component. + * + * @param e the event + */ + public void handleEvent(AWTEvent e) + { + switch (e.getID()) + { + case PaintEvent.UPDATE: + case PaintEvent.PAINT: + Graphics g = getGraphics(); + Rectangle clip = ((PaintEvent)e).getUpdateRect(); + g.clipRect(clip.x, clip.y, clip.width, clip.height); + //if (this instanceof LightweightPeer) + // { + if (e.getID() == PaintEvent.UPDATE) + awtComponent.update(g); + else + awtComponent.paint(g); + // } + // We paint the 'heavyweights' at last, so that they appear on top of + // everything else. + peerPaint(g); + + g.dispose(); + break; + case MouseEvent.MOUSE_PRESSED: + case MouseEvent.MOUSE_RELEASED: + case MouseEvent.MOUSE_CLICKED: + case MouseEvent.MOUSE_ENTERED: + case MouseEvent.MOUSE_EXITED: + handleMouseEvent((MouseEvent) e); + break; + case MouseEvent.MOUSE_MOVED: + case MouseEvent.MOUSE_DRAGGED: + handleMouseMotionEvent((MouseEvent) e); + break; + case KeyEvent.KEY_PRESSED: + case KeyEvent.KEY_RELEASED: + case KeyEvent.KEY_TYPED: + handleKeyEvent((KeyEvent) e); + break; + default: + // Other event types are not handled here. + break; + } + } + + /** + * Makes the component invisible. This is called from + * {@link Component#hide()}. + * + * This is implemented to call setVisible(false) on the Swing component. + */ + public void hide() + { + if (swingComponent != null) + swingComponent.getJComponent().setVisible(false); + } + + /** + * Returns true if the component can receive keyboard input + * focus. This is called from {@link Component#isFocusTraversable()}. + * + * This is implemented to return isFocusable() from the Swing component. + * + * @specnote Part of the earlier 1.1 API, replaced by isFocusable(). + */ + public boolean isFocusTraversable() + { + return swingComponent != null ? + swingComponent.getJComponent().isFocusable() : false; + } + + /** + * Returns true if the component can receive keyboard input + * focus. This is called from {@link Component#isFocusable()}. + * + * This is implemented to return isFocusable() from the Swing component. + */ + public boolean isFocusable() + { + return swingComponent != null ? + swingComponent.getJComponent().isFocusable() : false; + } + + /** + * Returns the minimum size for the component. This is called by + * {@link Component#minimumSize()}. + * + * This is implemented to return the Swing component's minimum size. + * + * @return the minimum size for the component + */ + public Dimension minimumSize() + { + Dimension retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getMinimumSize(); + else + retVal = new Dimension(0, 0); + return retVal; + } + + /** + * Returns the preferred size for the component. This is called by + * {@link Component#getPreferredSize()}. + * + * This is implemented to return the Swing component's preferred size. + * + * @return the preferred size for the component + */ + public Dimension preferredSize() + { + Dimension retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getPreferredSize(); + else + retVal = new Dimension(0, 0); + return retVal; + } + + /** + * Prepares an image for rendering on this component. This is called by + * {@link Component#prepareImage(Image, int, int, ImageObserver)}. + * + * @param img the image to prepare + * @param width the desired width of the rendered image + * @param height the desired height of the rendered image + * @param ob the image observer to be notified of updates in the preparation + * process + * + * @return true if the image has been fully prepared, + * false otherwise (in which case the image observer + * receives updates) + */ + public void paint(Graphics graphics) + { + // FIXME: I don't know what this method is supposed to do. + } + + /** + * Prepares an image for rendering on this component. This is called by + * {@link Component#prepareImage(Image, int, int, ImageObserver)}. + * + * @param img the image to prepare + * @param width the desired width of the rendered image + * @param height the desired height of the rendered image + * @param ob the image observer to be notified of updates in the preparation + * process + * + * @return true if the image has been fully prepared, + * false otherwise (in which case the image observer + * receives updates) + */ + public boolean prepareImage(Image img, int width, int height, ImageObserver ob) + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.prepareImage(img, width, height, ob); + } + + public void print(Graphics graphics) + { + // FIXME: I don't know what this method is supposed to do. + } + + /** + * Repaints the specified rectangle of this component. This is called from + * {@link Component#repaint(long, int, int, int, int)}. + * + * This is implemented to call repaint() on the Swing component. + * + * @param tm number of milliseconds to wait with repainting + * @param x the X coordinate of the upper left corner of the damaged rectangle + * @param y the Y coordinate of the upper left corner of the damaged rectangle + * @param width the width of the damaged rectangle + * @param height the height of the damaged rectangle + */ + public void repaint(long tm, int x, int y, int width, int height) + { + if (swingComponent != null) + swingComponent.getJComponent().repaint(tm, x, y, width, height); + else + { + PaintEvent ev = new PaintEvent(awtComponent, PaintEvent.UPDATE, + new Rectangle(x, y, width, height)); + Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(ev); + } + } + + /** + * Requests that this component receives the focus. This is called from + * {@link Component#requestFocus()}. + * + * This calls requestFocus() on the Swing component. + * + * @specnote Part of the earlier 1.1 API, apparently replaced by argument + * form of the same method. + */ + public void requestFocus() + { + if (swingComponent != null) + swingComponent.getJComponent().requestFocus(); + } + + /** + * Requests that this component receives the focus. This is called from + * {@link Component#requestFocus()}. + * + * This calls requestFocus() on the Swing component. + * + * @param source TODO + * @param bool1 TODO + * @param bool2 TODO + * @param x TODO + * + * @return TODO + */ + public boolean requestFocus(Component source, boolean bool1, boolean bool2, long x) + { + if (swingComponent != null) + swingComponent.getJComponent().requestFocus(); + return swingComponent != null; + } + + /** + * Notifies the peer that the bounds of this component have changed. This + * is called by {@link Component#reshape(int, int, int, int)}. + * + * This is implemented to call setBounds() on the Swing component. + * + * @param x the X coordinate of the upper left corner of the component + * @param y the Y coordinate of the upper left corner of the component + * @param width the width of the component + * @param height the height of the component + */ + public void reshape(int x, int y, int width, int height) + { + if (swingComponent != null) + swingComponent.getJComponent().setBounds(x, y, width, height); + } + + /** + * Sets the background color of the component. This is called by + * {@link Component#setBackground(Color)}. + * + * This is implemented to call setBackground() on the Swing component. + * + * @param color the background color to set + */ + public void setBackground(Color color) + { + if (swingComponent != null) + swingComponent.getJComponent().setBackground(color); + } + + /** + * Notifies the peer that the bounds of this component have changed. This + * is called by {@link Component#setBounds(int, int, int, int)}. + * + * This is implemented to call setBounds() on the Swing component. + * + * @param x the X coordinate of the upper left corner of the component + * @param y the Y coordinate of the upper left corner of the component + * @param width the width of the component + * @param height the height of the component + */ + public void setBounds(int x, int y, int width, int height) + { + if (swingComponent != null) + swingComponent.getJComponent().setBounds(x, y, width, height); + } + + /** + * Sets the cursor of the component. This is called by + * {@link Component#setCursor(Cursor)}. + * + * This is implemented to call setCursor() on the Swing component. + * + * @specnote Part of the earlier 1.1 API, apparently no longer needed. + */ + public void setCursor(Cursor cursor) + { + if (swingComponent != null) + swingComponent.getJComponent().setCursor(cursor); + } + + /** + * Sets the enabled/disabled state of this component. This is called by + * {@link Component#setEnabled(boolean)}. + * + * This is implemented to call setEnabled() on the Swing component. + * + * @param enabled true to enable the component, + * false to disable it + */ + public void setEnabled(boolean enabled) + { + if (swingComponent != null) + swingComponent.getJComponent().setEnabled(enabled); + } + + /** + * Sets the font of the component. This is called by + * {@link Component#setFont(Font)}. + * + * This is implemented to call setFont() on the Swing component. + * + * @param font the font to set + */ + public void setFont(Font font) + { + if (swingComponent != null) + swingComponent.getJComponent().setFont(font); + } + + /** + * Sets the foreground color of the component. This is called by + * {@link Component#setForeground(Color)}. + * + * This is implemented to call setForeground() on the Swing component. + * + * @param color the foreground color to set + */ + public void setForeground(Color color) + { + if (swingComponent != null) + swingComponent.getJComponent().setForeground(color); + } + + /** + * Sets the visibility state of the component. This is called by + * {@link Component#setVisible(boolean)}. + * + * This is implemented to call setVisible() on the Swing component. + * + * @param visible true to make the component visible, + * false to make it invisible + */ + public void setVisible(boolean visible) + { + if (swingComponent != null) + swingComponent.getJComponent().setVisible(visible); + } + + /** + * Makes the component visible. This is called by {@link Component#show()}. + * + * This is implemented to call setVisible(true) on the Swing component. + */ + public void show() + { + if (swingComponent != null) + swingComponent.getJComponent().setVisible(true); + } + + /** + * Get the graphics configuration of the component. The color model + * of the component can be derived from the configuration. + * + * This is implemented to return the GraphicsConfiguration of the parent + * component. This will eventually call the toplevel component peer, which + * is expected to provide a real implementation. + * + * @return the graphics configuration of the component + */ + public GraphicsConfiguration getGraphicsConfiguration() + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.getGraphicsConfiguration(); + } + + /** + * Part of an older API, no longer needed. + */ + public void setEventMask(long mask) + { + // Nothing to do here. + } + + /** + * Returns true if this component has been obscured, + * false otherwise. This will only work if + * {@link #canDetermineObscurity()} also returns true. + * + * This is not yet implemented. + * + * @return true if this component has been obscured, + * false otherwise. + */ + public boolean isObscured() + { + return false; + } + + /** + * Returns true if this component peer can determine if the + * component has been obscured, false otherwise. + * + * This is not yet implemented. + * + * @return true if this component peer can determine if the + * component has been obscured, false otherwise + */ + public boolean canDetermineObscurity() + { + return false; + } + + /** + * Coalesces the specified paint event. + * + * @param e the paint event + */ + public void coalescePaintEvent(PaintEvent e) + { + // Nothing to do here yet. + } + + /** + * Updates the cursor. This is not yet implemented. + */ + public void updateCursorImmediately() + { + // Nothing to do here yet. + } + + /** + * Returns true, if this component can handle wheel scrolling, + * false otherwise. + * + * This is not yet implemented and returns false. + * + * @return true, if this component can handle wheel scrolling, + * false otherwise + */ + public boolean handlesWheelScrolling() + { + return false; + } + + /** + * A convenience method that creates a volatile image. The volatile + * image is created on the screen device on which this component is + * displayed, in the device's current graphics configuration. + * + * This is implemented to let the parent component peer create an image. + * This eventually ends up in the toplevel component peer, which is then + * responsible for creating the real image. + * + * @param width width of the image + * @param height height of the image + * + * @see VolatileImage + * + * @since 1.2 + */ + public VolatileImage createVolatileImage(int width, int height) + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.createVolatileImage(width, height); + } + + /** + * Create a number of image buffers that implement a buffering + * strategy according to the given capabilities. + * + * This is implemented to forward to the parent component peer. Eventually + * this ends up in the top level component peer, which is then responsible + * for doing the real work. + * + * @param numBuffers the number of buffers + * @param caps the buffering capabilities + * + * @throws AWTException if the specified buffering strategy is not + * implemented + * + * @since 1.2 + */ + public void createBuffers(int numBuffers, BufferCapabilities caps) throws AWTException + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + parentPeer.createBuffers(numBuffers, caps); + } + + /** + * Return the back buffer of this component. + * + * This is implemented to forward to the parent. Eventually this ends + * up in the toplevel component, which is then responsible for providing + * a back buffer. + * + * @return the back buffer of this component. + * + * @since 1.2 + */ + public Image getBackBuffer() + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + return parentPeer.getBackBuffer(); + } + + /** + * Perform a page flip, leaving the contents of the back buffer in + * the specified state. + * + * This is implemented to forward to the parent. Eventually this ends + * up in the toplevel component, which is then responsible for doing the real + * work. + * + * @param contents the state in which to leave the back buffer + * + * @since 1.2 + */ + public void flip(FlipContents contents) + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + parentPeer.flip(contents); + } + + /** + * Destroy the resources created by createBuffers. + * + * This is implemented to forward to the parent component peer. Eventually + * this ends up in the top level component peer, which is then responsible + * for doing the real work. + * + * @since 1.2 + */ + public void destroyBuffers() + { + Component parent = awtComponent.getParent(); + ComponentPeer parentPeer = parent.getPeer(); + parentPeer.destroyBuffers(); + } + + /** + * Get the bounds of this component peer. + * + * This is implemented to forward to the Swing component. + * + * @return component peer bounds + * @since 1.5 + */ + public Rectangle getBounds() + { + Rectangle retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getBounds(); + else + retVal = new Rectangle(); + return retVal; + } + + /** + * Reparent this component under another container. + * + * @param parent + * @since 1.5 + */ + public void reparent(ContainerPeer parent) + { + // Nothing to do here. + } + + /** + * Set the bounds of this component peer. + * + * This is implemented to forward to the swing component. + * + * @param x the new x co-ordinate + * @param y the new y co-ordinate + * @param width the new width + * @param height the new height + * @param z the new stacking level + * @since 1.5 + */ + public void setBounds(int x, int y, int width, int height, int z) + { + if (swingComponent != null) + swingComponent.getJComponent().setBounds(x, y, width, height); + // FIXME: Somehow handle the Z order. + } + + /** + * Check if this component supports being reparented. + * + * @return true if this component can be reparented, + * false otherwise. + * @since 1.5 + */ + public boolean isReparentSupported() + { + return true; + } + + + /** + * Layout this component peer. + * + * @since 1.5 + */ + public void layout() + { + if (swingComponent != null) + swingComponent.getJComponent().doLayout(); + } + + /** + * Triggers 'heavyweight' painting of the components. This usually calls + * paint() on the Swing component. + * + * @param g the graphics context to use for painting + */ + protected void peerPaint(Graphics g) + { + if (swingComponent != null) + swingComponent.getJComponent().paint(g); + } + + /** + * Handles mouse events on the component. This is usually forwarded to the + * SwingComponent's processMouseEvent() method. + * + * @param e the mouse event + */ + protected void handleMouseEvent(MouseEvent e) + { + if (swingComponent != null) + swingComponent.handleMouseEvent(e); + } + + /** + * Handles mouse motion events on the component. This is usually forwarded + * to the SwingComponent's processMouseMotionEvent() method. + * + * @param e the mouse motion event + */ + protected void handleMouseMotionEvent(MouseEvent e) + { + if (swingComponent != null) + swingComponent.handleMouseMotionEvent(e); + } + + /** + * Handles key events on the component. This is usually forwarded to the + * SwingComponent's processKeyEvent() method. + * + * @param e the key event + */ + protected void handleKeyEvent(KeyEvent e) + { + if (swingComponent != null) + swingComponent.handleKeyEvent(e); + } + + /** + * Returns the AWT component for this peer. + * + * @return the AWT component for this peer + */ + public Component getComponent() + { + return awtComponent; + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingContainerPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingContainerPeer.java new file mode 100644 index 0000000..37bea75 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingContainerPeer.java @@ -0,0 +1,241 @@ +/* SwingContainerPeer.java -- A Swing based peer for AWT containers + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Component; +import java.awt.Container; +import java.awt.Graphics; +import java.awt.Insets; +import java.awt.Shape; +import java.awt.event.MouseEvent; +import java.awt.peer.ComponentPeer; +import java.awt.peer.ContainerPeer; + +/** + * A peer for Container to be used with the Swing based AWT peers. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingContainerPeer + extends SwingComponentPeer + implements ContainerPeer +{ + + /** + * Creates a new SwingContainerPeer. + * + * @param awtCont + */ + public SwingContainerPeer(Container awtCont) + { + init(awtCont, null); + } + + /** + * Returns the insets of the container. + * + * This is implemented to return the insets of the Swing container. + * + * @return the insets of the container + */ + public Insets insets() + { + Insets retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getInsets(); + else + retVal = new Insets(0, 0, 0, 0); + return retVal; + } + + /** + * Returns the insets of the container. + * + * This is implemented to return the insets of the Swing container. + * + * @return the insets of the container + */ + public Insets getInsets() + { + Insets retVal; + if (swingComponent != null) + retVal = swingComponent.getJComponent().getInsets(); + else + retVal = new Insets(0, 0, 0, 0); + return retVal; + } + + /** + * Called before the validation of this containers begins. + */ + public void beginValidate() + { + // Nothing to do here. + } + + /** + * Called after the validation of this containers ended. + */ + public void endValidate() + { + // Nothing to do here. + } + + /** + * Called before the layout of this containers begins. + */ + public void beginLayout() + { + // Nothing to do here. + } + + /** + * Called after the layout of this containers ended. + */ + public void endLayout() + { + // Nothing to do here. + } + + /** + * Returns false unconditionally. This method is not used at + * the moment. + * + * @return false + */ + public boolean isPaintPending() + { + return false; + } + + /** + * Returns false unconditionally. This method is not used at + * the moment. + * + * @return false + */ + public boolean isRestackSupported() + { + return false; + } + + /** + * This method is not used at the moment. + */ + public void cancelPendingPaint(int x, int y, int width, int height) + { + // Nothing to do here. + } + + /** + * This method is not used at the moment. + */ + public void restack() + { + // Nothing to do here. + } + + /** + * Triggers painting of a component. This calls peerPaint on all the child + * components of this container. + * + * @param g the graphics context to paint to + */ + protected void peerPaint(Graphics g) + { + Container c = (Container) awtComponent; + Component[] children = c.getComponents(); + for (int i = children.length - 1; i >= 0; --i) + { + Component child = children[i]; + ComponentPeer peer = child.getPeer(); + boolean translated = false; + boolean clipped = false; + Shape oldClip = g.getClip(); + try + { + g.translate(child.getX(), child.getY()); + translated = true; + g.setClip(0, 0, child.getWidth(), child.getHeight()); + clipped = true; + if (peer instanceof SwingComponentPeer) + ((SwingComponentPeer) peer).peerPaint(g); + } + finally + { + if (translated) + g.translate(- child.getX(), - child.getY()); + if (clipped) + g.setClip(oldClip); + } + } + } + + /** + * Handles mouse events by dispatching it to the correct component. + * + * @param ev the mouse event + */ + protected void handleMouseEvent(MouseEvent ev) + { + Component comp = awtComponent.getComponentAt(ev.getPoint()); + ComponentPeer peer = comp.getPeer(); + if (awtComponent != comp && !comp.isLightweight() && peer instanceof SwingComponentPeer) + { + ev.translatePoint(comp.getX(), comp.getY()); + ev.setSource(comp); + ((SwingComponentPeer) peer).handleMouseEvent(ev); + } + } + + /** + * Handles mouse events by dispatching it to the correct component. + * + * @param ev the mouse event + */ + protected void handleMouseMotionEvent(MouseEvent ev) + { + Component comp = awtComponent.getComponentAt(ev.getPoint()); + ComponentPeer peer = comp.getPeer(); + if (awtComponent != comp && !comp.isLightweight() && peer instanceof SwingComponentPeer) + { + ev.translatePoint(comp.getX(), comp.getY()); + ((SwingComponentPeer) peer).handleMouseMotionEvent(ev); + } + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingFramePeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingFramePeer.java new file mode 100644 index 0000000..fea1b50 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingFramePeer.java @@ -0,0 +1,196 @@ +/* SwingFramePeer.java -- An abstract Swing based peer for AWT frames + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Frame; +import java.awt.Graphics; +import java.awt.Insets; +import java.awt.MenuBar; +import java.awt.Point; +import java.awt.event.MouseEvent; +import java.awt.peer.FramePeer; + +/** + * An abstract base class for FramePeer implementations based on Swing. + * This class provides the ability to display and handle AWT MenuBars that + * are based on Swing. + * + * As a minimum, a subclass must implement all the remaining abstract methods + * as well as the following methods: + * + * + * @author Roman Kennke (kennke@aicas.com) + */ +public abstract class SwingFramePeer + extends SwingWindowPeer + implements FramePeer +{ + /** + * The menu bar to display. + */ + SwingMenuBarPeer menuBar = null; + + /** + * Creates a new SwingFramePeer. + * + * @param frame the frame + */ + public SwingFramePeer(Frame frame) + { + super(frame); + } + + /** + * Sets the menu bar to display in this frame. + * + * @param mb the menu bar to set + */ + public void setMenuBar(MenuBar mb) + { + menuBar = (SwingMenuBarPeer) mb.getPeer(); + menuBar.setFramePeer(this); + menuBar.setWidth(awtComponent.getWidth()); + } + + /** + * Triggers 'heavyweight' painting of the frame. This will paint a menu bar + * if present as well as the child components of this frame. + * + * @param g the graphics context to use for painting + */ + protected void peerPaint(Graphics g) + { + super.peerPaint(g); + if (menuBar != null) + menuBar.peerPaint(g); + } + + /** + * Sets the size and location of this frame. This resizes the menubar to fit + * within the frame. + * + * @param x the X coordinate of the screen location + * @param y the Y coordinate of the screen location + * @param w the width of the frame + * @param h the height of the frame + */ + public void setBounds(int x, int y, int w, int h) + { + super.setBounds(x, y, w, h); + if (menuBar != null) + menuBar.setWidth(w); + } + + /** + * Calculates the insets of this frame peer. This fetches the insets + * from the superclass and adds the insets of the menubar if one is present. + * + * @return the insets of the frame + */ + public Insets getInsets() + { + Insets insets = super.getInsets(); + if (menuBar != null) + insets.top += menuBar.getHeight(); + return insets; + } + + /** + * Returns the location of the menu on the screen. This is needed internally + * by the {@link SwingMenuBarPeer} in order to determine its screen location. + * + * @return the location of the menu on the screen + */ + public Point getMenuLocationOnScreen() + { + Insets i = super.getInsets(); + return new Point(i.top, i.left); + } + + /** + * Overridden to provide the ability to handle menus. + * + * @param ev the mouse event + */ + protected void handleMouseEvent(MouseEvent ev) + { + Point p = ev.getPoint(); + Insets i = super.getInsets(); + if (menuBar != null) + { + int menuHeight = menuBar.getHeight(); + if (p.y >= i.top && p.y <= i.top + menuHeight) + menuBar.handleMouseEvent(ev); + else + { + ev.translatePoint(0, -menuHeight); + super.handleMouseMotionEvent(ev); + } + } + + super.handleMouseEvent(ev); + } + + /** + * Overridden to provide the ability to handle menus. + * + * @param ev the mouse event + */ + protected void handleMouseMotionEvent(MouseEvent ev) + { + Point p = ev.getPoint(); + Insets i = super.getInsets(); + if (menuBar != null) + { + int menuHeight = menuBar.getHeight(); + if (p.y >= i.top && p.y <= i.top + menuHeight) + menuBar.handleMouseMotionEvent(ev); + else + { + ev.translatePoint(0, -menuHeight); + super.handleMouseMotionEvent(ev); + } + } + + super.handleMouseMotionEvent(ev); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingLabelPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingLabelPeer.java new file mode 100644 index 0000000..dd86fff --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingLabelPeer.java @@ -0,0 +1,196 @@ +/* SwingLabelPeer.java -- A Swing based peer for AWT labels + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Image; +import java.awt.Label; +import java.awt.Point; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.awt.peer.LabelPeer; + +import javax.swing.JComponent; +import javax.swing.JLabel; + + +/** + * A Label peer based on {@link JLabel}. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingLabelPeer + extends SwingComponentPeer + implements LabelPeer +{ + + /** + * A spezialized Swing label used to paint the label for the AWT Label. + * + * @author Roman Kennke (kennke@aicas.com) + */ + private class SwingLabel + extends JLabel + implements SwingComponent + { + + /** + * Returns this label. + * + * @return this + */ + public JComponent getJComponent() + { + return this; + } + + /** + * Handles mouse events by forwarding it to + * processMouseEvent(). + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + processMouseEvent(ev); + } + + /** + * Handles mouse motion events by forwarding it to + * processMouseMotionEvent(). + * + * @param ev the mouse motion event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + processMouseMotionEvent(ev); + } + + /** + * Handles key events by forwarding it to processKeyEvent(). + * + * @param ev the mouse event + */ + public void handleKeyEvent(KeyEvent ev) + { + processKeyEvent(ev); + } + + /** + * Overridden so that this method returns the correct value even without a + * peer. + * + * @return the screen location of the button + */ + public Point getLocationOnScreen() + { + return SwingLabelPeer.this.getLocationOnScreen(); + } + + /** + * Overridden so that the isShowing method returns the correct value for the + * swing button, even if it has no peer on its own. + * + * @return true if the button is currently showing, + * false otherwise + */ + public boolean isShowing() + { + boolean retVal = false; + if (SwingLabelPeer.this.awtComponent != null) + retVal = SwingLabelPeer.this.awtComponent.isShowing(); + return retVal; + } + + /** + * Overridden, so that the Swing button can create an Image without its + * own peer. + * + * @param w the width of the image + * @param h the height of the image + * + * @return an image + */ + public Image createImage(int w, int h) + { + return SwingLabelPeer.this.createImage(w, h); + } + + } + + /** + * Creates a new SwingLabelPeer for the specified AWT label. + * + * @param label the AWT label + */ + public SwingLabelPeer(Label label) + { + super(); + SwingLabel swingLabel = new SwingLabel(); + swingLabel.setText(label.getText()); + swingLabel.setHorizontalAlignment(label.getAlignment()); + swingLabel.setOpaque(true); + init(label, swingLabel); + } + + /** + * Sets the text of the label. This is implemented to set the text on the + * Swing label. + * + * @param text the text to be set + */ + public void setText(String text) + { + ((JLabel) swingComponent.getJComponent()).setText(text); + } + + /** + * Sets the horizontal alignment of the label. This is implemented to + * set the alignment on the Swing label. + * + * @param alignment the horizontal alignment + * + * @see Label#LEFT + * @see Label#RIGHT + * @see Label#CENTER + */ + public void setAlignment(int alignment) + { + ((JLabel) swingComponent.getJComponent()).setHorizontalAlignment(alignment); + } + +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuBarPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuBarPeer.java new file mode 100644 index 0000000..bd9dcd7 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuBarPeer.java @@ -0,0 +1,295 @@ +/* SwingMenuBarPeer.java -- A Swing based peer for AWT menu bars + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Container; +import java.awt.Font; +import java.awt.Graphics; +import java.awt.Menu; +import java.awt.MenuBar; +import java.awt.Point; +import java.awt.event.MouseEvent; +import java.awt.peer.MenuBarPeer; + +import javax.swing.JMenuBar; + +/** + * A Swing based peer for the AWT menu bar. This is a little bit different from + * the other peers, since the AWT MenuBar is not derived from the AWT + * component. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingMenuBarPeer + implements MenuBarPeer +{ + + /** + * The AWT menu bar. + */ + MenuBar awtMenuBar; + + /** + * The Swing menu bar. + */ + SwingMenuBar menuBar; + + /** + * The peer of the frame that contains this menu bar. + */ + SwingFramePeer framePeer; + + /** + * A specialized JMenuBar that can be used as 'backend' for AWT MenuBars. + * + * @author Roman Kennke (kennke@aicas.com) + */ + private class SwingMenuBar + extends JMenuBar + { + /** + * Overridden in order to provide a parent frame for this menu bar. The + * menu bar still is not inside the component hierarchy, we are faking + * here. + */ + public Container getParent() + { + Container result = null; + if (framePeer != null) + result = (Container) framePeer.awtComponent; + return result; + } + + /** + * Unconditionally returns true, since we assume that when the + * menubar has a peer, it must be showing. + * + * @return true + */ + public boolean isShowing() + { + // FIXME: This might be wrong. Maybe find a better way to do that. + return true; + } + + /** + * Handles mouse events by forwarding it to + * processMouseEvent(). + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseEvent(ev); + } + + /** + * Determines the menubar's screen location by asking the SwingFramePeer + * for it. + * + * @return the screen location of the menu bar + */ + public Point getLocationOnScreen() + { + return framePeer.getMenuLocationOnScreen(); + } + } + + /** + * Creates a new SwingMenuBarPeer instance. + * + * @param awtMenuBar the AWT menu bar + */ + public SwingMenuBarPeer(MenuBar awtMenuBar) + { + this.awtMenuBar = awtMenuBar; + menuBar = new SwingMenuBar(); + menuBar.setDoubleBuffered(false); + // Add all the menus that are already in the MenuBar. + for (int i = 0; i < awtMenuBar.getMenuCount(); i++) + { + Menu menu = awtMenuBar.getMenu(i); + menu.addNotify(); + addMenu(awtMenuBar.getMenu(i)); + } + } + + /** + * Sets the SwingFramePeer of the frame that holds this menu. + * + * @param peer the SwingFramePeer to set + */ + public void setFramePeer(SwingFramePeer peer) + { + framePeer = peer; + } + + /** + * Adds a menu to the menu bar. + * + * @param m the menu to add + */ + public void addMenu(Menu m) + { + SwingMenuPeer menuPeer = (SwingMenuPeer) m.getPeer(); + menuBar.add(menuPeer.menu); + } + + /** + * Adds a help menu to the menu bar. + * + * @param m the menu to add + */ + public void addHelpMenu(Menu menu) + { + // FIXME: We should manage the help menu differently, so that it always + // appears at the rightmost position. + SwingMenuPeer menuPeer = (SwingMenuPeer) menu.getPeer(); + menuBar.add(menuPeer.menu); + } + + /** + * Removes the menu with the specified index. + * + * @param index the index of the menu to remove + */ + public void delMenu(int index) + { + menuBar.remove(index); + } + + /** + * Disposes this peer. This releases any reference to the AWT and Swing + * components. + */ + public void dispose() + { + menuBar = null; + awtMenuBar = null; + } + + /** + * Sets a font for the menu bar. + * + * @param font the font to set + */ + public void setFont(Font font) + { + menuBar.setFont(font); + } + + /** + * Sets the width of the menu bar. This is called from the top level + * component peers to adjust the width of the menubar when their sizes + * change. + * + * @param w the width to set + */ + public void setWidth(int w) + { + menuBar.setSize(w, menuBar.getPreferredSize().height); + menuBar.doLayout(); + } + + /** + * Paints the menu bar. + * + * @param g the graphics context to use for painting + */ + public void peerPaint(Graphics g) + { + menuBar.paint(g); + } + + /** + * Determines the height of the menubar. + * + * @return the height of the menu bar + */ + public int getHeight() + { + return menuBar.getPreferredSize().height; + } + + /** + * Handles mouse events. + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + Point point = ev.getPoint(); + for (int i = 0; i < awtMenuBar.getMenuCount(); i++) + { + Menu menu = awtMenuBar.getMenu(i); + SwingMenuPeer peer = (SwingMenuPeer) menu.getPeer(); + int x1 = peer.getX(); + int x2 = x1 + peer.getWidth(); + if (point.x >= x1 && point.x <= x2) + { + ev.translatePoint(peer.getX(), peer.getY()); + peer.handleMouseEvent(ev); + break; + } + } + } + + /** + * Handles mouse motion events. + * + * @param ev the mouse motion event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + Point point = ev.getPoint(); + for (int i = 0; i < awtMenuBar.getMenuCount(); i++) + { + Menu menu = awtMenuBar.getMenu(i); + SwingMenuPeer peer = (SwingMenuPeer) menu.getPeer(); + int x1 = peer.getX(); + int x2 = x1 + peer.getWidth(); + if (point.x >= x1 && point.x <= x2) + { + ev.translatePoint(peer.getX(), peer.getY()); + peer.handleMouseMotionEvent(ev); + break; + } + } + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuItemPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuItemPeer.java new file mode 100644 index 0000000..8b9d47e --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuItemPeer.java @@ -0,0 +1,157 @@ +/* SwingMenuItemPeer.java -- A Swing based peer for AWT menu items + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Font; +import java.awt.MenuItem; +import java.awt.Toolkit; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.peer.MenuItemPeer; + +import javax.swing.JMenuItem; + +/** + * A Swing based peer for the AWT MenuItem. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingMenuItemPeer + implements MenuItemPeer +{ + /** + * The AWT menu item. + */ + MenuItem awtMenuItem; + + /** + * The Swing menu item. + */ + JMenuItem menuItem; + + /** + * Receives ActionEvents from the Swing menu item and forwards them + * to the ActionListeners of the AWT MenuItem. + * + * @author Roman Kennke (kennke@aicas.com) + */ + private class SwingMenuItemListener implements ActionListener + { + + /** + * Receives notification when the action has been performed. + * + * @param event the action event + */ + public void actionPerformed(ActionEvent event) + { + event.setSource(awtMenuItem); + Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(event); + } + + } + + /** + * Creates a new instance of SwingMenuItemPeer. + * + * @param awtMenuItem the AWT menu item + */ + public SwingMenuItemPeer(MenuItem awtMenuItem) + { + this.awtMenuItem = awtMenuItem; + menuItem = new JMenuItem(awtMenuItem.getLabel()); + menuItem.addActionListener(new SwingMenuItemListener()); + } + + /** + * Disables the menu item. + */ + public void disable() + { + menuItem.setEnabled(false); + } + + /** + * Enables the menu item. + */ + public void enable() + { + menuItem.setEnabled(true); + } + + /** + * Sets the enabled state to enabled. + * + * @param enabled if the menu item should be enabled or not + */ + public void setEnabled(boolean enabled) + { + menuItem.setEnabled(enabled); + } + + /** + * Sets the label for the menu item. + * + * @param text the label to set + */ + public void setLabel(String text) + { + menuItem.setText(text); + } + + /** + * Disposes the menu item. This releases any reference to the Swing and AWT + * menu item. + */ + public void dispose() + { + menuItem = null; + awtMenuItem = null; + } + + /** + * Sets the font for this menu item. + * + * @param font the font to set + */ + public void setFont(Font font) + { + menuItem.setFont(font); + } + +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuPeer.java new file mode 100644 index 0000000..ecb54a5 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingMenuPeer.java @@ -0,0 +1,284 @@ +/* SwingMenuPeer.java -- A Swing based peer for AWT menus + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Font; +import java.awt.Menu; +import java.awt.MenuItem; +import java.awt.Point; +import java.awt.event.MouseEvent; +import java.awt.peer.MenuPeer; + +import javax.swing.JMenu; + +/** + * A Swing based peer for the AWT menu. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingMenuPeer + implements MenuPeer +{ + + /** + * The AWT menu. + */ + Menu awtMenu; + + /** + * The Swing menu. + */ + SwingMenu menu; + + /** + * A specialized JMenu that can be used as 'backend' for an AWT menu. + * + * @author Roman Kennke (kennke@aicas.com) + */ + private class SwingMenu + extends JMenu + { + + /** + * Unconditionally returns true, since we assume that when the + * menu has a peer, it must be showing. + * + * @return true + */ + public boolean isShowing() + { + // FIXME: This might be wrong. Maybe find a better way to do that. + return true; + } + + /** + * Overridden so that we can provide a location even without a real peer + * attached. + * + * @return the screen location of this menu + */ + public Point getLocationOnScreen() + { + Point parentLoc = getParent().getLocationOnScreen(); + parentLoc.x += getX(); + parentLoc.y += getY(); + return parentLoc; + } + + /** + * Handles mouse events by forwarding them to + * processMouseEvent(). + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseEvent(ev); + } + + /** + * Handles mouse events by forwarding them to + * processMouseMotionEvent(). + * + * @param ev the mouse event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseMotionEvent(ev); + } + } + + /** + * Creates a new SwingMenuPeer instance. + * + * @param awtMenu the AWT menu + */ + public SwingMenuPeer(Menu awtMenu) + { + this.awtMenu = awtMenu; + menu = new SwingMenu(); + menu.setDoubleBuffered(false); + menu.setText(awtMenu.getLabel()); + for (int i = 0; i < awtMenu.getItemCount(); i++) + { + MenuItem item = awtMenu.getItem(i); + item.addNotify(); + SwingMenuItemPeer peer = (SwingMenuItemPeer) item.getPeer(); + menu.add(peer.menuItem); + } + } + + /** + * Adds a menu item to this menu. + * + * @param item the menu item to add + */ + public void addItem(MenuItem item) + { + SwingMenuItemPeer menuItemPeer = (SwingMenuItemPeer) item.getPeer(); + menu.add(menuItemPeer.menuItem); + } + + /** + * Adds a separator to the menu. + */ + public void addSeparator() + { + menu.addSeparator(); + } + + /** + * Removes a menu item from the menu. + * + * @param index the index of the menu item to remove + */ + public void delItem(int index) + { + menu.remove(index); + } + + /** + * Disables the menu. + */ + public void disable() + { + menu.setEnabled(false); + } + + /** + * Enables the menu. + */ + public void enable() + { + menu.setEnabled(true); + } + + /** + * Sets the enabled state of the menu to enabled. + * + * @param enabled if the menu should be enabled or not + */ + public void setEnabled(boolean enabled) + { + menu.setEnabled(enabled); + } + + /** + * Sets the label of the menu. + * + * @param text the label to set + */ + public void setLabel(String text) + { + menu.setText(text); + } + + /** + * Releases any reference to the AWT and Swing menu instances. + */ + public void dispose() + { + menu = null; + awtMenu = null; + } + + /** + * Sets the font for the menu. + * + * @param font the font to set + */ + public void setFont(Font font) + { + menu.setFont(font); + } + + /** + * Handles mouse events by forwarding them to the Swing menu. + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + menu.handleMouseEvent(ev); + } + + /** + * Handles mouse motion events by forwarding them to the Swing menu. + * + * @param ev the mouse event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + menu.handleMouseMotionEvent(ev); + } + + /** + * Returns the X coordinate of the upper left corner of the menu. This is + * used internally by the SwingMenuBarPeer. + * + * @return the X coordinate of the upper left corner of the menu + */ + int getX() + { + return menu.getX(); + } + + /** + * Returns the width of the menu. This is used internally by the + * SwingMenuBarPeer. + * + * @return the X coordinate of the upper left corner of the menu + */ + int getWidth() + { + return menu.getWidth(); + } + + /** + * Returns the Y coordinate of the upper left corner of the menu. This is + * used internally by the SwingMenuBarPeer. + * + * @return the X coordinate of the upper left corner of the menu + */ + public int getY() + { + return menu.getY(); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingPanelPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingPanelPeer.java new file mode 100644 index 0000000..0a0f20f --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingPanelPeer.java @@ -0,0 +1,67 @@ +/* SwingPanelPeer.java -- A PanelPeer based on Swing + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.awt.peer.swing; + +import java.awt.Panel; +import java.awt.peer.LightweightPeer; +import java.awt.peer.PanelPeer; + +/** + * A panel peer based on Swing. + * + * @author Roman Kennke (kennke@aicas.com) + */ +// TODO: Maybe base implementation on JPanel. However, this doesn't seem +// necessary, but might be good for more consistend Look. +public class SwingPanelPeer + extends SwingContainerPeer + implements PanelPeer, LightweightPeer +{ + + /** + * Creates a new instance of SwingPanelPeer for the specified + * AWT panel. + * + * @param panel the AWT panel + */ + public SwingPanelPeer(Panel panel) + { + super(panel); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingTextFieldPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingTextFieldPeer.java new file mode 100644 index 0000000..a4c6d82 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingTextFieldPeer.java @@ -0,0 +1,367 @@ +/* SwingTextFieldPeer.java -- A Swing based peer for AWT textfields + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ +package gnu.java.awt.peer.swing; + +import java.awt.Dimension; +import java.awt.Image; +import java.awt.Point; +import java.awt.Rectangle; +import java.awt.TextField; +import java.awt.event.KeyEvent; +import java.awt.event.MouseEvent; +import java.awt.im.InputMethodRequests; +import java.awt.peer.TextFieldPeer; + +import javax.swing.JComponent; +import javax.swing.JTextField; + +/** + * A TextFieldPeer based on Swing JTextField. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public class SwingTextFieldPeer + extends SwingComponentPeer + implements TextFieldPeer +{ + + /** + * A specialized Swing textfield for use in the peer. + * + * @author Roman Kennke (kennke@aicas.com) + */ + private class SwingTextField + extends JTextField + implements SwingComponent + { + + /** + * Overridden to provide normal behaviour even without a real peer + * attached. + * + * @return the location of the textfield on screen + */ + public Point getLocationOnScreen() + { + return SwingTextFieldPeer.this.getLocationOnScreen(); + } + + /** + * Overridden so that the isShowing method returns the correct value for the + * swing button, even if it has no peer on its own. + * + * @return true if the button is currently showing, + * false otherwise + */ + public boolean isShowing() + { + boolean retVal = false; + if (SwingTextFieldPeer.this.awtComponent != null) + retVal = SwingTextFieldPeer.this.awtComponent.isShowing(); + return retVal; + } + + /** + * Overridden, so that the Swing button can create an Image without its + * own peer. + * + * @param w the width of the image + * @param h the height of the image + * + * @return an image + */ + public Image createImage(int w, int h) + { + return SwingTextFieldPeer.this.createImage(w, h); + } + + /** + * Returns this textfield. + * + * @return this + */ + public JComponent getJComponent() + { + return this; + } + + /** + * Handles mouse events by forwarding it to the swing textfield. + * + * @param ev the mouse event + */ + public void handleMouseEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseEvent(ev); + } + + /** + * Handles mouse motion events by forwarding it to the swing textfield. + * + * @param ev the mouse motion event + */ + public void handleMouseMotionEvent(MouseEvent ev) + { + ev.setSource(this); + processMouseMotionEvent(ev); + } + + /** + * Handles key events by forwarding it to the swing textfield. + * + * @param ev the key event + */ + public void handleKeyEvent(KeyEvent ev) + { + ev.setSource(this); + processKeyEvent(ev); + } + + } + + /** + * Creates a new SwingTextFieldPeer instance for the specified + * AWT textfield. + * + * @param textField the AWT textfield + */ + public SwingTextFieldPeer(TextField textField) + { + SwingTextField swingTextField = new SwingTextField(); + swingTextField.setText(textField.getText()); + init(textField, swingTextField); + } + + /** + * Returns the minimum size of the textfield. + * + * @param len not used here + * + * @return the minimum size of the textfield + */ + public Dimension minimumSize(int len) + { + return swingComponent.getJComponent().getMinimumSize(); + } + + /** + * Returns the preferred size of the textfield. + * + * @param len not used here + * + * @return the preferred size of the textfield + */ + public Dimension preferredSize(int len) + { + return swingComponent.getJComponent().getPreferredSize(); + } + + /** + * Returns the minimum size of the textfield. + * + * @param len not used here + * + * @return the minimum size of the textfield + */ + public Dimension getMinimumSize(int len) + { + return swingComponent.getJComponent().getMinimumSize(); + } + + /** + * Returns the preferred size of the textfield. + * + * @param len not used here + * + * @return the preferred size of the textfield + */ + public Dimension getPreferredSize(int len) + { + return swingComponent.getJComponent().getPreferredSize(); + } + + /** + * Sets the echo character. + * + * @param echoChar the echo character to be set + */ + public void setEchoChar(char echoChar) + { + // TODO: Must be implemented. + } + + /** + * Sets the echo character. + * + * @param echoChar the echo character to be set + */ + public void setEchoCharacter(char echoChar) + { + // TODO: Must be implemented. + } + + /** + * Returns the end index of the current selection. + * + * @return the end index of the current selection + */ + public int getSelectionEnd() + { + // TODO: Must be implemented. + return 0; + } + + /** + * Returns the start index of the current selection. + * + * @return the start index of the current selection + */ + public int getSelectionStart() + { + // TODO: Must be implemented. + return 0; + } + + /** + * Returns the current content of the textfield. + * + * @return the current content of the textfield + */ + public String getText() + { + return ((JTextField) swingComponent.getJComponent()).getText(); + } + + /** + * Sets the content of the textfield. + * + * @param text the text to set + */ + public void setText(String text) + { + ((JTextField) swingComponent.getJComponent()).setText(text); + } + + /** + * Sets the current selection. + * + * @param startPos the start index of the selection + * @param endPos the start index of the selection + */ + public void select(int start_pos, int endPos) + { + // TODO: Must be implemented. + } + + /** + * Sets the editable flag of the text field. + * + * @param editable true to make the textfield editable, + * false to make it uneditable + */ + public void setEditable(boolean editable) + { + ((JTextField) swingComponent.getJComponent()).setEditable(editable); + } + + /** + * Returns the current caret position. + * + * @return the current caret position + */ + public int getCaretPosition() + { + return ((JTextField) swingComponent.getJComponent()).getCaret().getDot(); + } + + /** + * Sets the current caret position. + * + * @param pos the caret position to set + */ + public void setCaretPosition(int pos) + { + ((JTextField) swingComponent.getJComponent()).getCaret().setDot(pos); + } + + /** + * Returns the index of the character at the specified location. + * + * @param x the X coordinate of the point to query + * @param y the Y coordinate of the point to query + * + * @return the index of the character at the specified location + */ + public int getIndexAtPoint(int x, int y) + { + // TODO: Must be implemented. + return 0; + } + + /** + * Returns the bounds of the character at the specified index. + * + * @param pos the index of the character + * + * @return the bounds of the character at the specified index + */ + public Rectangle getCharacterBounds(int pos) + { + // TODO: Must be implemented. + return null; + } + + /** + * Not used. + */ + public long filterEvents(long filter) + { + // TODO: Must be implemented. + return 0; + } + + /** + * Not used. + */ + public InputMethodRequests getInputMethodRequests() + { + // TODO: Must be implemented. + return null; + } + +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingToolkit.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingToolkit.java new file mode 100644 index 0000000..166e1f4 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingToolkit.java @@ -0,0 +1,165 @@ +/* SwingToolkit.java -- A base toolkit for Swing peers + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.awt.peer.swing; + +import java.awt.Button; +import java.awt.Canvas; +import java.awt.Label; +import java.awt.Menu; +import java.awt.MenuBar; +import java.awt.MenuItem; +import java.awt.Panel; +import java.awt.TextField; +import java.awt.peer.ButtonPeer; +import java.awt.peer.CanvasPeer; +import java.awt.peer.LabelPeer; +import java.awt.peer.MenuBarPeer; +import java.awt.peer.MenuItemPeer; +import java.awt.peer.MenuPeer; +import java.awt.peer.PanelPeer; +import java.awt.peer.TextFieldPeer; + +import gnu.java.awt.ClasspathToolkit; + +/** + * A base implementation for {@link java.awt.Toolkit} that provides the + * Swing based widgets. Concrete implementations still must provide the + * remaining abstract methods. + * + * @author Roman Kennke (kennke@aicas.com) + */ +public abstract class SwingToolkit extends ClasspathToolkit +{ + + /** + * Creates a SwingButtonPeer. + * + * @param button the AWT button + * + * @return the Swing button peer + */ + protected ButtonPeer createButton(Button button) + { + return new SwingButtonPeer(button); + } + + /** + * Creates a SwingCanvasPeer. + * + * @param canvas the AWT canvas + * + * @return the Swing canvas peer + */ + protected CanvasPeer createCanvas(Canvas canvas) + { + return new SwingCanvasPeer(canvas); + } + + /** + * Creates a SwingLabelPeer. + * + * @param label the AWT label + * + * @return the Swing label peer + */ + protected LabelPeer createLabel(Label label) + { + return new SwingLabelPeer(label); + } + + /** + * Creates a SwingMenuPeer. + * + * @param menu the AWT menu + * + * @return the Swing menu peer + */ + protected MenuPeer createMenu(Menu menu) + { + return new SwingMenuPeer(menu); + } + + /** + * Creates a SwingMenuBarPeer. + * + * @param menuBar the AWT menubar + * + * @return the Swing menu bar peer + */ + protected MenuBarPeer createMenuBar(MenuBar menuBar) + { + return new SwingMenuBarPeer(menuBar); + } + + /** + * Creates a SwingMenuItemPeer. + * + * @param menuItem the AWT menu item + * + * @return the Swing menu item peer + */ + protected MenuItemPeer createMenuItem(MenuItem menuItem) + { + return new SwingMenuItemPeer(menuItem); + } + + /** + * Creates a SwingPanelPeer. + * + * @param panel the AWT panel + * + * @return the Swing panel peer + */ + protected PanelPeer createPanel(Panel panel) + { + return new SwingPanelPeer(panel); + } + + /** + * Creates a SwingTextFieldPeer. + * + * @param textField the AWT text field + * + * @return the Swing text field peer + */ + protected TextFieldPeer createTextField(TextField textField) + { + return new SwingTextFieldPeer(textField); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/SwingWindowPeer.java b/libjava/classpath/gnu/java/awt/peer/swing/SwingWindowPeer.java new file mode 100644 index 0000000..2f89795 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/SwingWindowPeer.java @@ -0,0 +1,72 @@ +/* SwingWindowPeer.java -- An abstract base for Swing based window peers + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.awt.peer.swing; + +import java.awt.Window; +import java.awt.peer.WindowPeer; + +/** + * An abstract base class for Swing based WindowPeer implementation. Concrete + * implementations of WindowPeers should subclass this class in order to get + * the correct behaviour. + * + * As a minimum, a subclass must implement all the remaining abstract methods + * as well as the following methods: + * + * + * @author Roman Kennke (kennke@aicas.com) + */ +public abstract class SwingWindowPeer + extends SwingContainerPeer + implements WindowPeer +{ + + /** + * Creates a new instance of WindowPeer. + * + * @param window the AWT window + */ + public SwingWindowPeer(Window window) + { + super(window); + } +} diff --git a/libjava/classpath/gnu/java/awt/peer/swing/package.html b/libjava/classpath/gnu/java/awt/peer/swing/package.html new file mode 100644 index 0000000..506eda8 --- /dev/null +++ b/libjava/classpath/gnu/java/awt/peer/swing/package.html @@ -0,0 +1,71 @@ + + + + + + Swing based AWT peers + + +

Swing based AWT peers.

+

This package defines an abstract set of AWT peers that is based on Swing + widgets. This can be used as an implementation base for peer implementors + who don't have access to native widgets or who want to build a quick + prototype of a peer set without implementing all of the AWT widgets. +

+

An actual implementation would have to provide the following: +

+

+ + diff --git a/libjava/classpath/gnu/java/beans/DefaultExceptionListener.java b/libjava/classpath/gnu/java/beans/DefaultExceptionListener.java new file mode 100644 index 0000000..42b31fa --- /dev/null +++ b/libjava/classpath/gnu/java/beans/DefaultExceptionListener.java @@ -0,0 +1,66 @@ +/* gnu.java.beans.DefaultExceptionListener + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.java.beans; + +import java.beans.ExceptionListener; + +/** The DefaultExceptionListener is the default implementation of the + * {@link ExceptionListener} interface. An instance of + * this class is used whenever the user provided no + * ExceptionListener instance on its own. + * + *

The implementation just writes the exception's message + * to System.err and is used by the {@link java.beans.Encoder} + * and the {@link java.beans.XMLDecoder}. + *

+ * + * @author Robert Schuster (robertschuster@fsfe.org) + */ +public class DefaultExceptionListener implements ExceptionListener +{ + public final static DefaultExceptionListener INSTANCE + = new DefaultExceptionListener(); + + public void exceptionThrown(Exception e) + { + System.err.println("exception thrown: " + + e + " - message: " + + e.getMessage()); + } + +} diff --git a/libjava/classpath/gnu/java/beans/decoder/DefaultExceptionListener.java b/libjava/classpath/gnu/java/beans/decoder/DefaultExceptionListener.java deleted file mode 100644 index 71e7158..0000000 --- a/libjava/classpath/gnu/java/beans/decoder/DefaultExceptionListener.java +++ /dev/null @@ -1,57 +0,0 @@ -/* gnu.java.beans.DefaultExceptionListener - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.java.beans.decoder; - -import java.beans.ExceptionListener; - -/** The DefaultExceptionListener is the default implementation of the ExceptionListener - * interface. An instance of this class is used whenever the user provided no - * ExceptionListener instance on its own. - * - *

The implementation just writes the exception's message to System.err.

- * - * @author Robert Schuster - */ -public class DefaultExceptionListener implements ExceptionListener -{ - public void exceptionThrown(Exception e) - { - System.err.println("non-critical exception: " + e + " - message: " - + e.getMessage()); - } -} diff --git a/libjava/classpath/gnu/java/lang/CharData.java b/libjava/classpath/gnu/java/lang/CharData.java index b12078d..a84d94d 100644 --- a/libjava/classpath/gnu/java/lang/CharData.java +++ b/libjava/classpath/gnu/java/lang/CharData.java @@ -41,22 +41,26 @@ package gnu.java.lang; /** * This contains the info about the unicode characters, that * java.lang.Character needs. It is generated automatically from - * doc/unicode/UnicodeData-3.0.0.txt and - * doc/unicode/SpecialCasing-2.txt, by some - * perl scripts. These Unicode definition file can be found on the + * ../doc/unicode/UnicodeData-4.0.0.txt and + * ../doc/unicode/SpecialCasing-4.0.0.txt, by some + * perl scripts. These Unicode definition files can be found on the * http://www.unicode.org website. - * JDK 1.4 uses Unicode version 3.0.0. + * JDK 1.5 uses Unicode version 4.0.0. * * The data is stored as string constants, but Character will convert these - * Strings to their respective char[] components. The field + * Strings to their respective char[] components. The fields + * are stored in arrays of 17 elements each, one element per Unicode plane. * BLOCKS stores the offset of a block of 2SHIFT * characters within DATA. The DATA field, in turn, stores * information about each character in the low order bits, and an offset * into the attribute tables UPPER, LOWER, * NUM_VALUE, and DIRECTION. Notice that the * attribute tables are much smaller than 0xffff entries; as many characters - * in Unicode share common attributes. The DIRECTION table also contains - * a field for detecting characters with multi-character uppercase expansions. + * in Unicode share common attributes. Numbers that are too large to fit + * into NUM_VALUE as 16 bit chars are stored in LARGENUMS and a number N is + * stored in NUM_VALUE such that (-N - 3) is the offset into LARGENUMS for + * the particular character. The DIRECTION table also contains a field for + * detecting characters with multi-character uppercase expansions. * Next, there is a listing for TITLE exceptions (most characters * just have the same title case as upper case). Finally, there are two * tables for multi-character capitalization, UPPER_SPECIAL @@ -73,208 +77,622 @@ public interface CharData /** * The Unicode definition file that was parsed to build this database. */ - String SOURCE = "doc/unicode/UnicodeData-3.0.0.txt"; + String SOURCE = "../doc/unicode/UnicodeData-4.0.0.txt"; /** * The character shift amount to look up the block offset. In other words, - * (char) (BLOCKS.value[ch >> SHIFT] + ch) is the index where - * ch is described in DATA. + * (char) (BLOCKS.value[ch >> SHIFT[p]] + ch) is the index + * where ch is described in DATA if ch + * is in Unicode plane p. Note that p is simply + * the integer division of ch and 0x10000. */ - int SHIFT = 5; + int[] SHIFT + = new int[] {4, 6, 7, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 7, 8, 8}; /** * The mapping of character blocks to their location in DATA. * Each entry has been adjusted so that the 16-bit sum with the desired * character gives the actual index into DATA. */ - String BLOCKS - = "\u01c2\u01c2\u01c1\u012c\u012b\u01a0\u01f8\u02dc\u025f\u02ee\u0215" - + "\u0346\u02dc\u0326\u02bc\u0216\u015f\u02d4\u0376\u0376\u0376\u0369" - + "\ufe8f\u0344\uff85\uff65\ufdb5\ufda1\033\u02c4\034G\ufea8" - + "\uff8c\u0235\ufeff\032\ufebf&\ufb20\ufe28\u0113\u0104\ufb61" - + "\ufb5a\u010b\u0109\u00fe\uff08\u0229\u025e\u01c7\u01fc\u01dc\ufc46" - + "\u0229\ufe27\ufb55\u0169\ufbc8\u00fc\u0103\ufb68\ufb48\ufb28\ufb08" - + "\ufae8\ufac8\ufaa8\ufa88\ufa68\ufa48eP\u00ab\u0139\ufe0e" - + "c\u0155\u01a8\uf669\u0129\u0128\uf91f\ufe56\u0108\u0107\ufac0" - + "\ufc8e\ufead\u00c6\ufca7\ufb95\uf47d\u009f\ufb17\ufe20\ufd28\ufb2f" - + ";\uf3b9\ufe57\ufcce\uffbb\uf339\ufa98\uff8b\uff3b\ufa54\uf7e3" - + "\uff2b\ufad7\ufb69\ufc3a\ufee5\uf4c8\ufcb0\ufa88\ufdbf\uf448\ufe45" - + "\ufcc7\ufe4f\uf7f1\uf715\uf2e8\ufd9f\uf348\uf96a\ufc02\ufd97\uf2c8" - + "\uf2a8\uf4b9\uf4b3\uef6b\uf86a\uf84a\ufc58\uf80a\uf7ea\ufc0f\uf7aa" - + "\uee9c\ufb90\uf74a\uf7fa\uf70a\uf7ca\uf792\uf471\uf4d2\uf732\uf64a" - + "\uf401\uf64d\uefa8\uf5ca\uf5aa\ueca1\uf569\uf54a\uf52a\uf50a\uf4ea" - + "\uf4ca\uf4aa\uf48a\uf46a\uf44a\uf42a\uf40a\uf3ea\uf3ca\uf3aa\uf38a" - + "\uf36a\uf34a\uf32a\uf289\uf777\uf2ca\uf2aa\uf737\uec28\uec08\uebe8" - + "\uebc8\uf1ea\uf4a2\uf545\uedc6\uf2d7\uf14a\ue8ed\ue81e\uf0ea\uf597" - + "\uea68\uea48\uea28\uea08\ue9e8\ue9c8\ue9a8\ue988\ue968\ue948\ue928" - + "\ue908\ue8e8\ue8c8\ue8a8\ue888\ue868\ue848\ue828\ue808\ue7e8\ue7c8" - + "\ue7a8\ue788\ue768\ue748\ue728\ue708\ue6e8\ue6c8\ue6a8\ue688\ue668" - + "\ue648\ue628\ue608\ue5e8\ue5c8\ue5a8\ue588\ue568\ue548\ue55f\ue53f" - + "\ue51f\ue4ff\uefd7\ue4bf\ue49f\ue485\uef87\uef57\uef57\uef57\uef57" - + "\uef47\ue1ad\uef46\uef46\uef46\ue1e0\ue3dd\uef06\ue9d9\uebeb\ue244" - + "\ueed4\uef65\ue1f5\uef45\ueee9\uef7c\uee74\uef70\uef7d\uef78\uee91" - + "\uefd3\uee7d\uee25\uee27\uef65\uefdd\uee96\uefd3\uefe1\uef69\udf88" - + "\udf68\udf48\ued2b\ued3d\ued19\uef1c\uef08\ued47\ued3d\ued33\uec2b" - + "\uec0b\uebeb\uebcb\uebce\uea7c\ueb69\ueb6c\ue9b6\ueb0b\ueaeb\ue9e9" - + "\udca8\udc88\udc68\udc48\ue910\uea23\ueb58\ueb4f\ueb45\ueae5\udb68" - + "\udb48\ue92b\ue90b\ue8eb\ue8cb\ue8ab\ue88b\ue86b\ue84b\uda28\uda08" - + "\ud9e8\ud9c8\ud9a8\ud988\ud968\ud948\ud928\ud908\ud8e8\ud8c8\ud8a8" - + "\ud888\ud868\ud848\ud828\ud808\ud7e8\ud7c8\ud7a8\ud788\ud768\ud748" - + "\ud728\ud708\ud6e8\ud6c8\ud6a8\ud688\ud668\ud648\ud628\ud608\ud5e8" - + "\ud5c8\ud5a8\ud588\ud568\ud548\ud528\ud508\ud4e8\ud4c8\ue2b1\ue28b" - + "\ue26b\ue270\ue22b\ue20b\ue1eb\ue1cb\ue1ab\ue18b\ue18e\udd8f\ue3a8" - + "\udfd3\ud929\ud90a\ue348\ud8c9\ud8aa\udcd7\udcb2\ud681\ud82a\ud80a" - + "\ue268\ucede\ud168\ud148\ue116\ue0e9\ue1cb\ue0b7\ue0b7\ue15e\udf17" - + "\ue034\ue013\udff3\udfd3\ude6c\udf93\udf73\udf55\udf34\ud56a\ud54a" - + "\ud52a\ud50a\ud4ea\ud4ca\ud4aa\ud48a\ud46a\ud44a\ud42a\ud40a\ud3ea" - + "\ud3ca\ud3aa\ud38a\ud36a\ud34a\ud32a\ud30a\ud2ea\ud2ca\ud2aa\ud28a" - + "\ud26a\ud24a\ud22a\ud20a\ud1ea\ud1ca\ud1aa\ud18a\ud16a\ud14a\ud12a" - + "\ud10a\ud0ea\ud0ca\ud0aa\ud08a\ud06a\ud04a\ud02a\ud00a\ucfea\ucfca" - + "\ucfaa\ucf8a\ucf6a\ucf4a\ucf2a\ucf0a\uceea\uceca\uceaa\uce8a\uce6a" - + "\uce4a\uce2a\uce0a\ucdea\ucdca\ucdaa\ucd8a\ucd6a\ucd4a\ucd2a\ucd0a" - + "\uccea\uccca\uccaa\ucc8a\ucc6a\ucc4a\ucc2a\ucc0a\ucbea\ucbca\ucbaa" - + "\ucb8a\ucb6a\ucb4a\ucb2a\ucb0a\ucaea\ucaca\ucaaa\uca8a\uca6a\uca4a" - + "\uca2a\uca0a\uc9ea\uc9ca\uc9aa\uc98a\uc96a\uc94a\uc92a\uc90a\uc8ea" - + "\uc8ca\uc8aa\uc88a\uc86a\uc84a\uc82a\uc80a\uc7ea\uc7ca\uc7aa\uc78a" - + "\uc76a\uc74a\uc72a\uc70a\uc6ea\uc6ca\uc6aa\uc68a\uc66a\uc64a\uc62a" - + "\uc60a\uc5ea\uc5ca\uc5aa\uc58a\uc56a\uc54a\uc52a\uc50a\uc4ea\uc4ca" - + "\uc4aa\uc48a\uc46a\uc44a\uc42a\uc40a\uc3ea\uc3ca\uc3aa\uc38a\uc36a" - + "\uc34a\uc32a\uc30a\uc2ea\uc2ca\uc2aa\uc28a\uc26a\uc24a\uc22a\uc20a" - + "\uc1ea\uc1ca\uc1aa\uc18a\uc16a\uc14a\uc12a\uc10a\uc0ea\uc0ca\uc0aa" - + "\uc08a\uc06a\uc04a\uc02a\uc00a\ubfea\ubfca\ubfaa\ubf8a\ubf6a\ubf4a" - + "\ubf2a\ubf0a\ubeea\ubeca\ubeaa\ube8a\ube6a\ube4a\ube2a\ube0a\ubdea" - + "\ubdca\ubdaa\ubd8a\ubd6a\ubd4a\ubd2a\ubd0a\ubcea\ubcca\ubcaa\ubc8a" - + "\ubc6a\ubc4a\ubc2a\ubc0a\ubbea\ub2e0\ub568\ub548\ubb6a\ubb4a\ubb2a" - + "\ubb0a\ubaea\ubaca\ubaaa\uba8a\uba6a\uba4a\uba2a\uba0a\ub9ea\ub9ca" - + "\ub9aa\ub98a\ub96a\ub94a\ub92a\ub90a\ub8ea\ub8ca\ub8aa\ub88a\ub86a" - + "\ub84a\ub82a\ub80a\ub7ea\ub7ca\ub7aa\ub78a\ub76a\ub74a\ub72a\ub70a" - + "\ub6ea\ub6ca\ub6aa\ub68a\ub66a\ub64a\ub62a\ub60a\ub5ea\ub5ca\ub5aa" - + "\ub58a\ub56a\ub54a\ub52a\ub50a\ub4ea\ub4ca\ub4aa\ub48a\ub46a\ub44a" - + "\ub42a\ub40a\ub3ea\ub3ca\ub3aa\ub38a\ub36a\ub34a\ub32a\ub30a\ub2ea" - + "\ub2ca\ub2aa\ub28a\ub26a\ub24a\ub22a\ub20a\ub1ea\ub1ca\ub1aa\ub18a" - + "\ub16a\ub14a\ub12a\ub10a\ub0ea\ub0ca\ub0aa\ub08a\ub06a\ub04a\ub02a" - + "\ub00a\uafea\uafca\uafaa\uaf8a\uaf6a\uaf4a\uaf2a\uaf0a\uaeea\uaeca" - + "\uaeaa\uae8a\uae6a\uae4a\uae2a\uae0a\uadea\uadca\uadaa\uad8a\uad6a" - + "\uad4a\uad2a\uad0a\uacea\uacca\uacaa\uac8a\uac6a\uac4a\uac2a\uac0a" - + "\uabea\uabca\uabaa\uab8a\uab6a\uab4a\uab2a\uab0a\uaaea\uaaca\uaaaa" - + "\uaa8a\uaa6a\uaa4a\uaa2a\uaa0a\ua9ea\ua9ca\ua9aa\ua98a\ua96a\ua94a" - + "\ua92a\ua90a\ua8ea\ua8ca\ua8aa\ua88a\ua86a\ua84a\ua82a\ua80a\ua7ea" - + "\ua7ca\ua7aa\ua78a\ua76a\ua74a\ua72a\ua70a\ua6ea\ua6ca\ua6aa\ua68a" - + "\ua66a\ua64a\ua62a\ua60a\ua5ea\ua5ca\ua5aa\ua58a\ua56a\ua54a\ua52a" - + "\ua50a\ua4ea\ua4ca\ua4aa\ua48a\ua46a\ua44a\ua42a\ua40a\ua3ea\ua3ca" - + "\ua3aa\ua38a\ua36a\ua34a\ua32a\ua30a\ua2ea\ua2ca\ua2aa\ua28a\ua26a" - + "\ua24a\ua22a\ua20a\ua1ea\ua1ca\ua1aa\ua18a\ua16a\ua14a\ua12a\ua10a" - + "\ua0ea\ua0ca\ua0aa\ua08a\ua06a\ua04a\ua02a\ua00a\u9fea\u9fca\u9faa" - + "\u9f8a\u9f6a\u9f4a\u9f2a\u9f0a\u9eea\u9eca\u9eaa\u9e8a\u9e6a\u9e4a" - + "\u9e2a\u9e0a\u9dea\u9dca\u9daa\u9d8a\u9d6a\u9d4a\u9d2a\u9d0a\u9cea" - + "\u9cca\u9caa\u9c8a\u9c6a\u9c4a\u9c2a\u9c0a\u9bea\u9bca\u9baa\u9b8a" - + "\u9b6a\u9b4a\u9b2a\u9b0a\u9aea\u9aca\u9aaa\u9a8a\u9a6a\u9a4a\u9a2a" - + "\u9a0a\u99ea\u99ca\u99aa\u998a\u996a\u994a\u992a\u990a\u98ea\u98ca" - + "\u98aa\u988a\u986a\u984a\u982a\u980a\u97ea\u97ca\u97aa\u978a\u976a" - + "\u974a\u972a\u970a\u96ea\u96ca\u96aa\u968a\u966a\u964a\u962a\u960a" - + "\u95ea\u95ca\u95aa\u958a\u956a\u954a\u952a\u950a\u94ea\u94ca\u94aa" - + "\u948a\u946a\u944a\u942a\u940a\u93ea\u93ca\u93aa\u938a\u936a\u934a" - + "\u932a\u930a\u92ea\u92ca\u92aa\u928a\u926a\u924a\u922a\u920a\u91ea" - + "\u91ca\u91aa\u918a\u916a\u914a\u912a\u910a\u90ea\u90ca\u90aa\u908a" - + "\u906a\u904a\u902a\u900a\u8fea\u8fca\u8faa\u8f8a\u8f6a\u8f4a\u8f2a" - + "\u8f0a\u8eea\u8eca\u8eaa\u8e8a\u8e6a\u8e4a\u8e2a\u8e0a\u8dea\u8dca" - + "\u8daa\u8d8a\u8d6a\u8d4a\u8d2a\u8d0a\u8cea\u8cca\u8caa\u8c8a\u8c6a" - + "\u8c4a\u8c2a\u8c0a\u8bea\u8bca\u8baa\u8b8a\u8b6a\u8b4a\u8b2a\u8b0a" - + "\u8aea\u8aca\u8aaa\u8a8a\u8a6a\u8a4a\u8a2a\u8a0a\u89ea\u89ca\u89aa" - + "\u898a\u896a\u894a\u892a\u890a\u88ea\u88ca\u88aa\u888a\u886a\u884a" - + "\u882a\u880a\u87ea\u87ca\u87aa\u878a\u876a\u874a\u872a\u870a\u86ea" - + "\u86ca\u86aa\u868a\u866a\u864a\u862a\u860a\u85ea\u85ca\u85aa\u858a" - + "\u856a\u854a\u852a\u850a\u84ea\u84ca\u84aa\u848a\u846a\u844a\u842a" - + "\u840a\u83ea\u83ca\u83aa\u838a\u836a\u834a\u832a\u830a\u82ea\u82ca" - + "\u82aa\u828a\u826a\u824a\u822a\u820a\u81ea\u81ca\u81aa\u818a\u816a" - + "\u814a\u812a\u810a\u80ea\u80ca\u80aa\u808a\u806a\u804a\u802a\u800a" - + "\u7fea\u7fca\u7faa\u7f8a\u7f6a\u7f4a\u7f2a\u7f0a\u7eea\u7eca\u7eaa" - + "\u7e8a\u7e6a\u7e4a\u7e2a\u7e0a\u7dea\u7dca\u7daa\u7d8a\u7d6a\u7d4a" - + "\u7d2a\u7d0a\u7cea\u7cca\u7caa\u7c8a\u7c6a\u7c4a\u7c2a\u7c0a\u7bea" - + "\u7bca\u7baa\u7b8a\u7b6a\u7b4a\u7b2a\u7b0a\u7aea\u7aca\u7aaa\u7a8a" - + "\u7a6a\u7a4a\u7a2a\u7a0a\u79ea\u79ca\u79aa\u798a\u796a\u794a\u792a" - + "\u790a\u78ea\u78ca\u78aa\u788a\u786a\u784a\u782a\u780a\u77ea\u77ca" - + "\u77aa\u778a\u776a\u774a\u772a\u770a\u76ea\u76ca\u76aa\u768a\u766a" - + "\u764a\u762a\u760a\u75ea\u75ca\u75aa\u758a\u756a\u754a\u752a\u750a" - + "\u74ea\u74ca\u74aa\u748a\u746a\u744a\u742a\u740a\u73ea\u73ca\u73aa" - + "\u738a\u736a\u734a\u732a\u730a\u72ea\u72ca\u72aa\u728a\u726a\u724a" - + "\u722a\u720a\u71ea\u71ca\u71aa\u718a\u716a\u714a\u712a\u710a\u70ea" - + "\u70ca\u70aa\u708a\u706a\u704a\u702a\u700a\u6fea\u6fca\u6faa\u6f8a" - + "\u6f6a\u6f4a\u6f2a\u6f0a\u6eea\u6eca\u6eaa\u6e8a\u6e6a\u6e4a\u6e2a" - + "\u6e0a\u6dea\u6dca\u6daa\u6d8a\u6d6a\u6d4a\u6d2a\u6d0a\u6cea\u6cca" - + "\u6caa\u6c8a\u6c6a\u6c4a\u6c2a\u6c0a\u6bea\u6bca\u6baa\u6b8a\u6b6a" - + "\u6b4a\u6b2a\u6b0a\u6aea\u6aca\u6aaa\u6a8a\u6a6a\u6a4a\u6a2a\u6a0a" - + "\u69ea\u60f0\u6368\u6348\u696a\u694a\u692a\u690a\u68ea\u68ca\u68aa" - + "\u688a\u686a\u684a\u682a\u680a\u67ea\u67ca\u67aa\u678a\u676a\u674a" - + "\u672a\u670a\u66ea\u66ca\u66aa\u668a\u666a\u664a\u662a\u660a\u65ea" - + "\u65ca\u65aa\u658a\u656a\u654a\u652a\u650a\u6b26\u6de1\u6e9c\u5e48" - + "\u5e28\u5e08\u5de8\u5dc8\u5da8\u5d88\u5d68\u5d48\u5d28\u5d08\u5ce8" - + "\u5cc8\u5ca8\u5c88\u5c68\u5c48\u5c28\u5c08\u5be8\u5bc8\u5ba8\u5b88" - + "\u5b68\u5b48\u5b28\u5b08\u5ae8\u5ac8\u5aa8\u5a88\u5a68\u5a48\u5a28" - + "\u5a08\u59e8\u59c8\u59a8\u5988\u5968\u5948\u5928\u5908\u58e8\u58c8" - + "\u58a8\u5888\u5868\u5848\u5828\u5808\u57e8\u57c8\u57a8\u5788\u5768" - + "\u5748\u5d6a\u5d4a\u5d2a\u5d0a\u5cea\u5cca\u5caa\u5c8a\u5c6a\u5c4a" - + "\u5c2a\u5c0a\u5bea\u5bca\u5baa\u5b8a\u5b6a\u5b4a\u5b2a\u5b0a\u5aea" - + "\u5aca\u5aaa\u5a8a\u5a6a\u5a4a\u5a2a\u5a0a\u59ea\u59ca\u59aa\u598a" - + "\u596a\u594a\u592a\u590a\u58ea\u58ca\u58aa\u588a\u586a\u584a\u582a" - + "\u580a\u57ea\u57ca\u57aa\u578a\u576a\u574a\u572a\u570a\u56ea\u56ca" - + "\u56aa\u568a\u566a\u564a\u562a\u560a\u55ea\u55ca\u55aa\u558a\u556a" - + "\u554a\u552a\u550a\u54ea\u54ca\u54aa\u548a\u546a\u544a\u542a\u540a" - + "\u53ea\u53ca\u53aa\u538a\u536a\u534a\u532a\u530a\u52ea\u52ca\u52aa" - + "\u528a\u526a\u524a\u522a\u520a\u51ea\u51ca\u51aa\u518a\u516a\u514a" - + "\u512a\u510a\u50ea\u50ca\u50aa\u508a\u506a\u504a\u502a\u500a\u4fea" - + "\u4fca\u4faa\u4f8a\u4f6a\u4f4a\u4f2a\u4f0a\u4eea\u4eca\u4eaa\u4e8a" - + "\u4e6a\u4e4a\u4e2a\u4e0a\u4dea\u4dca\u4daa\u4d8a\u4d6a\u4d4a\u4d2a" - + "\u4d0a\u4cea\u4cca\u4caa\u4c8a\u4c6a\u4c4a\u4c2a\u4c0a\u4bea\u4bca" - + "\u4baa\u4b8a\u4b6a\u4b4a\u4b2a\u4b0a\u4aea\u4aca\u4aaa\u4a8a\u4a6a" - + "\u4a4a\u4a2a\u4a0a\u49ea\u49ca\u49aa\u498a\u496a\u494a\u492a\u490a" - + "\u48ea\u48ca\u48aa\u488a\u486a\u484a\u482a\u480a\u47ea\u47ca\u47aa" - + "\u478a\u476a\u474a\u472a\u470a\u46ea\u46ca\u46aa\u468a\u466a\u464a" - + "\u462a\u460a\u45ea\u45ca\u45aa\u458a\u456a\u454a\u452a\u450a\u44ea" - + "\u44ca\u44aa\u448a\u446a\u444a\u442a\u440a\u43ea\u43ca\u43aa\u438a" - + "\u436a\u434a\u432a\u430a\u42ea\u42ca\u42aa\u428a\u426a\u424a\u422a" - + "\u420a\u41ea\u41ca\u41aa\u418a\u416a\u414a\u412a\u410a\u40ea\u40ca" - + "\u40aa\u408a\u406a\u404a\u402a\u400a\u3fea\u3fca\u3faa\u3f8a\u3f6a" - + "\u3f4a\u3f2a\u3f0a\u3eea\u3eca\u3eaa\u3e8a\u3e6a\u3e4a\u3e2a\u3e0a" - + "\u3dea\u3dca\u3daa\u3d8a\u3d6a\u3d4a\u3d2a\u3d0a\u3cea\u3cca\u3caa" - + "\u3c8a\u3c6a\u3c4a\u3c2a\u3c0a\u3bea\u3bca\u3baa\u3b8a\u3b6a\u3b4a" - + "\u3b2a\u3b0a\u3aea\u3aca\u3aaa\u3a8a\u3a6a\u3a4a\u3a2a\u3a0a\u39ea" - + "\u39ca\u39aa\u398a\u396a\u394a\u392a\u390a\u38ea\u38ca\u38aa\u388a" - + "\u386a\u384a\u382a\u380a\u37ea\u37ca\u37aa\u378a\u376a\u374a\u372a" - + "\u370a\u36ea\u36ca\u36aa\u368a\u366a\u364a\u362a\u360a\u35ea\u35ca" - + "\u35aa\u358a\u356a\u354a\u352a\u350a\u34ea\u34ca\u34aa\u348a\u346a" - + "\u344a\u342a\u340a\u33ea\u33ca\u33aa\u338a\u336a\u334a\u332a\u330a" - + "\u32ea\u32ca\u32aa\u328a\u326a\u324a\u322a\u320a\u31ea\u28f2\u2b68" - + "\u2b48\u3c2b\u3c0b\u3beb\u3bcb\u3bab\u3b8b\u3b6b\u3b4b\u3b2b\u3b0b" - + "\u3aeb\u3acb\u3aab\u3a8b\u3a6b\u3a4b\u3a2b\u3a0b\u39eb\u39cb\u39ab" - + "\u398b\u396b\u394b\u392b\u390b\u38eb\u38cb\u38ab\u388b\u386b\u384b" - + "\u382b\u380b\u37eb\u37cb\u37ab\u378b\u376b\u374b\u372b\u370b\u36eb" - + "\u36cb\u36ab\u368b\u366b\u364b\u362b\u360b\u35eb\u35cb\u35ab\u358b" - + "\u356b\u354b\u352b\u350b\u34eb\u34cb\u34ab\u348b\u346b\u344b\u344b" - + "\u342b\u340b\u33eb\u33cb\u33ab\u338b\u336b\u334b\u332b\u330b\u32eb" - + "\u32cb\u32ab\u328b\u326b\u324b\u322b\u320b\u31eb\u31cb\u31ab\u318b" - + "\u316b\u314b\u312b\u310b\u30eb\u30cb\u30ab\u308b\u306b\u304b\u302b" - + "\u300b\u2feb\u2fcb\u2fab\u2f8b\u2f6b\u2f4b\u2f2b\u2f0b\u2eeb\u2ecb" - + "\u2eab\u2e8b\u2e6b\u2e4b\u2e2b\u2e0b\u2deb\u2dcb\u2dab\u2d8b\u2d6b" - + "\u2d4b\u2d2b\u2d0b\u2ceb\u2ccb\u2cab\u2c8b\u2c6b\u2c4b\u2c2b\u2c0b" - + "\u2beb\u2bcb\u2bab\u2b8b\u2b6b\u2b4b\u2b2b\u2b0b\u2aeb\u2acb\u2aab" - + "\u2a8b\u2a6b\u2a4b\u2a2b\u2a0b\u29eb\u29cb\u29ab\u298b\u296b\u294b" - + "\u292b\u290b\u28eb\u28cb\u28ab\u288b\u286b\u284b\u282b\u280b\u27eb" - + "\u27cb\u27ab\u278b\u276b\u274b\u272b\u270b\u26eb\u26cb\u26ab\u268b" - + "\u266b\u264b\u262b\u260b\u25eb\u25cb\u25ab\u258b\u256b\u254b\u252b" - + "\u250b\u24eb\u24cb\u24ab\u248b\u246b\u244b\u242b\u240b\u23eb\u23cb" - + "\u23ab\u238b\u236b\u234b\u232b\u230b\u22eb\u22cb\u22ab\u228b\u226b" - + "\u224b\u222b\u220b\u21eb\u21cb\u21ab\u218b\u216b\u214b\u212b\u210b" - + "\u20eb\u20cb\u20ab\u208b\u206b\u204b\u202b\u200b\u1feb\u1fcb\u1fab" - + "\u1f8b\u1f6b\u1f4b\u1f2b\u1f0b\u1eeb\u1ecb\u1eab\u1e8b\u1e6b\u1e4b" - + "\u1e2b\u1e0b\u1deb\u1dcb\u1dab\u1d8b\u1d6b\u1d4b\u1d2b\u1d0b\u1ceb" - + "\u1ccb\u1cab\u1c8b\u1c6b\u1c4b\u1c2b\u1c0b\u1beb\u1bcb\u1bab\u1b8b" - + "\u1b6b\u106a\u104a\u102a\u100a\u0fea\u0fca\u0faa\u0f8a\u0f6a\u0668" - + "\u08e8\u08c8\u08a8\u0888\u0868\u0848\u07d7\u194b\u07b6\u0d1c\u0cfc" - + "\u0cb2\u0ca9\u0c9c\u0c7c\u0c5c\u0c3c\u0c1c\u0bfc\u0bdc\u0bbc\u0b9c" - + "\u0b7c\u0b5e\u0b2c\u0b1c\u0ab8\u0adc\u0a9c\u02c2\u0528\u166b\u1667" - + "\u03ff\u09fc\u09dc\u09bc\u0659\u0bb8\u15a7\u0fc6\u01c0\u01b1\u09cb" - + "\u082c\u1285"; + String[] BLOCKS = new String[]{ + "\017\0275\00744Z\uff90\uff9d\uff93\013" + + "\uffb5\013\004\034\025\027\007\ufff7\u00ad\u010d\uffc7" + + "\uffb7\uff7b\u0111\u0111\u00b7\u0101\uffdc\uff4a\uff37\ufef3\uff17" + + "\uff07\ufef5\uff79\u00dc2\u0141\005\uffe7\u013d\u0130\u0137" + + "\u0163\u0163\u0112\u0145\u0166\u0156\u0146\u0136\uff81\u0191\u0106" + + "\ufe84\u01ca\ufd3a\u01ba\ufd4b\u01aa\ufe74\ufd37\u014e\u01b3\ufcbb" + + "\ufcab\ufccc\ufcbc\u0173\ufcb7\ufca7\ufca8\ufc87\ufc77\ufc67\u0113" + + "\ufc47\ufc37\ufc42\ufc17\ufe0c\ufdfc\ufcd3\ufcc4\ufcbd\ufe0a\ufdfb" + + "\ufdf4\ufed5\ufec3\ufd17\ufd15\u008a\u007f\u00b5\ufdb1\u00dc\ufd6e" + + "\u00f9\u00cb\uffe3k\u00f9\ufd0f\ufcff\ufcef\ufcdf\ufccf\011" + + "\u00abi\ufffbX\ufc6f\ufd36\uffd6\ufbcc\ufbbc\ufbac\ufc0f" + + "\ufbff\uff70\ufff9\ufb5c\ufb4c\ufb3c\ufb2c\ufb1c\ufb0c\ufafc\ufaec" + + "\ufadc\ufacc\ufabc\ufaac\ufa9c\ufa8c\ufa7c\ufa6c\ufa5c\ufa4c\ufa3c" + + "\ufa2c\ufee1\ufb03\ufaf3\ufef3\ufcd4\uff0b\uff13\uf9ab\ufb8a\uf7fa" + + "\ufa69\ufbe5\ufb6e\uf90e\ufea9\ufeaf\ufb79\uf77a\uf9e9\uf8c7\ufdfc" + + "\uf760\ufb82\ufe3f\uf6e4\uf980\uf969\uf70e\ufbc6\uf764\ufda9\ufddd" + + "\ufa0a\uf67a\uf8e9\ufb48\uf68d\uf5ec\ufd91\uf6c3\uf7c4\uf75b\uf7af" + + "\uf75b\uf93b\ufade\ufb5b\ufd17\uf704\uf801\uf7e9\ufba4\ufcd7\uf72f" + + "\ufc91\uf6ac\ufb4b\uf781\uf769\ufc77\ufb71\uf99a\ufc11\uf62c\ufacb" + + "\uf701\uf6e9\ufa8f\ufbf7\uf95e\ufb91\uf5ac\ufbd4\uf3eb\uf673\uf7da" + + "\ufb87\uf832\uf53c\uf527\uf612\uf603\uf5f3\ufa8f\ufa9d\ufa29\uf4bc" + + "\uf4ac\uf2c7\uf6f4\uf678\ufab9\ufab9\uf9bf\uf43c\uf42c\ufa89\uf30a" + + "\uf6c8\uf6c4\uf4ca\uf4c3\uf89b\uf57d\uf967\uf4cd\uf4c6\uf4b9\uf264" + + "\uf34c\uf33c\uf32c\uf413\uf403\uf502\uf969\uf8b7\uf959\uf2bc\uf2ac" + + "\uf29c\uf28c\uf927\uf917\uf911\uf343\uf333\uf773\uf313\uf303\uf2f3" + + "\uf2e3\uf2d3\uf6ac\uf2b3\uf2a3\uf293\uf283\uf663\uf263\uf253\uf243" + + "\uf233\uf7f1\uf20b\uf203\uf1f3\uf1e3\uef2b\uef1b\uf1b3\uf1a3\ueeeb" + + "\uf183\uf163\ueec3\ueeb3\uf13b\uf123\uf123\uf103\uee63\uf0f3\uf0e3" + + "\uf0cb\uf4ab\uf2c3\uf3d9\uef9c\uef8c\uf073\uf063\uf053\uf043\uf033" + + "\uf5f6\uf012\uf003\ueff3\uefe3\uefd3\uefc3\uefb3\uefa3\uef93\uef83" + + "\uef73\uef63\uef53\uef43\uef33\uef23\uef13\uef03\ueef3\ueee3\ueed3" + + "\ueec3\ueeb3\ueea3\uee93\uee83\uee73\uee63\uee53\uee43\uee33\uee23" + + "\uee13\uee03\uedf3\uede3\uedd3\uedc3\ueb2d\uf374\uf176\uf156\ued73" + + "\ued63\ued53\ued43\uf279\uf307\ued05\uf2f7\uecf3\uf2e7\uecd3\uf2d7" + + "\ueca5\uf2c7\uec93\uec83\uec73\uf297\uee4c\uf292\ueb56\uf291\uf291" + + "\ueb26\uebf3\uebe3\uefda\uebc3\uebb3\uf173\ueb93\ueb83\uf201\uea6c" + + "\uea5c\uea4c\uea3c\uea2c\ueb13\ueee9\uf132\uec73\ue9f0\ueac3\uee98" + + "\uf076\ue99c\ue98c\ue97c\ue96c\ue95c\ue94c\uf0e4\uf0d4\ue91c\ue90c" + + "\ue8fc\ue8ec\ue8dc\ue8cc\ue8bc\ue8ac\ue89c\ue88c\ue87c\ue86c\ue85c" + + "\ue84c\ue83c\ue82c\ue81c\ue80c\ue7fc\ue7ec\ue7dc\ue7cc\ue7bc\ue7ac" + + "\ue79c\ue78c\ue77c\ue76c\ue75c\ue74c\ue73c\ue72c\ue71c\ue70c\ue6fc" + + "\ue6ec\ue6dc\ue6cc\ue6bc\ue6ac\ue69c\ue68c\ue67c\ue66c\ue65c\ue64c" + + "\ue63c\ue62c\ue6d0\ue6c0\ue6b4\ue6b0\ue6a0\ue690\uee5e\ue5ac\ue59c" + + "\ue58c\ue57c\ue56c\ue55c\ue54c\ue53c\ue52c\ue317\ue307\ue2f7\ue2e7" + + "\ue2d7\ue2c7\ue2b7\ue2a7\ue297\ue358\ue277\ue267\ue257\ue247\ue237" + + "\ue6e8\uecce\uecce\uecae\uec9e\uec9e\uec9e\uec6e\uec8e\uec8e\uec7e" + + "\uec6e\uec6e\ue483\uec5e\uec5e\ue165\uec4e\uec4e\ue07b\uec4d\ue053" + + "\udff6\ue71b\uec1d\uec1d\ue28c\uec0d\uec0b\ue25c\uebfb\ue607\ue22c" + + "\ue2bf\ue9a1\uea8e\ue889\uec17\ue56b\uec07\uec07\uec07\uea12\uebf7" + + "\ue914\ue906\ue8ef\ue8e4\ue8e0\ue967\ueb1b\ueb16\ue8d2\ueacf\uea9a" + + "\ue8b9\uea9c\ue8d2\ue8f5\uea66\uea63\uea30\ue87c\uea2e\uea1c\ueaa6" + + "\ue7b4\uea90\uea8b\uea81\uea71\uea61\ue10d\ue744\ue114\ue734\ue100" + + "\ue704\uea29\udf3c\udf2c\ue6c4\ue6b4\ue9d3\udeec\ue9af\udecc\ue9b1" + + "\ue99d\ue989\ue989\ue921\ue9aa\ue9a0\ue9a0\ue996\ue582\ue5c4\ue5b4" + + "\ue5a4\ue594\ue584\ue574\ue564\ue554\ue544\ue534\ue524\ue7ee\ue502" + + "\ue4f4\ue4e4\ue4dc\ue4c4\udea9\ue4a4\ue494\ue484\ue474\ue465\ue77c" + + "\ue444\ue768\ue758\udc6c\udc5c\udc4c\udc3c\udc2c\udd98\ue3b4\udd99" + + "\ue394\udd4a\ue744\udd61\udd5b\udd51\ue654\ue324\ue63b\udb5c\ue50b" + + "\ue6c4\ue2e4\ue2c4\ue2b4\ue2a4\ue294\ue284\ue274\ue264\ue254\ue244" + + "\ue234\ue224\ue214\ue204\ue1f4\ue1e4\ue1d4\ue1d4\ue1c4\ue1b4\ue1a4" + + "\ue194\ue184\ue174\ue164\ue16e\ue166\ue36c\ue1de\ue1af\ue37b\ue14f" + + "\ue0f0\ue0da\ue331\ue13d\ue149\ue094\ue147\ue2bd\ue0d9\ue28c\ue27c" + + "\ue081\ue25c\ue24c\ue03d\ue217\ue04c\ue2ec\ud80c\ud7fc\ud7ec\ud7dc" + + "\ud7cc\ud7bc\ud7ac\ud79c\ud78c\ud77c\ud76c\ud75c\ud74c\ud73c\ud72c" + + "\ud71c\ud70c\ud6fc\ud6ec\ud6dc\ud6cc\ud6bc\ud6ac\ud69c\ud68c\ud67c" + + "\ud66c\ud65c\ud64c\ud63c\ud62c\ud61c\ud60c\ud5fc\ud5ec\ud5dc\ud5cc" + + "\ud5bc\ud5ac\ud59c\ud58c\ud57c\ud56c\ud55c\ud54c\ud53c\ud52c\ud51c" + + "\ud50c\ud4fc\ud4ec\ud4dc\ud4cc\ud4bc\ud4ac\udc44\ud627\udc24\udc14" + + "\udc04\udbf4\udbe4\udf06\udbc4\udbb4\udba4\udb94\udb84\udb74\udb64" + + "\udb54\udb44\udb34\udb24\udb14\udb04\ude24\ud33c\uddfe\udeb4\udeb2" + + "\ud433\ude56\ud3d2\ud3c3\ud3b3\ud3a3\ud393\ud7bc\ud362\ud363\ud353" + + "\ud343\ud333\ud71b\ud706\ud303\ud6d9\ud2e2\ud2d3\ud2c3\ud2b3\ud2a3" + + "\ud283\ud2e7\ud273\ud833\ud15c\ud14c\ud13c\ud223\udbc1\udbb4\udc30" + + "\udb91\udc00\udc82\udb61\udb55\udbd0\udb31\udb21\udb24\udb65\udaf1" + + "\udae1\udb45\udac1\udab1\udaa1\uda91\uda81\uda71\uda61\udaba\uda41" + + "\uda31\uda21\uda11\uda01\ud9f3\ud9e1\ud9d2\ud013\ud003\ucff3\ucfe3" + + "\ucfd3\ucfc3\ucfb3\ucfa3\ucf93\ucf83\ucf73\ucf63\ucf53\ucf43\ucf33" + + "\ucf23\ucf13\ucf03\ucef3\ucee3\uced3\ucec3\uceb3\ucea3\uce93\uce83" + + "\uce73\uce63\uce53\uce43\uce33\uce23\uce13\uce03\ucdf3\ucde3\ucdd3" + + "\ucdc3\ucdb3\ucda3\ucd93\ucd83\ucd73\ucd63\ucd53\ucd43\ucd33\ucd23" + + "\ucd13\ucd03\uccf3\ucce3\uccd3\uccc3\uccb3\ucca3\ucc93\ucc83\ucc73" + + "\ucc63\ucc53\ucc43\ucc33\ucc23\ucc13\ucc03\ucbf3\ucbe3\ucbd3\ucbc3" + + "\ucbb3\ucba3\ucb93\ucb83\ucb73\ucb63\ucb53\ucb43\ucb33\ucb23\ucb13" + + "\ucb03\ucaf3\ucae3\ucad3\ucac3\ucab3\ucaa3\uca93\uca83\uca73\uca63" + + "\uca53\uca43\uca33\uca23\uca13\uca03\uc9f3\uc9e3\uc9d3\uc9c3\uc9b3" + + "\uc9a3\uc993\uc983\uc973\uc963\uc953\uc943\uc933\uc923\uc913\uc903" + + "\uc8f3\uc8e3\uc8d3\uc8c3\uc8b3\uc8a3\uc893\uc883\uc873\uc863\uc853" + + "\uc843\uc833\uc823\uc813\uc803\uc7f3\uc7e3\uc7d3\uc7c3\uc7b3\uc7a3" + + "\uc793\uc783\uc773\uc763\uc753\uc743\uc733\uc723\uc713\uc703\uc6f3" + + "\uc6e3\uc6d3\uc6c3\uc6b3\uc6a3\uc693\uc683\uc673\uc663\uc653\uc643" + + "\uc633\uc623\uc613\uc603\uc5f3\uc5e3\uc5d3\uc5c3\uc5b3\uc5a3\uc593" + + "\uc583\uc573\uc563\uc553\uc543\uc533\uc523\uc513\uc503\uc4f3\uc4e3" + + "\uc4d3\uc4c3\uc4b3\uc4a3\uc493\uc483\uc473\uc463\uc453\uc443\uc433" + + "\uc423\uc413\uc403\uc3f3\uc3e3\uc3d3\uc3c3\uc3b3\uc3a3\uc393\uc383" + + "\uc373\uc363\uc353\uc343\uc333\uc323\uc313\uc303\uc2f3\uc2e3\uc2d3" + + "\uc2c3\uc2b3\uc2a3\uc293\uc283\uc273\uc263\uc253\uc243\uc233\uc223" + + "\uc213\uc203\uc1f3\uc1e3\uc1d3\uc1c3\uc1b3\uc1a3\uc193\uc183\uc173" + + "\uc163\uc153\uc143\uc133\uc123\uc113\uc103\uc0f3\uc0e3\uc0d3\uc0c3" + + "\uc0b3\uc0a3\uc093\uc083\uc073\uc063\uc053\uc043\uc033\uc023\uc013" + + "\uc003\ubff3\ubfe3\ubfd3\ubfc3\ubfb3\ubfa3\ubf93\ubf83\ubf73\ubf63" + + "\ubf53\ubf43\ubf33\ubf23\ubf13\ubf03\ubef3\ubee3\ubed3\ubec3\ubeb3" + + "\ubea3\ube93\ube83\ube73\ube63\ube53\ube43\ube33\ube23\ube13\ube03" + + "\ubdf3\ubde3\ubdd3\ubdc3\ubdb3\ubda3\ubd93\ubd83\ubd73\ubd63\ubd53" + + "\ubd43\ubd33\ubd23\ubd13\ubd03\ubcf3\ubce3\ubcd3\ubcc3\ubcb3\ubca3" + + "\ubc93\ubc83\ubc73\ubc63\ubc53\ubc43\ubc33\ubc23\ubc13\ubc03\ubbf3" + + "\ubbe3\ubbd3\ubbc3\ubbb3\ubba3\ubb93\ubb83\ubb73\ubb63\ubb53\ubb43" + + "\ubb33\ubb23\ubb13\ubb03\ubaf3\ubae3\ubad3\ubac3\ubab3\ubaa3\uba93" + + "\uba83\uba73\uba63\uba53\uba43\uba33\uba23\uba13\uba03\ub9f3\ub9e3" + + "\ub9d3\ub9c3\ub9b3\ub9a3\ub993\ub983\ub973\ub963\ub953\ub943\ub933" + + "\ub923\ub913\ub903\ub8f3\ub8e3\ub8d3\ub8c3\ub8b3\ub8a3\ub893\ub883" + + "\ub873\ub863\ub853\ub843\ub833\ub823\ub813\ub803\ub7f3\ub7e3\ub7d3" + + "\ub7c3\ub7b3\ub7a3\ub793\ub783\ub773\ub763\ub753\ub743\ub733\ub723" + + "\ub713\ub703\ub6f3\ub6e3\ub6d3\ub6c3\ub6b3\ub6a3\ub693\ub683\ub673" + + "\ubc35\ubd04\ubcf4\ubce4\ubcd4\ub613\ub603\ub5f3\ub5e3\ub5d3\ub5c3" + + "\ub5b3\ub5a3\ub593\ub583\ub573\ub563\ub553\ub543\ub533\ub523\ub513" + + "\ub503\ub4f3\ub4e3\ub4d3\ub4c3\ub4b3\ub4a3\ub493\ub483\ub473\ub463" + + "\ub453\ub443\ub433\ub423\ub413\ub403\ub3f3\ub3e3\ub3d3\ub3c3\ub3b3" + + "\ub3a3\ub393\ub383\ub373\ub363\ub353\ub343\ub333\ub323\ub313\ub303" + + "\ub2f3\ub2e3\ub2d3\ub2c3\ub2b3\ub2a3\ub293\ub283\ub273\ub263\ub253" + + "\ub243\ub233\ub223\ub213\ub203\ub1f3\ub1e3\ub1d3\ub1c3\ub1b3\ub1a3" + + "\ub193\ub183\ub173\ub163\ub153\ub143\ub133\ub123\ub113\ub103\ub0f3" + + "\ub0e3\ub0d3\ub0c3\ub0b3\ub0a3\ub093\ub083\ub073\ub063\ub053\ub043" + + "\ub033\ub023\ub013\ub003\uaff3\uafe3\uafd3\uafc3\uafb3\uafa3\uaf93" + + "\uaf83\uaf73\uaf63\uaf53\uaf43\uaf33\uaf23\uaf13\uaf03\uaef3\uaee3" + + "\uaed3\uaec3\uaeb3\uaea3\uae93\uae83\uae73\uae63\uae53\uae43\uae33" + + "\uae23\uae13\uae03\uadf3\uade3\uadd3\uadc3\uadb3\uada3\uad93\uad83" + + "\uad73\uad63\uad53\uad43\uad33\uad23\uad13\uad03\uacf3\uace3\uacd3" + + "\uacc3\uacb3\uaca3\uac93\uac83\uac73\uac63\uac53\uac43\uac33\uac23" + + "\uac13\uac03\uabf3\uabe3\uabd3\uabc3\uabb3\uaba3\uab93\uab83\uab73" + + "\uab63\uab53\uab43\uab33\uab23\uab13\uab03\uaaf3\uaae3\uaad3\uaac3" + + "\uaab3\uaaa3\uaa93\uaa83\uaa73\uaa63\uaa53\uaa43\uaa33\uaa23\uaa13" + + "\uaa03\ua9f3\ua9e3\ua9d3\ua9c3\ua9b3\ua9a3\ua993\ua983\ua973\ua963" + + "\ua953\ua943\ua933\ua923\ua913\ua903\ua8f3\ua8e3\ua8d3\ua8c3\ua8b3" + + "\ua8a3\ua893\ua883\ua873\ua863\ua853\ua843\ua833\ua823\ua813\ua803" + + "\ua7f3\ua7e3\ua7d3\ua7c3\ua7b3\ua7a3\ua793\ua783\ua773\ua763\ua753" + + "\ua743\ua733\ua723\ua713\ua703\ua6f3\ua6e3\ua6d3\ua6c3\ua6b3\ua6a3" + + "\ua693\ua683\ua673\ua663\ua653\ua643\ua633\ua623\ua613\ua603\ua5f3" + + "\ua5e3\ua5d3\ua5c3\ua5b3\ua5a3\ua593\ua583\ua573\ua563\ua553\ua543" + + "\ua533\ua523\ua513\ua503\ua4f3\ua4e3\ua4d3\ua4c3\ua4b3\ua4a3\ua493" + + "\ua483\ua473\ua463\ua453\ua443\ua433\ua423\ua413\ua403\ua3f3\ua3e3" + + "\ua3d3\ua3c3\ua3b3\ua3a3\ua393\ua383\ua373\ua363\ua353\ua343\ua333" + + "\ua323\ua313\ua303\ua2f3\ua2e3\ua2d3\ua2c3\ua2b3\ua2a3\ua293\ua283" + + "\ua273\ua263\ua253\ua243\ua233\ua223\ua213\ua203\ua1f3\ua1e3\ua1d3" + + "\ua1c3\ua1b3\ua1a3\ua193\ua183\ua173\ua163\ua153\ua143\ua133\ua123" + + "\ua113\ua103\ua0f3\ua0e3\ua0d3\ua0c3\ua0b3\ua0a3\ua093\ua083\ua073" + + "\ua063\ua053\ua043\ua033\ua023\ua013\ua003\u9ff3\u9fe3\u9fd3\u9fc3" + + "\u9fb3\u9fa3\u9f93\u9f83\u9f73\u9f63\u9f53\u9f43\u9f33\u9f23\u9f13" + + "\u9f03\u9ef3\u9ee3\u9ed3\u9ec3\u9eb3\u9ea3\u9e93\u9e83\u9e73\u9e63" + + "\u9e53\u9e43\u9e33\u9e23\u9e13\u9e03\u9df3\u9de3\u9dd3\u9dc3\u9db3" + + "\u9da3\u9d93\u9d83\u9d73\u9d63\u9d53\u9d43\u9d33\u9d23\u9d13\u9d03" + + "\u9cf3\u9ce3\u9cd3\u9cc3\u9cb3\u9ca3\u9c93\u9c83\u9c73\u9c63\u9c53" + + "\u9c43\u9c33\u9c23\u9c13\u9c03\u9bf3\u9be3\u9bd3\u9bc3\u9bb3\u9ba3" + + "\u9b93\u9b83\u9b73\u9b63\u9b53\u9b43\u9b33\u9b23\u9b13\u9b03\u9af3" + + "\u9ae3\u9ad3\u9ac3\u9ab3\u9aa3\u9a93\u9a83\u9a73\u9a63\u9a53\u9a43" + + "\u9a33\u9a23\u9a13\u9a03\u99f3\u99e3\u99d3\u99c3\u99b3\u99a3\u9993" + + "\u9983\u9973\u9963\u9953\u9943\u9933\u9923\u9913\u9903\u98f3\u98e3" + + "\u98d3\u98c3\u98b3\u98a3\u9893\u9883\u9873\u9863\u9853\u9843\u9833" + + "\u9823\u9813\u9803\u97f3\u97e3\u97d3\u97c3\u97b3\u97a3\u9793\u9783" + + "\u9773\u9763\u9753\u9743\u9733\u9723\u9713\u9703\u96f3\u96e3\u96d3" + + "\u96c3\u96b3\u96a3\u9693\u9683\u9673\u9663\u9653\u9643\u9633\u9623" + + "\u9613\u9603\u95f3\u95e3\u95d3\u95c3\u95b3\u95a3\u9593\u9583\u9573" + + "\u9563\u9553\u9543\u9533\u9523\u9513\u9503\u94f3\u94e3\u94d3\u94c3" + + "\u94b3\u94a3\u9493\u9483\u9473\u9463\u9453\u9443\u9433\u9423\u9413" + + "\u9403\u93f3\u93e3\u93d3\u93c3\u93b3\u93a3\u9393\u9383\u9373\u9363" + + "\u9353\u9343\u9333\u9323\u9313\u9303\u92f3\u92e3\u92d3\u92c3\u92b3" + + "\u92a3\u9293\u9283\u9273\u9263\u9253\u9243\u9233\u9223\u9213\u9203" + + "\u91f3\u91e3\u91d3\u91c3\u91b3\u91a3\u9193\u9183\u9173\u9163\u9153" + + "\u9143\u9133\u9123\u9113\u9103\u90f3\u90e3\u90d3\u90c3\u90b3\u90a3" + + "\u9093\u9083\u9073\u9063\u9053\u9043\u9033\u9023\u9013\u9003\u8ff3" + + "\u8fe3\u8fd3\u8fc3\u8fb3\u8fa3\u8f93\u8f83\u8f73\u8f63\u8f53\u8f43" + + "\u8f33\u8f23\u8f13\u8f03\u8ef3\u8ee3\u8ed3\u8ec3\u8eb3\u8ea3\u8e93" + + "\u8e83\u8e73\u8e63\u8e53\u8e43\u8e33\u8e23\u8e13\u8e03\u8df3\u8de3" + + "\u8dd3\u8dc3\u8db3\u8da3\u8d93\u8d83\u8d73\u8d63\u8d53\u8d43\u8d33" + + "\u8d23\u8d13\u8d03\u8cf3\u8ce3\u8cd3\u8cc3\u8cb3\u8ca3\u8c93\u8c83" + + "\u8c73\u8c63\u8c53\u8c43\u8c33\u8c23\u8c13\u8c03\u8bf3\u8be3\u8bd3" + + "\u8bc3\u8bb3\u8ba3\u8b93\u8b83\u8b73\u8b63\u8b53\u8b43\u8b33\u8b23" + + "\u8b13\u8b03\u8af3\u8ae3\u8ad3\u8ac3\u8ab3\u8aa3\u8a93\u8a83\u8a73" + + "\u8a63\u8a53\u8a43\u8a33\u8a23\u8a13\u8a03\u89f3\u89e3\u89d3\u89c3" + + "\u89b3\u89a3\u8993\u8983\u8973\u8963\u8953\u8943\u8933\u8923\u8913" + + "\u8903\u88f3\u88e3\u88d3\u88c3\u88b3\u88a3\u8893\u8883\u8873\u8863" + + "\u8853\u8843\u8833\u8823\u8813\u8803\u87f3\u87e3\u87d3\u87c3\u87b3" + + "\u87a3\u8793\u8783\u8773\u8763\u8753\u8743\u8733\u8723\u8713\u8703" + + "\u86f3\u86e3\u86d3\u86c3\u86b3\u86a3\u8693\u8683\u8673\u8663\u8653" + + "\u8643\u8633\u8623\u8613\u8603\u85f3\u85e3\u85d3\u85c3\u85b3\u85a3" + + "\u8593\u8583\u8573\u8563\u8553\u8543\u8533\u8523\u8513\u8503\u84f3" + + "\u84e3\u84d3\u84c3\u84b3\u84a3\u8493\u8483\u8473\u8463\u8453\u8443" + + "\u8433\u8423\u8413\u8403\u83f3\u83e3\u83d3\u83c3\u83b3\u83a3\u8393" + + "\u8383\u8373\u8363\u8353\u8343\u8333\u8323\u8313\u8303\u82f3\u82e3" + + "\u82d3\u82c3\u82b3\u82a3\u8293\u8283\u8273\u8263\u8253\u8243\u8233" + + "\u8223\u8213\u8203\u81f3\u81e3\u81d3\u81c3\u81b3\u81a3\u8193\u8183" + + "\u8173\u8163\u8153\u8143\u8133\u8123\u8113\u8103\u80f3\u80e3\u80d3" + + "\u80c3\u80b3\u80a3\u8093\u8083\u8073\u8063\u8053\u8043\u8033\u8023" + + "\u8013\u8003\u7ff3\u7fe3\u7fd3\u7fc3\u7fb3\u7fa3\u7f93\u7f83\u7f73" + + "\u7f63\u7f53\u7f43\u7f33\u7f23\u7f13\u7f03\u7ef3\u7ee3\u7ed3\u7ec3" + + "\u7eb3\u7ea3\u7e93\u7e83\u7e73\u7e63\u7e53\u7e43\u7e33\u7e23\u7e13" + + "\u7e03\u7df3\u7de3\u7dd3\u7dc3\u7db3\u7da3\u7d93\u7d83\u7d73\u7d63" + + "\u7d53\u7d43\u7d33\u7d23\u7d13\u7d03\u7cf3\u7ce3\u7cd3\u7cc3\u7cb3" + + "\u7ca3\u7c93\u7c83\u7c73\u7c63\u7c53\u7c43\u7c33\u7c23\u7c13\u7c03" + + "\u7bf3\u7be3\u7bd3\u7bc3\u7bb3\u7ba3\u7b93\u7b83\u7b73\u7b63\u7b53" + + "\u7b43\u7b33\u7b23\u7b13\u7b03\u7af3\u7ae3\u7ad3\u7ac3\u7ab3\u7aa3" + + "\u7a93\u7a83\u7a73\u7a63\u7a53\u7a43\u7a33\u7a23\u7a13\u7a03\u79f3" + + "\u79e3\u79d3\u79c3\u79b3\u79a3\u7993\u7983\u7973\u7963\u7953\u7943" + + "\u7933\u7923\u7913\u7903\u78f3\u78e3\u78d3\u78c3\u78b3\u78a3\u7893" + + "\u7883\u7873\u7863\u7853\u7843\u7833\u7823\u7813\u7803\u77f3\u77e3" + + "\u77d3\u77c3\u77b3\u77a3\u7793\u7783\u7773\u7763\u7753\u7743\u7733" + + "\u7723\u7713\u7703\u76f3\u76e3\u76d3\u76c3\u76b3\u76a3\u7693\u7683" + + "\u7673\u7663\u7653\u7643\u7633\u7623\u7613\u7603\u75f3\u75e3\u75d3" + + "\u75c3\u75b3\u75a3\u7593\u7583\u7573\u7563\u7553\u7543\u7533\u7523" + + "\u7513\u7503\u74f3\u74e3\u74d3\u74c3\u74b3\u74a3\u7493\u7483\u7473" + + "\u7463\u7453\u7443\u7433\u7423\u7413\u7403\u73f3\u73e3\u73d3\u73c3" + + "\u73b3\u73a3\u7393\u7383\u7373\u7363\u7353\u7343\u7333\u7323\u7313" + + "\u7303\u72f3\u72e3\u72d3\u72c3\u72b3\u72a3\u7293\u7283\u7273\u7263" + + "\u7253\u7243\u7233\u7223\u7213\u7203\u71f3\u71e3\u71d3\u71c3\u71b3" + + "\u71a3\u7193\u7183\u7173\u7163\u7153\u7143\u7133\u7123\u7113\u7103" + + "\u70f3\u70e3\u70d3\u70c3\u70b3\u70a3\u7093\u7083\u7073\u7063\u7053" + + "\u7043\u7033\u7023\u7013\u7003\u6ff3\u6fe3\u6fd3\u6fc3\u6fb3\u6fa3" + + "\u6f93\u6f83\u6f73\u6f63\u6f53\u6f43\u6f33\u6f23\u6f13\u6f03\u6ef3" + + "\u6ee3\u6ed3\u6ec3\u6eb3\u6ea3\u6e93\u6e83\u6e73\u6e63\u6e53\u6e43" + + "\u6e33\u6e23\u6e13\u6e03\u6df3\u6de3\u6dd3\u6dc3\u6db3\u6da3\u6d93" + + "\u6d83\u6d73\u6d63\u6d53\u6d43\u6d33\u6d23\u6d13\u6d03\u6cf3\u6ce3" + + "\u6cd3\u6cc3\u6cb3\u6ca3\u6c93\u6c83\u6c73\u6c63\u6c53\u6c43\u6c33" + + "\u6c23\u6c13\u6c03\u6bf3\u6be3\u6bd3\u6bc3\u6bb3\u6ba3\u6b93\u6b83" + + "\u6b73\u6b63\u6b53\u6b43\u6b33\u6b23\u6b13\u6b03\u6af3\u6ae3\u6ad3" + + "\u6ac3\u6ab3\u6aa3\u6a93\u6a83\u6a73\u6a63\u6a53\u6a43\u6a33\u6a23" + + "\u6a13\u6a03\u69f3\u69e3\u69d3\u69c3\u69b3\u69a3\u6993\u6983\u6973" + + "\u6963\u6953\u6943\u6933\u6923\u6913\u6903\u68f3\u68e3\u68d3\u68c3" + + "\u68b3\u68a3\u6893\u6883\u6873\u6863\u6853\u6843\u6833\u6823\u6813" + + "\u6803\u67f3\u67e3\u67d3\u67c3\u67b3\u67a3\u6793\u6783\u6773\u6763" + + "\u6753\u6743\u6733\u6723\u6713\u6703\u66f3\u66e3\u66d3\u66c3\u66b3" + + "\u66a3\u6693\u6683\u6673\u6663\u6653\u6643\u6633\u6623\u6613\u6603" + + "\u65f3\u65e3\u65d3\u65c3\u65b3\u65a3\u6593\u6583\u6573\u6563\u6553" + + "\u6543\u6533\u6523\u6513\u6503\u64f3\u64e3\u64d3\u64c3\u64b3\u64a3" + + "\u6493\u6483\u6a45\u636c\u635c\u634c\u633c\u632c\u6413\u6403\u63f3" + + "\u63e3\u63d3\u63c3\u63b3\u63a3\u6393\u6383\u6373\u6363\u6353\u6343" + + "\u6333\u6323\u6313\u6303\u62f3\u62e3\u62d3\u62c3\u62b3\u62a3\u6293" + + "\u6283\u6273\u6263\u6253\u6243\u6233\u6223\u6213\u6203\u61f3\u61e3" + + "\u61d3\u61c3\u61b3\u61a3\u6193\u6183\u6173\u6163\u6153\u6143\u6133" + + "\u6123\u6113\u6103\u60f3\u60e3\u60d3\u60c3\u60b3\u60a3\u6093\u6083" + + "\u6073\u6063\u6053\u6043\u6033\u6023\u6013\u6003\u5ff3\u5fe3\u5fd3" + + "\u5fc3\u5fb3\u5fa3\u6379\u6634\u6624\u6614\u6933\u5e4c\u5e3c\u5e2c" + + "\u5e1c\u5e0c\u5dfc\u5dec\u5ddc\u5dcc\u5dbc\u5dac\u5d9c\u5d8c\u5d7c" + + "\u5d6c\u5d5c\u5d4c\u5d3c\u5d2c\u5d1c\u5d0c\u5cfc\u5cec\u5cdc\u5ccc" + + "\u5cbc\u5cac\u5c9c\u5c8c\u5c7c\u5c6c\u5c5c\u5c4c\u5c3c\u5c2c\u5c1c" + + "\u5c0c\u5bfc\u5bec\u5bdc\u5bcc\u5bbc\u5bac\u5b9c\u5b8c\u5b7c\u5b6c" + + "\u5b5c\u5b4c\u5b3c\u5b2c\u5b1c\u5b0c\u5afc\u5aec\u5adc\u5acc\u5abc" + + "\u5aac\u5a9c\u5a8c\u5a7c\u5a6c\u5a5c\u5a4c\u5a3c\u5a2c\u5a1c\u5a0c" + + "\u59fc\u59ec\u59dc\u59cc\u59bc\u59ac\u599c\u598c\u597c\u596c\u595c" + + "\u594c\u593c\u592c\u591c\u590c\u58fc\u58ec\u58dc\u58cc\u58bc\u58ac" + + "\u589c\u588c\u587c\u586c\u585c\u584c\u583c\u582c\u581c\u580c\u57fc" + + "\u57ec\u57dc\u57cc\u57bc\u57ac\u579c\u578c\u577c\u576c\u575c\u574c" + + "\u573c\u572c\u5813\u5803\u57f3\u57e3\u57d3\u57c3\u57b3\u57a3\u5793" + + "\u5783\u5773\u5763\u5753\u5743\u5733\u5723\u5713\u5703\u56f3\u56e3" + + "\u56d3\u56c3\u56b3\u56a3\u5693\u5683\u5673\u5663\u5653\u5643\u5633" + + "\u5623\u5613\u5603\u55f3\u55e3\u55d3\u55c3\u55b3\u55a3\u5593\u5583" + + "\u5573\u5563\u5553\u5543\u5533\u5523\u5513\u5503\u54f3\u54e3\u54d3" + + "\u54c3\u54b3\u54a3\u5493\u5483\u5473\u5463\u5453\u5443\u5433\u5423" + + "\u5413\u5403\u53f3\u53e3\u53d3\u53c3\u53b3\u53a3\u5393\u5383\u5373" + + "\u5363\u5353\u5343\u5333\u5323\u5313\u5303\u52f3\u52e3\u52d3\u52c3" + + "\u52b3\u52a3\u5293\u5283\u5273\u5263\u5253\u5243\u5233\u5223\u5213" + + "\u5203\u51f3\u51e3\u51d3\u51c3\u51b3\u51a3\u5193\u5183\u5173\u5163" + + "\u5153\u5143\u5133\u5123\u5113\u5103\u50f3\u50e3\u50d3\u50c3\u50b3" + + "\u50a3\u5093\u5083\u5073\u5063\u5053\u5043\u5033\u5023\u5013\u5003" + + "\u4ff3\u4fe3\u4fd3\u4fc3\u4fb3\u4fa3\u4f93\u4f83\u4f73\u4f63\u4f53" + + "\u4f43\u4f33\u4f23\u4f13\u4f03\u4ef3\u4ee3\u4ed3\u4ec3\u4eb3\u4ea3" + + "\u4e93\u4e83\u4e73\u4e63\u4e53\u4e43\u4e33\u4e23\u4e13\u4e03\u4df3" + + "\u4de3\u4dd3\u4dc3\u4db3\u4da3\u4d93\u4d83\u4d73\u4d63\u4d53\u4d43" + + "\u4d33\u4d23\u4d13\u4d03\u4cf3\u4ce3\u4cd3\u4cc3\u4cb3\u4ca3\u4c93" + + "\u4c83\u4c73\u4c63\u4c53\u4c43\u4c33\u4c23\u4c13\u4c03\u4bf3\u4be3" + + "\u4bd3\u4bc3\u4bb3\u4ba3\u4b93\u4b83\u4b73\u4b63\u4b53\u4b43\u4b33" + + "\u4b23\u4b13\u4b03\u4af3\u4ae3\u4ad3\u4ac3\u4ab3\u4aa3\u4a93\u4a83" + + "\u4a73\u4a63\u4a53\u4a43\u4a33\u4a23\u4a13\u4a03\u49f3\u49e3\u49d3" + + "\u49c3\u49b3\u49a3\u4993\u4983\u4973\u4963\u4953\u4943\u4933\u4923" + + "\u4913\u4903\u48f3\u48e3\u48d3\u48c3\u48b3\u48a3\u4893\u4883\u4873" + + "\u4863\u4853\u4843\u4833\u4823\u4813\u4803\u47f3\u47e3\u47d3\u47c3" + + "\u47b3\u47a3\u4793\u4783\u4773\u4763\u4753\u4743\u4733\u4723\u4713" + + "\u4703\u46f3\u46e3\u46d3\u46c3\u46b3\u46a3\u4693\u4683\u4673\u4663" + + "\u4653\u4643\u4633\u4623\u4613\u4603\u45f3\u45e3\u45d3\u45c3\u45b3" + + "\u45a3\u4593\u4583\u4573\u4563\u4553\u4543\u4533\u4523\u4513\u4503" + + "\u44f3\u44e3\u44d3\u44c3\u44b3\u44a3\u4493\u4483\u4473\u4463\u4453" + + "\u4443\u4433\u4423\u4413\u4403\u43f3\u43e3\u43d3\u43c3\u43b3\u43a3" + + "\u4393\u4383\u4373\u4363\u4353\u4343\u4333\u4323\u4313\u4303\u42f3" + + "\u42e3\u42d3\u42c3\u42b3\u42a3\u4293\u4283\u4273\u4263\u4253\u4243" + + "\u4233\u4223\u4213\u4203\u41f3\u41e3\u41d3\u41c3\u41b3\u41a3\u4193" + + "\u4183\u4173\u4163\u4153\u4143\u4133\u4123\u4113\u4103\u40f3\u40e3" + + "\u40d3\u40c3\u40b3\u40a3\u4093\u4083\u4073\u4063\u4053\u4043\u4033" + + "\u4023\u4013\u4003\u3ff3\u3fe3\u3fd3\u3fc3\u3fb3\u3fa3\u3f93\u3f83" + + "\u3f73\u3f63\u3f53\u3f43\u3f33\u3f23\u3f13\u3f03\u3ef3\u3ee3\u3ed3" + + "\u3ec3\u3eb3\u3ea3\u3e93\u3e83\u3e73\u3e63\u3e53\u3e43\u3e33\u3e23" + + "\u3e13\u3e03\u3df3\u3de3\u3dd3\u3dc3\u3db3\u3da3\u3d93\u3d83\u3d73" + + "\u3d63\u3d53\u3d43\u3d33\u3d23\u3d13\u3d03\u3cf3\u3ce3\u3cd3\u3cc3" + + "\u3cb3\u3ca3\u3c93\u3c83\u3c73\u3c63\u3c53\u3c43\u3c33\u3c23\u3c13" + + "\u3c03\u3bf3\u3be3\u3bd3\u3bc3\u3bb3\u3ba3\u3b93\u3b83\u3b73\u3b63" + + "\u3b53\u3b43\u3b33\u3b23\u3b13\u3b03\u3af3\u3ae3\u3ad3\u3ac3\u3ab3" + + "\u3aa3\u3a93\u3a83\u3a73\u3a63\u3a53\u3a43\u3a33\u3a23\u3a13\u3a03" + + "\u39f3\u39e3\u39d3\u39c3\u39b3\u39a3\u3993\u3983\u3973\u3963\u3953" + + "\u3943\u3933\u3923\u3913\u3903\u38f3\u38e3\u38d3\u38c3\u38b3\u38a3" + + "\u3893\u3883\u3873\u3863\u3853\u3843\u3833\u3823\u3813\u3803\u37f3" + + "\u37e3\u37d3\u37c3\u37b3\u37a3\u3793\u3783\u3773\u3763\u3753\u3743" + + "\u3733\u3723\u3713\u3703\u36f3\u36e3\u36d3\u36c3\u36b3\u36a3\u3693" + + "\u3683\u3673\u3663\u3653\u3643\u3633\u3623\u3613\u3603\u35f3\u35e3" + + "\u35d3\u35c3\u35b3\u35a3\u3593\u3583\u3573\u3563\u3553\u3543\u3533" + + "\u3523\u3513\u3503\u34f3\u34e3\u34d3\u34c3\u34b3\u34a3\u3493\u3483" + + "\u3473\u3463\u3453\u3443\u3433\u3423\u3413\u3403\u33f3\u33e3\u33d3" + + "\u33c3\u33b3\u33a3\u3393\u3383\u3373\u3363\u3353\u3343\u3333\u3323" + + "\u3313\u3303\u32f3\u32e3\u32d3\u32c3\u32b3\u32a3\u3293\u3283\u3273" + + "\u3263\u3253\u3243\u3233\u3223\u3213\u3203\u31f3\u31e3\u31d3\u31c3" + + "\u31b3\u31a3\u3193\u3183\u3173\u3163\u3153\u3143\u3133\u3123\u3113" + + "\u3103\u30f3\u30e3\u30d3\u30c3\u30b3\u30a3\u3093\u3083\u3073\u3063" + + "\u3053\u3043\u3033\u3023\u3013\u3003\u2ff3\u2fe3\u2fd3\u2fc3\u2fb3" + + "\u2fa3\u2f93\u2f83\u2f73\u2f63\u2f53\u2f43\u2f33\u2f23\u2f13\u2f03" + + "\u2ef3\u2ee3\u2ed3\u2ec3\u2eb3\u2ea3\u2e93\u2e83\u2e73\u2e63\u2e53" + + "\u2e43\u2e33\u2e23\u2e13\u2e03\u2df3\u2de3\u2dd3\u2dc3\u2db3\u2da3" + + "\u2d93\u2d83\u2d73\u2d63\u2d53\u2d43\u2d33\u2d23\u2d13\u2d03\u2cf3" + + "\u2ce3\u2cd3\u2cc3\u2cb3\u2ca3\u2c93\u2c83\u3247\u2b6c\u2b5c\u2b4c" + + "\u2b3c\u2b2c\u36e2\u36d2\u36c2\u36b2\u36a2\u3692\u3682\u3672\u3662" + + "\u3652\u3642\u3632\u3622\u3612\u3602\u35f2\u35e2\u35d2\u35c2\u35b2" + + "\u35a2\u3592\u3582\u3572\u3562\u3552\u3542\u3532\u3522\u3512\u3502" + + "\u34f2\u34e2\u34d2\u34c2\u34b2\u34a2\u3492\u3482\u3472\u3462\u3452" + + "\u3442\u3432\u3422\u3412\u3402\u33f2\u33e2\u33d2\u33c2\u33b2\u33a2" + + "\u3392\u3382\u3372\u3362\u3352\u3342\u3332\u3322\u3312\u3302\u32f2" + + "\u32e2\u32d2\u32c2\u32b2\u32a2\u3292\u3282\u3272\u3262\u3252\u3242" + + "\u3232\u3222\u3212\u3202\u31f2\u31e2\u31d2\u31c2\u31b2\u31a2\u3192" + + "\u3182\u3172\u3162\u3152\u3142\u3132\u3122\u3112\u3102\u30f2\u30e2" + + "\u30d2\u30c2\u30b2\u30a2\u3092\u3082\u3072\u3062\u3052\u3042\u3032" + + "\u3022\u3012\u3002\u2ff2\u2fe2\u2fd2\u2fc2\u2fb2\u2fa2\u2f92\u2f82" + + "\u2f72\u2f62\u2f52\u2f42\u2f32\u2f22\u2f12\u2f02\u2ef2\u2ef2\u2ee2" + + "\u2ed2\u2ec2\u2eb2\u2ea2\u2e92\u2e82\u2e72\u2e62\u2e52\u2e42\u2e32" + + "\u2e22\u2e12\u2e02\u2df2\u2de2\u2dd2\u2dc2\u2db2\u2da2\u2d92\u2d82" + + "\u2d72\u2d62\u2d52\u2d42\u2d32\u2d22\u2d12\u2d02\u2cf2\u2ce2\u2cd2" + + "\u2cc2\u2cb2\u2ca2\u2c92\u2c82\u2c72\u2c62\u2c52\u2c42\u2c32\u2c22" + + "\u2c12\u2c02\u2bf2\u2be2\u2bd2\u2bc2\u2bb2\u2ba2\u2b92\u2b82\u2b72" + + "\u2b62\u2b52\u2b42\u2b32\u2b22\u2b12\u2b02\u2af2\u2ae2\u2ad2\u2ac2" + + "\u2ab2\u2aa2\u2a92\u2a82\u2a72\u2a62\u2a52\u2a42\u2a32\u2a22\u2a12" + + "\u2a02\u29f2\u29e2\u29d2\u29c2\u29b2\u29a2\u2992\u2982\u2972\u2962" + + "\u2952\u2942\u2932\u2922\u2912\u2902\u28f2\u28e2\u28d2\u28c2\u28b2" + + "\u28a2\u2892\u2882\u2872\u2862\u2852\u2842\u2832\u2822\u2812\u2802" + + "\u27f2\u27e2\u27d2\u27c2\u27b2\u27a2\u2792\u2782\u2772\u2762\u2752" + + "\u2742\u2732\u2722\u2712\u2702\u26f2\u26e2\u26d2\u26c2\u26b2\u26a2" + + "\u2692\u2682\u2672\u2662\u2652\u2642\u2632\u2622\u2612\u2602\u25f2" + + "\u25e2\u25d2\u25c2\u25b2\u25a2\u2592\u2582\u2572\u2562\u2552\u2542" + + "\u2532\u2522\u2512\u2502\u24f2\u24e2\u24d2\u24c2\u24b2\u24a2\u2492" + + "\u2482\u2472\u2462\u2452\u2442\u2432\u2422\u2412\u2402\u23f2\u23e2" + + "\u23d2\u23c2\u23b2\u23a2\u2392\u2382\u2372\u2362\u2352\u2342\u2332" + + "\u2322\u2312\u2302\u22f2\u22e2\u22d2\u22c2\u22b2\u22a2\u2292\u2282" + + "\u2272\u2262\u2252\u2242\u2232\u2222\u2212\u2202\u21f2\u21e2\u21d2" + + "\u21c2\u21b2\u21a2\u2192\u2182\u2172\u2162\u2152\u2142\u2132\u2122" + + "\u2112\u2102\u20f2\u20e2\u20d2\u20c2\u20b2\u20a2\u2092\u2082\u2072" + + "\u2062\u2052\u2042\u2032\u2022\u2012\u2002\u1ff2\u1fe2\u1fd2\u1fc2" + + "\u1fb2\u1fa2\u1f92\u1f82\u1f72\u1f62\u1f52\u1f42\u1f32\u1f22\u1f12" + + "\u1f02\u1ef2\u1ee2\u1ed2\u1ec2\u1eb2\u1ea2\u1e92\u1e82\u1e72\u1e62" + + "\u1e52\u1e42\u1e32\u1e22\u1e12\u1e02\u1df2\u1de2\u1dd2\u1dc2\u1db2" + + "\u1da2\u1d92\u1d82\u1d72\u1d62\u1d52\u1d42\u1d32\u1d22\u1d12\u1d02" + + "\u1cf2\u1ce2\u1cd2\u1cc2\u1cb2\u1ca2\u1c92\u1c82\u1c72\u1c62\u1c52" + + "\u1c42\u1c32\u1c22\u1c12\u1c02\u1bf2\u1be2\u1bd2\u1bc2\u1bb2\u1ba2" + + "\u1b92\u1b82\u1b72\u1b62\u1b52\u1b42\u1b32\u1b22\u1b12\u1b02\u1af2" + + "\u1ae2\u1ad2\u1ac2\u1ab2\u1aa2\u1a92\u1a82\u1a72\u1a62\u1a52\u1a42" + + "\u1a32\u1a22\u1a12\u1a02\u19f2\u19e2\u19d2\u19c2\u19b2\u19a2\u1992" + + "\u1982\u1972\u1962\u1952\u1942\u1932\u1922\u1912\u1902\u18f2\u18e2" + + "\u18d2\u18c2\u18b2\u18a2\u1892\u1882\u1872\u1862\u1852\u1842\u1832" + + "\u1822\u1812\u1802\u17f2\u17e2\u17d2\u17c2\u17b2\u17a2\u1792\u1782" + + "\u1772\u1762\u1752\u1742\u1732\u1722\u1712\u1702\u16f2\u16e2\u16d2" + + "\u16c2\u16b2\u16a2\u1692\u1682\u1672\u1662\u1652\u1642\u1632\u1622" + + "\u1612\u1602\u0b13\u0b03\u0af3\u0ae3\u0ad3\u0ac3\u0ab3\u0aa3\u0a93" + + "\u0a83\u0a73\u0a63\u0a53\u0a43\u0a33\u0a23\u0a13\u0a03\u0dd8\u09e3" + + "\u09d3\u09c3\u0d9b\u08ac\u089c\u088c\u087c\u086c\u085c\u084c\u083c" + + "\u082c\u1402\u0b35\u13f2\u13ec\u0b14\u083f\u082f\u081f\u080f\u07ff" + + "\u07ef\u0b82\u075c\u07bc\u07af\u079f\u078f\u077f\u076f\u075f\u074f" + + "\u073f\u072f\u071f\u070f\u06ff\u06ef\u06df\u06cf\u06bf\u06af\u069f" + + "\u068f\u067f\u066f\u0661\u05dc\u063f\u062f\u061f\u060f\u05fd\u05ef" + + "\u05df\u096c\u054c\u053c\u09a9\u0666\u050c\u0818\u10fc\u10f8\u0e1e" + + "\u10e8\u08b3\u050f\u04ff\u04ef\u04df\u04cf\u04bf\u04af\u087c\u0795" + + "\u0127\u0154\u0154\u017a\u1008\u0859\u08ad\u0493\u0485\u0473\u0453" + + "\u01c3\u038b\u0f88\u0333", + + "\000\uffff?\004\004\u00fd\u00bd}=\ufffd\uffbd" + + "\uff7d\uff7d\ufef2\uff2d\ufe7d\ufc7f\ufc6f\ufe6d\ufd7d\ufd3d\ufcfd" + + "\ufcbd\ufc7d\ufc3d\ufbfd\ufbbd\ufb7d\ufb3d\ufafd\ufabd\ufa7d\ufb2d" + + "\uf9fd\uf9bd\uf97d\uf93d\uf8fd\uf8bd\uf87d\uf83d\uf7fd\uf7bd\uf77d" + + "\uf73d\uf6fd\uf6bd\uf67d\uf63d\uf5fd\uf5bd\uf57d\uf53d\uf4fd\uf4bd" + + "\uf47d\uf43d\uf3fd\uf3bd\uf37d\uf33d\uf2fd\uf2bd\uf27d\uf23d\uf1fd" + + "\uf1bd\uf17d\uf13d\uf0fd\uf0bd\uf07d\uf03d\ueffd\uefbd\uef7d\uef3d" + + "\ueefd\ueebd\uee7d\uee3d\uedfd\uedbd\ued7d\ued3d\uecfd\uecbd\uec7d" + + "\uec3d\uebfd\uebbd\ueb7d\ueb3d\ueafd\ueabd\uea7d\uea3d\ue9fd\ue9bd" + + "\ue97d\ue93d\ue8fd\ue8bd\ue87d\ue83d\ue7fd\ue7bd\ue77d\ue73d\ue6fd" + + "\ue6bd\ue67d\ue63d\ue5fd\ue5bd\ue57d\ue53d\ue4fd\ue4bd\ue47d\ue43d" + + "\ue3fd\ue3bd\ue37d\ue33d\ue2fd\ue2bd\ue27d\ue23d\ue1fd\ue1bd\ue17d" + + "\ue13d\ue0fd\ue0bd\ue07d\ue03d\udffd\udfbd\udf7d\udf3d\udefd\udebd" + + "\ude7d\ude3d\uddfd\uddbd\udd7d\udd3d\udcfd\udcbd\udc7d\udc3d\udbfd" + + "\udbbd\udb7d\udb3d\udafd\udabd\uda7d\uda3d\ud9fd\ud9bd\ud97d\ud93d" + + "\ud8fd\ud8bd\ud87d\ud83d\ud7fd\ud7bd\ud77d\ud73d\ud6fd\ud6bd\ud67d" + + "\ud63d\ud5fd\ud5bd\ud57d\ud53d\ud4fd\ud4bd\ud47d\ud43d\ud3fd\ud3bd" + + "\ud37d\ud33d\ud2fd\ud2bd\ud27d\ud23d\ud1fd\ud1bd\ud17d\ud13d\ud0fd" + + "\ud0bd\ud07d\ud03d\ucffd\ucfbd\ucf7d\ucf3d\ucefd\ucebd\uce7d\uce3d" + + "\ucdfd\ucdbd\ucd7d\ucd3d\uccfd\uccbd\ucc7d\ucc3d\ucbfd\ucbbd\ucb7d" + + "\ucb3d\ucafd\ucabd\uca7d\uca3d\uc9fd\uc9bd\uc97d\uc93d\uc8fd\uc8bd" + + "\uc87d\uc83d\uc7fd\uc7bd\uc77d\uc73d\uc6fd\uc6bd\uc67d\uc63d\uc5fd" + + "\uc5bd\uc57d\uc53d\uc4fd\uc4bd\uc47d\uc43d\uc3fd\uc3bd\uc37d\uc33d" + + "\uc2fd\uc2bd\uc27d\uc23d\uc1fd\uc1bd\uc17d\uc13d\uc0fd\uc0bd\uc07d" + + "\uc03d\ubffd\ubfbd\ubf7d\ubf3d\ubefd\ubebd\ube7d\ube3d\ubdfd\ubdbd" + + "\ubd7d\ubd3d\ubcfd\ubcbd\ubc7d\ubc3d\ubbfd\ubbbd\ubb7d\ubb3d\ubafd" + + "\ubabd\uba7d\uba3d\ub9fd\ub9bd\ub97d\ub93d\ub8fd\ub8bd\ub87d\ub83d" + + "\ub7fd\ub7bd\ub77d\ub73d\ub6fd\ub6bd\ub67d\ub63d\ub5fd\ub5bd\ub57d" + + "\ub53d\ub4fd\ub4bd\ub47d\ub43d\ub3fd\ub3bd\ub37d\ub33d\ub2fd\ub2bd" + + "\ub27d\ub23d\ub1fd\ub1bd\ub17d\ub13d\ub0fd\ub0bd\ub07d\ub03d\uaffd" + + "\uafbd\uaf7d\uaf3d\uaefd\uaebd\uae7d\uae3d\uadfd\uadbd\uad7d\uad3d" + + "\uacfd\uacbd\uac7d\uac3d\uabfd\uabbd\uab7d\uab3d\uaafd\uaabd\uaa7d" + + "\uaa3d\ua9fd\ua9bd\ua97d\ua93d\ua8fd\ua8bd\ua87d\ua83d\ua7fd\ua7bd" + + "\ua77d\ua73d\ua6fd\ua6bd\ua67d\ua63d\ua5fd\ua5bd\ua57d\ua53d\ua4fd" + + "\ua4bd\ua47d\ua43d\ua3fd\ua3bd\ua37d\ua33d\ua2fd\ua2bd\ua27d\ua23d" + + "\ua1fd\ua1bd\ua17d\ua13d\ua0fd\ua0bd\ua07d\ua03d\u9ffd\u9fbd\u9f7d" + + "\u9f3d\u9efd\u9ebd\u9e7d\u9e3d\u9dfd\u9dbd\u9d7d\u9d3d\u9cfd\u9cbd" + + "\u9c7d\u9c3d\u9bfd\u9bbd\u9b7d\u9b3d\u9afd\u9abd\u9a7d\u9a3d\u99fd" + + "\u99bd\u997d\u993d\u98fd\u98bd\u987d\u983d\u97fd\u97bd\u977d\u973d" + + "\u96fd\u96bd\u967d\u963d\u95fd\u95bd\u957d\u953d\u94fd\u94bd\u947d" + + "\u943d\u93fd\u93bd\u937d\u933d\u92fd\u92bd\u927d\u923d\u91fd\u91bd" + + "\u917d\u913d\u90fd\u90bd\u907d\u903d\u8ffd\u8fbd\u8f7d\u8f3d\u8efd" + + "\u8ebd\u8e7d\u8e3d\u8dfd\u8dbd\u8d7d\u8d3d\u8cfd\u8cbd\u8c7d\u8c3d" + + "\u8bfd\u8bbd\u8b7d\u8b3d\u8afd\u8abd\u8a7d\u8a3d\u89fd\u89bd\u897d" + + "\u893d\u88fd\u88bd\u887d\u883d\u87fd\u87bd\u877d\u873d\u86fd\u86bd" + + "\u867d\u863d\u85fd\u85bd\u857d\u853d\u84fd\u84bd\u847d\u843d\u83fd" + + "\u83bd\u837d\u833d\u82fd\u82bd\u827d\u823d\u81fd\u81bd\u817d\u813d" + + "\u80fd\u80bd\u807d\u803d\u7ffd\u7fbd\u7f7d\u7f3d\u7efd\u7ebd\u7e7d" + + "\u7e3d\u7dfd\u7dbd\u7d7d\u7d3d\u7cfd\u7cbd\u7c7d\u7c3d\u7bfd\u7bbd" + + "\u7b7d\u7b3d\u7afd\u7abd\u7a7d\u7a3d\u79fd\u79bd\u797d\u793d\u78fd" + + "\u78bd\u787d\u783d\u77fd\u77bd\u777d\u773d\u76fd\u76bd\u767d\u763d" + + "\u75fd\u75bd\u757d\u753d\u74fd\u74bd\u747d\u743d\u73fd\u73bd\u737d" + + "\u733d\u72fd\u72bd\u727d\u723d\u71fd\u71bd\u717d\u713d\u70fd\u70bd" + + "\u707d\u703d\u6ffd\u6fbd\u6f7d\u6f3d\u6efd\u6ebd\u6e7d\u6e3d\u6dfd" + + "\u6dbd\u6d7d\u6d3d\u6cfd\u6cbd\u6c7d\u6c3d\u6bfd\u6bbd\u6b7d\u6b3d" + + "\u6afd\u6abd\u6a7d\u6a3d\u69fd\u69bd\u697d\u693d\u68fd\u68bd\u687d" + + "\u683d\u67fd\u67bd\u677d\u673d\u66fd\u66bd\u667d\u663d\u65fd\u65bd" + + "\u657d\u653d\u64fd\u64bd\u647d\u643d\u63fd\u63bd\u637d\u633d\u62fd" + + "\u62bd\u627d\u623d\u61fd\u61bd\u617d\u613d\u60fd\u60bd\u607d\u603d" + + "\u5ffd\u5fbd\u5f7d\u5f3d\u5efd\u5ebd\u5e7d\u5e3d\u5dfd\u5dbd\u5d7d" + + "\u5d3d\u5cfd\u5cbd\u5c7d\u5c3d\u5bfd\u5bbd\u5b7d\u5b3d\u5afd\u5abd" + + "\u5a7d\u5a3d\u59fd\u59bd\u597d\u593d\u58fd\u58bd\u587d\u583d\u57fd" + + "\u57bd\u577d\u573d\u56fd\u56bd\u567d\u563d\u55fd\u55bd\u557d\u553d" + + "\u54fd\u54bd\u547d\u543d\u53fd\u53bd\u537d\u533d\u52fd\u52bd\u527d" + + "\u523d\u51fd\u51bd\u517d\u513d\u50fd\u50bd\u507d\u503d\u4ffd\u4fbd" + + "\u4f7d\u4f3d\u4efd\u4ebd\u4e7d\u4e3d\u4dfd\u4dbd\u4d7d\u4d3d\u4cfd" + + "\u4cbd\u4c7d\u4c3d\u4bfd\u4bbd\u4b7d\u4b3d\u4afd\u4abd\u4a7d\u4a3d" + + "\u49fd\u49bd\u497d\u493d\u48fd\u48bd\u487d\u483d\u47fd\u47bd\u477d" + + "\u473d\u46fd\u46bd\u467d\u463d\u45fd\u45bd\u457d\u453d\u44fd\u44bd" + + "\u447d\u443d\u43fd\u43bd\u437d\u433d\u42fd\u42bd\u427d\u423d\u41fd" + + "\u41bd\u417d\u413d\u40fd\u40bd\u407d\u403d\u3ffd\u3fbd\u3f7d\u3f3d" + + "\u3efd\u3ebd\u3e7d\u3e3d\u3dfd\u3dbd\u3d7d\u3d3d\u3cfd\u3cbd\u3c7d" + + "\u3c3d\u3bfd\u3bbd\u3b7d\u3b3d\u3afd\u3abd\u3a7d\u3a3d\u39fd\u39bd" + + "\u397d\u393d\u38fd\u38bd\u387d\u383d\u37fd\u37bd\u377d\u373d\u36fd" + + "\u36bd\u367d\u363d\u35fd\u35bd\u357d\u353d\u34fd\u34bd\u347d\u343d" + + "\u33fd\u33bd\u337d\u333d\u32fd\u32bd\u327d\u31d0\u3190\u3150\u311a" + + "\u30a6\u2ffb\u2ff8\u3032\u303d\u2ffd\u2fbd\u2f7d\u306d\u3056\u2ebd" + + "\u2e7d\u3034\u306a\u30a3\u2f64\u3060\u2fa5\u2ec8\u2e94\u2e2c\u2df8" + + "\u2df8\u2d16\u2cdc\u2ca2\u2c68\u2de0\u2a3d\u29fd\u29bd\u297d\u293d" + + "\u28fd\u28bd\u287d\u283d\u27fd\u27bd\u277d\u273d\u26fd\u26bd\u267d" + + "\u263d\u25fd\u25bd\u257d\u253d\u24fd\u24bd\u247d\u243d\u23fd\u23bd" + + "\u237d\u233d\u22fd\u22bd\u227d\u223d\u21fd\u21bd\u217d\u213d\u20fd" + + "\u20bd\u207d\u203d\u1ffd\u1fbd\u1f7d\u1f3d\u1efd\u1ebd\u1e7d\u1e3d" + + "\u1dfd\u1dbd\u1d7d\u1d3d\u1cfd\u1cbd\u1c7d\u1c3d\u1bfd\u1bbd\u1b7d" + + "\u1b3d\u1afd\u1abd\u1a7d\u1a3d\u19fd\u19bd\u197d\u193d\u18fd\u18bd" + + "\u187d\u183d\u17fd\u17bd\u177d\u173d\u16fd\u16bd\u167d\u163d\u15fd" + + "\u15bd\u157d\u153d\u14fd\u14bd\u147d\u143d\u13fd\u13bd\u137d\u133d" + + "\u12fd\u12bd\u127d\u123d\u11fd\u11bd\u117d\u113d\u10fd\u10bd\u107d" + + "\u103d\u0ffd\u0fbd\u0f7d\u0f3d\u0efd\u0ebd\u0e7d\u0e3d\u0dfd\u0dbd" + + "\u0d7d\u0d3d\u0cfd\u0cbd\u0c7d\u0c3d\u0bfd\u0bbd\u0b7d\u0b3d\u0afd" + + "\u0abd\u0a7d\u0a3d\u09fd\u09bd\u097d\u093d\u08fd\u08bd\u087d\u083d" + + "\u07fd\u07bd\u077d\u073d\u06fd\u06bd\u067d\u063d\u05fd\u05bd\u057d" + + "\u053d\u04fd\u04bd\u047d\u043d\u03fd\u03bd\u037d\u033d\u02fd\u02bd" + + "\u027d", + + "\000\uff80\uff00\ufe80\ufe00\ufd80\ufd00\ufc80\ufc00\ufb80\ufb00" + + "\ufa80\ufa00\uf980\uf900\uf880\uf800\uf780\uf700\uf680\uf600\uf580" + + "\uf500\uf480\uf400\uf380\uf300\uf280\uf200\uf180\uf100\uf080\uf000" + + "\uef80\uef00\uee80\uee00\ued80\ued00\uec80\uec00\ueb80\ueb00\uea80" + + "\uea00\ue980\ue900\ue880\ue800\ue780\ue700\ue680\ue600\ue580\ue500" + + "\ue480\ue400\ue380\ue300\ue280\ue200\ue180\ue100\ue080\ue000\udf80" + + "\udf00\ude80\ude00\udd80\udd00\udc80\udc00\udb80\udb00\uda80\uda00" + + "\ud980\ud900\ud880\ud800\ud780\ud700\ud680\ud600\ud580\ud500\ud480" + + "\ud400\ud380\ud300\ud280\ud200\ud180\ud100\ud080\ud000\ucf80\ucf00" + + "\uce80\uce00\ucd80\ucd00\ucc80\ucc00\ucb80\ucb00\uca80\uca00\uc980" + + "\uc900\uc880\uc800\uc780\uc700\uc680\uc600\uc580\uc500\uc480\uc400" + + "\uc380\uc300\uc280\uc200\uc180\uc100\uc080\uc000\ubf80\ubf00\ube80" + + "\ube00\ubd80\ubd00\ubc80\ubc00\ubb80\ubb00\uba80\uba00\ub980\ub900" + + "\ub880\ub800\ub780\ub700\ub680\ub600\ub580\ub500\ub480\ub400\ub380" + + "\ub300\ub280\ub200\ub180\ub100\ub080\ub000\uaf80\uaf00\uae80\uae00" + + "\uad80\uad00\uac80\uac00\uab80\uab00\uaa80\uaa00\ua980\ua900\ua880" + + "\ua800\ua780\ua700\ua680\ua600\ua580\ua500\ua480\ua400\ua380\ua300" + + "\ua280\ua200\ua180\ua100\ua080\ua000\u9f80\u9f00\u9e80\u9e00\u9d80" + + "\u9d00\u9c80\u9c00\u9b80\u9b00\u9a80\u9a00\u9980\u9900\u9880\u9800" + + "\u9780\u9700\u9680\u9600\u9580\u9500\u9480\u9400\u9380\u9300\u9280" + + "\u9200\u9180\u9100\u9080\u9000\u8f80\u8f00\u8e80\u8e00\u8d80\u8d00" + + "\u8c80\u8c00\u8b80\u8b00\u8a80\u8a00\u8980\u8900\u8880\u8800\u8780" + + "\u8700\u8680\u8600\u8580\u8500\u8480\u8400\u8380\u8300\u8280\u8200" + + "\u8180\u8100\u8080\u8000\u7f80\u7f00\u7e80\u7e00\u7d80\u7d00\u7c80" + + "\u7c00\u7b80\u7b00\u7a80\u7a00\u7980\u7900\u7880\u7800\u7780\u7700" + + "\u7680\u7600\u7580\u7500\u7480\u7400\u7380\u7300\u7280\u7200\u7180" + + "\u7100\u7080\u7000\u6f80\u6f00\u6e80\u6e00\u6d80\u6d00\u6c80\u6c00" + + "\u6b80\u6b00\u6a80\u6a00\u6980\u6900\u6880\u6800\u6780\u6700\u6680" + + "\u6600\u6580\u6500\u6480\u6400\u6380\u6300\u6280\u6200\u6180\u6100" + + "\u6080\u6000\u5f80\u5f00\u5e80\u5e00\u5d80\u5d00\u5c80\u5c00\u5b80" + + "\u5b00\u5a80\u5a00\u59a9\u5980\u5900\u5880\u5800\u5780\u5700\u5680" + + "\u5600\u5580\u5500\u5480\u5400\u5380\u5300\u5280\u5200\u5180\u5100" + + "\u5080\u5000\u4f80\u4f00\u4e80\u4e00\u4d80\u4d00\u4c80\u4c00\u4b80" + + "\u4b00\u4a80\u4a00\u4980\u4900\u4880\u4800\u4780\u4700\u4680\u4600" + + "\u4580\u4500\u4480\u4400\u4380\u4300\u4280\u4200\u4180\u4100\u4080" + + "\u4000\u3f80\u3f00\u3e80\u3e00\u3d80\u3d00\u3c80\u3c00\u3b80\u3b00" + + "\u3a80\u3a00\u3980\u3900\u3880\u3800\u3780\u3700\u3680\u3600\u3580" + + "\u3500\u3480\u3400\u3380\u3300\u3280\u3200\u3180\u3100\u3080\u3000" + + "\u2f80\u2f00\u2e80\u2e00\u2d80\u2d00\u2c80\u2c00\u2b80\u2b00\u2a80" + + "\u2a00\u2980\u2900\u2880\u2800\u2780\u2700\u2680\u2600\u2580\u2500" + + "\u2480\u2400\u2380\u2300\u2280\u2200\u2180\u2100\u2080\u2000\u1f80" + + "\u1f00\u1e80\u1e00\u1d80\u1d00\u1c80\u1c00\u1b80\u1b00\u1a80\u1a00" + + "\u1980\u1900\u1880\u1800\u1780\u1700\u1680\u1600\u1580\u1500\u1480" + + "\u1400\u1380\u1300\u1280\u1200\u1180\u1100\u1080\u1000\u0f80\u0f00" + + "\u0e80\u0e00\u0d80\u0d00\u0c80\u0c00\u0b80\u0b00\u0a80\u0a00\u0980" + + "\u0900\u0800\u0780\u0700\u0680\u0662\u0600\u0580\u0500\u0480\u0400" + + "\u0380\u0300\u0280\u0200\u0180\u0100", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "\u00ff\000\uff00\ufe90\ufe80\ufe00\ufd80\ufd00\ufc80\ufc00\ufb80" + + "\ufb00\ufa80\ufa00\uf980\uf900\uf880\uf800\uf780\uf700\uf680\uf600" + + "\uf580\uf500\uf480\uf400\uf380\uf300\uf280\uf200\uf180\uf100\uf080" + + "\uf000\uef80\uef00\uee80\uee00\ued80\ued00\uec80\uec00\ueb80\ueb00" + + "\uea80\uea00\ue980\ue900\ue880\ue800\ue780\ue700\ue680\ue600\ue580" + + "\ue500\ue480\ue400\ue380\ue300\ue280\ue200\ue180\ue100\ue080\ue000" + + "\udf80\udf00\ude80\ude00\udd80\udd00\udc80\udc00\udb80\udb00\uda80" + + "\uda00\ud980\ud900\ud880\ud800\ud780\ud700\ud680\ud600\ud580\ud500" + + "\ud480\ud400\ud380\ud300\ud280\ud200\ud180\ud100\ud080\ud000\ucf80" + + "\ucf00\uce80\uce00\ucd80\ucd00\ucc80\ucc00\ucb80\ucb00\uca80\uca00" + + "\uc980\uc900\uc880\uc800\uc780\uc700\uc680\uc600\uc580\uc500\uc480" + + "\uc400\uc380\uc300\uc280\uc200\uc180\uc100\uc080\uc000\ubf80\ubf00" + + "\ube80\ube00\ubd80\ubd00\ubc80\ubc00\ubb80\ubb00\uba80\uba00\ub980" + + "\ub900\ub880\ub800\ub780\ub700\ub680\ub600\ub580\ub500\ub480\ub400" + + "\ub380\ub300\ub280\ub200\ub180\ub100\ub080\ub000\uaf80\uaf00\uae80" + + "\uae00\uad80\uad00\uac80\uac00\uab80\uab00\uaa80\uaa00\ua980\ua900" + + "\ua880\ua800\ua780\ua700\ua680\ua600\ua580\ua500\ua480\ua400\ua380" + + "\ua300\ua280\ua200\ua180\ua100\ua080\ua000\u9f80\u9f00\u9e80\u9e00" + + "\u9d80\u9d00\u9c80\u9c00\u9b80\u9b00\u9a80\u9a00\u9980\u9900\u9880" + + "\u9800\u9780\u9700\u9680\u9600\u9580\u9500\u9480\u9400\u9380\u9300" + + "\u9280\u9200\u9180\u9100\u9080\u9000\u8f80\u8f00\u8e80\u8e00\u8d80" + + "\u8d00\u8c80\u8c00\u8b80\u8b00\u8a80\u8a00\u8980\u8900\u8880\u8800" + + "\u8780\u8700\u8680\u8600\u8580\u8500\u8480\u8400\u8380\u8300\u8280" + + "\u8200\u8180\u8100\u8080\u8000\u7f80\u7f00\u7e80\u7e00\u7d80\u7d00" + + "\u7c80\u7c00\u7b80\u7b00\u7a80\u7a00\u7980\u7900\u7880\u7800\u7780" + + "\u7700\u7680\u7600\u7580\u7500\u7480\u7400\u7380\u7300\u7280\u7200" + + "\u7180\u7100\u7080\u7000\u6f80\u6f00\u6e80\u6e00\u6d80\u6d00\u6c80" + + "\u6c00\u6b80\u6b00\u6a80\u6a00\u6980\u6900\u6880\u6800\u6780\u6700" + + "\u6680\u6600\u6580\u6500\u6480\u6400\u6380\u6300\u6280\u6200\u6180" + + "\u6100\u6080\u6000\u5f80\u5f00\u5e80\u5e00\u5d80\u5d00\u5c80\u5c00" + + "\u5b80\u5b00\u5a80\u5a00\u5980\u5900\u5880\u5800\u5780\u5700\u5680" + + "\u5600\u5580\u5500\u5480\u5400\u5380\u5300\u5280\u5200\u5180\u5100" + + "\u5080\u5000\u4f80\u4f00\u4e80\u4e00\u4d80\u4d00\u4c80\u4c00\u4b80" + + "\u4b00\u4a80\u4a00\u4980\u4900\u4880\u4800\u4780\u4700\u4680\u4600" + + "\u4580\u4500\u4480\u4400\u4380\u4300\u4280\u4200\u4180\u4100\u4080" + + "\u4000\u3f80\u3f00\u3e80\u3e00\u3d80\u3d00\u3c80\u3c00\u3b80\u3b00" + + "\u3a80\u3a00\u3980\u3900\u3880\u3800\u3780\u3700\u3680\u3600\u3580" + + "\u3500\u3480\u3400\u3380\u3300\u3280\u3200\u3180\u3100\u3080\u3000" + + "\u2f80\u2f00\u2e80\u2e00\u2d80\u2d00\u2c80\u2c00\u2b80\u2b00\u2a80" + + "\u2a00\u2980\u2900\u2880\u2800\u2780\u2700\u2680\u2600\u2580\u2500" + + "\u2480\u2400\u2380\u2300\u2280\u2200\u2180\u2100\u2080\u2000\u1f80" + + "\u1f00\u1e80\u1e00\u1d80\u1d00\u1c80\u1c00\u1b80\u1b00\u1a80\u1a00" + + "\u1980\u1900\u1880\u1800\u1780\u1700\u1680\u1600\u1580\u1500\u1480" + + "\u1400\u1380\u1300\u1280\u1200\u1180\u1100\u1080\u1000\u0f80\u0f00" + + "\u0e80\u0e00\u0d80\u0d00\u0c80\u0c00\u0b80\u0b00\u0a80\u0a00\u0980" + + "\u0900\u0880\u0800\u0780\u0700\u0680\u0600\u0580\u0500\u0480\u0400" + + "\u0380\u0300\u0280\u0200\u0180\u0100", + + "", + + ""}; + + /** + * The array containing the numeric values that are too large to be stored as + * chars in NUM_VALUE. NUM_VALUE in this case will contain a negative integer + * N such that LARGENUMS[-N - 3] contains the correct numeric value. + */ + int[] LARGENUMS + = new int[] {40000, 50000, 60000, 70000, 80000, 90000}; /** * Information about each character. The low order 5 bits form the @@ -282,496 +700,594 @@ public interface CharData * next bit is a flag for mirrored directionality. The high order 9 bits * form the offset into the attribute tables. Note that this limits the * number of unique character attributes to 512, which is not a problem - * as of Unicode version 3.2.0, but may soon become one. + * as of Unicode version 4.0.0, but may soon become one. */ - String DATA - = "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3e80\u3e80\u3001\u3082\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85" - + "\u3a85\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85" - + "\u3e80\u3e80\u3e80\u3e80\u5b88\u5b88\u3e80\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80" - + "\u3e80\u3e80\u3e80\u5198\u3e80\u3e80\u3e80\u3e80\u4606\u3e80\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u3a85" - + "\u3a85\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u3e80\u3e80\u3e80\u3e80\u5202\u5202\u5202\u5202" - + "\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202" - + "\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202\u5202" - + "\u5202\u5202\u5202\u5202\u5202\u2e82\u3e80\u5198\u2a14\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4686\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u1a1b\u1a1b\u3e80\u3e80\u3e80\u3e80\u4584\u3e80\u3e80" - + "\u3e80\u0298\u3e80\u0298\u6615\u6696\u0298\u1a97\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u4584\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u4584\u4584\u1a1b\u1a1b\u1a1b\u1a1b" - + "\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u4584" - + "\u4584\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b" - + "\u1a1b\u1a1b\u1a1b\u1a1b\u2e82\u7282\u2e82\u3e80\u2e82\u4902\u7481" - + "\u7481\u7481\u7481\u7383\u1a1b\u1a1b\u1a1b\u6d82\u6d82\u4902\u4902" - + "\u3e80\u3e80\u2e82\u4902\u6e01\u6e01\u7501\u7501\u3e80\u1a1b\u1a1b" - + "\u1a1b\u1b02\u1b82\u1c02\u1c82\u1d02\u1d82\u1e02\u1e82\u1f02\u1f82" - + "\u2002\u2082\u2102\u2182\u2202\u2282\u2302\u2382\u2402\u2482\u2502" - + "\u2582\u2602\u2682\u2702\u2782\u0455\u0c99\u04d6\u0c99\017\017" - + "\017\017\017\u010f\017\017\017\017\017\017\017" - + "\017\017\017\017\017\017\017\017\017\017\017" - + "\017\017\017\017\017\017\017\017\u008f\u010f\u008f" - + "\u018f\u010f\017\017\017\017\017\017\017\017\017" - + "\017\017\017\017\017\u010f\u010f\u010f\u008f\u020c\u0298" - + "\u0298\u0318\u039a\u0318\u0298\u0298\u0455\u04d6\u0298\u0519\u0598" - + "\u0614\u0598\u0698\u0709\u0789\u0809\u0889\u0909\u0989\u0a09\u0a89" - + "\u0b09\u0b89\u0598\u0298\u0c59\u0c99\u0c59\u0298\u0d01\u0d81\u0e01" - + "\u0e81\u0f01\u0f81\u1001\u1081\u1101\u1181\u1201\u1281\u1301\u1381" - + "\u1401\u1481\u1501\u1581\u1601\u1681\u1701\u1781\u1801\u1881\u1901" - + "\u1981\u0455\u0298\u04d6\u1a1b\u1a97\u0298\u0298\u0298\u0c99\u0455" - + "\u04d6\u3e80\u0298\u0298\u0298\u0298\u0298\u0298\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u282c\u0298\u039a\u039a\u039a\u039a\u289c" - + "\u289c\u1a1b\u289c\u2902\u29dd\u0c99\u2a14\u289c\u1a1b\u2a9c\u0519" - + "\u2b0b\u2b8b\u1a1b\u2c02\u289c\u0298\u1a1b\u2c8b\u2902\u2d5e\u2d8b" - + "\u2d8b\u2d8b\u0298\u0298\u0519\u0614\u0c99\u0c99\u0c99\u3e80\u0298" - + "\u039a\u0318\u0298\u3e80\u3e80\u3e80\u3e80\u5405\u5405\u5405\u3e80" - + "\u5405\u3e80\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u3e80\u3e80\u3e80\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u3e80\u501c\u501c\u4f81\u4f81" - + "\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81\u4f81" - + "\u4f81\u4f81\u4f81\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01" - + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01" - + "\u2e01\u2e01\u2e01\u2e01\u0c99\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01" - + "\u2e01\u2e82\u2e82\u2e82\u4902\u4902\u2e82\u2e82\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u2e82\u2e82" - + "\u2e82\u2e82\u2e82\u3e80\u3e80\u3e80\u3e80\u3e80\u5305\u4606\u5305" - + "\u5305\u3e80\u5305\u5305\u3e80\u5305\u5305\u5305\u5305\u5305\u5305" - + "\u5305\u5305\u5305\u5305\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5398\u5405\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u5087\u5087\u4606\u5087\u5087\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b" - + "\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u840b\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u2e82\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5c09" - + "\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u4606\u4606" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u1a1b\u1a1b\u4701\u0298\u4781\u4781\u4781\u3e80" - + "\u4801\u3e80\u4881\u4881\u4902\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01" - + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2f02" - + "\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02" + String[] DATA = new String[]{ + "\u2282\u2302\u2382\u2402\u2482\u2502\u2582\u2602\u2682\u2702\u2782" + + "\u0455\u0c99\u04d6\u0c99\017\017\017\017\017\017\017" + + "\017\017\u008f\u010f\u008f\u018f\u010f\017\017\017\017" + + "\017\u010f\017\017\017\017\017\017\017\017\017" + + "\017\017\017\017\017\017\017\u010f\u010f\u010f\u008f" + + "\u0709\u0789\u0809\u0889\u0909\u0989\u0a09\u0a89\u0b09\u0b89\u0598" + + "\u0298\u0c59\u0c99\u0c59\u0298\u0298\u0c99\u0298\u1a97\u3f80\u3f80" + + "\u0298\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u020c\u0298\u0298" + + "\u0318\u039a\u0318\u0298\u0298\u0455\u04d6\u0298\u0519\u0598\u0614" + + "\u0598\u0698\u2a9c\u0519\u2b0b\u2b8b\u1a1b\u2c02\u289c\u0298\u1a1b" + + "\u2c8b\u2902\u2d5e\u2d8b\u2d8b\u2d8b\u0298\u0d01\u0d81\u0e01\u0e81" + + "\u0f01\u0f81\u1001\u1081\u1101\u1181\u1201\u1281\u1301\u1381\u1401" + + "\u1481\u1501\u1581\u1601\u1681\u1701\u1781\u1801\u1881\u1901\u1981" + + "\u0455\u0298\u04d6\u1a1b\u1a97\u0298\u0298\u0298\u0c99\u0455\u04d6" + + "\u0298\u0298\u0298\u0298\u0298\u0298\u0298\u0298\u0298\u858d\u860e" + + "\u8690\u8710\u8790\u8810\u8890\u82ac\u282c\u0298\u039a\u039a\u039a" + + "\u039a\u289c\u289c\u1a1b\u289c\u2902\u29dd\u0c99\u2a10\u289c\u1a1b" + + "\u1b02\u1b82\u1c02\u1c82\u1d02\u1d82\u1e02\u1e82\u1f02\u1f82\u2002" + + "\u2082\u2102\u2182\u2202\u4a82\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01" + + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u0c99" + + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e82\u3c01\u3c83\u3d02" + + "\u3001\u3082\u3e01\u3e81\u3001\u3082\u3001\u3082\u3001\u3082\u3001" + + "\u3082\u3201\u3001\u3082\u3001\u3082\u3001\u3082\u3282\u4a82\u2f02" + "\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02" - + "\u0c99\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f82\u2f02\u2f02" - + "\u4a82\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u4b02" - + "\u4b82\u4b82\u3e80\u4c02\u4c82\u4d01\u4d01\u4d01\u4d82\u4e02\u2902" - + "\u3e80\u3e80\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u2e82\u3b81\u3c03\u3c82" - + "\u3001\u3082\u3d81\u3e01\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3101\u3182" - + "\u3001\u3082\u3001\u3082\u3001\u3082\u2902\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u4e82\u4f02\u3d02\u2902\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5b10\u5b10\u5b10\u5b10\u5b10" - + "\u5b10\u7f0b\u3e80\u3e80\u3e80\u7f8b\u800b\u808b\u810b\u818b\u820b" - + "\u0519\u0519\u0c99\u0455\u04d6\u2902\u3301\u3001\u3082\u3001\u3082" - + "\u3381\u3001\u3082\u3401\u3401\u3001\u3082\u2902\u3481\u3501\u3581" - + "\u3001\u3082\u3401\u3601\u3682\u3701\u3781\u3001\u3082\u2902\u2902" - + "\u3701\u3801\u2902\u3881\u3a85\u3a85\u3a85\u3a85\u3b81\u3c03\u3c82" - + "\u3b81\u3c03\u3c82\u3b81\u3c03\u3c82\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3d02\u3001\u3082\u501c\u4606\u4606\u4606\u4606\u3e80\u5087\u5087" - + "\u3e80\u3e80\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3201\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3282\u3001\u3082\u3001\u3082\u3001\u3082\u3901\u3001\u3082\u3901" - + "\u2902\u2902\u3001\u3082\u3901\u3001\u3082\u3981\u3981\u3001\u3082" - + "\u3001\u3082\u3a01\u3001\u3082\u2902\u3a85\u3001\u3082\u2902\u3b02" - + "\u4d01\u3001\u3082\u3001\u3082\u3e80\u3e80\u3001\u3082\u3e80\u3e80" - + "\u3001\u3082\u3e80\u3e80\u3e80\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001" - + "\u3082\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u0598\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5398\u3e80\u3e80\u3e80\u5398" - + "\u5398\u5398\u5398\u5398\u5398\u5398\u5398\u5398\u5398\u5398\u5398" - + "\u5398\u5398\u3e80\u5b10\u5405\u4606\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u3e80\u3e80\u5b10\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01" - + "\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01" - + "\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01\u4d01" - + "\u4d01\u4d01\u4d01\u4d01\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89" - + "\u5f09\u5f89\u6009\u6089\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u2902\u2902\u2902\u3f02\u3f82\u2902\u4002" - + "\u4002\u2902\u4082\u2902\u4102\u2902\u2902\u2902\u2902\u4002\u2902" - + "\u2902\u4182\u2902\u2902\u2902\u2902\u4202\u4282\u2902\u2902\u2902" - + "\u2902\u2902\u4282\u2902\u2902\u4302\u2902\u2902\u4382\u2902\u2902" - + "\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u4402\u2902\u2902" - + "\u4402\u2902\u2902\u2902\u2902\u4402\u2902\u4482\u4482\u2902\u2902" - + "\u2902\u2902\u2902\u2902\u4502\u2902\u2902\u2902\u2902\u2902\u2902" - + "\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u3e80\u3e80\u4584" - + "\u4584\u4584\u4584\u4584\u4584\u4584\u4584\u4584\u1a1b\u1a1b\u4584" - + "\u4584\u4584\u4584\u4584\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b" - + "\u1a1b\u1a1b\u4584\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5101\u5101" - + "\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101" - + "\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u5101\u3e80" - + "\u3e80\u4584\u5198\u5198\u5198\u5198\u5198\u5198\u2e01\u2e01\u3e80" - + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u4982\u4a02" - + "\u4a02\u4a02\u4902\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02" - + "\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u4f02\u4f02\u4f02" - + "\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02\u4f02" - + "\u4f02\u4f02\u4606\u4606\u4606\u4606\u4606\u5198\u4606\u4606\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u3e80\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u3e80\u4606\u4606\u4606\u5298" - + "\u4606\u4606\u5298\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u5305\u5305\u5305\u5305\u5305\u5305\u5305" - + "\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u5305\u5305\u5305\u5298\u5298\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5c89\u5d09\u5d89" - + "\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u640b\u648b\u650b\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u4606\u5b88\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80" - + "\u3e80\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80" - + "\u3e80\u3a85\u3a85\u3e80\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3e80" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u5b88\u5b88\u5b88\u5b88\u3e80\u4606\u4606\u4606\u3e80\u4606" - + "\u4606\u4606\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u4606" - + "\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u4606" - + "\u5b88\u5b88\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3e80\u3e80\u3a85\u3a85\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3e80\u3e80\u3e80\u3e80\u5b88\u5b88\u3e80\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3a85\u3a85\u3a85" - + "\u3e80\u3e80\u3e80\u3e80\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09" - + "\u5f89\u6009\u6089\u501c\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5509\u5589\u5609" - + "\u5689\u5709\u5789\u5809\u5889\u5909\u5989\u0318\u5a18\u5a18\u5398" - + "\u3e80\u3e80\u4606\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u3e80\u3e80\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u6615\u6696\u5484\u5405\u5405\u5405\u5405" - + "\u5405\u5405\u5405\u5405\u5405\u5405\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u5b88\u5b88\u5198\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u4606\u4606\u5b88" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3e80" - + "\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u5198\u5198\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u4606\u4606\u4606\u4606\u4606\u5484\u5484\u4606" - + "\u4606\u289c\u4606\u4606\u4606\u4606\u3e80\u3e80\u0709\u0789\u0809" - + "\u0889\u0909\u0989\u0a09\u0a89\u0b09\u0b89\u5405\u5405\u5405\u5a9c" - + "\u5a9c\u3e80\u3a85\u3a85\u3a85\u3e80\u3a85\u3e80\u3a85\u3e80\u3e80" - + "\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u4606\u3a85\u3a85\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u3e80\u4606\u4606\u3a85\u3e80\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u4606\u4606\u5b88" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3e80\u3e80\u4606\u3a85\u5b88\u5b88\u5b88\u5b88\u5b88\u3e80\u4606" - + "\u5b88\u5b88\u3e80\u5b88\u5b88\u4606\u4606\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u5b88\u5b88\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3a85\u3e80\u5198\u5198\u5198\u5198\u5198\u5198\u5198\u5198" - + "\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u640b\u670b" - + "\u678b\u680b\u688b\u690b\u698b\u6a0b\u6a8b\u648b\u6b0b\u3e80\u3e80" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3e80" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u4606\u3a85\u5b88\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u5b88\u5b88\u5b88\u5b88" - + "\u4606\u3e80\u3e80\u3a85\u4606\u4606\u4606\u4606\u3e80\u3e80\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3e80\u3e80\u3e80" - + "\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u4606\u3e80\u5b88\u5b88\u5b88" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3e80\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u4606\u3a85\u3a85\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u3e80\u3e80\u3e80\u3e80\u039a\u039a\u039a" - + "\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a" - + "\u039a\u039a\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u4606\u4606" - + "\u5198\u5198\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009" - + "\u6089\u5198\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u0298\u0298\u0318\u039a\u0318" - + "\u0298\u0298\u6615\u6696\u0298\u0519\u0598\u0614\u0598\u0698\u0709" - + "\u0789\u0809\u0889\u0909\u0989\u0a09\u0a89\u0b09\u0b89\u0598\u0298" - + "\u0c99\u0c99\u0c99\u0298\u0298\u0298\u0298\u0298\u0298\u2a14\u0298" - + "\u0298\u0298\u0298\u5b10\u5b10\u5b10\u5b10\u3e80\u5c09\u5c89\u5d09" - + "\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u5b88" - + "\u4606\u4606\u4606\u4606\u3e80\u3e80\u5b88\u5b88\u3e80\u3e80\u5b88" - + "\u5b88\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u5b88\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u3e80\u3a85\u3e80\u3e80" - + "\u3a85\u3a85\u3e80\u3a85\u3e80\u3e80\u3a85\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3e80\u3a85\u3a85\u3e80\u3a85\u3a85\u3e80\u3a85\u3a85" - + "\u3e80\u3e80\u4606\u3e80\u5b88\u5b88\u4606\u4606\u3e80\u3e80\u3e80" - + "\u3e80\u4606\u4606\u3e80\u3e80\u4606\u4606\u4606\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85" - + "\u3a85\u3e80\u3a85\u3e80\u3a85\u3a85\u4606\u4606\u3e80\u3e80\u5c09" - + "\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u3a85\u3a85" - + "\u039a\u039a\u610b\u618b\u620b\u628b\u630b\u638b\u501c\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3a85" - + "\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u4606\u3a85" - + "\u5b88\u5b88\u4606\u4606\u4606\u4606\u4606\u3e80\u4606\u4606\u5b88" - + "\u3e80\u5b88\u5b88\u4606\u3e80\u3e80\u3a85\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u630b" - + "\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u501c\u4606" - + "\u501c\u4606\u501c\u4606\u6615\u6696\u6615\u6696\u5b88\u5b88\u4606" - + "\u4606\u4606\u3e80\u3e80\u3e80\u5b88\u5b88\u3e80\u3e80\u5b88\u5b88" - + "\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u4606\u5b88" - + "\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3e80\u3a85\u3a85\u3e80\u5b88\u4606\u4606\u4606\u4606\u5b88" - + "\u4606\u3e80\u3e80\u3e80\u4606\u4606\u5b88\u4606\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u5b88\u5b88\u5b88\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u5b88\u5b88\u3e80\u3e80\u3e80\u5b88\u5b88\u5b88\u3e80\u5b88\u5b88" - + "\u5b88\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u5b88\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u4584\u3e80\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u3e80\u3e80\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89" - + "\u6009\u6089\u3e80\u3e80\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u5c09" - + "\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u5087\u5087\u5087\u5b88\u4606\u4606" - + "\u4606\u3e80\u3e80\u5b88\u5b88\u5b88\u3e80\u5b88\u5b88\u5b88\u4606" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u5b88\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u4606\u3e80\u3e80\u3e80\u3e80" - + "\u5b88\u5b88\u5b88\u4606\u4606\u4606\u3e80\u4606\u3e80\u5b88\u5b88" - + "\u5b88\u5b88\u5b88\u5b88\u5b88\u5b88\u4606\u5b88\u5b88\u4606\u4606" - + "\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u4606\u5198\u5198" - + "\u5198\u5198\u5198\u5198\u5198\u039a\u5198\u3e80\u3e80\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u4584\u4606\u4606\u4606\u4606\u4606" - + "\u4606\u4606\u4606\u5198\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09" - + "\u5f89\u6009\u6089\u5198\u5198\u3e80\u3e80\u3e80\u3e80\u3a85\u501c" - + "\u501c\u501c\u5198\u5198\u5198\u5198\u5198\u5198\u5198\u5198\u65b8" - + "\u5198\u5198\u5198\u5198\u5198\u5198\u501c\u501c\u501c\u501c\u501c" - + "\u4606\u4606\u501c\u501c\u501c\u501c\u501c\u501c\u4606\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u3e80\u3e80\u501c\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u1a97\u4584\u4584\u4584" - + "\u3e80\u5c09\u5c89\u5d09\u5d89\u5e09\u5e89\u5f09\u5f89\u6009\u6089" - + "\u5198\u5198\u5198\u5198\u5198\u5198\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u5b88\u5b88\u4606\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u020c\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u6615\u6696\u3e80\u3e80\u3e80\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u5198" - + "\u5198\u5198\u6b8b\u6c0b\u6c8b\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u4606\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3001\u3082\u3001" - + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082" - + "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u2e82\u2e82\u2e82" - + "\u2e82\u2e82\u6d02\u3e80\u3e80\u3e80\u3e80\u6d82\u6d82\u6d82\u6d82" - + "\u6d82\u6d82\u6d82\u6d82\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01" - + "\u6e01\u6d82\u6d82\u6d82\u6d82\u6d82\u6d82\u6d82\u6d82\u6e01\u6e01" - + "\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u6d82\u6d82\u6d82\u6d82\u6d82" - + "\u6d82\u3e80\u3e80\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u3e80\u3e80" - + "\u2e82\u6d82\u4902\u6d82\u4902\u6d82\u4902\u6d82\u3e80\u6e01\u3e80" - + "\u6e01\u3e80\u6e01\u3e80\u6e01\u6d82\u6d82\u6d82\u6d82\u6d82\u6d82" - + "\u6d82\u6d82\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u6e01\u6e82" - + "\u6e82\u6f02\u6f02\u6f02\u6f02\u6f82\u6f82\u7002\u7002\u7082\u7082" - + "\u7102\u7102\u3e80\u3e80\u7182\u7182\u7182\u7182\u7182\u7182\u7182" - + "\u7182\u7203\u7203\u7203\u7203\u7203\u7203\u7203\u7203\u7182\u7182" - + "\u7182\u7182\u7182\u7182\u7182\u7182\u7203\u7203\u7203\u7203\u7203" - + "\u7203\u7203\u7203\u6d82\u6d82\u2e82\u7282\u2e82\u3e80\u2e82\u4902" - + "\u6e01\u6e01\u7301\u7301\u7383\u1a1b\u7402\u1a1b\u1b02\u1b82\u1c02" - + "\u1c82\u1d02\u1d82\u1e02\u1e82\u1f02\u1f82\u2002\u2082\u2102\u2182" - + "\u2202\u2282\u2302\u2382\u2402\u2482\u2502\u2582\u2602\u2682\u2702" - + "\u2782\u6615\u0c99\u6696\u0c99\u3e80\u6d82\u6d82\u4902\u4902\u2e82" - + "\u7582\u2e82\u4902\u6e01\u6e01\u7601\u7601\u7681\u1a1b\u1a1b\u1a1b" - + "\u3e80\u3e80\u2e82\u7282\u2e82\u3e80\u2e82\u4902\u7701\u7701\u7781" - + "\u7781\u7383\u1a1b\u1a1b\u3e80\u020c\u020c\u020c\u020c\u020c\u020c" - + "\u020c\u782c\u020c\u020c\u020c\u788c\u5b10\u5b10\u7910\u7990\u2a14" - + "\u7a34\u2a14\u2a14\u2a14\u2a14\u0298\u0298\u7a9d\u7b1e\u6615\u7a9d" - + "\u7a9d\u7b1e\u6615\u7a9d\u0298\u0298\u0298\u0298\u0298\u0298\u0298" - + "\u0298\u7b8d\u7c0e\u7c90\u7d10\u7d90\u7e10\u7e90\u782c\u0318\u0318" - + "\u0318\u0318\u0318\u0298\u0298\u0298\u0298\u29dd\u2d5e\u0298\u0298" - + "\u0298\u0298\u1a97\u7f0b\u2c8b\u2b0b\u2b8b\u7f8b\u800b\u808b\u810b" - + "\u818b\u820b\u0519\u0519\u0c99\u0455\u04d6\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u3e80\u3e80\u3e80\u3e80\u3e80\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u4d01\u289c\u289c\u289c\u289c" - + "\u4d01\u289c\u289c\u2902\u4d01\u4d01\u4d01\u2902\u2902\u4d01\u4d01" - + "\u4d01\u2902\u289c\u4d01\u289c\u289c\u289c\u4d01\u4d01\u4d01\u4d01" - + "\u4d01\u289c\u289c\ua20a\ua28a\ua30a\ua38a\ua40a\ua48a\ua50a\ua58a" - + "\ua60a\u4606\u4606\u4606\u4606\u4606\u4606\u2a14\u4584\u4584\u4584" - + "\u4584\u4584\u289c\u289c\ua68a\ua70a\ua78a\u3e80\u3e80\u3e80\u289c" - + "\u289c\u289c\u289c\u3e80\u289c\u289c\u289c\u289c\u3e80\u3e80\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u0c99\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u0c99\u0c99\u289c\u289c\u0c99\u289c\u0c99" + + "\u2f02\u2f02\u2f02\u2f02\u0c99\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02" + + "\u2f02\u2f82\u3f01\u2902\u3001\u3082\u3001\u3082\u3001\u3082\u3001" + + "\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3d82\u3001" + + "\u3082\u539c\u4786\u4786\u4786\u4786\u3f80\u5407\u5407\u3001\u3082" + + "\u3001\u3082\u3001\u3082\u3f80\u3f80\u3001\u3082\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u4786\u6008\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05" + + "\u3f80\u3b05\u3f80\u3f80\u3b05\u3b05\u3f80\u3b05\u3f80\u3f80\u3b05" + + "\u3f80\u3f80\u2e82\u7e02\u2e82\u3f80\u2e82\u4a82\u8181\u8181\u8201" + + "\u8201\u7f03\u1a1b\u1a1b\u3f80\u4786\u4786\u6008\u3f80\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3f80\u3b05" + + "\u3b05\u3b05\u3b05\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80" + + "\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u5518\u5518\u3b05\u3b05\u3b05\u3b05\u3c01\u3c83" + + "\u3d02\u3c01\u3c83\u3d02\u3c01\u3c83\u3d02\u3001\u3082\u3001\u3082" + + "\u2902\u2902\u2902\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3f80\u3b05\u3b05\u3f80" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u4786\u3b05\u6008\u6008" + + "\u4786\u4786\u4786\u3f80\u3f80\u3f80\u6008\u6008\u3f80\u3f80\u6008" + + "\u6008\u4786\u3f80\u3f80\u3101\u3182\u3001\u3082\u3001\u3082\u3001" + + "\u3082\u2902\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u2e82" + + "\u2e82\u2e82\u2e82\u2e82\u7882\u3f80\u3f80\u3f80\u3f80\u1a1b\u1a1b" + + "\u3f80\u3f80\u3f80\u3f80\u4684\u3f80\u3f80\u3f80\u0298\u3f80\u5481" + + "\u5481\u5481\u5481\u5481\u5481\u5481\u5481\u5481\u5481\u5481\u5481" + + "\u5481\u5481\u5481\u5481\u3f80\u3f80\u4684\u5518\u5518\u5518\u5518" + + "\u5518\u5518\u539c\u539c\u539c\u539c\u539c\u4786\u4786\u539c\u539c" + + "\u539c\u539c\u539c\u539c\u4786\u539c\u539c\u539c\u539c\u539c\u539c" + + "\u3f80\u3f80\u539c\u3b05\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u4d82\u4e02\u4e81" + + "\u4e81\u4e81\u4f02\u4f82\u2902\u3001\u3082\u3001\u3082\u3001\u3082" + + "\u3001\u3082\u3001\u3082\u2e82\u3001\u3082\u3001\u3082\u3001\u3082" + + "\u3981\u3001\u3082\u3981\u2902\u2902\u3001\u3082\u3981\u3001\u4502" + + "\u2902\u2902\u4502\u2902\u2902\u2902\u2902\u4502\u2902\u4582\u4582" + + "\u2902\u2902\u2902\u2902\u4402\u2902\u2902\u4482\u2902\u2902\u2902" + + "\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u4002\u4082\u2902\u4102" + + "\u4102\u2902\u4182\u2902\u4202\u2902\u2902\u2902\u2902\u3301\u3001" + + "\u3082\u3001\u3082\u3381\u3001\u3082\u3401\u3401\u3001\u3082\u2902" + + "\u3481\u3501\u3581\u3001\u3082\u3401\u3601\u3682\u3701\u3781\u3001" + + "\u3082\u2902\u2902\u3701\u3801\u3882\u3901\u3082\u3a01\u3a01\u3001" + + "\u3082\u3001\u3082\u3a81\u3001\u3082\u2902\u3b05\u3001\u3082\u2902" + + "\u3b82\u4786\u4786\u4786\u4786\u4786\u4806\u4786\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u3f80\u4786\u4786\u4786\u5698" + + "\u4786\u4786\u5698\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u6008\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05" + + "\u3f80\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u3b05\u3b05\u3f80" + + "\u3b05\u3f80\u3b05\u3b05\u3f80\u3b05\u3b05\u3f80\u3b05\u3b05\u3f80" + + "\u3f80\u4786\u3f80\u6008\u6008\u6008\u3f80\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80" + + "\u3f80\u6008\u6008\u5518\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u5f90\u5f90" + + "\u5f90\u289c\u289c\u3f80\u3f80\u3f80\u0298\u0298\u6089\u6109\u6189" + + "\u6209\u6289\u6309\u6389\u6409\u6489\u6509\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u4786\u3b05\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3f80\u3f80\u3f80\u3b05\u3b05\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05" + + "\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80" + + "\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u5582\u5582\u5582\u5582\u5582" + + "\u5582\u5582\u5582\u5582\u5582\u5582\u5582\u5582\u5582\u5582\u5582" + + "\u2e82\u3f80\u5518\u5614\u3f80\u3f80\u3f80\u3f80\u3f80\u4786\u4786" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u5885\u5885" + + "\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885" + + "\u5885\u5885\u5885\u6b95\u6c16\u4102\u2902\u2902\u4282\u2902\u2902" + + "\u2902\u2902\u4302\u4382\u2902\u2902\u2902\u2902\u2902\u4382\u5790" + + "\u5790\u5790\u5790\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u0598\u5818\u289c\u289c\u4e81\u289c\u289c\u289c\u289c\u4e81\u289c" + + "\u289c\u2902\u4e81\u4e81\u4e81\u2902\u2902\u4602\u2902\u2902\u2902" + + "\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902\u2902" + + "\u2902\u2902\u4684\u4684\u4684\u4684\u4684\u4684\u4684\u4684\u4684" + + "\u4684\u4684\u4684\u4684\u4684\u4684\u4684\u4704\u4704\u4684\u4684" + + "\u4684\u4684\u4684\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b" + + "\u1a1b\u4684\u1a1b\u5614\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u4684\u4684\u1a1b\u1a1b\u1a1b\u1a1b\u4704\u4704" + + "\u4704\u4704\u4704\u4704\u4704\u4704\u4704\u4704\u4684\u4684\u1a1b" + + "\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b\u1a1b" + + "\u1a1b\u1a1b\u1a1b\u1a1b\u2e82\u7e02\u2e82\u3f80\u2e82\u4a82\u8001" + + "\u8001\u8001\u8001\u7f03\u1a1b\u1a1b\u1a1b\u289c\uac8a\uad0a\uad8a" + + "\uae0a\uae8a\uaf0a\uaf8a\ub00a\ub08a\u4786\u4786\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u3f80\u4786\u4786\u4786\u4786\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u3f80\u539c" + + "\u539c\u658b\u660b\u668b\u670b\u539c\u539c\u539c\u539c\u539c\u539c" + + "\u539c\u539c\u539c\u539c\u539c\u289c\u0c99\u289c\u289c\u289c\u289c" + + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u3f80\u289c\u3f80" + + "\u289c\u289c\u289c\u289c\u3f80\u289c\u289c\u289c\u289c\u3f80\u3f80" + + "\u289c\u289c\u289c\u289c\u289c\u539c\u289c\u289c\u289c\u289c\u289c" + + "\u0c99\u0c99\u0c99\u0c99\u0c99\u6b95\u6c16\u0298\u289c\u289c\u289c" + + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u3f80\u289c\u289c\u289c" + + "\u289c\u289c\u289c\u289c\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455" + + "\u04d6\u738b\u740b\u748b\u750b\u758b\u760b\u768b\u770b\u778b\uab8b" + + "\u738b\u740b\u748b\u750b\u758b\u760b\u4786\u4786\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786" + + "\u6008\u6008\u3f80\u3f80\u3f80\u6008\u6008\u6008\u3f80\u6008\u6008" + + "\u6008\u4786\u3f80\u3f80\u4786\u6008\u6008\u3f80\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u3b05\u3b05\u3b05\u3f80" + + "\u3b05\u3f80\u3b05\u3f80\u3f80\u3b05\u3b05\u3f80\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3f80\u3b05\u3b05\u3f80\u6008\u4786\u4786\u4786\u4786" + + "\u3f80\u3f80\u6008\u6008\u3f80\u3f80\u6008\u6008\u4786\u3f80\u3f80" + + "\u5002\u5082\u5102\u2902\u5181\u5202\u0c99\u3001\u3082\u5281\u3001" + + "\u3082\u3f80\u3f80\u3f80\u3f80\u1a1b\u1a1b\u4881\u0298\u4901\u4901" + + "\u4901\u3f80\u4981\u3f80\u4a01\u4a01\u2e01\u2e01\u3f80\u2e01\u2e01" + + "\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u2e01\u4b02\u4b82\u4b82\u4b82" + + "\u2f02\u2f02\u4c02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02\u2f02" + + "\u2f02\u4c82\u4d02\u4d02\u3f80\u4786\u4786\u6008\u3f80\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05" + + "\u3b05\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3f80\u3b05\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80" + + "\u4786\u3b05\u6008\u6008\u4786\u6008\u6008\u6008\u6008\u6008\u6008" + + "\u4786\u4786\u4786\u3f80\u3f80\u3f80\u3f80\u5301\u5301\u5301\u5301" + + "\u5301\u5301\u5301\u5301\u5301\u5301\u5301\u5301\u5301\u5301\u5301" + + "\u5301\u5082\u5082\u5082\u5082\u5082\u5082\u5082\u5082\u5082\u5082" + + "\u5082\u5082\u5082\u5082\u5082\u5082\u4e81\u3001\u3082\u3001\u3082" + + "\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3001\u3082\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u6089\u6109\u6189\u6209\u6289\u6309" + + "\u6389\u6409\u6489\u6509\u6b0b\u6b0b\u6b0b\u6b0b\u6b0b\u6b0b\u539c" + + "\u4786\u539c\u4786\u539c\u4786\u6b95\u6c16\u6b95\u6c16\u6008\u6008" + + "\u4786\u4786\u4786\u3f80\u4786\u3f80\u6008\u6008\u6008\u6008\u6008" + + "\u6008\u6008\u6008\u4786\u6008\u6008\u4786\u4786\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u6008\u6008\u6008\u6008\u4786\u3f80\u3f80\u5518" + + "\u5518\u5518\u5518\u5518\u5518\u5518\u5518\u6109\u6189\u6209\u6289" + + "\u6309\u6389\u6409\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786" + + "\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u2e82\u2e82\u2e82\u2e82\u2e82\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u5705\u4786\u5705\u5705\u3f80\u5705\u5705\u3f80\u5705\u5705" + + "\u5705\u5705\u5705\u5705\u5705\u5705\u5705\u5705\u5705\u5705\u5705" + + "\u5705\u5705\u5705\u3f80\u3f80\u3f80\u3f80\u3f80\u6008\u6008\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05\u3f80\u3b05\u3b05\u3f80" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u4786\u3b05\u6008\u4786" + + "\u4786\u4786\u4786\u4786\u3f80\u4786\u4786\u6008\u3f80\u6008\u6008" + + "\u4786\u3f80\u3f80\u0298\u0298\u0318\u039a\u0318\u0298\u0298\u0455" + + "\u04d6\u0298\u0519\u0598\u0614\u0598\u0698\u5705\u5705\u5705\u5698" + + "\u5698\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u6008\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u2d8b" + + "\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b\u2d8b" + + "\u738b\u5989\u5a09\u5a89\u5b09\u5b89\u5c09\u5c89\u5d09\u5d89\u5e09" + + "\u0318\u5e98\u5e98\u5818\u5885\u5885\u5885\u5885\u5818\u5885\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u5790\u5407\u4786\u5407\u5407" + + "\u5407\u4786\u4786\u4786\u4786\u4786\u4786\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u5818\u3f80\u3f80\u3f80\u5818\u5818\u5818\u5818\u5818\u5818" + + "\u5818\u5818\u5818\u5818\u5818\u5818\u5818\u5818\u3f80\u5f90\u5904" + + "\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u3f80" + + "\u3f80\u5885\u5885\u5885\u5885\u5885\u3f80\u5885\u5885\u5885\u5885" + + "\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u6109" + + "\u6189\u6209\u6289\u6309\u6389\u6409\u6489\u6509\u688b\u6c8b\u6d0b" + + "\u6d8b\u6e0b\u6e8b\u6f0b\u6f8b\u700b\u690b\u708b\u3f80\u3f80\u3f80" + + "\u0709\u0789\u0809\u0889\u0909\u0989\u0a09\u0a89\u0b09\u0b89\u5885" + + "\u5885\u5885\u5f1c\u5f1c\u5885\u4786\u5885\u5885\u5885\u5885\u5885" + + "\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u3f80" + + "\u3f80\u5f90\u5f90\u5f90\u5f90\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u5f90\u5f90\u5f90\u5f90\u5f90\u5f90\u4786\u4786\u4786\u4786\u4786" + + "\u5904\u5904\u4786\u4786\u289c\u4786\u4786\u4786\u4786\u5885\u5885" + + "\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\u5885\uc51a" + + "\u289c\u3f80\u3f80\u4786\u5885\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u04d6\u0298\u0455" + + "\u04d6\u0298\u1a97\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3f80\u3f80\u3f80\u3f80\u6008\u6008\u3f80\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3f80\u3f80\u3f80\u3f80\u4786\u4786\u6008\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u6b95\u6c16" + + "\u3f80\u3f80\u3f80\u020c\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u1a97\u4684\u4684\u4684\u3b05\u3b05\u3b05\u4684\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3f80\u3f80\u4786\u3b05\u6008\u6008\u6008\u6008" + + "\u6008\u3f80\u6a06\u6008\u6008\u3f80\u6008\u6008\u4786\u4786\u3f80" + + "\u3f80\u3f80\u3f80\u4786\u4786\u3f80\u3f80\u4786\u4786\u4786\u3f80" + + "\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u4786" + + "\u4786\u1a1b\u1a1b\u4684\u4684\u3b05\u4786\u4786\u4786\u4786\u3f80" + + "\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3f80\u3f80\u5518\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05\u4786\u4786" + + "\u5518\u5518\u6089\u6109\u6189\u6209\u6289\u6309\u6389\u6409\u6489" + + "\u6509\u5518\u5518\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05\u4786\u4786" + + "\u3f80\u3f80\u6089\u6109\u6189\u6209\u6289\u6309\u6389\u6409\u6489" + + "\u6509\u3f80\u3f80\u3b05\u3b05\u3f80\u3f80\u3b05\u3b05\u039a\u039a" + + "\u658b\u660b\u668b\u670b\u678b\u680b\u539c\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u4786\u4786\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05\u4786\u3b05\u3b05\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u3f80\u3f80\u3f80\u3f80\u039a" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u4684\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u5518\u4786\u4786\u3b05" + + "\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u3f80\u6089\u6109\u6189\u6209" + + "\u6289\u6309\u6389\u6409\u6489\u6509\u5518\u5518\u5518\u5518\u5518" + + "\u5518\u688b\u690b\u698b\u289c\u289c\u289c\u289c\u289c\u289c\u039a" + + "\u289c\u3f80\u3f80\u3f80\u3f80\u3f80\u4786\u6008\u6008\u6008\u6008" + + "\u3f80\u4786\u4786\u4786\u3f80\u4786\u4786\u4786\u4786\u3f80\u3f80" + + "\u3b05\u3b05\u3b05\u3b05\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80" + + "\u3f80\u4786\u3b05\u6008\u6a06\u6008\u4786\u4786\u4786\u3f80\u3f80" + + "\u6008\u6008\u6008\u3f80\u6008\u6008\u6008\u4786\u3f80\u3f80\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80\u3f80\u4786\u3f80" + + "\u3f80\u3f80\u3f80\u6008\u6008\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u5518\u5518\u5518\u710a\u718a" + + "\u3b05\u4786\u3b05\u3b05\u4786\u4786\u4786\u4786\u4786\u4786\u3f80" + + "\u4786\u4786\u3b05\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80" + + "\u4684\u3f80\u4786\u4786\u4786\u4786\u4786\u4786\u3f80\u3f80\u3b05" + + "\u539c\u539c\u539c\u5518\u5518\u5518\u5518\u5518\u5518\u5518\u5518" + + "\u6ab8\u5518\u5518\u5518\u4786\u6008\u4786\u3f80\u3f80\u3f80\u4786" + + "\u4786\u6008\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u6008\u6008\u4786\u4786\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u4e81\u4e81\u289c\u4e81\u2902\u3b05\u3b05\u3b05" + + "\u3b05\u2902\u289c\u289c\u3f80\u2902\u4e81\u4e81\u4e81\u4e81\u4e81" + + "\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81\u4e81" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05" + + "\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u720a" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05\u4786\u4786\u4786\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05\u3b05" + + "\u4786\u4786\u4786\u5518\u5518\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3b05\u3b05\u4786\u4786\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3b05\u3f80\u4786" + + "\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3b05\u3b05\u3b05\u3b05\u7290\u7290\u6008\u4786\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u6008\u6008\u6008\u6008\u4786\u4786" + + "\u7808\u7808\u7808\u3f80\u3f80\u3f80\u3f80\u4786\u4786\u4786\u4786" + + "\u5518\u5518\u5518\u4684\u5518\u5518\u5518\u039a\u3b05\u4786\u3f80" + + "\u3f80\ua90b\ua98b\uaa0b\uaa8b\uab0b\u738b\u740b\u748b\u750b\u758b" + + "\u760b\u768b\u770b\u778b\uab8b\u730b\u738b\u740b\u748b\u750b\u758b" + + "\u760b\u768b\u770b\u778b\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u0298" + + "\u0298\u0298\u0298\u0298\u0298\u5614\u0298\u0298\u0298\u0298\u4786" + + "\u4786\u4786\u020c\u3f80\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05\u3b05" + + "\u3b05\u3b05\u4786\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u4e81\u4e81" + + "\u4e81\u2902\u289c\u4e81\u289c\u289c\u289c\u4e81\u4e81\u4e81\u4e81" + + "\u4e81\u289c\u289c\u0c99\u289c\u0c99\u289c\u289c\u289c\u289c\u289c" + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u0c99\u289c\u289c\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u948a" - + "\u950a\u958a\u960a\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u0c99\u0c99\u0c99\u0c99\u0c99\u289c\u289c" - + "\u289c\u289c\u289c\u0c99\u0c99\u289c\u289c\u289c\u289c\u4d01\u289c" - + "\u8281\u289c\u4d01\u289c\u8301\u8381\u4d01\u4d01\u2a9c\u2902\u4d01" - + "\u4d01\u289c\u4d01\u2902\u3a85\u3a85\u3a85\u3a85\u2902\u289c\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u848a\u850a\u858a\u860a\u868a\u870a\u878a" - + "\u880a\u888a\u890a\u898a\u8a0a\u8a8a\u8b0a\u8b8a\u8c0a\u8c8a\u8d0a" - + "\u8d8a\u8e0a\u8e8a\u8f0a\u8f8a\u900a\u908a\u910a\u918a\u920a\u928a" - + "\u930a\u938a\u940a\u0c99\u0c99\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59" + + "\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99" + + "\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" + + "\u0c99\u0c99\u0455\u04d6\u0c99\u0c99\u0c99\u0455\u04d6\u0455\u04d6" + + "\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0c99" + + "\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99" + + "\u0c59\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99" + + "\u0c99\u0c99\u0c99\u0c59\u0c99\u0c59\u0c99\u0c59\u0c59\u0c59\u0c59" + + "\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59" + + "\u0c59\u0c59\u0c59\u0c99\u0c59\u0c99\u0c59\u0c59\u0c59\u0c99\u0c99" + + "\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c99\u0c99" + + "\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c59\u0c99\u0c99\u0c59" + + "\u0c59\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" + + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c99" + + "\u0c59\u0c99\u0c99\u0c59\u0c99\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99" + + "\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c59" + + "\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99" + + "\u0c99\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c99" + + "\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c99\u0c99\u0c99" + + "\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99" + + "\u0c99\u0c99\u289c\u289c\u289c\u289c\u289c\u0c99\u0c99\u289c\u289c" + + "\u289c\u289c\u4e81\u289c\u8c81\u289c\u4e81\u289c\u8d01\u8d81\u4e81" + + "\u4e81\u2a9c\u2902\u4684\u4684\u2902\u2902\u2902\u2902\u2902\u2902" + + "\u2902\u2902\u2902\u2902\u3f80\u3f80\u3f80\u3f80\u7902\u7902\u7902" + + "\u7902\u7902\u7902\u7902\u7902\u7981\u7981\u7981\u7981\u7981\u7981" + + "\u7981\u7981\u7902\u7902\u7902\u7902\u7902\u7902\u3f80\u3f80\u7981" + + "\u7981\u7981\u7981\u7981\u7981\u3f80\u3f80\u2e82\u7902\u4a82\u7902" + + "\u4a82\u7902\u4a82\u7902\u3f80\u7981\u3f80\u7981\u3f80\u7981\u3f80" + + "\u7981\u7a02\u7a02\u7a82\u7a82\u7a82\u7a82\u7b02\u7b02\u7b82\u7b82" + + "\u7c02\u7c02\u7c82\u7c82\u3f80\u3f80\u7d02\u7d02\u7d02\u7d02\u7d02" + + "\u7d02\u7d02\u7d02\u7d83\u7d83\u7d83\u7d83\u7d83\u7d83\u7d83\u7d83" + + "\u7902\u7902\u2e82\u7e02\u2e82\u3f80\u2e82\u4a82\u7981\u7981\u7e81" + + "\u7e81\u7f03\u1a1b\u7f82\u1a1b\u7902\u7902\u4a82\u4a82\u3f80\u3f80" + + "\u2e82\u4a82\u7981\u7981\u8081\u8081\u3f80\u1a1b\u1a1b\u1a1b\u7902" + + "\u7902\u4a82\u4a82\u2e82\u5102\u2e82\u4a82\u7981\u7981\u8101\u8101" + + "\u5281\u1a1b\u1a1b\u1a1b\u020c\u020c\u020c\u020c\u020c\u020c\u020c" + + "\u82ac\u020c\u020c\u020c\u830c\u5f90\u5f90\u7290\u8390\u5614\u8434" + + "\u5614\u5614\u5614\u5614\u0298\u0298\u849d\u851e\u6b95\u849d\u849d" + + "\u851e\u6b95\u849d\u0598\u0298\u0598\u3f80\u0298\u0598\u0298\u0298" + + "\u5614\u6b95\u6c16\u6b95\u6c16\u6b95\u6c16\u0318\u0318\u0318\u0318" + + "\u0318\u0298\u0298\u0298\u0298\u29dd\u2d5e\u0298\u0298\u0298\u0298" + + "\u1a97\u890b\u2902\u3f80\u3f80\u898b\u8a0b\u8a8b\u8b0b\u8b8b\u8c0b" + + "\u0519\u0519\u0c99\u0455\u04d6\u2902\u890b\u2c8b\u2b0b\u2b8b\u898b" + + "\u8a0b\u8a8b\u8b0b\u8b8b\u8c0b\u0519\u0519\u0c99\u0455\u04d6\u3f80" + + "\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a\u039a" + + "\u039a\u039a\u039a\u039a\u039a\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u4786\u4786\u4786" + + "\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u4786\u5407" + + "\u5407\u5407\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99" + + "\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59\u0c59" + + "\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59" + + "\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59" + + "\u0c59\u0c99\u0c99\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59" + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99" - + "\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99\u0c99" - + "\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59" - + "\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59\u0c59" - + "\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c99\u0c99\u0c99\u0c99" - + "\u0c99\u0c99\u0c99\u289c\u289c\u0c99\u289c\u289c\u0c99\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u0c99\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u3e80\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u0c99\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c59\u0519\u0519\u0c99\u0c59" + + "\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c99\u0c99\u0c99" + + "\u0c99\u0c59\u0c59\u0c59\u0c59\u0c99\u0c59\u0519\u0519\u0c99\u0c59" + "\u0c59\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c99\u0c59\u0c99" + "\u0c59\u0c99\u0c99\u0c99\u0c99\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c99\u0c99\u0c99\u0c99\u0c99\u0c59\u0c99\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u0455\u04d6\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u3e80\u3e80\u3e80\u3e80\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u9c1c\u9c1c\u9c1c\u9c1c" - + "\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c\u9c1c" - + "\u9c1c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c" - + "\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u9c9c\u7f0b\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u0c59\u0c99\u0c59\u0c99\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59" - + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c99\u0c59\u0c59\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u039a\u039a\u0c99\u1a1b\u289c\u039a\u039a\u3e80\u289c\u0c99" - + "\u0c99\u0c99\u0c99\u289c\u289c\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u5b10\u5b10\u5b10\u289c\u289c\u3e80\u3e80" + + "\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c59\u0c99\u0c59\u0c59\u0c99" + + "\u0c99\u0455\u04d6\u0455\u04d6\u0c59\u0c99\u0c99\u0c99\u0c99\u4e81" + + "\u2902\u2902\u2902\u2902\u289c\u0c99\u3f80\u3f80\u3f80\u3f80\u8e0a" + + "\u8e8a\u8f0a\u8f8a\u900a\u908a\u910a\u918a\u920a\u928a\u930a\u938a" + + "\u940a\u948a\u950a\u958a\u960a\u968a\u970a\u978a\u980a\u988a\u990a" + + "\u998a\u9a0a\u9a8a\u9b0a\u9b8a\u9c0a\u9c8a\u9d0a\u9d8a\u9e0a\u9e8a" + + "\u9f0a\u9f8a\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u0c99\u289c\u289c\u0c99\u289c\u289c\u0c99\u289c" + + "\u289c\u289c\u289c\u289c\u289c\u289c\u0c99\u289c\u289c\u289c\u289c" + + "\u289c\u289c\u289c\u289c\u0c59\u0c59\u0c59\u0c59\u289c\u289c\u289c" + + "\u289c\u289c\u289c\u289c\u0455\u04d6\u289c\u289c\u289c\u289c\u289c" + + "\u289c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c" + + "\u539c\u539c\u539c\u539c\u539c\u539c\u289c\u289c\u3f80\u539c\ubc8b" + + "\ubd0b\ubd8b\ube0b\ube8b\ubf0b\ubf8b\uc00b\uc08b\uc10b\uc18b\uc20b" + + "\uc28b\uc30b\uc38b\u768b\u770b\u778b\uab8b\u289c\u3f80\u3f80\u3f80" + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u3e80\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u3e80\u289c" - + "\u3e80\u289c\u289c\u289c\u289c\u3e80\u3e80\u3e80\u289c\u3e80\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u840b\u9d0b" - + "\u9d8b\u9e0b\u9e8b\u9f0b\u9f8b\ua00b\ua08b\ua10b\u840b\u9d0b\u9d8b" - + "\u9e0b\u9e8b\u9f0b\u9f8b\ua00b\ua08b\ua10b\u289c\u3e80\u3e80\u3e80" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u0c59\u0c59\u0c59" - + "\u0c59\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u289c" - + "\u501c\u289c\u289c\u289c\u289c\u289c\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u630b\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u3e80\u3e80" - + "\u3e80\u501c\u610b\u618b\u620b\u628b\ua80b\ua88b\ua90b\ua98b\uaa0b" - + "\u640b\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u289c\u3e80\u289c\u289c\u289c" - + "\u3e80\u289c\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u2c8b\u2b0b\u2b8b\u7f8b\u800b\u808b" - + "\u810b\u818b\u820b\u968b\u970b\u978b\u980b\u988b\u990b\u998b\u9a0b" - + "\u9a8b\u9b0b\u9b8b\u2c8b\u2b0b\u2b8b\u7f8b\u800b\u808b\u810b\u818b" - + "\u820b\u968b\u970b\u978b\u980b\u988b\u990b\u998b\u9a0b\u9a8b\u9b0b" - + "\u9b8b\u501c\u501c\u501c\u501c\u020c\u0298\u0298\u0298\u289c\u4584" - + "\u3a85\ua18a\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455" - + "\u04d6\u289c\u289c\u0455\u04d6\u0455\u04d6\u0455\u04d6\u0455\u04d6" - + "\u2a14\u6615\u6696\u6696\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3e80\u3e80\u3e80\u3e80\u4606\u4606\u1a1b\u1a1b" - + "\u4584\u4584\u3e80\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85" - + "\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3a85\u3e80\u501c\u501c\u630b" - + "\u630b\u630b\u630b\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c" - + "\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u501c\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93" - + "\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93" - + "\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93\uaa93" - + "\uaa93\uaa93\uaa93\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12" - + "\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12" - + "\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12\uab12" - + "\uab12\uab12\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305" - + "\u0519\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305\u5305" - + "\u5305\u5305\u5305\u3e80\u5305\u5305\u5305\u5305\u5305\u3e80\u5305" - + "\u3e80\u4606\u4606\u4606\u4606\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80" - + "\u3e80\u3e80\u3e80\u3e80\u3e80\u3e80\u0298\u2a14\u2a14\u1a97\u1a97" - + "\u6615\u6696\u6615\u6696\u6615\u6696\u6615\u6696\u6615\u6696\u6615" - + "\u6696\u3e80\u3e80\u3e80\u3e80\u0298\u0298\u0298\u0298\u1a97\u1a97" - + "\u1a97\u0598\u0298\u0598\u3e80\u0298\u0598\u0298\u0298\u2a14\u6615" - + "\u6696\u6615\u6696\u6615\u6696\u0318\u0298\u0d01\u0d81\u0e01\u0e81" - + "\u0f01\u0f81\u1001\u1081\u1101\u1181\u1201\u1281\u1301\u1381\u1401" - + "\u1481\u1501\u1581\u1601\u1681\u1701\u1781\u1801\u1881\u1901\u1981" - + "\u6615\u0298\u6696\u1a1b\u1a97"; + + "\u289c\u289c\u289c\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\ua18b\ua20b\ua28b\ua30b" + + "\ua38b\ua40b\ua48b\ua50b\u2c8b\u2b0b\u2b8b\u898b\u8a0b\u8a8b\u8b0b" + + "\u8b8b\u8c0b\ua00b\ua08b\ua10b\ua18b\ua20b\ua28b\ua30b\ua38b\ua40b" + + "\ua48b\ua50b\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c" + + "\u539c\u539c\u539c\u289c\u289c\u289c\u289c\u539c\u539c\u539c\u539c" + + "\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c\u539c" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80" + + "\u3f80\u658b\u660b\u668b\u670b\ub28b\ub30b\ub38b\ub40b\ub48b\u688b" + + "\u539c\u539c\u539c\u539c\u539c\u539c\ua59c\ua59c\ua59c\ua59c\ua59c" + + "\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c\ua59c" + + "\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c\ua61c" + + "\ua61c\ua61c\ua61c\ua61c\ua61c\u890b\ua68b\ua70b\ua78b\ua80b\ua88b" + + "\u5614\u4684\u4684\u4684\u4684\u4684\u289c\u289c\ub10a\ub18a\ub20a" + + "\u4684\u3b05\u0298\u289c\u289c\u289c\u3f80\u3f80\u3f80\u289c\u3f80" + + "\u289c\u289c\u289c\u289c\u289c\u289c\u289c\u3f80\u0c99\u0c99\u0c59" + + "\u0c59\u0c59\u0c59\u0455\u04d6\u0455\u04d6\u0455\u04d6\u3f80\u3f80" + + "\u3f80\u3f80\u020c\u0298\u0298\u0298\u289c\u4684\u3b05\uac0a\u0455" + + "\u04d6\u0455\u04d6\u0455\u04d6\u0455\u04d6\u289c\u289c\u0455\u04d6" + + "\u0455\u04d6\u0455\u04d6\u0455\u04d6\u5614\u6b95\u6c16\u6c16\u289c" + + "\ub50b\ub58b\ub60b\ub68b\ub70b\ub78b\ub80b\ub88b\ub90b\ub98b\uba0b" + + "\uba8b\ubb0b\ubb8b\ubc0b\uc413\uc413\uc413\uc413\uc413\uc413\uc413" + + "\uc413\uc413\uc413\uc413\uc413\uc413\uc413\uc413\uc413\uc492\uc492" + + "\uc492\uc492\uc492\uc492\uc492\uc492\uc492\uc492\uc492\uc492\uc492" + + "\uc492\uc492\uc492\u2e82\u2e82\u2e82\u4a82\u4a82\u2e82\u2e82\u3f80" + + "\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u3f80\u5705\u5705\u5705" + + "\u5705\u5705\u5705\u5705\u5705\u5705\u0519\u5705\u5705\u5705\u5705" + + "\u5705\u5705\u5705\u3f80\u5705\u5705\u5705\u5705\u5705\u3f80\u5705" + + "\u3f80\u0298\u5614\u5614\u1a97\u1a97\u6b95\u6c16\u6b95\u6c16\u6b95" + + "\u6c16\u6b95\u6c16\u6b95\u6c16\u6b95\u6c16\u0298\u0298\u6b95\u6c16" + + "\u0298\u0298\u0298\u0298\u1a97\u1a97\u1a97\u0298\u0298\u0519\u0614" + + "\u0c99\u0c99\u0c99\u3f80\u0298\u039a\u0318\u0298\u3f80\u3f80\u3f80" + + "\u3f80\u2282\u2302\u2382\u2402\u2482\u2502\u2582\u2602\u2682\u2702" + + "\u2782\u0455\u0c99\u04d6\u0c99\u0455\u039a\u039a\u0c99\u1a1b\u289c" + + "\u039a\u039a\u3f80\u289c\u0c99\u0c99\u0c99\u0c99\u289c\u289c\u3f80", + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\u0080\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\u0080\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\u0080\005\005\u0080\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\u0080\u0080\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u1981\u1981\u1981\u1981\u1981" + + "\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981" + + "\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981" + + "\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981\u1981" + + "\u1981\u1981\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02" + + "\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02\u1a02" + + "\u1a02\u1a02\u1a02\u1a02\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\u0080\u0080\u0080\u0080\u0080\u0118\u0198\u021c\u0080" + + "\u0080\u0080\u0080\u028b\u030b\u038b\u040b\u048b\u050b\u058b\u060b" + + "\u068b\u070b\u078b\u080b\u088b\u090b\u098b\u0a0b\u0a8b\u0b0b\u0b8b" + + "\u0c0b\u0c8b\u0d0b\u0d8b\u0e0b\u0e8b\u0f0b\u0f8b\u100b\u108b\u110b" + + "\u118b\u120b\u128b\u130b\u138b\u140b\u148b\u150b\u158b\u160b\u168b" + + "\u170b\u178b\u180b\u188b\u0080\u0080\u0080\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u2008\u2008\u2086\u2086\u2086\u021c\u021c\u021c\u2008\u2008\u2008" + + "\u2008\u2008\u2008\u2110\u2110\u2110\u2110\u2110\u2110\u2110\u2110" + + "\u2086\u2086\u2086\u2086\u2086\u021c\u021c\u2086\u2086\u2086\u2086" + + "\u2086\u2086\u2086\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u2086\u2086\u2086\u2086\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u0080" + + "\u0080\u0080\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c\u021c" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\005\005\005\005\005\005\005\005\005\005" + + "\u190a\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\u0080\u028b\u048b" + + "\u070b\u090b\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\u0080\u0118\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\u0080\u0080" + + "\u1a89\u1b09\u1b89\u1c09\u1c89\u1d09\u1d89\u1e09\u1e89\u1f09\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u1f85" + + "\u1f85\u1f85\u1f85\u1f85\u1f85\u0080\u0080\u1f85\u0080\u1f85\u1f85" + + "\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85" + + "\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85" + + "\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85" + + "\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u1f85\u0080\u1f85" + + "\u1f85\u0080\u0080\u0080\u1f85\u0080\u0080\u1f85\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c\u219c" + + "\u219c\u219c\u219c\u219c\u219c\u219c\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u2201\u2319\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2319\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2319\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u0080\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u0080\u0080\u0080\u0080\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u0080\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u0080\u2201\u0080\u0080\u0080\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u0080\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2201\u0080\u2201\u2201\u0080\u0080\u2201\u0080\u0080\u2201" + + "\u2201\u0080\u0080\u2201\u2201\u2201\u2201\u0080\u2201\u2201\u2201" + + "\u2201\u2201\u2201\u2201\u2201\u2282\u2282\u2282\u2282\u0080\u2282" + + "\u0080\u2282\u2282\u2282\u2282\u2201\u2201\u0080\u2201\u2201\u2201" + + "\u2201\u0080\u0080\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u2201" + + "\u0080\u2201\u2201\u2201\u2201\u2201\u2201\u2201\u0080\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282\u2282" + + "\u2282\u2282\u2201\u2201\u0080\u2201\u2201\u2201\u2201\u0080\u2282" + + "\u2282\u2282\u2319\u2282\u2282\u2282\u2282\u2282\u2282\u0080\u0080" + + "\u0080\u0080\u2389\u2409\u2489\u2509\u2589\u2609\u2689\u2709\u2789" + + "\u2809\u2389\u2409\u2489\u2509\u2589\u2609\u2689\u2709\u2789\u2809" + + "\u2389\u2409\u2489\u2509\u2589\u2609\u2689\u2709\u2789\u2809\u2389" + + "\u2409\u2489\u2509\u2589\u2609\u2689\u2709\u2789\u2809\u2389\u2409" + + "\u2489\u2509\u2589\u2609\u2689\u2709\u2789\u2809", + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\005\005\005\005" + + "\005\005\005\005\005\005\005\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080\u0080" + + "\u0080\u0080\u0080", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "", + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106\u0106" + + "\u0106\u0106\u0106\u0106\u0106\u0106\u0106\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\u0090\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\000\000\000\000\000\000\000\000\000\000" + + "\000\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090" + + "\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090\u0090", + + "", + + ""}; /** * This is the attribute table for computing the numeric value of a @@ -780,8 +1296,8 @@ public interface CharData * Note that this is a signed value, but stored as an unsigned char * since this is a String literal. */ - String NUM_VALUE - = "\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff" + String[] NUM_VALUE = new String[]{ + "\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff" + "\uffff\uffff\uffff\000\001\002\003\004\005\006\007" + "\010\011\uffff\uffff\012\013\014\015\016\017\020" + "\021\022\023\024\025\026\027\030\031\032\033" @@ -796,23 +1312,66 @@ public interface CharData + "\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff" + "\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff" + "\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff\uffff" - + "\uffff\uffff\uffff\uffff\uffff\000\001\002\003\004\005" - + "\006\007\010\011\uffff\uffff\uffff\uffff\000\001\002" - + "\003\004\005\006\007\010\011\001\002\003\004" - + "\uffff\020\012d\u03e8\uffff\uffff\uffff\024\036(" - + "2 127) - throw new MalformedURLException(str + " : Invalid character"); if (c == '%') { if (i + 2 >= str.length()) @@ -160,6 +157,15 @@ public class Connection extends URLConnection throw new MalformedURLException(str + " : Invalid quoted character"); buf[pos++] = (byte) (hi * 16 + lo); } + else if (c > 127) { + try { + byte [] c_as_bytes = Character.toString(c).getBytes("utf-8"); + System.arraycopy(c_as_bytes, 0, buf, pos, c_as_bytes.length); + } + catch (java.io.UnsupportedEncodingException x2) { + throw (Error) new InternalError().initCause(x2); + } + } else buf[pos++] = (byte) c; } diff --git a/libjava/classpath/gnu/java/net/protocol/ftp/ActiveModeDTP.java b/libjava/classpath/gnu/java/net/protocol/ftp/ActiveModeDTP.java index 3755e8b..aa3c412 100644 --- a/libjava/classpath/gnu/java/net/protocol/ftp/ActiveModeDTP.java +++ b/libjava/classpath/gnu/java/net/protocol/ftp/ActiveModeDTP.java @@ -84,6 +84,7 @@ final class ActiveModeDTP } this.connectionTimeout = connectionTimeout; acceptThread = new Thread(this, "ActiveModeDTP"); + acceptThread.setDaemon(true); acceptThread.start(); } diff --git a/libjava/classpath/gnu/java/net/protocol/ftp/FTPURLConnection.java b/libjava/classpath/gnu/java/net/protocol/ftp/FTPURLConnection.java index 62c40f1..f937e51 100644 --- a/libjava/classpath/gnu/java/net/protocol/ftp/FTPURLConnection.java +++ b/libjava/classpath/gnu/java/net/protocol/ftp/FTPURLConnection.java @@ -1,5 +1,5 @@ /* FTPURLConnection.java -- - Copyright (C) 2003, 2004 Free Software Foundation, Inc. + Copyright (C) 2003, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -38,10 +38,9 @@ exception statement from your version. */ package gnu.java.net.protocol.ftp; +import gnu.classpath.SystemProperties; import gnu.java.net.GetLocalHostAction; -import gnu.java.security.action.GetPropertyAction; -import java.io.FileNotFoundException; import java.io.FilterInputStream; import java.io.FilterOutputStream; import java.io.IOException; @@ -51,7 +50,6 @@ import java.net.InetAddress; import java.net.URL; import java.net.URLConnection; import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.HashMap; import java.util.Map; @@ -113,11 +111,9 @@ public class FTPURLConnection else { username = "anonymous"; - PrivilegedAction a = new GetPropertyAction("user.name"); - String systemUsername =(String) AccessController.doPrivileged(a); - a = new GetLocalHostAction(); + GetLocalHostAction a = new GetLocalHostAction(); InetAddress localhost =(InetAddress) AccessController.doPrivileged(a); - password = systemUsername + "@" + + password = SystemProperties.getProperty("user.name") + "@" + ((localhost == null) ? "localhost" : localhost.getHostName()); } connection = new FTPConnection(host, port); @@ -167,24 +163,13 @@ public class FTPURLConnection connect(); } String path = url.getPath(); - String filename = null; - int lsi = path.lastIndexOf('/'); - if (lsi != -1) + if (connection.changeWorkingDirectory(path)) { - filename = path.substring(lsi + 1); - path = path.substring(0, lsi); - if (!connection.changeWorkingDirectory(path)) - { - throw new FileNotFoundException(path); - } - } - if (filename != null && filename.length() > 0) - { - return this.new ClosingInputStream(connection.retrieve(filename)); + return this.new ClosingInputStream(connection.list(null)); } else { - return this.new ClosingInputStream(connection.list(null)); + return this.new ClosingInputStream(connection.retrieve(path)); } } @@ -198,20 +183,8 @@ public class FTPURLConnection { connect(); } - String dir = url.getPath(); - String filename = url.getFile(); - if (!connection.changeWorkingDirectory(dir)) - { - throw new FileNotFoundException(dir); - } - if (filename != null) - { - return this.new ClosingOutputStream(connection.store(filename)); - } - else - { - throw new FileNotFoundException(filename); - } + String path = url.getPath(); + return this.new ClosingOutputStream(connection.store(path)); } public String getRequestProperty(String key) diff --git a/libjava/classpath/gnu/java/net/protocol/http/ChunkedInputStream.java b/libjava/classpath/gnu/java/net/protocol/http/ChunkedInputStream.java index a4487d1..9870412 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/ChunkedInputStream.java +++ b/libjava/classpath/gnu/java/net/protocol/http/ChunkedInputStream.java @@ -1,5 +1,5 @@ /* ChunkedInputStream.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -38,28 +38,46 @@ exception statement from your version. */ package gnu.java.net.protocol.http; -import java.io.FilterInputStream; import java.io.IOException; import java.io.InputStream; import java.net.ProtocolException; + +// +// Note that we rely on the implemtation of skip() in the super class +// (InputStream) calling our read methods to account for chunk headers +// while skipping. +// + + /** * Input stream wrapper for the "chunked" transfer-coding. * * @author Chris Burdess (dog@gnu.org) */ public class ChunkedInputStream - extends FilterInputStream + extends InputStream { private static final byte CR = 0x0d; private static final byte LF = 0x0a; + Headers headers; + + /** The underlying stream. */ + private InputStream in; + + /** Size of the chunk we're reading. */ int size; + /** Number of bytes we've read in this chunk. */ int count; + /** + * True when we should read meta-information, false when we should + * read data. + */ boolean meta; + /** True when we've hit EOF. */ boolean eof; - Headers headers; /** * Constructor. @@ -68,7 +86,7 @@ public class ChunkedInputStream */ public ChunkedInputStream(InputStream in, Headers headers) { - super(in); + this.in = in; this.headers = headers; size = -1; count = 0; @@ -84,21 +102,10 @@ public class ChunkedInputStream { return -1; } - int ret = (int) buf[0]; - if (ret < 0) - { - ret += 0x100; - } - return ret; - } - - public int read(byte[] buffer) - throws IOException - { - return read(buffer, 0, buffer.length); + return 0xff & buf[0]; } - public int read(byte[] buffer, int offset, int length) + public synchronized int read(byte[] buffer, int offset, int length) throws IOException { if (eof) @@ -120,7 +127,18 @@ public class ChunkedInputStream } else if (c == 0x0a && last == 0x0d) // CRLF { - size = Integer.parseInt(buf.toString(), 16); + try + { + size = Integer.parseInt(buf.toString(), 16); + } + catch (NumberFormatException nfe) + { + IOException ioe = new IOException("Bad chunk header"); + ioe.initCause(nfe); + // Unrecoverable. Don't try to read more. + in.close(); + throw ioe; + } break; } else if (!seenSemi && c >= 0x30) @@ -142,17 +160,22 @@ public class ChunkedInputStream } else { - int diff = length - offset; - int max = size - count; - max = (diff < max) ? diff : max; - int len = (max > 0) ? in.read(buffer, offset, max) : 0; + int canRead = Math.min(size - count, length); + int len = in.read(buffer, offset, canRead); + if (len == -1) + { + // This is an error condition but it isn't clear what we + // should do with it. + eof = true; + return -1; + } count += len; if (count == size) { // Read CRLF int c1 = in.read(); int c2 = in.read(); - if (c1 == -1 && c2 == -1) + if (c1 == -1 || c2 == -1) { // EOF before CRLF: bad, but ignore eof = true; @@ -167,6 +190,37 @@ public class ChunkedInputStream return len; } } + + /** + * This method returns the number of bytes that can be read from + * this stream before a read might block. Even if the underlying + * InputStream has data available past the end of the current chunk, + * we have no way of knowing how large the next chunk header will + * be. So we cannot report available data past the current chunk. + * + * @return The number of bytes that can be read before a read might + * block + * + * @exception IOException If an error occurs + */ + public int available() throws IOException + { + if (meta) + return 0; + + return Math.min(in.available(), size - count); + } + + /** + * This method closes the ChunkedInputStream by closing the underlying + * InputStream. + * + * @exception IOException If an error occurs + */ + public void close() throws IOException + { + in.close(); + } } diff --git a/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java b/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java index 573a791..33d9756a 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java +++ b/libjava/classpath/gnu/java/net/protocol/http/HTTPConnection.java @@ -1,5 +1,5 @@ /* HTTPConnection.java -- - Copyright (C) 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -38,7 +38,6 @@ exception statement from your version. */ package gnu.java.net.protocol.http; -import gnu.classpath.Configuration; import gnu.classpath.SystemProperties; import gnu.java.net.EmptyX509TrustManager; @@ -53,8 +52,9 @@ import java.security.GeneralSecurityException; import java.util.ArrayList; import java.util.HashMap; import java.util.Iterator; -import java.util.LinkedHashMap; +import java.util.LinkedList; import java.util.List; +import java.util.ListIterator; import java.util.Map; import javax.net.ssl.HandshakeCompletedListener; @@ -164,7 +164,7 @@ public class HTTPConnection /** * The pool that this connection is a member of (if any). */ - private LinkedHashMap pool; + private Pool pool; /** * Creates a new HTTP connection. @@ -266,7 +266,8 @@ public class HTTPConnection /** * Returns the HTTP version string supported by this connection. - * @see #version + * @see #majorVersion + * @see #minorVersion */ public String getVersion() { @@ -331,27 +332,227 @@ public class HTTPConnection } /** + * Manages a pool of HTTPConections. The pool will have a maximum + * size determined by the value of the maxConn parameter passed to + * the {@link #get} method. This value inevitably comes from the + * http.maxConnections system property. If the + * classpath.net.http.keepAliveTTL system property is set, that will + * be the maximum time (in seconds) that an idle connection will be + * maintained. + */ + static class Pool + { + /** + * Singleton instance of the pool. + */ + static Pool instance = new Pool(); + + /** + * The pool + */ + final LinkedList connectionPool = new LinkedList(); + + /** + * Maximum size of the pool. + */ + int maxConnections; + + /** + * If greater than zero, the maximum time a connection will remain + * int the pool. + */ + int connectionTTL; + + /** + * A thread that removes connections older than connectionTTL. + */ + class Reaper + implements Runnable + { + public void run() + { + synchronized (Pool.this) + { + try + { + do + { + while (connectionPool.size() > 0) + { + long currentTime = System.currentTimeMillis(); + + HTTPConnection c = + (HTTPConnection)connectionPool.getFirst(); + + long waitTime = c.timeLastUsed + + connectionTTL - currentTime; + + if (waitTime <= 0) + removeOldest(); + else + try + { + Pool.this.wait(waitTime); + } + catch (InterruptedException _) + { + // Ignore the interrupt. + } + } + // After the pool is empty, wait TTL to see if it + // is used again. This is because in the + // situation where a single thread is making HTTP + // requests to the same server it can remove the + // connection from the pool before the Reaper has + // a chance to start. This would cause the Reaper + // to exit if it were not for this extra delay. + // The result would be starting a Reaper thread + // for each HTTP request. With the delay we get + // at most one Reaper created each TTL. + try + { + Pool.this.wait(connectionTTL); + } + catch (InterruptedException _) + { + // Ignore the interrupt. + } + } + while (connectionPool.size() > 0); + } + finally + { + reaper = null; + } + } + } + } + + Reaper reaper; + + /** + * Private constructor to ensure singleton. + */ + private Pool() + { + } + + /** + * Tests for a matching connection. + * + * @param c connection to match. + * @param h the host name. + * @param p the port. + * @param sec true if using https. + * + * @return true if c matches h, p, and sec. + */ + private static boolean matches(HTTPConnection c, + String h, int p, boolean sec) + { + return h.equals(c.hostname) && (p == c.port) && (sec == c.secure); + } + + /** + * Get a pooled HTTPConnection. If there is an existing idle + * connection to the requested server it is returned. Otherwise a + * new connection is created. + * + * @param host the name of the host to connect to + * @param port the port on the host to connect to + * @param secure whether to use a secure connection + * + * @return the HTTPConnection. + */ + synchronized HTTPConnection get(String host, + int port, + boolean secure) + { + String ttl = + SystemProperties.getProperty("classpath.net.http.keepAliveTTL"); + connectionTTL = (ttl != null && ttl.length() > 0) ? + 1000 * Math.max(1, Integer.parseInt(ttl)) : 10000; + + String mc = SystemProperties.getProperty("http.maxConnections"); + maxConnections = (mc != null && mc.length() > 0) ? + Math.max(Integer.parseInt(mc), 1) : 5; + if (maxConnections < 1) + maxConnections = 1; + + HTTPConnection c = null; + + ListIterator it = connectionPool.listIterator(0); + while (it.hasNext()) + { + HTTPConnection cc = (HTTPConnection)it.next(); + if (matches(cc, host, port, secure)) + { + c = cc; + it.remove(); + break; + } + } + if (c == null) + { + c = new HTTPConnection(host, port, secure); + c.setPool(this); + } + return c; + } + + /** + * Put an idle HTTPConnection back into the pool. If this causes + * the pool to be come too large, the oldest connection is removed + * and closed. + * + */ + synchronized void put(HTTPConnection c) + { + c.timeLastUsed = System.currentTimeMillis(); + connectionPool.addLast(c); + + // maxConnections must always be >= 1 + while (connectionPool.size() >= maxConnections) + removeOldest(); + + if (connectionTTL > 0 && null == reaper) { + // If there is a connectionTTL, then the reaper has removed + // any stale connections, so we don't have to check for stale + // now. We do have to start a reaper though, as there is not + // one running now. + reaper = new Reaper(); + Thread t = new Thread(reaper, "HTTPConnection.Reaper"); + t.setDaemon(true); + t.start(); + } + } + + /** + * Remove the oldest connection from the pool and close it. + */ + void removeOldest() + { + HTTPConnection cx = (HTTPConnection)connectionPool.removeFirst(); + try + { + cx.closeConnection(); + } + catch (IOException ioe) + { + // Ignore it. We are just cleaning up. + } + } + } + + /** * The number of times this HTTPConnection has be used via keep-alive. */ int useCount; /** - * Generates a key for connections in the connection pool. - * - * @param h the host name. - * @param p the port. - * @param sec true if using https. - * - * @return the key. + * If this HTTPConnection is in the pool, the time it was put there. */ - static Object getPoolKey(String h, int p, boolean sec) - { - StringBuilder buf = new StringBuilder(sec ? "https://" : "http://"); - buf.append(h); - buf.append(':'); - buf.append(p); - return buf.toString(); - } + long timeLastUsed; /** * Set the connection pool that this HTTPConnection is a member of. @@ -360,7 +561,7 @@ public class HTTPConnection * * @param p the pool. */ - void setPool(LinkedHashMap p) + void setPool(Pool p) { pool = p; } @@ -374,25 +575,20 @@ public class HTTPConnection { if (pool != null) { - synchronized (pool) + useCount++; + pool.put(this); + + } + else + { + // If there is no pool, just close. + try { - useCount++; - Object key = HTTPConnection.getPoolKey(hostname, port, secure); - pool.put(key, this); - while (pool.size() >= HTTPURLConnection.maxConnections) - { - // maxConnections must always be >= 1 - Object lru = pool.keySet().iterator().next(); - HTTPConnection c = (HTTPConnection)pool.remove(lru); - try - { - c.closeConnection(); - } - catch (IOException ioe) - { - // Ignore it. We are just cleaning up. - } - } + closeConnection(); + } + catch (IOException ioe) + { + // Ignore it. We are just cleaning up. } } } diff --git a/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java b/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java index d5da7d6..5c2af9e 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java +++ b/libjava/classpath/gnu/java/net/protocol/http/HTTPURLConnection.java @@ -1,5 +1,5 @@ /* HTTPURLConnection.java -- - Copyright (C) 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -38,6 +38,8 @@ exception statement from your version. */ package gnu.java.net.protocol.http; +import gnu.classpath.SystemProperties; + import java.io.ByteArrayOutputStream; import java.io.FileNotFoundException; import java.io.IOException; @@ -45,11 +47,11 @@ import java.io.InputStream; import java.io.OutputStream; import java.net.ProtocolException; import java.net.URL; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.security.cert.Certificate; +import java.util.ArrayList; import java.util.Collections; import java.util.Date; +import java.util.HashMap; import java.util.Iterator; import java.util.LinkedHashMap; import java.util.Map; @@ -70,13 +72,6 @@ public class HTTPURLConnection extends HttpsURLConnection implements HandshakeCompletedListener { - - /** - * Pool of reusable connections, used if keepAlive is true. - */ - private static final LinkedHashMap connectionPool = new LinkedHashMap(); - static int maxConnections; - /* * The underlying connection. */ @@ -108,38 +103,23 @@ public class HTTPURLConnection { super(url); requestHeaders = new Headers(); - AccessController.doPrivileged(this.new GetHTTPPropertiesAction()); - } - - class GetHTTPPropertiesAction - implements PrivilegedAction - { - - public Object run() - { - proxyHostname = System.getProperty("http.proxyHost"); - if (proxyHostname != null && proxyHostname.length() > 0) - { - String port = System.getProperty("http.proxyPort"); - if (port != null && port.length() > 0) - { - proxyPort = Integer.parseInt(port); - } - else - { - proxyHostname = null; - proxyPort = -1; - } - } - agent = System.getProperty("http.agent"); - String ka = System.getProperty("http.keepAlive"); - keepAlive = !(ka != null && "false".equals(ka)); - String mc = System.getProperty("http.maxConnections"); - maxConnections = (mc != null && mc.length() > 0) ? - Math.max(Integer.parseInt(mc), 1) : 5; - return null; - } - + proxyHostname = SystemProperties.getProperty("http.proxyHost"); + if (proxyHostname != null && proxyHostname.length() > 0) + { + String port = SystemProperties.getProperty("http.proxyPort"); + if (port != null && port.length() > 0) + { + proxyPort = Integer.parseInt(port); + } + else + { + proxyHostname = null; + proxyPort = -1; + } + } + agent = SystemProperties.getProperty("http.agent"); + String ka = SystemProperties.getProperty("http.keepAlive"); + keepAlive = !(ka != null && "false".equals(ka)); } public void connect() @@ -254,8 +234,24 @@ public class HTTPURLConnection } } - if (response.getCodeClass() == 3 && getInstanceFollowRedirects()) + if (response.isRedirect() && getInstanceFollowRedirects()) { + // Read the response body, if there is one. If the + // redirect points us back at the same server, we will use + // the cached connection, so we must make sure there is no + // pending data in it. + InputStream body = response.getBody(); + if (body != null) + { + byte[] ignore = new byte[1024]; + while (true) + { + int n = body.read(ignore, 0, ignore.length); + if (n == -1) + break; + } + } + // Follow redirect String location = response.getHeader("Location"); if (location != null) @@ -333,16 +329,13 @@ public class HTTPURLConnection { responseSink = response.getBody(); - if (response.getCode() == 404) - { - errorSink = responseSink; - throw new FileNotFoundException(url.toString()); - } + if (response.isError()) + errorSink = responseSink; } } while (retry); connected = true; - } + } /** * Returns a connection, from the pool if necessary. @@ -353,16 +346,7 @@ public class HTTPURLConnection HTTPConnection connection; if (keepAlive) { - Object key = HTTPConnection.getPoolKey(host, port, secure); - synchronized (connectionPool) - { - connection = (HTTPConnection) connectionPool.remove(key); - if (connection == null) - { - connection = new HTTPConnection(host, port, secure); - connection.setPool(connectionPool); - } - } + connection = HTTPConnection.Pool.instance.get(host, port, secure); } else { @@ -427,30 +411,32 @@ public class HTTPURLConnection public String getRequestProperty(String key) { + if (key == null) + return null; + return requestHeaders.getValue(key); } public Map getRequestProperties() { - return requestHeaders; + if (connected) + throw new IllegalStateException("Already connected"); + + Map m = requestHeaders.getAsMap(); + return Collections.unmodifiableMap(m); } public void setRequestProperty(String key, String value) { + super.setRequestProperty(key, value); + requestHeaders.put(key, value); } public void addRequestProperty(String key, String value) { - String old = requestHeaders.getValue(key); - if (old == null) - { - requestHeaders.put(key, value); - } - else - { - requestHeaders.put(key, old + "," + value); - } + super.addRequestProperty(key, value); + requestHeaders.addValue(key, value); } public OutputStream getOutputStream() @@ -493,6 +479,17 @@ public class HTTPURLConnection { throw new ProtocolException("doInput is false"); } + + if (response.isError()) + { + int code = response.getCode(); + if (code == 404 || code == 410) + throw new FileNotFoundException(url.toString()); + + throw new IOException("Server returned HTTP response code " + code + + " for URL " + url.toString()); + } + return responseSink; } @@ -514,17 +511,9 @@ public class HTTPURLConnection return null; } } - Headers headers = response.getHeaders(); - LinkedHashMap ret = new LinkedHashMap(); - ret.put(null, Collections.singletonList(getStatusLine(response))); - for (Iterator i = headers.entrySet().iterator(); i.hasNext(); ) - { - Map.Entry entry = (Map.Entry) i.next(); - String key = (String) entry.getKey(); - String value = (String) entry.getValue(); - ret.put(key, Collections.singletonList(value)); - } - return Collections.unmodifiableMap(ret); + Map m = response.getHeaders().getAsMap(); + m.put(null, Collections.singletonList(getStatusLine(response))); + return Collections.unmodifiableMap(m); } String getStatusLine(Response response) @@ -552,20 +541,7 @@ public class HTTPURLConnection { return getStatusLine(response); } - Iterator i = response.getHeaders().entrySet().iterator(); - Map.Entry entry; - int count = 1; - do - { - if (!i.hasNext()) - { - return null; - } - entry = (Map.Entry) i.next(); - count++; - } - while (count <= index); - return (String) entry.getValue(); + return response.getHeaders().getHeaderValue(index - 1); } public String getHeaderFieldKey(int index) @@ -581,24 +557,8 @@ public class HTTPURLConnection return null; } } - if (index == 0) - { - return null; - } - Iterator i = response.getHeaders().entrySet().iterator(); - Map.Entry entry; - int count = 1; - do - { - if (!i.hasNext()) - { - return null; - } - entry = (Map.Entry) i.next(); - count++; - } - while (count <= index); - return (String) entry.getKey(); + // index of zero is the status line. + return response.getHeaders().getHeaderName(index - 1); } public String getHeaderField(String name) @@ -614,7 +574,7 @@ public class HTTPURLConnection return null; } } - return (String) response.getHeader(name); + return response.getHeader(name); } public long getHeaderFieldDate(String name, long def) diff --git a/libjava/classpath/gnu/java/net/protocol/http/Headers.java b/libjava/classpath/gnu/java/net/protocol/http/Headers.java index 9306fc4..b42faaa 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/Headers.java +++ b/libjava/classpath/gnu/java/net/protocol/http/Headers.java @@ -1,5 +1,5 @@ /* Headers.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -44,125 +44,75 @@ import java.io.IOException; import java.io.InputStream; import java.text.DateFormat; import java.text.ParseException; -import java.util.Collection; +import java.util.ArrayList; +import java.util.Collections; import java.util.Date; import java.util.Iterator; import java.util.LinkedHashMap; -import java.util.LinkedHashSet; import java.util.Map; import java.util.Set; /** - * A collection of HTTP header names and associated values. - * Retrieval of values is case insensitive. An iteration over the keys + * A collection of HTTP header names and associated values. The + * values are {@link ArrayList ArrayLists} of Strings. Retrieval of + * values is case insensitive. An iteration over the collection * returns the header names in the order they were received. * * @author Chris Burdess (dog@gnu.org) + * @author David Daney (ddaney@avtrex.com) */ -public class Headers - extends LinkedHashMap +class Headers { - + /** + * A list of HeaderElements + * + */ + private final ArrayList headers = new ArrayList(); + static final DateFormat dateFormat = new HTTPDateFormat(); - static class Header + static class HeaderElement { + String name; + String value; - final String name; - - Header(String name) + HeaderElement(String name, String value) { - if (name == null || name.length() == 0) - { - throw new IllegalArgumentException(name); - } this.name = name; + this.value = value; } - - public int hashCode() - { - return name.toLowerCase().hashCode(); - } - - public boolean equals(Object other) - { - if (other instanceof Header) - { - return ((Header) other).name.equalsIgnoreCase(name); - } - return false; - } - - public String toString() - { - return name; - } - - } - - static class HeaderEntry - implements Map.Entry - { - - final Map.Entry entry; - - HeaderEntry(Map.Entry entry) - { - this.entry = entry; - } - - public Object getKey() - { - return ((Header) entry.getKey()).name; - } - - public Object getValue() - { - return entry.getValue(); - } - - public Object setValue(Object value) - { - return entry.setValue(value); - } - - public int hashCode() - { - return entry.hashCode(); - } - - public boolean equals(Object other) - { - return entry.equals(other); - } - - public String toString() - { - return getKey().toString() + "=" + getValue(); - } - } public Headers() { } - public boolean containsKey(Object key) - { - return super.containsKey(new Header((String) key)); - } - - public Object get(Object key) + /** + * Return an Iterator over this collection of headers. + * Iterator.getNext() returns objects of type {@link HeaderElement}. + * + * @return the Iterator. + */ + Iterator iterator() { - return super.get(new Header((String) key)); + return headers.iterator(); } - + /** - * Returns the value of the specified header as a string. + * Returns the value of the specified header as a string. If + * multiple values are present, the last one is returned. */ public String getValue(String header) { - return (String) super.get(new Header(header)); + for (int i = headers.size() - 1; i >= 0; i--) + { + HeaderElement e = (HeaderElement)headers.get(i); + if (e.name.equalsIgnoreCase(header)) + { + return e.value; + } + } + return null; } /** @@ -228,51 +178,62 @@ public class Headers } } - public Object put(Object key, Object value) - { - return super.put(new Header((String) key), value); - } - - public Object remove(Object key) + /** + * Add a header to this set of headers. If there is an existing + * header with the same name, it is discarded. + * + * @param name the header name + * @param value the header value + * + * @see #addValue + */ + public void put(String name, String value) { - return super.remove(new Header((String) key)); + remove(name); + headers.add(headers.size(), new HeaderElement(name, value)); } - public void putAll(Map t) + /** + * Add all headers from a set of headers to this set. If any of the + * headers to be added have the same name as existing headers, the + * existing headers will be discarded. + * + * @param o the headers to be added + */ + public void putAll(Headers o) { - for (Iterator i = t.keySet().iterator(); i.hasNext(); ) + for (Iterator it = o.iterator(); it.hasNext(); ) { - String key = (String) i.next(); - String value = (String) t.get(key); - put(key, value); + HeaderElement e = (HeaderElement)it.next(); + remove(e.name); } - } - - public Set keySet() - { - Set keys = super.keySet(); - Set ret = new LinkedHashSet(); - for (Iterator i = keys.iterator(); i.hasNext(); ) + for (Iterator it = o.iterator(); it.hasNext(); ) { - ret.add(((Header) i.next()).name); + HeaderElement e = (HeaderElement)it.next(); + addValue(e.name, e.value); } - return ret; } - public Set entrySet() + /** + * Remove a header from this set of headers. If there is more than + * one instance of a header of the given name, they are all removed. + * + * @param name the header name + */ + public void remove(String name) { - Set entries = super.entrySet(); - Set ret = new LinkedHashSet(); - for (Iterator i = entries.iterator(); i.hasNext(); ) + for (Iterator it = headers.iterator(); it.hasNext(); ) { - Map.Entry entry = (Map.Entry) i.next(); - ret.add(new HeaderEntry(entry)); + HeaderElement e = (HeaderElement)it.next(); + if (e.name.equalsIgnoreCase(name)) + it.remove(); } - return ret; } /** - * Parse the specified input stream, adding headers to this collection. + * Parse the specified InputStream, adding headers to this collection. + * + * @param in the InputStream. */ public void parse(InputStream in) throws IOException @@ -334,18 +295,90 @@ public class Headers } } - private void addValue(String name, String value) + + /** + * Add a header to this set of headers. If there is an existing + * header with the same name, it is not effected. + * + * @param name the header name + * @param value the header value + * + * @see #put + */ + public void addValue(String name, String value) + { + headers.add(headers.size(), new HeaderElement(name, value)); + } + + /** + * Get a new Map containing all the headers. The keys of the Map + * are Strings (the header names). The values of the Map are + * unmodifiable Lists containing Strings (the header values). + * + *

+ * + * The returned map is modifiable. Changing it will not effect this + * collection of Headers in any way. + * + * @return a Map containing all the headers. + */ + public Map getAsMap() { - Header key = new Header(name); - String old = (String) super.get(key); - if (old == null) + LinkedHashMap m = new LinkedHashMap(); + for (Iterator it = headers.iterator(); it.hasNext(); ) { - super.put(key, value); + HeaderElement e = (HeaderElement)it.next(); + ArrayList l = (ArrayList)m.get(e.name); + if (l == null) + { + l = new ArrayList(1); + l.add(e.value); + m.put(e.name, l); + } + else + l.add(0, e.value); } - else + for (Iterator it = m.entrySet().iterator(); it.hasNext(); ) { - super.put(key, old + ", " + value); + Map.Entry me = (Map.Entry)it.next(); + ArrayList l = (ArrayList)me.getValue(); + me.setValue(Collections.unmodifiableList(l)); } + return m; + } + + /** + * Get the name of the Nth header. + * + * @param i the header index. + * + * @return the header name. + * + * @see #getHeaderValue + */ + public String getHeaderName(int i) + { + if (i >= headers.size() || i < 0) + return null; + + return ((HeaderElement)headers.get(i)).name; + } + + /** + * Get the value of the Nth header. + * + * @param i the header index. + * + * @return the header value. + * + * @see #getHeaderName + */ + public String getHeaderValue(int i) + { + if (i >= headers.size() || i < 0) + return null; + + return ((HeaderElement)headers.get(i)).value; } } diff --git a/libjava/classpath/gnu/java/net/protocol/http/Request.java b/libjava/classpath/gnu/java/net/protocol/http/Request.java index b9441b3..e15ec41 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/Request.java +++ b/libjava/classpath/gnu/java/net/protocol/http/Request.java @@ -1,5 +1,5 @@ /* Request.java -- - Copyright (C) 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -94,11 +94,6 @@ public class Request protected RequestBodyWriter requestBodyWriter; /** - * Request body negotiation threshold for 100-continue expectations. - */ - protected int requestBodyNegotiationThreshold; - - /** * Map of response header handlers. */ protected Map responseHeaderHandlers; @@ -127,7 +122,6 @@ public class Request this.path = path; requestHeaders = new Headers(); responseHeaderHandlers = new HashMap(); - requestBodyNegotiationThreshold = 4096; } /** @@ -251,21 +245,6 @@ public class Request } /** - * Sets the request body negotiation threshold. - * If this is set, it determines the maximum size that the request body - * may be before body negotiation occurs(via the - * 100-continue expectation). This ensures that a large - * request body is not sent when the server wouldn't have accepted it - * anyway. - * @param threshold the body negotiation threshold, or <=0 to disable - * request body negotation entirely - */ - public void setRequestBodyNegotiationThreshold(int threshold) - { - requestBodyNegotiationThreshold = threshold; - } - - /** * Dispatches this request. * A request can only be dispatched once; calling this method a second * time results in a protocol exception. @@ -291,10 +270,10 @@ public class Request if (requestBodyWriter != null) { contentLength = requestBodyWriter.getContentLength(); - if (contentLength > requestBodyNegotiationThreshold) + String expect = getHeader("Expect"); + if (expect != null && expect.equals("100-continue")) { expectingContinue = true; - setHeader("Expect", "100-continue"); } else { @@ -323,12 +302,10 @@ public class Request String line = method + ' ' + requestUri + ' ' + version + CRLF; out.write(line.getBytes(US_ASCII)); // Request headers - for (Iterator i = requestHeaders.keySet().iterator(); - i.hasNext(); ) + for (Iterator i = requestHeaders.iterator(); i.hasNext(); ) { - String name =(String) i.next(); - String value =(String) requestHeaders.get(name); - line = name + HEADER_SEP + value + CRLF; + Headers.HeaderElement elt = (Headers.HeaderElement)i.next(); + line = elt.name + HEADER_SEP + elt.value + CRLF; out.write(line.getBytes(US_ASCII)); } out.write(CRLF.getBytes(US_ASCII)); @@ -459,23 +436,17 @@ public class Request void notifyHeaderHandlers(Headers headers) { - for (Iterator i = headers.entrySet().iterator(); i.hasNext(); ) + for (Iterator i = headers.iterator(); i.hasNext(); ) { - Map.Entry entry = (Map.Entry) i.next(); - String name =(String) entry.getKey(); + Headers.HeaderElement entry = (Headers.HeaderElement) i.next(); // Handle Set-Cookie - if ("Set-Cookie".equalsIgnoreCase(name)) - { - String value = (String) entry.getValue(); - handleSetCookie(value); - } + if ("Set-Cookie".equalsIgnoreCase(entry.name)) + handleSetCookie(entry.value); + ResponseHeaderHandler handler = - (ResponseHeaderHandler) responseHeaderHandlers.get(name); + (ResponseHeaderHandler) responseHeaderHandlers.get(entry.name); if (handler != null) - { - String value = (String) entry.getValue(); - handler.setValue(value); - } + handler.setValue(entry.value); } } @@ -528,6 +499,9 @@ public class Request throw new ProtocolException("Unsupported Content-Encoding: " + contentCoding); } + // Remove the Content-Encoding header because the content is + // no longer compressed. + responseHeaders.remove("Content-Encoding"); } return in; } diff --git a/libjava/classpath/gnu/java/net/protocol/http/Response.java b/libjava/classpath/gnu/java/net/protocol/http/Response.java index 58d7454..76fac93 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/Response.java +++ b/libjava/classpath/gnu/java/net/protocol/http/Response.java @@ -1,5 +1,5 @@ /* Response.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -188,6 +188,28 @@ public class Response { return headers.getDateValue(name); } + + /** + * Tests whether this response indicates a redirection. + * + * @return true if, false otherwise. + */ + public boolean isRedirect() + { + return (code != 304 && getCodeClass() == 3); + } + + /** + * Tests whether this response indicates an error. + * Errors are the response codes 4xx - Client error and + * 5xx - Server error. + * + * @return true if, false otherwise. + */ + public boolean isError() + { + return (getCodeClass() == 4 || getCodeClass() == 5); + } /** * Returns an InputStream that returns the body of the response. diff --git a/libjava/classpath/gnu/java/net/protocol/http/ResponseHeaderHandler.java b/libjava/classpath/gnu/java/net/protocol/http/ResponseHeaderHandler.java index 8e4e649..4c5261d 100644 --- a/libjava/classpath/gnu/java/net/protocol/http/ResponseHeaderHandler.java +++ b/libjava/classpath/gnu/java/net/protocol/http/ResponseHeaderHandler.java @@ -41,7 +41,7 @@ package gnu.java.net.protocol.http; /** * Callback interface for objects that wish to be notified of response * header values. - * @see Request#setHeaderHandler(String) + * @see Request#setResponseHeaderHandler(String, ResponseHeaderHandler) * * @author Chris Burdess (dog@gnu.org) */ diff --git a/libjava/classpath/gnu/java/net/protocol/jar/Connection.java b/libjava/classpath/gnu/java/net/protocol/jar/Connection.java index e2a052e..41c5d6d 100644 --- a/libjava/classpath/gnu/java/net/protocol/jar/Connection.java +++ b/libjava/classpath/gnu/java/net/protocol/jar/Connection.java @@ -1,5 +1,5 @@ /* Connection - jar url connection for java.net - Copyright (C) 1999, 2002, 2003, 2005 Free Software Foundation, Inc. + Copyright (C) 1999, 2002, 2003, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,6 +39,7 @@ exception statement from your version. */ package gnu.java.net.protocol.jar; import java.io.File; +import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; @@ -145,7 +146,7 @@ public final class Connection extends JarURLConnection jar_entry = (JarEntry) jar_file.getEntry (entry_name); if(jar_entry == null) - throw new IOException ("No entry for " + entry_name + " exists."); + throw new FileNotFoundException("No entry for " + entry_name + " exists."); } connected = true; @@ -159,9 +160,6 @@ public final class Connection extends JarURLConnection if (! doInput) throw new ProtocolException("Can't open InputStream if doInput is false"); - if (jar_entry == null) - throw new IOException (jar_url + " couldn't be found."); - return jar_file.getInputStream (jar_entry); } diff --git a/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java b/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java index a557c7d..671ae5b 100644 --- a/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java +++ b/libjava/classpath/gnu/java/nio/channels/FileChannelImpl.java @@ -527,7 +527,7 @@ public final class FileChannelImpl extends FileChannel throws IOException { if (newPosition < 0) - throw new IllegalArgumentException ("newPostition: " + newPosition); + throw new IllegalArgumentException ("newPosition: " + newPosition); if (!isOpen ()) throw new ClosedChannelException (); diff --git a/libjava/classpath/gnu/java/nio/charset/Provider.java b/libjava/classpath/gnu/java/nio/charset/Provider.java index 01c2650..ad3b1da 100644 --- a/libjava/classpath/gnu/java/nio/charset/Provider.java +++ b/libjava/classpath/gnu/java/nio/charset/Provider.java @@ -81,7 +81,8 @@ public final class Provider extends CharsetProvider */ private boolean extendedLoaded; - private Provider () + // Package private to avoid an accessor method in PrivilegedAction below. + Provider () { extendedLoaded = false; canonicalNames = new HashMap (); diff --git a/libjava/classpath/gnu/java/nio/charset/iconv/IconvDecoder.java b/libjava/classpath/gnu/java/nio/charset/iconv/IconvDecoder.java index fa6f497..f76d3fd 100644 --- a/libjava/classpath/gnu/java/nio/charset/iconv/IconvDecoder.java +++ b/libjava/classpath/gnu/java/nio/charset/iconv/IconvDecoder.java @@ -44,7 +44,6 @@ import java.nio.ByteBuffer; import java.nio.CharBuffer; import java.nio.charset.Charset; import java.nio.charset.CharsetDecoder; -import java.nio.charset.CharsetEncoder; import java.nio.charset.CoderResult; final class IconvDecoder extends CharsetDecoder diff --git a/libjava/classpath/gnu/java/nio/charset/iconv/IconvEncoder.java b/libjava/classpath/gnu/java/nio/charset/iconv/IconvEncoder.java index d5cc887..47446f9 100644 --- a/libjava/classpath/gnu/java/nio/charset/iconv/IconvEncoder.java +++ b/libjava/classpath/gnu/java/nio/charset/iconv/IconvEncoder.java @@ -43,7 +43,6 @@ import gnu.classpath.Pointer; import java.nio.ByteBuffer; import java.nio.CharBuffer; import java.nio.charset.Charset; -import java.nio.charset.CharsetDecoder; import java.nio.charset.CharsetEncoder; import java.nio.charset.CoderResult; diff --git a/libjava/classpath/gnu/java/nio/charset/iconv/IconvProvider.java b/libjava/classpath/gnu/java/nio/charset/iconv/IconvProvider.java index 6fd8b74..cf9fc56 100644 --- a/libjava/classpath/gnu/java/nio/charset/iconv/IconvProvider.java +++ b/libjava/classpath/gnu/java/nio/charset/iconv/IconvProvider.java @@ -40,8 +40,6 @@ package gnu.java.nio.charset.iconv; import java.nio.charset.Charset; import java.nio.charset.spi.CharsetProvider; -import java.util.Collections; -import java.util.HashMap; import java.util.Iterator; import java.util.Vector; diff --git a/libjava/classpath/gnu/java/rmi/dgc/DGCImpl.java b/libjava/classpath/gnu/java/rmi/dgc/DGCImpl.java index a32445c..a7bc094 100644 --- a/libjava/classpath/gnu/java/rmi/dgc/DGCImpl.java +++ b/libjava/classpath/gnu/java/rmi/dgc/DGCImpl.java @@ -8,7 +8,7 @@ GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. - + GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU @@ -49,70 +49,146 @@ import java.rmi.server.RMISocketFactory; import java.util.Hashtable; /** - * I let DGCImpl to extend UnicastServerRef, but not - * UnicastRemoteObject, because UnicastRemoteObject must - * exportObject automatically. - */ + * The DGC implementation is used for the server side during the distributed + * garbage collection. This interface contains the two methods: dirty and clean. + * A dirty call is made when a remote reference is unmarshaled in a client. A + * corresponding clean call is made by client it no longer uses that remote + * reference. A reference to a remote object is also automatically released + * after so called lease period that starts after the dirty call is received. It + * is the client's responsibility to renew the leases, by making additional + * dirty calls before such leases expire. + */ public class DGCImpl - extends UnicastServerRef implements DGC { - - private static final long LEASE_VALUE = 600000L; - // leaseCache caches a LeaseRecord associated with a vmid - private Hashtable leaseCache = new Hashtable(); - -public DGCImpl() throws RemoteException { - super(new ObjID(ObjID.DGC_ID), 0, RMISocketFactory.getSocketFactory()); -} - -public Lease dirty(ObjID[] ids, long sequenceNum, Lease lease) throws RemoteException { - VMID vmid = lease.getVMID(); - if (vmid == null) - vmid = new VMID(); - long leaseValue = LEASE_VALUE; - //long leaseValue = lease.getValue(); + extends UnicastServerRef + implements DGC +{ + /* + * The DGCImpl extends UnicastServerRef and not UnicastRemoteObject, because + * UnicastRemoteObject must exportObject automatically. + */ + + /** + * This defauld lease value is used if the lease value, passed to the + * {@link #dirty} is equal to zero. + */ + static final long LEASE_VALUE = 600000L; + + // leaseCache caches a LeaseRecord associated with a vmid + Hashtable leaseCache = new Hashtable(); + + public DGCImpl() throws RemoteException + { + super(new ObjID(ObjID.DGC_ID), 0, RMISocketFactory.getSocketFactory()); + } + + /** + * Mark the given objects referecnes as used on the client side. + * + * @param ids the ids of the used objects. + * @param sequenceNum the number of the call (used to detect and discard late + * calls). + * @param lease the requested lease + * @return the granted lease + */ + public Lease dirty(ObjID[] ids, long sequenceNum, Lease lease) + throws RemoteException + { + VMID vmid = lease.getVMID(); + if (vmid == null) + vmid = new VMID(); + + long leaseValue = lease.getValue(); + if (leaseValue <= 0) + leaseValue = LEASE_VALUE; + lease = new Lease(vmid, leaseValue); - synchronized(leaseCache){ - LeaseRecord lr = (LeaseRecord)leaseCache.get(vmid); - if (lr != null) - lr.reset(leaseValue); - else{ - lr = new LeaseRecord(vmid, leaseValue); - leaseCache.put(vmid, lr); - } - } - - return (lease); -} - -public void clean(ObjID[] ids, long sequenceNum, VMID vmid, boolean strong) throws RemoteException { - // Not implemented -} + LeaseRecord lr = (LeaseRecord) leaseCache.get(vmid); + if (lr != null) + lr.reset(leaseValue); + else + { + lr = new LeaseRecord(vmid, leaseValue, ids); + leaseCache.put(vmid, lr); + } + return (lease); + } + + /** + * Mark the given objects as no longer used on the client side. + * + * @param ids the ids of the objects that are no longer used. + * @param sequenceNum the number of the call (used to detect and discard late + * calls) + * @param vmid the VMID of the client. + * @param strong make the "strong" clean call. + */ + public void clean(ObjID[] ids, long sequenceNum, VMID vmid, boolean strong) + throws RemoteException + { + // Not implemented + // TODO implement + } + /** * LeaseRecord associates a vmid to expireTime. */ - private static class LeaseRecord{ - private VMID vmid; - private long expireTime; + static class LeaseRecord + { + /** + * The lease id. + */ + final VMID vmid; + + /** + * The lease expiration time. + */ + long expireTime; - LeaseRecord(VMID vmid, long leaseValue){ + /** + * The array of ObjeID's that must be protected from being garbage + * collected. + */ + final ObjID [] objects; + + /** + * Create the new lease record. + * + * @param vmid lease id. + * @param leaseValue lease value + */ + LeaseRecord(VMID vmid, long leaseValue, ObjID [] an_objects) + { this.vmid = vmid; reset(leaseValue); + objects = an_objects; } - - // reset expireTime - void reset(long leaseValue){ + + /** + * Prolong the expiration time till current time + passed value + * + * @param leaseValue the value after that (since the current moment) + * the lease should expire in the future. + */ + void reset(long leaseValue) + { long l = System.currentTimeMillis(); expireTime = l + leaseValue; } - - boolean isExpired(){ + + /** + * Check if the lease has been expired. + * + * @return true if the lease has been expired, false if it is still valid. + */ + boolean isExpired() + { long l = System.currentTimeMillis(); - if ( l > expireTime) - return true; + if (l > expireTime) + return true; return false; } - - } //End of LeaseRecord -} //End of DGCImpl + } // End of LeaseRecord + +} // End of DGCImpl diff --git a/libjava/classpath/gnu/java/rmi/registry/RegistryImpl.java b/libjava/classpath/gnu/java/rmi/registry/RegistryImpl.java index 0c94434..7dcca61 100644 --- a/libjava/classpath/gnu/java/rmi/registry/RegistryImpl.java +++ b/libjava/classpath/gnu/java/rmi/registry/RegistryImpl.java @@ -111,7 +111,7 @@ public static void version() { + System.getProperty("java.vm.name") + ") " + System.getProperty("java.vm.version")); - System.out.println("Copyright 2005 Free Software Foundation, Inc."); + System.out.println("Copyright 2006 Free Software Foundation, Inc."); System.out.println("This is free software; see the source for copying conditions. There is NO"); System.out.println("warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."); System.exit(0); diff --git a/libjava/classpath/gnu/java/rmi/server/CombinedClassLoader.java b/libjava/classpath/gnu/java/rmi/server/CombinedClassLoader.java new file mode 100644 index 0000000..3d2e37d --- /dev/null +++ b/libjava/classpath/gnu/java/rmi/server/CombinedClassLoader.java @@ -0,0 +1,149 @@ +/* CombinedClassLoader.java -- Multiple class loader support for proxy. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.rmi.server; + +import java.io.IOException; +import java.net.URL; +import java.util.Collection; +import java.util.Enumeration; +import java.util.Iterator; +import java.util.ArrayList; + +/** + * This class supports the multiple class loaders to load the resources. It is + * used for constructing proxy classes that implement interfaces, loaded by + * the several different class loaders. + * + * @author Audrius Meskauskas (AudriusA@Bioinformatics.org) + */ +public class CombinedClassLoader extends ClassLoader +{ + /** + * The class loader array. + */ + ClassLoader[] loaders; + + /** + * Create a new combined class loader that uses the given collection of + * loaders to load the classes and resources. The loader order is equal to + * the order, returned by the collection interator. The duplicate loaders + * are discarded and the system class loader is added as the last loader. + * + * @param a_loaders the loadery collection (may contain duplicate instances + * that will be discarded. + */ + public CombinedClassLoader(Collection a_loaders) + { + ArrayList sLoaders = new ArrayList(a_loaders.size()); + + Iterator iter = a_loaders.iterator(); + Object cl; + while (iter.hasNext()) + { + cl = iter.next(); + if (!sLoaders.contains(cl)) + sLoaders.add(iter.next()); + } + + loaders = new ClassLoader[sLoaders.size()]; + + for (int i = 0; i < loaders.length; i++) + loaders[i] = (ClassLoader) sLoaders.get(i); + } + + /** + * Find the class with the given name. + */ + protected Class findClass(String name) throws ClassNotFoundException + { + for (int i = 0; i < loaders.length; i++) + { + try + { + return findClass(name); + } + catch (ClassNotFoundException e) + { + // try another. + } + } + return super.findClass(name); + } + + /** + * Find the library with the given name + */ + protected String findLibrary(String name) + { + for (int i = 0; i < loaders.length; i++) + { + String lib = findLibrary(name); + if (lib != null) + return lib; + } + return super.findLibrary(name); + } + + /** + * Find resource with the given name. + */ + protected URL findResource(String name) + { + for (int i = 0; i < loaders.length; i++) + { + URL resource = findResource(name); + if (resource != null) + return resource; + } + return super.findResource(name); + } + + /** + * Find resources with the given name. + */ + protected Enumeration findResources(String name) throws IOException + { + for (int i = 0; i < loaders.length; i++) + { + Enumeration resource = findResources(name); + if (resource != null) + return resource; + } + return super.findResources(name); } +} diff --git a/libjava/classpath/gnu/java/rmi/server/RMIObjectInputStream.java b/libjava/classpath/gnu/java/rmi/server/RMIObjectInputStream.java index 587d57f..e765354 100644 --- a/libjava/classpath/gnu/java/rmi/server/RMIObjectInputStream.java +++ b/libjava/classpath/gnu/java/rmi/server/RMIObjectInputStream.java @@ -46,6 +46,7 @@ import java.io.ObjectStreamClass; import java.lang.reflect.Proxy; import java.net.MalformedURLException; import java.rmi.server.RMIClassLoader; +import java.util.ArrayList; public class RMIObjectInputStream extends ObjectInputStream { @@ -76,28 +77,51 @@ protected Object getAnnotation() return readObject(); } -protected Class resolveProxyClass(String intfs[]) - throws IOException, ClassNotFoundException -{ - String annotation = (String)getAnnotation(); - + + protected Class resolveProxyClass(String intfs[]) throws IOException, + ClassNotFoundException + { + String annotation = (String) getAnnotation(); + Class clss[] = new Class[intfs.length]; - if(annotation == null) - clss[0] = RMIClassLoader.loadClass(intfs[0]); - else - clss[0] = RMIClassLoader.loadClass(annotation, intfs[0]); - - //assume all interfaces can be loaded by the same classloader - ClassLoader loader = clss[0].getClassLoader(); + for (int i = 0; i < intfs.length; i++) - clss[i] = Class.forName(intfs[i], false, loader); - - try { - return Proxy.getProxyClass(loader, clss); - } catch (IllegalArgumentException e) { - throw new ClassNotFoundException(null, e); - } -} + { + if (annotation == null) + clss[i] = RMIClassLoader.loadClass(intfs[i]); + else + clss[i] = RMIClassLoader.loadClass(annotation, intfs[i]); + } + + ClassLoader loader; + + if (clss.length > 0) + { + // Chain all class loaders (they may differ). + ArrayList loaders = new ArrayList(intfs.length); + ClassLoader cx; + for (int i = 0; i < clss.length; i++) + { + cx = clss[i].getClassLoader(); + if (!loaders.contains(cx)) + { + loaders.add(0, cx); + } + } + loader = new CombinedClassLoader(loaders); + } + else + loader = ClassLoader.getSystemClassLoader(); + + try + { + return Proxy.getProxyClass(loader, clss); + } + catch (IllegalArgumentException e) + { + throw new ClassNotFoundException(null, e); + } + } protected Object readValue(Class valueClass) throws IOException, ClassNotFoundException { if(valueClass.isPrimitive()){ diff --git a/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java b/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java index 1f6eede..dcb12a5 100644 --- a/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java +++ b/libjava/classpath/gnu/java/rmi/server/UnicastServerRef.java @@ -1,5 +1,5 @@ /* UnicastServerRef.java -- - Copyright (c) 1996, 1997, 1998, 1999, 2002, 2003, 2004 + Copyright (c) 1996, 1997, 1998, 1999, 2002, 2003, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -43,263 +43,433 @@ import java.io.ObjectInputStream; import java.lang.reflect.Constructor; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.lang.reflect.Proxy; import java.rmi.Remote; import java.rmi.RemoteException; import java.rmi.server.ObjID; import java.rmi.server.RMIServerSocketFactory; +import java.rmi.server.RemoteObjectInvocationHandler; import java.rmi.server.RemoteRef; import java.rmi.server.RemoteServer; import java.rmi.server.RemoteStub; import java.rmi.server.ServerNotActiveException; -import java.rmi.server.ServerRef; import java.rmi.server.Skeleton; +import java.util.HashSet; import java.util.Hashtable; +import java.util.Iterator; public class UnicastServerRef - extends UnicastRef - implements ServerRef{ //SHOULD implement ServerRef + extends UnicastRef +{ + + /** + * Use GNU Classpath v 0.20 SVUID for interoperability + */ + private static final long serialVersionUID = - 5585608108300801246L; + + /** + * The class array, defining parameters of the jdk 1.2 RMI stub constructor. + */ + private static final Class[] stubprototype = new Class[] { RemoteRef.class }; + + /** + * The exported remote object itself. + */ + Remote myself; // save the remote object itself + + /** + * The skeleton (if any), associated with the exported remote object. + */ + private Skeleton skel; + + /** + * The stub, associated with the exported remote object (may be proxy class). + */ + private Remote stub; + + /** + * The method table (RMI hash code to method) of the methods of the + * exported object. + */ + private Hashtable methods = new Hashtable(); + + /** + * Used by serialization. + */ + UnicastServerRef() + { + } + + public UnicastServerRef(ObjID id, int port, RMIServerSocketFactory ssf) + throws RemoteException + { + super(id); + manager = UnicastConnectionManager.getInstance(port, ssf); + } + + /** + * Export the object and return its remote stub. The method tries to locate + * existing stubs and skeletons. If this fails, the method instantiates the + * proxy stub class. + * + * Stubs and skeletons are always ignored (even if present) if the + * java.rmi.server.ignoreStubClasses property is set to true. + * + * @param obj the object being exported. + * @return the stub (existing class or proxy) of the exported object. + * @throws RemoteException if the export failed due any reason + */ + public Remote exportObject(Remote obj) throws RemoteException + { + if (myself == null) + { + myself = obj; + // Save it to server manager, to let client calls in the same VM to + // issue + // local call + manager.serverobj = obj; + + String ignoreStubs; + + ClassLoader loader =obj.getClass().getClassLoader(); + + // Stubs are always searched for the bootstrap classes that may have + // obsolete pattern and may still need also skeletons. + if (loader==null) + ignoreStubs = "false"; + else + ignoreStubs = System.getProperty("java.rmi.server.ignoreStubClasses", + "false"); + + if (! ignoreStubs.equals("true")) + { + // Find and install the stub + Class cls = obj.getClass(); + + // where ist the _Stub? (check superclasses also) + Class expCls = expCls = findStubSkelClass(cls); + + if (expCls != null) + { + stub = (RemoteStub) getHelperClass(expCls, "_Stub"); + // Find and install the skeleton (if there is one) + skel = (Skeleton) getHelperClass(expCls, "_Skel"); + } + } + + if (stub == null) + stub = createProxyStub(obj.getClass(), this); + + // Build hash of methods which may be called. + buildMethodHash(obj.getClass(), true); + + // Export it. + UnicastServer.exportObject(this); + } -final static private Class[] stubprototype = new Class[] { RemoteRef.class }; - -Remote myself; //save the remote object itself -private Skeleton skel; -private RemoteStub stub; -private Hashtable methods = new Hashtable(); - -/** - * Used by serialization. - */ -UnicastServerRef() -{ -} - -public UnicastServerRef(ObjID id, int port, RMIServerSocketFactory ssf) throws RemoteException { - super(id); - manager = UnicastConnectionManager.getInstance(port, ssf); -} - -public RemoteStub exportObject(Remote obj) throws RemoteException { - if (myself == null) { - myself = obj; - // Save it to server manager, to let client calls in the same VM to issue - // local call - manager.serverobj = obj; - - // Find and install the stub - Class cls = obj.getClass(); - Class expCls; - try { - // where ist the _Stub? (check superclasses also) - expCls = findStubSkelClass(cls); - } catch (Exception ex) { - throw new RemoteException("can not find stubs for class: " + cls, ex); - } - - stub = (RemoteStub)getHelperClass(expCls, "_Stub"); - if (stub == null) { - throw new RemoteException("failed to export: " + cls); - } - - // Find and install the skeleton (if there is one) - skel = (Skeleton)getHelperClass(expCls, "_Skel"); - - // Build hash of methods which may be called. - buildMethodHash(obj.getClass(), true); - - // Export it. - UnicastServer.exportObject(this); - } - - return (stub); -} - -public RemoteStub exportObject(Remote remote, Object obj) - throws RemoteException -{ - //FIX ME - return exportObject(remote); -} - -public RemoteStub getStub(){ return stub; -} - - -public boolean unexportObject(Remote obj, boolean force) { + } + + /** + * Get the stub (actual class or proxy) of the exported remote object. + * + * @return the remote stub (null if exportObject has not been called). + */ + public Remote getStub() + { + return stub; + } + + /** + * Unexport the object (remove methods from the method hashcode table + * and call UnicastServer.unexportObject. + * + * @param obj the object being unexported + * @param force passed to the UnicastServer.unexportObject. + * @return value, returned by the UnicastServer.unexportObject. + */ + public boolean unexportObject(Remote obj, boolean force) + { // Remove all hashes of methods which may be called. buildMethodHash(obj.getClass(), false); return UnicastServer.unexportObject(this, force); -} - -/** -* -* The Subs/Skels might not there for the actual class, but maybe -* for one of the superclasses. -* -*/ -private Class findStubSkelClass(Class startCls) throws Exception { - Class cls = startCls; - - while (true) { - try { - String stubClassname = cls.getName() + "_Stub"; - ClassLoader cl = cls.getClassLoader(); - Class scls = cl == null ? Class.forName(stubClassname) - : cl.loadClass(stubClassname); - return cls; // found it - } catch (ClassNotFoundException e) { - Class superCls = cls.getSuperclass(); - if (superCls == null - || superCls == java.rmi.server.UnicastRemoteObject.class) - { - throw new Exception("Neither " + startCls - + " nor one of their superclasses (like" + cls + ")" - + " has a _Stub"); - } - cls = superCls; - } - } -} - - - -private Object getHelperClass(Class cls, String type) { - try { - String classname = cls.getName(); - ClassLoader cl = cls.getClassLoader(); - Class scls = cl == null ? Class.forName(classname + type) - : cl.loadClass(classname + type); - if (type.equals("_Stub")) { - try { - // JDK 1.2 stubs - Constructor con = scls.getConstructor(stubprototype); - return (con.newInstance(new Object[]{this})); - } - catch (NoSuchMethodException e) { - } - catch (InstantiationException e) { - } - catch (IllegalAccessException e) { - } - catch (IllegalArgumentException e) { - } - catch (InvocationTargetException e) { - } - // JDK 1.1 stubs - RemoteStub stub = (RemoteStub)scls.newInstance(); - UnicastRemoteStub.setStubRef(stub, this); - return (stub); - } - else { - // JDK 1.1 skel - return (scls.newInstance()); - } - } - catch (ClassNotFoundException e) { - } - catch (InstantiationException e) { - } - catch (IllegalAccessException e) { - } - return (null); -} - - - -public String getClientHost() throws ServerNotActiveException { - return RemoteServer.getClientHost(); -} - -private void buildMethodHash(Class cls, boolean build) { - Method[] meths = cls.getMethods(); - for (int i = 0; i < meths.length; i++) { - /* Don't need to include any java.xxx related stuff */ - if (meths[i].getDeclaringClass().getName().startsWith("java.")) { - continue; - } - long hash = RMIHashes.getMethodHash(meths[i]); - if(build) - methods.put(new Long (hash), meths[i]); - else - methods.remove(new Long (hash)); -//System.out.println("meth = " + meths[i] + ", hash = " + hash); - } -} - -Class getMethodReturnType(int method, long hash) throws Exception -{ - if (method == -1) { - Method meth = (Method)methods.get(new Long (hash)); + } + + /** + * Return the class in the hierarchy for that the stub class is defined. + * The Subs/Skels might not there for the actual class, but maybe for one of + * the superclasses. + * + * @return the class having stub defined, null if none. + */ + private Class findStubSkelClass(Class startCls) + { + Class cls = startCls; + + while (true) + { + try + { + String stubClassname = cls.getName() + "_Stub"; + ClassLoader cl = cls.getClassLoader(); + Class scls = cl == null ? Class.forName(stubClassname) + : cl.loadClass(stubClassname); + return cls; // found it + } + catch (ClassNotFoundException e) + { + Class superCls = cls.getSuperclass(); + if (superCls == null + || superCls == java.rmi.server.UnicastRemoteObject.class) + { + return null; + } + cls = superCls; + } + } + } + + /** + * Get the helper (assisting) class with the given type. + * + * @param cls the class, for that the helper class is requested. This class + * and the requested helper class must share the same class loader. + * + * @param type the type of the assisting helper. The only currently supported + * non deprecated value is "_Stub" (load jdk 1.1 or 1.2 RMI stub). Another + * (deprecated) value is "_Skel" (load skeleton). + * + * @return the instantiated instance of the helper class or null if the + * helper class cannot be found or instantiated. + */ + private Object getHelperClass(Class cls, String type) + { + try + { + String classname = cls.getName(); + ClassLoader cl = cls.getClassLoader(); + Class scls = cl == null ? Class.forName(classname + type) + : cl.loadClass(classname + type); + if (type.equals("_Stub")) + { + try + { + // JDK 1.2 stubs + Constructor con = scls.getConstructor(stubprototype); + return (con.newInstance(new Object[] { this })); + } + catch (NoSuchMethodException e) + { + } + catch (InstantiationException e) + { + } + catch (IllegalAccessException e) + { + } + catch (IllegalArgumentException e) + { + } + catch (InvocationTargetException e) + { + } + // JDK 1.1 stubs + RemoteStub stub = (RemoteStub) scls.newInstance(); + UnicastRemoteStub.setStubRef(stub, this); + return (stub); + } + else + { + // JDK 1.1 skel + return (scls.newInstance()); + } + } + catch (ClassNotFoundException e) + { + } + catch (InstantiationException e) + { + } + catch (IllegalAccessException e) + { + } + return (null); + } + + public String getClientHost() throws ServerNotActiveException + { + return RemoteServer.getClientHost(); + } + + /** + * Build the method has code table and put it into {@link #methods} + * (mapping RMI hashcode tos method). The same method is used to remove + * the table. + * + * @param cls the class for that the method table is built. + * @param build if true, the class methods are added to the table. If + * false, they are removed from the table. + */ + private void buildMethodHash(Class cls, boolean build) + { + Method[] meths = cls.getMethods(); + for (int i = 0; i < meths.length; i++) + { + /* Don't need to include any java.xxx related stuff */ + if (meths[i].getDeclaringClass().getName().startsWith("java.")) + { + continue; + } + long hash = RMIHashes.getMethodHash(meths[i]); + if (build) + methods.put(new Long(hash), meths[i]); + else + methods.remove(new Long(hash)); + // System.out.println("meth = " + meths[i] + ", hash = " + hash); + } + } + + Class getMethodReturnType(int method, long hash) throws Exception + { + if (method == - 1) + { + Method meth = (Method) methods.get(new Long(hash)); return meth.getReturnType(); - }else - return null; -} - -public Object incomingMessageCall(UnicastConnection conn, int method, long hash) throws Exception { -//System.out.println("method = " + method + ", hash = " + hash); - // If method is -1 then this is JDK 1.2 RMI - so use the hash - // to locate the method - if (method == -1) { - Method meth = (Method)methods.get(new Long (hash)); -//System.out.println("class = " + myself.getClass() + ", meth = " + meth); - if (meth == null) { - throw new NoSuchMethodException(); - } - - ObjectInputStream in = conn.getObjectInputStream(); - int nrargs = meth.getParameterTypes().length; - Object[] args = new Object[nrargs]; - for (int i = 0; i < nrargs; i++) { - /** - * For debugging purposes - we don't handle CodeBases - * quite right so we don't always find the stubs. This - * lets us know that. - */ - try { - // need to handle primitive types - args[i] = ((RMIObjectInputStream)in).readValue(meth.getParameterTypes()[i]); - - } - catch (Exception t) { - t.printStackTrace(); - throw t; - } - } - //We must reinterpret the exception thrown by meth.invoke() - //return (meth.invoke(myself, args)); - Object ret = null; - try{ - ret = meth.invoke(myself, args); - }catch(InvocationTargetException e){ - Throwable cause = e.getTargetException(); - if (cause instanceof Exception) { - throw (Exception)cause; - } - else if (cause instanceof Error) { - throw (Error)cause; - } - else { - throw new Error("The remote method threw a java.lang.Throwable that is neither java.lang.Exception nor java.lang.Error.", e); - } - } - return ret; - } - // Otherwise this is JDK 1.1 style RMI - we find the skeleton - // and invoke it using the method number. We wrap up our - // connection system in a UnicastRemoteCall so it appears in a - // way the Skeleton can handle. - else { - if (skel == null) { - throw new NoSuchMethodException(); - } - UnicastRemoteCall call = new UnicastRemoteCall(conn); - skel.dispatch(myself, call, method, hash); - if (!call.isReturnValue()) - return RMIVoidValue.INSTANCE; - else - return (call.returnValue()); - } -} + } + else + return null; + } + + public Object incomingMessageCall(UnicastConnection conn, int method, + long hash) throws Exception + { + // System.out.println("method = " + method + ", hash = " + hash); + // If method is -1 then this is JDK 1.2 RMI - so use the hash + // to locate the method + if (method == - 1) + { + Method meth = (Method) methods.get(new Long(hash)); + // System.out.println("class = " + myself.getClass() + ", meth = " + + // meth); + if (meth == null) + { + throw new NoSuchMethodException(); + } + + ObjectInputStream in = conn.getObjectInputStream(); + int nrargs = meth.getParameterTypes().length; + Object[] args = new Object[nrargs]; + for (int i = 0; i < nrargs; i++) + { + /** + * For debugging purposes - we don't handle CodeBases quite right so + * we don't always find the stubs. This lets us know that. + */ + try + { + // need to handle primitive types + args[i] = ((RMIObjectInputStream) in) + .readValue(meth.getParameterTypes()[i]); + + } + catch (Exception t) + { + t.printStackTrace(); + throw t; + } + } + //We must reinterpret the exception thrown by meth.invoke() + //return (meth.invoke(myself, args)); + Object ret = null; + try + { + ret = meth.invoke(myself, args); + } + catch (InvocationTargetException e) + { + Throwable cause = e.getTargetException(); + if (cause instanceof Exception) + { + throw (Exception) cause; + } + else if (cause instanceof Error) + { + throw (Error) cause; + } + else + { + throw new Error( + "The remote method threw a java.lang.Throwable that"+ + " is neither java.lang.Exception nor java.lang.Error.", + e); + } + } + return ret; + } + // Otherwise this is JDK 1.1 style RMI - we find the skeleton + // and invoke it using the method number. We wrap up our + // connection system in a UnicastRemoteCall so it appears in a + // way the Skeleton can handle. + else + { + if (skel == null) + { + throw new NoSuchMethodException(); + } + UnicastRemoteCall call = new UnicastRemoteCall(conn); + skel.dispatch(myself, call, method, hash); + if (! call.isReturnValue()) + return RMIVoidValue.INSTANCE; + else + return (call.returnValue()); + } + } + + /** + * Create the 1.2 proxy stub in the case when the pre-generated stub is not + * available of the system is explicitly instructed to use proxy stubs. + * + * @param stubFor the class for that the proxy class must be constructed. + * @param reference the remote reference, used to find the given object + * + * @return the applicable proxy stub. + * + * @author Audrius Meskauskas (AudriusA@Bioinformatics.org) + */ + Remote createProxyStub(Class stubFor, RemoteRef reference) + { + // Collect all interfaces, implemented by stubFor and derived from + // Remote (also Remote itself): + HashSet interfaces = new HashSet(); + Class c = stubFor; + Class[] intfs; + + while (c != null) + { + intfs = c.getInterfaces(); + for (int i = 0; i < intfs.length; i++) + { + if (Remote.class.isAssignableFrom(intfs[i])) + interfaces.add(intfs[i]); + } + c = c.getSuperclass(); + } + + intfs = new Class[interfaces.size()]; + Iterator it = interfaces.iterator(); + + for (int i = 0; i < intfs.length; i++) + intfs[i] = (Class) it.next(); + + RemoteObjectInvocationHandler handler = + new RemoteObjectInvocationHandler(reference); + + Object proxy = + Proxy.newProxyInstance(stubFor.getClassLoader(), intfs, handler); + + return (Remote) proxy; + } + } diff --git a/libjava/classpath/gnu/java/security/Properties.java b/libjava/classpath/gnu/java/security/Properties.java new file mode 100644 index 0000000..813888c --- /dev/null +++ b/libjava/classpath/gnu/java/security/Properties.java @@ -0,0 +1,374 @@ +/* Properties.java -- run-time configuration properties. + Copyright (C) 2003, 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.PrintWriter; +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.util.HashMap; +import java.util.PropertyPermission; + +/** + *

A global object containing build-specific properties that affect the + * behaviour of the generated binaries from this library.

+ */ +public final class Properties +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "Properties"; + + private static final boolean DEBUG = false; + + // private static final int debuglevel = 9; + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(final String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String VERSION = "gnu.crypto.version"; + + public static final String PROPERTIES_FILE = "gnu.crypto.properties.file"; + + public static final String REPRODUCIBLE_PRNG = "gnu.crypto.with.reproducible.prng"; + + public static final String CHECK_WEAK_KEYS = "gnu.crypto.with.check.for.weak.keys"; + + public static final String DO_RSA_BLINDING = "gnu.crypto.with.rsa.blinding"; + + private static final String TRUE = Boolean.TRUE.toString(); + + private static final String FALSE = Boolean.FALSE.toString(); + + private static final HashMap props = new HashMap(); + + private static Properties singleton = null; + + private boolean reproducible = false; + + private boolean checkForWeakKeys = true; + + private boolean doRSABlinding = true; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private Properties() + { + super(); + init(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns the string representation of the library global configuration + * property with the designated key.

+ * + * @param key the case-insensitive, non-null and non-empty name of a + * configuration property. + * @return the string representation of the designated property, or + * null if such property is not yet set, or key is + * empty. + */ + public static final synchronized String getProperty(String key) + { + if (key == null) + return null; + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(key, "read")); + key = key.trim().toLowerCase(); + if ("".equals(key)) + return null; + return (String) props.get(key); + } + + /** + *

Sets the value of a designated library global configuration property, + * to a string representation of what should be a legal value.

+ * + * @param key the case-insensitive, non-null and non-empty name of a + * configuration property. + * @param value the non-null, non-empty string representation of a legal + * value of the configuration property named by key. + */ + public static final synchronized void setProperty(String key, String value) + { + if (key == null || value == null) + return; + key = key.trim().toLowerCase(); + if ("".equals(key)) + return; + if (key.equals(VERSION)) + return; + value = value.trim(); + if ("".equals(value)) + return; + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(key, "write")); + if (key.equals(REPRODUCIBLE_PRNG) + && (value.equalsIgnoreCase(TRUE) || value.equalsIgnoreCase(FALSE))) + setReproducible(Boolean.valueOf(value).booleanValue()); + else if (key.equals(CHECK_WEAK_KEYS) + && (value.equalsIgnoreCase(TRUE) || value.equalsIgnoreCase(FALSE))) + setCheckForWeakKeys(Boolean.valueOf(value).booleanValue()); + else if (key.equals(DO_RSA_BLINDING) + && (value.equalsIgnoreCase(TRUE) || value.equalsIgnoreCase(FALSE))) + setDoRSABlinding(Boolean.valueOf(value).booleanValue()); + else + props.put(key, value); + } + + /** + *

A convenience method that returns, as a boolean, the library global + * configuration property indicating if the default Pseudo Random Number + * Generator produces, or not, the same bit stream when instantiated.

+ * + * @return true if the default PRNG produces the same bit stream + * with every VM instance. Returns false if the default PRNG is + * seeded with the time of day of its first invocation. + */ + public static final synchronized boolean isReproducible() + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(REPRODUCIBLE_PRNG, "read")); + return instance().reproducible; + } + + /** + *

A convenience method that returns, as a boolean, the library global + * configuration property indicating if the implementations of symmetric + * key block ciphers check, or not, for possible/potential weak and semi-weak + * keys that may be produced in the course of generating round encryption + * and/or decryption keys.

+ * + * @return true if the cipher implementations check for weak and + * semi-weak keys. Returns false if the cipher implementations + * do not check for weak or semi-weak keys. + */ + public static final synchronized boolean checkForWeakKeys() + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(CHECK_WEAK_KEYS, "read")); + return instance().checkForWeakKeys; + } + + /** + *

A convenience method that returns, as a boolean, the library global + * configuration property indicating if RSA decryption (RSADP primitive), + * does, or not, blinding against timing attacks.

+ * + * @return true if the RSA decryption primitive includes a + * blinding operation. Returns false if the RSA decryption + * primitive does not include the additional blinding operation. + */ + public static final synchronized boolean doRSABlinding() + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(DO_RSA_BLINDING, "read")); + return instance().doRSABlinding; + } + + /** + *

A convenience method to set the global property for reproducibility of + * the default PRNG bit stream output.

+ * + * @param value if true then the default PRNG bit stream output + * is the same with every invocation of the VM. + */ + public static final synchronized void setReproducible(final boolean value) + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(REPRODUCIBLE_PRNG, "write")); + instance().reproducible = value; + props.put(REPRODUCIBLE_PRNG, String.valueOf(value)); + } + + /** + *

A convenience method to set the global property for checking for weak + * and semi-weak cipher keys.

+ * + * @param value if true then the cipher implementations will + * invoke additional checks for weak and semi-weak key values that may get + * generated. + */ + public static final synchronized void setCheckForWeakKeys(final boolean value) + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(CHECK_WEAK_KEYS, "write")); + instance().checkForWeakKeys = value; + props.put(CHECK_WEAK_KEYS, String.valueOf(value)); + } + + /** + *

A convenience method to set the global property fo adding a blinding + * operation when executing the RSA decryption primitive.

+ * + * @param value if true then the code for performing the RSA + * decryption primitive will include a blinding operation. + */ + public static final synchronized void setDoRSABlinding(final boolean value) + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new PropertyPermission(DO_RSA_BLINDING, "write")); + instance().doRSABlinding = value; + props.put(DO_RSA_BLINDING, String.valueOf(value)); + } + + private static final synchronized Properties instance() + { + if (singleton == null) + singleton = new Properties(); + return singleton; + } + + // Instance methods + // ------------------------------------------------------------------------- + private void init() + { + // default values + props.put(REPRODUCIBLE_PRNG, (reproducible ? "true" : "false")); + props.put(CHECK_WEAK_KEYS, (checkForWeakKeys ? "true" : "false")); + props.put(DO_RSA_BLINDING, (doRSABlinding ? "true" : "false")); + + // 1. allow site-wide override by reading a properties file + String propFile = null; + try + { + propFile = (String) AccessController.doPrivileged(new PrivilegedAction() + { + public Object run() + { + return System.getProperty(PROPERTIES_FILE); + } + }); + } + catch (SecurityException se) + { + if (DEBUG) + debug("Reading property " + PROPERTIES_FILE + + " not allowed. Ignored."); + } + if (propFile != null) + { + try + { + final java.util.Properties temp = new java.util.Properties(); + final FileInputStream fin = new FileInputStream(propFile); + temp.load(fin); + temp.list(System.out); + props.putAll(temp); + } + catch (IOException ioe) + { + if (DEBUG) + debug("IO error reading " + propFile + ": " + ioe.getMessage()); + } + catch (SecurityException se) + { + if (DEBUG) + debug("Security error reading " + propFile + ": " + + se.getMessage()); + } + } + + // 2. allow vm-specific override by allowing -D options in launcher + handleBooleanProperty(REPRODUCIBLE_PRNG); + handleBooleanProperty(CHECK_WEAK_KEYS); + handleBooleanProperty(DO_RSA_BLINDING); + + // re-sync the 'known' properties + reproducible = new Boolean((String) props.get(REPRODUCIBLE_PRNG)).booleanValue(); + checkForWeakKeys = new Boolean((String) props.get(CHECK_WEAK_KEYS)).booleanValue(); + doRSABlinding = new Boolean((String) props.get(DO_RSA_BLINDING)).booleanValue(); + + // This does not change. + props.put(VERSION, Registry.VERSION_STRING); + } + + private void handleBooleanProperty(final String name) + { + String s = null; + try + { + s = System.getProperty(name); + } + catch (SecurityException x) + { + if (DEBUG) + debug("SecurityManager forbids reading system properties. Ignored"); + } + if (s != null) + { + s = s.trim().toLowerCase(); + // we have to test for explicit "true" or "false". anything else may + // hide valid value set previously + if (s.equals(TRUE) || s.equals(FALSE)) + { + if (DEBUG) + debug("Setting " + name + " to '" + s + "'"); + props.put(name, s); + } + else + { + if (DEBUG) + debug("Invalid value for -D" + name + ": " + s + ". Ignored"); + } + } + } +} diff --git a/libjava/classpath/gnu/java/security/Registry.java b/libjava/classpath/gnu/java/security/Registry.java new file mode 100644 index 0000000..efb54e7 --- /dev/null +++ b/libjava/classpath/gnu/java/security/Registry.java @@ -0,0 +1,455 @@ +/* Registry.java -- + Copyright (C) 2001, 2002, 2003, 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security; + +/** + * A placeholder for names and literals used throughout this + * library. + */ +public interface Registry +{ + + // Constants + // ------------------------------------------------------------------------- + + /** The name of our Providers. */ + String GNU_SECURITY = "GNU"; + String GNU_CRYPTO = "GNU-CRYPTO"; + String GNU_SASL = "GNU-SASL"; + + /** Our version number. */ + String VERSION_STRING = "2.1.0"; + + // Names of properties to use in Maps when initialising primitives ......... + + // Symmetric block cipher algorithms and synonyms........................... + + String ANUBIS_CIPHER = "anubis"; + + String BLOWFISH_CIPHER = "blowfish"; + + String DES_CIPHER = "des"; + + String KHAZAD_CIPHER = "khazad"; + + String RIJNDAEL_CIPHER = "rijndael"; + + String SERPENT_CIPHER = "serpent"; + + String SQUARE_CIPHER = "square"; + + String TRIPLEDES_CIPHER = "tripledes"; + + String TWOFISH_CIPHER = "twofish"; + + String CAST5_CIPHER = "cast5"; + + String NULL_CIPHER = "null"; + + /** AES is synonymous to Rijndael for 128-bit block size only. */ + String AES_CIPHER = "aes"; + + /** TripleDES is also known as DESede. */ + String DESEDE_CIPHER = "desede"; + + /** CAST5 is also known as CAST-128. */ + String CAST128_CIPHER = "cast128"; + + String CAST_128_CIPHER = "cast-128"; + + // Message digest algorithms and synonyms................................... + + String WHIRLPOOL_HASH = "whirlpool"; + + String RIPEMD128_HASH = "ripemd128"; + + String RIPEMD160_HASH = "ripemd160"; + + String SHA160_HASH = "sha-160"; + + String SHA256_HASH = "sha-256"; + + String SHA384_HASH = "sha-384"; + + String SHA512_HASH = "sha-512"; + + String TIGER_HASH = "tiger"; + + String HAVAL_HASH = "haval"; + + String MD5_HASH = "md5"; + + String MD4_HASH = "md4"; + + String MD2_HASH = "md2"; + + /** RIPEMD-128 is synonymous to RIPEMD128. */ + String RIPEMD_128_HASH = "ripemd-128"; + + /** RIPEMD-160 is synonymous to RIPEMD160. */ + String RIPEMD_160_HASH = "ripemd-160"; + + /** SHA-1 is synonymous to SHA-160. */ + String SHA_1_HASH = "sha-1"; + + /** SHA1 is synonymous to SHA-160. */ + String SHA1_HASH = "sha1"; + + /** SHA is synonymous to SHA-160. */ + String SHA_HASH = "sha"; + + // Symmetric block cipher modes of operations............................... + + /** Electronic CodeBook mode. */ + String ECB_MODE = "ecb"; + + /** Counter (NIST) mode. */ + String CTR_MODE = "ctr"; + + /** Integer Counter Mode (David McGrew). */ + String ICM_MODE = "icm"; + + /** Output Feedback Mode (NIST). */ + String OFB_MODE = "ofb"; + + /** Cipher block chaining mode (NIST). */ + String CBC_MODE = "cbc"; + + /** Cipher feedback mode (NIST). */ + String CFB_MODE = "cfb"; + + /** Authenticated-Encrypted mode. */ + String EAX_MODE = "eax"; + + // Padding scheme names and synonyms........................................ + + /** PKCS#7 padding scheme. */ + String PKCS7_PAD = "pkcs7"; + + /** Trailing Bit Complement padding scheme. */ + String TBC_PAD = "tbc"; + + /** EME-PKCS1-v1_5 padding as described in section 7.2 in RFC-3447. */ + String EME_PKCS1_V1_5_PAD = "eme-pkcs1-v1.5"; + + /** SSLv3 padding scheme. */ + String SSL3_PAD = "ssl3"; + + /** TLSv1 padding scheme. */ + String TLS1_PAD = "tls1"; + + // Pseudo-random number generators.......................................... + + /** (Apparently) RC4 keystream PRNG. */ + String ARCFOUR_PRNG = "arcfour"; + + /** We use "rc4" as an alias for "arcfour". */ + String RC4_PRNG = "rc4"; + + /** PRNG based on David McGrew's Integer Counter Mode. */ + String ICM_PRNG = "icm"; + + /** PRNG based on a designated hash function. */ + String MD_PRNG = "md"; + + /** PRNG based on UMAC's Key Derivation Function. */ + String UMAC_PRNG = "umac-kdf"; + + /** + * PRNG based on PBKDF2 from PKCS #5 v.2. This is suffixed with the name + * of a MAC to be used as a PRF. + */ + String PBKDF2_PRNG_PREFIX = "pbkdf2-"; + + /** The continuously-seeded pseudo-random number generator. */ + String CSPRNG_PRNG = "csprng"; + + /** The Fortuna PRNG. */ + String FORTUNA_PRNG = "fortuna"; + + /** The Fortuna generator PRNG. */ + String FORTUNA_GENERATOR_PRNG = "fortuna-generator"; + + // Asymmetric keypair generators............................................ + + String DSS_KPG = "dss"; + + String RSA_KPG = "rsa"; + + String DH_KPG = "dh"; + + String SRP_KPG = "srp"; + + /** DSA is synonymous to DSS. */ + String DSA_KPG = "dsa"; + + // Signature-with-appendix schemes.......................................... + + String DSS_SIG = "dss"; + + String RSA_SIG_PREFIX = "rsa-"; + + String RSA_PSS_ENCODING = "pss"; + + String RSA_PSS_SIG = RSA_SIG_PREFIX + RSA_PSS_ENCODING; + + String RSA_PKCS1_V1_5_ENCODING = "pkcs1-v1.5"; + + String RSA_PKCS1_V1_5_SIG = RSA_SIG_PREFIX + RSA_PKCS1_V1_5_ENCODING; + + /** DSA is synonymous to DSS. */ + String DSA_SIG = "dsa"; + + // Key agreement protocols ................................................. + + String DH_KA = "dh"; + + String ELGAMAL_KA = "elgamal"; + + String SRP6_KA = "srp6"; + + String SRP_SASL_KA = "srp-sasl"; + + String SRP_TLS_KA = "srp-tls"; + + // Keyed-Hash Message Authentication Code .................................. + + /** Name prefix of every HMAC implementation. */ + String HMAC_NAME_PREFIX = "hmac-"; + + // Other MAC algorithms .................................................... + + /** The One-key CBC MAC. */ + String OMAC_PREFIX = "omac-"; + + /** Message Authentication Code using Universal Hashing (Ted Krovetz). */ + String UHASH32 = "uhash32"; + + String UMAC32 = "umac32"; + + /** The Truncated Multi-Modular Hash Function -v1 (David McGrew). */ + String TMMH16 = "tmmh16"; + + // String TMMH32 = "tmmh32"; + + // Format IDs used to identify how we externalise asymmetric keys .......... + // fully-qualified names of the supported codecs + String RAW_ENCODING = "gnu.crypto.raw.format"; + String X509_ENCODING = "gnu.crypto.x509.format"; + String PKCS8_ENCODING = "gnu.crypto.pkcs8.format"; + String ASN1_ENCODING = "gnu.crypto.asn1.format"; + + // short names of the same. used by JCE adapters + String RAW_ENCODING_SHORT_NAME = "RAW"; + String X509_ENCODING_SORT_NAME = "X.509"; + String PKCS8_ENCODING_SHORT_NAME = "PKCS#8"; + String ASN1_ENCODING_SHORT_NAME = "ASN.1"; + + // unique identifiers of the same + int RAW_ENCODING_ID = 1; + int X509_ENCODING_ID = 2; + int PKCS8_ENCODING_ID = 3; + int ASN1_ENCODING_ID = 4; + + // OID strings used in encoding/decoding keys + String DSA_OID_STRING = "1.2.840.10040.4.1"; + String RSA_OID_STRING = "1.2.840.113549.1.1.1"; + String DH_OID_STRING = "1.2.840.10046.2.1"; + + // Magic bytes we generate/expect in externalised asymmetric keys .......... + // the four bytes represent G (0x47) for GNU, 1 (0x01) for Raw format, + // D (0x44) for DSS, R (0x52) for RSA, H (0x48) for Diffie-Hellman, or S + // (0x53) for SRP-6, and finally P (0x50) for Public, p (0x70) for private, + // or S (0x53) for signature. + byte[] MAGIC_RAW_DSS_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x44, + 0x50 }; + + byte[] MAGIC_RAW_DSS_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x44, + 0x70 }; + + byte[] MAGIC_RAW_DSS_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID, 0x44, + 0x53 }; + + byte[] MAGIC_RAW_RSA_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x52, + 0x50 }; + + byte[] MAGIC_RAW_RSA_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x52, + 0x70 }; + + byte[] MAGIC_RAW_RSA_PSS_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID, + 0x52, 0x53 }; + + byte[] MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE = new byte[] { 0x47, RAW_ENCODING_ID, + 0x52, 0x54 }; + + byte[] MAGIC_RAW_DH_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x48, + 0x50 }; + + byte[] MAGIC_RAW_DH_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x48, + 0x70 }; + + byte[] MAGIC_RAW_SRP_PUBLIC_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x53, + 0x50 }; + + byte[] MAGIC_RAW_SRP_PRIVATE_KEY = new byte[] { 0x47, RAW_ENCODING_ID, 0x53, + 0x70 }; + + // SASL Property names ..................................................... + + String SASL_PREFIX = "gnu.crypto.sasl"; + + /** Name of username property. */ + String SASL_USERNAME = SASL_PREFIX + ".username"; + + /** Name of password property. */ + String SASL_PASSWORD = SASL_PREFIX + ".password"; + + /** Name of authentication information provider packages. */ + String SASL_AUTH_INFO_PROVIDER_PKGS = SASL_PREFIX + + ".auth.info.provider.pkgs"; + + /** SASL authorization ID. */ + String SASL_AUTHORISATION_ID = SASL_PREFIX + ".authorisation.ID"; + + /** SASL protocol. */ + String SASL_PROTOCOL = SASL_PREFIX + ".protocol"; + + /** SASL Server name. */ + String SASL_SERVER_NAME = SASL_PREFIX + ".server.name"; + + /** SASL Callback handler. */ + String SASL_CALLBACK_HANDLER = SASL_PREFIX + ".callback.handler"; + + /** SASL channel binding. */ + String SASL_CHANNEL_BINDING = SASL_PREFIX + ".channel.binding"; + + // SASL data element size limits ........................................... + + /** The size limit, in bytes, of a SASL OS (Octet Sequence) element. */ + int SASL_ONE_BYTE_MAX_LIMIT = 255; + + /** + * The size limit, in bytes, of both a SASL MPI (Multi-Precision Integer) + * element and a SASL Text element. + */ + int SASL_TWO_BYTE_MAX_LIMIT = 65535; + + /** The size limit, in bytes, of a SASL EOS (Extended Octet Sequence) element. */ + int SASL_FOUR_BYTE_MAX_LIMIT = 2147483383; + + /** The size limit, in bytes, of a SASL Buffer. */ + int SASL_BUFFER_MAX_LIMIT = 2147483643; + + // Canonical names of SASL mechanisms ...................................... + + String SASL_ANONYMOUS_MECHANISM = "ANONYMOUS"; + + String SASL_CRAM_MD5_MECHANISM = "CRAM-MD5"; + + String SASL_PLAIN_MECHANISM = "PLAIN"; + + String SASL_SRP_MECHANISM = "SRP"; + + // Canonical names of Integrity Protection algorithms ...................... + + String SASL_HMAC_MD5_IALG = "HMACwithMD5"; + + String SASL_HMAC_SHA_IALG = "HMACwithSHA"; + + // Quality Of Protection string representations ............................ + + /** authentication only. */ + String QOP_AUTH = "auth"; + + /** authentication plus integrity protection. */ + String QOP_AUTH_INT = "auth-int"; + + /** authentication plus integrity and confidentiality protection. */ + String QOP_AUTH_CONF = "auth-conf"; + + // SASL mechanism strength string representation ........................... + + String STRENGTH_HIGH = "high"; + + String STRENGTH_MEDIUM = "medium"; + + String STRENGTH_LOW = "low"; + + // SASL Server Authentication requirement .................................. + + /** Server must authenticate to the client. */ + String SERVER_AUTH_TRUE = "true"; + + /** Server does not need to, or cannot, authenticate to the client. */ + String SERVER_AUTH_FALSE = "false"; + + // SASL mechanism reuse capability ......................................... + + String REUSE_TRUE = "true"; + + String REUSE_FALSE = "false"; + + // Keyrings ............................................................... + + byte[] GKR_MAGIC = new byte[] { 0x47, 0x4b, 0x52, 0x01 }; + + // Ring usage fields. + int GKR_PRIVATE_KEYS = 1 << 0; + + int GKR_PUBLIC_CREDENTIALS = 1 << 1; + + int GKR_CERTIFICATES = 1 << 2; + + // HMac types. + int GKR_HMAC_MD5_128 = 0; + + int GKR_HMAC_SHA_160 = 1; + + int GKR_HMAC_MD5_96 = 2; + + int GKR_HMAC_SHA_96 = 3; + + // Cipher types. + int GKR_CIPHER_AES_128_OFB = 0; + + int GKR_CIPHER_AES_128_CBC = 1; + + // Methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/der/DERValue.java b/libjava/classpath/gnu/java/security/der/DERValue.java index 9a597d7..d98ce78 100644 --- a/libjava/classpath/gnu/java/security/der/DERValue.java +++ b/libjava/classpath/gnu/java/security/der/DERValue.java @@ -38,6 +38,8 @@ exception statement from your version. */ package gnu.java.security.der; +import gnu.java.security.x509.Util; + import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -108,7 +110,9 @@ public class DERValue implements DER } catch (IOException ioe) { - encoded = new byte[0]; + IllegalArgumentException iae = new IllegalArgumentException (); + iae.initCause (ioe); + throw iae; } } return length; @@ -138,7 +142,9 @@ public class DERValue implements DER } catch (IOException ioe) { - encoded = new byte[0]; + IllegalArgumentException iae = new IllegalArgumentException (); + iae.initCause (ioe); + throw iae; } } return (byte[]) encoded.clone(); @@ -156,7 +162,9 @@ public class DERValue implements DER } catch (IOException ioe) { - encoded = new byte[0]; + IllegalArgumentException iae = new IllegalArgumentException (); + iae.initCause (ioe); + throw iae; } } return encoded.length; @@ -164,7 +172,18 @@ public class DERValue implements DER public String toString() { - return "DERValue [ tag=" + tag + ", class=" + tagClass + ", constructed=" - + constructed + ", value=" + value + " ]"; + String start = "DERValue ( ["; + if (tagClass == DER.UNIVERSAL) + start = start + "UNIVERSAL "; + else if (tagClass == DER.PRIVATE) + start = start + "PRIVATE "; + else if (tagClass == DER.APPLICATION) + start = start + "APPLICATION "; + start = start + tag + "] constructed=" + constructed + ", value="; + if (constructed) + start = start + "\n" + Util.hexDump(getEncoded(), "\t"); + else + start = start + value; + return start + " )"; } } diff --git a/libjava/classpath/gnu/java/security/der/DERWriter.java b/libjava/classpath/gnu/java/security/der/DERWriter.java index 78524fc..0c26336 100644 --- a/libjava/classpath/gnu/java/security/der/DERWriter.java +++ b/libjava/classpath/gnu/java/security/der/DERWriter.java @@ -84,6 +84,12 @@ public class DERWriter implements DER public static int write(OutputStream out, DERValue object) throws IOException { + if (DER.CONSTRUCTED_VALUE.equals (object.getValue ())) + { + out.write (object.getEncoded ()); + return object.getLength (); + } + out.write(object.getExternalTag()); Object value = object.getValue(); if (value == null) @@ -216,10 +222,10 @@ public class DERWriter implements DER throws IOException { byte[] buf = bs.getShiftedByteArray(); - out.write(buf.length + 1); + writeLength(out, buf.length + 1); out.write(bs.getIgnoredBits()); out.write(buf); - return buf.length; + return buf.length + 1; } private static int writeString(OutputStream out, int tag, String str) diff --git a/libjava/classpath/gnu/java/security/hash/BaseHash.java b/libjava/classpath/gnu/java/security/hash/BaseHash.java new file mode 100644 index 0000000..720b835 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/BaseHash.java @@ -0,0 +1,206 @@ +/* BaseHash.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +/** + *

A base abstract class to facilitate hash implementations.

+ */ +public abstract class BaseHash implements IMessageDigest +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name prefix of the hash. */ + protected String name; + + /** The hash (output) size in bytes. */ + protected int hashSize; + + /** The hash (inner) block size in bytes. */ + protected int blockSize; + + /** Number of bytes processed so far. */ + protected long count; + + /** Temporary input buffer. */ + protected byte[] buffer; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param name the canonical name prefix of this instance. + * @param hashSize the block size of the output in bytes. + * @param blockSize the block size of the internal transform. + */ + protected BaseHash(String name, int hashSize, int blockSize) + { + super(); + + this.name = name; + this.hashSize = hashSize; + this.blockSize = blockSize; + this.buffer = new byte[blockSize]; + + resetContext(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IMessageDigest interface implementation --------------------------------- + + public String name() + { + return name; + } + + public int hashSize() + { + return hashSize; + } + + public int blockSize() + { + return blockSize; + } + + public void update(byte b) + { + // compute number of bytes still unhashed; ie. present in buffer + int i = (int) (count % blockSize); + count++; + buffer[i] = b; + if (i == (blockSize - 1)) + { + transform(buffer, 0); + } + } + + public void update(byte[] b) + { + update(b, 0, b.length); + } + + public void update(byte[] b, int offset, int len) + { + int n = (int) (count % blockSize); + count += len; + int partLen = blockSize - n; + int i = 0; + + if (len >= partLen) + { + System.arraycopy(b, offset, buffer, n, partLen); + transform(buffer, 0); + for (i = partLen; i + blockSize - 1 < len; i += blockSize) + { + transform(b, offset + i); + } + n = 0; + } + + if (i < len) + { + System.arraycopy(b, offset + i, buffer, n, len - i); + } + } + + public byte[] digest() + { + byte[] tail = padBuffer(); // pad remaining bytes in buffer + update(tail, 0, tail.length); // last transform of a message + byte[] result = getResult(); // make a result out of context + + reset(); // reset this instance for future re-use + + return result; + } + + public void reset() + { // reset this instance for future re-use + count = 0L; + for (int i = 0; i < blockSize;) + { + buffer[i++] = 0; + } + + resetContext(); + } + + // methods to be implemented by concrete subclasses ------------------------ + + public abstract Object clone(); + + public abstract boolean selfTest(); + + /** + *

Returns the byte array to use as padding before completing a hash + * operation.

+ * + * @return the bytes to pad the remaining bytes in the buffer before + * completing a hash operation. + */ + protected abstract byte[] padBuffer(); + + /** + *

Constructs the result from the contents of the current context.

+ * + * @return the output of the completed hash operation. + */ + protected abstract byte[] getResult(); + + /** Resets the instance for future re-use. */ + protected abstract void resetContext(); + + /** + *

The block digest transformation per se.

+ * + * @param in the blockSize long block, as an array of bytes to digest. + * @param offset the index where the data to digest is located within the + * input buffer. + */ + protected abstract void transform(byte[] in, int offset); +} diff --git a/libjava/classpath/gnu/java/security/hash/HashFactory.java b/libjava/classpath/gnu/java/security/hash/HashFactory.java new file mode 100644 index 0000000..e520921 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/HashFactory.java @@ -0,0 +1,178 @@ +/* HashFactory.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + *

A Factory to instantiate message digest algorithm instances.

+ */ +public class HashFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private HashFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Return an instance of a hash algorithm given its name.

+ * + * @param name the name of the hash algorithm. + * @return an instance of the hash algorithm, or null if none found. + * @exception InternalError if the implementation does not pass its self- + * test. + */ + public static IMessageDigest getInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + IMessageDigest result = null; + if (name.equalsIgnoreCase(Registry.WHIRLPOOL_HASH)) + { + result = new Whirlpool(); + } + else if (name.equalsIgnoreCase(Registry.RIPEMD128_HASH) + || name.equalsIgnoreCase(Registry.RIPEMD_128_HASH)) + { + result = new RipeMD128(); + } + else if (name.equalsIgnoreCase(Registry.RIPEMD160_HASH) + || name.equalsIgnoreCase(Registry.RIPEMD_160_HASH)) + { + result = new RipeMD160(); + } + else if (name.equalsIgnoreCase(Registry.SHA160_HASH) + || name.equalsIgnoreCase(Registry.SHA_1_HASH) + || name.equalsIgnoreCase(Registry.SHA1_HASH) + || name.equalsIgnoreCase(Registry.SHA_HASH)) + { + result = new Sha160(); + } + else if (name.equalsIgnoreCase(Registry.SHA256_HASH)) + { + result = new Sha256(); + } + else if (name.equalsIgnoreCase(Registry.SHA384_HASH)) + { + result = new Sha384(); + } + else if (name.equalsIgnoreCase(Registry.SHA512_HASH)) + { + result = new Sha512(); + } + else if (name.equalsIgnoreCase(Registry.TIGER_HASH)) + { + result = new Tiger(); + } + else if (name.equalsIgnoreCase(Registry.HAVAL_HASH)) + { + result = new Haval(); + } + else if (name.equalsIgnoreCase(Registry.MD5_HASH)) + { + result = new MD5(); + } + else if (name.equalsIgnoreCase(Registry.MD4_HASH)) + { + result = new MD4(); + } + else if (name.equalsIgnoreCase(Registry.MD2_HASH)) + { + result = new MD2(); + } + else if (name.equalsIgnoreCase(Registry.HAVAL_HASH)) + { + result = new Haval(); + } + + if (result != null && !result.selfTest()) + { + throw new InternalError(result.name()); + } + + return result; + } + + /** + *

Returns a {@link Set} of names of hash algorithms supported by this + * Factory.

+ * + * @return a {@link Set} of hash names (Strings). + */ + public static final Set getNames() + { + HashSet hs = new HashSet(); + hs.add(Registry.WHIRLPOOL_HASH); + hs.add(Registry.RIPEMD128_HASH); + hs.add(Registry.RIPEMD160_HASH); + hs.add(Registry.SHA160_HASH); + hs.add(Registry.SHA256_HASH); + hs.add(Registry.SHA384_HASH); + hs.add(Registry.SHA512_HASH); + hs.add(Registry.TIGER_HASH); + hs.add(Registry.HAVAL_HASH); + hs.add(Registry.MD5_HASH); + hs.add(Registry.MD4_HASH); + hs.add(Registry.MD2_HASH); + + return Collections.unmodifiableSet(hs); + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/hash/Haval.java b/libjava/classpath/gnu/java/security/hash/Haval.java new file mode 100644 index 0000000..f9f3282 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Haval.java @@ -0,0 +1,759 @@ +/* Haval.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

The HAVAL message-digest algorithm is a variable output length, + * with variable number of rounds. By default, this implementation allows + * HAVAL to be used as a drop-in replacement for MD5.

+ * + *

References:

+ * + *
    + *
  1. HAVAL - A One-Way Hashing Algorithm with Variable Length of Output
    + * Advances in Cryptology - AUSCRYPT'92, Lecture Notes in Computer Science,
    + * Springer-Verlag, 1993;
    + * Y. Zheng, J. Pieprzyk and J. Seberry.
    2. + *
+ */ +public class Haval extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int HAVAL_VERSION = 1; + + public static final int HAVAL_128_BIT = 16; + + public static final int HAVAL_160_BIT = 20; + + public static final int HAVAL_192_BIT = 24; + + public static final int HAVAL_224_BIT = 28; + + public static final int HAVAL_256_BIT = 32; + + public static final int HAVAL_3_ROUND = 3; + + public static final int HAVAL_4_ROUND = 4; + + public static final int HAVAL_5_ROUND = 5; + + private static final int BLOCK_SIZE = 128; // inner block size in bytes + + private static final String DIGEST0 = "C68F39913F901F3DDF44C707357A7D70"; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** + * Number of HAVAL rounds. Allowed values are integers in the range 3 + * .. 5. The default is 3. + */ + private int rounds = HAVAL_3_ROUND; + + /** 128-bit interim result. */ + private int h0, h1, h2, h3, h4, h5, h6, h7; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Calls the constructor with two argument using {@link #HAVAL_128_BIT} as + * the value for the output size (i.e. 128 bits, and + * {@link #HAVAL_3_ROUND} for the value of number of rounds.

+ */ + public Haval() + { + this(HAVAL_128_BIT, HAVAL_3_ROUND); + } + + /** + *

Calls the constructor with two arguments using the designated output + * size, and {@link #HAVAL_3_ROUND} for the value of number of rounds.

+ * + * @param size the output size in bytes of this instance. + * @throws IllegalArgumentException if the designated output size is invalid. + * @see #HAVAL_128_BIT + * @see #HAVAL_160_BIT + * @see #HAVAL_192_BIT + * @see #HAVAL_224_BIT + * @see #HAVAL_256_BIT + */ + public Haval(int size) + { + this(size, HAVAL_3_ROUND); + } + + /** + *

Constructs a Haval instance with the designated output + * size (in bytes). Valid output size values are 16, + * 20, 24, 28 and 32. + * Valid values for rounds are in the range 3..5 + * inclusive.

+ * + * @param size the output size in bytes of this instance. + * @param rounds the number of rounds to apply when transforming data. + * @throws IllegalArgumentException if the designated output size is invalid, + * or if the number of rounds is invalid. + * @see #HAVAL_128_BIT + * @see #HAVAL_160_BIT + * @see #HAVAL_192_BIT + * @see #HAVAL_224_BIT + * @see #HAVAL_256_BIT + * @see #HAVAL_3_ROUND + * @see #HAVAL_4_ROUND + * @see #HAVAL_5_ROUND + */ + public Haval(int size, int rounds) + { + super(Registry.HAVAL_HASH, size, BLOCK_SIZE); + + if (size != HAVAL_128_BIT && size != HAVAL_160_BIT && size != HAVAL_192_BIT + && size != HAVAL_224_BIT && size != HAVAL_256_BIT) + { + throw new IllegalArgumentException("Invalid HAVAL output size"); + } + + if (rounds != HAVAL_3_ROUND && rounds != HAVAL_4_ROUND + && rounds != HAVAL_5_ROUND) + { + throw new IllegalArgumentException("Invalid HAVAL number of rounds"); + } + + this.rounds = rounds; + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Haval(Haval md) + { + this(md.hashSize, md.rounds); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.h5 = md.h5; + this.h6 = md.h6; + this.h7 = md.h7; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Constructor(s) + // ------------------------------------------------------------------------- + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new Haval(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected synchronized void transform(byte[] in, int i) + { + int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X16 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X17 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X18 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X19 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X20 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X21 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X22 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X23 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X24 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X25 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X26 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X27 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X28 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X29 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X30 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + int X31 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | (in[i++] & 0xFF) << 24; + + int t0 = h0, t1 = h1, t2 = h2, t3 = h3, t4 = h4, t5 = h5, t6 = h6, t7 = h7; + + // Pass 1 + t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X0); + t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X1); + t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X2); + t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X3); + t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X4); + t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X5); + t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X6); + t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X7); + + t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X8); + t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X9); + t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X10); + t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X11); + t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X12); + t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X13); + t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X14); + t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X15); + + t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X16); + t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X17); + t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X18); + t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X19); + t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X20); + t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X21); + t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X22); + t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X23); + + t7 = FF1(t7, t6, t5, t4, t3, t2, t1, t0, X24); + t6 = FF1(t6, t5, t4, t3, t2, t1, t0, t7, X25); + t5 = FF1(t5, t4, t3, t2, t1, t0, t7, t6, X26); + t4 = FF1(t4, t3, t2, t1, t0, t7, t6, t5, X27); + t3 = FF1(t3, t2, t1, t0, t7, t6, t5, t4, X28); + t2 = FF1(t2, t1, t0, t7, t6, t5, t4, t3, X29); + t1 = FF1(t1, t0, t7, t6, t5, t4, t3, t2, X30); + t0 = FF1(t0, t7, t6, t5, t4, t3, t2, t1, X31); + + // Pass 2 + t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X5, 0x452821E6); + t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X14, 0x38D01377); + t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X26, 0xBE5466CF); + t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X18, 0x34E90C6C); + t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X11, 0xC0AC29B7); + t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X28, 0xC97C50DD); + t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X7, 0x3F84D5B5); + t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X16, 0xB5470917); + + t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X0, 0x9216D5D9); + t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X23, 0x8979FB1B); + t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X20, 0xD1310BA6); + t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X22, 0x98DFB5AC); + t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X1, 0x2FFD72DB); + t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X10, 0xD01ADFB7); + t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X4, 0xB8E1AFED); + t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X8, 0x6A267E96); + + t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X30, 0xBA7C9045); + t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X3, 0xF12C7F99); + t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0x24A19947); + t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X9, 0xB3916CF7); + t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x0801F2E2); + t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X24, 0x858EFC16); + t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X29, 0x636920D8); + t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X6, 0x71574E69); + + t7 = FF2(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0xA458FEA3); + t6 = FF2(t6, t5, t4, t3, t2, t1, t0, t7, X12, 0xF4933D7E); + t5 = FF2(t5, t4, t3, t2, t1, t0, t7, t6, X15, 0x0D95748F); + t4 = FF2(t4, t3, t2, t1, t0, t7, t6, t5, X13, 0x728EB658); + t3 = FF2(t3, t2, t1, t0, t7, t6, t5, t4, X2, 0x718BCD58); + t2 = FF2(t2, t1, t0, t7, t6, t5, t4, t3, X25, 0x82154AEE); + t1 = FF2(t1, t0, t7, t6, t5, t4, t3, t2, X31, 0x7B54A41D); + t0 = FF2(t0, t7, t6, t5, t4, t3, t2, t1, X27, 0xC25A59B5); + + // Pass 3 + t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0x9C30D539); + t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X9, 0x2AF26013); + t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X4, 0xC5D1B023); + t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X20, 0x286085F0); + t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X28, 0xCA417918); + t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X17, 0xB8DB38EF); + t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X8, 0x8E79DCB0); + t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X22, 0x603A180E); + + t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X29, 0x6C9E0E8B); + t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X14, 0xB01E8A3E); + t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X25, 0xD71577C1); + t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X12, 0xBD314B27); + t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X24, 0x78AF2FDA); + t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X30, 0x55605C60); + t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X16, 0xE65525F3); + t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X26, 0xAA55AB94); + + t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X31, 0x57489862); + t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X15, 0x63E81440); + t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X7, 0x55CA396A); + t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X3, 0x2AAB10B6); + t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X1, 0xB4CC5C34); + t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X0, 0x1141E8CE); + t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X18, 0xA15486AF); + t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X27, 0x7C72E993); + + t7 = FF3(t7, t6, t5, t4, t3, t2, t1, t0, X13, 0xB3EE1411); + t6 = FF3(t6, t5, t4, t3, t2, t1, t0, t7, X6, 0x636FBC2A); + t5 = FF3(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0x2BA9C55D); + t4 = FF3(t4, t3, t2, t1, t0, t7, t6, t5, X10, 0x741831F6); + t3 = FF3(t3, t2, t1, t0, t7, t6, t5, t4, X23, 0xCE5C3E16); + t2 = FF3(t2, t1, t0, t7, t6, t5, t4, t3, X11, 0x9B87931E); + t1 = FF3(t1, t0, t7, t6, t5, t4, t3, t2, X5, 0xAFD6BA33); + t0 = FF3(t0, t7, t6, t5, t4, t3, t2, t1, X2, 0x6C24CF5C); + + if (rounds >= 4) + { + t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X24, 0x7A325381); + t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X4, 0x28958677); + t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X0, 0x3B8F4898); + t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X14, 0x6B4BB9AF); + t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X2, 0xC4BFE81B); + t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X7, 0x66282193); + t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X28, 0x61D809CC); + t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X23, 0xFB21A991); + t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X26, 0x487CAC60); + t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X6, 0x5DEC8032); + t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X30, 0xEF845D5D); + t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X20, 0xE98575B1); + t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X18, 0xDC262302); + t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X25, 0xEB651B88); + t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X19, 0x23893E81); + t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X3, 0xD396ACC5); + + t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X22, 0x0F6D6FF3); + t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X11, 0x83F44239); + t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X31, 0x2E0B4482); + t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X21, 0xA4842004); + t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X8, 0x69C8F04A); + t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X27, 0x9E1F9B5E); + t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X12, 0x21C66842); + t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X9, 0xF6E96C9A); + t7 = FF4(t7, t6, t5, t4, t3, t2, t1, t0, X1, 0x670C9C61); + t6 = FF4(t6, t5, t4, t3, t2, t1, t0, t7, X29, 0xABD388F0); + t5 = FF4(t5, t4, t3, t2, t1, t0, t7, t6, X5, 0x6A51A0D2); + t4 = FF4(t4, t3, t2, t1, t0, t7, t6, t5, X15, 0xD8542F68); + t3 = FF4(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x960FA728); + t2 = FF4(t2, t1, t0, t7, t6, t5, t4, t3, X10, 0xAB5133A3); + t1 = FF4(t1, t0, t7, t6, t5, t4, t3, t2, X16, 0x6EEF0B6C); + t0 = FF4(t0, t7, t6, t5, t4, t3, t2, t1, X13, 0x137A3BE4); + + if (rounds == 5) + { + t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X27, 0xBA3BF050); + t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X3, 0x7EFB2A98); + t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X21, 0xA1F1651D); + t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X26, 0x39AF0176); + t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X17, 0x66CA593E); + t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X11, 0x82430E88); + t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X20, 0x8CEE8619); + t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X29, 0x456F9FB4); + + t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X19, 0x7D84A5C3); + t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X0, 0x3B8B5EBE); + t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X12, 0xE06F75D8); + t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X7, 0x85C12073); + t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X13, 0x401A449F); + t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X8, 0x56C16AA6); + t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X31, 0x4ED3AA62); + t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X10, 0x363F7706); + + t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X5, 0x1BFEDF72); + t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X9, 0x429B023D); + t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X14, 0x37D0D724); + t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X30, 0xD00A1248); + t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X18, 0xDB0FEAD3); + t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X6, 0x49F1C09B); + t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X28, 0x075372C9); + t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X24, 0x80991B7B); + + t7 = FF5(t7, t6, t5, t4, t3, t2, t1, t0, X2, 0x25D479D8); + t6 = FF5(t6, t5, t4, t3, t2, t1, t0, t7, X23, 0xF6E8DEF7); + t5 = FF5(t5, t4, t3, t2, t1, t0, t7, t6, X16, 0xE3FE501A); + t4 = FF5(t4, t3, t2, t1, t0, t7, t6, t5, X22, 0xB6794C3B); + t3 = FF5(t3, t2, t1, t0, t7, t6, t5, t4, X4, 0x976CE0BD); + t2 = FF5(t2, t1, t0, t7, t6, t5, t4, t3, X1, 0x04C006BA); + t1 = FF5(t1, t0, t7, t6, t5, t4, t3, t2, X25, 0xC1A94FB6); + t0 = FF5(t0, t7, t6, t5, t4, t3, t2, t1, X15, 0x409F60C4); + } + } + + h7 += t7; + h6 += t6; + h5 += t5; + h4 += t4; + h3 += t3; + h2 += t2; + h1 += t1; + h0 += t0; + } + + protected byte[] padBuffer() + { + // pad out to 118 mod 128. other 10 bytes have special use. + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 118) ? (118 - n) : (246 - n); + byte[] result = new byte[padding + 10]; + result[0] = (byte) 0x01; + + // save the version number (LSB 3), the number of rounds (3 bits in the + // middle), the fingerprint length (MSB 2 bits and next byte) and the + // number of bits in the unpadded message. + int bl = hashSize * 8; + result[padding++] = (byte) (((bl & 0x03) << 6) | ((rounds & 0x07) << 3) | (HAVAL_VERSION & 0x07)); + result[padding++] = (byte) (bl >>> 2); + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) bits; + result[padding++] = (byte) (bits >>> 8); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 48); + result[padding] = (byte) (bits >>> 56); + + return result; + } + + protected byte[] getResult() + { + tailorDigestBits(); // tailor context for the designated output size + // cast enough top context values into an array of hashSize bytes + byte[] result = new byte[hashSize]; + if (hashSize >= HAVAL_256_BIT) + { + result[31] = (byte) (h7 >>> 24); + result[30] = (byte) (h7 >>> 16); + result[29] = (byte) (h7 >>> 8); + result[28] = (byte) h7; + } + if (hashSize >= HAVAL_224_BIT) + { + result[27] = (byte) (h6 >>> 24); + result[26] = (byte) (h6 >>> 16); + result[25] = (byte) (h6 >>> 8); + result[24] = (byte) h6; + } + if (hashSize >= HAVAL_192_BIT) + { + result[23] = (byte) (h5 >>> 24); + result[22] = (byte) (h5 >>> 16); + result[21] = (byte) (h5 >>> 8); + result[20] = (byte) h5; + } + if (hashSize >= HAVAL_160_BIT) + { + result[19] = (byte) (h4 >>> 24); + result[18] = (byte) (h4 >>> 16); + result[17] = (byte) (h4 >>> 8); + result[16] = (byte) h4; + } + result[15] = (byte) (h3 >>> 24); + result[14] = (byte) (h3 >>> 16); + result[13] = (byte) (h3 >>> 8); + result[12] = (byte) h3; + result[11] = (byte) (h2 >>> 24); + result[10] = (byte) (h2 >>> 16); + result[9] = (byte) (h2 >>> 8); + result[8] = (byte) h2; + result[7] = (byte) (h1 >>> 24); + result[6] = (byte) (h1 >>> 16); + result[5] = (byte) (h1 >>> 8); + result[4] = (byte) h1; + result[3] = (byte) (h0 >>> 24); + result[2] = (byte) (h0 >>> 16); + result[1] = (byte) (h0 >>> 8); + result[0] = (byte) h0; + + return result; + } + + protected void resetContext() + { + h0 = 0x243F6A88; + h1 = 0x85A308D3; + h2 = 0x13198A2E; + h3 = 0x03707344; + h4 = 0xA4093822; + h5 = 0x299F31D0; + h6 = 0x082EFA98; + h7 = 0xEC4E6C89; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean(DIGEST0.equals(Util.toString(new Haval().digest()))); + } + return valid.booleanValue(); + } + + // helper methods ---------------------------------------------------------- + + /** Tailors the last output. */ + private void tailorDigestBits() + { + int t; + switch (hashSize) + { + case HAVAL_128_BIT: + t = (h7 & 0x000000FF) | (h6 & 0xFF000000) | (h5 & 0x00FF0000) + | (h4 & 0x0000FF00); + h0 += t >>> 8 | t << 24; + t = (h7 & 0x0000FF00) | (h6 & 0x000000FF) | (h5 & 0xFF000000) + | (h4 & 0x00FF0000); + h1 += t >>> 16 | t << 16; + t = (h7 & 0x00FF0000) | (h6 & 0x0000FF00) | (h5 & 0x000000FF) + | (h4 & 0xFF000000); + h2 += t >>> 24 | t << 8; + t = (h7 & 0xFF000000) | (h6 & 0x00FF0000) | (h5 & 0x0000FF00) + | (h4 & 0x000000FF); + h3 += t; + break; + case HAVAL_160_BIT: + t = (h7 & 0x3F) | (h6 & (0x7F << 25)) | (h5 & (0x3F << 19)); + h0 += t >>> 19 | t << 13; + t = (h7 & (0x3F << 6)) | (h6 & 0x3F) | (h5 & (0x7F << 25)); + h1 += t >>> 25 | t << 7; + t = (h7 & (0x7F << 12)) | (h6 & (0x3F << 6)) | (h5 & 0x3F); + h2 += t; + t = (h7 & (0x3F << 19)) | (h6 & (0x7F << 12)) | (h5 & (0x3F << 6)); + h3 += (t >>> 6); + t = (h7 & (0x7F << 25)) | (h6 & (0x3F << 19)) | (h5 & (0x7F << 12)); + h4 += (t >>> 12); + break; + case HAVAL_192_BIT: + t = (h7 & 0x1F) | (h6 & (0x3F << 26)); + h0 += t >>> 26 | t << 6; + t = (h7 & (0x1F << 5)) | (h6 & 0x1F); + h1 += t; + t = (h7 & (0x3F << 10)) | (h6 & (0x1F << 5)); + h2 += (t >>> 5); + t = (h7 & (0x1F << 16)) | (h6 & (0x3F << 10)); + h3 += (t >>> 10); + t = (h7 & (0x1F << 21)) | (h6 & (0x1F << 16)); + h4 += (t >>> 16); + t = (h7 & (0x3F << 26)) | (h6 & (0x1F << 21)); + h5 += (t >>> 21); + break; + case HAVAL_224_BIT: + h0 += ((h7 >>> 27) & 0x1F); + h1 += ((h7 >>> 22) & 0x1F); + h2 += ((h7 >>> 18) & 0x0F); + h3 += ((h7 >>> 13) & 0x1F); + h4 += ((h7 >>> 9) & 0x0F); + h5 += ((h7 >>> 4) & 0x1F); + h6 += (h7 & 0x0F); + } + } + + /** + * Permutations phi_{i,j}, i=3,4,5, j=1,...,i. + * + * rounds = 3: 6 5 4 3 2 1 0 + * | | | | | | | (replaced by) + * phi_{3,1}: 1 0 3 5 6 2 4 + * phi_{3,2}: 4 2 1 0 5 3 6 + * phi_{3,3}: 6 1 2 3 4 5 0 + * + * rounds = 4: 6 5 4 3 2 1 0 + * | | | | | | | (replaced by) + * phi_{4,1}: 2 6 1 4 5 3 0 + * phi_{4,2}: 3 5 2 0 1 6 4 + * phi_{4,3}: 1 4 3 6 0 2 5 + * phi_{4,4}: 6 4 0 5 2 1 3 + * + * rounds = 5: 6 5 4 3 2 1 0 + * | | | | | | | (replaced by) + * phi_{5,1}: 3 4 1 0 5 2 6 + * phi_{5,2}: 6 2 1 0 3 4 5 + * phi_{5,3}: 2 6 0 4 3 1 5 + * phi_{5,4}: 1 5 3 2 0 4 6 + * phi_{5,5}: 2 5 0 6 4 3 1 + */ + private int FF1(int x7, int x6, int x5, int x4, int x3, int x2, int x1, + int x0, int w) + { + int t; + switch (rounds) + { + case 3: + t = f1(x1, x0, x3, x5, x6, x2, x4); + break; + case 4: + t = f1(x2, x6, x1, x4, x5, x3, x0); + break; + default: + t = f1(x3, x4, x1, x0, x5, x2, x6); + } + return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w; + } + + private int FF2(int x7, int x6, int x5, int x4, int x3, int x2, int x1, + int x0, int w, int c) + { + int t; + switch (rounds) + { + case 3: + t = f2(x4, x2, x1, x0, x5, x3, x6); + break; + case 4: + t = f2(x3, x5, x2, x0, x1, x6, x4); + break; + default: + t = f2(x6, x2, x1, x0, x3, x4, x5); + } + return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c; + } + + private int FF3(int x7, int x6, int x5, int x4, int x3, int x2, int x1, + int x0, int w, int c) + { + int t; + switch (rounds) + { + case 3: + t = f3(x6, x1, x2, x3, x4, x5, x0); + break; + case 4: + t = f3(x1, x4, x3, x6, x0, x2, x5); + break; + default: + t = f3(x2, x6, x0, x4, x3, x1, x5); + } + return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c; + } + + private int FF4(int x7, int x6, int x5, int x4, int x3, int x2, int x1, + int x0, int w, int c) + { + int t; + switch (rounds) + { + case 4: + t = f4(x6, x4, x0, x5, x2, x1, x3); + break; + default: + t = f4(x1, x5, x3, x2, x0, x4, x6); + } + return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c; + } + + private int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1, + int x0, int w, int c) + { + int t = f5(x2, x5, x0, x6, x4, x3, x1); + return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c; + } + + private int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0) + { + return x1 & (x0 ^ x4) ^ x2 & x5 ^ x3 & x6 ^ x0; + } + + private int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0) + { + return x2 & (x1 & ~x3 ^ x4 & x5 ^ x6 ^ x0) ^ x4 & (x1 ^ x5) ^ x3 & x5 ^ x0; + } + + private int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0) + { + return x3 & (x1 & x2 ^ x6 ^ x0) ^ x1 & x4 ^ x2 & x5 ^ x0; + } + + private int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0) + { + return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3 & (x1 & x2 ^ x5 ^ x6) + ^ x2 & x6 ^ x0; + } + + private int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0) + { + return x0 & (x1 & x2 & x3 ^ ~x5) ^ x1 & x4 ^ x2 & x5 ^ x3 & x6; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/IMessageDigest.java b/libjava/classpath/gnu/java/security/hash/IMessageDigest.java new file mode 100644 index 0000000..b3d7f69 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/IMessageDigest.java @@ -0,0 +1,135 @@ +/* IMessageDigest.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +/** + *

The basic visible methods of any hash algorithm.

+ * + *

A hash (or message digest) algorithm produces its output by iterating a + * basic compression function on blocks of data.

+ */ +public interface IMessageDigest extends Cloneable +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + *

Returns the canonical name of this algorithm.

+ * + * @return the canonical name of this instance. + */ + String name(); + + /** + *

Returns the output length in bytes of this message digest algorithm.

+ * + * @return the output length in bytes of this message digest algorithm. + */ + int hashSize(); + + /** + *

Returns the algorithm's (inner) block size in bytes.

+ * + * @return the algorithm's inner block size in bytes. + */ + int blockSize(); + + /** + *

Continues a message digest operation using the input byte.

+ * + * @param b the input byte to digest. + */ + void update(byte b); + + /** + *

Continues a message digest operation, by filling the buffer, processing + * data in the algorithm's HASH_SIZE-bit block(s), updating the context and + * count, and buffering the remaining bytes in buffer for the next + * operation.

+ * + * @param in the input block. + */ + void update(byte[] in); + + /** + *

Continues a message digest operation, by filling the buffer, processing + * data in the algorithm's HASH_SIZE-bit block(s), updating the context and + * count, and buffering the remaining bytes in buffer for the next + * operation.

+ * + * @param in the input block. + * @param offset start of meaningful bytes in input block. + * @param length number of bytes, in input block, to consider. + */ + void update(byte[] in, int offset, int length); + + /** + *

Completes the message digest by performing final operations such as + * padding and resetting the instance.

+ * + * @return the array of bytes representing the hash value. + */ + byte[] digest(); + + /** + *

Resets the current context of this instance clearing any eventually cached + * intermediary values.

+ */ + void reset(); + + /** + *

A basic test. Ensures that the digest of a pre-determined message is equal + * to a known pre-computed value.

+ * + * @return true if the implementation passes a basic self-test. + * Returns false otherwise. + */ + boolean selfTest(); + + /** + *

Returns a clone copy of this instance.

+ * + * @return a clone copy of this instance. + */ + Object clone(); +} diff --git a/libjava/classpath/gnu/java/security/hash/MD2.java b/libjava/classpath/gnu/java/security/hash/MD2.java new file mode 100644 index 0000000..41e8769 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/MD2.java @@ -0,0 +1,301 @@ +/* MD2.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

An implementation of the MD2 message digest algorithm.

+ * + *

MD2 is not widely used. Unless it is needed for compatibility with + * existing systems, it is not recommended for use in new applications.

+ * + *

References:

+ * + *
    + *
  1. The MD2 + * Message-Digest Algorithm.
    + * B. Kaliski.
    2. + *
  2. The RFC ERRATA PAGE + * under section RFC 1319.
    3. + *
+ */ +public class MD2 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** An MD2 message digest is always 128-bits long, or 16 bytes. */ + private static final int DIGEST_LENGTH = 16; + + /** The MD2 algorithm operates on 128-bit blocks, or 16 bytes. */ + private static final int BLOCK_LENGTH = 16; + + /** 256 byte "random" permutation of the digits of pi. */ + private static final byte[] PI = { 41, 46, 67, -55, -94, -40, 124, 1, 61, 54, + 84, -95, -20, -16, 6, 19, 98, -89, 5, -13, + -64, -57, 115, -116, -104, -109, 43, -39, + -68, 76, -126, -54, 30, -101, 87, 60, -3, + -44, -32, 22, 103, 66, 111, 24, -118, 23, + -27, 18, -66, 78, -60, -42, -38, -98, -34, + 73, -96, -5, -11, -114, -69, 47, -18, 122, + -87, 104, 121, -111, 21, -78, 7, 63, -108, + -62, 16, -119, 11, 34, 95, 33, -128, 127, + 93, -102, 90, -112, 50, 39, 53, 62, -52, + -25, -65, -9, -105, 3, -1, 25, 48, -77, 72, + -91, -75, -47, -41, 94, -110, 42, -84, 86, + -86, -58, 79, -72, 56, -46, -106, -92, 125, + -74, 118, -4, 107, -30, -100, 116, 4, -15, + 69, -99, 112, 89, 100, 113, -121, 32, -122, + 91, -49, 101, -26, 45, -88, 2, 27, 96, 37, + -83, -82, -80, -71, -10, 28, 70, 97, 105, + 52, 64, 126, 15, 85, 71, -93, 35, -35, 81, + -81, 58, -61, 92, -7, -50, -70, -59, -22, + 38, 44, 83, 13, 110, -123, 40, -124, 9, + -45, -33, -51, -12, 65, -127, 77, 82, 106, + -36, 55, -56, 108, -63, -85, -6, 36, -31, + 123, 8, 12, -67, -79, 74, 120, -120, -107, + -117, -29, 99, -24, 109, -23, -53, -43, -2, + 59, 0, 29, 57, -14, -17, -73, 14, 102, 88, + -48, -28, -90, 119, 114, -8, -21, 117, 75, + 10, 49, 68, 80, -76, -113, -19, 31, 26, + -37, -103, -115, 51, -97, 17, -125, 20 }; + + /** The output of this message digest when no data has been input. */ + private static final String DIGEST0 = "8350E5A3E24C153DF2275C9F80692773"; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** The checksum computed so far. */ + private byte[] checksum; + + /** + * Work array needed by encrypt method. First BLOCK_LENGTH bytes + * are also used to store the running digest. + */ + private byte[] work; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Creates a new MD2 digest ready for use. */ + public MD2() + { + super(Registry.MD2_HASH, DIGEST_LENGTH, BLOCK_LENGTH); + } + + /** + *

Private constructor used for cloning.

+ * + * @param md2 the instance to clone. + */ + private MD2(MD2 md2) + { + this(); + + // superclass field + this.count = md2.count; + this.buffer = (byte[]) md2.buffer.clone(); + + // private field + this.checksum = (byte[]) md2.checksum.clone(); + this.work = (byte[]) md2.work.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new MD2(this); + } + + // Implementation of abstract methods in BaseHash -------------------------- + + protected byte[] getResult() + { + byte[] result = new byte[DIGEST_LENGTH]; + + // Encrypt checksum as last block. + encryptBlock(checksum, 0); + + for (int i = 0; i < BLOCK_LENGTH; i++) + { + result[i] = work[i]; + } + + return result; + } + + protected void resetContext() + { + checksum = new byte[BLOCK_LENGTH]; + work = new byte[BLOCK_LENGTH * 3]; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean(DIGEST0.equals(Util.toString(new MD2().digest()))); + } + return valid.booleanValue(); + } + + /** + *

Generates an array of padding bytes. The padding is defined as + * i bytes of value i, where i is the + * number of bytes to fill the last block of the message to + * BLOCK_LENGTH bytes (or BLOCK_LENGTH bytes when + * the last block was completely full).

+ * + * @return the bytes to pad the remaining bytes in the buffer before + * completing a hash operation. + */ + protected byte[] padBuffer() + { + int length = BLOCK_LENGTH - (int) (count % BLOCK_LENGTH); + if (length == 0) + { + length = BLOCK_LENGTH; + } + byte[] pad = new byte[length]; + for (int i = 0; i < length; i++) + { + pad[i] = (byte) length; + } + return pad; + } + + /** + *

Adds BLOCK_LENGTH bytes to the running digest.

+ * + * @param in the byte array to take the BLOCK_LENGTH bytes from. + * @param off the offset to start from in the given byte array. + */ + protected void transform(byte[] in, int off) + { + // encryptBlock(in, off); + // updateCheckSum(in, off); + updateCheckSumAndEncryptBlock(in, off); + } + + // Private instance methods ------------------------------------------------ + + /** + * Updates the checksum with the BLOCK_LENGTH bytes from the + * given array starting at off. + */ + /* + private void updateCheckSum(byte[] in, int off) { + byte l = checksum[BLOCK_LENGTH-1]; + for (int i = 0; i < BLOCK_LENGTH; i++) { + byte b = in[off+i]; + // l = (byte)((checksum[i] & 0xFF) ^ (PI[((b & 0xFF) ^ (l & 0xFF))] & 0xFF)); + l = (byte)(checksum[i] ^ PI[(b ^ l) & 0xFF]); + checksum[i] = l; + } + } + */ + /** + * Adds a new block (BLOCK_LENGTH bytes) to the running digest + * from the given byte array starting from the given offset. + */ + private void encryptBlock(byte[] in, int off) + { + for (int i = 0; i < BLOCK_LENGTH; i++) + { + byte b = in[off + i]; + work[BLOCK_LENGTH + i] = b; + work[BLOCK_LENGTH * 2 + i] = (byte) (work[i] ^ b); + } + + byte t = 0; + for (int i = 0; i < 18; i++) + { + for (int j = 0; j < 3 * BLOCK_LENGTH; j++) + { + // t = (byte)((work[j] & 0xFF) ^ (PI[t & 0xFF] & 0xFF)); + t = (byte) (work[j] ^ PI[t & 0xFF]); + work[j] = t; + } + // t = (byte)((t + i) & 0xFF); + t = (byte) (t + i); + } + } + + /** + * Optimized method that combines a checksum update and encrypt of a block. + */ + private void updateCheckSumAndEncryptBlock(byte[] in, int off) + { + byte l = checksum[BLOCK_LENGTH - 1]; + for (int i = 0; i < BLOCK_LENGTH; i++) + { + byte b = in[off + i]; + work[BLOCK_LENGTH + i] = b; + // work[BLOCK_LENGTH*2+i] = (byte)((work[i] & 0xFF) ^ (b & 0xFF)); + work[BLOCK_LENGTH * 2 + i] = (byte) (work[i] ^ b); + // l = (byte)((checksum[i] & 0xFF) ^ (PI[((b & 0xFF) ^ (l & 0xFF))] & 0xFF)); + l = (byte) (checksum[i] ^ PI[(b ^ l) & 0xFF]); + checksum[i] = l; + } + + byte t = 0; + for (int i = 0; i < 18; i++) + { + for (int j = 0; j < 3 * BLOCK_LENGTH; j++) + { + // t = (byte)((work[j] & 0xFF) ^ (PI[t & 0xFF] & 0xFF)); + t = (byte) (work[j] ^ PI[t & 0xFF]); + work[j] = t; + } + // t = (byte)((t + i) & 0xFF); + t = (byte) (t + i); + } + } +} diff --git a/libjava/classpath/gnu/java/security/hash/MD4.java b/libjava/classpath/gnu/java/security/hash/MD4.java new file mode 100644 index 0000000..54dda35 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/MD4.java @@ -0,0 +1,328 @@ +/* MD4.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

An implementation of Ron Rivest's MD4 message digest algorithm.

+ * + *

MD4 was the precursor to the stronger {@link gnu.crypto.hash.MD5} + * algorithm, and while not considered cryptograpically secure itself, MD4 is + * in use in various applications. It is slightly faster than MD5.

+ * + *

References:

+ * + *
    + *
  1. The MD4 + * Message-Digest Algorithm.
    + * R. Rivest.
    2. + *
+ * + * @author Casey Marshall (rsdio@metastatic.org) + */ +public class MD4 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** An MD4 message digest is always 128-bits long, or 16 bytes. */ + private static final int DIGEST_LENGTH = 16; + + /** The MD4 algorithm operates on 512-bit blocks, or 64 bytes. */ + private static final int BLOCK_LENGTH = 64; + + private static final int A = 0x67452301; + + private static final int B = 0xefcdab89; + + private static final int C = 0x98badcfe; + + private static final int D = 0x10325476; + + /** The output of this message digest when no data has been input. */ + private static final String DIGEST0 = "31D6CFE0D16AE931B73C59D7E0C089C0"; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + private int a, b, c, d; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Public constructor. Initializes the chaining variables, sets the byte + * count to 0, and creates a new block of 512 bits. + *

+ */ + public MD4() + { + super(Registry.MD4_HASH, DIGEST_LENGTH, BLOCK_LENGTH); + } + + /** + *

Trivial private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private MD4(MD4 that) + { + this(); + + this.a = that.a; + this.b = that.b; + this.c = that.c; + this.d = that.d; + this.count = that.count; + this.buffer = (byte[]) that.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new MD4(this); + } + + // Implementation of abstract methods in BashHash -------------------------- + + protected byte[] getResult() + { + byte[] digest = { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16), + (byte) (a >>> 24), (byte) b, (byte) (b >>> 8), + (byte) (b >>> 16), (byte) (b >>> 24), (byte) c, + (byte) (c >>> 8), (byte) (c >>> 16), (byte) (c >>> 24), + (byte) d, (byte) (d >>> 8), (byte) (d >>> 16), + (byte) (d >>> 24) }; + return digest; + } + + protected void resetContext() + { + a = A; + b = B; + c = C; + d = D; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean(DIGEST0.equals(Util.toString(new MD4().digest()))); + } + return valid.booleanValue(); + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_LENGTH); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] pad = new byte[padding + 8]; + + pad[0] = (byte) 0x80; + long bits = count << 3; + pad[padding++] = (byte) bits; + pad[padding++] = (byte) (bits >>> 8); + pad[padding++] = (byte) (bits >>> 16); + pad[padding++] = (byte) (bits >>> 24); + pad[padding++] = (byte) (bits >>> 32); + pad[padding++] = (byte) (bits >>> 40); + pad[padding++] = (byte) (bits >>> 48); + pad[padding] = (byte) (bits >>> 56); + + return pad; + } + + protected void transform(byte[] in, int i) + { + int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i] << 24; + + int aa, bb, cc, dd; + + aa = a; + bb = b; + cc = c; + dd = d; + + aa += ((bb & cc) | ((~bb) & dd)) + X0; + aa = aa << 3 | aa >>> -3; + dd += ((aa & bb) | ((~aa) & cc)) + X1; + dd = dd << 7 | dd >>> -7; + cc += ((dd & aa) | ((~dd) & bb)) + X2; + cc = cc << 11 | cc >>> -11; + bb += ((cc & dd) | ((~cc) & aa)) + X3; + bb = bb << 19 | bb >>> -19; + aa += ((bb & cc) | ((~bb) & dd)) + X4; + aa = aa << 3 | aa >>> -3; + dd += ((aa & bb) | ((~aa) & cc)) + X5; + dd = dd << 7 | dd >>> -7; + cc += ((dd & aa) | ((~dd) & bb)) + X6; + cc = cc << 11 | cc >>> -11; + bb += ((cc & dd) | ((~cc) & aa)) + X7; + bb = bb << 19 | bb >>> -19; + aa += ((bb & cc) | ((~bb) & dd)) + X8; + aa = aa << 3 | aa >>> -3; + dd += ((aa & bb) | ((~aa) & cc)) + X9; + dd = dd << 7 | dd >>> -7; + cc += ((dd & aa) | ((~dd) & bb)) + X10; + cc = cc << 11 | cc >>> -11; + bb += ((cc & dd) | ((~cc) & aa)) + X11; + bb = bb << 19 | bb >>> -19; + aa += ((bb & cc) | ((~bb) & dd)) + X12; + aa = aa << 3 | aa >>> -3; + dd += ((aa & bb) | ((~aa) & cc)) + X13; + dd = dd << 7 | dd >>> -7; + cc += ((dd & aa) | ((~dd) & bb)) + X14; + cc = cc << 11 | cc >>> -11; + bb += ((cc & dd) | ((~cc) & aa)) + X15; + bb = bb << 19 | bb >>> -19; + + aa += ((bb & (cc | dd)) | (cc & dd)) + X0 + 0x5a827999; + aa = aa << 3 | aa >>> -3; + dd += ((aa & (bb | cc)) | (bb & cc)) + X4 + 0x5a827999; + dd = dd << 5 | dd >>> -5; + cc += ((dd & (aa | bb)) | (aa & bb)) + X8 + 0x5a827999; + cc = cc << 9 | cc >>> -9; + bb += ((cc & (dd | aa)) | (dd & aa)) + X12 + 0x5a827999; + bb = bb << 13 | bb >>> -13; + aa += ((bb & (cc | dd)) | (cc & dd)) + X1 + 0x5a827999; + aa = aa << 3 | aa >>> -3; + dd += ((aa & (bb | cc)) | (bb & cc)) + X5 + 0x5a827999; + dd = dd << 5 | dd >>> -5; + cc += ((dd & (aa | bb)) | (aa & bb)) + X9 + 0x5a827999; + cc = cc << 9 | cc >>> -9; + bb += ((cc & (dd | aa)) | (dd & aa)) + X13 + 0x5a827999; + bb = bb << 13 | bb >>> -13; + aa += ((bb & (cc | dd)) | (cc & dd)) + X2 + 0x5a827999; + aa = aa << 3 | aa >>> -3; + dd += ((aa & (bb | cc)) | (bb & cc)) + X6 + 0x5a827999; + dd = dd << 5 | dd >>> -5; + cc += ((dd & (aa | bb)) | (aa & bb)) + X10 + 0x5a827999; + cc = cc << 9 | cc >>> -9; + bb += ((cc & (dd | aa)) | (dd & aa)) + X14 + 0x5a827999; + bb = bb << 13 | bb >>> -13; + aa += ((bb & (cc | dd)) | (cc & dd)) + X3 + 0x5a827999; + aa = aa << 3 | aa >>> -3; + dd += ((aa & (bb | cc)) | (bb & cc)) + X7 + 0x5a827999; + dd = dd << 5 | dd >>> -5; + cc += ((dd & (aa | bb)) | (aa & bb)) + X11 + 0x5a827999; + cc = cc << 9 | cc >>> -9; + bb += ((cc & (dd | aa)) | (dd & aa)) + X15 + 0x5a827999; + bb = bb << 13 | bb >>> -13; + + aa += (bb ^ cc ^ dd) + X0 + 0x6ed9eba1; + aa = aa << 3 | aa >>> -3; + dd += (aa ^ bb ^ cc) + X8 + 0x6ed9eba1; + dd = dd << 9 | dd >>> -9; + cc += (dd ^ aa ^ bb) + X4 + 0x6ed9eba1; + cc = cc << 11 | cc >>> -11; + bb += (cc ^ dd ^ aa) + X12 + 0x6ed9eba1; + bb = bb << 15 | bb >>> -15; + aa += (bb ^ cc ^ dd) + X2 + 0x6ed9eba1; + aa = aa << 3 | aa >>> -3; + dd += (aa ^ bb ^ cc) + X10 + 0x6ed9eba1; + dd = dd << 9 | dd >>> -9; + cc += (dd ^ aa ^ bb) + X6 + 0x6ed9eba1; + cc = cc << 11 | cc >>> -11; + bb += (cc ^ dd ^ aa) + X14 + 0x6ed9eba1; + bb = bb << 15 | bb >>> -15; + aa += (bb ^ cc ^ dd) + X1 + 0x6ed9eba1; + aa = aa << 3 | aa >>> -3; + dd += (aa ^ bb ^ cc) + X9 + 0x6ed9eba1; + dd = dd << 9 | dd >>> -9; + cc += (dd ^ aa ^ bb) + X5 + 0x6ed9eba1; + cc = cc << 11 | cc >>> -11; + bb += (cc ^ dd ^ aa) + X13 + 0x6ed9eba1; + bb = bb << 15 | bb >>> -15; + aa += (bb ^ cc ^ dd) + X3 + 0x6ed9eba1; + aa = aa << 3 | aa >>> -3; + dd += (aa ^ bb ^ cc) + X11 + 0x6ed9eba1; + dd = dd << 9 | dd >>> -9; + cc += (dd ^ aa ^ bb) + X7 + 0x6ed9eba1; + cc = cc << 11 | cc >>> -11; + bb += (cc ^ dd ^ aa) + X15 + 0x6ed9eba1; + bb = bb << 15 | bb >>> -15; + + a += aa; + b += bb; + c += cc; + d += dd; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/MD5.java b/libjava/classpath/gnu/java/security/hash/MD5.java new file mode 100644 index 0000000..4632929 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/MD5.java @@ -0,0 +1,365 @@ +/* MD5.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

The MD5 message-digest algorithm takes as input a message of arbitrary + * length and produces as output a 128-bit "fingerprint" or "message digest" of + * the input. It is conjectured that it is computationally infeasible to + * produce two messages having the same message digest, or to produce any + * message having a given prespecified target message digest.

+ * + *

References:

+ * + *
    + *
  1. The MD5 Message- + * Digest Algorithm.
    + * R. Rivest.
    2. + *
+ */ +public class MD5 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + private static final String DIGEST0 = "D41D8CD98F00B204E9800998ECF8427E"; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 128-bit interim result. */ + private int h0, h1, h2, h3; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public MD5() + { + super(Registry.MD5_HASH, 16, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private MD5(MD5 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new MD5(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected synchronized void transform(byte[] in, int i) + { + int X0 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X1 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X2 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X3 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X4 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X5 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X6 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X7 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X8 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X9 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X10 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X11 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X12 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X13 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X14 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i++] << 24; + int X15 = (in[i++] & 0xFF) | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF) << 16 + | in[i] << 24; + + int A = h0; + int B = h1; + int C = h2; + int D = h3; + + // hex constants are from md5.c in FSF Gnu Privacy Guard 0.9.2 + // round 1 + A += ((B & C) | (~B & D)) + X0 + 0xD76AA478; + A = B + (A << 7 | A >>> -7); + D += ((A & B) | (~A & C)) + X1 + 0xE8C7B756; + D = A + (D << 12 | D >>> -12); + C += ((D & A) | (~D & B)) + X2 + 0x242070DB; + C = D + (C << 17 | C >>> -17); + B += ((C & D) | (~C & A)) + X3 + 0xC1BDCEEE; + B = C + (B << 22 | B >>> -22); + + A += ((B & C) | (~B & D)) + X4 + 0xF57C0FAF; + A = B + (A << 7 | A >>> -7); + D += ((A & B) | (~A & C)) + X5 + 0x4787C62A; + D = A + (D << 12 | D >>> -12); + C += ((D & A) | (~D & B)) + X6 + 0xA8304613; + C = D + (C << 17 | C >>> -17); + B += ((C & D) | (~C & A)) + X7 + 0xFD469501; + B = C + (B << 22 | B >>> -22); + + A += ((B & C) | (~B & D)) + X8 + 0x698098D8; + A = B + (A << 7 | A >>> -7); + D += ((A & B) | (~A & C)) + X9 + 0x8B44F7AF; + D = A + (D << 12 | D >>> -12); + C += ((D & A) | (~D & B)) + X10 + 0xFFFF5BB1; + C = D + (C << 17 | C >>> -17); + B += ((C & D) | (~C & A)) + X11 + 0x895CD7BE; + B = C + (B << 22 | B >>> -22); + + A += ((B & C) | (~B & D)) + X12 + 0x6B901122; + A = B + (A << 7 | A >>> -7); + D += ((A & B) | (~A & C)) + X13 + 0xFD987193; + D = A + (D << 12 | D >>> -12); + C += ((D & A) | (~D & B)) + X14 + 0xA679438E; + C = D + (C << 17 | C >>> -17); + B += ((C & D) | (~C & A)) + X15 + 0x49B40821; + B = C + (B << 22 | B >>> -22); + + // round 2 + A += ((B & D) | (C & ~D)) + X1 + 0xF61E2562; + A = B + (A << 5 | A >>> -5); + D += ((A & C) | (B & ~C)) + X6 + 0xC040B340; + D = A + (D << 9 | D >>> -9); + C += ((D & B) | (A & ~B)) + X11 + 0x265E5A51; + C = D + (C << 14 | C >>> -14); + B += ((C & A) | (D & ~A)) + X0 + 0xE9B6C7AA; + B = C + (B << 20 | B >>> -20); + + A += ((B & D) | (C & ~D)) + X5 + 0xD62F105D; + A = B + (A << 5 | A >>> -5); + D += ((A & C) | (B & ~C)) + X10 + 0x02441453; + D = A + (D << 9 | D >>> -9); + C += ((D & B) | (A & ~B)) + X15 + 0xD8A1E681; + C = D + (C << 14 | C >>> -14); + B += ((C & A) | (D & ~A)) + X4 + 0xE7D3FBC8; + B = C + (B << 20 | B >>> -20); + + A += ((B & D) | (C & ~D)) + X9 + 0x21E1CDE6; + A = B + (A << 5 | A >>> -5); + D += ((A & C) | (B & ~C)) + X14 + 0xC33707D6; + D = A + (D << 9 | D >>> -9); + C += ((D & B) | (A & ~B)) + X3 + 0xF4D50D87; + C = D + (C << 14 | C >>> -14); + B += ((C & A) | (D & ~A)) + X8 + 0x455A14ED; + B = C + (B << 20 | B >>> -20); + + A += ((B & D) | (C & ~D)) + X13 + 0xA9E3E905; + A = B + (A << 5 | A >>> -5); + D += ((A & C) | (B & ~C)) + X2 + 0xFCEFA3F8; + D = A + (D << 9 | D >>> -9); + C += ((D & B) | (A & ~B)) + X7 + 0x676F02D9; + C = D + (C << 14 | C >>> -14); + B += ((C & A) | (D & ~A)) + X12 + 0x8D2A4C8A; + B = C + (B << 20 | B >>> -20); + + // round 3 + A += (B ^ C ^ D) + X5 + 0xFFFA3942; + A = B + (A << 4 | A >>> -4); + D += (A ^ B ^ C) + X8 + 0x8771F681; + D = A + (D << 11 | D >>> -11); + C += (D ^ A ^ B) + X11 + 0x6D9D6122; + C = D + (C << 16 | C >>> -16); + B += (C ^ D ^ A) + X14 + 0xFDE5380C; + B = C + (B << 23 | B >>> -23); + + A += (B ^ C ^ D) + X1 + 0xA4BEEA44; + A = B + (A << 4 | A >>> -4); + D += (A ^ B ^ C) + X4 + 0x4BDECFA9; + D = A + (D << 11 | D >>> -11); + C += (D ^ A ^ B) + X7 + 0xF6BB4B60; + C = D + (C << 16 | C >>> -16); + B += (C ^ D ^ A) + X10 + 0xBEBFBC70; + B = C + (B << 23 | B >>> -23); + + A += (B ^ C ^ D) + X13 + 0x289B7EC6; + A = B + (A << 4 | A >>> -4); + D += (A ^ B ^ C) + X0 + 0xEAA127FA; + D = A + (D << 11 | D >>> -11); + C += (D ^ A ^ B) + X3 + 0xD4EF3085; + C = D + (C << 16 | C >>> -16); + B += (C ^ D ^ A) + X6 + 0x04881D05; + B = C + (B << 23 | B >>> -23); + + A += (B ^ C ^ D) + X9 + 0xD9D4D039; + A = B + (A << 4 | A >>> -4); + D += (A ^ B ^ C) + X12 + 0xE6DB99E5; + D = A + (D << 11 | D >>> -11); + C += (D ^ A ^ B) + X15 + 0x1FA27CF8; + C = D + (C << 16 | C >>> -16); + B += (C ^ D ^ A) + X2 + 0xC4AC5665; + B = C + (B << 23 | B >>> -23); + + // round 4 + A += (C ^ (B | ~D)) + X0 + 0xF4292244; + A = B + (A << 6 | A >>> -6); + D += (B ^ (A | ~C)) + X7 + 0x432AFF97; + D = A + (D << 10 | D >>> -10); + C += (A ^ (D | ~B)) + X14 + 0xAB9423A7; + C = D + (C << 15 | C >>> -15); + B += (D ^ (C | ~A)) + X5 + 0xFC93A039; + B = C + (B << 21 | B >>> -21); + + A += (C ^ (B | ~D)) + X12 + 0x655B59C3; + A = B + (A << 6 | A >>> -6); + D += (B ^ (A | ~C)) + X3 + 0x8F0CCC92; + D = A + (D << 10 | D >>> -10); + C += (A ^ (D | ~B)) + X10 + 0xFFEFF47D; + C = D + (C << 15 | C >>> -15); + B += (D ^ (C | ~A)) + X1 + 0x85845dd1; + B = C + (B << 21 | B >>> -21); + + A += (C ^ (B | ~D)) + X8 + 0x6FA87E4F; + A = B + (A << 6 | A >>> -6); + D += (B ^ (A | ~C)) + X15 + 0xFE2CE6E0; + D = A + (D << 10 | D >>> -10); + C += (A ^ (D | ~B)) + X6 + 0xA3014314; + C = D + (C << 15 | C >>> -15); + B += (D ^ (C | ~A)) + X13 + 0x4E0811A1; + B = C + (B << 21 | B >>> -21); + + A += (C ^ (B | ~D)) + X4 + 0xF7537E82; + A = B + (A << 6 | A >>> -6); + D += (B ^ (A | ~C)) + X11 + 0xBD3AF235; + D = A + (D << 10 | D >>> -10); + C += (A ^ (D | ~B)) + X2 + 0x2AD7D2BB; + C = D + (C << 15 | C >>> -15); + B += (D ^ (C | ~A)) + X9 + 0xEB86D391; + B = C + (B << 21 | B >>> -21); + + h0 += A; + h1 += B; + h2 += C; + h3 += D; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] result = new byte[padding + 8]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) bits; + result[padding++] = (byte) (bits >>> 8); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 48); + result[padding] = (byte) (bits >>> 56); + + return result; + } + + protected byte[] getResult() + { + byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8), + (byte) (h0 >>> 16), (byte) (h0 >>> 24), + (byte) h1, (byte) (h1 >>> 8), + (byte) (h1 >>> 16), (byte) (h1 >>> 24), + (byte) h2, (byte) (h2 >>> 8), + (byte) (h2 >>> 16), (byte) (h2 >>> 24), + (byte) h3, (byte) (h3 >>> 8), + (byte) (h3 >>> 16), (byte) (h3 >>> 24) }; + + return result; + } + + protected void resetContext() + { + // magic MD5/RIPEMD128 initialisation constants + h0 = 0x67452301; + h1 = 0xEFCDAB89; + h2 = 0x98BADCFE; + h3 = 0x10325476; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean(DIGEST0.equals(Util.toString(new MD5().digest()))); + } + return valid.booleanValue(); + } +} diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD128.java b/libjava/classpath/gnu/java/security/hash/RipeMD128.java new file mode 100644 index 0000000..83e8f25 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/RipeMD128.java @@ -0,0 +1,291 @@ +/* RipeMD128.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

RIPEMD-128 is a 128-bit message digest.

+ * + *

References:

+ * + *
    + *
  1. + * RIPEMD160: A Strengthened Version of RIPEMD.
    + * Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
    2. + *
+ */ +public class RipeMD128 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + private static final String DIGEST0 = "CDF26213A150DC3ECB610F18F6B38B46"; + + /** Constants for the transform method. */ + // selection of message word + private static final int[] R = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, + 13, 14, 15, 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, + 9, 5, 2, 14, 11, 8, 3, 10, 14, 4, 9, 15, 8, + 1, 2, 7, 0, 6, 13, 11, 5, 12, 1, 9, 11, 10, + 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 }; + + private static final int[] Rp = { 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, + 10, 3, 12, 6, 11, 3, 7, 0, 13, 5, 10, 14, + 15, 8, 12, 4, 9, 1, 2, 15, 5, 1, 3, 7, 14, + 6, 9, 11, 8, 12, 2, 10, 0, 4, 13, 8, 6, 4, + 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 }; + + // amount for rotate left (rol) + private static final int[] S = { 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, + 6, 7, 9, 8, 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, + 15, 9, 11, 7, 13, 12, 11, 13, 6, 7, 14, 9, + 13, 15, 14, 8, 13, 6, 5, 12, 7, 5, 11, 12, + 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, + 12 }; + + private static final int[] Sp = { 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, + 14, 14, 12, 6, 9, 13, 15, 7, 12, 8, 9, 11, + 7, 7, 12, 7, 6, 15, 13, 11, 9, 7, 15, 11, 8, + 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, 15, + 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, + 15, 8 }; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 128-bit h0, h1, h2, h3 (interim result) */ + private int h0, h1, h2, h3; + + /** 512 bits work buffer = 16 x 32-bit words */ + private int[] X = new int[16]; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public RipeMD128() + { + super(Registry.RIPEMD128_HASH, 16, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private RipeMD128(RipeMD128 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new RipeMD128(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + int A, B, C, D, Ap, Bp, Cp, Dp, T, s, i; + + // encode 64 bytes from input block into an array of 16 unsigned + // integers. + for (i = 0; i < 16; i++) + { + X[i] = (in[offset++] & 0xFF) | (in[offset++] & 0xFF) << 8 + | (in[offset++] & 0xFF) << 16 | in[offset++] << 24; + } + + A = Ap = h0; + B = Bp = h1; + C = Cp = h2; + D = Dp = h3; + + for (i = 0; i < 16; i++) + { // rounds 0...15 + s = S[i]; + T = A + (B ^ C ^ D) + X[i]; + A = D; + D = C; + C = B; + B = T << s | T >>> (32 - s); + + s = Sp[i]; + T = Ap + ((Bp & Dp) | (Cp & ~Dp)) + X[Rp[i]] + 0x50A28BE6; + Ap = Dp; + Dp = Cp; + Cp = Bp; + Bp = T << s | T >>> (32 - s); + } + + for (; i < 32; i++) + { // rounds 16...31 + s = S[i]; + T = A + ((B & C) | (~B & D)) + X[R[i]] + 0x5A827999; + A = D; + D = C; + C = B; + B = T << s | T >>> (32 - s); + + s = Sp[i]; + T = Ap + ((Bp | ~Cp) ^ Dp) + X[Rp[i]] + 0x5C4DD124; + Ap = Dp; + Dp = Cp; + Cp = Bp; + Bp = T << s | T >>> (32 - s); + } + + for (; i < 48; i++) + { // rounds 32...47 + s = S[i]; + T = A + ((B | ~C) ^ D) + X[R[i]] + 0x6ED9EBA1; + A = D; + D = C; + C = B; + B = T << s | T >>> (32 - s); + + s = Sp[i]; + T = Ap + ((Bp & Cp) | (~Bp & Dp)) + X[Rp[i]] + 0x6D703EF3; + Ap = Dp; + Dp = Cp; + Cp = Bp; + Bp = T << s | T >>> (32 - s); + } + + for (; i < 64; i++) + { // rounds 48...63 + s = S[i]; + T = A + ((B & D) | (C & ~D)) + X[R[i]] + 0x8F1BBCDC; + A = D; + D = C; + C = B; + B = T << s | T >>> (32 - s); + + s = Sp[i]; + T = Ap + (Bp ^ Cp ^ Dp) + X[Rp[i]]; + Ap = Dp; + Dp = Cp; + Cp = Bp; + Bp = T << s | T >>> (32 - s); + } + + T = h1 + C + Dp; + h1 = h2 + D + Ap; + h2 = h3 + A + Bp; + h3 = h0 + B + Cp; + h0 = T; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] result = new byte[padding + 8]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) bits; + result[padding++] = (byte) (bits >>> 8); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 48); + result[padding] = (byte) (bits >>> 56); + + return result; + } + + protected byte[] getResult() + { + byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8), + (byte) (h0 >>> 16), (byte) (h0 >>> 24), + (byte) h1, (byte) (h1 >>> 8), + (byte) (h1 >>> 16), (byte) (h1 >>> 24), + (byte) h2, (byte) (h2 >>> 8), + (byte) (h2 >>> 16), (byte) (h2 >>> 24), + (byte) h3, (byte) (h3 >>> 8), + (byte) (h3 >>> 16), (byte) (h3 >>> 24) }; + + return result; + } + + protected void resetContext() + { + // magic RIPEMD128 initialisation constants + h0 = 0x67452301; + h1 = 0xEFCDAB89; + h2 = 0x98BADCFE; + h3 = 0x10325476; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean + (DIGEST0.equals(Util.toString(new RipeMD128().digest()))); + } + return valid.booleanValue(); + } +} diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD160.java b/libjava/classpath/gnu/java/security/hash/RipeMD160.java new file mode 100644 index 0000000..73ecc516 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/RipeMD160.java @@ -0,0 +1,328 @@ +/* RipeMD160.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

RIPEMD-160 is a 160-bit message digest.

+ * + *

References:

+ * + *
    + *
  1. + * RIPEMD160: A Strengthened Version of RIPEMD.
    + * Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
    2. + *
+ */ +public class RipeMD160 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + private static final String DIGEST0 = "9C1185A5C5E9FC54612808977EE8F548B2258D31"; + + // selection of message word + private static final int[] R = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, + 13, 14, 15, 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, + 9, 5, 2, 14, 11, 8, 3, 10, 14, 4, 9, 15, 8, + 1, 2, 7, 0, 6, 13, 11, 5, 12, 1, 9, 11, 10, + 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2, 4, 0, + 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, + 13 }; + + private static final int[] Rp = { 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, + 10, 3, 12, 6, 11, 3, 7, 0, 13, 5, 10, 14, + 15, 8, 12, 4, 9, 1, 2, 15, 5, 1, 3, 7, 14, + 6, 9, 11, 8, 12, 2, 10, 0, 4, 13, 8, 6, 4, + 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14, + 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, + 3, 9, 11 }; + + // amount for rotate left (rol) + private static final int[] S = { 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, + 6, 7, 9, 8, 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, + 15, 9, 11, 7, 13, 12, 11, 13, 6, 7, 14, 9, + 13, 15, 14, 8, 13, 6, 5, 12, 7, 5, 11, 12, + 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, + 12, 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, + 14, 11, 8, 5, 6 }; + + private static final int[] Sp = { 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, + 14, 14, 12, 6, 9, 13, 15, 7, 12, 8, 9, 11, + 7, 7, 12, 7, 6, 15, 13, 11, 9, 7, 15, 11, 8, + 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5, 15, + 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, + 15, 8, 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, + 5, 15, 13, 11, 11 }; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 160-bit h0, h1, h2, h3, h4 (interim result) */ + private int h0, h1, h2, h3, h4; + + /** 512 bits work buffer = 16 x 32-bit words */ + private int[] X = new int[16]; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public RipeMD160() + { + super(Registry.RIPEMD160_HASH, 20, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private RipeMD160(RipeMD160 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return (new RipeMD160(this)); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + int A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, T, s, i; + + // encode 64 bytes from input block into an array of 16 unsigned integers + for (i = 0; i < 16; i++) + { + X[i] = (in[offset++] & 0xFF) | (in[offset++] & 0xFF) << 8 + | (in[offset++] & 0xFF) << 16 | in[offset++] << 24; + } + + A = Ap = h0; + B = Bp = h1; + C = Cp = h2; + D = Dp = h3; + E = Ep = h4; + + for (i = 0; i < 16; i++) + { // rounds 0...15 + s = S[i]; + T = A + (B ^ C ^ D) + X[i]; + A = E; + E = D; + D = C << 10 | C >>> 22; + C = B; + B = (T << s | T >>> (32 - s)) + A; + + s = Sp[i]; + T = Ap + (Bp ^ (Cp | ~Dp)) + X[Rp[i]] + 0x50A28BE6; + Ap = Ep; + Ep = Dp; + Dp = Cp << 10 | Cp >>> 22; + Cp = Bp; + Bp = (T << s | T >>> (32 - s)) + Ap; + } + + for (; i < 32; i++) + { // rounds 16...31 + s = S[i]; + T = A + ((B & C) | (~B & D)) + X[R[i]] + 0x5A827999; + A = E; + E = D; + D = C << 10 | C >>> 22; + C = B; + B = (T << s | T >>> (32 - s)) + A; + + s = Sp[i]; + T = Ap + ((Bp & Dp) | (Cp & ~Dp)) + X[Rp[i]] + 0x5C4DD124; + Ap = Ep; + Ep = Dp; + Dp = Cp << 10 | Cp >>> 22; + Cp = Bp; + Bp = (T << s | T >>> (32 - s)) + Ap; + } + + for (; i < 48; i++) + { // rounds 32...47 + s = S[i]; + T = A + ((B | ~C) ^ D) + X[R[i]] + 0x6ED9EBA1; + A = E; + E = D; + D = C << 10 | C >>> 22; + C = B; + B = (T << s | T >>> (32 - s)) + A; + + s = Sp[i]; + T = Ap + ((Bp | ~Cp) ^ Dp) + X[Rp[i]] + 0x6D703EF3; + Ap = Ep; + Ep = Dp; + Dp = Cp << 10 | Cp >>> 22; + Cp = Bp; + Bp = (T << s | T >>> (32 - s)) + Ap; + } + + for (; i < 64; i++) + { // rounds 48...63 + s = S[i]; + T = A + ((B & D) | (C & ~D)) + X[R[i]] + 0x8F1BBCDC; + A = E; + E = D; + D = C << 10 | C >>> 22; + C = B; + B = (T << s | T >>> (32 - s)) + A; + + s = Sp[i]; + T = Ap + ((Bp & Cp) | (~Bp & Dp)) + X[Rp[i]] + 0x7A6D76E9; + Ap = Ep; + Ep = Dp; + Dp = Cp << 10 | Cp >>> 22; + Cp = Bp; + Bp = (T << s | T >>> (32 - s)) + Ap; + } + + for (; i < 80; i++) + { // rounds 64...79 + s = S[i]; + T = A + (B ^ (C | ~D)) + X[R[i]] + 0xA953FD4E; + A = E; + E = D; + D = C << 10 | C >>> 22; + C = B; + B = (T << s | T >>> (32 - s)) + A; + + s = Sp[i]; + T = Ap + (Bp ^ Cp ^ Dp) + X[Rp[i]]; + Ap = Ep; + Ep = Dp; + Dp = Cp << 10 | Cp >>> 22; + Cp = Bp; + Bp = (T << s | T >>> (32 - s)) + Ap; + } + + T = h1 + C + Dp; + h1 = h2 + D + Ep; + h2 = h3 + E + Ap; + h3 = h4 + A + Bp; + h4 = h0 + B + Cp; + h0 = T; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] result = new byte[padding + 8]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) bits; + result[padding++] = (byte) (bits >>> 8); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 48); + result[padding] = (byte) (bits >>> 56); + + return result; + } + + protected byte[] getResult() + { + byte[] result = new byte[] { (byte) h0, (byte) (h0 >>> 8), + (byte) (h0 >>> 16), (byte) (h0 >>> 24), + (byte) h1, (byte) (h1 >>> 8), + (byte) (h1 >>> 16), (byte) (h1 >>> 24), + (byte) h2, (byte) (h2 >>> 8), + (byte) (h2 >>> 16), (byte) (h2 >>> 24), + (byte) h3, (byte) (h3 >>> 8), + (byte) (h3 >>> 16), (byte) (h3 >>> 24), + (byte) h4, (byte) (h4 >>> 8), + (byte) (h4 >>> 16), (byte) (h4 >>> 24) }; + + return result; + } + + protected void resetContext() + { + // magic RIPEMD160 initialisation constants + h0 = 0x67452301; + h1 = 0xEFCDAB89; + h2 = 0x98BADCFE; + h3 = 0x10325476; + h4 = 0xC3D2E1F0; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean + (DIGEST0.equals(Util.toString(new RipeMD160().digest()))); + } + return valid.booleanValue(); + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Sha160.java b/libjava/classpath/gnu/java/security/hash/Sha160.java new file mode 100644 index 0000000..bf5f456 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Sha160.java @@ -0,0 +1,308 @@ +/* Sha160.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

The Secure Hash Algorithm (SHA-1) is required for use with the Digital + * Signature Algorithm (DSA) as specified in the Digital Signature Standard + * (DSS) and whenever a secure hash algorithm is required for federal + * applications. For a message of length less than 2^64 bits, the SHA-1 + * produces a 160-bit condensed representation of the message called a message + * digest. The message digest is used during generation of a signature for the + * message. The SHA-1 is also used to compute a message digest for the received + * version of the message during the process of verifying the signature. Any + * change to the message in transit will, with very high probability, result in + * a different message digest, and the signature will fail to verify.

+ * + *

The SHA-1 is designed to have the following properties: it is + * computationally infeasible to find a message which corresponds to a given + * message digest, or to find two different messages which produce the same + * message digest.

+ * + *

References:

+ * + *
    + *
  1. SECURE HASH + * STANDARD
    + * Federal Information, Processing Standards Publication 180-1, 1995 April 17. + *
    2. + *
+ */ +public class Sha160 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + private static final String DIGEST0 = "A9993E364706816ABA3E25717850C26C9CD0D89D"; + + private static final int[] w = new int[80]; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 160-bit interim result. */ + private int h0, h1, h2, h3, h4; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public Sha160() + { + super(Registry.SHA160_HASH, 20, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Sha160(Sha160 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4, + byte[] in, int offset) + { + // int[] w = new int[80]; + // int i, T; + // for (i = 0; i < 16; i++) { + // w[i] = in[offset++] << 24 | + // (in[offset++] & 0xFF) << 16 | + // (in[offset++] & 0xFF) << 8 | + // (in[offset++] & 0xFF); + // } + // for (i = 16; i < 80; i++) { + // T = w[i-3] ^ w[i-8] ^ w[i-14] ^ w[i-16]; + // w[i] = T << 1 | T >>> 31; + // } + + // return sha(hh0, hh1, hh2, hh3, hh4, in, offset, w); + return sha(hh0, hh1, hh2, hh3, hh4, in, offset); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new Sha160(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + // int i, T; + // for (i = 0; i < 16; i++) { + // W[i] = in[offset++] << 24 | + // (in[offset++] & 0xFF) << 16 | + // (in[offset++] & 0xFF) << 8 | + // (in[offset++] & 0xFF); + // } + // for (i = 16; i < 80; i++) { + // T = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16]; + // W[i] = T << 1 | T >>> 31; + // } + + // int[] result = sha(h0, h1, h2, h3, h4, in, offset, W); + int[] result = sha(h0, h1, h2, h3, h4, in, offset); + + h0 = result[0]; + h1 = result[1]; + h2 = result[2]; + h3 = result[3]; + h4 = result[4]; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] result = new byte[padding + 8]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) (bits >>> 56); + result[padding++] = (byte) (bits >>> 48); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 8); + result[padding] = (byte) bits; + + return result; + } + + protected byte[] getResult() + { + byte[] result = new byte[] { (byte) (h0 >>> 24), (byte) (h0 >>> 16), + (byte) (h0 >>> 8), (byte) h0, + (byte) (h1 >>> 24), (byte) (h1 >>> 16), + (byte) (h1 >>> 8), (byte) h1, + (byte) (h2 >>> 24), (byte) (h2 >>> 16), + (byte) (h2 >>> 8), (byte) h2, + (byte) (h3 >>> 24), (byte) (h3 >>> 16), + (byte) (h3 >>> 8), (byte) h3, + (byte) (h4 >>> 24), (byte) (h4 >>> 16), + (byte) (h4 >>> 8), (byte) h4 }; + + return result; + } + + protected void resetContext() + { + // magic SHA-1/RIPEMD160 initialisation constants + h0 = 0x67452301; + h1 = 0xEFCDAB89; + h2 = 0x98BADCFE; + h3 = 0x10325476; + h4 = 0xC3D2E1F0; + } + + public boolean selfTest() + { + if (valid == null) + { + Sha160 md = new Sha160(); + md.update((byte) 0x61); // a + md.update((byte) 0x62); // b + md.update((byte) 0x63); // c + String result = Util.toString(md.digest()); + valid = new Boolean(DIGEST0.equals(result)); + } + return valid.booleanValue(); + } + + // SHA specific methods ---------------------------------------------------- + + private static final synchronized int[] + // sha(int hh0, int hh1, int hh2, int hh3, int hh4, byte[] in, int offset, int[] w) { + sha(int hh0, int hh1, int hh2, int hh3, int hh4, byte[] in, int offset) + { + int A = hh0; + int B = hh1; + int C = hh2; + int D = hh3; + int E = hh4; + int r, T; + + for (r = 0; r < 16; r++) + { + w[r] = in[offset++] << 24 | (in[offset++] & 0xFF) << 16 + | (in[offset++] & 0xFF) << 8 | (in[offset++] & 0xFF); + } + for (r = 16; r < 80; r++) + { + T = w[r - 3] ^ w[r - 8] ^ w[r - 14] ^ w[r - 16]; + w[r] = T << 1 | T >>> 31; + } + + // rounds 0-19 + for (r = 0; r < 20; r++) + { + T = (A << 5 | A >>> 27) + ((B & C) | (~B & D)) + E + w[r] + 0x5A827999; + E = D; + D = C; + C = B << 30 | B >>> 2; + B = A; + A = T; + } + + // rounds 20-39 + for (r = 20; r < 40; r++) + { + T = (A << 5 | A >>> 27) + (B ^ C ^ D) + E + w[r] + 0x6ED9EBA1; + E = D; + D = C; + C = B << 30 | B >>> 2; + B = A; + A = T; + } + + // rounds 40-59 + for (r = 40; r < 60; r++) + { + T = (A << 5 | A >>> 27) + (B & C | B & D | C & D) + E + w[r] + + 0x8F1BBCDC; + E = D; + D = C; + C = B << 30 | B >>> 2; + B = A; + A = T; + } + + // rounds 60-79 + for (r = 60; r < 80; r++) + { + T = (A << 5 | A >>> 27) + (B ^ C ^ D) + E + w[r] + 0xCA62C1D6; + E = D; + D = C; + C = B << 30 | B >>> 2; + B = A; + A = T; + } + + return new int[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E }; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Sha256.java b/libjava/classpath/gnu/java/security/hash/Sha256.java new file mode 100644 index 0000000..9ef70a1 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Sha256.java @@ -0,0 +1,278 @@ +/* Sha256.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

Implementation of SHA2-1 [SHA-256] per the IETF Draft Specification.

+ * + *

References:

+ *
    + *
  1. + * Descriptions of SHA-256, SHA-384, and SHA-512,
    2. + *
  2. http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf
    3. + *
+ */ +public class Sha256 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + private static final int[] k = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, + 0xe9b5dba5, 0x3956c25b, 0x59f111f1, + 0x923f82a4, 0xab1c5ed5, 0xd807aa98, + 0x12835b01, 0x243185be, 0x550c7dc3, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, + 0xc19bf174, 0xe49b69c1, 0xefbe4786, + 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, + 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, + 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, + 0x06ca6351, 0x14292967, 0x27b70a85, + 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, + 0x650a7354, 0x766a0abb, 0x81c2c92e, + 0x92722c85, 0xa2bfe8a1, 0xa81a664b, + 0xc24b8b70, 0xc76c51a3, 0xd192e819, + 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, + 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, + 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, + 0x78a5636f, 0x84c87814, 0x8cc70208, + 0x90befffa, 0xa4506ceb, 0xbef9a3f7, + 0xc67178f2 }; + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + private static final String DIGEST0 = "BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD"; + + private static final int[] w = new int[64]; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 256-bit interim result. */ + private int h0, h1, h2, h3, h4, h5, h6, h7; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public Sha256() + { + super(Registry.SHA256_HASH, 32, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Sha256(Sha256 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.h5 = md.h5; + this.h6 = md.h6; + this.h7 = md.h7; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4, + int hh5, int hh6, int hh7, byte[] in, int offset) + { + return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new Sha256(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + int[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset); + + h0 = result[0]; + h1 = result[1]; + h2 = result[2]; + h3 = result[3]; + h4 = result[4]; + h5 = result[5]; + h6 = result[6]; + h7 = result[7]; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] result = new byte[padding + 8]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + long bits = count << 3; + result[padding++] = (byte) (bits >>> 56); + result[padding++] = (byte) (bits >>> 48); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 8); + result[padding] = (byte) bits; + + return result; + } + + protected byte[] getResult() + { + return new byte[] { (byte) (h0 >>> 24), (byte) (h0 >>> 16), + (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 24), + (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1, + (byte) (h2 >>> 24), (byte) (h2 >>> 16), + (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 24), + (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3, + (byte) (h4 >>> 24), (byte) (h4 >>> 16), + (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 24), + (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5, + (byte) (h6 >>> 24), (byte) (h6 >>> 16), + (byte) (h6 >>> 8), (byte) h6, (byte) (h7 >>> 24), + (byte) (h7 >>> 16), (byte) (h7 >>> 8), (byte) h7 }; + } + + protected void resetContext() + { + // magic SHA-256 initialisation constants + h0 = 0x6a09e667; + h1 = 0xbb67ae85; + h2 = 0x3c6ef372; + h3 = 0xa54ff53a; + h4 = 0x510e527f; + h5 = 0x9b05688c; + h6 = 0x1f83d9ab; + h7 = 0x5be0cd19; + } + + public boolean selfTest() + { + if (valid == null) + { + Sha256 md = new Sha256(); + md.update((byte) 0x61); // a + md.update((byte) 0x62); // b + md.update((byte) 0x63); // c + String result = Util.toString(md.digest()); + valid = new Boolean(DIGEST0.equals(result)); + } + + return valid.booleanValue(); + } + + // SHA specific methods ---------------------------------------------------- + + private static final synchronized int[] sha(int hh0, int hh1, int hh2, + int hh3, int hh4, int hh5, + int hh6, int hh7, byte[] in, + int offset) + { + int A = hh0; + int B = hh1; + int C = hh2; + int D = hh3; + int E = hh4; + int F = hh5; + int G = hh6; + int H = hh7; + int r, T, T2; + + for (r = 0; r < 16; r++) + { + w[r] = (in[offset++] << 24 | (in[offset++] & 0xFF) << 16 + | (in[offset++] & 0xFF) << 8 | (in[offset++] & 0xFF)); + } + for (r = 16; r < 64; r++) + { + T = w[r - 2]; + T2 = w[r - 15]; + w[r] = ((((T >>> 17) | (T << 15)) ^ ((T >>> 19) | (T << 13)) ^ (T >>> 10)) + + w[r - 7] + + (((T2 >>> 7) | (T2 << 25)) ^ ((T2 >>> 18) | (T2 << 14)) ^ (T2 >>> 3)) + + w[r - 16]); + } + + for (r = 0; r < 64; r++) + { + T = (H + + (((E >>> 6) | (E << 26)) ^ ((E >>> 11) | (E << 21)) ^ ((E >>> 25) | (E << 7))) + + ((E & F) ^ (~E & G)) + k[r] + w[r]); + T2 = ((((A >>> 2) | (A << 30)) ^ ((A >>> 13) | (A << 19)) ^ ((A >>> 22) | (A << 10))) + + ((A & B) ^ (A & C) ^ (B & C))); + H = G; + G = F; + F = E; + E = D + T; + D = C; + C = B; + B = A; + A = T + T2; + } + + return new int[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F, + hh6 + G, hh7 + H }; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Sha384.java b/libjava/classpath/gnu/java/security/hash/Sha384.java new file mode 100644 index 0000000..2f619dc --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Sha384.java @@ -0,0 +1,322 @@ +/* Sha384.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

Implementation of SHA2-2 [SHA-384] per the IETF Draft Specification.

+ * + *

References:

+ *
    + *
  1. + * Descriptions of SHA-256, SHA-384, and SHA-512,
    2. + *
  2. http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf
    3. + *
+ */ +public class Sha384 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final long[] k = { 0x428a2f98d728ae22L, 0x7137449123ef65cdL, + 0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL, + 0x3956c25bf348b538L, 0x59f111f1b605d019L, + 0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L, + 0xd807aa98a3030242L, 0x12835b0145706fbeL, + 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L, + 0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, + 0x9bdc06a725c71235L, 0xc19bf174cf692694L, + 0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L, + 0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L, + 0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L, + 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L, + 0x983e5152ee66dfabL, 0xa831c66d2db43210L, + 0xb00327c898fb213fL, 0xbf597fc7beef0ee4L, + 0xc6e00bf33da88fc2L, 0xd5a79147930aa725L, + 0x06ca6351e003826fL, 0x142929670a0e6e70L, + 0x27b70a8546d22ffcL, 0x2e1b21385c26c926L, + 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL, + 0x650a73548baf63deL, 0x766a0abb3c77b2a8L, + 0x81c2c92e47edaee6L, 0x92722c851482353bL, + 0xa2bfe8a14cf10364L, 0xa81a664bbc423001L, + 0xc24b8b70d0f89791L, 0xc76c51a30654be30L, + 0xd192e819d6ef5218L, 0xd69906245565a910L, + 0xf40e35855771202aL, 0x106aa07032bbd1b8L, + 0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, + 0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L, + 0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL, + 0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L, + 0x748f82ee5defb2fcL, 0x78a5636f43172f60L, + 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL, + 0x90befffa23631e28L, 0xa4506cebde82bde9L, + 0xbef9a3f7b2c67915L, 0xc67178f2e372532bL, + 0xca273eceea26619cL, 0xd186b8c721c0c207L, + 0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L, + 0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L, + 0x113f9804bef90daeL, 0x1b710b35131c471bL, + 0x28db77f523047d84L, 0x32caab7b40c72493L, + 0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL, + 0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL, + 0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L }; + + private static final int BLOCK_SIZE = 128; // inner block size in bytes + + private static final String DIGEST0 = "CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED" + + "8086072BA1E7CC2358BAECA134C825A7"; + + private static final long[] w = new long[80]; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 512-bit interim result. */ + private long h0, h1, h2, h3, h4, h5, h6, h7; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public Sha384() + { + super(Registry.SHA384_HASH, 48, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Sha384(Sha384 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.h5 = md.h5; + this.h6 = md.h6; + this.h7 = md.h7; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final long[] G(long hh0, long hh1, long hh2, long hh3, + long hh4, long hh5, long hh6, long hh7, + byte[] in, int offset) + { + return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new Sha384(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset); + + h0 = result[0]; + h1 = result[1]; + h2 = result[2]; + h3 = result[3]; + h4 = result[4]; + h5 = result[5]; + h6 = result[6]; + h7 = result[7]; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 112) ? (112 - n) : (240 - n); + byte[] result = new byte[padding + 16]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + // TODO: FIX Only ~35 bits of 128 bit counter usable this way + long bits = count << 3; + padding += 8; + result[padding++] = (byte) (bits >>> 56); + result[padding++] = (byte) (bits >>> 48); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 8); + result[padding] = (byte) bits; + + return result; + } + + protected byte[] getResult() + { + return new byte[] { (byte) (h0 >>> 56), (byte) (h0 >>> 48), + (byte) (h0 >>> 40), (byte) (h0 >>> 32), + (byte) (h0 >>> 24), (byte) (h0 >>> 16), + (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 56), + (byte) (h1 >>> 48), (byte) (h1 >>> 40), + (byte) (h1 >>> 32), (byte) (h1 >>> 24), + (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1, + (byte) (h2 >>> 56), (byte) (h2 >>> 48), + (byte) (h2 >>> 40), (byte) (h2 >>> 32), + (byte) (h2 >>> 24), (byte) (h2 >>> 16), + (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 56), + (byte) (h3 >>> 48), (byte) (h3 >>> 40), + (byte) (h3 >>> 32), (byte) (h3 >>> 24), + (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3, + (byte) (h4 >>> 56), (byte) (h4 >>> 48), + (byte) (h4 >>> 40), (byte) (h4 >>> 32), + (byte) (h4 >>> 24), (byte) (h4 >>> 16), + (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 56), + (byte) (h5 >>> 48), (byte) (h5 >>> 40), + (byte) (h5 >>> 32), (byte) (h5 >>> 24), + (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5 + // (byte)(h6 >>> 56), (byte)(h6 >>> 48), (byte)(h6 >>> 40), (byte)(h6 >>> 32), + // (byte)(h6 >>> 24), (byte)(h6 >>> 16), (byte)(h6 >>> 8), (byte) h6, + // (byte)(h7 >>> 56), (byte)(h7 >>> 48), (byte)(h7 >>> 40), (byte)(h7 >>> 32), + // (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>> 8), (byte) h7 + }; + } + + protected void resetContext() + { + // magic SHA-384 initialisation constants + h0 = 0xcbbb9d5dc1059ed8L; + h1 = 0x629a292a367cd507L; + h2 = 0x9159015a3070dd17L; + h3 = 0x152fecd8f70e5939L; + h4 = 0x67332667ffc00b31L; + h5 = 0x8eb44a8768581511L; + h6 = 0xdb0c2e0d64f98fa7L; + h7 = 0x47b5481dbefa4fa4L; + } + + public boolean selfTest() + { + if (valid == null) + { + Sha384 md = new Sha384(); + md.update((byte) 0x61); // a + md.update((byte) 0x62); // b + md.update((byte) 0x63); // c + String result = Util.toString(md.digest()); + valid = new Boolean(DIGEST0.equals(result)); + } + return valid.booleanValue(); + } + + // SHA specific methods ---------------------------------------------------- + + private static final synchronized long[] sha(long hh0, long hh1, long hh2, + long hh3, long hh4, long hh5, + long hh6, long hh7, byte[] in, + int offset) + { + long A = hh0; + long B = hh1; + long C = hh2; + long D = hh3; + long E = hh4; + long F = hh5; + long G = hh6; + long H = hh7; + long T, T2; + int r; + + for (r = 0; r < 16; r++) + { + w[r] = (long) in[offset++] << 56 | ((long) in[offset++] & 0xFF) << 48 + | ((long) in[offset++] & 0xFF) << 40 + | ((long) in[offset++] & 0xFF) << 32 + | ((long) in[offset++] & 0xFF) << 24 + | ((long) in[offset++] & 0xFF) << 16 + | ((long) in[offset++] & 0xFF) << 8 + | ((long) in[offset++] & 0xFF); + } + for (r = 16; r < 80; r++) + { + T = w[r - 2]; + T2 = w[r - 15]; + w[r] = (((T >>> 19) | (T << 45)) ^ ((T >>> 61) | (T << 3)) ^ (T >>> 6)) + + w[r - 7] + + (((T2 >>> 1) | (T2 << 63)) ^ ((T2 >>> 8) | (T2 << 56)) ^ (T2 >>> 7)) + + w[r - 16]; + } + + for (r = 0; r < 80; r++) + { + + T = H + + (((E >>> 14) | (E << 50)) ^ ((E >>> 18) | (E << 46)) ^ ((E >>> 41) | (E << 23))) + + ((E & F) ^ ((~E) & G)) + k[r] + w[r]; + // T IS INCORRECT SOMEHOW + T2 = (((A >>> 28) | (A << 36)) ^ ((A >>> 34) | (A << 30)) ^ ((A >>> 39) | (A << 25))) + + ((A & B) ^ (A & C) ^ (B & C)); + H = G; + G = F; + F = E; + E = D + T; + D = C; + C = B; + B = A; + A = T + T2; + } + + return new long[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F, + hh6 + G, hh7 + H }; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Sha512.java b/libjava/classpath/gnu/java/security/hash/Sha512.java new file mode 100644 index 0000000..798b34d --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Sha512.java @@ -0,0 +1,322 @@ +/* Sha512.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

Implementation of SHA2-3 [SHA-512] per the IETF Draft Specification.

+ * + *

References:

+ *
    + *
  1. + * Descriptions of SHA-256, SHA-384, and SHA-512,
    2. + *
  2. http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf
    3. + *
+ */ +public class Sha512 extends BaseHash +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final long[] k = { 0x428a2f98d728ae22L, 0x7137449123ef65cdL, + 0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL, + 0x3956c25bf348b538L, 0x59f111f1b605d019L, + 0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L, + 0xd807aa98a3030242L, 0x12835b0145706fbeL, + 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L, + 0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, + 0x9bdc06a725c71235L, 0xc19bf174cf692694L, + 0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L, + 0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L, + 0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L, + 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L, + 0x983e5152ee66dfabL, 0xa831c66d2db43210L, + 0xb00327c898fb213fL, 0xbf597fc7beef0ee4L, + 0xc6e00bf33da88fc2L, 0xd5a79147930aa725L, + 0x06ca6351e003826fL, 0x142929670a0e6e70L, + 0x27b70a8546d22ffcL, 0x2e1b21385c26c926L, + 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL, + 0x650a73548baf63deL, 0x766a0abb3c77b2a8L, + 0x81c2c92e47edaee6L, 0x92722c851482353bL, + 0xa2bfe8a14cf10364L, 0xa81a664bbc423001L, + 0xc24b8b70d0f89791L, 0xc76c51a30654be30L, + 0xd192e819d6ef5218L, 0xd69906245565a910L, + 0xf40e35855771202aL, 0x106aa07032bbd1b8L, + 0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, + 0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L, + 0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL, + 0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L, + 0x748f82ee5defb2fcL, 0x78a5636f43172f60L, + 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL, + 0x90befffa23631e28L, 0xa4506cebde82bde9L, + 0xbef9a3f7b2c67915L, 0xc67178f2e372532bL, + 0xca273eceea26619cL, 0xd186b8c721c0c207L, + 0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L, + 0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L, + 0x113f9804bef90daeL, 0x1b710b35131c471bL, + 0x28db77f523047d84L, 0x32caab7b40c72493L, + 0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL, + 0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL, + 0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L }; + + private static final int BLOCK_SIZE = 128; // inner block size in bytes + + private static final String DIGEST0 = "DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A" + + "2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F"; + + private static final long[] w = new long[80]; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** 512-bit interim result. */ + private long h0, h1, h2, h3, h4, h5, h6, h7; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public Sha512() + { + super(Registry.SHA512_HASH, 64, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Sha512(Sha512 md) + { + this(); + + this.h0 = md.h0; + this.h1 = md.h1; + this.h2 = md.h2; + this.h3 = md.h3; + this.h4 = md.h4; + this.h5 = md.h5; + this.h6 = md.h6; + this.h7 = md.h7; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final long[] G(long hh0, long hh1, long hh2, long hh3, + long hh4, long hh5, long hh6, long hh7, + byte[] in, int offset) + { + return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new Sha512(this); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset); + + h0 = result[0]; + h1 = result[1]; + h2 = result[2]; + h3 = result[3]; + h4 = result[4]; + h5 = result[5]; + h6 = result[6]; + h7 = result[7]; + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 112) ? (112 - n) : (240 - n); + byte[] result = new byte[padding + 16]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save number of bits, casting the long to an array of 8 bytes + // TODO: FIX Only ~35 bits of 128 bit counter usable this way + long bits = count << 3; + padding += 8; + result[padding++] = (byte) (bits >>> 56); + result[padding++] = (byte) (bits >>> 48); + result[padding++] = (byte) (bits >>> 40); + result[padding++] = (byte) (bits >>> 32); + result[padding++] = (byte) (bits >>> 24); + result[padding++] = (byte) (bits >>> 16); + result[padding++] = (byte) (bits >>> 8); + result[padding] = (byte) bits; + + return result; + } + + protected byte[] getResult() + { + return new byte[] { (byte) (h0 >>> 56), (byte) (h0 >>> 48), + (byte) (h0 >>> 40), (byte) (h0 >>> 32), + (byte) (h0 >>> 24), (byte) (h0 >>> 16), + (byte) (h0 >>> 8), (byte) h0, (byte) (h1 >>> 56), + (byte) (h1 >>> 48), (byte) (h1 >>> 40), + (byte) (h1 >>> 32), (byte) (h1 >>> 24), + (byte) (h1 >>> 16), (byte) (h1 >>> 8), (byte) h1, + (byte) (h2 >>> 56), (byte) (h2 >>> 48), + (byte) (h2 >>> 40), (byte) (h2 >>> 32), + (byte) (h2 >>> 24), (byte) (h2 >>> 16), + (byte) (h2 >>> 8), (byte) h2, (byte) (h3 >>> 56), + (byte) (h3 >>> 48), (byte) (h3 >>> 40), + (byte) (h3 >>> 32), (byte) (h3 >>> 24), + (byte) (h3 >>> 16), (byte) (h3 >>> 8), (byte) h3, + (byte) (h4 >>> 56), (byte) (h4 >>> 48), + (byte) (h4 >>> 40), (byte) (h4 >>> 32), + (byte) (h4 >>> 24), (byte) (h4 >>> 16), + (byte) (h4 >>> 8), (byte) h4, (byte) (h5 >>> 56), + (byte) (h5 >>> 48), (byte) (h5 >>> 40), + (byte) (h5 >>> 32), (byte) (h5 >>> 24), + (byte) (h5 >>> 16), (byte) (h5 >>> 8), (byte) h5, + (byte) (h6 >>> 56), (byte) (h6 >>> 48), + (byte) (h6 >>> 40), (byte) (h6 >>> 32), + (byte) (h6 >>> 24), (byte) (h6 >>> 16), + (byte) (h6 >>> 8), (byte) h6, (byte) (h7 >>> 56), + (byte) (h7 >>> 48), (byte) (h7 >>> 40), + (byte) (h7 >>> 32), (byte) (h7 >>> 24), + (byte) (h7 >>> 16), (byte) (h7 >>> 8), (byte) h7 }; + } + + protected void resetContext() + { + // magic SHA-512 initialisation constants + h0 = 0x6a09e667f3bcc908L; + h1 = 0xbb67ae8584caa73bL; + h2 = 0x3c6ef372fe94f82bL; + h3 = 0xa54ff53a5f1d36f1L; + h4 = 0x510e527fade682d1L; + h5 = 0x9b05688c2b3e6c1fL; + h6 = 0x1f83d9abfb41bd6bL; + h7 = 0x5be0cd19137e2179L; + } + + public boolean selfTest() + { + if (valid == null) + { + Sha512 md = new Sha512(); + md.update((byte) 0x61); // a + md.update((byte) 0x62); // b + md.update((byte) 0x63); // c + String result = Util.toString(md.digest()); + valid = new Boolean(DIGEST0.equals(result)); + } + return valid.booleanValue(); + } + + // SHA specific methods ---------------------------------------------------- + + private static final synchronized long[] sha(long hh0, long hh1, long hh2, + long hh3, long hh4, long hh5, + long hh6, long hh7, byte[] in, + int offset) + { + long A = hh0; + long B = hh1; + long C = hh2; + long D = hh3; + long E = hh4; + long F = hh5; + long G = hh6; + long H = hh7; + long T, T2; + int r; + + for (r = 0; r < 16; r++) + { + w[r] = (long) in[offset++] << 56 | ((long) in[offset++] & 0xFF) << 48 + | ((long) in[offset++] & 0xFF) << 40 + | ((long) in[offset++] & 0xFF) << 32 + | ((long) in[offset++] & 0xFF) << 24 + | ((long) in[offset++] & 0xFF) << 16 + | ((long) in[offset++] & 0xFF) << 8 + | ((long) in[offset++] & 0xFF); + } + for (r = 16; r < 80; r++) + { + T = w[r - 2]; + T2 = w[r - 15]; + w[r] = (((T >>> 19) | (T << 45)) ^ ((T >>> 61) | (T << 3)) ^ (T >>> 6)) + + w[r - 7] + + (((T2 >>> 1) | (T2 << 63)) ^ ((T2 >>> 8) | (T2 << 56)) ^ (T2 >>> 7)) + + w[r - 16]; + } + + for (r = 0; r < 80; r++) + { + T = H + + (((E >>> 14) | (E << 50)) ^ ((E >>> 18) | (E << 46)) ^ ((E >>> 41) | (E << 23))) + + ((E & F) ^ ((~E) & G)) + k[r] + w[r]; + T2 = (((A >>> 28) | (A << 36)) ^ ((A >>> 34) | (A << 30)) ^ ((A >>> 39) | (A << 25))) + + ((A & B) ^ (A & C) ^ (B & C)); + H = G; + G = F; + F = E; + E = D + T; + D = C; + C = B; + B = A; + A = T + T2; + } + + return new long[] { hh0 + A, hh1 + B, hh2 + C, hh3 + D, hh4 + E, hh5 + F, + hh6 + G, hh7 + H }; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Tiger.java b/libjava/classpath/gnu/java/security/hash/Tiger.java new file mode 100644 index 0000000..f39fed30 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Tiger.java @@ -0,0 +1,943 @@ +/* Tiger.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + * The Tiger message digest. Tiger was designed by Ross Anderson and Eli + * Biham, with the goal of producing a secure, fast hash function that + * performs especially well on next-generation 64-bit architectures, but + * is still efficient on 32- and 16-bit architectures. + * + *

Tiger processes data in 512-bit blocks and produces a 192-bit + * digest.

+ * + *

References:

+ *
    + *
  1. Tiger: A + * Fast New Hash Function, Ross Anderson and Eli Biham.
    2. + *
+ */ +public class Tiger extends BaseHash +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + private static final int HASH_SIZE = 24; + + private static final int BLOCK_SIZE = 64; + + /** Result when no data has been input. */ + private static final String DIGEST0 = "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3"; + + private static final long A = 0x0123456789ABCDEFL; + + private static final long B = 0xFEDCBA9876543210L; + + private static final long C = 0xF096A5B4C3B2E187L; + + /** S-Box T1. */ + private static final long[] T1 = { 0x02AAB17CF7E90C5EL, 0xAC424B03E243A8ECL, + 0x72CD5BE30DD5FCD3L, 0x6D019B93F6F97F3AL, + 0xCD9978FFD21F9193L, 0x7573A1C9708029E2L, + 0xB164326B922A83C3L, 0x46883EEE04915870L, + 0xEAACE3057103ECE6L, 0xC54169B808A3535CL, + 0x4CE754918DDEC47CL, 0x0AA2F4DFDC0DF40CL, + 0x10B76F18A74DBEFAL, 0xC6CCB6235AD1AB6AL, + 0x13726121572FE2FFL, 0x1A488C6F199D921EL, + 0x4BC9F9F4DA0007CAL, 0x26F5E6F6E85241C7L, + 0x859079DBEA5947B6L, 0x4F1885C5C99E8C92L, + 0xD78E761EA96F864BL, 0x8E36428C52B5C17DL, + 0x69CF6827373063C1L, 0xB607C93D9BB4C56EL, + 0x7D820E760E76B5EAL, 0x645C9CC6F07FDC42L, + 0xBF38A078243342E0L, 0x5F6B343C9D2E7D04L, + 0xF2C28AEB600B0EC6L, 0x6C0ED85F7254BCACL, + 0x71592281A4DB4FE5L, 0x1967FA69CE0FED9FL, + 0xFD5293F8B96545DBL, 0xC879E9D7F2A7600BL, + 0x860248920193194EL, 0xA4F9533B2D9CC0B3L, + 0x9053836C15957613L, 0xDB6DCF8AFC357BF1L, + 0x18BEEA7A7A370F57L, 0x037117CA50B99066L, + 0x6AB30A9774424A35L, 0xF4E92F02E325249BL, + 0x7739DB07061CCAE1L, 0xD8F3B49CECA42A05L, + 0xBD56BE3F51382F73L, 0x45FAED5843B0BB28L, + 0x1C813D5C11BF1F83L, 0x8AF0E4B6D75FA169L, + 0x33EE18A487AD9999L, 0x3C26E8EAB1C94410L, + 0xB510102BC0A822F9L, 0x141EEF310CE6123BL, + 0xFC65B90059DDB154L, 0xE0158640C5E0E607L, + 0x884E079826C3A3CFL, 0x930D0D9523C535FDL, + 0x35638D754E9A2B00L, 0x4085FCCF40469DD5L, + 0xC4B17AD28BE23A4CL, 0xCAB2F0FC6A3E6A2EL, + 0x2860971A6B943FCDL, 0x3DDE6EE212E30446L, + 0x6222F32AE01765AEL, 0x5D550BB5478308FEL, + 0xA9EFA98DA0EDA22AL, 0xC351A71686C40DA7L, + 0x1105586D9C867C84L, 0xDCFFEE85FDA22853L, + 0xCCFBD0262C5EEF76L, 0xBAF294CB8990D201L, + 0xE69464F52AFAD975L, 0x94B013AFDF133E14L, + 0x06A7D1A32823C958L, 0x6F95FE5130F61119L, + 0xD92AB34E462C06C0L, 0xED7BDE33887C71D2L, + 0x79746D6E6518393EL, 0x5BA419385D713329L, + 0x7C1BA6B948A97564L, 0x31987C197BFDAC67L, + 0xDE6C23C44B053D02L, 0x581C49FED002D64DL, + 0xDD474D6338261571L, 0xAA4546C3E473D062L, + 0x928FCE349455F860L, 0x48161BBACAAB94D9L, + 0x63912430770E6F68L, 0x6EC8A5E602C6641CL, + 0x87282515337DDD2BL, 0x2CDA6B42034B701BL, + 0xB03D37C181CB096DL, 0xE108438266C71C6FL, + 0x2B3180C7EB51B255L, 0xDF92B82F96C08BBCL, + 0x5C68C8C0A632F3BAL, 0x5504CC861C3D0556L, + 0xABBFA4E55FB26B8FL, 0x41848B0AB3BACEB4L, + 0xB334A273AA445D32L, 0xBCA696F0A85AD881L, + 0x24F6EC65B528D56CL, 0x0CE1512E90F4524AL, + 0x4E9DD79D5506D35AL, 0x258905FAC6CE9779L, + 0x2019295B3E109B33L, 0xF8A9478B73A054CCL, + 0x2924F2F934417EB0L, 0x3993357D536D1BC4L, + 0x38A81AC21DB6FF8BL, 0x47C4FBF17D6016BFL, + 0x1E0FAADD7667E3F5L, 0x7ABCFF62938BEB96L, + 0xA78DAD948FC179C9L, 0x8F1F98B72911E50DL, + 0x61E48EAE27121A91L, 0x4D62F7AD31859808L, + 0xECEBA345EF5CEAEBL, 0xF5CEB25EBC9684CEL, + 0xF633E20CB7F76221L, 0xA32CDF06AB8293E4L, + 0x985A202CA5EE2CA4L, 0xCF0B8447CC8A8FB1L, + 0x9F765244979859A3L, 0xA8D516B1A1240017L, + 0x0BD7BA3EBB5DC726L, 0xE54BCA55B86ADB39L, + 0x1D7A3AFD6C478063L, 0x519EC608E7669EDDL, + 0x0E5715A2D149AA23L, 0x177D4571848FF194L, + 0xEEB55F3241014C22L, 0x0F5E5CA13A6E2EC2L, + 0x8029927B75F5C361L, 0xAD139FABC3D6E436L, + 0x0D5DF1A94CCF402FL, 0x3E8BD948BEA5DFC8L, + 0xA5A0D357BD3FF77EL, 0xA2D12E251F74F645L, + 0x66FD9E525E81A082L, 0x2E0C90CE7F687A49L, + 0xC2E8BCBEBA973BC5L, 0x000001BCE509745FL, + 0x423777BBE6DAB3D6L, 0xD1661C7EAEF06EB5L, + 0xA1781F354DAACFD8L, 0x2D11284A2B16AFFCL, + 0xF1FC4F67FA891D1FL, 0x73ECC25DCB920ADAL, + 0xAE610C22C2A12651L, 0x96E0A810D356B78AL, + 0x5A9A381F2FE7870FL, 0xD5AD62EDE94E5530L, + 0xD225E5E8368D1427L, 0x65977B70C7AF4631L, + 0x99F889B2DE39D74FL, 0x233F30BF54E1D143L, + 0x9A9675D3D9A63C97L, 0x5470554FF334F9A8L, + 0x166ACB744A4F5688L, 0x70C74CAAB2E4AEADL, + 0xF0D091646F294D12L, 0x57B82A89684031D1L, + 0xEFD95A5A61BE0B6BL, 0x2FBD12E969F2F29AL, + 0x9BD37013FEFF9FE8L, 0x3F9B0404D6085A06L, + 0x4940C1F3166CFE15L, 0x09542C4DCDF3DEFBL, + 0xB4C5218385CD5CE3L, 0xC935B7DC4462A641L, + 0x3417F8A68ED3B63FL, 0xB80959295B215B40L, + 0xF99CDAEF3B8C8572L, 0x018C0614F8FCB95DL, + 0x1B14ACCD1A3ACDF3L, 0x84D471F200BB732DL, + 0xC1A3110E95E8DA16L, 0x430A7220BF1A82B8L, + 0xB77E090D39DF210EL, 0x5EF4BD9F3CD05E9DL, + 0x9D4FF6DA7E57A444L, 0xDA1D60E183D4A5F8L, + 0xB287C38417998E47L, 0xFE3EDC121BB31886L, + 0xC7FE3CCC980CCBEFL, 0xE46FB590189BFD03L, + 0x3732FD469A4C57DCL, 0x7EF700A07CF1AD65L, + 0x59C64468A31D8859L, 0x762FB0B4D45B61F6L, + 0x155BAED099047718L, 0x68755E4C3D50BAA6L, + 0xE9214E7F22D8B4DFL, 0x2ADDBF532EAC95F4L, + 0x32AE3909B4BD0109L, 0x834DF537B08E3450L, + 0xFA209DA84220728DL, 0x9E691D9B9EFE23F7L, + 0x0446D288C4AE8D7FL, 0x7B4CC524E169785BL, + 0x21D87F0135CA1385L, 0xCEBB400F137B8AA5L, + 0x272E2B66580796BEL, 0x3612264125C2B0DEL, + 0x057702BDAD1EFBB2L, 0xD4BABB8EACF84BE9L, + 0x91583139641BC67BL, 0x8BDC2DE08036E024L, + 0x603C8156F49F68EDL, 0xF7D236F7DBEF5111L, + 0x9727C4598AD21E80L, 0xA08A0896670A5FD7L, + 0xCB4A8F4309EBA9CBL, 0x81AF564B0F7036A1L, + 0xC0B99AA778199ABDL, 0x959F1EC83FC8E952L, + 0x8C505077794A81B9L, 0x3ACAAF8F056338F0L, + 0x07B43F50627A6778L, 0x4A44AB49F5ECCC77L, + 0x3BC3D6E4B679EE98L, 0x9CC0D4D1CF14108CL, + 0x4406C00B206BC8A0L, 0x82A18854C8D72D89L, + 0x67E366B35C3C432CL, 0xB923DD61102B37F2L, + 0x56AB2779D884271DL, 0xBE83E1B0FF1525AFL, + 0xFB7C65D4217E49A9L, 0x6BDBE0E76D48E7D4L, + 0x08DF828745D9179EL, 0x22EA6A9ADD53BD34L, + 0xE36E141C5622200AL, 0x7F805D1B8CB750EEL, + 0xAFE5C7A59F58E837L, 0xE27F996A4FB1C23CL, + 0xD3867DFB0775F0D0L, 0xD0E673DE6E88891AL, + 0x123AEB9EAFB86C25L, 0x30F1D5D5C145B895L, + 0xBB434A2DEE7269E7L, 0x78CB67ECF931FA38L, + 0xF33B0372323BBF9CL, 0x52D66336FB279C74L, + 0x505F33AC0AFB4EAAL, 0xE8A5CD99A2CCE187L, + 0x534974801E2D30BBL, 0x8D2D5711D5876D90L, + 0x1F1A412891BC038EL, 0xD6E2E71D82E56648L, + 0x74036C3A497732B7L, 0x89B67ED96361F5ABL, + 0xFFED95D8F1EA02A2L, 0xE72B3BD61464D43DL, + 0xA6300F170BDC4820L, 0xEBC18760ED78A77AL }; + + /** S-Box T2. */ + private static final long[] T2 = { 0xE6A6BE5A05A12138L, 0xB5A122A5B4F87C98L, + 0x563C6089140B6990L, 0x4C46CB2E391F5DD5L, + 0xD932ADDBC9B79434L, 0x08EA70E42015AFF5L, + 0xD765A6673E478CF1L, 0xC4FB757EAB278D99L, + 0xDF11C6862D6E0692L, 0xDDEB84F10D7F3B16L, + 0x6F2EF604A665EA04L, 0x4A8E0F0FF0E0DFB3L, + 0xA5EDEEF83DBCBA51L, 0xFC4F0A2A0EA4371EL, + 0xE83E1DA85CB38429L, 0xDC8FF882BA1B1CE2L, + 0xCD45505E8353E80DL, 0x18D19A00D4DB0717L, + 0x34A0CFEDA5F38101L, 0x0BE77E518887CAF2L, + 0x1E341438B3C45136L, 0xE05797F49089CCF9L, + 0xFFD23F9DF2591D14L, 0x543DDA228595C5CDL, + 0x661F81FD99052A33L, 0x8736E641DB0F7B76L, + 0x15227725418E5307L, 0xE25F7F46162EB2FAL, + 0x48A8B2126C13D9FEL, 0xAFDC541792E76EEAL, + 0x03D912BFC6D1898FL, 0x31B1AAFA1B83F51BL, + 0xF1AC2796E42AB7D9L, 0x40A3A7D7FCD2EBACL, + 0x1056136D0AFBBCC5L, 0x7889E1DD9A6D0C85L, + 0xD33525782A7974AAL, 0xA7E25D09078AC09BL, + 0xBD4138B3EAC6EDD0L, 0x920ABFBE71EB9E70L, + 0xA2A5D0F54FC2625CL, 0xC054E36B0B1290A3L, + 0xF6DD59FF62FE932BL, 0x3537354511A8AC7DL, + 0xCA845E9172FADCD4L, 0x84F82B60329D20DCL, + 0x79C62CE1CD672F18L, 0x8B09A2ADD124642CL, + 0xD0C1E96A19D9E726L, 0x5A786A9B4BA9500CL, + 0x0E020336634C43F3L, 0xC17B474AEB66D822L, + 0x6A731AE3EC9BAAC2L, 0x8226667AE0840258L, + 0x67D4567691CAECA5L, 0x1D94155C4875ADB5L, + 0x6D00FD985B813FDFL, 0x51286EFCB774CD06L, + 0x5E8834471FA744AFL, 0xF72CA0AEE761AE2EL, + 0xBE40E4CDAEE8E09AL, 0xE9970BBB5118F665L, + 0x726E4BEB33DF1964L, 0x703B000729199762L, + 0x4631D816F5EF30A7L, 0xB880B5B51504A6BEL, + 0x641793C37ED84B6CL, 0x7B21ED77F6E97D96L, + 0x776306312EF96B73L, 0xAE528948E86FF3F4L, + 0x53DBD7F286A3F8F8L, 0x16CADCE74CFC1063L, + 0x005C19BDFA52C6DDL, 0x68868F5D64D46AD3L, + 0x3A9D512CCF1E186AL, 0x367E62C2385660AEL, + 0xE359E7EA77DCB1D7L, 0x526C0773749ABE6EL, + 0x735AE5F9D09F734BL, 0x493FC7CC8A558BA8L, + 0xB0B9C1533041AB45L, 0x321958BA470A59BDL, + 0x852DB00B5F46C393L, 0x91209B2BD336B0E5L, + 0x6E604F7D659EF19FL, 0xB99A8AE2782CCB24L, + 0xCCF52AB6C814C4C7L, 0x4727D9AFBE11727BL, + 0x7E950D0C0121B34DL, 0x756F435670AD471FL, + 0xF5ADD442615A6849L, 0x4E87E09980B9957AL, + 0x2ACFA1DF50AEE355L, 0xD898263AFD2FD556L, + 0xC8F4924DD80C8FD6L, 0xCF99CA3D754A173AL, + 0xFE477BACAF91BF3CL, 0xED5371F6D690C12DL, + 0x831A5C285E687094L, 0xC5D3C90A3708A0A4L, + 0x0F7F903717D06580L, 0x19F9BB13B8FDF27FL, + 0xB1BD6F1B4D502843L, 0x1C761BA38FFF4012L, + 0x0D1530C4E2E21F3BL, 0x8943CE69A7372C8AL, + 0xE5184E11FEB5CE66L, 0x618BDB80BD736621L, + 0x7D29BAD68B574D0BL, 0x81BB613E25E6FE5BL, + 0x071C9C10BC07913FL, 0xC7BEEB7909AC2D97L, + 0xC3E58D353BC5D757L, 0xEB017892F38F61E8L, + 0xD4EFFB9C9B1CC21AL, 0x99727D26F494F7ABL, + 0xA3E063A2956B3E03L, 0x9D4A8B9A4AA09C30L, + 0x3F6AB7D500090FB4L, 0x9CC0F2A057268AC0L, + 0x3DEE9D2DEDBF42D1L, 0x330F49C87960A972L, + 0xC6B2720287421B41L, 0x0AC59EC07C00369CL, + 0xEF4EAC49CB353425L, 0xF450244EEF0129D8L, + 0x8ACC46E5CAF4DEB6L, 0x2FFEAB63989263F7L, + 0x8F7CB9FE5D7A4578L, 0x5BD8F7644E634635L, + 0x427A7315BF2DC900L, 0x17D0C4AA2125261CL, + 0x3992486C93518E50L, 0xB4CBFEE0A2D7D4C3L, + 0x7C75D6202C5DDD8DL, 0xDBC295D8E35B6C61L, + 0x60B369D302032B19L, 0xCE42685FDCE44132L, + 0x06F3DDB9DDF65610L, 0x8EA4D21DB5E148F0L, + 0x20B0FCE62FCD496FL, 0x2C1B912358B0EE31L, + 0xB28317B818F5A308L, 0xA89C1E189CA6D2CFL, + 0x0C6B18576AAADBC8L, 0xB65DEAA91299FAE3L, + 0xFB2B794B7F1027E7L, 0x04E4317F443B5BEBL, + 0x4B852D325939D0A6L, 0xD5AE6BEEFB207FFCL, + 0x309682B281C7D374L, 0xBAE309A194C3B475L, + 0x8CC3F97B13B49F05L, 0x98A9422FF8293967L, + 0x244B16B01076FF7CL, 0xF8BF571C663D67EEL, + 0x1F0D6758EEE30DA1L, 0xC9B611D97ADEB9B7L, + 0xB7AFD5887B6C57A2L, 0x6290AE846B984FE1L, + 0x94DF4CDEACC1A5FDL, 0x058A5BD1C5483AFFL, + 0x63166CC142BA3C37L, 0x8DB8526EB2F76F40L, + 0xE10880036F0D6D4EL, 0x9E0523C9971D311DL, + 0x45EC2824CC7CD691L, 0x575B8359E62382C9L, + 0xFA9E400DC4889995L, 0xD1823ECB45721568L, + 0xDAFD983B8206082FL, 0xAA7D29082386A8CBL, + 0x269FCD4403B87588L, 0x1B91F5F728BDD1E0L, + 0xE4669F39040201F6L, 0x7A1D7C218CF04ADEL, + 0x65623C29D79CE5CEL, 0x2368449096C00BB1L, + 0xAB9BF1879DA503BAL, 0xBC23ECB1A458058EL, + 0x9A58DF01BB401ECCL, 0xA070E868A85F143DL, + 0x4FF188307DF2239EL, 0x14D565B41A641183L, + 0xEE13337452701602L, 0x950E3DCF3F285E09L, + 0x59930254B9C80953L, 0x3BF299408930DA6DL, + 0xA955943F53691387L, 0xA15EDECAA9CB8784L, + 0x29142127352BE9A0L, 0x76F0371FFF4E7AFBL, + 0x0239F450274F2228L, 0xBB073AF01D5E868BL, + 0xBFC80571C10E96C1L, 0xD267088568222E23L, + 0x9671A3D48E80B5B0L, 0x55B5D38AE193BB81L, + 0x693AE2D0A18B04B8L, 0x5C48B4ECADD5335FL, + 0xFD743B194916A1CAL, 0x2577018134BE98C4L, + 0xE77987E83C54A4ADL, 0x28E11014DA33E1B9L, + 0x270CC59E226AA213L, 0x71495F756D1A5F60L, + 0x9BE853FB60AFEF77L, 0xADC786A7F7443DBFL, + 0x0904456173B29A82L, 0x58BC7A66C232BD5EL, + 0xF306558C673AC8B2L, 0x41F639C6B6C9772AL, + 0x216DEFE99FDA35DAL, 0x11640CC71C7BE615L, + 0x93C43694565C5527L, 0xEA038E6246777839L, + 0xF9ABF3CE5A3E2469L, 0x741E768D0FD312D2L, + 0x0144B883CED652C6L, 0xC20B5A5BA33F8552L, + 0x1AE69633C3435A9DL, 0x97A28CA4088CFDECL, + 0x8824A43C1E96F420L, 0x37612FA66EEEA746L, + 0x6B4CB165F9CF0E5AL, 0x43AA1C06A0ABFB4AL, + 0x7F4DC26FF162796BL, 0x6CBACC8E54ED9B0FL, + 0xA6B7FFEFD2BB253EL, 0x2E25BC95B0A29D4FL, + 0x86D6A58BDEF1388CL, 0xDED74AC576B6F054L, + 0x8030BDBC2B45805DL, 0x3C81AF70E94D9289L, + 0x3EFF6DDA9E3100DBL, 0xB38DC39FDFCC8847L, + 0x123885528D17B87EL, 0xF2DA0ED240B1B642L, + 0x44CEFADCD54BF9A9L, 0x1312200E433C7EE6L, + 0x9FFCC84F3A78C748L, 0xF0CD1F72248576BBL, + 0xEC6974053638CFE4L, 0x2BA7B67C0CEC4E4CL, + 0xAC2F4DF3E5CE32EDL, 0xCB33D14326EA4C11L, + 0xA4E9044CC77E58BCL, 0x5F513293D934FCEFL, + 0x5DC9645506E55444L, 0x50DE418F317DE40AL, + 0x388CB31A69DDE259L, 0x2DB4A83455820A86L, + 0x9010A91E84711AE9L, 0x4DF7F0B7B1498371L, + 0xD62A2EABC0977179L, 0x22FAC097AA8D5C0EL }; + + /** S-Box T3. */ + private static final long[] T3 = { 0xF49FCC2FF1DAF39BL, 0x487FD5C66FF29281L, + 0xE8A30667FCDCA83FL, 0x2C9B4BE3D2FCCE63L, + 0xDA3FF74B93FBBBC2L, 0x2FA165D2FE70BA66L, + 0xA103E279970E93D4L, 0xBECDEC77B0E45E71L, + 0xCFB41E723985E497L, 0xB70AAA025EF75017L, + 0xD42309F03840B8E0L, 0x8EFC1AD035898579L, + 0x96C6920BE2B2ABC5L, 0x66AF4163375A9172L, + 0x2174ABDCCA7127FBL, 0xB33CCEA64A72FF41L, + 0xF04A4933083066A5L, 0x8D970ACDD7289AF5L, + 0x8F96E8E031C8C25EL, 0xF3FEC02276875D47L, + 0xEC7BF310056190DDL, 0xF5ADB0AEBB0F1491L, + 0x9B50F8850FD58892L, 0x4975488358B74DE8L, + 0xA3354FF691531C61L, 0x0702BBE481D2C6EEL, + 0x89FB24057DEDED98L, 0xAC3075138596E902L, + 0x1D2D3580172772EDL, 0xEB738FC28E6BC30DL, + 0x5854EF8F63044326L, 0x9E5C52325ADD3BBEL, + 0x90AA53CF325C4623L, 0xC1D24D51349DD067L, + 0x2051CFEEA69EA624L, 0x13220F0A862E7E4FL, + 0xCE39399404E04864L, 0xD9C42CA47086FCB7L, + 0x685AD2238A03E7CCL, 0x066484B2AB2FF1DBL, + 0xFE9D5D70EFBF79ECL, 0x5B13B9DD9C481854L, + 0x15F0D475ED1509ADL, 0x0BEBCD060EC79851L, + 0xD58C6791183AB7F8L, 0xD1187C5052F3EEE4L, + 0xC95D1192E54E82FFL, 0x86EEA14CB9AC6CA2L, + 0x3485BEB153677D5DL, 0xDD191D781F8C492AL, + 0xF60866BAA784EBF9L, 0x518F643BA2D08C74L, + 0x8852E956E1087C22L, 0xA768CB8DC410AE8DL, + 0x38047726BFEC8E1AL, 0xA67738B4CD3B45AAL, + 0xAD16691CEC0DDE19L, 0xC6D4319380462E07L, + 0xC5A5876D0BA61938L, 0x16B9FA1FA58FD840L, + 0x188AB1173CA74F18L, 0xABDA2F98C99C021FL, + 0x3E0580AB134AE816L, 0x5F3B05B773645ABBL, + 0x2501A2BE5575F2F6L, 0x1B2F74004E7E8BA9L, + 0x1CD7580371E8D953L, 0x7F6ED89562764E30L, + 0xB15926FF596F003DL, 0x9F65293DA8C5D6B9L, + 0x6ECEF04DD690F84CL, 0x4782275FFF33AF88L, + 0xE41433083F820801L, 0xFD0DFE409A1AF9B5L, + 0x4325A3342CDB396BL, 0x8AE77E62B301B252L, + 0xC36F9E9F6655615AL, 0x85455A2D92D32C09L, + 0xF2C7DEA949477485L, 0x63CFB4C133A39EBAL, + 0x83B040CC6EBC5462L, 0x3B9454C8FDB326B0L, + 0x56F56A9E87FFD78CL, 0x2DC2940D99F42BC6L, + 0x98F7DF096B096E2DL, 0x19A6E01E3AD852BFL, + 0x42A99CCBDBD4B40BL, 0xA59998AF45E9C559L, + 0x366295E807D93186L, 0x6B48181BFAA1F773L, + 0x1FEC57E2157A0A1DL, 0x4667446AF6201AD5L, + 0xE615EBCACFB0F075L, 0xB8F31F4F68290778L, + 0x22713ED6CE22D11EL, 0x3057C1A72EC3C93BL, + 0xCB46ACC37C3F1F2FL, 0xDBB893FD02AAF50EL, + 0x331FD92E600B9FCFL, 0xA498F96148EA3AD6L, + 0xA8D8426E8B6A83EAL, 0xA089B274B7735CDCL, + 0x87F6B3731E524A11L, 0x118808E5CBC96749L, + 0x9906E4C7B19BD394L, 0xAFED7F7E9B24A20CL, + 0x6509EADEEB3644A7L, 0x6C1EF1D3E8EF0EDEL, + 0xB9C97D43E9798FB4L, 0xA2F2D784740C28A3L, + 0x7B8496476197566FL, 0x7A5BE3E6B65F069DL, + 0xF96330ED78BE6F10L, 0xEEE60DE77A076A15L, + 0x2B4BEE4AA08B9BD0L, 0x6A56A63EC7B8894EL, + 0x02121359BA34FEF4L, 0x4CBF99F8283703FCL, + 0x398071350CAF30C8L, 0xD0A77A89F017687AL, + 0xF1C1A9EB9E423569L, 0x8C7976282DEE8199L, + 0x5D1737A5DD1F7ABDL, 0x4F53433C09A9FA80L, + 0xFA8B0C53DF7CA1D9L, 0x3FD9DCBC886CCB77L, + 0xC040917CA91B4720L, 0x7DD00142F9D1DCDFL, + 0x8476FC1D4F387B58L, 0x23F8E7C5F3316503L, + 0x032A2244E7E37339L, 0x5C87A5D750F5A74BL, + 0x082B4CC43698992EL, 0xDF917BECB858F63CL, + 0x3270B8FC5BF86DDAL, 0x10AE72BB29B5DD76L, + 0x576AC94E7700362BL, 0x1AD112DAC61EFB8FL, + 0x691BC30EC5FAA427L, 0xFF246311CC327143L, + 0x3142368E30E53206L, 0x71380E31E02CA396L, + 0x958D5C960AAD76F1L, 0xF8D6F430C16DA536L, + 0xC8FFD13F1BE7E1D2L, 0x7578AE66004DDBE1L, + 0x05833F01067BE646L, 0xBB34B5AD3BFE586DL, + 0x095F34C9A12B97F0L, 0x247AB64525D60CA8L, + 0xDCDBC6F3017477D1L, 0x4A2E14D4DECAD24DL, + 0xBDB5E6D9BE0A1EEBL, 0x2A7E70F7794301ABL, + 0xDEF42D8A270540FDL, 0x01078EC0A34C22C1L, + 0xE5DE511AF4C16387L, 0x7EBB3A52BD9A330AL, + 0x77697857AA7D6435L, 0x004E831603AE4C32L, + 0xE7A21020AD78E312L, 0x9D41A70C6AB420F2L, + 0x28E06C18EA1141E6L, 0xD2B28CBD984F6B28L, + 0x26B75F6C446E9D83L, 0xBA47568C4D418D7FL, + 0xD80BADBFE6183D8EL, 0x0E206D7F5F166044L, + 0xE258A43911CBCA3EL, 0x723A1746B21DC0BCL, + 0xC7CAA854F5D7CDD3L, 0x7CAC32883D261D9CL, + 0x7690C26423BA942CL, 0x17E55524478042B8L, + 0xE0BE477656A2389FL, 0x4D289B5E67AB2DA0L, + 0x44862B9C8FBBFD31L, 0xB47CC8049D141365L, + 0x822C1B362B91C793L, 0x4EB14655FB13DFD8L, + 0x1ECBBA0714E2A97BL, 0x6143459D5CDE5F14L, + 0x53A8FBF1D5F0AC89L, 0x97EA04D81C5E5B00L, + 0x622181A8D4FDB3F3L, 0xE9BCD341572A1208L, + 0x1411258643CCE58AL, 0x9144C5FEA4C6E0A4L, + 0x0D33D06565CF620FL, 0x54A48D489F219CA1L, + 0xC43E5EAC6D63C821L, 0xA9728B3A72770DAFL, + 0xD7934E7B20DF87EFL, 0xE35503B61A3E86E5L, + 0xCAE321FBC819D504L, 0x129A50B3AC60BFA6L, + 0xCD5E68EA7E9FB6C3L, 0xB01C90199483B1C7L, + 0x3DE93CD5C295376CL, 0xAED52EDF2AB9AD13L, + 0x2E60F512C0A07884L, 0xBC3D86A3E36210C9L, + 0x35269D9B163951CEL, 0x0C7D6E2AD0CDB5FAL, + 0x59E86297D87F5733L, 0x298EF221898DB0E7L, + 0x55000029D1A5AA7EL, 0x8BC08AE1B5061B45L, + 0xC2C31C2B6C92703AL, 0x94CC596BAF25EF42L, + 0x0A1D73DB22540456L, 0x04B6A0F9D9C4179AL, + 0xEFFDAFA2AE3D3C60L, 0xF7C8075BB49496C4L, + 0x9CC5C7141D1CD4E3L, 0x78BD1638218E5534L, + 0xB2F11568F850246AL, 0xEDFABCFA9502BC29L, + 0x796CE5F2DA23051BL, 0xAAE128B0DC93537CL, + 0x3A493DA0EE4B29AEL, 0xB5DF6B2C416895D7L, + 0xFCABBD25122D7F37L, 0x70810B58105DC4B1L, + 0xE10FDD37F7882A90L, 0x524DCAB5518A3F5CL, + 0x3C9E85878451255BL, 0x4029828119BD34E2L, + 0x74A05B6F5D3CECCBL, 0xB610021542E13ECAL, + 0x0FF979D12F59E2ACL, 0x6037DA27E4F9CC50L, + 0x5E92975A0DF1847DL, 0xD66DE190D3E623FEL, + 0x5032D6B87B568048L, 0x9A36B7CE8235216EL, + 0x80272A7A24F64B4AL, 0x93EFED8B8C6916F7L, + 0x37DDBFF44CCE1555L, 0x4B95DB5D4B99BD25L, + 0x92D3FDA169812FC0L, 0xFB1A4A9A90660BB6L, + 0x730C196946A4B9B2L, 0x81E289AA7F49DA68L, + 0x64669A0F83B1A05FL, 0x27B3FF7D9644F48BL, + 0xCC6B615C8DB675B3L, 0x674F20B9BCEBBE95L, + 0x6F31238275655982L, 0x5AE488713E45CF05L, + 0xBF619F9954C21157L, 0xEABAC46040A8EAE9L, + 0x454C6FE9F2C0C1CDL, 0x419CF6496412691CL, + 0xD3DC3BEF265B0F70L, 0x6D0E60F5C3578A9EL }; + + /** S-Box T4. */ + private static final long[] T4 = { 0x5B0E608526323C55L, 0x1A46C1A9FA1B59F5L, + 0xA9E245A17C4C8FFAL, 0x65CA5159DB2955D7L, + 0x05DB0A76CE35AFC2L, 0x81EAC77EA9113D45L, + 0x528EF88AB6AC0A0DL, 0xA09EA253597BE3FFL, + 0x430DDFB3AC48CD56L, 0xC4B3A67AF45CE46FL, + 0x4ECECFD8FBE2D05EL, 0x3EF56F10B39935F0L, + 0x0B22D6829CD619C6L, 0x17FD460A74DF2069L, + 0x6CF8CC8E8510ED40L, 0xD6C824BF3A6ECAA7L, + 0x61243D581A817049L, 0x048BACB6BBC163A2L, + 0xD9A38AC27D44CC32L, 0x7FDDFF5BAAF410ABL, + 0xAD6D495AA804824BL, 0xE1A6A74F2D8C9F94L, + 0xD4F7851235DEE8E3L, 0xFD4B7F886540D893L, + 0x247C20042AA4BFDAL, 0x096EA1C517D1327CL, + 0xD56966B4361A6685L, 0x277DA5C31221057DL, + 0x94D59893A43ACFF7L, 0x64F0C51CCDC02281L, + 0x3D33BCC4FF6189DBL, 0xE005CB184CE66AF1L, + 0xFF5CCD1D1DB99BEAL, 0xB0B854A7FE42980FL, + 0x7BD46A6A718D4B9FL, 0xD10FA8CC22A5FD8CL, + 0xD31484952BE4BD31L, 0xC7FA975FCB243847L, + 0x4886ED1E5846C407L, 0x28CDDB791EB70B04L, + 0xC2B00BE2F573417FL, 0x5C9590452180F877L, + 0x7A6BDDFFF370EB00L, 0xCE509E38D6D9D6A4L, + 0xEBEB0F00647FA702L, 0x1DCC06CF76606F06L, + 0xE4D9F28BA286FF0AL, 0xD85A305DC918C262L, + 0x475B1D8732225F54L, 0x2D4FB51668CCB5FEL, + 0xA679B9D9D72BBA20L, 0x53841C0D912D43A5L, + 0x3B7EAA48BF12A4E8L, 0x781E0E47F22F1DDFL, + 0xEFF20CE60AB50973L, 0x20D261D19DFFB742L, + 0x16A12B03062A2E39L, 0x1960EB2239650495L, + 0x251C16FED50EB8B8L, 0x9AC0C330F826016EL, + 0xED152665953E7671L, 0x02D63194A6369570L, + 0x5074F08394B1C987L, 0x70BA598C90B25CE1L, + 0x794A15810B9742F6L, 0x0D5925E9FCAF8C6CL, + 0x3067716CD868744EL, 0x910AB077E8D7731BL, + 0x6A61BBDB5AC42F61L, 0x93513EFBF0851567L, + 0xF494724B9E83E9D5L, 0xE887E1985C09648DL, + 0x34B1D3C675370CFDL, 0xDC35E433BC0D255DL, + 0xD0AAB84234131BE0L, 0x08042A50B48B7EAFL, + 0x9997C4EE44A3AB35L, 0x829A7B49201799D0L, + 0x263B8307B7C54441L, 0x752F95F4FD6A6CA6L, + 0x927217402C08C6E5L, 0x2A8AB754A795D9EEL, + 0xA442F7552F72943DL, 0x2C31334E19781208L, + 0x4FA98D7CEAEE6291L, 0x55C3862F665DB309L, + 0xBD0610175D53B1F3L, 0x46FE6CB840413F27L, + 0x3FE03792DF0CFA59L, 0xCFE700372EB85E8FL, + 0xA7BE29E7ADBCE118L, 0xE544EE5CDE8431DDL, + 0x8A781B1B41F1873EL, 0xA5C94C78A0D2F0E7L, + 0x39412E2877B60728L, 0xA1265EF3AFC9A62CL, + 0xBCC2770C6A2506C5L, 0x3AB66DD5DCE1CE12L, + 0xE65499D04A675B37L, 0x7D8F523481BFD216L, + 0x0F6F64FCEC15F389L, 0x74EFBE618B5B13C8L, + 0xACDC82B714273E1DL, 0xDD40BFE003199D17L, + 0x37E99257E7E061F8L, 0xFA52626904775AAAL, + 0x8BBBF63A463D56F9L, 0xF0013F1543A26E64L, + 0xA8307E9F879EC898L, 0xCC4C27A4150177CCL, + 0x1B432F2CCA1D3348L, 0xDE1D1F8F9F6FA013L, + 0x606602A047A7DDD6L, 0xD237AB64CC1CB2C7L, + 0x9B938E7225FCD1D3L, 0xEC4E03708E0FF476L, + 0xFEB2FBDA3D03C12DL, 0xAE0BCED2EE43889AL, + 0x22CB8923EBFB4F43L, 0x69360D013CF7396DL, + 0x855E3602D2D4E022L, 0x073805BAD01F784CL, + 0x33E17A133852F546L, 0xDF4874058AC7B638L, + 0xBA92B29C678AA14AL, 0x0CE89FC76CFAADCDL, + 0x5F9D4E0908339E34L, 0xF1AFE9291F5923B9L, + 0x6E3480F60F4A265FL, 0xEEBF3A2AB29B841CL, + 0xE21938A88F91B4ADL, 0x57DFEFF845C6D3C3L, + 0x2F006B0BF62CAAF2L, 0x62F479EF6F75EE78L, + 0x11A55AD41C8916A9L, 0xF229D29084FED453L, + 0x42F1C27B16B000E6L, 0x2B1F76749823C074L, + 0x4B76ECA3C2745360L, 0x8C98F463B91691BDL, + 0x14BCC93CF1ADE66AL, 0x8885213E6D458397L, + 0x8E177DF0274D4711L, 0xB49B73B5503F2951L, + 0x10168168C3F96B6BL, 0x0E3D963B63CAB0AEL, + 0x8DFC4B5655A1DB14L, 0xF789F1356E14DE5CL, + 0x683E68AF4E51DAC1L, 0xC9A84F9D8D4B0FD9L, + 0x3691E03F52A0F9D1L, 0x5ED86E46E1878E80L, + 0x3C711A0E99D07150L, 0x5A0865B20C4E9310L, + 0x56FBFC1FE4F0682EL, 0xEA8D5DE3105EDF9BL, + 0x71ABFDB12379187AL, 0x2EB99DE1BEE77B9CL, + 0x21ECC0EA33CF4523L, 0x59A4D7521805C7A1L, + 0x3896F5EB56AE7C72L, 0xAA638F3DB18F75DCL, + 0x9F39358DABE9808EL, 0xB7DEFA91C00B72ACL, + 0x6B5541FD62492D92L, 0x6DC6DEE8F92E4D5BL, + 0x353F57ABC4BEEA7EL, 0x735769D6DA5690CEL, + 0x0A234AA642391484L, 0xF6F9508028F80D9DL, + 0xB8E319A27AB3F215L, 0x31AD9C1151341A4DL, + 0x773C22A57BEF5805L, 0x45C7561A07968633L, + 0xF913DA9E249DBE36L, 0xDA652D9B78A64C68L, + 0x4C27A97F3BC334EFL, 0x76621220E66B17F4L, + 0x967743899ACD7D0BL, 0xF3EE5BCAE0ED6782L, + 0x409F753600C879FCL, 0x06D09A39B5926DB6L, + 0x6F83AEB0317AC588L, 0x01E6CA4A86381F21L, + 0x66FF3462D19F3025L, 0x72207C24DDFD3BFBL, + 0x4AF6B6D3E2ECE2EBL, 0x9C994DBEC7EA08DEL, + 0x49ACE597B09A8BC4L, 0xB38C4766CF0797BAL, + 0x131B9373C57C2A75L, 0xB1822CCE61931E58L, + 0x9D7555B909BA1C0CL, 0x127FAFDD937D11D2L, + 0x29DA3BADC66D92E4L, 0xA2C1D57154C2ECBCL, + 0x58C5134D82F6FE24L, 0x1C3AE3515B62274FL, + 0xE907C82E01CB8126L, 0xF8ED091913E37FCBL, + 0x3249D8F9C80046C9L, 0x80CF9BEDE388FB63L, + 0x1881539A116CF19EL, 0x5103F3F76BD52457L, + 0x15B7E6F5AE47F7A8L, 0xDBD7C6DED47E9CCFL, + 0x44E55C410228BB1AL, 0xB647D4255EDB4E99L, + 0x5D11882BB8AAFC30L, 0xF5098BBB29D3212AL, + 0x8FB5EA14E90296B3L, 0x677B942157DD025AL, + 0xFB58E7C0A390ACB5L, 0x89D3674C83BD4A01L, + 0x9E2DA4DF4BF3B93BL, 0xFCC41E328CAB4829L, + 0x03F38C96BA582C52L, 0xCAD1BDBD7FD85DB2L, + 0xBBB442C16082AE83L, 0xB95FE86BA5DA9AB0L, + 0xB22E04673771A93FL, 0x845358C9493152D8L, + 0xBE2A488697B4541EL, 0x95A2DC2DD38E6966L, + 0xC02C11AC923C852BL, 0x2388B1990DF2A87BL, + 0x7C8008FA1B4F37BEL, 0x1F70D0C84D54E503L, + 0x5490ADEC7ECE57D4L, 0x002B3C27D9063A3AL, + 0x7EAEA3848030A2BFL, 0xC602326DED2003C0L, + 0x83A7287D69A94086L, 0xC57A5FCB30F57A8AL, + 0xB56844E479EBE779L, 0xA373B40F05DCBCE9L, + 0xD71A786E88570EE2L, 0x879CBACDBDE8F6A0L, + 0x976AD1BCC164A32FL, 0xAB21E25E9666D78BL, + 0x901063AAE5E5C33CL, 0x9818B34448698D90L, + 0xE36487AE3E1E8ABBL, 0xAFBDF931893BDCB4L, + 0x6345A0DC5FBBD519L, 0x8628FE269B9465CAL, + 0x1E5D01603F9C51ECL, 0x4DE44006A15049B7L, + 0xBF6C70E5F776CBB1L, 0x411218F2EF552BEDL, + 0xCB0C0708705A36A3L, 0xE74D14754F986044L, + 0xCD56D9430EA8280EL, 0xC12591D7535F5065L, + 0xC83223F1720AEF96L, 0xC3A0396F7363A51FL }; + + // The cached self-test result. + private static Boolean valid; + + // The context. + private long a, b, c; + + // Constructors. + // ----------------------------------------------------------------------- + + /** + * Trivial 0-arguments constructor. + */ + public Tiger() + { + super(Registry.TIGER_HASH, HASH_SIZE, BLOCK_SIZE); + } + + /** + * Private copying constructor for cloning. + * + * @param that The instance being cloned. + */ + private Tiger(Tiger that) + { + this(); + this.a = that.a; + this.b = that.b; + this.c = that.c; + this.count = that.count; + this.buffer = (that.buffer != null) ? (byte[]) that.buffer.clone() : null; + } + + // Instance methods implementing BaseHash. + // ----------------------------------------------------------------------- + + public Object clone() + { + return new Tiger(this); + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean(DIGEST0.equals(Util.toString(new Tiger().digest()))); + } + return valid.booleanValue(); + } + + protected byte[] padBuffer() + { + int n = (int) (count % BLOCK_SIZE); + int padding = (n < 56) ? (56 - n) : (120 - n); + byte[] pad = new byte[padding + 8]; + + pad[0] = 1; + long bits = count << 3; + + pad[padding++] = (byte) bits; + pad[padding++] = (byte) (bits >>> 8); + pad[padding++] = (byte) (bits >>> 16); + pad[padding++] = (byte) (bits >>> 24); + pad[padding++] = (byte) (bits >>> 32); + pad[padding++] = (byte) (bits >>> 40); + pad[padding++] = (byte) (bits >>> 48); + pad[padding] = (byte) (bits >>> 56); + + return pad; + } + + protected byte[] getResult() + { + return new byte[] { (byte) a, (byte) (a >>> 8), (byte) (a >>> 16), + (byte) (a >>> 24), (byte) (a >>> 32), (byte) (a >>> 40), + (byte) (a >>> 48), (byte) (a >>> 56), (byte) b, + (byte) (b >>> 8), (byte) (b >>> 16), (byte) (b >>> 24), + (byte) (b >>> 32), (byte) (b >>> 40), (byte) (b >>> 48), + (byte) (b >>> 56), (byte) c, (byte) (c >>> 8), + (byte) (c >>> 16), (byte) (c >>> 24), (byte) (c >>> 32), + (byte) (c >>> 40), (byte) (c >>> 48), (byte) (c >>> 56) }; + } + + protected void resetContext() + { + a = A; + b = B; + c = C; + } + + protected void transform(byte[] in, int offset) + { + long x0, x1, x2, x3, x4, x5, x6, x7; + + x0 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x1 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x2 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x3 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x4 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x5 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x6 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset++] & 0xFF) << 56); + x7 = ((long) in[offset++] & 0xFF) | ((long) (in[offset++] & 0xFF) << 8) + | ((long) (in[offset++] & 0xFF) << 16) + | ((long) (in[offset++] & 0xFF) << 24) + | ((long) (in[offset++] & 0xFF) << 32) + | ((long) (in[offset++] & 0xFF) << 40) + | ((long) (in[offset++] & 0xFF) << 48) + | ((long) (in[offset] & 0xFF) << 56); + + // save_abc ::= + long aa = a, bb = b, cc = c; + + // pass(aa, bb, cc, 5) ::= + cc ^= x0; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 5; + aa ^= x1; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 5; + bb ^= x2; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 5; + cc ^= x3; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 5; + aa ^= x4; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 5; + bb ^= x5; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 5; + cc ^= x6; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 5; + aa ^= x7; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 5; + + // key_schedule ::= + x0 -= x7 ^ 0xA5A5A5A5A5A5A5A5L; + x1 ^= x0; + x2 += x1; + x3 -= x2 ^ ((~x1) << 19); + x4 ^= x3; + x5 += x4; + x6 -= x5 ^ ((~x4) >>> 23); + x7 ^= x6; + x0 += x7; + x1 -= x0 ^ ((~x7) << 19); + x2 ^= x1; + x3 += x2; + x4 -= x3 ^ ((~x2) >>> 23); + x5 ^= x4; + x6 += x5; + x7 -= x6 ^ 0x0123456789ABCDEFL; + + // pass(cc, aa, bb, 7) ::= + bb ^= x0; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 7; + cc ^= x1; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 7; + aa ^= x2; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 7; + bb ^= x3; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 7; + cc ^= x4; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 7; + aa ^= x5; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 7; + bb ^= x6; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 7; + cc ^= x7; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 7; + + // key_schedule ::= + x0 -= x7 ^ 0xA5A5A5A5A5A5A5A5L; + x1 ^= x0; + x2 += x1; + x3 -= x2 ^ ((~x1) << 19); + x4 ^= x3; + x5 += x4; + x6 -= x5 ^ ((~x4) >>> 23); + x7 ^= x6; + x0 += x7; + x1 -= x0 ^ ((~x7) << 19); + x2 ^= x1; + x3 += x2; + x4 -= x3 ^ ((~x2) >>> 23); + x5 ^= x4; + x6 += x5; + x7 -= x6 ^ 0x0123456789ABCDEFL; + + // pass(bb,cc,aa,9) ::= + aa ^= x0; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 9; + bb ^= x1; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 9; + cc ^= x2; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 9; + aa ^= x3; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 9; + bb ^= x4; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 9; + cc ^= x5; + aa -= T1[(int) cc & 0xff] ^ T2[(int) (cc >> 16) & 0xff] + ^ T3[(int) (cc >> 32) & 0xff] ^ T4[(int) (cc >> 48) & 0xff]; + bb += T4[(int) (cc >> 8) & 0xff] ^ T3[(int) (cc >> 24) & 0xff] + ^ T2[(int) (cc >> 40) & 0xff] ^ T1[(int) (cc >> 56) & 0xff]; + bb *= 9; + aa ^= x6; + bb -= T1[(int) aa & 0xff] ^ T2[(int) (aa >> 16) & 0xff] + ^ T3[(int) (aa >> 32) & 0xff] ^ T4[(int) (aa >> 48) & 0xff]; + cc += T4[(int) (aa >> 8) & 0xff] ^ T3[(int) (aa >> 24) & 0xff] + ^ T2[(int) (aa >> 40) & 0xff] ^ T1[(int) (aa >> 56) & 0xff]; + cc *= 9; + bb ^= x7; + cc -= T1[(int) bb & 0xff] ^ T2[(int) (bb >> 16) & 0xff] + ^ T3[(int) (bb >> 32) & 0xff] ^ T4[(int) (bb >> 48) & 0xff]; + aa += T4[(int) (bb >> 8) & 0xff] ^ T3[(int) (bb >> 24) & 0xff] + ^ T2[(int) (bb >> 40) & 0xff] ^ T1[(int) (bb >> 56) & 0xff]; + aa *= 9; + + // feedforward ::= + a ^= aa; + b = bb - b; + c += cc; + } +} diff --git a/libjava/classpath/gnu/java/security/hash/Whirlpool.java b/libjava/classpath/gnu/java/security/hash/Whirlpool.java new file mode 100644 index 0000000..8c5d9f3 --- /dev/null +++ b/libjava/classpath/gnu/java/security/hash/Whirlpool.java @@ -0,0 +1,626 @@ +/* Whirlpool.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.hash; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +/** + *

Whirlpool, a new 512-bit hashing function operating on messages less than + * 2 ** 256 bits in length. The function structure is designed according to the + * Wide Trail strategy and permits a wide variety of implementation trade-offs. + *

+ * + *

IMPORTANT: This implementation is not thread-safe.

+ * + *

References:

+ * + *
    + *
  1. + * The WHIRLPOOL Hashing Function.
    + * Paulo S.L.M. Barreto and + * Vincent Rijmen.
    2. + *
+ */ +public final class Whirlpool extends BaseHash +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final boolean DEBUG = false; + + private static final int debuglevel = 3; + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int BLOCK_SIZE = 64; // inner block size in bytes + + /** The digest of the 0-bit long message. */ + private static final String DIGEST0 = "470F0409ABAA446E49667D4EBE12A14387CEDBD10DD17B8243CAD550A089DC0F" + + "EEA7AA40F6C2AAAB71C6EBD076E43C7CFCA0AD32567897DCB5969861049A0F5A"; + + private static final int R = 10; // default number of rounds + + private static final String Sd = // p. 19 [WHIRLPOOL] + "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152" + + "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57" + + "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85" + + "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8" + + "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333" + + "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0" + + "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE" + + "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d" + + "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF" + + "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A" + + "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c" + + "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04" + + "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB" + + "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9" + + "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1" + + "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886"; + + private static final long[] T0 = new long[256]; + + private static final long[] T1 = new long[256]; + + private static final long[] T2 = new long[256]; + + private static final long[] T3 = new long[256]; + + private static final long[] T4 = new long[256]; + + private static final long[] T5 = new long[256]; + + private static final long[] T6 = new long[256]; + + private static final long[] T7 = new long[256]; + + private static final long[] rc = new long[R]; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + /** The 512-bit context as 8 longs. */ + private long H0, H1, H2, H3, H4, H5, H6, H7; + + /** Work area for computing the round key schedule. */ + private long k00, k01, k02, k03, k04, k05, k06, k07; + + private long Kr0, Kr1, Kr2, Kr3, Kr4, Kr5, Kr6, Kr7; + + /** work area for transforming the 512-bit buffer. */ + private long n0, n1, n2, n3, n4, n5, n6, n7; + + private long nn0, nn1, nn2, nn3, nn4, nn5, nn6, nn7; + + /** work area for holding block cipher's intermediate values. */ + private long w0, w1, w2, w3, w4, w5, w6, w7; + + // Static code - to intialise lookup tables -------------------------------- + + static + { + long time = System.currentTimeMillis(); + + int ROOT = 0x11d; // para. 2.1 [WHIRLPOOL] + int i, r, j; + long s, s2, s3, s4, s5, s8, s9, t; + char c; + final byte[] S = new byte[256]; + for (i = 0; i < 256; i++) + { + c = Sd.charAt(i >>> 1); + + s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFFL; + s2 = s << 1; + if (s2 > 0xFFL) + { + s2 ^= ROOT; + } + s3 = s2 ^ s; + s4 = s2 << 1; + if (s4 > 0xFFL) + { + s4 ^= ROOT; + } + s5 = s4 ^ s; + s8 = s4 << 1; + if (s8 > 0xFFL) + { + s8 ^= ROOT; + } + s9 = s8 ^ s; + + S[i] = (byte) s; + T0[i] = t = s << 56 | s << 48 | s3 << 40 | s << 32 | s5 << 24 + | s8 << 16 | s9 << 8 | s5; + T1[i] = t >>> 8 | t << 56; + T2[i] = t >>> 16 | t << 48; + T3[i] = t >>> 24 | t << 40; + T4[i] = t >>> 32 | t << 32; + T5[i] = t >>> 40 | t << 24; + T6[i] = t >>> 48 | t << 16; + T7[i] = t >>> 56 | t << 8; + } + + for (r = 1, i = 0, j = 0; r < R + 1; r++) + { + rc[i++] = (S[j++] & 0xFFL) << 56 | (S[j++] & 0xFFL) << 48 + | (S[j++] & 0xFFL) << 40 | (S[j++] & 0xFFL) << 32 + | (S[j++] & 0xFFL) << 24 | (S[j++] & 0xFFL) << 16 + | (S[j++] & 0xFFL) << 8 | (S[j++] & 0xFFL); + } + + time = System.currentTimeMillis() - time; + + if (DEBUG && debuglevel > 8) + { + System.out.println("=========="); + System.out.println(); + System.out.println("Static data"); + System.out.println(); + + System.out.println(); + System.out.println("T0[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T1[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T2[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T3[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T4[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T5[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T6[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("T7[]:"); + for (i = 0; i < 64; i++) + { + for (j = 0; j < 4; j++) + { + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + } + System.out.println(); + } + System.out.println(); + System.out.println("rc[]:"); + for (i = 0; i < R; i++) + { + System.out.println("0x" + Util.toString(rc[i])); + } + System.out.println(); + + System.out.println(); + System.out.println("Total initialization time: " + time + " ms."); + System.out.println(); + } + } + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public Whirlpool() + { + super(Registry.WHIRLPOOL_HASH, 20, BLOCK_SIZE); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param md the instance to clone. + */ + private Whirlpool(Whirlpool md) + { + this(); + + this.H0 = md.H0; + this.H1 = md.H1; + this.H2 = md.H2; + this.H3 = md.H3; + this.H4 = md.H4; + this.H5 = md.H5; + this.H6 = md.H6; + this.H7 = md.H7; + this.count = md.count; + this.buffer = (byte[]) md.buffer.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return (new Whirlpool(this)); + } + + // Implementation of concrete methods in BaseHash -------------------------- + + protected void transform(byte[] in, int offset) + { + // apply mu to the input + n0 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n1 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n2 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n3 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n4 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n5 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n6 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n7 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + + // transform K into the key schedule Kr; 0 <= r <= R + k00 = H0; + k01 = H1; + k02 = H2; + k03 = H3; + k04 = H4; + k05 = H5; + k06 = H6; + k07 = H7; + + nn0 = n0 ^ k00; + nn1 = n1 ^ k01; + nn2 = n2 ^ k02; + nn3 = n3 ^ k03; + nn4 = n4 ^ k04; + nn5 = n5 ^ k05; + nn6 = n6 ^ k06; + nn7 = n7 ^ k07; + + // intermediate cipher output + w0 = w1 = w2 = w3 = w4 = w5 = w6 = w7 = 0L; + + for (int r = 0; r < R; r++) + { + // 1. compute intermediate round key schedule by applying ro[rc] + // to the previous round key schedule --rc being the round constant + Kr0 = T0[(int) ((k00 >> 56) & 0xFFL)] ^ T1[(int) ((k07 >> 48) & 0xFFL)] + ^ T2[(int) ((k06 >> 40) & 0xFFL)] + ^ T3[(int) ((k05 >> 32) & 0xFFL)] + ^ T4[(int) ((k04 >> 24) & 0xFFL)] + ^ T5[(int) ((k03 >> 16) & 0xFFL)] + ^ T6[(int) ((k02 >> 8) & 0xFFL)] ^ T7[(int) (k01 & 0xFFL)] + ^ rc[r]; + + Kr1 = T0[(int) ((k01 >> 56) & 0xFFL)] ^ T1[(int) ((k00 >> 48) & 0xFFL)] + ^ T2[(int) ((k07 >> 40) & 0xFFL)] + ^ T3[(int) ((k06 >> 32) & 0xFFL)] + ^ T4[(int) ((k05 >> 24) & 0xFFL)] + ^ T5[(int) ((k04 >> 16) & 0xFFL)] + ^ T6[(int) ((k03 >> 8) & 0xFFL)] ^ T7[(int) (k02 & 0xFFL)]; + + Kr2 = T0[(int) ((k02 >> 56) & 0xFFL)] ^ T1[(int) ((k01 >> 48) & 0xFFL)] + ^ T2[(int) ((k00 >> 40) & 0xFFL)] + ^ T3[(int) ((k07 >> 32) & 0xFFL)] + ^ T4[(int) ((k06 >> 24) & 0xFFL)] + ^ T5[(int) ((k05 >> 16) & 0xFFL)] + ^ T6[(int) ((k04 >> 8) & 0xFFL)] ^ T7[(int) (k03 & 0xFFL)]; + + Kr3 = T0[(int) ((k03 >> 56) & 0xFFL)] ^ T1[(int) ((k02 >> 48) & 0xFFL)] + ^ T2[(int) ((k01 >> 40) & 0xFFL)] + ^ T3[(int) ((k00 >> 32) & 0xFFL)] + ^ T4[(int) ((k07 >> 24) & 0xFFL)] + ^ T5[(int) ((k06 >> 16) & 0xFFL)] + ^ T6[(int) ((k05 >> 8) & 0xFFL)] ^ T7[(int) (k04 & 0xFFL)]; + + Kr4 = T0[(int) ((k04 >> 56) & 0xFFL)] ^ T1[(int) ((k03 >> 48) & 0xFFL)] + ^ T2[(int) ((k02 >> 40) & 0xFFL)] + ^ T3[(int) ((k01 >> 32) & 0xFFL)] + ^ T4[(int) ((k00 >> 24) & 0xFFL)] + ^ T5[(int) ((k07 >> 16) & 0xFFL)] + ^ T6[(int) ((k06 >> 8) & 0xFFL)] ^ T7[(int) (k05 & 0xFFL)]; + + Kr5 = T0[(int) ((k05 >> 56) & 0xFFL)] ^ T1[(int) ((k04 >> 48) & 0xFFL)] + ^ T2[(int) ((k03 >> 40) & 0xFFL)] + ^ T3[(int) ((k02 >> 32) & 0xFFL)] + ^ T4[(int) ((k01 >> 24) & 0xFFL)] + ^ T5[(int) ((k00 >> 16) & 0xFFL)] + ^ T6[(int) ((k07 >> 8) & 0xFFL)] ^ T7[(int) (k06 & 0xFFL)]; + + Kr6 = T0[(int) ((k06 >> 56) & 0xFFL)] ^ T1[(int) ((k05 >> 48) & 0xFFL)] + ^ T2[(int) ((k04 >> 40) & 0xFFL)] + ^ T3[(int) ((k03 >> 32) & 0xFFL)] + ^ T4[(int) ((k02 >> 24) & 0xFFL)] + ^ T5[(int) ((k01 >> 16) & 0xFFL)] + ^ T6[(int) ((k00 >> 8) & 0xFFL)] ^ T7[(int) (k07 & 0xFFL)]; + + Kr7 = T0[(int) ((k07 >> 56) & 0xFFL)] ^ T1[(int) ((k06 >> 48) & 0xFFL)] + ^ T2[(int) ((k05 >> 40) & 0xFFL)] + ^ T3[(int) ((k04 >> 32) & 0xFFL)] + ^ T4[(int) ((k03 >> 24) & 0xFFL)] + ^ T5[(int) ((k02 >> 16) & 0xFFL)] + ^ T6[(int) ((k01 >> 8) & 0xFFL)] ^ T7[(int) (k00 & 0xFFL)]; + + k00 = Kr0; + k01 = Kr1; + k02 = Kr2; + k03 = Kr3; + k04 = Kr4; + k05 = Kr5; + k06 = Kr6; + k07 = Kr7; + + // 2. incrementally compute the cipher output + w0 = T0[(int) ((nn0 >> 56) & 0xFFL)] ^ T1[(int) ((nn7 >> 48) & 0xFFL)] + ^ T2[(int) ((nn6 >> 40) & 0xFFL)] + ^ T3[(int) ((nn5 >> 32) & 0xFFL)] + ^ T4[(int) ((nn4 >> 24) & 0xFFL)] + ^ T5[(int) ((nn3 >> 16) & 0xFFL)] ^ T6[(int) ((nn2 >> 8) & 0xFFL)] + ^ T7[(int) (nn1 & 0xFFL)] ^ Kr0; + w1 = T0[(int) ((nn1 >> 56) & 0xFFL)] ^ T1[(int) ((nn0 >> 48) & 0xFFL)] + ^ T2[(int) ((nn7 >> 40) & 0xFFL)] + ^ T3[(int) ((nn6 >> 32) & 0xFFL)] + ^ T4[(int) ((nn5 >> 24) & 0xFFL)] + ^ T5[(int) ((nn4 >> 16) & 0xFFL)] ^ T6[(int) ((nn3 >> 8) & 0xFFL)] + ^ T7[(int) (nn2 & 0xFFL)] ^ Kr1; + w2 = T0[(int) ((nn2 >> 56) & 0xFFL)] ^ T1[(int) ((nn1 >> 48) & 0xFFL)] + ^ T2[(int) ((nn0 >> 40) & 0xFFL)] + ^ T3[(int) ((nn7 >> 32) & 0xFFL)] + ^ T4[(int) ((nn6 >> 24) & 0xFFL)] + ^ T5[(int) ((nn5 >> 16) & 0xFFL)] ^ T6[(int) ((nn4 >> 8) & 0xFFL)] + ^ T7[(int) (nn3 & 0xFFL)] ^ Kr2; + w3 = T0[(int) ((nn3 >> 56) & 0xFFL)] ^ T1[(int) ((nn2 >> 48) & 0xFFL)] + ^ T2[(int) ((nn1 >> 40) & 0xFFL)] + ^ T3[(int) ((nn0 >> 32) & 0xFFL)] + ^ T4[(int) ((nn7 >> 24) & 0xFFL)] + ^ T5[(int) ((nn6 >> 16) & 0xFFL)] ^ T6[(int) ((nn5 >> 8) & 0xFFL)] + ^ T7[(int) (nn4 & 0xFFL)] ^ Kr3; + w4 = T0[(int) ((nn4 >> 56) & 0xFFL)] ^ T1[(int) ((nn3 >> 48) & 0xFFL)] + ^ T2[(int) ((nn2 >> 40) & 0xFFL)] + ^ T3[(int) ((nn1 >> 32) & 0xFFL)] + ^ T4[(int) ((nn0 >> 24) & 0xFFL)] + ^ T5[(int) ((nn7 >> 16) & 0xFFL)] ^ T6[(int) ((nn6 >> 8) & 0xFFL)] + ^ T7[(int) (nn5 & 0xFFL)] ^ Kr4; + w5 = T0[(int) ((nn5 >> 56) & 0xFFL)] ^ T1[(int) ((nn4 >> 48) & 0xFFL)] + ^ T2[(int) ((nn3 >> 40) & 0xFFL)] + ^ T3[(int) ((nn2 >> 32) & 0xFFL)] + ^ T4[(int) ((nn1 >> 24) & 0xFFL)] + ^ T5[(int) ((nn0 >> 16) & 0xFFL)] ^ T6[(int) ((nn7 >> 8) & 0xFFL)] + ^ T7[(int) (nn6 & 0xFFL)] ^ Kr5; + w6 = T0[(int) ((nn6 >> 56) & 0xFFL)] ^ T1[(int) ((nn5 >> 48) & 0xFFL)] + ^ T2[(int) ((nn4 >> 40) & 0xFFL)] + ^ T3[(int) ((nn3 >> 32) & 0xFFL)] + ^ T4[(int) ((nn2 >> 24) & 0xFFL)] + ^ T5[(int) ((nn1 >> 16) & 0xFFL)] ^ T6[(int) ((nn0 >> 8) & 0xFFL)] + ^ T7[(int) (nn7 & 0xFFL)] ^ Kr6; + w7 = T0[(int) ((nn7 >> 56) & 0xFFL)] ^ T1[(int) ((nn6 >> 48) & 0xFFL)] + ^ T2[(int) ((nn5 >> 40) & 0xFFL)] + ^ T3[(int) ((nn4 >> 32) & 0xFFL)] + ^ T4[(int) ((nn3 >> 24) & 0xFFL)] + ^ T5[(int) ((nn2 >> 16) & 0xFFL)] ^ T6[(int) ((nn1 >> 8) & 0xFFL)] + ^ T7[(int) (nn0 & 0xFFL)] ^ Kr7; + + nn0 = w0; + nn1 = w1; + nn2 = w2; + nn3 = w3; + nn4 = w4; + nn5 = w5; + nn6 = w6; + nn7 = w7; + } + + // apply the Miyaguchi-Preneel hash scheme + H0 ^= w0 ^ n0; + H1 ^= w1 ^ n1; + H2 ^= w2 ^ n2; + H3 ^= w3 ^ n3; + H4 ^= w4 ^ n4; + H5 ^= w5 ^ n5; + H6 ^= w6 ^ n6; + H7 ^= w7 ^ n7; + } + + protected byte[] padBuffer() + { + // [WHIRLPOOL] p. 6: + // "...padded with a 1-bit, then with as few 0-bits as necessary to + // obtain a bit string whose length is an odd multiple of 256, and + // finally with the 256-bit right-justified binary representation of L." + // in this implementation we use 'count' as the number of bytes hashed + // so far. hence the minimal number of bytes added to the message proper + // are 33 (1 for the 1-bit followed by the 0-bits and the encoding of + // the count framed in a 256-bit block). our formula is then: + // count + 33 + padding = 0 (mod BLOCK_SIZE) + int n = (int) ((count + 33) % BLOCK_SIZE); + int padding = n == 0 ? 33 : BLOCK_SIZE - n + 33; + + byte[] result = new byte[padding]; + + // padding is always binary 1 followed by binary 0s + result[0] = (byte) 0x80; + + // save (right justified) the number of bits hashed + long bits = count * 8; + int i = padding - 8; + result[i++] = (byte) (bits >>> 56); + result[i++] = (byte) (bits >>> 48); + result[i++] = (byte) (bits >>> 40); + result[i++] = (byte) (bits >>> 32); + result[i++] = (byte) (bits >>> 24); + result[i++] = (byte) (bits >>> 16); + result[i++] = (byte) (bits >>> 8); + result[i] = (byte) bits; + + return result; + } + + protected byte[] getResult() + { + // apply inverse mu to the context + byte[] result = new byte[] { (byte) (H0 >>> 56), (byte) (H0 >>> 48), + (byte) (H0 >>> 40), (byte) (H0 >>> 32), + (byte) (H0 >>> 24), (byte) (H0 >>> 16), + (byte) (H0 >>> 8), (byte) H0, + (byte) (H1 >>> 56), (byte) (H1 >>> 48), + (byte) (H1 >>> 40), (byte) (H1 >>> 32), + (byte) (H1 >>> 24), (byte) (H1 >>> 16), + (byte) (H1 >>> 8), (byte) H1, + (byte) (H2 >>> 56), (byte) (H2 >>> 48), + (byte) (H2 >>> 40), (byte) (H2 >>> 32), + (byte) (H2 >>> 24), (byte) (H2 >>> 16), + (byte) (H2 >>> 8), (byte) H2, + (byte) (H3 >>> 56), (byte) (H3 >>> 48), + (byte) (H3 >>> 40), (byte) (H3 >>> 32), + (byte) (H3 >>> 24), (byte) (H3 >>> 16), + (byte) (H3 >>> 8), (byte) H3, + (byte) (H4 >>> 56), (byte) (H4 >>> 48), + (byte) (H4 >>> 40), (byte) (H4 >>> 32), + (byte) (H4 >>> 24), (byte) (H4 >>> 16), + (byte) (H4 >>> 8), (byte) H4, + (byte) (H5 >>> 56), (byte) (H5 >>> 48), + (byte) (H5 >>> 40), (byte) (H5 >>> 32), + (byte) (H5 >>> 24), (byte) (H5 >>> 16), + (byte) (H5 >>> 8), (byte) H5, + (byte) (H6 >>> 56), (byte) (H6 >>> 48), + (byte) (H6 >>> 40), (byte) (H6 >>> 32), + (byte) (H6 >>> 24), (byte) (H6 >>> 16), + (byte) (H6 >>> 8), (byte) H6, + (byte) (H7 >>> 56), (byte) (H7 >>> 48), + (byte) (H7 >>> 40), (byte) (H7 >>> 32), + (byte) (H7 >>> 24), (byte) (H7 >>> 16), + (byte) (H7 >>> 8), (byte) H7 }; + + return result; + } + + protected void resetContext() + { + H0 = H1 = H2 = H3 = H4 = H5 = H6 = H7 = 0L; + } + + public boolean selfTest() + { + if (valid == null) + { + valid = new Boolean( + DIGEST0.equals(Util.toString(new Whirlpool().digest()))); + } + return valid.booleanValue(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java new file mode 100644 index 0000000..e127779 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java @@ -0,0 +1,68 @@ +/* HavalSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the HAVAL Service Provider Interface + * (SPI) Adapter.

+ * + * @version Revision: $ + */ +public class HavalSpi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public HavalSpi() + { + super(Registry.HAVAL_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java new file mode 100644 index 0000000..5b6b0e1 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java @@ -0,0 +1,69 @@ +/* MD2Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the MD2 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class MD2Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public MD2Spi() + { + super(Registry.MD2_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java new file mode 100644 index 0000000..8be4499 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java @@ -0,0 +1,69 @@ +/* MD4Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the MD4 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class MD4Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public MD4Spi() + { + super(Registry.MD4_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java new file mode 100644 index 0000000..92fb6ab --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java @@ -0,0 +1,68 @@ +/* MD5Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the MD5 Service Provider Interface (SPI) + * adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class MD5Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public MD5Spi() + { + super(Registry.MD5_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java new file mode 100644 index 0000000..9b8a73d --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java @@ -0,0 +1,147 @@ +/* MessageDigestAdapter.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.hash.HashFactory; + +import java.security.DigestException; +import java.security.MessageDigestSpi; + +/** + * The implementation of a generic {@link java.security.MessageDigest} adapter + * class to wrap gnu.crypto hash instances.

+ * + * This class defines the Service Provider Interface (SPI) for the + * {@link java.security.MessageDigest} class, which provides the functionality + * of a message digest algorithm, such as MD5 or SHA. Message digests are secure + * one-way hash functions that take arbitrary-sized data and output a fixed- + * length hash value.

+ * + * All the abstract methods in the {@link java.security.MessageDigestSpi} class + * are implemented by this class and all its sub-classes.

+ * + * All the implementations which subclass this object, and which are serviced by + * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.

+ * + * @version $Revision: 1.1 $ + */ +class MessageDigestAdapter extends MessageDigestSpi implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Our underlying hash instance. */ + private IMessageDigest adaptee; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor. + * + * @param mdName the canonical name of the hash algorithm. + */ + protected MessageDigestAdapter(String mdName) + { + this(HashFactory.getInstance(mdName)); + } + + /** + * Private constructor for cloning purposes. + * + * @param adaptee a clone of the underlying hash algorithm instance. + */ + private MessageDigestAdapter(IMessageDigest adaptee) + { + super(); + + this.adaptee = adaptee; + } + + // Class methods + // ------------------------------------------------------------------------- + + // java.security.MessageDigestSpi interface implementation + // ------------------------------------------------------------------------- + + public Object clone() + { + return new MessageDigestAdapter((IMessageDigest) adaptee.clone()); + } + + public int engineGetDigestLength() + { + return adaptee.hashSize(); + } + + public void engineUpdate(byte input) + { + adaptee.update(input); + } + + public void engineUpdate(byte[] input, int offset, int len) + { + adaptee.update(input, offset, len); + } + + public byte[] engineDigest() + { + return adaptee.digest(); + } + + public int engineDigest(byte[] buf, int offset, int len) + throws DigestException + { + int result = adaptee.hashSize(); + if (len < result) + { + throw new DigestException(); + } + byte[] md = adaptee.digest(); + System.arraycopy(md, 0, buf, offset, result); + return result; + } + + public void engineReset() + { + adaptee.reset(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java new file mode 100644 index 0000000..b8e90d4 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java @@ -0,0 +1,68 @@ +/* RipeMD128Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the RIPEMD-128 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class RipeMD128Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RipeMD128Spi() + { + super(Registry.RIPEMD128_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java new file mode 100644 index 0000000..49615e2 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java @@ -0,0 +1,68 @@ +/* RipeMD160Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the RIPEMD-160 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class RipeMD160Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RipeMD160Spi() + { + super(Registry.RIPEMD160_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java new file mode 100644 index 0000000..a9b7263 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java @@ -0,0 +1,68 @@ +/* Sha160Spi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the SHA-1 (160-bit) Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class Sha160Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha160Spi() + { + super(Registry.SHA160_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java new file mode 100644 index 0000000..9eeaebd --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java @@ -0,0 +1,68 @@ +/* Sha256Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-2-1 (256-bit) Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class Sha256Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha256Spi() + { + super(Registry.SHA256_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java new file mode 100644 index 0000000..96e1e6e --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java @@ -0,0 +1,68 @@ +/* Sha384Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-2-2 (384-bit) Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class Sha384Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha384Spi() + { + super(Registry.SHA384_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java new file mode 100644 index 0000000..75c6170 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java @@ -0,0 +1,68 @@ +/* Sha512Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-2-3 (512-bit) Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class Sha512Spi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha512Spi() + { + super(Registry.SHA512_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java new file mode 100644 index 0000000..b355d78 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java @@ -0,0 +1,69 @@ +/* TigerSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + *

The implementation of the Tiger Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class TigerSpi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public TigerSpi() + { + super(Registry.TIGER_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java new file mode 100644 index 0000000..e42e74d --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java @@ -0,0 +1,68 @@ +/* WhirlpoolSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.hash; + +import gnu.java.security.Registry; + +/** + * The implementation of the Whirlpool Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class WhirlpoolSpi extends MessageDigestAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public WhirlpoolSpi() + { + super(Registry.WHIRLPOOL_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java new file mode 100644 index 0000000..0c39a37 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/HavalRandomSpi.java @@ -0,0 +1,66 @@ +/* HavalRandomSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the HAVAL-based SecureRandom Service Provider + * Interface (SPI) Adapter.

+ */ +public class HavalRandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public HavalRandomSpi() + { + super(Registry.HAVAL_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java new file mode 100644 index 0000000..72a7f48 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/MD2RandomSpi.java @@ -0,0 +1,66 @@ +/* MD2RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the MD2-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class MD2RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public MD2RandomSpi() + { + super(Registry.MD2_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java new file mode 100644 index 0000000..f5f98f8 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/MD4RandomSpi.java @@ -0,0 +1,66 @@ +/* MD4RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the MD4-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class MD4RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public MD4RandomSpi() + { + super(Registry.MD4_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java new file mode 100644 index 0000000..0181247 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/MD5RandomSpi.java @@ -0,0 +1,66 @@ +/* MD5RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the MD5-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class MD5RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public MD5RandomSpi() + { + super(Registry.MD5_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java new file mode 100644 index 0000000..5580716 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/RipeMD128RandomSpi.java @@ -0,0 +1,66 @@ +/* RipeMD128RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + *

The implementation of the RIPEMD128-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class RipeMD128RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RipeMD128RandomSpi() + { + super(Registry.RIPEMD128_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java new file mode 100644 index 0000000..734fe82 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/RipeMD160RandomSpi.java @@ -0,0 +1,66 @@ +/* RipeMD160RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the RIPEMD160-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class RipeMD160RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RipeMD160RandomSpi() + { + super(Registry.RIPEMD160_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java new file mode 100644 index 0000000..e7cb720 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java @@ -0,0 +1,126 @@ +/* SecureRandomAdapter.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.prng.MDGenerator; + +import java.security.SecureRandomSpi; +import java.util.HashMap; + +/** + *

The implementation of a generic {@link java.security.SecureRandom} adapter + * class to wrap gnu.crypto prng instances based on Message Digest algorithms.

+ * + *

This class defines the Service Provider Interface (SPI) for + * the {@link java.security.SecureRandom} class, which provides the + * functionality of a cryptographically strong pseudo-random number generator.

+ * + *

All the abstract methods in the {@link SecureRandomSpi} class are + * implemented by this class and all its sub-classes.

+ */ +abstract class SecureRandomAdapter extends SecureRandomSpi +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Our underlying prng instance. */ + private MDGenerator adaptee = new MDGenerator(); + + /** The name of the message digest algorithm used by the adaptee. */ + private String mdName; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial protected constructor.

+ * + * @param mdName the canonical name of the underlying hash algorithm. + */ + protected SecureRandomAdapter(String mdName) + { + super(); + + this.mdName = mdName; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.SecureRandomSpi interface implementation ------------------ + + public byte[] engineGenerateSeed(int numBytes) + { + if (numBytes < 1) + { + return new byte[0]; + } + byte[] result = new byte[numBytes]; + this.engineNextBytes(result); + return result; + } + + public void engineNextBytes(byte[] bytes) + { + if (!adaptee.isInitialised()) + { + this.engineSetSeed(new byte[0]); + } + try + { + adaptee.nextBytes(bytes, 0, bytes.length); + } + catch (LimitReachedException ignored) + { + } + } + + public void engineSetSeed(byte[] seed) + { + HashMap attributes = new HashMap(); + attributes.put(MDGenerator.MD_NAME, mdName); + attributes.put(MDGenerator.SEEED, seed); + adaptee.init(attributes); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java new file mode 100644 index 0000000..c93b02d --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/Sha160RandomSpi.java @@ -0,0 +1,66 @@ +/* Sha160RandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the SHA1-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class Sha160RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha160RandomSpi() + { + super(Registry.SHA160_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java new file mode 100644 index 0000000..7369964 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/Sha256RandomSpi.java @@ -0,0 +1,66 @@ +/* Sha256RandomSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-256 based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class Sha256RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha256RandomSpi() + { + super(Registry.SHA256_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java new file mode 100644 index 0000000..afbf193 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/Sha384RandomSpi.java @@ -0,0 +1,66 @@ +/* Sha384RandomSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-384 based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class Sha384RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha384RandomSpi() + { + super(Registry.SHA384_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java new file mode 100644 index 0000000..b2b3377 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/Sha512RandomSpi.java @@ -0,0 +1,66 @@ +/* Sha512RandomSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + *

The implementation of the SHA-512 based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class Sha512RandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Sha512RandomSpi() + { + super(Registry.SHA512_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java new file mode 100644 index 0000000..b4795b9 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/TigerRandomSpi.java @@ -0,0 +1,66 @@ +/* TigerRandomSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the Tiger based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class TigerRandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public TigerRandomSpi() + { + super(Registry.TIGER_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java b/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java new file mode 100644 index 0000000..f327f9d --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/prng/WhirlpoolRandomSpi.java @@ -0,0 +1,66 @@ +/* WhirlpoolRandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.prng; + +import gnu.java.security.Registry; + +/** + * The implementation of the Whirlpool-based SecureRandom Service Provider + * Interface (SPI) adapter.

+ */ +public class WhirlpoolRandomSpi extends SecureRandomAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public WhirlpoolRandomSpi() + { + super(Registry.WHIRLPOOL_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java new file mode 100644 index 0000000..bb4d85c --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java @@ -0,0 +1,238 @@ +/* DSSKeyFactory.java -- JCE DSA key factory Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairPKCS8Codec; +import gnu.java.security.key.dss.DSSKeyPairX509Codec; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.dss.DSSPublicKey; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +/** + * DSA key factory. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +public class DSSKeyFactory extends KeyFactorySpi +{ + // implicit 0-arguments constructor + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DSAPublicKeySpec) + { + DSAPublicKeySpec spec = (DSAPublicKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + + if (keySpec instanceof X509EncodedKeySpec) + { + X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PublicKey result; + try + { + result = new DSSKeyPairX509Codec().decodePublicKey(encoded); + return result; + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DSAPrivateKeySpec) + { + DSAPrivateKeySpec spec = (DSAPrivateKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + + if (keySpec instanceof PKCS8EncodedKeySpec) + { + PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PrivateKey result; + try + { + result = new DSSKeyPairPKCS8Codec().decodePrivateKey(encoded); + return result; + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof DSAPublicKey) + { + if (keySpec.isAssignableFrom(DSAPublicKeySpec.class)) + { + DSAPublicKey dsaKey = (DSAPublicKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger y = dsaKey.getY(); + return new DSAPublicKeySpec(y, p, q, g); + } + + if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + { + if (key instanceof DSSPublicKey) + { + DSSPublicKey dssKey = (DSSPublicKey) key; + byte[] encoded = dssKey.getEncoded(Registry.X509_ENCODING_ID); + return new X509EncodedKeySpec(encoded); + } + + if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new X509EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification"); + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + if (key instanceof DSAPrivateKey) + { + if (keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) + { + DSAPrivateKey dsaKey = (DSAPrivateKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger x = dsaKey.getX(); + return new DSAPrivateKeySpec(x, p, q, g); + } + + if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + { + if (key instanceof DSSPrivateKey) + { + DSSPrivateKey dssKey = (DSSPrivateKey) key; + byte[] encoded = dssKey.getEncoded(Registry.PKCS8_ENCODING_ID); + return new PKCS8EncodedKeySpec(encoded); + } + + if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new PKCS8EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification"); + } + + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported key specification"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof DSSPublicKey) || (key instanceof DSSPrivateKey)) + return key; + + if (key instanceof DSAPublicKey) + { + DSAPublicKey dsaKey = (DSAPublicKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger y = dsaKey.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + + if (key instanceof DSAPrivateKey) + { + DSAPrivateKey dsaKey = (DSAPrivateKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger x = dsaKey.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + + throw new InvalidKeyException("Wrong key type"); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java new file mode 100644 index 0000000..97e9594 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java @@ -0,0 +1,169 @@ +/* DSSKeyPairGeneratorSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairGenerator; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.SecureRandom; +import java.security.interfaces.DSAKeyPairGenerator; +import java.security.interfaces.DSAParams; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.util.HashMap; + +/** + * The implementation of a {@link java.security.KeyPairGenerator} adapter class + * to wrap gnu.crypto DSS keypair generator instances.

+ * + * In case the client does not explicitly initialize the KeyPairGenerator (via + * a call to an initialize() method), the GNU Crypto provider + * uses a default modulus size (keysize) of 1024 bits.

+ * + * @version $Revision: 1.3 $ + */ +public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements + DSAKeyPairGenerator +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public DSSKeyPairGeneratorSpi() + { + super(Registry.DSS_KPG); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public void initialize(int keysize, SecureRandom random) + { + this.initialize(keysize, false, random); + } + + public void initialize(AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + HashMap attributes = new HashMap(); + if (params != null) + { + if (!(params instanceof DSAParameterSpec)) + throw new InvalidAlgorithmParameterException( + "Parameters argument is not a non-null instance, or " + + "sub-instance, of java.security.spec.DSAParameterSpec"); + + attributes.put(DSSKeyPairGenerator.DSS_PARAMETERS, params); + } + + if (random != null) + { + attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + } + + attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + try + { + adaptee.setup(attributes); + } + catch (IllegalArgumentException x) + { + InvalidAlgorithmParameterException y = + new InvalidAlgorithmParameterException(); + y.initCause(x); + throw y; + } + } + + // java.security.interfaces.DSAKeyPairGenerator interface implementation ----- + + public void initialize(DSAParams params, SecureRandom random) + throws InvalidParameterException + { + if (params == null || !(params instanceof DSAParameterSpec)) + throw new InvalidParameterException( + "Parameters argument is either null or is not an instance, or " + + "sub-instance, of java.security.spec.DSAParameterSpec"); + DSAParameterSpec spec = (DSAParameterSpec) params; + try + { + this.initialize((AlgorithmParameterSpec) spec, random); + } + catch (InvalidAlgorithmParameterException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + } + + public void initialize(int modlen, boolean genParams, SecureRandom random) + throws InvalidParameterException + { + HashMap attributes = new HashMap(); + attributes.put(DSSKeyPairGenerator.MODULUS_LENGTH, new Integer(modlen)); + if (random != null) + attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(DSSKeyPairGenerator.USE_DEFAULTS, + Boolean.valueOf(!genParams)); + attributes.put(DSSKeyPairGenerator.STRICT_DEFAULTS, Boolean.TRUE); + attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + try + { + adaptee.setup(attributes); + } + catch (IllegalArgumentException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java new file mode 100644 index 0000000..ba1f414 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java @@ -0,0 +1,220 @@ +/* DSSParameters.java -- DSS parameters DAO + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.AlgorithmParametersSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.ArrayList; + +/** + * A JCE-specific Data Access Object (DAO) for DSS parameters. + */ +public class DSSParameters + extends AlgorithmParametersSpi +{ + /** + * A prime modulus, where 2L-1 < p < 2L + * for 512 <= L <= 1024 and L a multiple of + * 64. + */ + private BigInteger p; + + /** + * A prime divisor of p - 1, where 2159 < q + * < 2160. + */ + private BigInteger q; + + /** + * g = h(p-1)/q mod p, where h is any + * integer with 1 < h < p - 1 such that h + * (p-1)/q mod p > 1 (g has order q mod p + * ). + */ + private BigInteger g; + + // default 0-arguments constructor + + protected void engineInit(AlgorithmParameterSpec spec) + throws InvalidParameterSpecException + { + if (! (spec instanceof DSAParameterSpec)) + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + DSAParameterSpec dsaSpec = (DSAParameterSpec) spec; + p = dsaSpec.getP(); + q = dsaSpec.getQ(); + g = dsaSpec.getG(); + } + + /** + * Decodes the set of DSS parameters as per RFC-2459; i.e. the DER-encoded + * form of the following ASN.1 construct: + * + * 

+   *   DssParams ::= SEQUENCE {
+   *     p   INTEGER,
+   *     q   INTEGER,
+   *     g   INTEGER
+   *   }
+   *
+ */ + protected void engineInit(byte[] params) throws IOException + { + DERReader der = new DERReader(params); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + } + + protected void engineInit(byte[] params, String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + + engineInit(params); + } + + protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (! paramSpec.isAssignableFrom(DSAParameterSpec.class)) + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + paramSpec.getName()); + return new DSAParameterSpec(p, q, g); + } + + /** + * Encodes the set of DSS parameters as per RFC-2459; i.e. as the DER-encoded + * form of the following ASN.1 construct: + * + * 
+   *   DssParams ::= SEQUENCE {
+   *     p   INTEGER,
+   *     q   INTEGER,
+   *     g   INTEGER
+   *   }
+   *
+ */ + protected byte[] engineGetEncoded() throws IOException + { + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derQ = new DERValue(DER.INTEGER, q); + DERValue derG = new DERValue(DER.INTEGER, g); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derQ); + params.add(derG); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + DERWriter.write(baos, derParams); + byte[] result = baos.toByteArray(); + + return result; + } + + protected byte[] engineGetEncoded(String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + + return engineGetEncoded(); + } + + protected String engineToString() + { + StringBuffer sb = new StringBuffer("p="); + if (p == null) + sb.append("???"); + else + sb.append("0x").append(p.toString(16)); + + sb.append(", q="); + if (q == null) + sb.append("???"); + else + sb.append("0x").append(q.toString(16)); + + sb.append(", g="); + if (g == null) + sb.append("???"); + else + sb.append("0x").append(g.toString(16)); + + return sb.toString(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java b/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java new file mode 100644 index 0000000..09c1386 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java @@ -0,0 +1,125 @@ +/* DSSParametersGenerator.java -- JCE Adapter for a generator of DSS parameters + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairGenerator; +import gnu.java.security.key.dss.FIPS186; +import gnu.java.security.provider.Gnu; + +import java.math.BigInteger; +import java.security.AlgorithmParameterGeneratorSpi; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +/** + * A JCE Adapter for a generator of DSS parameters. + */ +public class DSSParametersGenerator + extends AlgorithmParameterGeneratorSpi +{ + private static final Provider GNU = new Gnu(); + + /** Size of the public modulus in bits. */ + private int modulusLength = -1; + + /** User specified source of randomness. */ + private SecureRandom rnd; + + /** Our concrete DSS parameters generator. */ + private FIPS186 fips; + + // default 0-arguments constructor + + protected void engineInit(int size, SecureRandom random) + { + if ((size % 64) != 0 || size < 512 || size > 1024) + throw new InvalidParameterException("Modulus size/length (in bits) MUST " + + "be a multiple of 64, greater than " + + "or equal to 512, and less than or " + + "equal to 1024"); + this.modulusLength = size; + this.rnd = random; + } + + protected void engineInit(AlgorithmParameterSpec spec, SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (! (spec instanceof DSAParameterSpec)) + throw new InvalidAlgorithmParameterException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + DSAParameterSpec dsaSpec = (DSAParameterSpec) spec; + BigInteger p = dsaSpec.getP(); + int size = p.bitLength(); + this.engineInit(size, random); + } + + protected AlgorithmParameters engineGenerateParameters() + { + if (modulusLength < 1) + modulusLength = DSSKeyPairGenerator.DEFAULT_MODULUS_LENGTH; + + fips = new FIPS186(modulusLength, rnd); + BigInteger[] params = fips.generateParameters(); + BigInteger p = params[3]; + BigInteger q = params[2]; + BigInteger g = params[5]; + DSAParameterSpec spec = new DSAParameterSpec(p, q, g); + AlgorithmParameters result = null; + try + { + result = AlgorithmParameters.getInstance(Registry.DSS_KPG, GNU); + result.init(spec); + } + catch (NoSuchAlgorithmException ignore) + { + } + catch (InvalidParameterSpecException ignore) + { + } + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java new file mode 100644 index 0000000..16e4ddd --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java @@ -0,0 +1,70 @@ +/* DSSRawSignatureSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.dss.DSSSignatureRawCodec; + +/** + * The implementation of Service Provider Interface (SPI) adapter + * for the DSS (Digital Signature Standard) signature scheme, encoded and/or + * decoded in RAW format.

+ * + * @version $Revision: 1.1 $ + */ +public class DSSRawSignatureSpi extends SignatureAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public DSSRawSignatureSpi() + { + super(Registry.DSS_SIG, new DSSSignatureRawCodec()); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java new file mode 100644 index 0000000..60152c2 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java @@ -0,0 +1,453 @@ +/* EncodedKeyFactory.java -- JCE Encoded key factory Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.dss.DSSPublicKey; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; + +import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.security.spec.X509EncodedKeySpec; +import java.util.logging.Level; +import java.util.logging.Logger; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHPrivateKeySpec; +import javax.crypto.spec.DHPublicKeySpec; + +/** + * A factory for keys encoded in either the X.509 format (for public keys) or + * the PKCS#8 format (for private keys). + */ +public class EncodedKeyFactory + extends KeyFactorySpi +{ + private static final Logger log = Logger.getLogger(EncodedKeyFactory.class.getName()); + + // implicit 0-arguments constructor + + // Class methods + // -------------------------------------------------------------------------- + + private static Object invokeConstructor(String className, Object[] params) + throws InvalidKeySpecException + { + Class clazz = getConcreteClass(className); + try + { + Constructor ctor = getConcreteCtor(clazz); + Object result = ctor.newInstance(params); + return result; + } + catch (InstantiationException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + catch (IllegalAccessException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(y); + throw y; + } + catch (InvocationTargetException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + private static Class getConcreteClass(String className) + throws InvalidKeySpecException + { + try + { + Class result = Class.forName(className); + return result; + } + catch (ClassNotFoundException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + private static Constructor getConcreteCtor(Class clazz) + throws InvalidKeySpecException + { + try + { + Constructor result = clazz.getConstructor(new Class[] {int.class, + BigInteger.class, + BigInteger.class, + BigInteger.class, + BigInteger.class}); + return result; + } + catch (NoSuchMethodException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + private static Object invokeValueOf(String className, byte[] encoded) + throws InvalidKeySpecException + { + Class clazz = getConcreteClass(className); + try + { + Method valueOf = getValueOfMethod(clazz); + Object result = valueOf.invoke(null, new Object[] { encoded }); + return result; + } + catch (IllegalAccessException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + catch (InvocationTargetException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + private static Method getValueOfMethod(Class clazz) + throws InvalidKeySpecException + { + try + { + Method result = clazz.getMethod("valueOf", new Class[] {byte[].class}); + return result; + } + catch (NoSuchMethodException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + // Instance methods + // -------------------------------------------------------------------------- + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec); + + PublicKey result = null; + if (keySpec instanceof DSAPublicKeySpec) + result = decodeDSSPublicKey((DSAPublicKeySpec) keySpec); + else if (keySpec instanceof RSAPublicKeySpec) + result = decodeRSAPublicKey((RSAPublicKeySpec) keySpec); + else if (keySpec instanceof DHPublicKeySpec) + result = decodeDHPublicKey((DHPublicKeySpec) keySpec); + else + { + if (! (keySpec instanceof X509EncodedKeySpec)) + throw new InvalidKeySpecException("Unsupported key specification"); + + byte[] input = ((X509EncodedKeySpec) keySpec).getEncoded(); + boolean ok = false; + // try DSS + try + { + result = DSSPublicKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore", + ignored); + } + + if (! ok) // try RSA + try + { + result = GnuRSAPublicKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + log.log(Level.FINE, + "Exception in GnuRSAPublicKey.valueOf(). Ignore", + ignored); + } + + if (! ok) // try DH + result = decodeDHPublicKey(input); + } + + log.exiting(this.getClass().getName(), "engineGeneratePublic()", result); + return result; + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec); + + PrivateKey result = null; + if (keySpec instanceof DSAPrivateKeySpec) + result = decodeDSSPrivateKey((DSAPrivateKeySpec) keySpec); + else if (keySpec instanceof RSAPrivateCrtKeySpec) + result = decodeRSAPrivateKey((RSAPrivateCrtKeySpec) keySpec); + else if (keySpec instanceof DHPrivateKeySpec) + result = decodeDHPrivateKey((DHPrivateKeySpec) keySpec); + else + { + if (! (keySpec instanceof PKCS8EncodedKeySpec)) + throw new InvalidKeySpecException("Unsupported key specification"); + + byte[] input = ((PKCS8EncodedKeySpec) keySpec).getEncoded(); + boolean ok = false; + // try DSS + try + { + result = DSSPrivateKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore", + ignored); + } + + if (! ok) // try RSA + try + { + result = GnuRSAPrivateKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + log.log(Level.FINE, + "Exception in GnuRSAPrivateKey.valueOf(). Ignore", + ignored); + } + + if (! ok) // try DH + result = decodeDHPrivateKey(input); + } + + log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result); + return result; + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof PublicKey + && Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat()) + && keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + return new X509EncodedKeySpec(key.getEncoded()); + + if (key instanceof PrivateKey + && Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()) + && keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + return new PKCS8EncodedKeySpec(key.getEncoded()); + + throw new InvalidKeySpecException("Unsupported format or invalid key spec class"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + throw new InvalidKeyException("Key translation not supported"); + } + + /** + * @param spec an instance of {@link DSAPublicKeySpec} to decode. + * @return an instance of {@link DSSPublicKey} constructed from the + * information in the designated key-specification. + */ + private DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec) + { + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + + /** + * @param spec an instance of {@link RSAPublicKeySpec} to decode. + * @return an instance of {@link GnuRSAPublicKey} constructed from the + * information in the designated key-specification. + */ + private GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec) + { + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + + /** + * @param spec an instance of {@link DHPublicKeySpec} to decode. + * @return an instance of a {@link DHPublicKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPublicKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec) + throws InvalidKeySpecException + { + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + Object[] params = new Object[] {new Integer(Registry.X509_ENCODING_ID), + null, p, g, y}; + Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPublicKey", + params); + return (DHPublicKey) obj; + } + + /** + * @param encoded the bytes to decode. + * @return an instance of a {@link DHPublicKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPublicKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPublicKey decodeDHPublicKey(byte[] encoded) + throws InvalidKeySpecException + { + Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPublicKey", + encoded); + return (DHPublicKey) obj; + } + + /** + * @param spec an instance of {@link DSAPrivateKeySpec} to decode. + * @return an instance of {@link DSSPrivateKey} constructed from the + * information in the designated key-specification. + */ + private PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec) + { + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + + /** + * @param spec an instance of {@link RSAPrivateCrtKeySpec} to decode. + * @return an instance of {@link GnuRSAPrivateKey} constructed from the + * information in the designated key-specification. + */ + private PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec) + { + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + BigInteger d = spec.getPrivateExponent(); + BigInteger p = spec.getPrimeP(); + BigInteger q = spec.getPrimeQ(); + BigInteger dP = spec.getPrimeExponentP(); + BigInteger dQ = spec.getPrimeExponentQ(); + BigInteger qInv = spec.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + + /** + * @param spec an instance of {@link DHPrivateKeySpec} to decode. + * @return an instance of a {@link DHPrivateKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPrivateKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec) + throws InvalidKeySpecException + { + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + Object[] params = new Object[] {new Integer(Registry.PKCS8_ENCODING_ID), + null, p, g, x}; + Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPrivateKey", + params); + return (DHPrivateKey) obj; + } + + /** + * @param encoded the bytes to decode. + * @return an instance of a {@link DHPrivateKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPrivateKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPrivateKey decodeDHPrivateKey(byte[] encoded) + throws InvalidKeySpecException + { + Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPrivateKey", + encoded); + return (DHPrivateKey) obj; + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java new file mode 100644 index 0000000..6026829 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java @@ -0,0 +1,109 @@ +/* KeyPairGeneratorAdapter.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.key.KeyPairGeneratorFactory; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +/** + * The implementation of a generic {@link java.security.KeyPairGenerator} + * adapter class to wrap gnu.crypto keypair generator instances.

+ * + * This class defines the Service Provider Interface (SPI) for the + * {@link java.security.KeyPairGenerator} class, which is used to generate pairs + * of public and private keys.

+ * + * All the abstract methods in the {@link java.security.KeyPairGeneratorSpi} + * class are implemented by this class and all its sub-classes.

+ * + * In case the client does not explicitly initialize the KeyPairGenerator (via + * a call to an initialize() method), the GNU Crypto provider + * supplies (and document) default values to be used. For example, the GNU + * Crypto provider uses a default modulus size (keysize) of 1024 bits for + * the DSS (Digital Signature Standard) a.k.a DSA.

+ * + * @version $Revision: 1.3 $ + */ +public abstract class KeyPairGeneratorAdapter extends KeyPairGenerator +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Our underlying keypair instance. */ + protected IKeyPairGenerator adaptee; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor. + * + * @param kpgName the canonical name of the keypair generator algorithm. + */ + protected KeyPairGeneratorAdapter(String kpgName) + { + super(kpgName); + + this.adaptee = KeyPairGeneratorFactory.getInstance(kpgName); + } + + // Class methods + // ------------------------------------------------------------------------- + + // java.security.KeyPairGeneratorSpi interface implementation + // ------------------------------------------------------------------------- + + public abstract void initialize(int keysize, SecureRandom random); + + public abstract void initialize(AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException; + + public KeyPair generateKeyPair() + { + return adaptee.generate(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java new file mode 100644 index 0000000..353be21 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java @@ -0,0 +1,56 @@ +/* MD2WithRSA.java -- RSA PKCS1 with MD2 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with MD2 hash and X.509 + * encoding format. + */ +public class MD2withRSA + extends SignatureAdapter +{ + public MD2withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD2_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java new file mode 100644 index 0000000..42c481b --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java @@ -0,0 +1,56 @@ +/* MD5withRSA.java -- RSA PKCS1 with MD5 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with MD5 hash and X.509 + * encoding format. + */ +public class MD5withRSA + extends SignatureAdapter +{ + public MD5withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD5_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java new file mode 100644 index 0000000..fecf54c --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java @@ -0,0 +1,265 @@ +/* RSAKeyFactory.java -- RSA key-factory JCE Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; +import gnu.java.security.key.rsa.RSAKeyPairPKCS8Codec; +import gnu.java.security.key.rsa.RSAKeyPairX509Codec; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPrivateKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.security.spec.X509EncodedKeySpec; + +public class RSAKeyFactory + extends KeyFactorySpi +{ + // implicit 0-arguments constructor + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof RSAPublicKeySpec) + { + RSAPublicKeySpec spec = (RSAPublicKeySpec) keySpec; + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + + if (keySpec instanceof X509EncodedKeySpec) + { + X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PublicKey result; + try + { + result = new RSAKeyPairX509Codec().decodePublicKey(encoded); + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof RSAPrivateCrtKeySpec) + { + RSAPrivateCrtKeySpec spec = (RSAPrivateCrtKeySpec) keySpec; + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + BigInteger d = spec.getPrivateExponent(); + BigInteger p = spec.getPrimeP(); + BigInteger q = spec.getPrimeQ(); + BigInteger dP = spec.getPrimeExponentP(); + BigInteger dQ = spec.getPrimeExponentQ(); + BigInteger qInv = spec.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + +// if (keySpec instanceof RSAPrivateKeySpec) +// { +// RSAPrivateKeySpec spec = (RSAPrivateKeySpec) keySpec; +// BigInteger n = spec.getModulus(); +// BigInteger d = spec.getPrivateExponent(); +// return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, +// n, null, d, null, null, null, null, null); +// } + + if (keySpec instanceof PKCS8EncodedKeySpec) + { + PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PrivateKey result; + try + { + result = new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded); + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof RSAPublicKey) + { + if (keySpec.isAssignableFrom(RSAPublicKeySpec.class)) + { + RSAPublicKey rsaKey = (RSAPublicKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + return new RSAPublicKeySpec(n, e); + } + + if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + { + if (key instanceof GnuRSAPublicKey) + { + GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key; + byte[] encoded = rsaKey.getEncoded(Registry.X509_ENCODING_ID); + return new X509EncodedKeySpec(encoded); + } + + if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new X509EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification"); + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + if ((key instanceof RSAPrivateCrtKey) + && keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class)) + { + RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + BigInteger d = rsaKey.getPrivateExponent(); + BigInteger p = rsaKey.getPrimeP(); + BigInteger q = rsaKey.getPrimeQ(); + BigInteger dP = rsaKey.getPrimeExponentP(); + BigInteger dQ = rsaKey.getPrimeExponentQ(); + BigInteger qInv = rsaKey.getCrtCoefficient(); + return new RSAPrivateCrtKeySpec(n, e, d, p, q, dP, dQ, qInv); + } + + if ((key instanceof RSAPrivateKey) + && keySpec.isAssignableFrom(RSAPrivateKeySpec.class)) + { + RSAPrivateKey rsaKey = (RSAPrivateKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger d = rsaKey.getPrivateExponent(); + return new RSAPrivateKeySpec(n, d); + } + + if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + { + if (key instanceof GnuRSAPrivateKey) + { + GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key; + byte[] encoded = rsaKey.getEncoded(Registry.PKCS8_ENCODING_ID); + return new PKCS8EncodedKeySpec(encoded); + } + + if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new PKCS8EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification"); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported key specification"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof GnuRSAPublicKey) || (key instanceof GnuRSAPrivateKey)) + return key; + + if (key instanceof RSAPublicKey) + { + RSAPublicKey rsaKey = (RSAPublicKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + + if (key instanceof RSAPrivateCrtKey) + { + RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + BigInteger d = rsaKey.getPrivateExponent(); + BigInteger p = rsaKey.getPrimeP(); + BigInteger q = rsaKey.getPrimeQ(); + BigInteger dP = rsaKey.getPrimeExponentP(); + BigInteger dQ = rsaKey.getPrimeExponentQ(); + BigInteger qInv = rsaKey.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + +// if (key instanceof RSAPrivateKey) +// { +// RSAPrivateKey rsaKey = (RSAPrivateKey) key; +// BigInteger n = rsaKey.getModulus(); +// BigInteger d = rsaKey.getPrivateExponent(); +// return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, +// n, null, d, null, null, null, null, null); +// } + + throw new InvalidKeyException("Unsupported key type"); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java new file mode 100644 index 0000000..24dc7c5 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java @@ -0,0 +1,115 @@ +/* RSAKeyPairGeneratorSpi.java -- JCE RSA KeyPairGenerator Adapter + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.rsa.RSAKeyPairGenerator; + +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.RSAKeyGenParameterSpec; +import java.util.HashMap; + +/** + * The implementation of a {@link java.security.KeyPairGenerator} adapter class + * to wrap gnu.crypto RSA keypair generator instances.

+ * + * In case the client does not explicitly initialize the KeyPairGenerator (via + * a call to an initialize() method), the GNU Crypto provider + * uses a default modulus size (keysize) of 1024 bits.

+ */ +public class RSAKeyPairGeneratorSpi extends KeyPairGeneratorAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RSAKeyPairGeneratorSpi() + { + super(Registry.RSA_KPG); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public void initialize(int keysize, SecureRandom random) + { + HashMap attributes = new HashMap(); + attributes.put(RSAKeyPairGenerator.MODULUS_LENGTH, new Integer(keysize)); + if (random != null) + { + attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + } + + attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } + + public void initialize(AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + HashMap attributes = new HashMap(); + if (params != null) + { + if (!(params instanceof RSAKeyGenParameterSpec)) + { + throw new InvalidAlgorithmParameterException("params"); + } + + attributes.put(RSAKeyPairGenerator.RSA_PARAMETERS, params); + } + + if (random != null) + { + attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + } + + attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java new file mode 100644 index 0000000..e44b8ad --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java @@ -0,0 +1,69 @@ +/* RSAPSSRawSignatureSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec; + +/** + * The implementation of Service Provider Interface (SPI) adapter + * for the RSA-PSS signature scheme, encoded and/or decoded in RAW format.

+ * + * @version $Revision: 1.1 $ + */ +public class RSAPSSRawSignatureSpi extends SignatureAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RSAPSSRawSignatureSpi() + { + super(Registry.RSA_PSS_SIG, new RSAPSSSignatureRawCodec()); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java b/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java new file mode 100644 index 0000000..c55139f --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java @@ -0,0 +1,54 @@ +/* SHA160withDSS.java -- JCE Adapter for DSS with SHA1 signatures + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.dss.DSSSignatureX509Codec; + +/** + * A JCE Adapter for providing X.509 formatted DSS with SHA1 signatures. + */ +public class SHA160withDSS + extends SignatureAdapter +{ + public SHA160withDSS() + { + super(Registry.DSS_SIG, new DSSSignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java new file mode 100644 index 0000000..d3b2054 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java @@ -0,0 +1,56 @@ +/* SHA160withRSA.java -- RSA PKCS1 with SHA160 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA160 hash and X.509 + * encoding format. + */ +public class SHA160withRSA + extends SignatureAdapter +{ + public SHA160withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA160_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java new file mode 100644 index 0000000..d21888b --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java @@ -0,0 +1,56 @@ +/* SHA256withRSA.java -- RSA PKCS1 with SHA256 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA256 hash and X.509 + * encoding format. + */ +public class SHA256withRSA + extends SignatureAdapter +{ + public SHA256withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA256_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java new file mode 100644 index 0000000..5495ec1 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java @@ -0,0 +1,56 @@ +/* SHA384withRSA.java -- RSA PKCS1 with SHA384 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA384 hash and X.509 + * encoding format. + */ +public class SHA384withRSA + extends SignatureAdapter +{ + public SHA384withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA384_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java new file mode 100644 index 0000000..f763229 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java @@ -0,0 +1,56 @@ +/* SHA512withRSA.java -- RSA PKCS1 with SHA512 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA512 hash and X.509 + * encoding format. + */ +public class SHA512withRSA + extends SignatureAdapter +{ + public SHA512withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA512_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java new file mode 100644 index 0000000..6cb7c7c --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java @@ -0,0 +1,263 @@ +/* SignatureAdapter.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.sig.BaseSignature; +import gnu.java.security.sig.ISignature; +import gnu.java.security.sig.ISignatureCodec; +import gnu.java.security.sig.SignatureFactory; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; +import java.util.logging.Logger; + +/** + * The implementation of a generic {@link java.security.Signature} adapter class + * to wrap gnu.crypto signature instances.

+ * + * This class defines the Service Provider Interface (SPI) for the + * {@link java.security.Signature} class, which provides the functionality of a + * digital signature algorithm. Digital signatures are used for authentication + * and integrity assurance of digital data.

+ * + * All the abstract methods in the {@link java.security.SignatureSpi} class are + * implemented by this class and all its sub-classes.

+ * + * All the implementations which subclass this object, and which are serviced by + * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.

+ * + * @version $Revision: 1.2 $ + */ +class SignatureAdapter extends SignatureSpi implements Cloneable +{ + private static final Logger log = Logger.getLogger(SignatureAdapter.class.getName()); + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Our underlying signature instance. */ + private ISignature adaptee; + + /** Our underlying signature encoder/decoder engine. */ + private ISignatureCodec codec; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor.

+ * + * @param sigName the canonical name of the signature scheme. + * @param codec the signature codec engine to use with this scheme. + */ + protected SignatureAdapter(String sigName, ISignatureCodec codec) + { + this(SignatureFactory.getInstance(sigName), codec); + } + + /** + * Private constructor for cloning purposes.

+ * + * @param adaptee a clone of the underlying signature scheme instance. + * @param codec the signature codec engine to use with this scheme. + */ + private SignatureAdapter(ISignature adaptee, ISignatureCodec codec) + { + super(); + + this.adaptee = adaptee; + this.codec = codec; + } + + // Class methods + // ------------------------------------------------------------------------- + + // java.security.SignatureSpi interface implementation + // ------------------------------------------------------------------------- + + public Object clone() + { + return new SignatureAdapter((ISignature) adaptee.clone(), codec); + } + + public void engineInitVerify(PublicKey publicKey) throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.VERIFIER_KEY, publicKey); + try + { + adaptee.setupVerify(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(String.valueOf(x)); + } + } + + public void engineInitSign(PrivateKey privateKey) throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.SIGNER_KEY, privateKey); + try + { + adaptee.setupSign(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(String.valueOf(x)); + } + } + + public void engineInitSign(PrivateKey privateKey, SecureRandom random) + throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.SIGNER_KEY, privateKey); + attributes.put(BaseSignature.SOURCE_OF_RANDOMNESS, random); + try + { + adaptee.setupSign(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(String.valueOf(x)); + } + } + + public void engineUpdate(byte b) throws SignatureException + { + try + { + adaptee.update(b); + } + catch (IllegalStateException x) + { + throw new SignatureException(String.valueOf(x)); + } + } + + public void engineUpdate(byte[] b, int off, int len) + throws SignatureException + { + try + { + adaptee.update(b, off, len); + } + catch (IllegalStateException x) + { + throw new SignatureException(String.valueOf(x)); + } + } + + public byte[] engineSign() throws SignatureException + { + Object signature = null; + try + { + signature = adaptee.sign(); + } + catch (IllegalStateException x) + { + throw new SignatureException(String.valueOf(x)); + } + + byte[] result = codec.encodeSignature(signature); + return result; + } + + public int engineSign(byte[] outbuf, int offset, int len) + throws SignatureException + { + byte[] signature = this.engineSign(); + int result = signature.length; + if (result > len) + { + throw new SignatureException("len"); + } + + System.arraycopy(signature, 0, outbuf, offset, result); + return result; + } + + public boolean engineVerify(byte[] sigBytes) throws SignatureException + { + log.entering("SignatureAdapter", "engineVerify"); + + Object signature = codec.decodeSignature(sigBytes); + boolean result = false; + try + { + result = adaptee.verify(signature); + } + catch (IllegalStateException x) + { + throw new SignatureException(String.valueOf(x)); + } + + log.exiting("SignatureAdapter", "engineVerify", new Boolean(result)); + return result; + } + + // Deprecated. Replaced by engineSetParameter. + public void engineSetParameter(String param, Object value) + throws InvalidParameterException + { + throw new InvalidParameterException("deprecated"); + } + + public void engineSetParameter(AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException + { + } + + // Deprecated + public Object engineGetParameter(String param) + throws InvalidParameterException + { + throw new InvalidParameterException("deprecated"); + } +} diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java new file mode 100644 index 0000000..c64f928 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java @@ -0,0 +1,132 @@ +/* IKeyPairCodec.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key; + +import gnu.java.security.Registry; + +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

The visible methods of an object that knows how to encode and decode + * cryptographic asymmetric keypairs. Codecs are useful for (a) externalising + * public and private keys for storage and on-the-wire transmission, as well as + * (b) re-creating their internal Java representation from external sources.

+ * + * @version $Revision: 1.2 $ + */ +public interface IKeyPairCodec +{ + // Constants + // ------------------------------------------------------------------------- + + /** Constant identifying the Raw encoding format. */ + int RAW_FORMAT = Registry.RAW_ENCODING_ID; + + /** Constant identifying the X.509 encoding format. */ + int X509_FORMAT = Registry.X509_ENCODING_ID; + + /** Constant identifying the PKCS#8 encoding format. */ + int PKCS8_FORMAT = Registry.PKCS8_ENCODING_ID; + + /** + * Constant identifying the ASN.1 encoding format: a combined encoding + * of X.509 for public keys, and PKCS#8 for private ones. + */ + int ASN1_FORMAT = Registry.ASN1_ENCODING_ID; + + // Method(s) + // ------------------------------------------------------------------------- + + /** + *

Returns the unique identifier (within this library) of the format used + * to externalise public and private keys.

+ * + * @return the identifier of the format, the object supports. + */ + int getFormatID(); + + /** + *

Encodes an instance of a public key for storage or transmission purposes.

+ * + * @param key the non-null key to encode. + * @return a byte sequence representing the encoding of the designated key + * according to the format supported by this codec. + * @exception IllegalArgumentException if the designated key is not supported + * by this codec. + */ + byte[] encodePublicKey(PublicKey key); + + /** + *

Encodes an instance of a private key for storage or transmission purposes.

+ * + * @param key the non-null key to encode. + * @return a byte sequence representing the encoding of the designated key + * according to the format supported by this codec. + * @exception IllegalArgumentException if the designated key is not supported + * by this codec. + */ + byte[] encodePrivateKey(PrivateKey key); + + /** + *

Decodes an instance of an external public key into its native Java + * representation.

+ * + * @param input the source of the externalised key to decode. + * @return a concrete instance of a public key, reconstructed from the + * designated input. + * @exception IllegalArgumentException if the designated input does not + * contain a known representation of a public key for the format supported by + * the concrete codec. + */ + PublicKey decodePublicKey(byte[] input); + + /** + *

Decodes an instance of an external private key into its native Java + * representation.

+ * + * @param input the source of the externalised key to decode. + * @return a concrete instance of a private key, reconstructed from the + * designated input. + * @exception IllegalArgumentException if the designated input does not + * contain a known representation of a private key for the format supported + * by the concrete codec. + */ + PrivateKey decodePrivateKey(byte[] input); +} diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java new file mode 100644 index 0000000..219863d --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java @@ -0,0 +1,82 @@ +/* IKeyPairGenerator.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key; + +import java.security.KeyPair; +import java.util.Map; + +/** + * The visible methods of every asymmetric keypair generator.

+ * + * @version $Revision: 1.1 $ + */ +public interface IKeyPairGenerator +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + * Returns the canonical name of this keypair generator.

+ * + * @return the canonical name of this instance. + */ + String name(); + + /** + * [Re]-initialises this instance for use with a given set of attributes.

+ * + * @param attributes a map of name/value pairs to use for setting up the + * instance. + * @exception IllegalArgumentException if at least one of the mandatory + * attributes is missing or an invalid value was specified. + */ + void setup(Map attributes); + + /** + * Generates a new keypair based on the attributes used to configure the + * instance. + * + * @return a new keypair. + */ + KeyPair generate(); +} diff --git a/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java new file mode 100644 index 0000000..1a8b8aa --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/KeyPairCodecFactory.java @@ -0,0 +1,362 @@ +/* KeyPairCodecFactory.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairPKCS8Codec; +import gnu.java.security.key.dss.DSSKeyPairRawCodec; +import gnu.java.security.key.dss.DSSKeyPairX509Codec; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.dss.DSSPublicKey; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; +import gnu.java.security.key.rsa.RSAKeyPairPKCS8Codec; +import gnu.java.security.key.rsa.RSAKeyPairRawCodec; +import gnu.java.security.key.rsa.RSAKeyPairX509Codec; +import gnu.java.security.util.FormatUtil; + +import java.lang.reflect.Constructor; +import java.security.Key; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + * A Factory class to instantiate key encoder/decoder instances. + */ +public class KeyPairCodecFactory +{ + private static Set names; + + /** Trivial constructor to enforce Singleton pattern. */ + private KeyPairCodecFactory() + { + super(); + } + + /** + * Returns the appropriate codec given a composed key-pair generator algorithm + * and an encoding format. A composed name is formed by the concatenation of + * the canonical key-pair algorithm name, the forward slash character + * / and the canonical name of the encoding format. + *

+ * IMPORTANT: For backward compatibility, when the encoding format + * name is missing, the Raw encoding format is assumed. When this is the case + * the trailing forward slash is discarded from the name. + * + * @param name the case-insensitive key codec name. + * @return an instance of the keypair codec, or null if none + * found. + */ + public static IKeyPairCodec getInstance(String name) + { + if (name == null) + return null; + + name = name.trim(); + if (name.length() == 0) + return null; + + if (name.startsWith("/")) + return null; + + if (name.endsWith("/")) + return getInstance(name.substring(0, name.length() - 1), + Registry.RAW_ENCODING_ID); + + int i = name.indexOf("/"); + if (i == -1) + return getInstance(name, Registry.RAW_ENCODING_ID); + + String kpgName = name.substring(0, i); + String formatName = name.substring(i + 1); + return getInstance(kpgName, formatName); + } + + /** + * Returns an instance of a keypair codec given the canonical name of the + * key-pair algorithm, and the name of the encoding format to use when + * externalizing the keys. + * + * @param name the case-insensitive key-pair algorithm name. + * @param format the name of the encoding format to use when externalizing the + * keys generated by the key-pair algorithm. + * @return an instance of the key-pair codec, or null if none + * found. + */ + public static IKeyPairCodec getInstance(String name, String format) + { + int formatID = FormatUtil.getFormatID(format); + if (formatID == 0) + return null; + + return getInstance(name, formatID); + } + + /** + * Returns an instance of a keypair codec given the canonical name of the + * key-pair algorithm, and the identifier of the format to use when + * externalizing the keys. + * + * @param name the case-insensitive key-pair algorithm name. + * @param formatID the identifier of the format to use when externalizing the + * keys generated by the key-pair algorithm. + * @return an instance of the key-pair codec, or null if none + * found. + */ + public static IKeyPairCodec getInstance(String name, int formatID) + { + if (name == null) + return null; + + name = name.trim(); + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + return getRawCodec(name); + case Registry.X509_ENCODING_ID: + return getX509Codec(name); + case Registry.PKCS8_ENCODING_ID: + return getPKCS8Codec(name); + } + + return null; + } + + /** + * Returns an instance of a keypair codec given a key. + * + * @param key the key to encode. + * @return an instance of the keypair codec, or null if none + * found. + */ + public static IKeyPairCodec getInstance(Key key) + { + if (key == null) + return null; + + String format = key.getFormat(); + int formatID = FormatUtil.getFormatID(format); + if (formatID == 0) + return null; + + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + return getRawCodec(key); + case Registry.X509_ENCODING_ID: + return getX509Codec(key); + case Registry.PKCS8_ENCODING_ID: + return getPKCS8Codec(key); + } + + return null; + } + + /** + * Returns a {@link Set} of supported key-pair codec names. + * + * @return a {@link Set} of the names of supported key-pair codec (Strings). + */ + public static synchronized final Set getNames() + { + if (names == null) + { + HashSet hs = new HashSet(); + hs.add(Registry.DSS_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME); + hs.add(Registry.DSS_KPG + "/" + Registry.X509_ENCODING_SORT_NAME); + hs.add(Registry.DSS_KPG + "/" + Registry.PKCS8_ENCODING_SHORT_NAME); + hs.add(Registry.RSA_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME); + hs.add(Registry.RSA_KPG + "/" + Registry.X509_ENCODING_SORT_NAME); + hs.add(Registry.RSA_KPG + "/" + Registry.PKCS8_ENCODING_SHORT_NAME); + hs.add(Registry.DH_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME); + hs.add(Registry.SRP_KPG + "/" + Registry.RAW_ENCODING_SHORT_NAME); + + names = Collections.unmodifiableSet(hs); + } + + return names; + } + + private static IKeyPairCodec makeInstance (String clazz) + { + try + { + Class c = Class.forName (clazz); + Constructor ctor = c.getConstructor (new Class[0]); + return (IKeyPairCodec) ctor.newInstance (new Object[0]); + } + catch (Exception x) + { + IllegalArgumentException iae = + new IllegalArgumentException ("strong crypto key codec not available: " + + clazz); + iae.initCause (x); + throw iae; + } + } + + private static boolean matches (Object o, String clazz) + { + try + { + Class c = Class.forName (clazz); + return c.isAssignableFrom (o.getClass ()); + } + catch (Exception x) + { + // Can't match. + return false; + } + } + + /** + * @param name the trimmed name of a key-pair algorithm. + * @return a Raw format codec for the designated key-pair algorithm, or + * null if none exists. + */ + private static IKeyPairCodec getRawCodec(String name) + { + IKeyPairCodec result = null; + if (name.equalsIgnoreCase(Registry.DSA_KPG) + || name.equals(Registry.DSS_KPG)) + result = new DSSKeyPairRawCodec(); + else if (name.equalsIgnoreCase(Registry.RSA_KPG)) + result = new RSAKeyPairRawCodec(); + else if (name.equalsIgnoreCase(Registry.DH_KPG)) + result = makeInstance("gnu.javax.crypto.key.dh.DHKeyPairRawCodec"); + else if (name.equalsIgnoreCase(Registry.SRP_KPG)) + result = makeInstance("gnu.javax.crypto.key.srp6.SRPKeyPairRawCodec"); + + return result; + } + + /** + * @param name the trimmed name of a key-pair algorithm. + * @return a X.509 format codec for the designated key-pair algorithm, or + * null if none exists. + */ + private static IKeyPairCodec getX509Codec(String name) + { + IKeyPairCodec result = null; + if (name.equalsIgnoreCase(Registry.DSA_KPG) + || name.equals(Registry.DSS_KPG)) + result = new DSSKeyPairX509Codec(); + else if (name.equalsIgnoreCase(Registry.RSA_KPG)) + result = new RSAKeyPairX509Codec(); + else if (name.equalsIgnoreCase(Registry.DH_KPG)) + result = makeInstance("gnu.javax.crypto.key.dh.DHKeyPairX509Codec"); + + return result; + } + + /** + * @param name the trimmed name of a key-pair algorithm. + * @return a PKCS#8 format codec for the designated key-pair algorithm, or + * null if none exists. + */ + private static IKeyPairCodec getPKCS8Codec(String name) + { + IKeyPairCodec result = null; + if (name.equalsIgnoreCase(Registry.DSA_KPG) + || name.equals(Registry.DSS_KPG)) + result = new DSSKeyPairPKCS8Codec(); + else if (name.equalsIgnoreCase(Registry.RSA_KPG)) + result = new RSAKeyPairPKCS8Codec(); + else if (name.equalsIgnoreCase(Registry.DH_KPG)) + result = makeInstance("gnu.javax.crypto.key.dh.DHKeyPairPKCS8Codec"); + + return result; + } + + /** + * @param key a {@link Key} for which we want to return a Raw codec. + * @return the Raw codec corresponding to the key, or null if + * none exists for this key. + */ + private static IKeyPairCodec getRawCodec(Key key) + { + IKeyPairCodec result = null; + if ((key instanceof DSSPublicKey) || (key instanceof DSSPrivateKey)) + result = new DSSKeyPairRawCodec(); + else if ((key instanceof GnuRSAPublicKey) + || (key instanceof GnuRSAPrivateKey)) + result = new RSAKeyPairRawCodec(); + else if (matches(key, "gnu.javax.crypto.key.dh.GnuDHPublicKey") + || matches(key, "gnu.javax.crypto.key.dh.GnuDHPrivateKey")) + result = makeInstance("gnu.javax.crypto.key.dh.DHKeyPairRawCodec"); + else if (matches(key, "gnu.javax.crypto.key.srp6.SRPPublicKey") + || matches(key, "gnu.javax.crypto.key.srp6.SRPPrivateKey")) + result = makeInstance("gnu.javax.crypto.key.srp6.SRPKeyPairRawCodec"); + + return result; + } + + /** + * @param key a {@link Key} for which we want to return an X.509 codec. + * @return the X.509 codec corresponding to the key, or null if + * none exists for this key. + */ + private static IKeyPairCodec getX509Codec(Key key) + { + IKeyPairCodec result = null; + if (key instanceof DSSPublicKey) + result = new DSSKeyPairX509Codec(); + else if (key instanceof GnuRSAPublicKey) + result = new RSAKeyPairX509Codec(); + + return result; + } + + /** + * @param key a {@link Key} for which we want to return a PKCS#8 codec. + * @return the PKCS#8 codec corresponding to the key, or null if + * none exists for this key. + */ + private static IKeyPairCodec getPKCS8Codec(Key key) + { + IKeyPairCodec result = null; + if (key instanceof DSSPrivateKey) + result = new DSSKeyPairPKCS8Codec(); + else if (key instanceof GnuRSAPrivateKey) + result = new RSAKeyPairPKCS8Codec(); + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java new file mode 100644 index 0000000..edcc186 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java @@ -0,0 +1,148 @@ +/* KeyPairGeneratorFactory.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairGenerator; +import gnu.java.security.key.rsa.RSAKeyPairGenerator; + +import java.lang.reflect.Constructor; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + *

A Factory to instantiate asymmetric keypair generators.

+ * + * @version $Revision: 1.1 $ + */ +public class KeyPairGeneratorFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private KeyPairGeneratorFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a keypair generator given its name.

+ * + * @param name the case-insensitive key generator name. + * @return an instance of the keypair generator, or null if none + * found. + */ + public static IKeyPairGenerator getInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + IKeyPairGenerator result = null; + if (name.equalsIgnoreCase(Registry.DSA_KPG) + || name.equals(Registry.DSS_KPG)) + { + result = new DSSKeyPairGenerator(); + } + else if (name.equalsIgnoreCase(Registry.RSA_KPG)) + { + result = new RSAKeyPairGenerator(); + } + else if (name.equalsIgnoreCase(Registry.DH_KPG)) + { + result = makeInstance ("gnu.javax.crypto.key.dh.GnuDHKeyPairGenerator"); + } + else if (name.equalsIgnoreCase(Registry.SRP_KPG)) + { + result = makeInstance ("gnu.javax.crypto.key.srp6.SRPKeyPairGenerator"); + } + + return result; + } + + /** + *

Returns a {@link Set} of keypair generator names supported by this + * Factory. Those keypair generators may be used in conjunction with + * the digital signature schemes with appendix supported by this library.

+ * + * @return a {@link Set} of keypair generator names (Strings). + */ + public static final Set getNames() + { + HashSet hs = new HashSet(); + hs.add(Registry.DSS_KPG); + hs.add(Registry.RSA_KPG); + hs.add(Registry.DH_KPG); + hs.add(Registry.SRP_KPG); + + return Collections.unmodifiableSet(hs); + } + + private static IKeyPairGenerator makeInstance (String clazz) + { + try + { + Class c = Class.forName (clazz); + Constructor ctor = c.getConstructor (new Class[0]); + return (IKeyPairGenerator) ctor.newInstance (new Object[0]); + } + catch (Exception x) + { + IllegalArgumentException iae = + new IllegalArgumentException ("strong crypto key pair generator not available: " + + clazz); + iae.initCause (x); + throw iae; + } + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java new file mode 100644 index 0000000..428cab1 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java @@ -0,0 +1,182 @@ +/* DSSKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.Registry; +import gnu.java.security.util.FormatUtil; + +import java.math.BigInteger; +import java.security.Key; +import java.security.interfaces.DSAKey; +import java.security.interfaces.DSAParams; +import java.security.spec.DSAParameterSpec; + +/** + *

A base asbtract class for both public and private DSS (Digital Signature + * Standard) keys. It encapsulates the three DSS numbers: p, + * q and g.

+ * + *

According to the JDK, cryptographic Keys all have a format. + * The format used in this implementation is called Raw, and basically + * consists of the raw byte sequences of algorithm parameters. The exact order + * of the byte sequences and the implementation details are given in each of + * the relevant getEncoded() methods of each of the private and + * public keys.

+ * + * @version $Revision: 1.4 $ + * @see DSSPrivateKey#getEncoded + * @see DSSPublicKey#getEncoded + */ +public abstract class DSSKey implements Key, DSAKey +{ + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * A prime modulus, where 2L-1 < p < 2L + * for 512 <= L <= 1024 and L a multiple of + * 64. + */ + protected final BigInteger p; + + /** + * A prime divisor of p - 1, where 2159 < q + * < 2160. + */ + protected final BigInteger q; + + /** + * g = h(p-1)/q mod p, where h is any + * integer with 1 < h < p - 1 such that h + * (p-1)/q mod p > 1 (g has order q mod p + * ). + */ + protected final BigInteger g; + + /** + * Identifier of the default encoding format to use when externalizing the + * key material. + */ + protected final int defaultFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor. + * + * @param defaultFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param p the DSS parameter p. + * @param q the DSS parameter q. + * @param g the DSS parameter g. + */ + protected DSSKey(int defaultFormat, BigInteger p, BigInteger q, BigInteger g) + { + super(); + + this.defaultFormat = defaultFormat <= 0 ? Registry.RAW_ENCODING_ID + : defaultFormat; + this.p = p; + this.q = q; + this.g = g; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.interfaces.DSAKey interface implementation ---------------- + + public DSAParams getParams() + { + return new DSAParameterSpec(p, q, g); + } + + // java.security.Key interface implementation ------------------------------ + + public String getAlgorithm() + { + return Registry.DSS_KPG; + } + + /** @deprecated see getEncoded(int). */ + public byte[] getEncoded() + { + return getEncoded(defaultFormat); + } + + public String getFormat() + { + return FormatUtil.getEncodingShortName(defaultFormat); + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns true if the designated object is an instance of + * {@link DSAKey} and has the same DSS (Digital Signature Standard) parameter + * values as this one.

+ * + * @param obj the other non-null DSS key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof DSAKey)) + { + return false; + } + DSAKey that = (DSAKey) obj; + return p.equals(that.getParams().getP()) + && q.equals(that.getParams().getQ()) + && g.equals(that.getParams().getG()); + } + + // abstract methods to be implemented by subclasses ------------------------ + + public abstract byte[] getEncoded(int format); +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java new file mode 100644 index 0000000..5aa7461 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java @@ -0,0 +1,445 @@ +/* DSSKeyPairGenerator.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.Registry; +import gnu.java.security.hash.Sha160; +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.util.PRNG; + +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.DSAParameterSpec; +import java.util.Map; + +/** + *

A key-pair generator for asymetric keys to use in conjunction with the DSS + * (Digital Signature Standard).

+ * + * References:
+ * Digital Signature + * Standard (DSS), Federal Information Processing Standards Publication 186. + * National Institute of Standards and Technology. + */ +public class DSSKeyPairGenerator implements IKeyPairGenerator +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "dss"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 5; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The BigInteger constant 2. */ + private static final BigInteger TWO = new BigInteger("2"); + + /** Property name of the length (Integer) of the modulus (p) of a DSS key. */ + public static final String MODULUS_LENGTH = "gnu.crypto.dss.L"; + + /** + * Property name of the Boolean indicating wether or not to use default pre- + * computed values of p, q and g for + * a given modulus length. The ultimate behaviour of this generator with + * regard to using pre-computed parameter sets will depend on the value of + * this property and of the following one {@link #STRICT_DEFAULTS}: + * + *
    + *
  1. If this property is {@link Boolean#FALSE} then this generator + * will accept being setup for generating parameters for any modulus length + * provided the modulus length is between 512 and + * 1024, and is of the form 512 + 64 * n. In + * addition, a new paramter set will always be generated; i.e. no pre- + * computed values are used.
    2. + * + *
  2. If this property is {@link Boolean#TRUE} and the value of + * {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator + * will only accept being setup for generating parameters for modulus + * lengths of 512, 768 and 1024. Any + * other value, of the modulus length, even if between 512 and + * 1024, and of the form 512 + 64 * n, will cause + * an {@link IllegalArgumentException} to be thrown. When those modulus + * length (512, 768, and 1024) are + * specified, the paramter set is always the same.
    3. + * + *
  3. Finally, if this property is {@link Boolean#TRUE} and the value of + * {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator + * will behave as in point 1 above, except that it will use pre-computed + * values when possible; i.e. the modulus length is one of 512, + * 768, or 1024.
    4. + *
+ * + * The default value of this property is {@link Boolean#TRUE}. + */ + public static final String USE_DEFAULTS = "gnu.crypto.dss.use.defaults"; + + /** + * Property name of the Boolean indicating wether or not to generate new + * parameters, even if the modulus length L is not one of the pre- + * computed defaults (value {@link Boolean#FALSE}), or throw an exception + * (value {@link Boolean#TRUE}) -- the exception in this case is an + * {@link IllegalArgumentException}. The default value for this property is + * {@link Boolean#FALSE}. The ultimate behaviour of this generator will + * depend on the values of this and {@link #USE_DEFAULTS} properties -- see + * {@link #USE_DEFAULTS} for more information. + */ + public static final String STRICT_DEFAULTS = "gnu.crypto.dss.strict.defaults"; + + /** + * Property name of an optional {@link SecureRandom} instance to use. The + * default is to use a classloader singleton from {@link PRNG}. + */ + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dss.prng"; + + /** + * Property name of an optional {@link DSAParameterSpec} instance to use for + * this generator's p, q, and g values. + * The default is to generate these values or use pre-computed ones, + * depending on the value of the USE_DEFAULTS attribute. + */ + public static final String DSS_PARAMETERS = "gnu.crypto.dss.params"; + + /** + * Property name of the preferred encoding format to use when externalizing + * generated instance of key-pairs from this generator. The property is taken + * to be an {@link Integer} that encapsulates an encoding format identifier. + */ + public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.dss.encoding"; + + /** Default value for the modulus length. */ + public static final int DEFAULT_MODULUS_LENGTH = 1024; + + /** Default encoding format to use when none was specified. */ + private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; + + /** Initial SHS context. */ + private static final int[] T_SHS = new int[] { 0x67452301, 0xEFCDAB89, + 0x98BADCFE, 0x10325476, + 0xC3D2E1F0 }; + + // from jdk1.3.1/docs/guide/security/CryptoSpec.html#AppB + public static final DSAParameterSpec KEY_PARAMS_512 = new DSAParameterSpec( + new BigInteger( + "fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae" + + "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", + 16), + new BigInteger( + "962eddcc369cba8ebb260ee6b6a126d9346e38c5", + 16), + new BigInteger( + "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e" + + "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", + 16)); + + public static final DSAParameterSpec KEY_PARAMS_768 = new DSAParameterSpec( + new BigInteger( + "e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419" + + "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77" + + "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", + 16), + new BigInteger( + "9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", + 16), + new BigInteger( + "30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4" + + "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8" + + "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", + 16)); + + public static final DSAParameterSpec KEY_PARAMS_1024 = new DSAParameterSpec( + new BigInteger( + "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" + + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" + + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" + + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", + 16), + new BigInteger( + "9760508f15230bccb292b982a2eb840bf0581cf5", + 16), + new BigInteger( + "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" + + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" + + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" + + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", + 16)); + + private static final BigInteger TWO_POW_160 = TWO.pow(160); + + /** The length of the modulus of DSS keys generated by this instance. */ + private int L; + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + private BigInteger seed; + + private BigInteger counter; + + private BigInteger p; + + private BigInteger q; + + private BigInteger e; + + private BigInteger g; + + private BigInteger XKEY; + + /** Our default source of randomness. */ + private PRNG prng = null; + + /** Preferred encoding format of generated keys. */ + private int preferredFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.key.IKeyPairGenerator interface implementation --------------- + + public String name() + { + return Registry.DSS_KPG; + } + + /** + *

Configures this instance.

+ * + * @param attributes the map of name/value pairs to use. + * @exception IllegalArgumentException if the designated MODULUS_LENGTH + * value is not greater than 512, less than 1024 and not of the form + * 512 + 64j. + */ + public void setup(Map attributes) + { + // find out the modulus length + Integer l = (Integer) attributes.get(MODULUS_LENGTH); + L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue()); + if ((L % 64) != 0 || L < 512 || L > 1024) + throw new IllegalArgumentException(MODULUS_LENGTH); + + // should we use the default pre-computed params? + Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS); + if (useDefaults == null) + { + useDefaults = Boolean.TRUE; + } + + Boolean strictDefaults = (Boolean) attributes.get(STRICT_DEFAULTS); + if (strictDefaults == null) + strictDefaults = Boolean.FALSE; + + // are we given a set of DSA params or we shall use/generate our own? + DSAParameterSpec params = (DSAParameterSpec) attributes.get(DSS_PARAMETERS); + if (params != null) + { + p = params.getP(); + q = params.getQ(); + g = params.getG(); + } + else if (useDefaults.equals(Boolean.TRUE)) + { + switch (L) + { + case 512: + p = KEY_PARAMS_512.getP(); + q = KEY_PARAMS_512.getQ(); + g = KEY_PARAMS_512.getG(); + break; + case 768: + p = KEY_PARAMS_768.getP(); + q = KEY_PARAMS_768.getQ(); + g = KEY_PARAMS_768.getG(); + break; + case 1024: + p = KEY_PARAMS_1024.getP(); + q = KEY_PARAMS_1024.getQ(); + g = KEY_PARAMS_1024.getG(); + break; + default: + if (strictDefaults.equals(Boolean.TRUE)) + throw new IllegalArgumentException( + "Does not provide default parameters for " + L + + "-bit modulus length"); + else + { + p = null; + q = null; + g = null; + } + } + } + else + { + p = null; + q = null; + g = null; + } + + // do we have a SecureRandom, or should we use our own? + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + // what is the preferred encoding format + Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); + preferredFormat = formatID == null + ? DEFAULT_ENCODING_FORMAT + : formatID.intValue(); + + // set the seed-key + byte[] kb = new byte[20]; // we need 160 bits of randomness + nextRandomBytes(kb); + XKEY = new BigInteger(1, kb).setBit(159).setBit(0); + } + + public KeyPair generate() + { + if (p == null) + { + BigInteger[] params = new FIPS186(L, rnd).generateParameters(); + seed = params[FIPS186.DSA_PARAMS_SEED]; + counter = params[FIPS186.DSA_PARAMS_COUNTER]; + q = params[FIPS186.DSA_PARAMS_Q]; + p = params[FIPS186.DSA_PARAMS_P]; + e = params[FIPS186.DSA_PARAMS_E]; + g = params[FIPS186.DSA_PARAMS_G]; + if (DEBUG && debuglevel > 0) + { + debug("seed: " + seed.toString(16)); + debug("counter: " + counter.intValue()); + debug("q: " + q.toString(16)); + debug("p: " + p.toString(16)); + debug("e: " + e.toString(16)); + debug("g: " + g.toString(16)); + } + } + + BigInteger x = nextX(); + BigInteger y = g.modPow(x, p); + + PublicKey pubK = new DSSPublicKey(preferredFormat, p, q, g, y); + PrivateKey secK = new DSSPrivateKey(preferredFormat, p, q, g, x); + + return new KeyPair(pubK, secK); + } + + // Other instance methods -------------------------------------------------- + + /** + *

This method applies the following algorithm described in 3.1 of + * FIPS-186:

+ * + *
    + *
  1. XSEED = optional user input.
    2. + *
  2. XVAL = (XKEY + XSEED) mod 2b.
    3. + *
  3. x = G(t, XVAL) mod q.
    4. + *
  4. XKEY = (1 + XKEY + x) mod 2b.
    5. + *
+ * + *

Where b is the length of a secret b-bit seed-key (XKEY).

+ * + *

Note that in this implementation, XSEED, the optional user input, is + * always zero.

+ */ + private synchronized BigInteger nextX() + { + byte[] xk = XKEY.toByteArray(); + byte[] in = new byte[64]; // 512-bit block for SHS + System.arraycopy(xk, 0, in, 0, xk.length); + + int[] H = Sha160.G(T_SHS[0], T_SHS[1], T_SHS[2], T_SHS[3], T_SHS[4], in, 0); + byte[] h = new byte[20]; + for (int i = 0, j = 0; i < 5; i++) + { + h[j++] = (byte) (H[i] >>> 24); + h[j++] = (byte) (H[i] >>> 16); + h[j++] = (byte) (H[i] >>> 8); + h[j++] = (byte) H[i]; + } + BigInteger result = new BigInteger(1, h).mod(q); + XKEY = XKEY.add(result).add(BigInteger.ONE).mod(TWO_POW_160); + + return result; + } + + /** + *

Fills the designated byte array with random data.

+ * + * @param buffer the byte array to fill with random data. + */ + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java new file mode 100644 index 0000000..30e30bd --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java @@ -0,0 +1,235 @@ +/* DSSKeyPairPKCS8Codec.java -- PKCS#8 Encoding/Decoding handler + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; +import gnu.java.security.util.Util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +/** + * An implementation of an {@link IKeyPairCodec} that knows how to encode / + * decode PKCS#8 ASN.1 external representation of DSS private keys. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +public class DSSKeyPairPKCS8Codec + implements IKeyPairCodec +{ + private static final OID DSA_ALG_OID = new OID(Registry.DSA_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return PKCS8_FORMAT; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePublicKey(PublicKey key) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * Returns the PKCS#8 ASN.1 PrivateKeyInfo representation of a DSA + * private key. The ASN.1 specification is as follows: + * + * 
+   *   PrivateKeyInfo ::= SEQUENCE {
+   *     version              INTEGER, -- MUST be 0
+   *     privateKeyAlgorithm  AlgorithmIdentifier,
+   *     privateKey           OCTET STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+   *   DssParams ::= SEQUENCE {
+   *     p   INTEGER,
+   *     q   INTEGER,
+   *     g   INTEGER
+   *   }
+   *
+ * + * @return the DER encoded form of the ASN.1 representation of the + * PrivateKeyInfo field in an X.509 certificate. + * @throw InvalidParameterException if an error occurs during the marshalling + * process. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (! (key instanceof DSSPrivateKey)) + throw new InvalidParameterException("Wrong key type"); + + DERValue derVersion = new DERValue(DER.INTEGER, BigInteger.ZERO); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID); + + DSSPrivateKey pk = (DSSPrivateKey) key; + BigInteger p = pk.getParams().getP(); + BigInteger q = pk.getParams().getQ(); + BigInteger g = pk.getParams().getG(); + BigInteger x = pk.getX(); + + ArrayList params = new ArrayList(3); + params.add(new DERValue(DER.INTEGER, p)); + params.add(new DERValue(DER.INTEGER, q)); + params.add(new DERValue(DER.INTEGER, g)); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, Util.trim(x)); + + ArrayList pki = new ArrayList(3); + pki.add(derVersion); + pki.add(derAlgorithmID); + pki.add(derPrivateKey); + DERValue derPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, pki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derPKI); + result = baos.toByteArray(); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PublicKey decodePublicKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DSS + * {@link PrivateKey} instance. MUST NOT be null. + * @return a new instance of a {@link DSSPrivateKey} decoded from the + * PrivateKeyInfo material fed as input. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger version, p, q, g, x; + DERReader der = new DERReader(input); + try + { + DERValue derPKI = der.read(); + DerUtil.checkIsConstructed(derPKI, "Wrong PrivateKeyInfo field"); + + DERValue derVersion = der.read(); + if (! (derVersion.getValue() instanceof BigInteger)) + throw new InvalidParameterException("Wrong Version field"); + + version = (BigInteger) derVersion.getValue(); + if (version.compareTo(BigInteger.ZERO) != 0) + throw new InvalidParameterException("Unexpected Version: " + version); + + DERValue derAlgoritmID = der.read(); + DerUtil.checkIsConstructed(derAlgoritmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DSA_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + + val = der.read(); + byte[] xBytes = (byte[]) val.getValue(); + x = new BigInteger(1, xBytes); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java new file mode 100644 index 0000000..86e5b0b --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java @@ -0,0 +1,383 @@ +/* DSSKeyPairRawCodec.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

An object that implements the {@link IKeyPairCodec} operations for the + * Raw format to use with DSS keypairs.

+ * + * @version $Revision: 1.1 $ + */ +public class DSSKeyPairRawCodec implements IKeyPairCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------ + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated DSS (Digital Signature + * Standard) public key according to the Raw format supported by + * this library.

+ * + *

The Raw format for a DSA public key, in this implementation, is + * a byte sequence consisting of the following:

+ *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the DSA parameter + * p in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * p,
    6. + *
  6. 4-byte count of following bytes representing the DSA parameter + * q,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * q,
    8. + *
  8. 4-byte count of following bytes representing the DSA parameter + * g,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * g,
    10. + *
  10. 4-byte count of following bytes representing the DSA parameter + * y,
    11. + *
  11. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * y,
    12. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not a DSS + * (Digital Signature Standard) one. + * @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY + */ + public byte[] encodePublicKey(PublicKey key) + { + if (!(key instanceof DSSPublicKey)) + { + throw new IllegalArgumentException("key"); + } + + DSSPublicKey dssKey = (DSSPublicKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0]); + baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]); + baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]); + baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]); + + // version + baos.write(0x01); + + // p + byte[] buffer = dssKey.getParams().getP().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // q + buffer = dssKey.getParams().getQ().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = dssKey.getParams().getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // y + buffer = dssKey.getY().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PublicKey decodePublicKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0] + || k[1] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1] + || k[2] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2] + || k[3] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // p + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger p = new BigInteger(1, buffer); + + // q + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger q = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // y + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger y = new BigInteger(1, buffer); + + return new DSSPublicKey(p, q, g, y); + } + + /** + *

Returns the encoded form of the designated DSS (Digital Signature + * Standard) private key according to the Raw format supported by + * this library.

+ * + *

The Raw format for a DSA private key, in this implementation, is + * a byte sequence consisting of the following:

+ *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the DSA parameter + * p in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * p,
    6. + *
  6. 4-byte count of following bytes representing the DSA parameter + * q,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * q,
    8. + *
  8. 4-byte count of following bytes representing the DSA parameter + * g,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * g,
    10. + *
  10. 4-byte count of following bytes representing the DSA parameter + * x,
    11. + *
  11. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSA parameter + * x,
    12. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not a DSS + * (Digital Signature Standard) one. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (!(key instanceof DSSPrivateKey)) + { + throw new IllegalArgumentException("key"); + } + + DSSPrivateKey dssKey = (DSSPrivateKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0]); + baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]); + baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]); + baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]); + + // version + baos.write(0x01); + + // p + byte[] buffer = dssKey.getParams().getP().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // q + buffer = dssKey.getParams().getQ().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = dssKey.getParams().getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // x + buffer = dssKey.getX().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PrivateKey decodePrivateKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0] + || k[1] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1] + || k[2] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2] + || k[3] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // p + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger p = new BigInteger(1, buffer); + + // q + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger q = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // x + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger x = new BigInteger(1, buffer); + + return new DSSPrivateKey(p, q, g, x); + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java new file mode 100644 index 0000000..516ef92 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java @@ -0,0 +1,248 @@ +/* DSSKeyPairX509Codec.java -- X.509 Encoding/Decoding handler + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.BitString; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +/** + * An implementation of an {@link IKeyPairCodec} that knows how to encode / + * decode X.509 ASN.1 external representation of DSS public keys. + */ +public class DSSKeyPairX509Codec + implements IKeyPairCodec +{ + private static final OID DSA_ALG_OID = new OID(Registry.DSA_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return X509_FORMAT; + } + + /** + * Returns the X.509 ASN.1 SubjectPublicKeyInfo representation of a + * DSA public key. The ASN.1 specification, as defined in RFC-3280, and + * RFC-2459, is as follows: + * + * 
+   *   SubjectPublicKeyInfo ::= SEQUENCE {
+   *     algorithm         AlgorithmIdentifier,
+   *     subjectPublicKey  BIT STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+   *   DssParams ::= SEQUENCE {
+   *     p   INTEGER,
+   *     q   INTEGER,
+   *     g   INTEGER
+   *   }
+   *
+ * + *

The subjectPublicKey field, which is a BIT STRING, contains the + * DER-encoded form of the DSA public key as an INTEGER.

+ * + * 
+   *       DSAPublicKey ::= INTEGER -- public key, Y
+   *
+ * + * @param key the {@link PublicKey} instance to encode. MUST be an instance of + * {@link DSSPublicKey}. + * @return the ASN.1 representation of the SubjectPublicKeyInfo in an + * X.509 certificate. + * @throw InvalidParameterException if key is not an instance + * of {@link DSSPublicKey} or if an exception occurs during the + * marshalling process. + */ + public byte[] encodePublicKey(PublicKey key) + { + if (! (key instanceof DSSPublicKey)) + throw new InvalidParameterException("key"); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID); + + DSSPublicKey dssKey = (DSSPublicKey) key; + BigInteger p = dssKey.getParams().getP(); + BigInteger q = dssKey.getParams().getQ(); + BigInteger g = dssKey.getParams().getG(); + BigInteger y = dssKey.getY(); + + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derQ = new DERValue(DER.INTEGER, q); + DERValue derG = new DERValue(DER.INTEGER, g); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derQ); + params.add(derG); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derDSAPublicKey = new DERValue(DER.INTEGER, y); + byte[] yBytes = derDSAPublicKey.getEncoded(); + DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes)); + + ArrayList spki = new ArrayList(2); + spki.add(derAlgorithmID); + spki.add(derSPK); + DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derSPKI); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + throw new InvalidParameterException("Wrong format for private keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DSS + * {@link PublicKey} instance. MUST NOT be null. + * @return a new instance of a {@link DSSPublicKey} decoded from the + * SubjectPublicKeyInfo material in an X.509 certificate. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PublicKey decodePublicKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger p, g, q, y; + DERReader der = new DERReader(input); + try + { + DERValue derSPKI = der.read(); + DerUtil.checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field"); + + DERValue derAlgorithmID = der.read(); + DerUtil.checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + if (! (derOID.getValue() instanceof OID)) + throw new InvalidParameterException("Wrong Algorithm field"); + + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DSA_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + + val = der.read(); + if (! (val.getValue() instanceof BitString)) + throw new InvalidParameterException("Wrong SubjectPublicKey field"); + + byte[] yBytes = ((BitString) val.getValue()).toByteArray(); + + DERReader dsaPub = new DERReader(yBytes); + val = dsaPub.read(); + DerUtil.checkIsBigInteger(val, "Wrong Y field"); + y = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for private keys"); + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java new file mode 100644 index 0000000..c81eb93 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java @@ -0,0 +1,201 @@ +/* DSSPrivateKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.interfaces.DSAPrivateKey; + +/** + *

An object that embodies a DSS (Digital Signature Standard) private key.

+ * + * @version $Revision: 1.2 $ + * @see #getEncoded + */ +public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + *

A randomly or pseudorandomly generated integer with 0 < x < + * q.

+ */ + private final BigInteger x; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Convenience constructor. Calls the constructor with 5 arguments passing + * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred + * encoding format. + * + * @param p the public modulus. + * @param q the public prime divisor of p-1. + * @param g a generator of the unique cyclic group Z* + * p. + * @param x the private key part. + */ + public DSSPrivateKey(BigInteger p, BigInteger q, BigInteger g, BigInteger x) + { + this(Registry.RAW_ENCODING_ID, p, q, g, x); + } + + /** + * Constructs a new instance of a DSSPrivateKey given the + * designated arguments. + * + * @param preferredFormat the indetifier of the preferred encoding format to + * use when externalizing this key. + * @param p the public modulus. + * @param q the public prime divisor of p-1. + * @param g a generator of the unique cyclic group Z* + * p. + * @param x the private key part. + */ + public DSSPrivateKey(int preferredFormat, BigInteger p, BigInteger q, + BigInteger g, BigInteger x) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID + : preferredFormat, + p, q, g); + + this.x = x; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * A class method that takes the output of the encodePrivateKey() + * method of a DSS keypair codec object (an instance implementing + * {@link gnu.java.security.key.IKeyPairCodec} for DSS keys, and re-constructs + * an instance of this object. + * + * @param k the contents of a previously encoded instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an + * instance of this object. + * @exception IllegalArgumentException if the byte sequence does not represent + * a valid encoding of an instance of this object. + */ + public static DSSPrivateKey valueOf(byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0]) + try + { + return (DSSPrivateKey) new DSSKeyPairRawCodec().decodePrivateKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try PKCS#8 codec + return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.interfaces.DSAPrivateKey interface implementation --------- + + public BigInteger getX() + { + return x; + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns the encoded form of this private key according to the + * designated format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @exception IllegalArgumentException if the format is not supported. + * @see DSSKeyPairRawCodec + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new DSSKeyPairRawCodec().encodePrivateKey(this); + break; + case IKeyPairCodec.PKCS8_FORMAT: + result = new DSSKeyPairPKCS8Codec().encodePrivateKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * {@link DSAPrivateKey} and has the same DSS (Digital Signature Standard) + * parameter values as this one.

+ * + * @param obj the other non-null DSS key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof DSAPrivateKey)) + { + return false; + } + DSAPrivateKey that = (DSAPrivateKey) obj; + return super.equals(that) && x.equals(that.getX()); + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java new file mode 100644 index 0000000..93bb640 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java @@ -0,0 +1,201 @@ +/* DSSPublicKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PublicKey; +import java.security.interfaces.DSAPublicKey; + +/** + *

An object that embodies a DSS (Digital Signature Standard) public key.

+ * + * @version $Revision: 1.2 $ + * @see #getEncoded + */ +public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * y = gx mod p where x is the private + * part of the DSA key. + */ + private final BigInteger y; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Conveience constructor. Calls the constructor with 5 arguments passing + * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred + * encoding format. + * + * @param p the public modulus. + * @param q the public prime divisor of p-1. + * @param g a generator of the unique cyclic group Z* + * p. + * @param y the public key part. + */ + public DSSPublicKey(BigInteger p, BigInteger q, BigInteger g, BigInteger y) + { + this(Registry.RAW_ENCODING_ID, p, q, g, y); + } + + /** + * Constructs a new instance of DSSPublicKey given the designated + * arguments. + * + * @param preferredFormat the identifier of the preferred encoding format to + * use when externalizing this key. + * @param p the public modulus. + * @param q the public prime divisor of p-1. + * @param g a generator of the unique cyclic group Z* + * p. + * @param y the public key part. + */ + public DSSPublicKey(int preferredFormat, BigInteger p, BigInteger q, + BigInteger g, BigInteger y) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID + : preferredFormat, + p, q, g); + + this.y = y; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * A class method that takes the output of the encodePublicKey() + * method of a DSS keypair codec object (an instance implementing + * {@link gnu.java.security.key.IKeyPairCodec} for DSS keys, and re-constructs + * an instance of this object. + * + * @param k the contents of a previously encoded instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an + * instance of this object. + * @exception IllegalArgumentException if the byte sequence does not represent + * a valid encoding of an instance of this object. + */ + public static DSSPublicKey valueOf(byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0]) + try + { + return (DSSPublicKey) new DSSKeyPairRawCodec().decodePublicKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try X.509 codec + return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.interfaces.DSAPublicKey interface implementation ---------- + + public BigInteger getY() + { + return y; + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns the encoded form of this public key according to the designated + * format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @exception IllegalArgumentException if the format is not supported. + * @see DSSKeyPairRawCodec + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new DSSKeyPairRawCodec().encodePublicKey(this); + break; + case IKeyPairCodec.X509_FORMAT: + result = new DSSKeyPairX509Codec().encodePublicKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * {@link DSAPublicKey} and has the same DSS (Digital Signature Standard) + * parameter values as this one.

+ * + * @param obj the other non-null DSS key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof DSAPublicKey)) + { + return false; + } + DSAPublicKey that = (DSAPublicKey) obj; + return super.equals(that) && y.equals(that.getY()); + } +} diff --git a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java new file mode 100644 index 0000000..74be626 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java @@ -0,0 +1,296 @@ +/* FIPS186.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.dss; + +import gnu.java.security.hash.Sha160; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Prime2; + +import java.math.BigInteger; +import java.security.SecureRandom; + +/** + *

An implementation of the DSA parameters generation as described in + * FIPS-186.

+ * + * References:
+ * Digital Signature + * Standard (DSS), Federal Information Processing Standards Publication 186. + * National Institute of Standards and Technology. + * + * @version $Revision: 1.2 $ + */ +public class FIPS186 +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int DSA_PARAMS_SEED = 0; + + public static final int DSA_PARAMS_COUNTER = 1; + + public static final int DSA_PARAMS_Q = 2; + + public static final int DSA_PARAMS_P = 3; + + public static final int DSA_PARAMS_E = 4; + + public static final int DSA_PARAMS_G = 5; + + /** The BigInteger constant 2. */ + private static final BigInteger TWO = new BigInteger("2"); + + private static final BigInteger TWO_POW_160 = TWO.pow(160); + + /** The SHA instance to use. */ + private Sha160 sha = new Sha160(); + + /** The length of the modulus of DSS keys generated by this instance. */ + private int L; + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public FIPS186(int L, SecureRandom rnd) + { + super(); + + this.L = L; + this.rnd = rnd; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + /** + * This method generates the DSS p, q, and + * g parameters only when L (the modulus length) + * is not one of the following: 512, 768 and + * 1024. For those values of L, this implementation + * uses pre-computed values of p, q, and + * g given in the document CryptoSpec included in the + * security guide documentation of the standard JDK distribution.

+ * + * The DSS requires two primes , p and q, + * satisfying the following three conditions: + * + *

    + *
  • 2159 < q < 2160
    • + *
  • 2L-1 < p < 2L for a + * specified L, where L = 512 + 64j for some + * 0 <= j <= 8
    • + *
  • q divides p - 1.
    • + *
+ * + * The algorithm used to find these primes is as described in FIPS-186, + * section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by + * using the {@link Sha160} and a user supplied SEED + * to construct a prime, q, in the range 2159 < q + * < 2160. Once this is accomplished, the same SEED + * value is used to construct an X in the range 2L-1 + * < X < 2L. The prime, p, is then + * formed by rounding X to a number congruent to 1 mod + * 2q. In this implementation we use the same SEED value given + * in FIPS-186, Appendix 5. + */ + public BigInteger[] generateParameters() + { + int counter, offset; + BigInteger SEED, alpha, U, q, OFFSET, SEED_PLUS_OFFSET, W, X, p, c, g; + byte[] a, u; + byte[] kb = new byte[20]; // to hold 160 bits of randomness + + // Let L-1 = n*160 + b, where b and n are integers and 0 <= b < 160. + int b = (L - 1) % 160; + int n = (L - 1 - b) / 160; + BigInteger[] V = new BigInteger[n + 1]; + algorithm: while (true) + { + step1: while (true) + { + // 1. Choose an arbitrary sequence of at least 160 bits and + // call it SEED. + nextRandomBytes(kb); + SEED = new BigInteger(1, kb).setBit(159).setBit(0); + // Let g be the length of SEED in bits. here always 160 + // 2. Compute: U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g] + alpha = SEED.add(BigInteger.ONE).mod(TWO_POW_160); + synchronized (sha) + { + a = SEED.toByteArray(); + sha.update(a, 0, a.length); + a = sha.digest(); + u = alpha.toByteArray(); + sha.update(u, 0, u.length); + u = sha.digest(); + } + for (int i = 0; i < a.length; i++) + { + a[i] ^= u[i]; + } + U = new BigInteger(1, a); + // 3. Form q from U by setting the most significant bit (the + // 2**159 bit) and the least significant bit to 1. In terms of + // boolean operations, q = U OR 2**159 OR 1. Note that + // 2**159 < q < 2**160. + q = U.setBit(159).setBit(0); + // 4. Use a robust primality testing algorithm to test whether + // q is prime(1). A robust primality test is one where the + // probability of a non-prime number passing the test is at + // most 1/2**80. + // 5. If q is not prime, go to step 1. + if (Prime2.isProbablePrime(q)) + { + break step1; + } + } // step1 + + // 6. Let counter = 0 and offset = 2. + counter = 0; + offset = 2; + step7: while (true) + { + OFFSET = BigInteger.valueOf(offset & 0xFFFFFFFFL); + SEED_PLUS_OFFSET = SEED.add(OFFSET); + // 7. For k = 0,...,n let V[k] = SHA[(SEED + offset + k) mod 2**g]. + synchronized (sha) + { + for (int k = 0; k <= n; k++) + { + a = SEED_PLUS_OFFSET.add( + BigInteger.valueOf(k & 0xFFFFFFFFL)).mod( + TWO_POW_160).toByteArray(); + sha.update(a, 0, a.length); + V[k] = new BigInteger(1, sha.digest()); + } + } + // 8. Let W be the integer: + // V[0]+V[1]*2**160+...+V[n-1]*2**((n-1)*160)+(V[n]mod2**b)*2**(n*160) + // and let : X = W + 2**(L-1). + // Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L. + W = V[0]; + for (int k = 1; k < n; k++) + { + W = W.add(V[k].multiply(TWO.pow(k * 160))); + } + W = W.add(V[n].mod(TWO.pow(b)).multiply(TWO.pow(n * 160))); + X = W.add(TWO.pow(L - 1)); + // 9. Let c = X mod 2q and set p = X - (c - 1). + // Note that p is congruent to 1 mod 2q. + c = X.mod(TWO.multiply(q)); + p = X.subtract(c.subtract(BigInteger.ONE)); + // 10. If p < 2**(L-1), then go to step 13. + if (p.compareTo(TWO.pow(L - 1)) >= 0) + { + // 11. Perform a robust primality test on p. + // 12. If p passes the test performed in step 11, go to step 15. + if (Prime2.isProbablePrime(p)) + { + break algorithm; + } + } + // 13. Let counter = counter + 1 and offset = offset + n + 1. + counter++; + offset += n + 1; + // 14. If counter >= 4096 go to step 1, otherwise go to step 7. + if (counter >= 4096) + { + continue algorithm; + } + } // step7 + } // algorithm + + // compute g. from FIPS-186, Appendix 4: + // 1. Generate p and q as specified in Appendix 2. + // 2. Let e = (p - 1) / q + BigInteger e = p.subtract(BigInteger.ONE).divide(q); + BigInteger h = TWO; + BigInteger p_minus_1 = p.subtract(BigInteger.ONE); + g = TWO; + // 3. Set h = any integer, where 1 < h < p - 1 and + // h differs from any value previously tried + for (; h.compareTo(p_minus_1) < 0; h = h.add(BigInteger.ONE)) + { + // 4. Set g = h**e mod p + g = h.modPow(e, p); + // 5. If g = 1, go to step 3 + if (!g.equals(BigInteger.ONE)) + { + break; + } + } + + return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g }; + } + + // helper methods ---------------------------------------------------------- + + /** + * Fills the designated byte array with random data. + * + * @param buffer the byte array to fill with random data. + */ + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java new file mode 100644 index 0000000..72cd808 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java @@ -0,0 +1,181 @@ +/* GnuRSAKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.FormatUtil; + +import java.math.BigInteger; +import java.security.Key; +import java.security.interfaces.RSAKey; + +/** + *

A base asbtract class for both public and private RSA keys.

+ * + * @version $Revision: 1.3 $ + */ +public abstract class GnuRSAKey implements Key, RSAKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The public modulus of an RSA key pair. */ + private final BigInteger n; + + /** The public exponent of an RSA key pair. */ + private final BigInteger e; + + /** + * Identifier of the default encoding format to use when externalizing the + * key material. + */ + protected final int defaultFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor. + * + * @param defaultFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param n the public modulus n. + * @param e the public exponent e. + */ + protected GnuRSAKey(int defaultFormat, BigInteger n, BigInteger e) + { + super(); + + this.defaultFormat = defaultFormat <= 0 ? Registry.RAW_ENCODING_ID + : defaultFormat; + this.n = n; + this.e = e; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.interfaces.RSAKey interface implementation ---------------- + + public BigInteger getModulus() + { + return getN(); + } + + // java.security.Key interface implementation ------------------------------ + + public String getAlgorithm() + { + return Registry.RSA_KPG; + } + + /** @deprecated see getEncoded(int). */ + public byte[] getEncoded() + { + return getEncoded(IKeyPairCodec.RAW_FORMAT); + } + + public String getFormat() + { + return FormatUtil.getEncodingShortName(defaultFormat); + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns the modulus n.

+ * + * @return the modulus n. + */ + public BigInteger getN() + { + return n; + } + + /** + *

Returns the public exponent e.

+ * + * @return the public exponent e. + */ + public BigInteger getPublicExponent() + { + return getE(); + } + + /** + *

Same as {@link #getPublicExponent()}.

+ * + * @return the public exponent e. + */ + public BigInteger getE() + { + return e; + } + + /** + *

Returns true if the designated object is an instance of + * {@link RSAKey} and has the same RSA parameter values as this one.

+ * + * @param obj the other non-null RSA key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(final Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof RSAKey)) + { + return false; + } + final RSAKey that = (RSAKey) obj; + return n.equals(that.getModulus()); + } + + // abstract methods to be implemented by subclasses ------------------------ + + public abstract byte[] getEncoded(int format); +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java new file mode 100644 index 0000000..f8acaa5 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java @@ -0,0 +1,299 @@ +/* GnuRSAPrivateKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; + +/** + *

An object that embodies an RSA private key.

+ * + *

References:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @version $Revision: 1.3 $ + */ +public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, + RSAPrivateCrtKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The first prime divisor of the modulus. */ + private final BigInteger p; + + /** The second prime divisor of the modulus. */ + private final BigInteger q; + + /** The public exponent of an RSA key. */ + // private final BigInteger e; + /** The private exponent of an RSA private key. */ + private final BigInteger d; + + /** The first factor's exponent. */ + private final BigInteger dP; + + /** The second factor's exponent. */ + private final BigInteger dQ; + + /** The CRT (Chinese Remainder Theorem) coefficient. */ + private final BigInteger qInv; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Convenience constructor. Calls the constructor with 5 arguments passing + * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred + * encoding format. + * + * @param p the modulus first prime divisor. + * @param q the modulus second prime divisor. + * @param e the public exponent. + * @param d the private exponent. + */ + public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, + BigInteger d) + { + this(Registry.RAW_ENCODING_ID, p, q, e, d); + } + + /** + * Constructs a new instance of a GnuRSAPrivateKey given the + * designated arguments. + * + * @param preferredFormat the indetifier of the preferred encoding format to + * use when externalizing this key. + * @param p the modulus first prime divisor. + * @param q the modulus second prime divisor. + * @param e the public exponent. + * @param d the private exponent. + */ + public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q, + BigInteger e, BigInteger d) + { + this(preferredFormat, p.multiply(q), e, d, p, q, + e.modInverse(p.subtract(BigInteger.ONE)), + e.modInverse(q.subtract(BigInteger.ONE)), + q.modInverse(p)); + } + + /** + * Constructs a new instance of a GnuRSAPrivateKey given the + * designated arguments. + * + * @param preferredFormat the indetifier of the preferred encoding format to + * use when externalizing this key. + * @param n the public modulus, which is also the product of p + * and q. + * @param e the public exponent. + * @param d the private exponent. + * @param p the modulus first prime divisor. + * @param q the modulus second prime divisor. + * @param dP the first prime's exponen. A positive integer less than + * p and q, satisfying e * dP = 1 (mod p-1) + * . + * @param dQ the second prime's exponent. A positive integer less than + * p and q, satisfying e * dQ = 1 (mod p-1) + * . + * @param qInv the Chinese Remainder Theorem coefiicient. A positive integer + * less than p, satisfying q * qInv = 1 (mod p). + */ + public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e, + BigInteger d, BigInteger p, BigInteger q, + BigInteger dP, BigInteger dQ, BigInteger qInv) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID + : preferredFormat, + n, e); + + this.d = d; + this.p = p; + this.q = q; + // the exponents dP and dQ are positive integers less than p and q + // respectively satisfying + // e * dP = 1 (mod p-1); + // e * dQ = 1 (mod q-1), + this.dP = dP; + this.dQ = dQ; + // the CRT coefficient qInv is a positive integer less than p satisfying + // q * qInv = 1 (mod p). + this.qInv = qInv; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * A class method that takes the output of the encodePrivateKey() + * method of an RSA keypair codec object (an instance implementing + * {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this + * object. + * + * @param k the contents of a previously encoded instance of this object. + * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an instance + * of this object. + * @throws IllegalArgumentException if the byte sequence does not represent a + * valid encoding of an instance of this object. + */ + public static GnuRSAPrivateKey valueOf(final byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]) + try + { + return (GnuRSAPrivateKey) new RSAKeyPairRawCodec().decodePrivateKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try PKCS#8 codec + return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + public BigInteger getPrimeP() + { + return p; + } + + public BigInteger getPrimeQ() + { + return q; + } + + public BigInteger getPrimeExponentP() + { + return dP; + } + + public BigInteger getPrimeExponentQ() + { + return dQ; + } + + public BigInteger getCrtCoefficient() + { + return qInv; + } + + // java.security.interfaces.RSAPrivateKey interface implementation --------- + + public BigInteger getPrivateExponent() + { + return d; + } + + // Other instance methods -------------------------------------------------- + + /** + * Returns the encoded form of this private key according to the + * designated format. + * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @throws IllegalArgumentException if the format is not supported. + * @see RSAKeyPairRawCodec + * @see RSAKeyPairPKCS8Codec + */ + public byte[] getEncoded(int format) + { + final byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new RSAKeyPairRawCodec().encodePrivateKey(this); + break; + case IKeyPairCodec.PKCS8_FORMAT: + result = new RSAKeyPairPKCS8Codec().encodePrivateKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * this class and has the same RSA parameter values as this one.

+ * + * @param obj the other non-null RSA key to compare to. + * @return true if the designated object is of the same type + * and value as this one. + */ + public boolean equals(final Object obj) + { + if (obj == null) + { + return false; + } + if (obj instanceof RSAPrivateKey) + { + final RSAPrivateKey that = (RSAPrivateKey) obj; + return super.equals(that) && d.equals(that.getPrivateExponent()); + } + if (obj instanceof RSAPrivateCrtKey) + { + final RSAPrivateCrtKey that = (RSAPrivateCrtKey) obj; + return super.equals(that) && p.equals(that.getPrimeP()) + && q.equals(that.getPrimeQ()) + && dP.equals(that.getPrimeExponentP()) + && dQ.equals(that.getPrimeExponentQ()) + && qInv.equals(that.getCrtCoefficient()); + } + return false; + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java new file mode 100644 index 0000000..f49027c --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java @@ -0,0 +1,185 @@ +/* GnuRSAPublicKey.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PublicKey; +import java.security.interfaces.RSAPublicKey; + +/** + *

An object that encapsulates an RSA public key.

+ * + *

References:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @version $Revision: 1.2 $ + */ +public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, + RSAPublicKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Conveience constructor. Calls the constructor with 3 arguments passing + * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred + * encoding format. + * + * @param n the modulus. + * @param e the public exponent. + */ + public GnuRSAPublicKey(final BigInteger n, final BigInteger e) + { + this(Registry.RAW_ENCODING_ID, n, e); + } + + /** + * Constructs a new instance of GnuRSAPublicKey given the + * designated arguments. + * + * @param preferredFormat the identifier of the preferred encoding format to + * use when externalizing this key. + * @param n the modulus. + * @param e the public exponent. + */ + public GnuRSAPublicKey(int preferredFormat, BigInteger n, BigInteger e) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID + : preferredFormat, + n, e); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * A class method that takes the output of the encodePublicKey() + * method of an RSA keypair codec object (an instance implementing + * {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this + * object. + * + * @param k the contents of a previously encoded instance of this object. + * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an instance + * of this object. + * @throws IllegalArgumentException if the byte sequence does not represent a + * valid encoding of an instance of this object. + */ + public static GnuRSAPublicKey valueOf(final byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]) + try + { + return (GnuRSAPublicKey) new RSAKeyPairRawCodec().decodePublicKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try X.509 codec + return (GnuRSAPublicKey) new RSAKeyPairX509Codec().decodePublicKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the encoded form of this public key according to the designated + * format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @throws IllegalArgumentException if the format is not supported. + * @see RSAKeyPairRawCodec + */ + public byte[] getEncoded(final int format) + { + final byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new RSAKeyPairRawCodec().encodePublicKey(this); + break; + case IKeyPairCodec.X509_FORMAT: + result = new RSAKeyPairX509Codec().encodePublicKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * this class and has the same RSA parameter values as this one.

+ * + * @param obj the other non-null RSA key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(final Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof RSAPublicKey)) + { + return false; + } + final RSAPublicKey that = (RSAPublicKey) obj; + return super.equals(that) + && getPublicExponent().equals(that.getPublicExponent()); + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java new file mode 100644 index 0000000..9c7338f --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java @@ -0,0 +1,264 @@ +/* RSAKeyPairGenerator.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Prime2; + +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.RSAKeyGenParameterSpec; +import java.util.Map; + +/** + *

A key-pair generator for asymetric keys to use in conjunction with the RSA + * scheme.

+ * + *

Reference:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B. Primitive + * specification and supporting documentation. Jakob Jonsson and Burt Kaliski. + *
    2. + *
  2. Handbook of Applied + * Cryptography, Alfred J. Menezes, Paul C. van Oorschot and Scott A. + * Vanstone. Section 11.3 RSA and related signature schemes.
    3. + *
+ */ +public class RSAKeyPairGenerator implements IKeyPairGenerator +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The BigInteger constant 1. */ + private static final BigInteger ONE = BigInteger.ONE; + + /** The BigInteger constant 2. */ + private static final BigInteger TWO = BigInteger.valueOf(2L); + + /** Property name of the length (Integer) of the modulus of an RSA key. */ + public static final String MODULUS_LENGTH = "gnu.crypto.rsa.L"; + + /** + * Property name of an optional {@link SecureRandom} instance to use. The + * default is to use a classloader singleton from {@link PRNG}. + */ + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.rsa.prng"; + + /** + * Property name of an optional {@link RSAKeyGenParameterSpec} instance to + * use for this generator's n, and e values. The + * default is to generate n and use a fixed value for + * e (Fermat's F4 number). + */ + public static final String RSA_PARAMETERS = "gnu.crypto.rsa.params"; + + /** + * Property name of the preferred encoding format to use when externalizing + * generated instance of key-pairs from this generator. The property is taken + * to be an {@link Integer} that encapsulates an encoding format identifier. + */ + public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.rsa.encoding"; + + /** Default value for the modulus length. */ + private static final int DEFAULT_MODULUS_LENGTH = 1024; + + /** Default encoding format to use when none was specified. */ + private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; + + /** The desired bit length of the modulus. */ + private int L; + + /** + * This implementation uses, by default, Fermat's F4 number as the public + * exponent. + */ + private BigInteger e = BigInteger.valueOf(65537L); + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + /** Our default source of randomness. */ + private PRNG prng = null; + + /** Preferred encoding format of generated keys. */ + private int preferredFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // gnu.crypto.key.IKeyPairGenerator interface implementation --------------- + + public String name() + { + return Registry.RSA_KPG; + } + + /** + *

Configures this instance.

+ * + * @param attributes the map of name/value pairs to use. + * @exception IllegalArgumentException if the designated MODULUS_LENGTH + * value is less than 1024. + */ + public void setup(Map attributes) + { + // do we have a SecureRandom, or should we use our own? + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + // are we given a set of RSA params or we shall use our own? + RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) attributes.get(RSA_PARAMETERS); + + // find out the modulus length + if (params != null) + { + L = params.getKeysize(); + e = params.getPublicExponent(); + } + else + { + Integer l = (Integer) attributes.get(MODULUS_LENGTH); + L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue()); + } + + if (L < 1024) + { + throw new IllegalArgumentException(MODULUS_LENGTH); + } + + // what is the preferred encoding format + Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); + preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT + : formatID.intValue(); + } + + /** + *

The algorithm used here is described in nessie-pss-B.pdf + * document which is part of the RSA-PSS submission to NESSIE.

+ * + * @return an RSA keypair. + */ + public KeyPair generate() + { + BigInteger p, q, n, d; + + // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where + // M = CEILING(L/2), and such that GCD(p, e) = 1 + int M = (L + 1) / 2; + BigInteger lower = TWO.pow(M - 1); + BigInteger upper = TWO.pow(M).subtract(ONE); + byte[] kb = new byte[(M + 7) / 8]; // enough bytes to frame M bits + step1: while (true) + { + nextRandomBytes(kb); + p = new BigInteger(1, kb).setBit(0); + if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0 + && Prime2.isProbablePrime(p) && p.gcd(e).equals(ONE)) + { + break step1; + } + } + + // 2. Generate a prime q such that the product of p and q is an L-bit + // number, and such that GCD(q, e) = 1 + step2: while (true) + { + nextRandomBytes(kb); + q = new BigInteger(1, kb).setBit(0); + n = p.multiply(q); + if (n.bitLength() == L && Prime2.isProbablePrime(q) + && q.gcd(e).equals(ONE)) + { + break step2; + } + + // TODO: test for p != q + } + + // TODO: ensure p < q + + // 3. Put n = pq. The public key is (n, e). + // 4. Compute the parameters necessary for the private key K (see + // Section 2.2). + BigInteger phi = p.subtract(ONE).multiply(q.subtract(ONE)); + d = e.modInverse(phi); + + // 5. Output the public key and the private key. + PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e); + PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d); + + return new KeyPair(pubK, secK); + } + + // helper methods ---------------------------------------------------------- + + /** + *

Fills the designated byte array with random data.

+ * + * @param buffer the byte array to fill with random data. + */ + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java new file mode 100644 index 0000000..a7f65b6 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java @@ -0,0 +1,284 @@ +/* RSAKeyPairPKCS8Codec.java -- PKCS#8 Encoding/Decoding handler + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; + +/** + * An implementation of an {@link IKeyPairCodec} that knows how to encode / + * decode PKCS#8 ASN.1 external representation of RSA private keys. + */ +public class RSAKeyPairPKCS8Codec + implements IKeyPairCodec +{ + private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return PKCS8_FORMAT; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePublicKey(PublicKey key) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * Returns the PKCS#8 ASN.1 PrivateKeyInfo representation of an RSA + * private key. The ASN.1 specification is as follows: + * + * 
+   *   PrivateKeyInfo ::= SEQUENCE {
+   *     version              INTEGER, -- MUST be 0
+   *     privateKeyAlgorithm  AlgorithmIdentifier,
+   *     privateKey           OCTET STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+ * + *

The privateKey field, which is an OCTET STRING, contains the + * DER-encoded form of the RSA private key defined as:

+ * + * 
+   *   RSAPrivateKey ::= SEQUENCE {
+   *     version                 INTEGER, -- MUST be 0
+   *     modulus                 INTEGER, -- n
+   *     publicExponent          INTEGER, -- e
+   *     privateExponent         INTEGER, -- d
+   *     prime1                  INTEGER, -- p
+   *     prime2                  INTEGER, -- q
+   *     exponent1               INTEGER, -- d mod (p-1)
+   *     exponent2               INTEGER, -- d mod (q-1)
+   *     coefficient             INTEGER, -- (inverse of q) mod p
+   *   }
+   *
+ * + * @return the DER encoded form of the ASN.1 representation of the + * PrivateKeyInfo field for an RSA {@link PrivateKey}.. + * @throw InvalidParameterException if an error occurs during the marshalling + * process. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (! (key instanceof GnuRSAPrivateKey)) + throw new InvalidParameterException("Wrong key type"); + + GnuRSAPrivateKey pk = (GnuRSAPrivateKey) key; + BigInteger n = pk.getN(); + BigInteger e = pk.getE(); + BigInteger d = pk.getPrivateExponent(); + BigInteger p = pk.getPrimeP(); + BigInteger q = pk.getPrimeQ(); + BigInteger dP = pk.getPrimeExponentP(); + BigInteger dQ = pk.getPrimeExponentQ(); + BigInteger qInv = pk.getCrtCoefficient(); + + DERValue derVersion = new DERValue(DER.INTEGER, BigInteger.ZERO); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID); + + ArrayList algorithmID = new ArrayList(1); + algorithmID.add(derOID); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derRSAVersion = new DERValue(DER.INTEGER, BigInteger.ZERO); + DERValue derN = new DERValue(DER.INTEGER, n); + DERValue derE = new DERValue(DER.INTEGER, e); + DERValue derD = new DERValue(DER.INTEGER, d); + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derQ = new DERValue(DER.INTEGER, q); + DERValue derDP = new DERValue(DER.INTEGER, dP); + DERValue derDQ = new DERValue(DER.INTEGER, dQ); + DERValue derQInv = new DERValue(DER.INTEGER, qInv); + + ArrayList rsaPrivateKey = new ArrayList(); + rsaPrivateKey.add(derRSAVersion); + rsaPrivateKey.add(derN); + rsaPrivateKey.add(derE); + rsaPrivateKey.add(derD); + rsaPrivateKey.add(derP); + rsaPrivateKey.add(derQ); + rsaPrivateKey.add(derDP); + rsaPrivateKey.add(derDQ); + rsaPrivateKey.add(derQInv); + DERValue derRSAPrivateKey = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + rsaPrivateKey); + byte[] pkBytes = derRSAPrivateKey.getEncoded(); + DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, pkBytes); + + ArrayList pki = new ArrayList(3); + pki.add(derVersion); + pki.add(derAlgorithmID); + pki.add(derPrivateKey); + DERValue derPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, pki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derPKI); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PublicKey decodePublicKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * @param input the byte array to unmarshall into a valid RSA + * {@link PrivateKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuRSAPrivateKey} decoded from the + * PrivateKeyInfo material fed as input. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger version, n, e, d, p, q, dP, dQ, qInv; + DERReader der = new DERReader(input); + try + { + DERValue derPKI = der.read(); + DerUtil.checkIsConstructed(derPKI, "Wrong PrivateKeyInfo field"); + + DERValue derVersion = der.read(); + DerUtil.checkIsBigInteger(derVersion, "Wrong Version field"); + version = (BigInteger) derVersion.getValue(); + if (version.compareTo(BigInteger.ZERO) != 0) + throw new InvalidParameterException("Unexpected Version: " + version); + + DERValue derAlgoritmID = der.read(); + DerUtil.checkIsConstructed(derAlgoritmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(RSA_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue val = der.read(); + byte[] pkBytes = (byte[]) val.getValue(); + + der = new DERReader(pkBytes); + DERValue derRSAPrivateKey = der.read(); + DerUtil.checkIsConstructed(derRSAPrivateKey, "Wrong RSAPrivateKey field"); + + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong RSAPrivateKey Version field"); + version = (BigInteger) val.getValue(); + if (version.compareTo(BigInteger.ZERO) != 0) + throw new InvalidParameterException("Unexpected RSAPrivateKey Version: " + + version); + + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong modulus field"); + n = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong publicExponent field"); + e = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong privateExponent field"); + d = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong prime1 field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong prime2 field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong exponent1 field"); + dP = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong exponent2 field"); + dQ = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong coefficient field"); + qInv = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, d, p, q, + dP, dQ, qInv); + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java new file mode 100644 index 0000000..fb7cea9 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java @@ -0,0 +1,332 @@ +/* RSAKeyPairRawCodec.java -- + Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

An object that implements the {@link IKeyPairCodec} interface for the + * Raw format to use with RSA keypairs.

+ * + * @version $Revision: 1.1 $ + */ +public class RSAKeyPairRawCodec implements IKeyPairCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.key.IKeyPairCodec interface implementation ------------------- + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated RSA public key according to + * the Raw format supported by this library.

+ * + *

The Raw format for an RSA public key, in this implementation, is + * a byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the RSA parameter + * n (the modulus) in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter n,
    6. + *
  6. 4-byte count of following bytes representing the RSA parameter + * e (the public exponent) in internet order,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter e.
    8. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @exception IllegalArgumentException if the designated key is not an RSA + * one. + */ + public byte[] encodePublicKey(PublicKey key) + { + if (!(key instanceof GnuRSAPublicKey)) + { + throw new IllegalArgumentException("key"); + } + + GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]); + baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]); + baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]); + baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3]); + + // version + baos.write(0x01); + + // n + byte[] buffer = rsaKey.getModulus().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // e + buffer = rsaKey.getPublicExponent().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PublicKey decodePublicKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0] + || k[1] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1] + || k[2] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2] + || k[3] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // n + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger n = new BigInteger(1, buffer); + + // e + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger e = new BigInteger(1, buffer); + + return new GnuRSAPublicKey(n, e); + } + + /** + *

Returns the encoded form of the designated RSA private key according to + * the Raw format supported by this library.

+ * + *

The Raw format for an RSA private key, in this implementation, + * is a byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the RSA parameter + * p (the first prime factor of the modulus) in internet + * order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter p,
    6. + *
  6. 4-byte count of following bytes representing the RSA parameter + * q (the second prime factor of the modulus) in internet + * order,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter q,
    8. + *
  8. 4-byte count of following bytes representing the RSA parameter + * e (the public exponent) in internet order,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter e,
    10. + *
  10. 4-byte count of following bytes representing the RSA parameter + * d (the private exponent) in internet order,
    11. + *
  11. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the RSA parameter d,
    12. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (!(key instanceof GnuRSAPrivateKey)) + { + throw new IllegalArgumentException("key"); + } + + GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]); + baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]); + baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]); + baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3]); + + // version + baos.write(0x01); + + // p + byte[] buffer = rsaKey.getPrimeP().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // q + buffer = rsaKey.getPrimeQ().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // e + buffer = rsaKey.getPublicExponent().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // d + buffer = rsaKey.getPrivateExponent().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PrivateKey decodePrivateKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0] + || k[1] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1] + || k[2] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2] + || k[3] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // p + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger p = new BigInteger(1, buffer); + + // q + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger q = new BigInteger(1, buffer); + + // e + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger e = new BigInteger(1, buffer); + + // d + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger d = new BigInteger(1, buffer); + + return new GnuRSAPrivateKey(p, q, e, d); + } +} diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java new file mode 100644 index 0000000..1c36278 --- /dev/null +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java @@ -0,0 +1,248 @@ +/* RSAKeyPairX509Codec.java -- X.509 Encoding/Decoding handler + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.key.rsa; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.BitString; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; +import java.util.logging.Logger; + +/** + * An implementation of an {@link IKeyPairCodec} that knows how to encode / + * decode X.509 ASN.1 external representation of RSA public keys. + */ +public class RSAKeyPairX509Codec + implements IKeyPairCodec +{ + private static final Logger log = Logger.getLogger(RSAKeyPairX509Codec.class.getName()); + private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return X509_FORMAT; + } + + /** + * Returns the X.509 ASN.1 SubjectPublicKeyInfo representation of an + * RSA public key. The ASN.1 specification, as defined in RFC-3280, and + * RFC-2459, is as follows: + * + * 
+   *   SubjectPublicKeyInfo ::= SEQUENCE {
+   *     algorithm         AlgorithmIdentifier,
+   *     subjectPublicKey  BIT STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+ *

+ * As indicated in RFC-2459: "The parameters field shall have ASN.1 type NULL + * for this algorithm identifier.". + *

+ * The subjectPublicKey field, which is a BIT STRING, contains the + * DER-encoded form of the RSA public key defined as: + * + * 

+   *   RSAPublicKey ::= SEQUENCE {
+   *     modulus         INTEGER, -- n
+   *     publicExponent  INTEGER  -- e
+   *   }
+   *
+ * + * @param key the {@link PublicKey} instance to encode. MUST be an instance of + * {@link GnuRSAPublicKey}. + * @return the ASN.1 representation of the SubjectPublicKeyInfo in an + * X.509 certificate. + * @throw InvalidParameterException if key is not an instance + * of {@link GnuRSAPublicKey} or if an exception occurs during the + * marshalling process. + */ + public byte[] encodePublicKey(PublicKey key) + { + log.entering(this.getClass().getName(), "encodePublicKey()", key); + + if (! (key instanceof GnuRSAPublicKey)) + throw new InvalidParameterException("key"); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID); + + GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key; + BigInteger n = rsaKey.getN(); + BigInteger e = rsaKey.getE(); + + DERValue derN = new DERValue(DER.INTEGER, n); + DERValue derE = new DERValue(DER.INTEGER, e); + + ArrayList algorithmID = new ArrayList(1); + algorithmID.add(derOID); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + ArrayList publicKey = new ArrayList(2); + publicKey.add(derN); + publicKey.add(derE); + DERValue derPublicKey = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + publicKey); + byte[] spkBytes = derPublicKey.getEncoded(); + DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(spkBytes)); + + ArrayList spki = new ArrayList(2); + spki.add(derAlgorithmID); + spki.add(derSPK); + DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derSPKI); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + log.exiting(this.getClass().getName(), "encodePublicKey()", result); + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + throw new InvalidParameterException("Wrong format for private keys"); + } + + /** + * @param input the byte array to unmarshall into a valid RSA + * {@link PublicKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuRSAPublicKey} decoded from the + * SubjectPublicKeyInfo material in an X.509 certificate. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PublicKey decodePublicKey(byte[] input) + { + log.entering(this.getClass().getName(), "decodePublicKey()", input); + + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger n, e; + DERReader der = new DERReader(input); + try + { + DERValue derSPKI = der.read(); + DerUtil.checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field"); + + DERValue derAlgorithmID = der.read(); + DerUtil.checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + if (! (derOID.getValue() instanceof OID)) + throw new InvalidParameterException("Wrong Algorithm field"); + + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(RSA_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + // rfc-2459 states that this field is OPTIONAL but NULL if/when present + DERValue val = der.read(); + if (val.getTag() == DER.NULL) + val = der.read(); + + if (! (val.getValue() instanceof BitString)) + throw new InvalidParameterException("Wrong SubjectPublicKey field"); + + byte[] spkBytes = ((BitString) val.getValue()).toByteArray(); + + der = new DERReader(spkBytes); + val = der.read(); + DerUtil.checkIsConstructed(derAlgorithmID, "Wrong subjectPublicKey field"); + + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong modulus field"); + n = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong publicExponent field"); + e = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + PublicKey result = new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + log.exiting(this.getClass().getName(), "decodePublicKey()", result); + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for private keys"); + } +} diff --git a/libjava/classpath/gnu/java/security/prng/BasePRNG.java b/libjava/classpath/gnu/java/security/prng/BasePRNG.java new file mode 100644 index 0000000..fe815d7 --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/BasePRNG.java @@ -0,0 +1,199 @@ +/* BasePRNG.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import java.util.Map; + +/** + *

An abstract class to facilitate implementing PRNG algorithms.

+ */ +public abstract class BasePRNG implements IRandom +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name prefix of the PRNG algorithm. */ + protected String name; + + /** Indicate if this instance has already been initialised or not. */ + protected boolean initialised; + + /** A temporary buffer to serve random bytes. */ + protected byte[] buffer; + + /** The index into buffer of where the next byte will come from. */ + protected int ndx; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param name the canonical name of this instance. + */ + protected BasePRNG(String name) + { + super(); + + this.name = name; + initialised = false; + buffer = new byte[0]; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IRandom interface implementation ---------------------------------------- + + public String name() + { + return name; + } + + public void init(Map attributes) + { + this.setup(attributes); + + ndx = 0; + initialised = true; + } + + public byte nextByte() throws IllegalStateException, LimitReachedException + { + if (!initialised) + { + throw new IllegalStateException(); + } + return nextByteInternal(); + } + + public void nextBytes(byte[] out) throws IllegalStateException, + LimitReachedException + { + nextBytes(out, 0, out.length); + } + + public void nextBytes(byte[] out, int offset, int length) + throws IllegalStateException, LimitReachedException + { + if (!initialised) + throw new IllegalStateException("not initialized"); + + if (length == 0) + return; + + if (offset < 0 || length < 0 || offset + length > out.length) + throw new ArrayIndexOutOfBoundsException("offset=" + offset + " length=" + + length + " limit=" + + out.length); + + if (ndx >= buffer.length) + { + fillBlock(); + ndx = 0; + } + int count = 0; + while (count < length) + { + int amount = Math.min(buffer.length - ndx, length - count); + System.arraycopy(buffer, ndx, out, offset + count, amount); + count += amount; + ndx += amount; + if (ndx >= buffer.length) + { + fillBlock(); + ndx = 0; + } + } + } + + public void addRandomByte(byte b) + { + throw new UnsupportedOperationException("random state is non-modifiable"); + } + + public void addRandomBytes(byte[] buffer) + { + addRandomBytes(buffer, 0, buffer.length); + } + + public void addRandomBytes(byte[] buffer, int offset, int length) + { + throw new UnsupportedOperationException("random state is non-modifiable"); + } + + // Instance methods + // ------------------------------------------------------------------------- + + public boolean isInitialised() + { + return initialised; + } + + private byte nextByteInternal() throws LimitReachedException + { + if (ndx >= buffer.length) + { + this.fillBlock(); + ndx = 0; + } + + return buffer[ndx++]; + } + + // abstract methods to implement by subclasses ----------------------------- + + public Object clone() throws CloneNotSupportedException + { + BasePRNG result = (BasePRNG) super.clone(); + if (this.buffer != null) + result.buffer = (byte[]) this.buffer.clone(); + + return result; + } + + public abstract void setup(Map attributes); + + public abstract void fillBlock() throws LimitReachedException; +} diff --git a/libjava/classpath/gnu/java/security/prng/EntropySource.java b/libjava/classpath/gnu/java/security/prng/EntropySource.java new file mode 100644 index 0000000..260c668 --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/EntropySource.java @@ -0,0 +1,62 @@ +/* EntropySource.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +/** + * A generic interface for adding random bytes to an entropy pool. + */ +public interface EntropySource +{ + + /** + * Returns the estimated quality of this source. This value should be + * between 0 and 100 (the running quality is computed as a percentage, + * 100 percent being perfect-quality). + * + * @return The quality. + */ + double quality(); + + /** + * Returns a new buffer with the next random bytes to add. + * + * @return The next random bytes. + */ + byte[] nextBytes(); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/java/security/prng/IRandom.java b/libjava/classpath/gnu/java/security/prng/IRandom.java new file mode 100644 index 0000000..2c89e7a --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/IRandom.java @@ -0,0 +1,180 @@ +/* IRandom.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import java.util.Map; + +/** + *

The basic visible methods of any pseudo-random number generator.

+ * + *

The [HAC] defines a PRNG (as implemented in this library) as follows:

+ * + *
    + *
  • "5.6 Definition: A pseudorandom bit generator (PRBG) is said to pass + * the next-bit test if there is no polynomial-time algorithm which, + * on input of the first L bits of an output sequence S, + * can predict the (L+1)st bit of S with a + * probability significantly grater than 1/2."
    • + * + *
  • "5.8 Definition: A PRBG that passes the next-bit test + * (possibly under some plausible but unproved mathematical assumption such + * as the intractability of factoring integers) is called a + * cryptographically secure pseudorandom bit generator (CSPRBG)."
    • + *
+ * + *

IMPLEMENTATION NOTE: Although all the concrete classes in this + * package implement the {@link Cloneable} interface, it is important to note + * here that such an operation, for those algorithms that use an underlting + * symmetric key block cipher, DOES NOT clone any session key material + * that may have been used in initialising the source PRNG (the instance to be + * cloned). Instead a clone of an already initialised PRNG, that uses and + * underlying symmetric key block cipher, is another instance with a clone of + * the same cipher that operates with the same block size but without any + * knowledge of neither key material nor key size.

+ * + *

References:

+ * + *
    + *
  1. [HAC]: Handbook of + * Applied Cryptography.
    + * CRC Press, Inc. ISBN 0-8493-8523-7, 1997
    + * Menezes, A., van Oorschot, P. and S. Vanstone.
    2. + *
+ */ +public interface IRandom extends Cloneable +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + *

Returns the canonical name of this instance.

+ * + * @return the canonical name of this instance. */ + String name(); + + /** + *

Initialises the pseudo-random number generator scheme with the + * appropriate attributes.

+ * + * @param attributes a set of name-value pairs that describe the desired + * future instance behaviour. + * @exception IllegalArgumentException if at least one of the defined name/ + * value pairs contains invalid data. + */ + void init(Map attributes); + + /** + *

Returns the next 8 bits of random data generated from this instance.

+ * + * @return the next 8 bits of random data generated from this instance. + * @exception IllegalStateException if the instance is not yet initialised. + * @exception LimitReachedException if this instance has reached its + * theoretical limit for generating non-repetitive pseudo-random data. + */ + byte nextByte() throws IllegalStateException, LimitReachedException; + + /** + *

Fills the designated byte array, starting from byte at index + * offset, for a maximum of length bytes with the + * output of this generator instance. + * + * @param out the placeholder to contain the generated random bytes. + * @param offset the starting index in out to consider. This method + * does nothing if this parameter is not within 0 and + * out.length. + * @param length the maximum number of required random bytes. This method + * does nothing if this parameter is less than 1. + * @exception IllegalStateException if the instance is not yet initialised. + * @exception LimitReachedException if this instance has reached its + * theoretical limit for generating non-repetitive pseudo-random data. + */ + void nextBytes(byte[] out, int offset, int length) + throws IllegalStateException, LimitReachedException; + + /** + *

Supplement, or possibly replace, the random state of this PRNG with + * a random byte.

+ * + *

Implementations are not required to implement this method in any + * meaningful way; this may be a no-operation, and implementations may + * throw an {@link UnsupportedOperationException}.

+ * + * @param b The byte to add. + */ + void addRandomByte(byte b); + + /** + *

Supplement, or possibly replace, the random state of this PRNG with + * a sequence of new random bytes.

+ * + *

Implementations are not required to implement this method in any + * meaningful way; this may be a no-operation, and implementations may + * throw an {@link UnsupportedOperationException}.

+ * + * @param in The buffer of new random bytes to add. + */ + void addRandomBytes(byte[] in); + + /** + *

Supplement, or possibly replace, the random state of this PRNG with + * a sequence of new random bytes.

+ * + *

Implementations are not required to implement this method in any + * meaningful way; this may be a no-operation, and implementations may + * throw an {@link UnsupportedOperationException}.

+ * + * @param in The buffer of new random bytes to add. + * @param offset The offset from whence to begin reading random bytes. + * @param length The number of random bytes to add. + * @exception IndexOutOfBoundsException If offset, length, + * or offset+length is out of bounds. + */ + void addRandomBytes(byte[] in, int offset, int length); + + /** + *

Returns a clone copy of this instance.

+ * + * @return a clone copy of this instance. + */ + Object clone() throws CloneNotSupportedException; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/java/security/prng/LimitReachedException.java b/libjava/classpath/gnu/java/security/prng/LimitReachedException.java new file mode 100644 index 0000000..2fd8bfa --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/LimitReachedException.java @@ -0,0 +1,69 @@ +/* LimitReachedException.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +/** + * A checked exception that indicates that a pseudo random number generated has + * reached its theoretical limit in generating random bytes. + */ +public class LimitReachedException extends Exception +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public LimitReachedException() + { + super(); + } + + public LimitReachedException(String msg) + { + super(msg); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instant methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/java/security/prng/MDGenerator.java b/libjava/classpath/gnu/java/security/prng/MDGenerator.java new file mode 100644 index 0000000..255647d --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/MDGenerator.java @@ -0,0 +1,135 @@ +/* MDGenerator.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; + +import java.util.Map; + +/** + *

A simple pseudo-random number generator that relies on a hash algorithm, + * that (a) starts its operation by hashing a seed, and then (b) + * continuously re-hashing its output. If no hash algorithm name is specified + * in the {@link Map} of attributes used to initialise the instance then the + * SHA-160 algorithm is used as the underlying hash function. Also, if no + * seed is given, an empty octet sequence is used.

+ */ +public class MDGenerator extends BasePRNG implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Property name of underlying hash algorithm for this generator. */ + public static final String MD_NAME = "gnu.crypto.prng.md.hash.name"; + + /** Property name of seed material. */ + public static final String SEEED = "gnu.crypto.prng.md.seed"; + + /** The underlying hash instance. */ + private IMessageDigest md; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public MDGenerator() + { + super(Registry.MD_PRNG); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BaseRandom ------------------------ + + public void setup(Map attributes) + { + // find out which hash to use + String underlyingMD = (String) attributes.get(MD_NAME); + if (underlyingMD == null) + { + if (md == null) + { // happy birthday + // ensure we have a reliable implementation of this hash + md = HashFactory.getInstance(Registry.SHA160_HASH); + } + else + { // a clone. reset it for reuse + md.reset(); + } + } + else + { // ensure we have a reliable implementation of this hash + md = HashFactory.getInstance(underlyingMD); + } + + // get the seeed + byte[] seed = (byte[]) attributes.get(SEEED); + if (seed == null) + { + seed = new byte[0]; + } + + md.update(seed, 0, seed.length); + } + + public void fillBlock() throws LimitReachedException + { + IMessageDigest mdc = (IMessageDigest) md.clone(); + buffer = mdc.digest(); + md.update(buffer, 0, buffer.length); + } + + // Cloneable interface implementation --------------------------------------- + + public Object clone() throws CloneNotSupportedException + { + MDGenerator result = (MDGenerator) super.clone(); + if (this.md != null) + result.md = (IMessageDigest) this.md.clone(); + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/prng/PRNGFactory.java b/libjava/classpath/gnu/java/security/prng/PRNGFactory.java new file mode 100644 index 0000000..8b51414 --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/PRNGFactory.java @@ -0,0 +1,109 @@ +/* PRNGFactory.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import gnu.java.security.Registry; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + *

A Factory to instantiate pseudo random number generators.

+ */ +public class PRNGFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + protected PRNGFactory() + { + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a padding algorithm given its name.

+ * + * @param prng the case-insensitive name of the PRNG. + * @return an instance of the pseudo-random number generator. + * @exception InternalError if the implementation does not pass its self- + * test. + */ + public static final IRandom getInstance(String prng) + { + if (prng == null) + { + return null; + } + + prng = prng.trim(); + IRandom result = null; + if (prng.equalsIgnoreCase(MD_PRNG)) + { + result = new MDGenerator(); + } + + return result; + } + + /** + *

Returns a {@link Set} of names of padding algorithms supported by this + * Factory.

+ * + * @return a {@link Set} of pseudo-random number generator algorithm names + * (Strings). + */ + public static final Set getNames() + { + HashSet hs = new HashSet(); + hs.add(MD_PRNG); + return Collections.unmodifiableSet(hs); + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/java/security/prng/RandomEvent.java b/libjava/classpath/gnu/java/security/prng/RandomEvent.java new file mode 100644 index 0000000..c070621 --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/RandomEvent.java @@ -0,0 +1,82 @@ +/* RandomEvent.java -- an event with random data. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import java.util.EventObject; + +/** + * An interface for entropy accumulators that will be notified of random + * events. + */ +public class RandomEvent extends EventObject +{ + + private final byte sourceNumber; + + private final byte poolNumber; + + private final byte[] data; + + public RandomEvent(Object source, byte sourceNumber, byte poolNumber, + byte[] data) + { + super(source); + this.sourceNumber = sourceNumber; + this.poolNumber = poolNumber; + if (data.length == 0 || data.length > 32) + throw new IllegalArgumentException( + "random events take between 1 and 32 bytes of data"); + this.data = (byte[]) data.clone(); + } + + public byte getSourceNumber() + { + return sourceNumber; + } + + public byte getPoolNumber() + { + return poolNumber; + } + + public byte[] getData() + { + return data; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/java/security/prng/RandomEventListener.java b/libjava/classpath/gnu/java/security/prng/RandomEventListener.java new file mode 100644 index 0000000..1dc1461 --- /dev/null +++ b/libjava/classpath/gnu/java/security/prng/RandomEventListener.java @@ -0,0 +1,50 @@ +/* RandomEventListener.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.prng; + +import java.util.EventListener; + +/** + * An interface for entropy accumulators that will be notified of random + * events. + */ +public interface RandomEventListener extends EventListener +{ + void addRandomEvent(RandomEvent event); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/java/security/provider/DSAKeyFactory.java b/libjava/classpath/gnu/java/security/provider/DSAKeyFactory.java deleted file mode 100644 index 7e154e2..0000000 --- a/libjava/classpath/gnu/java/security/provider/DSAKeyFactory.java +++ /dev/null @@ -1,134 +0,0 @@ -/* DSAKeyFactory.java -- DSA key factory. - Copyright (C) 2003 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.interfaces.DSAPrivateKey; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.DSAPrivateKeySpec; -import java.security.spec.DSAPublicKeySpec; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.KeySpec; - -/** - * DSA key factory. - * - * @author Casey Marshall (rsdio@metastatic.org) - */ -public class DSAKeyFactory extends KeyFactorySpi -{ - - // Constructor. - // ------------------------------------------------------------------------ - - public DSAKeyFactory() - { - super(); - } - - // Instance methods. - // ------------------------------------------------------------------------ - - protected PrivateKey engineGeneratePrivate(KeySpec keySpec) - throws InvalidKeySpecException - { - if (!(keySpec instanceof DSAPrivateKeySpec)) - throw new InvalidKeySpecException(); - return new GnuDSAPrivateKey( - ((DSAPrivateKeySpec) keySpec).getX(), - ((DSAPrivateKeySpec) keySpec).getP(), - ((DSAPrivateKeySpec) keySpec).getQ(), - ((DSAPrivateKeySpec) keySpec).getG()); - } - - protected PublicKey engineGeneratePublic(KeySpec keySpec) - throws InvalidKeySpecException - { - if (!(keySpec instanceof DSAPublicKeySpec)) - throw new InvalidKeySpecException(); - return new GnuDSAPublicKey( - ((DSAPublicKeySpec) keySpec).getY(), - ((DSAPublicKeySpec) keySpec).getP(), - ((DSAPublicKeySpec) keySpec).getQ(), - ((DSAPublicKeySpec) keySpec).getG()); - } - - protected KeySpec engineGetKeySpec(Key key, Class keySpec) - throws InvalidKeySpecException - { - if ((key instanceof DSAPublicKey) && - keySpec.isAssignableFrom(DSAPublicKeySpec.class)) - { - return new DSAPublicKeySpec(((DSAPublicKey) key).getY(), - ((DSAPublicKey) key).getParams().getP(), - ((DSAPublicKey) key).getParams().getQ(), - ((DSAPublicKey) key).getParams().getG()); - } - if ((key instanceof DSAPrivateKey) && - keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) - { - return new DSAPrivateKeySpec(((DSAPrivateKey) key).getX(), - ((DSAPrivateKey) key).getParams().getP(), - ((DSAPrivateKey) key).getParams().getQ(), - ((DSAPrivateKey) key).getParams().getG()); - } - throw new InvalidKeySpecException(); - } - - protected Key engineTranslateKey(Key key) throws InvalidKeyException - { - if ((key instanceof GnuDSAPublicKey) || (key instanceof GnuDSAPrivateKey)) - return key; - if (key instanceof DSAPublicKey) - return new GnuDSAPublicKey(((DSAPublicKey) key).getY(), - ((DSAPublicKey) key).getParams().getP(), - ((DSAPublicKey) key).getParams().getQ(), - ((DSAPublicKey) key).getParams().getG()); - if (key instanceof DSAPrivateKey) - return new GnuDSAPrivateKey(((DSAPrivateKey) key).getX(), - ((DSAPrivateKey) key).getParams().getP(), - ((DSAPrivateKey) key).getParams().getQ(), - ((DSAPrivateKey) key).getParams().getG()); - throw new InvalidKeyException(); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/DSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/provider/DSAKeyPairGenerator.java deleted file mode 100644 index ddd1800..0000000 --- a/libjava/classpath/gnu/java/security/provider/DSAKeyPairGenerator.java +++ /dev/null @@ -1,194 +0,0 @@ -/* GnuDSAKeyPairGenerator.java --- Gnu DSA Key Pair Generator - Copyright (C) 1999, 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.math.BigInteger; -import java.security.AlgorithmParameterGenerator; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidParameterException; -import java.security.KeyPair; -import java.security.KeyPairGeneratorSpi; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.interfaces.DSAParams; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; -import java.util.Random; - -public class DSAKeyPairGenerator extends KeyPairGeneratorSpi - implements java.security.interfaces.DSAKeyPairGenerator -{ -int keysize; -SecureRandom random; -private BigInteger q = null; // the small prime -private BigInteger p = null; // the big prime -private BigInteger g = null; - -public DSAKeyPairGenerator() -{ - keysize = 1024; - getDefaults (); -} - -public void initialize(int keysize, SecureRandom random) -{ - initialize (keysize, false, random); -} - -public void initialize(AlgorithmParameterSpec params, - SecureRandom random) - throws InvalidAlgorithmParameterException -{ - if( !( params instanceof DSAParameterSpec ) ) - throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); - - try - { - initialize ((DSAParams) params, random); - } - catch (InvalidParameterException ipe) - { - InvalidAlgorithmParameterException iape = - new InvalidAlgorithmParameterException(); - iape.initCause (ipe); - throw iape; - } -} - -public void initialize (DSAParams params, SecureRandom random) -{ - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)params; - if (dsaparameterspec.getP() == null - || dsaparameterspec.getQ() == null - || dsaparameterspec.getG() == null) - { - throw new InvalidParameterException ("none of p, q, or g may be null"); - } - p = dsaparameterspec.getP(); - q = dsaparameterspec.getQ(); - g = dsaparameterspec.getG(); - this.random = random; -} - -public void initialize(int modlen, boolean genParams, SecureRandom random) - throws InvalidParameterException -{ - if( ((modlen % 64) != 0) || (modlen < 512) || (modlen > 1024) ) - throw new InvalidParameterException(); - - this.keysize = modlen; - this.random = random; - if (this.random == null) - { - this.random = new SecureRandom (); - } - if (genParams) - { - try - { - AlgorithmParameterGenerator apgDSA = AlgorithmParameterGenerator.getInstance("DSA"); - apgDSA.init (modlen, random); - AlgorithmParameters apDSA = apgDSA.generateParameters(); - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)apDSA.getParameterSpec( DSAParameterSpec.class ); - p = dsaparameterspec.getP(); - q = dsaparameterspec.getQ(); - g = dsaparameterspec.getG(); - } - catch (NoSuchAlgorithmException nsae) - { - InvalidParameterException ipe = - new InvalidParameterException ("can't generate DSA parameters"); - ipe.initCause (nsae); - throw ipe; - } - catch (InvalidParameterSpecException ipse) - { - InvalidParameterException ipe = - new InvalidParameterException ("can't generate DSA parameters"); - ipe.initCause (ipse); - throw ipe; - } - } - else if (!getDefaults ()) - { - throw new InvalidParameterException ("unsupported key size: " + modlen); - } -} - -public KeyPair generateKeyPair() -{ - if (random == null) - { - random = new SecureRandom (); - } - - BigInteger x = new BigInteger( 159, random ); - - BigInteger y = g.modPow( x, p ); - - return new KeyPair( new GnuDSAPublicKey(y,p,q,g), new GnuDSAPrivateKey(x,p,q,g)); - //return new KeyPair( public, private ); -} - -//These constants are Sun's Constants copied from the -//Cryptography Specification -private boolean getDefaults() -{ - if( keysize == 512) { - p = new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16); - q = new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16); - g = new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16); - return true; - } else if( keysize == 768) { - p = new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d890141922d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d777d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16); - q = new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16); - g = new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d83c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16); - return true; - } else if( keysize == 1024) { - p = new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16); - q = new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16); - g = new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16); - return true; - } - return false; -} - -} diff --git a/libjava/classpath/gnu/java/security/provider/DSAParameters.java b/libjava/classpath/gnu/java/security/provider/DSAParameters.java deleted file mode 100644 index 77d6489..0000000 --- a/libjava/classpath/gnu/java/security/provider/DSAParameters.java +++ /dev/null @@ -1,150 +0,0 @@ -/* DSAParameters.java --- DSA Parameters Implementation - Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.io.ASN1ParsingException; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.AlgorithmParametersSpi; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; -import java.util.ArrayList; - -/* - ASN.1 Encoding for DSA from rfc2459 - - id-dsa ID ::= { iso(1) member-body(2) us(840) x9-57(10040) - x9cm(4) 1 } - - Dss-Parms ::= SEQUENCE { - p INTEGER, - q INTEGER, - g INTEGER } - -*/ -public class DSAParameters extends AlgorithmParametersSpi -{ -private BigInteger q; // the small prime -private BigInteger p; // the big prime -private BigInteger g; - - -public void engineInit(AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException -{ - if( paramSpec instanceof DSAParameterSpec ) { - DSAParameterSpec dsaParamSpec = (DSAParameterSpec)paramSpec; - p = dsaParamSpec.getP(); - q = dsaParamSpec.getQ(); - g = dsaParamSpec.getG(); - } - else - throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); -} - -public void engineInit(byte[] params) - throws IOException -{ - DERReader in = new DERReader(params); - DERValue val = in.read(); - if (val.getValue() != DER.CONSTRUCTED_VALUE) - throw new ASN1ParsingException("badly formed parameters"); - try - { - p = (BigInteger) in.read().getValue(); - q = (BigInteger) in.read().getValue(); - g = (BigInteger) in.read().getValue(); - } - catch (Exception x) - { - throw new ASN1ParsingException("badly formed parameters"); - } -} - -public void engineInit(byte[] params, String format) - throws IOException -{ - if( !format.equals("ASN.1") ) - throw new IOException("Invalid Format: Only accepts ASN.1"); - engineInit( params ); -} - -public AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) - throws InvalidParameterSpecException -{ - if( paramSpec.isAssignableFrom(DSAParameterSpec.class) ) - return new DSAParameterSpec(p, q, g); - else - throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); -} - -public byte[] engineGetEncoded() - throws IOException -{ - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - ArrayList seq = new ArrayList(3); - seq.add(new DERValue(DER.INTEGER, p)); - seq.add(new DERValue(DER.INTEGER, q)); - seq.add(new DERValue(DER.INTEGER, g)); - DERWriter.write(bout, new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, seq)); - return bout.toByteArray(); -} - - -public byte[] engineGetEncoded(String format) - throws IOException -{ - if( !format.equals("ASN.1") ) - throw new IOException("Invalid Format: Only accepts ASN.1"); - return engineGetEncoded(); -} - -public String engineToString() -{ - return ("q: " + q + " p: " + p + " g: " + g); -} - -} diff --git a/libjava/classpath/gnu/java/security/provider/DSASignature.java b/libjava/classpath/gnu/java/security/provider/DSASignature.java deleted file mode 100644 index 1d3875d..0000000 --- a/libjava/classpath/gnu/java/security/provider/DSASignature.java +++ /dev/null @@ -1,251 +0,0 @@ -/* DSASignature.java -- - Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.InvalidParameterException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.SignatureException; -import java.security.SignatureSpi; -import java.security.interfaces.DSAPrivateKey; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.AlgorithmParameterSpec; -import java.util.ArrayList; -import java.util.Random; - -public class DSASignature extends SignatureSpi -{ - private DSAPublicKey publicKey; - private DSAPrivateKey privateKey; - private final MessageDigest digest; - private final SecureRandom random; - - public DSASignature() throws NoSuchAlgorithmException - { - random = new SecureRandom(); - digest = MessageDigest.getInstance ("SHA1"); - } - - private void init() - { - digest.reset(); - } - - public void engineInitVerify (PublicKey publicKey) - throws InvalidKeyException - { - if (publicKey instanceof DSAPublicKey) - this.publicKey = (DSAPublicKey) publicKey; - else - throw new InvalidKeyException(); - init(); - } - - public void engineInitSign (PrivateKey privateKey) - throws InvalidKeyException - { - if (privateKey instanceof DSAPrivateKey) - this.privateKey = (DSAPrivateKey) privateKey; - else - throw new InvalidKeyException ("not a DSA private key"); - - init(); - } - - public void engineInitSign (PrivateKey privateKey, - SecureRandom random) - throws InvalidKeyException - { - if (privateKey instanceof DSAPrivateKey) - this.privateKey = (DSAPrivateKey) privateKey; - else - throw new InvalidKeyException ("not a DSA private key"); - - appRandom = random; - init(); - } - - public void engineUpdate(byte b) - throws SignatureException - { - digest.update (b); - } - - public void engineUpdate (byte[] b, int off, int len) - throws SignatureException - { - digest.update (b, off, len); - } - - public byte[] engineSign() throws SignatureException - { - if (privateKey == null) - throw new SignatureException ("not initialized for signing"); - - try - { - BigInteger g = privateKey.getParams().getG(); - BigInteger p = privateKey.getParams().getP(); - BigInteger q = privateKey.getParams().getQ(); - - BigInteger x = privateKey.getX(); - - BigInteger k = new BigInteger (159, appRandom != null ? appRandom : random); - - BigInteger r = g.modPow(k, p); - r = r.mod(q); - - byte bytes[] = digest.digest(); - BigInteger sha = new BigInteger (1, bytes); - - BigInteger s = sha.add (x.multiply (r)); - s = s.multiply (k.modInverse(q)).mod (q); - - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - ArrayList seq = new ArrayList (2); - seq.add(0, new DERValue (DER.INTEGER, r)); - seq.add(1, new DERValue (DER.INTEGER, s)); - DERWriter.write (bout, new DERValue (DER.CONSTRUCTED | DER.SEQUENCE, seq)); - return bout.toByteArray(); - } - catch (IOException ioe) - { - SignatureException se = new SignatureException(); - se.initCause (ioe); - throw se; - } - catch (ArithmeticException ae) - { - SignatureException se = new SignatureException(); - se.initCause (ae); - throw se; - } - } - - public int engineSign (byte[] outbuf, int offset, int len) - throws SignatureException - { - byte tmp[] = engineSign(); - if (tmp.length > len) - throw new SignatureException ("output buffer too short"); - System.arraycopy (tmp, 0, outbuf, offset, tmp.length); - return tmp.length; - } - - public boolean engineVerify (byte[] sigBytes) - throws SignatureException - { - // Decode sigBytes from ASN.1 DER encoding - try - { - DERReader in = new DERReader (sigBytes); - DERValue val = in.read(); - if (!val.isConstructed()) - throw new SignatureException ("badly formed signature"); - BigInteger r = (BigInteger) in.read().getValue(); - BigInteger s = (BigInteger) in.read().getValue(); - - BigInteger g = publicKey.getParams().getG(); - BigInteger p = publicKey.getParams().getP(); - BigInteger q = publicKey.getParams().getQ(); - - BigInteger y = publicKey.getY(); - - BigInteger w = s.modInverse (q); - - byte bytes[] = digest.digest(); - BigInteger sha = new BigInteger (1, bytes); - - BigInteger u1 = w.multiply (sha).mod ( q ); - - BigInteger u2 = r.multiply (w).mod(q); - - BigInteger v = g.modPow (u1, p).multiply (y.modPow (u2, p)).mod (p).mod (q); - - if (v.equals (r)) - return true; - else - return false; - } - catch (IOException ioe) - { - SignatureException se = new SignatureException ("badly formed signature"); - se.initCause (ioe); - throw se; - } - } - - public void engineSetParameter (String param, - Object value) - throws InvalidParameterException - { - throw new InvalidParameterException(); - } - - public void engineSetParameter (AlgorithmParameterSpec params) - throws InvalidAlgorithmParameterException - { - throw new InvalidParameterException(); - - } - - public Object engineGetParameter (String param) - throws InvalidParameterException - { - throw new InvalidParameterException(); - } - - public Object clone() throws CloneNotSupportedException - { - return super.clone(); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyFactoryImpl.java b/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyFactoryImpl.java deleted file mode 100644 index 591fc68..0000000 --- a/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyFactoryImpl.java +++ /dev/null @@ -1,123 +0,0 @@ -/* DiffieHellmanKeyFactoryImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.javax.crypto.GnuDHPrivateKey; - -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.KeySpec; - -import javax.crypto.spec.DHParameterSpec; -import javax.crypto.spec.DHPrivateKeySpec; -import javax.crypto.spec.DHPublicKeySpec; - -import javax.crypto.interfaces.DHPrivateKey; -import javax.crypto.interfaces.DHPublicKey; - -public class DiffieHellmanKeyFactoryImpl extends KeyFactorySpi -{ - protected PrivateKey engineGeneratePrivate (final KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof DHPrivateKeySpec) - { - DHPrivateKeySpec dh = (DHPrivateKeySpec) spec; - return new GnuDHPrivateKey (dh.getX (), - new DHParameterSpec (dh.getP (), dh.getG ())); - } - throw new InvalidKeySpecException (); - } - - protected PublicKey engineGeneratePublic (final KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof DHPublicKeySpec) - { - DHPublicKeySpec dh = (DHPublicKeySpec) spec; - return new GnuDHPublicKey (new DHParameterSpec (dh.getP (), dh.getG ()), - dh.getY(), null); - } - throw new InvalidKeySpecException (); - } - - protected KeySpec engineGetKeySpec (final Key key, final Class specClass) - throws InvalidKeySpecException - { - if (key instanceof DHPrivateKey) - { - if (DHPrivateKeySpec.class.isAssignableFrom (specClass)) - { - DHParameterSpec params = ((DHPrivateKey) key).getParams (); - return new DHPrivateKeySpec (((DHPrivateKey) key).getX (), - params.getP (), params.getG ()); - } - } - if (key instanceof DHPublicKey) - { - if (DHPublicKeySpec.class.isAssignableFrom (specClass)) - { - DHParameterSpec params = ((DHPublicKey) key).getParams (); - return new DHPublicKeySpec (((DHPublicKey) key).getY (), - params.getP (), params.getG ()); - } - } - throw new InvalidKeySpecException (); - } - - protected Key engineTranslateKey (final Key key) - throws InvalidKeyException - { - if (key instanceof DHPrivateKey) - { - return new GnuDHPrivateKey (((DHPrivateKey) key).getX (), - ((DHPrivateKey) key).getParams ()); - } - if (key instanceof DHPublicKey) - { - return new GnuDHPublicKey (((DHPublicKey) key).getParams (), - ((DHPublicKey) key).getY (), null); - } - throw new InvalidKeyException (); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyPairGeneratorImpl.java b/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyPairGeneratorImpl.java deleted file mode 100644 index 1b68d27..0000000 --- a/libjava/classpath/gnu/java/security/provider/DiffieHellmanKeyPairGeneratorImpl.java +++ /dev/null @@ -1,86 +0,0 @@ -/* DiffieHellmanKeyPairGeneratorImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.javax.crypto.GnuDHPrivateKey; - -import java.math.BigInteger; - -import java.security.KeyPair; -import java.security.KeyPairGeneratorSpi; -import java.security.SecureRandom; -import java.security.spec.AlgorithmParameterSpec; - -import javax.crypto.spec.DHParameterSpec; - -public class DiffieHellmanKeyPairGeneratorImpl extends KeyPairGeneratorSpi -{ - private SecureRandom random; - private DHParameterSpec params; - - public KeyPair generateKeyPair () - { - if (params == null || random == null) - throw new IllegalStateException ("not initialized"); - byte[] buf = new byte[(params.getP ().bitLength() >>> 3)]; - random.nextBytes (buf); - BigInteger x = new BigInteger (1, buf); - BigInteger y = params.getG ().modPow (x, params.getP ()); - GnuDHPublicKey pub = new GnuDHPublicKey (params, y, null); - GnuDHPrivateKey priv = new GnuDHPrivateKey (x, params); - - return new KeyPair (pub, priv); - } - - public void initialize (final int keysize, final SecureRandom random) - { - throw new UnsupportedOperationException ("key generation without parameters not supported"); - } - - public void initialize (final AlgorithmParameterSpec params, - final SecureRandom random) - { - if (!(params instanceof DHParameterSpec)) - throw new IllegalArgumentException ("expecting Diffie-Hellman parameters"); - this.params = (DHParameterSpec) params; - this.random = random; - if (this.random == null) - this.random = new SecureRandom (); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/EncodedKeyFactory.java b/libjava/classpath/gnu/java/security/provider/EncodedKeyFactory.java deleted file mode 100644 index 2bf0fff..0000000 --- a/libjava/classpath/gnu/java/security/provider/EncodedKeyFactory.java +++ /dev/null @@ -1,303 +0,0 @@ -/* EncodedKeyFactory.java -- encoded key factory. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.AlgorithmParameters; -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.InvalidParameterSpecException; -import java.security.spec.KeySpec; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.security.spec.RSAPublicKeySpec; -import java.security.spec.X509EncodedKeySpec; - -import javax.crypto.spec.DHParameterSpec; - -/** - * A factory for keys encoded in either the X.509 format (for public - * keys) or the PKCS#8 format (for private keys). - * - * @author Casey Marshall (rsdio@metastatic.org) - */ -public class EncodedKeyFactory extends KeyFactorySpi -{ - - // Constants. - // ------------------------------------------------------------------------ - - private static final OID ID_DSA = new OID("1.2.840.10040.4.1"); - private static final OID ID_RSA = new OID("1.2.840.113549.1.1.1"); - private static final OID ID_DH = new OID("1.2.840.10046.2.1"); - - // Instance methods. - // ------------------------------------------------------------------------ - - public PublicKey engineGeneratePublic(KeySpec spec) - throws InvalidKeySpecException - { - if (!(spec instanceof X509EncodedKeySpec)) - throw new InvalidKeySpecException("only supports X.509 key specs"); - DERReader der = new DERReader(((X509EncodedKeySpec) spec).getEncoded()); - try - { - DERValue spki = der.read(); - if (!spki.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue alg = der.read(); - if (!alg.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue val = der.read(); - if (!(val.getValue() instanceof OID)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - OID algId = (OID) val.getValue(); - byte[] algParams = null; - if (alg.getLength() > val.getEncodedLength()) - { - val = der.read(); - algParams = val.getEncoded(); - if (val.isConstructed()) - der.skip(val.getLength()); - } - val = der.read(); - if (!(val.getValue() instanceof BitString)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - byte[] publicKey = ((BitString) val.getValue()).toByteArray(); - if (algId.equals(ID_DSA)) - { - BigInteger p = null, g = null, q = null, Y; - if (algParams != null) - { - DERReader dsaParams = new DERReader(algParams); - val = dsaParams.read(); - if (!val.isConstructed()) - throw new InvalidKeySpecException("malformed DSA parameters"); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - p = (BigInteger) val.getValue(); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - q = (BigInteger) val.getValue(); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - g = (BigInteger) val.getValue(); - } - DERReader dsaPub = new DERReader(publicKey); - val = dsaPub.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - Y = (BigInteger) val.getValue(); - return new GnuDSAPublicKey(Y, p, q, g); - } - else if (algId.equals(ID_RSA)) - { - DERReader rsaParams = new DERReader(publicKey); - if (!rsaParams.read().isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - return new GnuRSAPublicKey(new RSAPublicKeySpec( - (BigInteger) rsaParams.read().getValue(), - (BigInteger) rsaParams.read().getValue())); - } - else if (algId.equals(ID_DH)) - { - if (algParams == null) - throw new InvalidKeySpecException("missing DH parameters"); - DERReader dhParams = new DERReader(algParams); - val = dhParams.read(); - BigInteger p, g, q, Y; - if (!val.isConstructed()) - throw new InvalidKeySpecException("malformed DH parameters"); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - p = (BigInteger) val.getValue(); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - g = (BigInteger) val.getValue(); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - q = (BigInteger) val.getValue(); - DERReader dhPub = new DERReader(publicKey); - val = dhPub.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - Y = (BigInteger) val.getValue(); - return (PublicKey) new GnuDHPublicKey(new DHParameterSpec(p, g), Y, q); - } - else - throw new InvalidKeySpecException("unknown algorithm: " + algId); - } - catch (IOException ioe) - { - throw new InvalidKeySpecException(ioe.getMessage()); - } - } - - public PrivateKey engineGeneratePrivate(KeySpec spec) - throws InvalidKeySpecException - { - if (!(spec instanceof PKCS8EncodedKeySpec)) - { - throw new InvalidKeySpecException("only supports PKCS8 key specs"); - } - DERReader der = new DERReader(((PKCS8EncodedKeySpec) spec).getEncoded()); - try - { - DERValue pki = der.read(); - if (!pki.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue val = der.read(); - if (!(val.getValue() instanceof BigInteger)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue alg = der.read(); - if (!alg.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - val = der.read(); - if (!(val.getValue() instanceof OID)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - OID algId = (OID) val.getValue(); - byte[] algParams = null; - if (alg.getLength() > val.getEncodedLength()) - { - val = der.read(); - algParams = val.getEncoded(); - if (val.isConstructed()) - der.skip(val.getLength()); - } - byte[] privateKey = (byte[]) der.read().getValue(); - if (algId.equals(ID_DSA)) - { - if (algParams == null) - { - throw new InvalidKeySpecException("missing DSA parameters"); - } - AlgorithmParameters params = AlgorithmParameters.getInstance("DSA"); - params.init(algParams); - DSAParameterSpec dsaSpec = (DSAParameterSpec) - params.getParameterSpec(DSAParameterSpec.class); - DERReader dsaPriv = new DERReader(privateKey); - return new GnuDSAPrivateKey((BigInteger) dsaPriv.read().getValue(), - dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()); - } - else if (algId.equals(ID_RSA)) - { - DERReader rsaParams = new DERReader(privateKey); - if (!rsaParams.read().isConstructed()) - throw new InvalidKeySpecException("malformed encoded key"); - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - (BigInteger) rsaParams.read().getValue(), // n - (BigInteger) rsaParams.read().getValue(), // e - (BigInteger) rsaParams.read().getValue(), // d - (BigInteger) rsaParams.read().getValue(), // p - (BigInteger) rsaParams.read().getValue(), // q - (BigInteger) rsaParams.read().getValue(), // d mod (p - 1) - (BigInteger) rsaParams.read().getValue(), // d mod (q - 1) - (BigInteger) rsaParams.read().getValue())); // (inv q) mod p - } - else - throw new InvalidKeySpecException("unknown algorithm: " + algId); - } - catch (InvalidParameterSpecException iapse) - { - throw new InvalidKeySpecException(iapse.getMessage()); - } - catch (NoSuchAlgorithmException nsae) - { - throw new InvalidKeySpecException(nsae.getMessage()); - } - catch (IOException ioe) - { - throw new InvalidKeySpecException(ioe.getMessage()); - } - } - - public KeySpec engineGetKeySpec(Key key, Class speClass) - throws InvalidKeySpecException - { - if ((key instanceof PrivateKey) && key.getFormat().equals("PKCS#8") - && speClass.isAssignableFrom(PKCS8EncodedKeySpec.class)) - return new PKCS8EncodedKeySpec(key.getEncoded()); - else if ((key instanceof PublicKey) && key.getFormat().equals("X.509") - && speClass.isAssignableFrom(X509EncodedKeySpec.class)) - return new X509EncodedKeySpec(key.getEncoded()); - else - throw new InvalidKeySpecException(); - } - - public Key engineTranslateKey(Key key) throws InvalidKeyException - { - throw new InvalidKeyException("translating keys not supported"); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/Gnu.java b/libjava/classpath/gnu/java/security/provider/Gnu.java index e553bbc..0613566 100644 --- a/libjava/classpath/gnu/java/security/provider/Gnu.java +++ b/libjava/classpath/gnu/java/security/provider/Gnu.java @@ -57,105 +57,209 @@ public final class Gnu extends Provider // we automatically get all the implementation classes. // Signature - put("Signature.SHA1withDSA", - gnu.java.security.provider.DSASignature.class.getName()); - - put("Alg.Alias.Signature.DSS", "SHA1withDSA"); - put("Alg.Alias.Signature.DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA"); - put("Alg.Alias.Signature.DSAwithSHA", "SHA1withDSA"); - put("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA-1/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA1/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "SHA1withDSA"); - put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); - put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA1withDSA"); - put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA1withDSA"); - - put("Signature.MD2withRSA", MD2withRSA.class.getName()); + put("Signature.SHA160withDSS", + gnu.java.security.jce.sig.SHA160withDSS.class.getName()); + put("Alg.Alias.Signature.SHA1withDSA", "SHA160withDSS"); + put("Alg.Alias.Signature.DSS", "SHA160withDSS"); + put("Alg.Alias.Signature.DSA", "SHA160withDSS"); + put("Alg.Alias.Signature.SHAwithDSA", "SHA160withDSS"); + put("Alg.Alias.Signature.DSAwithSHA", "SHA160withDSS"); + put("Alg.Alias.Signature.DSAwithSHA1", "SHA160withDSS"); + put("Alg.Alias.Signature.SHA/DSA", "SHA160withDSS"); + put("Alg.Alias.Signature.SHA-1/DSA", "SHA160withDSS"); + put("Alg.Alias.Signature.SHA1/DSA", "SHA160withDSS"); + put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "SHA160withDSS"); + put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA160withDSS"); + put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA160withDSS"); + put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA160withDSS"); + + put("Signature.MD2withRSA", + gnu.java.security.jce.sig.MD2withRSA.class.getName()); put("Signature.MD2withRSA ImplementedIn", "Software"); put("Alg.Alias.Signature.md2WithRSAEncryption", "MD2withRSA"); put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.2", "MD2withRSA"); put("Alg.Alias.Signature.1.2.840.113549.1.1.2", "MD2withRSA"); - put("Signature.MD4withRSA", MD4withRSA.class.getName()); - put("Signature.MD4withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.md4WithRSAEncryption", "MD4withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.3", "MD4withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.3", "MD4withRSA"); - - put("Signature.MD5withRSA", MD5withRSA.class.getName()); + put("Signature.MD5withRSA", + gnu.java.security.jce.sig.MD5withRSA.class.getName()); put("Signature.MD5withRSA ImplementedIn", "Software"); put("Alg.Alias.Signature.md5WithRSAEncryption", "MD5withRSA"); put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA"); put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); - put("Signature.SHA1withRSA", SHA1withRSA.class.getName()); - put("Signature.SHA1withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.sha-1WithRSAEncryption", "SHA1withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA"); + put("Signature.SHA160withRSA", + gnu.java.security.jce.sig.SHA160withRSA.class.getName()); + put("Signature.SHA160withRSA ImplementedIn", "Software"); + put("Alg.Alias.Signature.sha-1WithRSAEncryption", "SHA160withRSA"); + put("Alg.Alias.Signature.sha-160WithRSAEncryption", "SHA160withRSA"); + put("Alg.Alias.Signature.sha1WithRSAEncryption", "SHA160withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA160withRSA"); + put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA160withRSA"); + put("Alg.Alias.Signature.SHA1withRSA", "SHA160withRSA"); + + put("Signature.SHA256withRSA", + gnu.java.security.jce.sig.SHA256withRSA.class.getName()); + put("Signature.SHA160withRSA ImplementedIn", "Software"); + put("Alg.Alias.Signature.sha256WithRSAEncryption", "SHA256withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA"); + put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); + + put("Signature.SHA384withRSA", + gnu.java.security.jce.sig.SHA384withRSA.class.getName()); + put("Signature.SHA160withRSA ImplementedIn", "Software"); + put("Alg.Alias.Signature.sha384WithRSAEncryption", "SHA384withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA"); + put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); + + put("Signature.SHA512withRSA", + gnu.java.security.jce.sig.SHA512withRSA.class.getName()); + put("Signature.SHA160withRSA ImplementedIn", "Software"); + put("Alg.Alias.Signature.sha512WithRSAEncryption", "SHA512withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA"); + put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); + + put("Signature.DSS/RAW", + gnu.java.security.jce.sig.DSSRawSignatureSpi.class.getName()); + put("Signature.DSS/RAW KeySize", "1024"); + put("Signature.DSS/RAW ImplementedIn", "Software"); + + put("Signature.RSA-PSS/RAW", + gnu.java.security.jce.sig.RSAPSSRawSignatureSpi.class.getName()); + put("Signature.RSA-PSS/RAW KeySize", "1024"); + put("Signature.RSA-PSS/RAW ImplementedIn", "Software"); // Key Pair Generator - put("KeyPairGenerator.DSA", - gnu.java.security.provider.DSAKeyPairGenerator.class.getName()); - put("KeyPairGenerator.DiffieHellman", DiffieHellmanKeyPairGeneratorImpl.class.getName ()); - - put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); - put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); + put("KeyPairGenerator.DSS", + gnu.java.security.jce.sig.DSSKeyPairGeneratorSpi.class.getName()); + put("KeyPairGenerator.DSS KeySize", "1024"); + put("KeyPairGenerator.DSS ImplementedIn", "Software"); + put("Alg.Alias.KeyPairGenerator.DSA", "DSS"); + put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSS"); + put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSS"); + put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSS"); + + put("KeyPairGenerator.RSA", + gnu.java.security.jce.sig.RSAKeyPairGeneratorSpi.class.getName()); + put("KeyPairGenerator.RSA KeySize", "1024"); + put("KeyPairGenerator.RSA ImplementedIn", "Software"); // Key Factory - put("KeyFactory.DSA", - gnu.java.security.provider.DSAKeyFactory.class.getName()); - - put("KeyFactory.Encoded", EncodedKeyFactory.class.getName()); + put("KeyFactory.DSS", + gnu.java.security.jce.sig.DSSKeyFactory.class.getName()); + put("Alg.Alias.KeyFactory.DSA", "DSS"); + put("Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1", "DSS"); + put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSS"); + put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSS"); + + put("KeyFactory.RSA", + gnu.java.security.jce.sig.RSAKeyFactory.class.getName()); + + put("KeyFactory.Encoded", + gnu.java.security.jce.sig.EncodedKeyFactory.class.getName()); put("KeyFactory.Encoded ImplementedIn", "Software"); put("Alg.Alias.KeyFactory.X.509", "Encoded"); put("Alg.Alias.KeyFactory.X509", "Encoded"); put("Alg.Alias.KeyFactory.PKCS#8", "Encoded"); put("Alg.Alias.KeyFactory.PKCS8", "Encoded"); - put("KeyFactory.RSA", RSAKeyFactory.class.getName()); - - put("Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA"); - - put("KeyFactory.DiffieHellman", DiffieHellmanKeyFactoryImpl.class.getName()); - put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); - - // Message Digests - put("MessageDigest.SHA", gnu.java.security.provider.SHA.class.getName()); - put("MessageDigest.MD5", gnu.java.security.provider.MD5.class.getName()); - - // Format "Alias", "Actual Name" - put("Alg.Alias.MessageDigest.SHA1", "SHA"); - put("Alg.Alias.MessageDigest.SHA-1", "SHA"); - put("Alg.Alias.MessageDigest.SHA-160", "SHA"); + put("MessageDigest.HAVAL", gnu.java.security.jce.hash.HavalSpi.class.getName()); + put("MessageDigest.HAVAL ImplementedIn", "Software"); + put("MessageDigest.MD2", gnu.java.security.jce.hash.MD2Spi.class.getName()); + put("MessageDigest.MD2 ImplementedIn", "Software"); + put("MessageDigest.MD4", gnu.java.security.jce.hash.MD4Spi.class.getName()); + put("MessageDigest.MD4 ImplementedIn", "Software"); + put("MessageDigest.MD5", gnu.java.security.jce.hash.MD5Spi.class.getName()); + put("MessageDigest.MD5 ImplementedIn", "Software"); + put("MessageDigest.RIPEMD128", gnu.java.security.jce.hash.RipeMD128Spi.class.getName()); + put("MessageDigest.RIPEMD128 ImplementedIn", "Software"); + put("MessageDigest.RIPEMD160", gnu.java.security.jce.hash.RipeMD160Spi.class.getName()); + put("MessageDigest.RIPEMD160 ImplementedIn", "Software"); + put("MessageDigest.SHA-160", gnu.java.security.jce.hash.Sha160Spi.class.getName()); + put("MessageDigest.SHA-160 ImplementedIn", "Software"); + put("MessageDigest.SHA-256", gnu.java.security.jce.hash.Sha256Spi.class.getName()); + put("MessageDigest.SHA-256 ImplementedIn", "Software"); + put("MessageDigest.SHA-384", gnu.java.security.jce.hash.Sha384Spi.class.getName()); + put("MessageDigest.SHA-384 ImplementedIn", "Software"); + put("MessageDigest.SHA-512", gnu.java.security.jce.hash.Sha512Spi.class.getName()); + put("MessageDigest.SHA-512 ImplementedIn", "Software"); + put("MessageDigest.TIGER", gnu.java.security.jce.hash.TigerSpi.class.getName()); + put("MessageDigest.TIGER ImplementedIn", "Software"); + put("MessageDigest.WHIRLPOOL", gnu.java.security.jce.hash.WhirlpoolSpi.class.getName()); + put("MessageDigest.WHIRLPOOL ImplementedIn", "Software"); + + put("Alg.Alias.MessageDigest.SHS", "SHA-160"); + put("Alg.Alias.MessageDigest.SHA", "SHA-160"); + put("Alg.Alias.MessageDigest.SHA1", "SHA-160"); + put("Alg.Alias.MessageDigest.SHA-1", "SHA-160"); + put("Alg.Alias.MessageDigest.SHA2-256", "SHA-256"); + put("Alg.Alias.MessageDigest.SHA2-384", "SHA-384"); + put("Alg.Alias.MessageDigest.SHA2-512", "SHA-512"); + put("Alg.Alias.MessageDigest.SHA256", "SHA-256"); + put("Alg.Alias.MessageDigest.SHA384", "SHA-384"); + put("Alg.Alias.MessageDigest.SHA512", "SHA-512"); + put("Alg.Alias.MessageDigest.RIPEMD-160", "RIPEMD160"); + put("Alg.Alias.MessageDigest.RIPEMD-128", "RIPEMD128"); + put("Alg.Alias.MessageDigest.OID.1.2.840.11359.2.2", "MD2"); + put("Alg.Alias.MessageDigest.1.2.840.11359.2.2", "MD2"); + put("Alg.Alias.MessageDigest.OID.1.2.840.11359.2.5", "MD5"); + put("Alg.Alias.MessageDigest.1.2.840.11359.2.5", "MD5"); + put("Alg.Alias.MessageDigest.OID.1.3.14.3.2.26", "SHA1"); + put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA1"); // Algorithm Parameters - put("AlgorithmParameters.DSA", - gnu.java.security.provider.DSAParameters.class.getName()); - - put("Alg.Alias.AlgorithmParameters.DSS", "DSA"); - put("Alg.Alias.AlgorithmParameters.SHAwithDSA", "DSA"); - put("Alg.Alias.AlgorithmParameters.OID.1.2.840.10040.4.3", "DSA"); - put("Alg.Alias.AlgorithmParameters.1.2.840.10040.4.3", "DSA"); + put("AlgorithmParameters.DSS", + gnu.java.security.jce.sig.DSSParameters.class.getName()); + put("Alg.Alias.AlgorithmParameters.DSA", "DSS"); + put("Alg.Alias.AlgorithmParameters.SHAwithDSA", "DSS"); + put("Alg.Alias.AlgorithmParameters.OID.1.2.840.10040.4.3", "DSS"); + put("Alg.Alias.AlgorithmParameters.1.2.840.10040.4.3", "DSS"); // Algorithm Parameter Generator put("AlgorithmParameterGenerator.DSA", - gnu.java.security.provider.DSAParameterGenerator.class.getName()); + gnu.java.security.jce.sig.DSSParametersGenerator.class.getName()); + put("Alg.Alias.AlgorithmParameterGenerator.DSA", "DSS"); // SecureRandom put("SecureRandom.SHA1PRNG", - gnu.java.security.provider.SHA1PRNG.class.getName()); + gnu.java.security.jce.prng.Sha160RandomSpi.class.getName()); + + put("SecureRandom.MD2PRNG", gnu.java.security.jce.prng.MD2RandomSpi.class.getName()); + put("SecureRandom.MD2PRNG ImplementedIn", "Software"); + put("SecureRandom.MD4PRNG", gnu.java.security.jce.prng.MD4RandomSpi.class.getName()); + put("SecureRandom.MD4PRNG ImplementedIn", "Software"); + put("SecureRandom.MD5PRNG", gnu.java.security.jce.prng.MD5RandomSpi.class.getName()); + put("SecureRandom.MD5PRNG ImplementedIn", "Software"); + put("SecureRandom.RIPEMD128PRNG", gnu.java.security.jce.prng.RipeMD128RandomSpi.class.getName()); + put("SecureRandom.RIPEMD128PRNG ImplementedIn", "Software"); + put("SecureRandom.RIPEMD160PRNG", gnu.java.security.jce.prng.RipeMD160RandomSpi.class.getName()); + put("SecureRandom.RIPEMD160PRNG ImplementedIn", "Software"); + put("SecureRandom.SHA-160PRNG", gnu.java.security.jce.prng.Sha160RandomSpi.class.getName()); + put("SecureRandom.SHA-160PRNG ImplementedIn", "Software"); + put("SecureRandom.SHA-256PRNG", gnu.java.security.jce.prng.Sha256RandomSpi.class.getName()); + put("SecureRandom.SHA-256PRNG ImplementedIn", "Software"); + put("SecureRandom.SHA-384PRNG", gnu.java.security.jce.prng.Sha384RandomSpi.class.getName()); + put("SecureRandom.SHA-384PRNG ImplementedIn", "Software"); + put("SecureRandom.SHA-512PRNG", gnu.java.security.jce.prng.Sha512RandomSpi.class.getName()); + put("SecureRandom.SHA-512PRNG ImplementedIn", "Software"); + put("SecureRandom.TIGERPRNG", gnu.java.security.jce.prng.TigerRandomSpi.class.getName()); + put("SecureRandom.TIGERPRNG ImplementedIn", "Software"); + put("SecureRandom.HAVALPRNG", gnu.java.security.jce.prng.HavalRandomSpi.class.getName()); + put("SecureRandom.HAVALPRNG ImplementedIn", "Software"); + put("SecureRandom.WHIRLPOOLPRNG", gnu.java.security.jce.prng.WhirlpoolRandomSpi.class.getName()); + put("SecureRandom.WHIRLPOOLPRNG ImplementedIn", "Software"); + + put("Alg.Alias.SecureRandom.SHA-1PRNG", "SHA-160PRNG"); + put("Alg.Alias.SecureRandom.SHA1PRNG", "SHA-160PRNG"); + put("Alg.Alias.SecureRandom.SHAPRNG", "SHA-160PRNG"); + put("Alg.Alias.SecureRandom.SHA-256PRNG", "SHA-256PRNG"); + put("Alg.Alias.SecureRandom.SHA-2-1PRNG", "SHA-256PRNG"); + put("Alg.Alias.SecureRandom.SHA-384PRNG", "SHA-384PRNG"); + put("Alg.Alias.SecureRandom.SHA-2-2PRNG", "SHA-384PRNG"); + put("Alg.Alias.SecureRandom.SHA-512PRNG", "SHA-512PRNG"); + put("Alg.Alias.SecureRandom.SHA-2-3PRNG", "SHA-512PRNG"); // CertificateFactory put("CertificateFactory.X509", X509CertificateFactory.class.getName()); - put("CertificateFactory.X509 ImplementedIn", "Software"); put("Alg.Alias.CertificateFactory.X.509", "X509"); @@ -166,14 +270,6 @@ public final class Gnu extends Provider // CertStore put("CertStore.Collection", CollectionCertStoreImpl.class.getName()); - // KeyAgreement - put("KeyAgreement.DiffieHellman", gnu.javax.crypto.DiffieHellmanImpl.class.getName()); - put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); - - // Cipher - put("Cipher.RSAES-PKCS1-v1_5", gnu.javax.crypto.RSACipherImpl.class.getName()); - put("Alg.Alias.Cipher.RSA", "RSAES-PKCS1-v1_5"); - return null; } }); diff --git a/libjava/classpath/gnu/java/security/provider/GnuDHPublicKey.java b/libjava/classpath/gnu/java/security/provider/GnuDHPublicKey.java deleted file mode 100644 index 6e13f6b..0000000 --- a/libjava/classpath/gnu/java/security/provider/GnuDHPublicKey.java +++ /dev/null @@ -1,115 +0,0 @@ -/* GnuDHPublicKey.java -- A Diffie-Hellman public key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.util.ArrayList; - -import javax.crypto.interfaces.DHPublicKey; -import javax.crypto.spec.DHParameterSpec; - -public class GnuDHPublicKey implements DHPublicKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private byte[] encoded; - private final DHParameterSpec params; - private final BigInteger Y; - private final BigInteger q; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuDHPublicKey(DHParameterSpec params, BigInteger Y, BigInteger q) - { - this.params = params; - this.Y = Y; - this.q = q; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getY() - { - return Y; - } - - public DHParameterSpec getParams() - { - return params; - } - - public String getAlgorithm() - { - return "DH"; - } - - public String getFormat() - { - return "X.509"; - } - - public byte[] getEncoded() - { - if (encoded != null) - return (byte[]) encoded.clone(); - ArrayList spki = new ArrayList(2); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, new OID("1.2.840.10046.2.1"))); - ArrayList param = new ArrayList(3); - param.add(new DERValue(DER.INTEGER, params.getP())); - param.add(new DERValue(DER.INTEGER, params.getG())); - param.add(new DERValue(DER.INTEGER, q)); - alg.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, param)); - spki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(Y.toByteArray()))); - encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, spki).getEncoded(); - if (encoded != null) - return (byte[]) encoded.clone(); - return null; - } -} diff --git a/libjava/classpath/gnu/java/security/provider/GnuDSAPrivateKey.java b/libjava/classpath/gnu/java/security/provider/GnuDSAPrivateKey.java deleted file mode 100644 index aac2faa..0000000 --- a/libjava/classpath/gnu/java/security/provider/GnuDSAPrivateKey.java +++ /dev/null @@ -1,147 +0,0 @@ -/* GnuDSAPrivateKey.java --- Gnu DSA Private Key - Copyright (C) 1999,2003,2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPrivateKey; -import java.security.spec.DSAParameterSpec; -import java.util.ArrayList; - -public class GnuDSAPrivateKey implements DSAPrivateKey -{ - private byte[] encodedKey; - BigInteger x; - BigInteger p; - BigInteger q; - BigInteger g; - - public GnuDSAPrivateKey(BigInteger x, BigInteger p, BigInteger q, BigInteger g ) - { - this.x = x; - this.p = p; - this.q = q; - this.g = g; - } - - public String getAlgorithm() - { - return "DSA"; - } - - public String getFormat() - { - return "PKCS#8"; - } - - /** - * Encodes this key as a PrivateKeyInfo, as described in - * PKCS #8. The ASN.1 specification for this structure is: - * - * 
-   * PrivateKeyInfo ::= SEQUENCE {
-   *   version Version,
-   *   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
-   *   privateKey PrivateKey,
-   *   attributes [0] IMPLICIT Attributes OPTIONAL }
-   *
-   * Version ::= INTEGER
-   *
-   * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
-   *
-   * PrivateKey ::= OCTET STRING
-   *
-   * Attributes ::= SET OF Attribute
-   *
- * - *

DSA private keys (in Classpath at least) have no attributes. - */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - try - { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - ArrayList pki = new ArrayList(3); - pki.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - ArrayList algId = new ArrayList(2); - algId.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.10040.4.1"))); - ArrayList algParams = new ArrayList(3); - algParams.add(new DERValue(DER.INTEGER, p)); - algParams.add(new DERValue(DER.INTEGER, q)); - algParams.add(new DERValue(DER.INTEGER, g)); - algId.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, algParams)); - pki.add(new DERValue(DER.OCTET_STRING, x.toByteArray())); - DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pki)); - return (byte[]) (encodedKey = out.toByteArray()).clone(); - } - catch (IOException ioe) - { - return null; - } - } - - public DSAParams getParams() - { - return (DSAParams)(new DSAParameterSpec(p,q,g)); - } - - public BigInteger getX() - { - return x; - } - - public String toString() - { - return "GnuDSAPrivateKey: x=" - + (x != null ? x.toString(16) : "null") + " p=" - + (p != null ? p.toString(16) : "null") + " q=" - + (q != null ? q.toString(16) : "null") + " g=" - + (g != null ? g.toString(16) : "null"); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/GnuDSAPublicKey.java b/libjava/classpath/gnu/java/security/provider/GnuDSAPublicKey.java deleted file mode 100644 index 41195fa..0000000 --- a/libjava/classpath/gnu/java/security/provider/GnuDSAPublicKey.java +++ /dev/null @@ -1,137 +0,0 @@ -/* GnuDSAPublicKey.java --- Gnu DSA Public Key - Copyright (C) 1999,2003,2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.DSAParameterSpec; -import java.util.ArrayList; - -public class GnuDSAPublicKey implements DSAPublicKey -{ - private byte[] encodedKey; - BigInteger y; - BigInteger p; - BigInteger q; - BigInteger g; - - public GnuDSAPublicKey(BigInteger y, BigInteger p, BigInteger q, BigInteger g ) - { - this.y = y; - this.p = p; - this.q = q; - this.g = g; - } - - public String getAlgorithm() - { - return "DSA"; - } - - public String getFormat() - { - return "X.509"; - } - - /** - * The encoded form of DSA public keys is: - * - * 

-   * SubjectPublicKeyInfo ::= SEQUENCE {
-   *   algorithm AlgorithmIdentifier,
-   *   subjectPublicKey BIT STRING }
-   *
- */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - try - { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - ArrayList spki = new ArrayList(2); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - ArrayList params = new ArrayList(3); - params.add(new DERValue(DER.INTEGER, p)); - params.add(new DERValue(DER.INTEGER, q)); - params.add(new DERValue(DER.INTEGER, g)); - alg.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, params)); - spki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(y.toByteArray()))); - DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, spki)); - return (byte[]) (encodedKey = out.toByteArray()).clone(); - } - catch (IOException ioe) - { - return null; - } - } - - public DSAParams getParams() - { - if (p == null || q == null || g == null) - return null; - return (DSAParams)(new DSAParameterSpec(p,q,g)); - } - - public BigInteger getY() - { - return y; - } - - public String toString() - { - return - "GnuDSAPublicKey: y=" + (y != null ? y.toString(16) : "(null)") + - " p=" + (p != null ? p.toString(16) : "(null)") + - " q=" + (q != null ? q.toString(16) : "(null)") + - " g=" + (g != null ? g.toString(16) : "(null)"); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/provider/GnuRSAPrivateKey.java deleted file mode 100644 index b09fc88..0000000 --- a/libjava/classpath/gnu/java/security/provider/GnuRSAPrivateKey.java +++ /dev/null @@ -1,164 +0,0 @@ -/* GnuRSAPrivateKey.java -- GNU RSA private key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.security.interfaces.RSAPrivateCrtKey; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.util.ArrayList; - -class GnuRSAPrivateKey implements RSAPrivateCrtKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private final RSAPrivateCrtKeySpec spec; - private byte[] encodedKey; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuRSAPrivateKey(RSAPrivateCrtKeySpec spec) - { - this.spec = spec; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getModulus() - { - return spec.getModulus(); - } - - public BigInteger getPrivateExponent() - { - return spec.getPrivateExponent(); - } - - public BigInteger getCrtCoefficient() - { - return spec.getCrtCoefficient(); - } - - public BigInteger getPrimeExponentP() - { - return spec.getPrimeExponentP(); - } - - public BigInteger getPrimeExponentQ() - { - return spec.getPrimeExponentQ(); - } - - public BigInteger getPrimeP() - { - return spec.getPrimeP(); - } - - public BigInteger getPrimeQ() - { - return spec.getPrimeQ(); - } - - public BigInteger getPublicExponent() - { - return spec.getPublicExponent(); - } - - public String getAlgorithm() - { - return "RSA"; - } - - public String getFormat() - { - return "PKCS#8"; - } - - /** - * The encoded form is: - * - * 
-   * RSAPrivateKey ::= SEQUENCE {
-   *   version Version,
-   *   modulus INTEGER, -- n
-   *   publicExponent INTEGER, -- e
-   *   privateExponent INTEGER, -- d
-   *   prime1 INTEGER, -- p
-   *   prime2 INTEGER, -- q
-   *   exponent1 INTEGER, -- d mod (p-1)
-   *   exponent2 INTEGER, -- d mod (q-1)
-   *   coefficient INTEGER -- (inverse of q) mod p }
-   *
- * - *

Which is in turn encoded in a PrivateKeyInfo structure from PKCS#8. - */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - ArrayList key = new ArrayList(9); - key.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - key.add(new DERValue(DER.INTEGER, getModulus())); - key.add(new DERValue(DER.INTEGER, getPublicExponent())); - key.add(new DERValue(DER.INTEGER, getPrivateExponent())); - key.add(new DERValue(DER.INTEGER, getPrimeP())); - key.add(new DERValue(DER.INTEGER, getPrimeQ())); - key.add(new DERValue(DER.INTEGER, getPrimeExponentP())); - key.add(new DERValue(DER.INTEGER, getPrimeExponentQ())); - key.add(new DERValue(DER.INTEGER, getCrtCoefficient())); - DERValue pk = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, key); - ArrayList pki = new ArrayList(3); - pki.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - alg.add(new DERValue(DER.NULL, null)); - pki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - pki.add(new DERValue(DER.OCTET_STRING, pk.getEncoded())); - encodedKey = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, pki).getEncoded(); - return (byte[]) encodedKey.clone(); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/provider/GnuRSAPublicKey.java deleted file mode 100644 index a35e761..0000000 --- a/libjava/classpath/gnu/java/security/provider/GnuRSAPublicKey.java +++ /dev/null @@ -1,109 +0,0 @@ -/* GnuRSAPublicKey.java -- GNU RSA public key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.RSAPublicKeySpec; -import java.util.ArrayList; - -class GnuRSAPublicKey implements RSAPublicKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private final RSAPublicKeySpec spec; - private byte[] encodedKey; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuRSAPublicKey(RSAPublicKeySpec spec) - { - this.spec = spec; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getModulus() - { - return spec.getModulus(); - } - - public BigInteger getPublicExponent() - { - return spec.getPublicExponent(); - } - - public String getAlgorithm() - { - return "RSA"; - } - - public String getFormat() - { - return "X.509"; - } - - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - ArrayList key = new ArrayList(2); - key.add(new DERValue(DER.INTEGER, getModulus())); - key.add(new DERValue(DER.INTEGER, getPublicExponent())); - DERValue rsapk = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, key); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - alg.add(new DERValue(DER.NULL, null)); - ArrayList spki = new ArrayList(2); - spki.add(new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(rsapk.getEncoded()))); - encodedKey = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, spki).getEncoded(); - return (byte[]) encodedKey.clone(); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/MD2withRSA.java b/libjava/classpath/gnu/java/security/provider/MD2withRSA.java deleted file mode 100644 index a72ae55..0000000 --- a/libjava/classpath/gnu/java/security/provider/MD2withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD2withRSA.java -- MD2 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD2withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD2withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD2"), DIGEST_ALGORITHM.getChild(2)); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/MD4withRSA.java b/libjava/classpath/gnu/java/security/provider/MD4withRSA.java deleted file mode 100644 index 76a6a1a..0000000 --- a/libjava/classpath/gnu/java/security/provider/MD4withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD4withRSA.java -- MD4 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD4withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD4withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD4"), DIGEST_ALGORITHM.getChild(4)); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/MD5.java b/libjava/classpath/gnu/java/security/provider/MD5.java deleted file mode 100644 index 1534eb9..0000000 --- a/libjava/classpath/gnu/java/security/provider/MD5.java +++ /dev/null @@ -1,338 +0,0 @@ -/* MD5.java -- Class implementing the MD5 algorithm as specified in RFC1321. - Copyright (C) 1999, 2002 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; -import java.security.MessageDigest; - -/** - This class implements the MD5 algorithm as described in RFC1321. - - @see java.security.MessageDigest -*/ -public class MD5 extends MessageDigest implements Cloneable -{ - private final int W[] = new int[16]; - private long bytecount; - private int A; - private int B; - private int C; - private int D; - - public MD5() - { - super("MD5"); - engineReset (); - } - - public Object clone() - { - return new MD5 (this); - } - - private MD5 (MD5 copy) - { - this (); - bytecount = copy.bytecount; - A = copy.A; - B = copy.B; - C = copy.C; - D = copy.D; - System.arraycopy (copy.W, 0, W, 0, 16); - } - - public int engineGetDigestLength() - { - return 16; - } - - // Intialize the A,B,C,D needed for the hash - public void engineReset() - { - bytecount = 0; - A = 0x67452301; - B = 0xefcdab89; - C = 0x98badcfe; - D = 0x10325476; - for(int i = 0; i < 16; i++) - W[i] = 0; - } - - public void engineUpdate (byte b) - { - int i = (int)bytecount % 64; - int shift = (3 - i % 4) * 8; - int idx = i / 4; - - // if you could index ints, this would be: W[idx][shift/8] = b - W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); - - // if we've filled up a block, then process it - if ((++ bytecount) % 64 == 0) - munch (); - } - - public void engineUpdate (byte bytes[], int off, int len) - { - if (len < 0) - throw new ArrayIndexOutOfBoundsException (); - - int end = off + len; - while (off < end) - engineUpdate (bytes[off++]); - } - - public byte[] engineDigest() - { - long bitcount = bytecount * 8; - engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding - - // add the rest of the padding to fill this block out, but leave 8 - // bytes to put in the original bytecount - while ((int)bytecount % 64 != 56) - engineUpdate ((byte)0); - - // add the length of the original, unpadded block to the end of - // the padding - W[14] = SWAP((int)(0xffffffff & bitcount)); - W[15] = SWAP((int)(0xffffffff & (bitcount >>> 32))); - bytecount += 8; - - // digest the fully padded block - munch (); - - A = SWAP(A); - B = SWAP(B); - C = SWAP(C); - D = SWAP(D); - byte[] result = new byte[] {(byte)(A >>> 24), (byte)(A >>> 16), - (byte)(A >>> 8), (byte)A, - (byte)(B >>> 24), (byte)(B >>> 16), - (byte)(B >>> 8), (byte)B, - (byte)(C >>> 24), (byte)(C >>> 16), - (byte)(C >>> 8), (byte)C, - (byte)(D >>> 24), (byte)(D >>> 16), - (byte)(D >>> 8), (byte)D}; - - engineReset (); - return result; - } - - private int F( int X, int Y, int Z) - { - return ((X & Y) | (~X & Z)); - } - - private int G( int X, int Y, int Z) - { - return ((X & Z) | (Y & ~Z)); - } - - private int H( int X, int Y, int Z) - { - return (X ^ Y ^ Z); - } - - private int I( int X, int Y, int Z) - { - return (Y ^ (X | ~Z)); - } - - private int rotateLeft( int i, int count) - { - //Taken from FIPS 180-1 - return ( (i << count) | (i >>> (32 - count)) ) ; - } - - /* Round 1. */ - private int FF( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s i] denote the operation */ - a += F(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - /* Round 2. */ - private int GG( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s i] denote the operation */ - a += G(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - /* Round 3. */ - private int HH( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s t] denote the operation */ - a += H(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - - /* Round 4. */ - private int II( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s t] denote the operation */ - a += I(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - - private int SWAP(int n) - { - //Copied from md5.c in FSF Gnu Privacy Guard 0.9.2 - return (( (0xff & n) << 24) | ((n & 0xff00) << 8) | ((n >>> 8) & 0xff00) | (n >>> 24)); - } - - private void munch() - { - int AA,BB,CC,DD, j; - int X[] = new int[16]; - - /* Copy block i into X. */ - for(j = 0; j < 16; j++) - X[j] = SWAP(W[j]); - - /* Save A as AA, B as BB, C as CC, and D as DD. */ - AA = A; - BB = B; - CC = C; - DD = D; - - /* The hex constants are from md5.c - in FSF Gnu Privacy Guard 0.9.2 */ - /* Round 1. */ - /* Let [abcd k s i] denote the operation - a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = FF(A,B,C,D, X[0], 7, 0xd76aa478); - D = FF(D,A,B,C, X[1], 12, 0xe8c7b756); - C = FF(C,D,A,B, X[2], 17, 0x242070db); - B = FF(B,C,D,A, X[3], 22, 0xc1bdceee); - - A = FF(A,B,C,D, X[4], 7, 0xf57c0faf); - D = FF(D,A,B,C, X[5], 12, 0x4787c62a); - C = FF(C,D,A,B, X[6], 17, 0xa8304613); - B = FF(B,C,D,A, X[7], 22, 0xfd469501); - - A = FF(A,B,C,D, X[8], 7, 0x698098d8); - D = FF(D,A,B,C, X[9], 12, 0x8b44f7af); - C = FF(C,D,A,B, X[10], 17, 0xffff5bb1); - B = FF(B,C,D,A, X[11], 22, 0x895cd7be); - - A = FF(A,B,C,D, X[12], 7, 0x6b901122); - D = FF(D,A,B,C, X[13], 12, 0xfd987193); - C = FF(C,D,A,B, X[14], 17, 0xa679438e); - B = FF(B,C,D,A, X[15], 22, 0x49b40821); - - /* Round 2. */ - /* Let [abcd k s i] denote the operation - a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = GG(A,B,C,D, X[1], 5, 0xf61e2562); - D = GG(D,A,B,C, X[6], 9, 0xc040b340); - C = GG(C,D,A,B, X[11], 14, 0x265e5a51); - B = GG(B,C,D,A, X[0], 20, 0xe9b6c7aa); - - A = GG(A,B,C,D, X[5], 5, 0xd62f105d); - D = GG(D,A,B,C, X[10], 9, 0x02441453); - C = GG(C,D,A,B, X[15], 14, 0xd8a1e681); - B = GG(B,C,D,A, X[4], 20, 0xe7d3fbc8); - - A = GG(A,B,C,D, X[9], 5, 0x21e1cde6); - D = GG(D,A,B,C, X[14], 9, 0xc33707d6); - C = GG(C,D,A,B, X[3], 14, 0xf4d50d87); - B = GG(B,C,D,A, X[8], 20, 0x455a14ed); - - A = GG(A,B,C,D, X[13], 5, 0xa9e3e905); - D = GG(D,A,B,C, X[2], 9, 0xfcefa3f8); - C = GG(C,D,A,B, X[7], 14, 0x676f02d9); - B = GG(B,C,D,A, X[12], 20, 0x8d2a4c8a); - - /* Round 3. */ - /* Let [abcd k s t] denote the operation - a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = HH(A,B,C,D, X[5], 4, 0xfffa3942); - D = HH(D,A,B,C, X[8], 11, 0x8771f681); - C = HH(C,D,A,B, X[11], 16, 0x6d9d6122); - B = HH(B,C,D,A, X[14], 23, 0xfde5380c); - - A = HH(A,B,C,D, X[1], 4, 0xa4beea44); - D = HH(D,A,B,C, X[4], 11, 0x4bdecfa9); - C = HH(C,D,A,B, X[7], 16, 0xf6bb4b60); - B = HH(B,C,D,A, X[10], 23, 0xbebfbc70); - - A = HH(A,B,C,D, X[13], 4, 0x289b7ec6); - D = HH(D,A,B,C, X[0], 11, 0xeaa127fa); - C = HH(C,D,A,B, X[3], 16, 0xd4ef3085); - B = HH(B,C,D,A, X[6], 23, 0x04881d05); - - A = HH(A,B,C,D, X[9], 4, 0xd9d4d039); - D = HH(D,A,B,C, X[12], 11, 0xe6db99e5); - C = HH(C,D,A,B, X[15], 16, 0x1fa27cf8); - B = HH(B,C,D,A, X[2], 23, 0xc4ac5665); - - /* Round 4. */ - /* Let [abcd k s t] denote the operation - a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = II(A,B,C,D, X[0], 6, 0xf4292244); - D = II(D,A,B,C, X[7], 10, 0x432aff97); - C = II(C,D,A,B, X[14], 15, 0xab9423a7); - B = II(B,C,D,A, X[5], 21, 0xfc93a039); - - A = II(A,B,C,D, X[12], 6, 0x655b59c3); - D = II(D,A,B,C, X[3], 10, 0x8f0ccc92); - C = II(C,D,A,B, X[10], 15, 0xffeff47d); - B = II(B,C,D,A, X[1], 21, 0x85845dd1); - - A = II(A,B,C,D, X[8], 6, 0x6fa87e4f); - D = II(D,A,B,C, X[15], 10, 0xfe2ce6e0); - C = II(C,D,A,B, X[6], 15, 0xa3014314); - B = II(B,C,D,A, X[13], 21, 0x4e0811a1); - - A = II(A,B,C,D, X[4], 6, 0xf7537e82); - D = II(D,A,B,C, X[11], 10, 0xbd3af235); - C = II(C,D,A,B, X[2], 15, 0x2ad7d2bb); - B = II(B,C,D,A, X[9], 21, 0xeb86d391); - - /* Then perform the following additions. (That is increment each - of the four registers by the value it had before this block - was started.) */ - A = A + AA; - B = B + BB; - C = C + CC; - D = D + DD; - } -} diff --git a/libjava/classpath/gnu/java/security/provider/MD5withRSA.java b/libjava/classpath/gnu/java/security/provider/MD5withRSA.java deleted file mode 100644 index 721d897..0000000 --- a/libjava/classpath/gnu/java/security/provider/MD5withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD5withRSA.java -- MD5 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD5withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD5withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD5"), DIGEST_ALGORITHM.getChild(5)); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java index ab89434..8801637 100644 --- a/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java +++ b/libjava/classpath/gnu/java/security/provider/PKIXCertPathValidatorImpl.java @@ -39,6 +39,8 @@ exception statement from your version. */ package gnu.java.security.provider; import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSPublicKey; import gnu.java.security.x509.GnuPKIExtension; import gnu.java.security.x509.PolicyNodeImpl; import gnu.java.security.x509.X509CRLSelectorImpl; @@ -241,8 +243,11 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi if (!(prevKey instanceof DSAPublicKey)) throw new InvalidKeyException("DSA keys not chainable"); dsa = ((DSAPublicKey) prevKey).getParams(); - pubKey = new GnuDSAPublicKey(((DSAPublicKey) pubKey).getY(), - dsa.getP(), dsa.getQ(), dsa.getG()); + pubKey = new DSSPublicKey(Registry.X509_ENCODING_ID, + dsa.getP(), + dsa.getQ(), + dsa.getG(), + ((DSAPublicKey) pubKey).getY()); } } if (sigProvider == null) diff --git a/libjava/classpath/gnu/java/security/provider/RSA.java b/libjava/classpath/gnu/java/security/provider/RSA.java deleted file mode 100644 index c3cfbbf..0000000 --- a/libjava/classpath/gnu/java/security/provider/RSA.java +++ /dev/null @@ -1,311 +0,0 @@ -/* RSA.java -- RSA PKCS#1 signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidKeyException; -import java.security.MessageDigest; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.SignatureException; -import java.security.SignatureSpi; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.util.ArrayList; - -public abstract class RSA extends SignatureSpi implements Cloneable -{ - - // Constants and fields. - // ------------------------------------------------------------------------- - - /** - * digestAlgorithm OBJECT IDENTIFIER ::= - * { iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) } - */ - protected static final OID DIGEST_ALGORITHM = new OID("1.2.840.113549.2"); - - protected final OID digestAlgorithm; - protected final MessageDigest md; - protected RSAPrivateKey signerKey; - protected RSAPublicKey verifierKey; - - // Constructor. - // ------------------------------------------------------------------------- - - protected RSA(MessageDigest md, OID digestAlgorithm) - { - super(); - this.md = md; - this.digestAlgorithm = digestAlgorithm; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public Object clone() throws CloneNotSupportedException - { - return super.clone(); - } - - protected Object engineGetParameter(String param) - { - throw new UnsupportedOperationException("deprecated"); - } - - protected void engineSetParameter(String param, Object value) - { - throw new UnsupportedOperationException("deprecated"); - } - - protected void engineInitSign(PrivateKey privateKey) - throws InvalidKeyException - { - if (!(privateKey instanceof RSAPrivateKey)) - throw new InvalidKeyException(); - verifierKey = null; - signerKey = (RSAPrivateKey) privateKey; - } - - protected void engineInitSign(PrivateKey privateKey, SecureRandom random) - throws InvalidKeyException - { - // This class does not need random bytes. - engineInitSign(privateKey); - } - - protected void engineInitVerify(PublicKey publicKey) - throws InvalidKeyException - { - if (!(publicKey instanceof RSAPublicKey)) - throw new InvalidKeyException(); - signerKey = null; - verifierKey = (RSAPublicKey) publicKey; - } - - protected void engineUpdate(byte b) throws SignatureException - { - if (signerKey == null && verifierKey == null) - throw new SignatureException("not initialized"); - md.update(b); - } - - protected void engineUpdate(byte[] buf, int off, int len) - throws SignatureException - { - if (signerKey == null && verifierKey == null) - throw new SignatureException("not initialized"); - md.update(buf, off, len); - } - - protected byte[] engineSign() throws SignatureException - { - if (signerKey == null) - throw new SignatureException("not initialized for signing"); - // - // The signature will be the RSA encrypted BER representation of - // the following: - // - // DigestInfo ::= SEQUENCE { - // digestAlgorithm DigestAlgorithmIdentifier, - // digest Digest } - // - // DigestAlgorithmIdentifier ::= AlgorithmIdentifier - // - // Digest ::= OCTET STRING - // - ArrayList digestAlg = new ArrayList(2); - digestAlg.add(new DERValue(DER.OBJECT_IDENTIFIER, digestAlgorithm)); - digestAlg.add(new DERValue(DER.NULL, null)); - ArrayList digestInfo = new ArrayList(2); - digestInfo.add(new DERValue(DER.SEQUENCE, digestAlg)); - digestInfo.add(new DERValue(DER.OCTET_STRING, md.digest())); - ByteArrayOutputStream out = new ByteArrayOutputStream(); - try - { - DERWriter.write(out, new DERValue(DER.SEQUENCE, digestInfo)); - } - catch (IOException ioe) - { - throw new SignatureException(ioe.toString()); - } - byte[] buf = out.toByteArray(); - md.reset(); - - // k = octect length of the modulus. - int k = signerKey.getModulus().bitLength(); - k = (k >>> 3) + ((k & 7) == 0 ? 0 : 1); - if (buf.length < k - 3) - { - throw new SignatureException("RSA modulus too small"); - } - byte[] d = new byte[k]; - - // Padding type 1: - // 00 | 01 | FF | ... | FF | 00 | D - d[1] = 0x01; - for (int i = 2; i < k - buf.length - 1; i++) - d[i] = (byte) 0xFF; - System.arraycopy(buf, 0, d, k - buf.length, buf.length); - - BigInteger eb = new BigInteger(d); - - byte[] ed = eb.modPow(signerKey.getPrivateExponent(), - signerKey.getModulus()).toByteArray(); - - // Ensure output is k octets long. - if (ed.length < k) - { - byte[] b = new byte[k]; - System.arraycopy(eb, 0, b, k - ed.length, ed.length); - ed = b; - } - else if (ed.length > k) - { - if (ed.length != k + 1) - { - throw new SignatureException("modPow result is larger than the modulus"); - } - // Maybe an extra 00 octect. - byte[] b = new byte[k]; - System.arraycopy(ed, 1, b, 0, k); - ed = b; - } - - return ed; - } - - protected int engineSign(byte[] out, int off, int len) - throws SignatureException - { - if (out == null || off < 0 || len < 0 || off+len > out.length) - throw new SignatureException("illegal output argument"); - byte[] result = engineSign(); - if (result.length > len) - throw new SignatureException("not enough space for signature"); - System.arraycopy(result, 0, out, off, result.length); - return result.length; - } - - protected boolean engineVerify(byte[] sig) throws SignatureException - { - if (verifierKey == null) - throw new SignatureException("not initialized for verifying"); - if (sig == null) - throw new SignatureException("no signature specified"); - int k = verifierKey.getModulus().bitLength(); - k = (k >>> 3) + ((k & 7) == 0 ? 0 : 1); - if (sig.length != k) - throw new SignatureException("signature is the wrong size (expecting " - + k + " bytes, got " + sig.length + ")"); - BigInteger ed = new BigInteger(1, sig); - byte[] eb = ed.modPow(verifierKey.getPublicExponent(), - verifierKey.getModulus()).toByteArray(); - - int i = 0; - if (eb[0] == 0x00) - { - for (i = 1; i < eb.length && eb[i] == 0x00; i++); - if (i == 1) - throw new SignatureException("wrong RSA padding"); - i--; - } - else if (eb[0] == 0x01) - { - for (i = 1; i < eb.length && eb[i] != 0x00; i++) - if (eb[i] != (byte) 0xFF) - throw new IllegalArgumentException("wrong RSA padding"); - } - else - throw new SignatureException("wrong RSA padding type"); - - byte[] d = new byte[eb.length-i-1]; - System.arraycopy(eb, i+1, d, 0, eb.length-i-1); - - DERReader der = new DERReader(d); - try - { - DERValue val = der.read(); - if (val.getTag() != DER.SEQUENCE) - throw new SignatureException("failed to parse DigestInfo"); - val = der.read(); - if (val.getTag() != DER.SEQUENCE) - throw new SignatureException("failed to parse DigestAlgorithmIdentifier"); - boolean sequenceIsBer = val.getLength() == 0; - val = der.read(); - if (val.getTag() != DER.OBJECT_IDENTIFIER) - throw new SignatureException("failed to parse object identifier"); - if (!val.getValue().equals(digestAlgorithm)) - throw new SignatureException("digest algorithms do not match"); - val = der.read(); - // We should never see parameters here, since they are never used. - if (val.getTag() != DER.NULL) - throw new SignatureException("cannot handle digest parameters"); - if (sequenceIsBer) - der.skip(1); // end-of-sequence byte. - val = der.read(); - if (val.getTag() != DER.OCTET_STRING) - throw new SignatureException("failed to parse Digest"); - return MessageDigest.isEqual(md.digest(), (byte[]) val.getValue()); - } - catch (IOException ioe) - { - throw new SignatureException(ioe.toString()); - } - } - - protected boolean engineVerify(byte[] sig, int off, int len) - throws SignatureException - { - if (sig == null || off < 0 || len < 0 || off+len > sig.length) - throw new SignatureException("illegal parameter"); - byte[] buf = new byte[len]; - System.arraycopy(sig, off, buf, 0, len); - return engineVerify(buf); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/provider/RSAKeyFactory.java deleted file mode 100644 index d13cbe5..0000000 --- a/libjava/classpath/gnu/java/security/provider/RSAKeyFactory.java +++ /dev/null @@ -1,181 +0,0 @@ -/* RSAKeyFactory.java -- RSA key factory. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.PrivateKey; -import java.security.PublicKey; - -import java.security.interfaces.RSAPrivateCrtKey; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; - -import java.security.spec.InvalidKeySpecException; -import java.security.spec.KeySpec; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.security.spec.RSAPrivateKeySpec; -import java.security.spec.RSAPublicKeySpec; -import java.security.spec.X509EncodedKeySpec; - -public class RSAKeyFactory extends KeyFactorySpi -{ - - // Default constructor. - // ------------------------------------------------------------------------- - - // Instance methods. - // ------------------------------------------------------------------------- - - protected PrivateKey engineGeneratePrivate(KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof RSAPrivateCrtKeySpec) - { - return new GnuRSAPrivateKey((RSAPrivateCrtKeySpec) spec); - } - if (spec instanceof RSAPrivateKeySpec) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateKeySpec) spec).getModulus(), null, - ((RSAPrivateKeySpec) spec).getPrivateExponent(), null, - null, null, null, null)); - } - if (spec instanceof PKCS8EncodedKeySpec) - { - EncodedKeyFactory ekf = new EncodedKeyFactory(); - PrivateKey pk = ekf.engineGeneratePrivate(spec); - if (pk instanceof RSAPrivateKey) - return pk; - } - throw new InvalidKeySpecException(); - } - - protected PublicKey engineGeneratePublic(KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof RSAPublicKeySpec) - { - return new GnuRSAPublicKey((RSAPublicKeySpec) spec); - } - if (spec instanceof X509EncodedKeySpec) - { - EncodedKeyFactory ekf = new EncodedKeyFactory(); - PublicKey pk = ekf.engineGeneratePublic(spec); - if (pk instanceof RSAPublicKey) - return pk; - } - throw new InvalidKeySpecException(); - } - - protected KeySpec engineGetKeySpec(Key key, Class keySpec) - throws InvalidKeySpecException - { - if (keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class) - && (key instanceof RSAPrivateCrtKey)) - { - return new RSAPrivateCrtKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent(), - ((RSAPrivateCrtKey) key).getPrivateExponent(), - ((RSAPrivateCrtKey) key).getPrimeP(), - ((RSAPrivateCrtKey) key).getPrimeQ(), - ((RSAPrivateCrtKey) key).getPrimeExponentP(), - ((RSAPrivateCrtKey) key).getPrimeExponentQ(), - ((RSAPrivateCrtKey) key).getCrtCoefficient()); - } - if (keySpec.isAssignableFrom(RSAPrivateKeySpec.class) - && (key instanceof RSAPrivateKey)) - { - return new RSAPrivateKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPrivateExponent()); - } - if (keySpec.isAssignableFrom(RSAPublicKeySpec.class) - && (key instanceof RSAPublicKey)) - { - return new RSAPublicKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent()); - } - if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class) - && key.getFormat().equalsIgnoreCase("PKCS#8")) - { - return new PKCS8EncodedKeySpec(key.getEncoded()); - } - if (keySpec.isAssignableFrom(X509EncodedKeySpec.class) - && key.getFormat().equalsIgnoreCase("X.509")) - { - return new X509EncodedKeySpec(key.getEncoded()); - } - throw new InvalidKeySpecException(); - } - - protected Key engineTranslateKey(Key key) throws InvalidKeyException - { - if (key instanceof RSAPrivateCrtKey) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent(), - ((RSAPrivateCrtKey) key).getPrivateExponent(), - ((RSAPrivateCrtKey) key).getPrimeP(), - ((RSAPrivateCrtKey) key).getPrimeQ(), - ((RSAPrivateCrtKey) key).getPrimeExponentP(), - ((RSAPrivateCrtKey) key).getPrimeExponentQ(), - ((RSAPrivateCrtKey) key).getCrtCoefficient())); - } - if (key instanceof RSAPrivateKey) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateKey) key).getModulus(), null, - ((RSAPrivateKey) key).getPrivateExponent(), null, - null, null, null, null)); - } - if (key instanceof RSAPublicKey) - { - return new GnuRSAPublicKey(new RSAPublicKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent())); - } - throw new InvalidKeyException(); - } -} diff --git a/libjava/classpath/gnu/java/security/provider/SHA.java b/libjava/classpath/gnu/java/security/provider/SHA.java deleted file mode 100644 index e3b09bc..0000000 --- a/libjava/classpath/gnu/java/security/provider/SHA.java +++ /dev/null @@ -1,242 +0,0 @@ -/* SHA.java -- Class implementing the SHA-1 algorithm as specified in [1]. - Copyright (C) 1999, 2000, 2002 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; - -/** - This class implements the SHA-1 algorithm as described in [1]. - - [1] Federal Information Processing Standards Publication 180-1. - Specifications for the Secure Hash Standard. April 17, 1995. - - @see java.security.MessageDigest -*/ -public class SHA extends MessageDigest implements Cloneable -{ - public SHA () - { - super("SHA"); - engineReset (); - } - - public int engineGetDigestLength() - { - return 20; - } - - public void engineUpdate (byte b) - { - int i = ((int)bytecount) & 0x3f; //wgs - int shift = (3 - i % 4) << 3; - int idx = i / 4; - - i = (int)b; - W[idx] = (W[idx] & ~(0xff << shift)) | ((i & 0xff) << shift); - - // if we've filled up a block, then process it - if (((++bytecount) & 0x3f) == 0) - munch (); - } - - // This could be optimized. - public void engineUpdate (byte bytes[], int off, int len) - { - if (len < 0) - throw new ArrayIndexOutOfBoundsException (); - - int end = off + len; - while (off < end) - engineUpdate (bytes[off++]); - } - - public void engineReset () - { - bytecount = 0; - // magic numbers from [1] p. 10. - H0 = 0x67452301; - H1 = 0xefcdab89; - H2 = 0x98badcfe; - H3 = 0x10325476; - H4 = 0xc3d2e1f0; - } - - public byte[] engineDigest () - { - long bitcount = bytecount << 3; - engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding - - // add the rest of the padding to fill this block out, but leave 8 - // bytes to put in the original bytecount - while ((bytecount & 0x3f) != 56) - engineUpdate ((byte)0); - - // add the length of the original, unpadded block to the end of - // the padding - W[14] = (int)(bitcount >>> 32); - W[15] = (int)bitcount; - bytecount += 8; - - // digest the fully padded block - munch (); - - byte[] result - = new byte[] {(byte)(H0 >>> 24), (byte)(H0 >>> 16), - (byte)(H0 >>> 8), (byte)H0, - (byte)(H1 >>> 24), (byte)(H1 >>> 16), - (byte)(H1 >>> 8), (byte)H1, - (byte)(H2 >>> 24), (byte)(H2 >>> 16), - (byte)(H2 >>> 8), (byte)H2, - (byte)(H3 >>> 24), (byte)(H3 >>> 16), - (byte)(H3 >>> 8), (byte)H3, - (byte)(H4 >>> 24), (byte)(H4 >>> 16), - (byte)(H4 >>> 8), (byte)H4}; - - engineReset (); - return result; - } - - // Process a single block. This is pretty much copied verbatim from - // [1] pp. 9, 10. - private void munch () - { - for (int t = 16; t < 80; ++ t) - { - int Wt = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; - W[t] = Wt << 1 | Wt >>> 31; - } - - int A = H0; - int B = H1; - int C = H2; - int D = H3; - int E = H4; - - for (int t = 0; t < 20; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + ((B & C) | (~B & D)) // f_t(B,C,D) - + E + W[t] - + 0x5a827999; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 20; t < 40; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0x6ed9eba1; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 40; t < 60; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B & C | B & D | C & D) // f_t(B,C,D) - + E + W[t] - + 0x8f1bbcdc; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 60; t < 80; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0xca62c1d6; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - H0 += A; - H1 += B; - H2 += C; - H3 += D; - H4 += E; - - // Reset W by clearing it. - for (int t = 0; t < 80; ++ t) - W[t] = 0; - } - - public Object clone () - { - return new SHA (this); - } - - private SHA (SHA copy) - { - this (); - bytecount = copy.bytecount; - H0 = copy.H0; - H1 = copy.H1; - H2 = copy.H2; - H3 = copy.H3; - H4 = copy.H4; - System.arraycopy (copy.W, 0, W, 0, 80); - } - - private final int W[] = new int[80]; - private long bytecount; - private int H0; - private int H1; - private int H2; - private int H3; - private int H4; -} diff --git a/libjava/classpath/gnu/java/security/provider/SHA1PRNG.java b/libjava/classpath/gnu/java/security/provider/SHA1PRNG.java deleted file mode 100644 index e4058e3..0000000 --- a/libjava/classpath/gnu/java/security/provider/SHA1PRNG.java +++ /dev/null @@ -1,137 +0,0 @@ -/* SHA1PRNG.java --- Secure Random SPI SHA1PRNG - Copyright (C) 1999, 2001, 2003, 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.io.Serializable; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandomSpi; -import java.util.Random; - -public class SHA1PRNG extends SecureRandomSpi implements Serializable -{ - MessageDigest digest; - byte seed[]; - byte data[]; - int seedpos; - int datapos; - private boolean seeded = false; // set to true when we seed this - /** - * The size of seed. - */ - private static final int SEED_SIZE = 20; - /** - * The size of data. - */ - private static final int DATA_SIZE = 40; - - /** - * Create a new SHA-1 pseudo-random number generator. - */ - public SHA1PRNG() - { - try { - digest = MessageDigest.getInstance("SHA"); - } catch ( NoSuchAlgorithmException nsae) { -// System.out.println("Failed to find SHA Message Digest: " + nsae); -// nsae.printStackTrace(); - throw new InternalError ("no SHA implementation found"); - } - - seed = new byte[SEED_SIZE]; - seedpos = 0; - data = new byte[DATA_SIZE]; - datapos = SEED_SIZE; // try to force hashing a first block - } - - public void engineSetSeed(byte[] seed) - { - for(int i = 0; i < seed.length; i++) - this.seed[seedpos++ % SEED_SIZE] ^= seed[i]; - seedpos %= SEED_SIZE; - - } - - public void engineNextBytes(byte[] bytes) - { - ensureIsSeeded (); - int loc = 0; - while (loc < bytes.length) - { - int copy = Math.min (bytes.length - loc, SEED_SIZE - datapos); - - if (copy > 0) - { - System.arraycopy (data, datapos, bytes, loc, copy); - datapos += copy; - loc += copy; - } - else - { - // No data ready for copying, so refill our buffer. - System.arraycopy( seed, 0, data, SEED_SIZE, SEED_SIZE); - byte[] digestdata = digest.digest( data ); - System.arraycopy( digestdata, 0, data, 0, SEED_SIZE); - datapos = 0; - } - } - } - - public byte[] engineGenerateSeed(int numBytes) - { - byte tmp[] = new byte[numBytes]; - - engineNextBytes( tmp ); - return tmp; - } - - private void ensureIsSeeded() - { - if (!seeded) - { - new Random(0L).nextBytes(seed); - - byte[] digestdata = digest.digest(data); - System.arraycopy(digestdata, 0, data, 0, SEED_SIZE); - - seeded = true; - } - } - -} diff --git a/libjava/classpath/gnu/java/security/provider/SHA1withRSA.java b/libjava/classpath/gnu/java/security/provider/SHA1withRSA.java deleted file mode 100644 index 0e63fde..0000000 --- a/libjava/classpath/gnu/java/security/provider/SHA1withRSA.java +++ /dev/null @@ -1,61 +0,0 @@ -/* SHA1withRSA.java -- SHA-1 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class SHA1withRSA extends RSA -{ - - // Constant. - // ------------------------------------------------------------------------- - - private static final OID SHA1 = new OID("1.3.14.3.2.26"); - - // Constructor. - // ------------------------------------------------------------------------- - - public SHA1withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("SHA-160"), SHA1); - } -} diff --git a/libjava/classpath/gnu/java/security/sig/BaseSignature.java b/libjava/classpath/gnu/java/security/sig/BaseSignature.java new file mode 100644 index 0000000..dd964d4 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/BaseSignature.java @@ -0,0 +1,261 @@ +/* BaseSignature.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig; + +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; + +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.Map; +import java.util.Random; + +/** + *

A base abstract class to facilitate implementations of concrete + * Signatures.

+ */ +public abstract class BaseSignature implements ISignature +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name of this signature scheme. */ + protected String schemeName; + + /** The underlying message digest instance for this signature scheme. */ + protected IMessageDigest md; + + /** The public key to use when verifying signatures. */ + protected PublicKey publicKey; + + /** The private key to use when generating signatures (signing). */ + protected PrivateKey privateKey; + + /** The optional {@link Random} instance to use. */ + private Random rnd; + + /** The optional {@link IRandom} instance to use. */ + private IRandom irnd; + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial constructor. + * + * @param schemeName the name of this signature scheme. + * @param md the underlying instance of the message digest algorithm. + * @throws IllegalArgumentException if the designated hash instance is + * null. + */ + protected BaseSignature(String schemeName, IMessageDigest md) + { + super(); + + this.schemeName = schemeName; + if (md == null) + throw new IllegalArgumentException("Message digest MUST NOT be null"); + + this.md = md; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.sig.ISignature interface implementation ---------------------- + + public String name() + { + return schemeName + "-" + md.name(); + } + + public void setupVerify(Map attributes) throws IllegalArgumentException + { + setup(attributes); + + // do we have a public key? + PublicKey key = (PublicKey) attributes.get(VERIFIER_KEY); + if (key != null) + { + setupForVerification(key); + } + } + + public void setupSign(Map attributes) throws IllegalArgumentException + { + setup(attributes); + + // do we have a private key? + PrivateKey key = (PrivateKey) attributes.get(SIGNER_KEY); + if (key != null) + { + setupForSigning(key); + } + } + + public void update(byte b) + { + if (md == null) + { + throw new IllegalStateException(); + } + md.update(b); + } + + public void update(byte[] b, int off, int len) + { + if (md == null) + { + throw new IllegalStateException(); + } + md.update(b, off, len); + } + + public Object sign() + { + if (md == null || privateKey == null) + { + throw new IllegalStateException(); + } + + return generateSignature(); + } + + public boolean verify(Object sig) + { + if (md == null || publicKey == null) + { + throw new IllegalStateException(); + } + + return verifySignature(sig); + } + + // abstract methods to be implemented by concrete subclasses --------------- + + public abstract Object clone(); + + protected abstract void setupForVerification(PublicKey key) + throws IllegalArgumentException; + + protected abstract void setupForSigning(PrivateKey key) + throws IllegalArgumentException; + + protected abstract Object generateSignature() throws IllegalStateException; + + protected abstract boolean verifySignature(Object signature) + throws IllegalStateException; + + // Other instance methods -------------------------------------------------- + + /** Initialises the internal fields of this instance. */ + protected void init() + { + md.reset(); + rnd = null; + irnd = null; + publicKey = null; + privateKey = null; + } + + /** + *

Fills the designated byte array with random data.

+ * + * @param buffer the byte array to fill with random data. + */ + protected void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else if (irnd != null) + { + try + { + irnd.nextBytes(buffer, 0, buffer.length); + } + catch (IllegalStateException x) + { + throw new RuntimeException("nextRandomBytes(): " + + String.valueOf(x)); + } + catch (LimitReachedException x) + { + throw new RuntimeException("nextRandomBytes(): " + + String.valueOf(x)); + } + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private void setup(Map attributes) + { + init(); + + // do we have a Random or SecureRandom, or should we use our own? + Object obj = attributes.get(SOURCE_OF_RANDOMNESS); + if (obj instanceof Random) + { + rnd = (Random) obj; + } + else if (obj instanceof IRandom) + { + irnd = (IRandom) obj; + } + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/ISignature.java b/libjava/classpath/gnu/java/security/sig/ISignature.java new file mode 100644 index 0000000..77653ee --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/ISignature.java @@ -0,0 +1,169 @@ +/* ISignature.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig; + +import java.util.Map; + +/** + *

The visible methods of every signature-with-appendix scheme.

+ * + *

The Handbook of Applied Cryptography (HAC), by A. Menezes & al. states: + * "Digital signature schemes which require the message as input to the + * verification algorithm are called digital signature schemes with + * appendix. ... They rely on cryptographic hash functions rather than + * customised redundancy functions, and are less prone to existential forgery + * attacks."

+ * + *

References:

+ *
    + *
  1. Handbook of Applied + * Cryptography, Alfred J. Menezes, Paul C. van Oorschot and Scott A. + * Vanstone. Section 11.2.2 Digital signature schemes with appendix.
    2. + *
+ * + * @version $Revision: 1.1 $ + */ +public interface ISignature extends Cloneable +{ + + // Constants + // ------------------------------------------------------------------------- + + /** Property name of the verifier's public key. */ + public static final String VERIFIER_KEY = "gnu.crypto.sig.public.key"; + + /** Property name of the signer's private key. */ + public static final String SIGNER_KEY = "gnu.crypto.sig.private.key"; + + /** + * Property name of an optional {@link java.security.SecureRandom}, + * {@link java.util.Random}, or {@link gnu.crypto.prng.IRandom} instance to + * use. The default is to use a classloader singleton from + * {@link gnu.crypto.util.PRNG}. + */ + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.sig.prng"; + + // Methods + // ------------------------------------------------------------------------- + + /** + *

Returns the canonical name of this signature scheme.

+ * + * @return the canonical name of this instance. + */ + String name(); + + /** + *

Initialises this instance for signature verification.

+ * + * @param attributes the attributes to use for setting up this instance. + * @throws IllegalArgumentException if the designated public key is not + * appropriate for this signature scheme. + * @see #SOURCE_OF_RANDOMNESS + * @see #VERIFIER_KEY + */ + void setupVerify(Map attributes) throws IllegalArgumentException; + + /** + *

Initialises this instance for signature generation.

+ * + * @param attributes the attributes to use for setting up this instance. + * @throws IllegalArgumentException if the designated private key is not + * appropriate for this signature scheme. + * @see #SOURCE_OF_RANDOMNESS + * @see #SIGNER_KEY + */ + void setupSign(Map attributes) throws IllegalArgumentException; + + /** + *

Digests one byte of a message for signing or verification purposes.

+ * + * @param b the message byte to digest. + * @throws IllegalStateException if this instance was not setup for + * signature generation/verification. + */ + void update(byte b) throws IllegalStateException; + + /** + *

Digests a sequence of bytes from a message for signing or verification + * purposes.

+ * + * @param buffer the byte sequence to consider. + * @param offset the byte poisition in buffer of the first byte + * to consider. + * @param length the number of bytes in buffer starting from the + * byte at index offset to digest. + * @throws IllegalStateException if this instance was not setup for + * signature generation/verification. + */ + void update(byte[] buffer, int offset, int length) + throws IllegalStateException; + + /** + *

Terminates a signature generation phase by digesting and processing the + * context of the underlying message digest algorithm instance.

+ * + * @return a {@link Object} representing the native output of the signature + * scheme implementation. + * @throws IllegalStateException if this instance was not setup for + * signature generation. + */ + Object sign() throws IllegalStateException; + + /** + *

Terminates a signature verification phase by digesting and processing + * the context of the underlying message digest algorithm instance.

+ * + * @param signature a native signature object previously generated by an + * invocation of the sign() method. + * @return true iff the outpout of the verification phase + * confirms that the designated signature object has been generated using the + * corresponding public key of the recepient. + * @throws IllegalStateException if this instance was not setup for + * signature verification. + */ + boolean verify(Object signature) throws IllegalStateException; + + /** + *

Returns a clone copy of this instance.

+ * + * @return a clone copy of this instance. + */ + Object clone(); +} diff --git a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java new file mode 100644 index 0000000..119eca5 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java @@ -0,0 +1,68 @@ +/* ISignatureCodec.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig; + +import gnu.java.security.Registry; + +/** + *

The visible methods of an object that knows how to encode and decode + * cryptographic signatures. Codecs are useful for (a) externalising signature + * output data for storage and on-the-wire transmission, as well as (b) re- + * creating their internal Java representation from external sources.

+ * + * @version $Revision: 1.1 $ + */ +public interface ISignatureCodec +{ + + // Constants + // ------------------------------------------------------------------------- + + /** Constant identifying the Raw encoding format. */ + int RAW_FORMAT = Registry.RAW_ENCODING_ID; + + // Method(s) + // ------------------------------------------------------------------------- + + int getFormatID(); + + byte[] encodeSignature(Object signature); + + Object decodeSignature(byte[] input); +} diff --git a/libjava/classpath/gnu/java/security/sig/SignatureCodecFactory.java b/libjava/classpath/gnu/java/security/sig/SignatureCodecFactory.java new file mode 100644 index 0000000..c5b2ccd --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/SignatureCodecFactory.java @@ -0,0 +1,226 @@ +/* SignatureCodecFactory.java -- Factory to instantiate Signature codecs + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.sig.dss.DSSSignatureRawCodec; +import gnu.java.security.sig.dss.DSSSignatureX509Codec; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureRawCodec; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; +import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec; +import gnu.java.security.util.FormatUtil; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + * A Factory class to instantiate Signature codecs. + */ +public class SignatureCodecFactory +{ + private static Set names; + + /** Trivial constructor to enforce Singleton pattern. */ + private SignatureCodecFactory() + { + super(); + } + + /** + * Returns the appropriate codec given a composed signature algorithm and an + * encoding format. A composed name is formed by the concatenation of the + * canonical signature algorithm name, the forward slash character + * / and the canonical name of the encoding format. + *

+ * When the encoding format name is missing, the Raw encoding format is + * assumed. When this is the case the trailing forward slash is discarded from + * the name. + * + * @param name the case-insensitive, possibly composed, signature codec name. + * @return an instance of the signaturecodec, or null if none + * found. + */ + public static ISignatureCodec getInstance(String name) + { + if (name == null) + return null; + + name = name.trim(); + if (name.length() == 0) + return null; + + if (name.startsWith("/")) + return null; + + if (name.endsWith("/")) + return getInstance(name.substring(0, name.length() - 1), + Registry.RAW_ENCODING_ID); + + int i = name.indexOf("/"); + if (i == - 1) + return getInstance(name, Registry.RAW_ENCODING_ID); + + String sigName = name.substring(0, i); + String formatName = name.substring(i + 1); + return getInstance(sigName, formatName); + } + + /** + * Returns an instance of a signature codec given the canonical name of the + * signature algorithm, and that of the encoding format. + * + * @param name the case-insensitive signature algorithm name. + * @param format the name of the format to use when encodigng/decoding + * signatures generated by the named algorithm. + * @return an instance of the signature codec, or null if none + * found. + */ + public static ISignatureCodec getInstance(String name, String format) + { + int formatID = FormatUtil.getFormatID(format); + if (formatID == 0) + return null; + + return getInstance(name, formatID); + } + + /** + * Returns an instance of a signature codec given the canonical name of the + * signature algorithm, and the identifier of the format to use when + * encoding/decoding signatures generated by that algorithm. + * + * @param name the case-insensitive signature algorithm name. + * @param formatID the identifier of the format to use when encoding / + * decoding signatures generated by the designated algorithm. + * @return an instance of the signature codec, or null if none + * found. + */ + public static ISignatureCodec getInstance(String name, int formatID) + { + if (name == null) + return null; + + name = name.trim(); + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + return getRawCodec(name); + case Registry.X509_ENCODING_ID: + return getX509Codec(name); + } + + return null; + } + + /** + * Returns a {@link Set} of supported signature codec names. + * + * @return a {@link Set} of the names of supported signature codec (Strings). + */ + public static synchronized final Set getNames() + { + if (names == null) + { + HashSet hs = new HashSet(); + hs.add(Registry.DSS_SIG + "/" + Registry.RAW_ENCODING_SHORT_NAME); + hs.add(Registry.DSS_SIG + "/" + Registry.X509_ENCODING_SORT_NAME); + Set hashNames = HashFactory.getNames(); + for (Iterator it = hashNames.iterator(); it.hasNext();) + { + String mdName = (String) it.next(); + String name = Registry.RSA_PKCS1_V1_5_SIG + "-" + mdName; + hs.add(name + "/" + Registry.RAW_ENCODING_SHORT_NAME); + hs.add(name + "/" + Registry.X509_ENCODING_SORT_NAME); + name = Registry.RSA_PSS_SIG + "-" + mdName; + hs.add(name + "/" + Registry.RAW_ENCODING_SHORT_NAME); + } + + names = Collections.unmodifiableSet(hs); + } + + return names; + } + + /** + * @param name the trimmed name of a signature algorithm. + * @return a Raw format codec for the designated signature algorithm, or + * null if none exists. + */ + private static ISignatureCodec getRawCodec(String name) + { + ISignatureCodec result = null; + if (name.equalsIgnoreCase(Registry.DSA_SIG) + || name.equalsIgnoreCase(Registry.DSS_SIG)) + result = new DSSSignatureRawCodec(); + else + { + name = name.toLowerCase(); + if (name.startsWith(Registry.RSA_PKCS1_V1_5_SIG)) + result = new RSAPKCS1V1_5SignatureRawCodec(); + else if (name.startsWith(Registry.RSA_PSS_SIG)) + result = new RSAPSSSignatureRawCodec(); + } + + return result; + } + + /** + * @param name the trimmed name of a signature algorithm. + * @return a X.509 format codec for the designated signature algorithm, or + * null if none exists. + */ + private static ISignatureCodec getX509Codec(String name) + { + ISignatureCodec result = null; + if (name.equalsIgnoreCase(Registry.DSA_SIG) + || name.equalsIgnoreCase(Registry.DSS_SIG)) + result = new DSSSignatureX509Codec(); + else + { + name = name.toLowerCase(); + if (name.startsWith(Registry.RSA_PKCS1_V1_5_SIG)) + result = new RSAPKCS1V1_5SignatureX509Codec(); + } + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/SignatureFactory.java b/libjava/classpath/gnu/java/security/sig/SignatureFactory.java new file mode 100644 index 0000000..d5bd728 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/SignatureFactory.java @@ -0,0 +1,113 @@ +/* SignatureFactory.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.dss.DSSSignature; +import gnu.java.security.sig.rsa.RSASignatureFactory; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + * A Factory to instantiate signature-with-appendix handlers. + */ +public class SignatureFactory +{ + private static Set names; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private SignatureFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * Returns an instance of a signature-with-appendix scheme given its name. + * + * @param ssa the case-insensitive signature-with-appendix scheme name. + * @return an instance of the scheme, or null if none found. + */ + public static final ISignature getInstance(String ssa) + { + if (ssa == null) + { + return null; + } + + ssa = ssa.trim(); + ssa = ssa.toLowerCase(); + ISignature result = null; + if (ssa.equalsIgnoreCase(Registry.DSA_SIG) || ssa.equals(Registry.DSS_SIG)) + { + result = new DSSSignature(); + } + else if (ssa.startsWith(Registry.RSA_SIG_PREFIX)) + result = RSASignatureFactory.getInstance(ssa); + + return result; + } + + /** + * Returns a {@link Set} of signature-with-appendix scheme names supported + * by this Factory. + * + * @return a {@link Set} of signature-with-appendix scheme names (Strings). + */ + public static synchronized final Set getNames() + { + if (names == null) + { + HashSet hs = new HashSet(); + hs.add(Registry.DSS_SIG); + hs.addAll(RSASignatureFactory.getNames()); + + names = Collections.unmodifiableSet(hs); + } + + return names; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java new file mode 100644 index 0000000..6bedfae --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java @@ -0,0 +1,347 @@ +/* DSSSignature.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.dss; + +import gnu.java.security.Registry; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.hash.Sha160; +import gnu.java.security.prng.IRandom; +import gnu.java.security.sig.BaseSignature; +import gnu.java.security.sig.ISignature; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.util.HashMap; +import java.util.Map; +import java.util.Random; + +/** + *

The DSS (Digital Signature Standard) algorithm makes use of the following + * parameters:

+ * + *
    + *
  1. p: A prime modulus, where 2L-1 < p < 2L + * for 512 <= L <= 1024 and L a + * multiple of 64.
    2. + *
  2. q: A prime divisor of p - 1, where 2159 + * < q < 2160.
    3. + *
  3. g: Where g = h(p-1)/q mod p, where + * h is any integer with 1 < h < p - 1 such + * that h (p-1)/q mod p > 1 (g has order + * q mod p).
    4. + *
  4. x: A randomly or pseudorandomly generated integer with 0 < x + * < q.
    5. + *
  5. y: y = gx mod p.
    6. + *
  6. k: A randomly or pseudorandomly generated integer with 0 < k + * < q.
    7. + *
+ * + *

The integers p, q, and g can be + * public and can be common to a group of users. A user's private and public + * keys are x and y, respectively. They are normally + * fixed for a period of time. Parameters x and k are + * used for signature generation only, and must be kept secret. Parameter + * k must be regenerated for each signature.

+ * + *

The signature of a message M is the pair of numbers r + * and s computed according to the equations below:

+ * + *
    + *
  • r = (gk mod p) mod q and
    • + *
  • s = (k-1(SHA(M) + xr)) mod q.
    • + *
+ * + *

In the above, k-1 is the multiplicative inverse of + * k, mod q; i.e., (k-1 k) mod q = 1 + * and 0 < k-1 < q. The value of SHA(M) + * is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180. + * For use in computing s, this string must be converted to an + * integer.

+ * + *

As an option, one may wish to check if r == 0 or s == 0 + * . If either r == 0 or s == 0, a new value + * of k should be generated and the signature should be + * recalculated (it is extremely unlikely that r == 0 or s == + * 0 if signatures are generated properly).

+ * + *

The signature is transmitted along with the message to the verifier.

+ * + *

References:

+ *
    + *
  1. Digital + * Signature Standard (DSS), Federal Information Processing Standards + * Publication 186. National Institute of Standards and Technology.
    2. + *
+ * + * @version $Revision: 1.1 $ + */ +public class DSSSignature extends BaseSignature +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public DSSSignature() + { + super(Registry.DSS_SIG, new Sha160()); + } + + /** Private constructor for cloning purposes. */ + private DSSSignature(DSSSignature that) + { + this(); + + this.publicKey = that.publicKey; + this.privateKey = that.privateKey; + this.md = (IMessageDigest) that.md.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final BigInteger[] sign(final DSAPrivateKey k, final byte[] h) + { + final DSSSignature sig = new DSSSignature(); + final Map attributes = new HashMap(); + attributes.put(ISignature.SIGNER_KEY, k); + sig.setupSign(attributes); + + return sig.computeRS(h); + } + + public static final BigInteger[] sign(final DSAPrivateKey k, final byte[] h, + Random rnd) + { + final DSSSignature sig = new DSSSignature(); + final Map attributes = new HashMap(); + attributes.put(ISignature.SIGNER_KEY, k); + if (rnd != null) + { + attributes.put(ISignature.SOURCE_OF_RANDOMNESS, rnd); + } + sig.setupSign(attributes); + + return sig.computeRS(h); + } + + public static final BigInteger[] sign(final DSAPrivateKey k, final byte[] h, + IRandom irnd) + { + final DSSSignature sig = new DSSSignature(); + final Map attributes = new HashMap(); + attributes.put(ISignature.SIGNER_KEY, k); + if (irnd != null) + { + attributes.put(ISignature.SOURCE_OF_RANDOMNESS, irnd); + } + sig.setupSign(attributes); + + return sig.computeRS(h); + } + + public static final boolean verify(final DSAPublicKey k, final byte[] h, + final BigInteger[] rs) + { + final DSSSignature sig = new DSSSignature(); + final Map attributes = new HashMap(); + attributes.put(ISignature.VERIFIER_KEY, k); + sig.setupVerify(attributes); + + return sig.checkRS(rs, h); + } + + // Implementation of abstract methods in superclass + // ------------------------------------------------------------------------- + + public Object clone() + { + return new DSSSignature(this); + } + + protected void setupForVerification(PublicKey k) + throws IllegalArgumentException + { + if (!(k instanceof DSAPublicKey)) + { + throw new IllegalArgumentException(); + } + this.publicKey = k; + } + + protected void setupForSigning(PrivateKey k) throws IllegalArgumentException + { + if (!(k instanceof DSAPrivateKey)) + { + throw new IllegalArgumentException(); + } + this.privateKey = k; + } + + protected Object generateSignature() throws IllegalStateException + { + // BigInteger p = ((DSAPrivateKey) privateKey).getParams().getP(); + // BigInteger q = ((DSAPrivateKey) privateKey).getParams().getQ(); + // BigInteger g = ((DSAPrivateKey) privateKey).getParams().getG(); + // BigInteger x = ((DSAPrivateKey) privateKey).getX(); + // BigInteger m = new BigInteger(1, md.digest()); + // BigInteger k, r, s; + // + // byte[] kb = new byte[20]; // we'll use 159 bits only + // while (true) { + // this.nextRandomBytes(kb); + // k = new BigInteger(1, kb); + // k.clearBit(159); + // r = g.modPow(k, p).mod(q); + // if (r.equals(BigInteger.ZERO)) { + // continue; + // } + // s = m.add(x.multiply(r)).multiply(k.modInverse(q)).mod(q); + // if (s.equals(BigInteger.ZERO)) { + // continue; + // } + // break; + // } + final BigInteger[] rs = computeRS(md.digest()); + + // return encodeSignature(r, s); + return encodeSignature(rs[0], rs[1]); + } + + protected boolean verifySignature(Object sig) throws IllegalStateException + { + final BigInteger[] rs = decodeSignature(sig); + // BigInteger r = rs[0]; + // BigInteger s = rs[1]; + // + // BigInteger g = ((DSAPublicKey) publicKey).getParams().getG(); + // BigInteger p = ((DSAPublicKey) publicKey).getParams().getP(); + // BigInteger q = ((DSAPublicKey) publicKey).getParams().getQ(); + // BigInteger y = ((DSAPublicKey) publicKey).getY(); + // BigInteger w = s.modInverse(q); + // + // byte bytes[] = md.digest(); + // BigInteger u1 = w.multiply(new BigInteger(1, bytes)).mod(q); + // BigInteger u2 = r.multiply(w).mod(q); + // + // BigInteger v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q); + // return v.equals(r); + return checkRS(rs, md.digest()); + } + + // Other instance methods + // ------------------------------------------------------------------------- + + /** + * Returns the output of a signature generation phase.

+ * + * @return an object encapsulating the DSS signature pair r and + * s. + */ + private Object encodeSignature(BigInteger r, BigInteger s) + { + return new BigInteger[] { r, s }; + } + + /** + * Returns the output of a previously generated signature object as a pair + * of {@link java.math.BigInteger}.

+ * + * @return the DSS signature pair r and s. + */ + private BigInteger[] decodeSignature(Object signature) + { + return (BigInteger[]) signature; + } + + private BigInteger[] computeRS(final byte[] digestBytes) + { + final BigInteger p = ((DSAPrivateKey) privateKey).getParams().getP(); + final BigInteger q = ((DSAPrivateKey) privateKey).getParams().getQ(); + final BigInteger g = ((DSAPrivateKey) privateKey).getParams().getG(); + final BigInteger x = ((DSAPrivateKey) privateKey).getX(); + final BigInteger m = new BigInteger(1, digestBytes); + BigInteger k, r, s; + + final byte[] kb = new byte[20]; // we'll use 159 bits only + while (true) + { + this.nextRandomBytes(kb); + k = new BigInteger(1, kb); + k.clearBit(159); + r = g.modPow(k, p).mod(q); + if (r.equals(BigInteger.ZERO)) + { + continue; + } + s = m.add(x.multiply(r)).multiply(k.modInverse(q)).mod(q); + if (s.equals(BigInteger.ZERO)) + { + continue; + } + break; + } + + return new BigInteger[] { r, s }; + } + + private boolean checkRS(final BigInteger[] rs, final byte[] digestBytes) + { + final BigInteger r = rs[0]; + final BigInteger s = rs[1]; + + final BigInteger g = ((DSAPublicKey) publicKey).getParams().getG(); + final BigInteger p = ((DSAPublicKey) publicKey).getParams().getP(); + final BigInteger q = ((DSAPublicKey) publicKey).getParams().getQ(); + final BigInteger y = ((DSAPublicKey) publicKey).getY(); + final BigInteger w = s.modInverse(q); + + final BigInteger u1 = w.multiply(new BigInteger(1, digestBytes)).mod(q); + final BigInteger u2 = r.multiply(w).mod(q); + + final BigInteger v = g.modPow(u1, p).multiply(y.modPow(u2, p)).mod(p).mod(q); + return v.equals(r); + } +} diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java new file mode 100644 index 0000000..02f6b1d --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java @@ -0,0 +1,191 @@ +/* DSSSignatureRawCodec.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.dss; + +import gnu.java.security.Registry; +import gnu.java.security.sig.ISignatureCodec; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; + +/** + *

An object that implements the {@link ISignatureCodec} operations for the + * Raw format to use with DSS signatures.

+ * + * @version $Revision: 1.1 $ + */ +public class DSSSignatureRawCodec implements ISignatureCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.sig.ISignatureCodec interface implementation ----------------- + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated DSS (Digital Signature + * Standard) signature object according to the Raw format supported by + * this library.

+ * + *

The Raw format for a DSA signature, in this implementation, is a + * byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DSS_SIGNATURE},
    2. + *
  2. 1-byte version consisting of the constant: 0x01,
    3. + *
  3. 4-byte count of following bytes representing the DSS parameter + * r in internet order,
    4. + *
  4. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSS parameter r,
    5. + *
  5. 4-byte count of following bytes representing the DSS parameter + * s,
    6. + *
  6. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DSS parameter s.
    7. + *
+ * + * @param signature the signature to encode, consisting of the two DSS + * parameters r and s as a {@link java.math.BigInteger} + * array. + * @return the Raw format encoding of the designated signature. + * @exception IllegalArgumentException if the designated signature is not a + * DSS (Digital Signature Standard) one. + */ + public byte[] encodeSignature(Object signature) + { + BigInteger r, s; + try + { + BigInteger[] sig = (BigInteger[]) signature; + r = sig[0]; + s = sig[1]; + } + catch (Exception x) + { + throw new IllegalArgumentException("key"); + } + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[0]); + baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[1]); + baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[2]); + baos.write(Registry.MAGIC_RAW_DSS_SIGNATURE[3]); + + // version + baos.write(0x01); + + // r + byte[] buffer = r.toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // s + buffer = s.toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public Object decodeSignature(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_DSS_SIGNATURE[0] + || k[1] != Registry.MAGIC_RAW_DSS_SIGNATURE[1] + || k[2] != Registry.MAGIC_RAW_DSS_SIGNATURE[2] + || k[3] != Registry.MAGIC_RAW_DSS_SIGNATURE[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + + int i = 5; + int l; + byte[] buffer; + + // r + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger r = new BigInteger(1, buffer); + + // s + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger s = new BigInteger(1, buffer); + + return new BigInteger[] { r, s }; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureX509Codec.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureX509Codec.java new file mode 100644 index 0000000..0fdb754 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureX509Codec.java @@ -0,0 +1,193 @@ +/* DSSSignatureX509Codec.java -- X.509 encoder/decoder for DSS signatures + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.dss; + +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.sig.ISignatureCodec; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.util.ArrayList; + +/** + * An implementation of an {@link ISignatureCodec} that knows to encode and + * decode DSS signatures into the raw bytes which would constitute a DER-encoded + * form of the ASN.1 structure defined in RFC-2459, and RFC-2313 as described in + * the next paragraphs. + *

+ * Digital signatures when transmitted in an X.509 certificates are encoded + * in DER (Distinguished Encoding Rules) as a BIT STRING; i.e. + * + * 

+ * Certificate ::= SEQUENCE {
+ *   tbsCertificate       TBSCertificate,
+ *   signatureAlgorithm   AlgorithmIdentifier,
+ *   signature            BIT STRING
+ * }
+ *
+ *

+ * The output of the encoder, and the input of the decoder, of this codec are + * then the raw bytes of such a BIT STRING; i.e. not the DER-encoded + * form itself. + *

+ * RFC-2459 states that, for the Digital Signature Standard (DSS), which + * generates two MPIs, commonly called r and s, as the + * result of digitally signing a message, these two numbers will be transferred + * as the following ASN.1 structure: + * + * 

+ *   Dss-Sig-Value ::= SEQUENCE {
+ *     r  INTEGER,
+ *     s  INTEGER
+ *   }
+ *
+ *

+ * Client code that needs to build a DER BIT STRING MUST construct such + * an ASN.1 value. The following is an example of how to do this: + *

+ * 

+ * ...
+ * import gnu.java.security.der.BitString;
+ * import gnu.java.security.der.DER;
+ * import gnu.java.security.der.DERValue;
+ * ...
+ * DERValue bitString = new DERValue(DER.BIT_STRING, new BitString(sigBytes));
+ * ...
+ *
+ */ +public class DSSSignatureX509Codec + implements ISignatureCodec +{ + // implicit 0-arguments constructor + + public int getFormatID() + { + return Registry.X509_ENCODING_ID; + } + + /** + * Encodes a DSS Signature output as the signature raw bytes which can + * be used to construct an ASN.1 DER-encoded BIT STRING as defined in the + * documentation of this class. + * + * @param signature the output of the DSS signature algorithm; i.e. the value + * returned by the invocation of + * {@link gnu.java.security.sig.ISignature#sign()} method. In the + * case of a DSS signature this is an array of two MPIs called + * r and s. + * @return the raw bytes of a DSS signature which could be then used as the + * contents of a BIT STRING as per rfc-2459. + * @throws InvalidParameterException if an exception occurs during the + * marshalling process. + */ + public byte[] encodeSignature(Object signature) + { + BigInteger[] rs = (BigInteger[]) signature; + + DERValue derR = new DERValue(DER.INTEGER, rs[0]); + DERValue derS = new DERValue(DER.INTEGER, rs[1]); + + ArrayList dssSigValue = new ArrayList(2); + dssSigValue.add(derR); + dssSigValue.add(derS); + DERValue derDssSigValue = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + dssSigValue); + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derDssSigValue); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + return result; + } + + /** + * Decodes a signature as defined in the documentation of this class. + * + * @param input the byte array to unmarshall into a valid DSS signature + * instance; i.e. an array of two MPIs. MUST NOT be null. + * @return an array of two MPIs, r and s in this + * order, decoded from the designated input. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public Object decodeSignature(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger r, s; + DERReader der = new DERReader(input); + try + { + DERValue derDssSigValue = der.read(); + DerUtil.checkIsConstructed(derDssSigValue, "Wrong Dss-Sig-Value field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong R field"); + r = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong S field"); + s = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(x); + throw y; + } + + return new BigInteger[] { r, s }; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java new file mode 100644 index 0000000..efe580d --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/EME_PKCS1_V1_5.java @@ -0,0 +1,306 @@ +/* EME_PKCS1_V1_5.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; + +import java.io.ByteArrayOutputStream; +import java.security.interfaces.RSAKey; +import java.util.Random; + +/** + *

An implementation of the EME-PKCS1-V1.5 encoding and decoding methods.

+ * + *

EME-PKCS1-V1.5 is parameterised by the entity k which is the + * byte count of an RSA public shared modulus.

+ * + *

References:

+ *
    + *
  1. Public-Key Cryptography + * Standards (PKCS) #1:
    + * RSA Cryptography Specifications Version 2.1.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ */ +public class EME_PKCS1_V1_5 +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private int k; + + private ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + /** Our default source of randomness. */ + private PRNG prng = PRNG.getInstance(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + private EME_PKCS1_V1_5(final int k) + { + super(); + + this.k = k; + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final EME_PKCS1_V1_5 getInstance(final int k) + { + if (k < 0) + { + throw new IllegalArgumentException("k must be a positive integer"); + } + return new EME_PKCS1_V1_5(k); + } + + public static final EME_PKCS1_V1_5 getInstance(final RSAKey key) + { + final int modBits = key.getModulus().bitLength(); + final int k = (modBits + 7) / 8; + return EME_PKCS1_V1_5.getInstance(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Generates an octet string PS of length k - mLen - + * 3 consisting of pseudo-randomly generated nonzero octets. The + * length of PS will be at least eight octets.

+ * + *

The method then concatenates PS, the message M, + * and other padding to form an encoded message EM of length + * k octets as:

+ * + * 
+   *    EM = 0x00 || 0x02 || PS || 0x00 || M.
+   *
+ * + *

This method uses a default PRNG to obtain the padding bytes.

+ * + * @param M the message to encode. + * @return the encoded message EM. + */ + public byte[] encode(final byte[] M) + { + // a. Generate an octet string PS of length k - mLen - 3 consisting + // of pseudo-randomly generated nonzero octets. The length of PS + // will be at least eight octets. + final byte[] PS = new byte[k - M.length - 3]; + + // FIXME. This should be configurable, somehow. + prng.nextBytes(PS); + int i = 0; + for (; i < PS.length; i++) + { + if (PS[i] == 0) + PS[i] = 1; + } + // b. Concatenate PS, the message M, and other padding to form an + // encoded message EM of length k octets as + // + // EM = 0x00 || 0x02 || PS || 0x00 || M. + return assembleEM(PS, M); + } + + /** + *

Similar to {@link #encode(byte[])} method, except that the source of + * randomness to use for obtaining the padding bytes (an instance of + * {@link IRandom}) is given as a parameter.

+ * + * @param M the message to encode. + * @param irnd the {@link IRandom} instance to use as a source of randomness. + * @return the encoded message EM. + */ + public byte[] encode(final byte[] M, final IRandom irnd) + { + final byte[] PS = new byte[k - M.length - 3]; + try + { + irnd.nextBytes(PS, 0, PS.length); + int i = 0; + outer: while (true) + { + for (; i < PS.length; i++) + { + if (PS[i] == 0x00) + { + System.arraycopy(PS, i + 1, PS, i, PS.length - i - 1); + irnd.nextBytes(PS, PS.length - 1, 1); + continue outer; + } + } + break; + } + } + catch (IllegalStateException x) + { + throw new RuntimeException("encode(): " + String.valueOf(x)); + } + catch (LimitReachedException x) + { + throw new RuntimeException("encode(): " + String.valueOf(x)); + } + + return assembleEM(PS, M); + } + + /** + *

Similar to the {@link #encode(byte[], IRandom)} method, except that + * the source of randmoness is an instance of {@link Random}. + * + * @param M the message to encode. + * @param rnd the {@link Random} instance to use as a source of randomness. + * @return the encoded message EM. + */ + public byte[] encode(final byte[] M, final Random rnd) + { + final byte[] PS = new byte[k - M.length - 3]; + rnd.nextBytes(PS); + int i = 0; + outer: while (true) + { + for (; i < PS.length; i++) + { + if (PS[i] == 0x00) + { + System.arraycopy(PS, i + 1, PS, i, PS.length - i - 1); + PS[PS.length - 1] = (byte) rnd.nextInt(); + continue outer; + } + } + break; + } + + return assembleEM(PS, M); + } + + /** + *

Separate the encoded message EM into an octet string + * PS consisting of nonzero octets and a message M + * as:

+ * + * 
+   *    EM = 0x00 || 0x02 || PS || 0x00 || M.
+   *
+ * + *

If the first octet of EM does not have hexadecimal value + * 0x00, if the second octet of EM does not have + * hexadecimal value 0x02, if there is no octet with hexadecimal + * value 0x00 to separate PS from M, + * or if the length of PS is less than 8 octets, + * output "decryption error" and stop.

+ + * @param EM the designated encoded message. + * @return the decoded message M framed in the designated + * EM value. + * @throws IllegalArgumentException if the length of the designated entity + * EM is different than k (the length in bytes of + * the public shared modulus), or if any of the conditions described above + * is detected. + */ + public byte[] decode(final byte[] EM) + { + // Separate the encoded message EM into an + // octet string PS consisting of nonzero octets and a message M as + // + // EM = 0x00 || 0x02 || PS || 0x00 || M. + // + // If the first octet of EM does not have hexadecimal value 0x00, if + // the second octet of EM does not have hexadecimal value 0x02, if + // there is no octet with hexadecimal value 0x00 to separate PS from + // M, or if the length of PS is less than 8 octets, output + // "decryption error" and stop. (See the note below.) + final int emLen = EM.length; + if (emLen != k) + { + throw new IllegalArgumentException("decryption error"); + } + if (EM[0] != 0x00) + { + throw new IllegalArgumentException("decryption error"); + } + if (EM[1] != 0x02) + { + throw new IllegalArgumentException("decryption error"); + } + int i = 2; + for (; i < emLen; i++) + { + if (EM[i] == 0x00) + { + break; + } + } + if (i >= emLen || i < 11) + { + throw new IllegalArgumentException("decryption error"); + } + i++; + final byte[] result = new byte[emLen - i]; + System.arraycopy(EM, i, result, 0, result.length); + return result; + } + + // helper methods ---------------------------------------------------------- + + private byte[] assembleEM(final byte[] PS, final byte[] M) + { + // b. Concatenate PS, the message M, and other padding to form an + // encoded message EM of length k octets as + // + // EM = 0x00 || 0x02 || PS || 0x00 || M. + baos.reset(); + baos.write(0x00); + baos.write(0x02); + baos.write(PS, 0, PS.length); + baos.write(0x00); + baos.write(M, 0, M.length); + final byte[] result = baos.toByteArray(); + baos.reset(); + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java new file mode 100644 index 0000000..2ea8a30 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java @@ -0,0 +1,299 @@ +/* EMSA_PKCS1_V1_5.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; + +import java.io.ByteArrayOutputStream; + +/** + *

An implementation of the EMSA-PKCS1-V1.5 encoding scheme.

+ * + *

EMSA-PKCS1-V1.5 is parameterised by the choice of hash function Hash and + * hLen which denotes the length in octets of the hash function output.

+ * + *

References:

+ *
    + *
  1. Public-Key Cryptography + * Standards (PKCS) #1:
    + * RSA Cryptography Specifications Version 2.1.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @version $Revision: 1.2 $ + */ +public class EMSA_PKCS1_V1_5 implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /* Notes. + 1. For the six hash functions mentioned in Appendix B.1, the DER encoding + T of the DigestInfo value is equal to the following: + + MD2: (0x)30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 02 05 00 04 10 || H + MD5: (0x)30 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 10 || H + SHA-1: (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H + SHA-256: (0x)30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || H + SHA-384: (0x)30 41 30 0d 06 09 60 86 48 01 65 03 04 02 02 05 00 04 30 || H + SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H + */ + private static final byte[] MD2_PREFIX = { (byte) 0x30, (byte) 0x20, + (byte) 0x30, (byte) 0x0c, + (byte) 0x06, (byte) 0x08, + (byte) 0x2a, (byte) 0x86, + (byte) 0x48, (byte) 0x86, + (byte) 0xf7, (byte) 0x0d, + (byte) 0x02, (byte) 0x02, + (byte) 0x05, (byte) 0x00, + (byte) 0x04, (byte) 0x10 }; + + private static final byte[] MD5_PREFIX = { (byte) 0x30, (byte) 0x20, + (byte) 0x30, (byte) 0x0c, + (byte) 0x06, (byte) 0x08, + (byte) 0x2a, (byte) 0x86, + (byte) 0x48, (byte) 0x86, + (byte) 0xf7, (byte) 0x0d, + (byte) 0x02, (byte) 0x05, + (byte) 0x05, (byte) 0x00, + (byte) 0x04, (byte) 0x10 }; + + private static final byte[] SHA160_PREFIX = { (byte) 0x30, (byte) 0x21, + (byte) 0x30, (byte) 0x09, + (byte) 0x06, (byte) 0x05, + (byte) 0x2b, (byte) 0x0e, + (byte) 0x03, (byte) 0x02, + (byte) 0x1a, (byte) 0x05, + (byte) 0x00, (byte) 0x04, + (byte) 0x14 }; + + private static final byte[] SHA256_PREFIX = { (byte) 0x30, (byte) 0x31, + (byte) 0x30, (byte) 0x0d, + (byte) 0x06, (byte) 0x09, + (byte) 0x60, (byte) 0x86, + (byte) 0x48, (byte) 0x01, + (byte) 0x65, (byte) 0x03, + (byte) 0x04, (byte) 0x02, + (byte) 0x01, (byte) 0x05, + (byte) 0x00, (byte) 0x04, + (byte) 0x20 }; + + private static final byte[] SHA384_PREFIX = { (byte) 0x30, (byte) 0x41, + (byte) 0x30, (byte) 0x0d, + (byte) 0x06, (byte) 0x09, + (byte) 0x60, (byte) 0x86, + (byte) 0x48, (byte) 0x01, + (byte) 0x65, (byte) 0x03, + (byte) 0x04, (byte) 0x02, + (byte) 0x02, (byte) 0x05, + (byte) 0x00, (byte) 0x04, + (byte) 0x30 }; + + private static final byte[] SHA512_PREFIX = { (byte) 0x30, (byte) 0x51, + (byte) 0x30, (byte) 0x0d, + (byte) 0x06, (byte) 0x09, + (byte) 0x60, (byte) 0x86, + (byte) 0x48, (byte) 0x01, + (byte) 0x65, (byte) 0x03, + (byte) 0x04, (byte) 0x02, + (byte) 0x03, (byte) 0x05, + (byte) 0x00, (byte) 0x04, + (byte) 0x40 }; + + /** The underlying hash function to use with this instance. */ + private IMessageDigest hash; + + /** The output size of the hash function in octets. */ + private int hLen; // TODO: field not used!!! investigate + + /** The DER part of DigestInfo not containing the hash value itself. */ + private byte[] prefix; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial private constructor to enforce use through Factory method.

+ * + * @param hash the message digest instance to use with this scheme instance. + */ + private EMSA_PKCS1_V1_5(final IMessageDigest hash) + { + super(); + + this.hash = hash; + hLen = hash.hashSize(); + final String name = hash.name(); + if (name.equals(Registry.MD2_HASH)) + { + prefix = MD2_PREFIX; + } + else if (name.equals(Registry.MD5_HASH)) + { + prefix = MD5_PREFIX; + } + else if (name.equals(Registry.SHA160_HASH)) + { + prefix = SHA160_PREFIX; + } + else if (name.equals(Registry.SHA256_HASH)) + { + prefix = SHA256_PREFIX; + } + else if (name.equals(Registry.SHA384_HASH)) + { + prefix = SHA384_PREFIX; + } + else if (name.equals(Registry.SHA512_HASH)) + { + prefix = SHA512_PREFIX; + } + else + { + throw new UnsupportedOperationException(); // should not happen + } + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of this object given a designated name of a hash + * function.

+ * + * @param mdName the canonical name of a hash function. + * @return an instance of this object configured for use with the designated + * options. + * @throws UnsupportedOperationException if the hash function is not + * implemented or does not have an ID listed in RFC-3447. + */ + public static final EMSA_PKCS1_V1_5 getInstance(final String mdName) + { + final IMessageDigest hash = HashFactory.getInstance(mdName); + final String name = hash.name(); + if (!(name.equals(Registry.MD2_HASH) || name.equals(Registry.MD5_HASH) + || name.equals(Registry.SHA160_HASH) + || name.equals(Registry.SHA256_HASH) + || name.equals(Registry.SHA384_HASH) || name.equals(Registry.SHA512_HASH))) + { + throw new UnsupportedOperationException("hash with no OID: " + name); + } + return new EMSA_PKCS1_V1_5(hash); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // Cloneable interface implementation -------------------------------------- + + public Object clone() + { + return getInstance(hash.name()); + } + + // own methods ------------------------------------------------------------- + + /** + *

Frames the hash of a message, along with an ID of the hash function in + * a DER sequence according to the specifications of EMSA-PKCS1-V1.5 as + * described in RFC-3447 (see class documentation).

+ * + * @param mHash the byte sequence resulting from applying the message digest + * algorithm Hash to the message M. + * @param emLen intended length in octets of the encoded message, at least + * tLen + 11, where tLen is the octet length of the + * DER encoding T of a certain value computed during the + * encoding operation. + * @return encoded message, an octet string of length emLen. + * @throws IllegalArgumentException if the message is too long, or if the + * intended encoded message length is too short. + */ + public byte[] encode(final byte[] mHash, final int emLen) + { + // 1. Apply the hash function to the message M to produce a hash value + // H: H = Hash(M). + // If the hash function outputs "message too long," output "message + // too long" and stop. + // 2. Encode the algorithm ID for the hash function and the hash value + // into an ASN.1 value of type DigestInfo (see Appendix A.2.4) with + // the Distinguished Encoding Rules (DER), where the type DigestInfo + // has the syntax + // DigestInfo ::= SEQUENCE { + // digestAlgorithm AlgorithmIdentifier, + // digest OCTET STRING + // } + // The first field identifies the hash function and the second contains + // the hash value. Let T be the DER encoding of the DigestInfo value + // (see the notes below) and let tLen be the length in octets of T. + final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(prefix, 0, prefix.length); + baos.write(mHash, 0, mHash.length); + final byte[] T = baos.toByteArray(); + final int tLen = T.length; + // 3. If emLen < tLen + 11, output "intended encoded message length too + // short" and stop. + if (emLen < tLen + 11) + { + throw new IllegalArgumentException("emLen too short"); + } + // 4. Generate an octet string PS consisting of emLen - tLen - 3 octets + // with hexadecimal value 0xff. The length of PS will be at least 8 + // octets. + final byte[] PS = new byte[emLen - tLen - 3]; + for (int i = 0; i < PS.length; i++) + { + PS[i] = (byte) 0xFF; + } + // 5. Concatenate PS, the DER encoding T, and other padding to form the + // encoded message EM as: EM = 0x00 || 0x01 || PS || 0x00 || T. + baos.reset(); + baos.write(0x00); + baos.write(0x01); + baos.write(PS, 0, PS.length); + baos.write(0x00); + baos.write(T, 0, tLen); + final byte[] result = baos.toByteArray(); + baos.reset(); + // 6. Output EM. + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java new file mode 100644 index 0000000..d11a861 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java @@ -0,0 +1,432 @@ +/* EMSA_PSS.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; + +import java.io.PrintWriter; +import java.util.Arrays; + +/** + *

An implementation of the EMSA-PSS encoding/decoding scheme.

+ * + *

EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts + * on octet strings and not on bit strings. In particular, the bit lengths of + * the hash and the salt must be multiples of 8 in EMSA-PSS. Moreover, EMSA4 + * outputs an integer of a desired bit length rather than an octet string.

+ * + *

EMSA-PSS is parameterized by the choice of hash function Hash and mask + * generation function MGF. In this submission, MGF is based on a Hash + * definition that coincides with the corresponding definitions in IEEE Std + * 1363-2000, PKCS #1 v2.0, and the draft ANSI X9.44. In PKCS #1 v2.0 and the + * draft ANSI X9.44, the recommended hash function is SHA-1, while IEEE Std + * 1363-2000 recommends SHA-1 and RIPEMD-160.

+ * + *

References:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @version $Revision: 1.1 $ + */ +public class EMSA_PSS implements Cloneable +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "emsa-pss"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 5; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The underlying hash function to use with this instance. */ + private IMessageDigest hash; + + /** The output size of the hash function in octets. */ + private int hLen; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial private constructor to enforce use through Factory method.

+ * + * @param hash the message digest instance to use with this scheme instance. + */ + private EMSA_PSS(IMessageDigest hash) + { + super(); + + this.hash = hash; + hLen = hash.hashSize(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of this object given a designated name of a hash + * function.

+ * + * @param mdName the canonical name of a hash function. + * @return an instance of this object configured for use with the designated + * options. + */ + public static EMSA_PSS getInstance(String mdName) + { + IMessageDigest hash = HashFactory.getInstance(mdName); + return new EMSA_PSS(hash); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // Cloneable interface implementation -------------------------------------- + + public Object clone() + { + return getInstance(hash.name()); + } + + // own methods ------------------------------------------------------------- + + /** + *

The encoding operation EMSA-PSS-Encode computes the hash of a message + * M using a hash function and maps the result to an encoded + * message EM of a specified length using a mask generation + * function.

+ * + * @param mHash the byte sequence resulting from applying the message digest + * algorithm Hash to the message M. + * @param emBits the maximal bit length of the integer OS2IP(EM), at least + * 8.hLen + 8.sLen + 9. + * @param salt the salt to use when encoding the output. + * @return the encoded message EM, an octet string of length + * emLen = CEILING(emBits / 8). + * @exception IllegalArgumentException if an exception occurs. + * + */ + public byte[] encode(byte[] mHash, int emBits, byte[] salt) + { + int sLen = salt.length; + + // 1. If the length of M is greater than the input limitation for the hash + // function (2**61 - 1 octets for SHA-1) then output "message too long" + // and stop. + // 2. Let mHash = Hash(M), an octet string of length hLen. + if (hLen != mHash.length) + { + throw new IllegalArgumentException("wrong hash"); + } + // 3. If emBits < 8.hLen + 8.sLen + 9, output 'encoding error' and stop. + if (emBits < (8 * hLen + 8 * sLen + 9)) + { + throw new IllegalArgumentException("encoding error"); + } + int emLen = (emBits + 7) / 8; + // 4. Generate a random octet string salt of length sLen; if sLen = 0, + // then salt is the empty string. + // ...passed as argument to accomodate JCE + // 5. Let M0 = 00 00 00 00 00 00 00 00 || mHash || salt; + // M0 is an octet string of length 8 + hLen + sLen with eight initial zero + // octets. + // 6. Let H = Hash(M0), an octet string of length hLen. + byte[] H; + int i; + synchronized (hash) + { + for (i = 0; i < 8; i++) + { + hash.update((byte) 0x00); + } + hash.update(mHash, 0, hLen); + hash.update(salt, 0, sLen); + H = hash.digest(); + } + // 7. Generate an octet string PS consisting of emLen - sLen - hLen - 2 + // zero octets. The length of PS may be 0. + // 8. Let DB = PS || 01 || salt. + byte[] DB = new byte[emLen - sLen - hLen - 2 + 1 + sLen]; + DB[emLen - sLen - hLen - 2] = 0x01; + System.arraycopy(salt, 0, DB, emLen - sLen - hLen - 1, sLen); + // 9. Let dbMask = MGF(H, emLen - hLen - 1). + byte[] dbMask = MGF(H, emLen - hLen - 1); + if (DEBUG && debuglevel > 8) + { + debug("dbMask (encode): " + Util.toString(dbMask)); + debug("DB (encode): " + Util.toString(DB)); + } + // 10. Let maskedDB = DB XOR dbMask. + for (i = 0; i < DB.length; i++) + { + DB[i] = (byte) (DB[i] ^ dbMask[i]); + } + // 11. Set the leftmost 8emLen - emBits bits of the leftmost octet in + // maskedDB to zero. + DB[0] &= (0xFF >>> (8 * emLen - emBits)); + // 12. Let EM = maskedDB || H || bc, where bc is the single octet with + // hexadecimal value 0xBC. + byte[] result = new byte[emLen]; + System.arraycopy(DB, 0, result, 0, emLen - hLen - 1); + System.arraycopy(H, 0, result, emLen - hLen - 1, hLen); + result[emLen - 1] = (byte) 0xBC; + // 13. Output EM. + return result; + } + + /** + *

The decoding operation EMSA-PSS-Decode recovers the message hash from + * an encoded message EM and compares it to the hash of + * M.

+ * + * @param mHash the byte sequence resulting from applying the message digest + * algorithm Hash to the message M. + * @param EM the encoded message, an octet string of length + * emLen = CEILING(emBits/8). + * @param emBits the maximal bit length of the integer OS2IP(EM), at least + * 8.hLen + 8.sLen + 9. + * @param sLen the length, in octets, of the expected salt. + * @return true if the result of the verification was + * consistent with the expected reseult; and false if the + * result was inconsistent. + * @exception IllegalArgumentException if an exception occurs. + */ + public boolean decode(byte[] mHash, byte[] EM, int emBits, int sLen) + { + if (DEBUG && debuglevel > 8) + { + debug("mHash: " + Util.toString(mHash)); + debug("EM: " + Util.toString(EM)); + debug("emBits: " + String.valueOf(emBits)); + debug("sLen: " + String.valueOf(sLen)); + } + if (sLen < 0) + { + throw new IllegalArgumentException("sLen"); + } + + // 1. If the length of M is greater than the input limitation for the hash + // function (2**61 ? 1 octets for SHA-1) then output 'inconsistent' and + // stop. + // 2. Let mHash = Hash(M), an octet string of length hLen. + if (hLen != mHash.length) + { + if (DEBUG && debuglevel > 8) + { + debug("hLen != mHash.length; hLen: " + String.valueOf(hLen)); + } + throw new IllegalArgumentException("wrong hash"); + } + // 3. If emBits < 8.hLen + 8.sLen + 9, output 'decoding error' and stop. + if (emBits < (8 * hLen + 8 * sLen + 9)) + { + if (DEBUG && debuglevel > 8) + { + debug("emBits < (8hLen + 8sLen + 9); sLen: " + String.valueOf(sLen)); + } + throw new IllegalArgumentException("decoding error"); + } + int emLen = (emBits + 7) / 8; + // 4. If the rightmost octet of EM does not have hexadecimal value bc, + // output 'inconsistent' and stop. + if ((EM[EM.length - 1] & 0xFF) != 0xBC) + { + if (DEBUG && debuglevel > 8) + { + debug("EM does not end with 0xBC"); + } + return false; + } + // 5. Let maskedDB be the leftmost emLen ? hLen ? 1 octets of EM, and let + // H be the next hLen octets. + // 6. If the leftmost 8.emLen ? emBits bits of the leftmost octet in + // maskedDB are not all equal to zero, output 'inconsistent' and stop. + if ((EM[0] & (0xFF << (8 - (8 * emLen - emBits)))) != 0) + { + if (DEBUG && debuglevel > 8) + { + debug("Leftmost 8emLen - emBits bits of EM are not 0s"); + } + return false; + } + byte[] DB = new byte[emLen - hLen - 1]; + byte[] H = new byte[hLen]; + System.arraycopy(EM, 0, DB, 0, emLen - hLen - 1); + System.arraycopy(EM, emLen - hLen - 1, H, 0, hLen); + // 7. Let dbMask = MGF(H, emLen ? hLen ? 1). + byte[] dbMask = MGF(H, emLen - hLen - 1); + // 8. Let DB = maskedDB XOR dbMask. + int i; + for (i = 0; i < DB.length; i++) + { + DB[i] = (byte) (DB[i] ^ dbMask[i]); + } + // 9. Set the leftmost 8.emLen ? emBits bits of DB to zero. + DB[0] &= (0xFF >>> (8 * emLen - emBits)); + if (DEBUG && debuglevel > 8) + { + debug("dbMask (decode): " + Util.toString(dbMask)); + debug("DB (decode): " + Util.toString(DB)); + } + // 10. If the emLen -hLen -sLen -2 leftmost octets of DB are not zero or + // if the octet at position emLen -hLen -sLen -1 is not equal to 0x01, + // output 'inconsistent' and stop. + // IMPORTANT (rsn): this is an error in the specs, the index of the 0x01 + // byte should be emLen -hLen -sLen -2 and not -1! authors have been + // advised + for (i = 0; i < (emLen - hLen - sLen - 2); i++) + { + if (DB[i] != 0) + { + if (DEBUG && debuglevel > 8) + { + debug("DB[" + String.valueOf(i) + "] != 0x00"); + } + return false; + } + } + if (DB[i] != 0x01) + { // i == emLen -hLen -sLen -2 + if (DEBUG && debuglevel > 8) + { + debug("DB's byte at position (emLen -hLen -sLen -2); i.e. " + + String.valueOf(i) + " is not 0x01"); + } + return false; + } + // 11. Let salt be the last sLen octets of DB. + byte[] salt = new byte[sLen]; + System.arraycopy(DB, DB.length - sLen, salt, 0, sLen); + // 12. Let M0 = 00 00 00 00 00 00 00 00 || mHash || salt; + // M0 is an octet string of length 8 + hLen + sLen with eight initial + // zero octets. + // 13. Let H0 = Hash(M0), an octet string of length hLen. + byte[] H0; + synchronized (hash) + { + for (i = 0; i < 8; i++) + { + hash.update((byte) 0x00); + } + hash.update(mHash, 0, hLen); + hash.update(salt, 0, sLen); + H0 = hash.digest(); + } + // 14. If H = H0, output 'consistent.' Otherwise, output 'inconsistent.' + return Arrays.equals(H, H0); + } + + // helper methods ---------------------------------------------------------- + + /** + *

A mask generation function takes an octet string of variable length + * and a desired output length as input, and outputs an octet string of the + * desired length. There may be restrictions on the length of the input and + * output octet strings, but such bounds are generally very large. Mask + * generation functions are deterministic; the octet string output is + * completely determined by the input octet string. The output of a mask + * generation function should be pseudorandom, that is, it should be + * infeasible to predict, given one part of the output but not the input, + * another part of the output. The provable security of RSA-PSS relies on + * the random nature of the output of the mask generation function, which in + * turn relies on the random nature of the underlying hash function.

+ * + * @param Z a seed. + * @param l the desired output length in octets. + * @return the mask. + * @exception IllegalArgumentException if the desired output length is too + * long. + */ + private byte[] MGF(byte[] Z, int l) + { + // 1. If l > (2**32).hLen, output 'mask too long' and stop. + if (l < 1 || (l & 0xFFFFFFFFL) > ((hLen & 0xFFFFFFFFL) << 32L)) + { + throw new IllegalArgumentException("mask too long"); + } + // 2. Let T be the empty octet string. + byte[] result = new byte[l]; + // 3. For i = 0 to CEILING(l/hLen) ? 1, do + int limit = ((l + hLen - 1) / hLen) - 1; + IMessageDigest hashZ = null; + hashZ = (IMessageDigest) hash.clone(); + hashZ.digest(); + hashZ.update(Z, 0, Z.length); + IMessageDigest hashZC = null; + byte[] t; + int sofar = 0; + int length; + for (int i = 0; i < limit; i++) + { + // 3.1 Convert i to an octet string C of length 4 with the primitive + // I2OSP: C = I2OSP(i, 4). + // 3.2 Concatenate the hash of the seed Z and C to the octet string T: + // T = T || Hash(Z || C) + hashZC = (IMessageDigest) hashZ.clone(); + hashZC.update((byte) (i >>> 24)); + hashZC.update((byte) (i >>> 16)); + hashZC.update((byte) (i >>> 8)); + hashZC.update((byte) i); + t = hashZC.digest(); + length = l - sofar; + length = (length > hLen ? hLen : length); + System.arraycopy(t, 0, result, sofar, length); + sofar += length; + } + // 4. Output the leading l octets of T as the octet string mask. + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSA.java b/libjava/classpath/gnu/java/security/sig/rsa/RSA.java new file mode 100644 index 0000000..7d1707e --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSA.java @@ -0,0 +1,356 @@ +/* RSA.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Properties; +import gnu.java.security.util.PRNG; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; + +/** + *

Utility methods related to the RSA algorithm.

+ * + *

References:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + * + *
  2. Public-Key Cryptography + * Standards (PKCS) #1:
    + * RSA Cryptography Specifications Version 2.1.
    + * Jakob Jonsson and Burt Kaliski.
    3. + * + *
  3. + * Remote timing attacks are practical
    + * D. Boneh and D. Brumley.
    4. + *
+ */ +public class RSA +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final BigInteger ZERO = BigInteger.ZERO; + + private static final BigInteger ONE = BigInteger.ONE; + + /** Our default source of randomness. */ + private static final PRNG prng = PRNG.getInstance(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial private constructor to enforce Singleton pattern. */ + private RSA() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Signature and verification methods -------------------------------------- + + /** + *

An implementation of the RSASP method: Assuming that the + * designated RSA private key is a valid one, this method computes a + * signature representative for a designated message + * representative signed by the holder of the designated RSA private + * key.

+ * + * @param K the RSA private key. + * @param m the message representative: an integer between + * 0 and n - 1, where n is the RSA + * modulus. + * @return the signature representative, an integer between + * 0 and n - 1, where n is the RSA + * modulus. + * @throws ClassCastException if K is not an RSA one. + * @throws IllegalArgumentException if m (the message + * representative) is out of range. + */ + public static final BigInteger sign(final PrivateKey K, final BigInteger m) + { + try + { + return RSADP((RSAPrivateKey) K, m); + } + catch (IllegalArgumentException x) + { + throw new IllegalArgumentException( + "message representative out of range"); + } + } + + /** + *

An implementation of the RSAVP method: Assuming that the + * designated RSA public key is a valid one, this method computes a + * message representative for the designated signature + * representative generated by an RSA private key, for a message + * intended for the holder of the designated RSA public key.

+ * + * @param K the RSA public key. + * @param s the signature representative, an integer between + * 0 and n - 1, where n is the RSA + * modulus. + * @return a message representative: an integer between 0 + * and n - 1, where n is the RSA modulus. + * @throws ClassCastException if K is not an RSA one. + * @throws IllegalArgumentException if s (the signature + * representative) is out of range. + */ + public static final BigInteger verify(final PublicKey K, final BigInteger s) + { + try + { + return RSAEP((RSAPublicKey) K, s); + } + catch (IllegalArgumentException x) + { + throw new IllegalArgumentException( + "signature representative out of range"); + } + } + + // Encryption and decryption methods --------------------------------------- + + /** + *

An implementation of the RSAEP algorithm.

+ * + * @param K the recipient's RSA public key. + * @param m the message representative as an MPI. + * @return the resulting MPI --an MPI between 0 and + * n - 1 (n being the public shared modulus)-- that + * will eventually be padded with an appropriate framing/padding scheme. + * @throws ClassCastException if K is not an RSA one. + * @throws IllegalArgumentException if m, the message + * representative is not between 0 and n - 1 + * (n being the public shared modulus). + */ + public static final BigInteger encrypt(final PublicKey K, final BigInteger m) + { + try + { + return RSAEP((RSAPublicKey) K, m); + } + catch (IllegalArgumentException x) + { + throw new IllegalArgumentException( + "message representative out of range"); + } + } + + /** + *

An implementation of the RSADP algorithm.

+ * + * @param K the recipient's RSA private key. + * @param c the ciphertext representative as an MPI. + * @return the message representative, an MPI between 0 and + * n - 1 (n being the shared public modulus). + * @throws ClassCastException if K is not an RSA one. + * @throws IllegalArgumentException if c, the ciphertext + * representative is not between 0 and n - 1 + * (n being the shared public modulus). + */ + public static final BigInteger decrypt(final PrivateKey K, final BigInteger c) + { + try + { + return RSADP((RSAPrivateKey) K, c); + } + catch (IllegalArgumentException x) + { + throw new IllegalArgumentException( + "ciphertext representative out of range"); + } + } + + // Conversion methods ------------------------------------------------------ + + /** + *

Converts a multi-precision integer (MPI) s into an + * octet sequence of length k.

+ * + * @param s the multi-precision integer to convert. + * @param k the length of the output. + * @return the result of the transform. + * @exception IllegalArgumentException if the length in octets of meaningful + * bytes of s is greater than k. + */ + public static final byte[] I2OSP(final BigInteger s, final int k) + { + byte[] result = s.toByteArray(); + if (result.length < k) + { + final byte[] newResult = new byte[k]; + System.arraycopy(result, 0, newResult, k - result.length, result.length); + result = newResult; + } + else if (result.length > k) + { // leftmost extra bytes should all be 0 + final int limit = result.length - k; + for (int i = 0; i < limit; i++) + { + if (result[i] != 0x00) + { + throw new IllegalArgumentException("integer too large"); + } + } + final byte[] newResult = new byte[k]; + System.arraycopy(result, limit, newResult, 0, k); + result = newResult; + } + return result; + } + + // helper methods ---------------------------------------------------------- + + private static final BigInteger RSAEP(final RSAPublicKey K, final BigInteger m) + { + // 1. If the representative m is not between 0 and n - 1, output + // "representative out of range" and stop. + final BigInteger n = K.getModulus(); + if (m.compareTo(ZERO) < 0 || m.compareTo(n.subtract(ONE)) > 0) + { + throw new IllegalArgumentException(); + } + // 2. Let c = m^e mod n. + final BigInteger e = K.getPublicExponent(); + final BigInteger result = m.modPow(e, n); + // 3. Output c. + return result; + } + + private static final BigInteger RSADP(final RSAPrivateKey K, BigInteger c) + { + // 1. If the representative c is not between 0 and n - 1, output + // "representative out of range" and stop. + final BigInteger n = K.getModulus(); + if (c.compareTo(ZERO) < 0 || c.compareTo(n.subtract(ONE)) > 0) + { + throw new IllegalArgumentException(); + } + + // 2. The representative m is computed as follows. + BigInteger result; + if (!(K instanceof RSAPrivateCrtKey)) + { + // a. If the first form (n, d) of K is used, let m = c^d mod n. + final BigInteger d = K.getPrivateExponent(); + result = c.modPow(d, n); + } + else + { + // from [3] p.13 --see class docs: + // The RSA blinding operation calculates x = (r^e) * g mod n before + // decryption, where r is random, e is the RSA encryption exponent, and + // g is the ciphertext to be decrypted. x is then decrypted as normal, + // followed by division by r, i.e. (x^e) / r mod n. Since r is random, + // x is random and timing the decryption should not reveal information + // about the key. Note that r should be a new random number for every + // decryption. + final boolean rsaBlinding = Properties.doRSABlinding(); + BigInteger r = null; + BigInteger e = null; + if (rsaBlinding) + { // pre-decryption + r = newR(n); + e = ((RSAPrivateCrtKey) K).getPublicExponent(); + final BigInteger x = r.modPow(e, n).multiply(c).mod(n); + c = x; + } + + // b. If the second form (p, q, dP, dQ, qInv) and (r_i, d_i, t_i) + // of K is used, proceed as follows: + final BigInteger p = ((RSAPrivateCrtKey) K).getPrimeP(); + final BigInteger q = ((RSAPrivateCrtKey) K).getPrimeQ(); + final BigInteger dP = ((RSAPrivateCrtKey) K).getPrimeExponentP(); + final BigInteger dQ = ((RSAPrivateCrtKey) K).getPrimeExponentQ(); + final BigInteger qInv = ((RSAPrivateCrtKey) K).getCrtCoefficient(); + + // i. Let m_1 = c^dP mod p and m_2 = c^dQ mod q. + final BigInteger m_1 = c.modPow(dP, p); + final BigInteger m_2 = c.modPow(dQ, q); + // ii. If u > 2, let m_i = c^(d_i) mod r_i, i = 3, ..., u. + // iii. Let h = (m_1 - m_2) * qInv mod p. + final BigInteger h = m_1.subtract(m_2).multiply(qInv).mod(p); + // iv. Let m = m_2 + q * h. + result = m_2.add(q.multiply(h)); + + if (rsaBlinding) + { // post-decryption + result = result.multiply(r.modInverse(n)).mod(n); + } + } + + // 3. Output m + return result; + } + + /** + *

Returns a random MPI with a random bit-length of the form 8b, + * where b is in the range [32..64].

+ * + * @return a random MPI whose length in bytes is between 32 and 64 inclusive. + */ + private static final BigInteger newR(final BigInteger N) + { + final int upper = (N.bitLength() + 7) / 8; + final int lower = upper / 2; + final byte[] bl = new byte[1]; + int b; + do + { + prng.nextBytes(bl); + b = bl[0] & 0xFF; + } + while (b < lower || b > upper); + final byte[] buffer = new byte[b]; // 256-bit MPI + prng.nextBytes(buffer); + return new BigInteger(1, buffer); + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java new file mode 100644 index 0000000..d4b69a7 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java @@ -0,0 +1,247 @@ +/* RSAPKCS1V1_5Signature.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.sig.BaseSignature; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.util.Arrays; + +/** + *

The RSA-PKCS1-V1.5 signature scheme is a digital signature scheme with + * appendix (SSA) combining the RSA algorithm with the EMSA-PKCS1-v1_5 encoding + * method.

+ * + *

References:

+ *
    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + * + *
  2. Public-Key Cryptography + * Standards (PKCS) #1:
    + * RSA Cryptography Specifications Version 2.1.
    + * Jakob Jonsson and Burt Kaliski.
    3. + *
+ * + * @version $Revision: 1.2 $ + */ +public class RSAPKCS1V1_5Signature extends BaseSignature +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The underlying EMSA-PKCS1-v1.5 instance for this object. */ + private EMSA_PKCS1_V1_5 pkcs1; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Default 0-arguments constructor. Uses SHA-1 as the default hash. + */ + public RSAPKCS1V1_5Signature() + { + this(Registry.SHA160_HASH); + } + + /** + *

Constructs an instance of this object using the designated message + * digest algorithm as its underlying hash function.

+ * + * @param mdName the canonical name of the underlying hash function. + */ + public RSAPKCS1V1_5Signature(final String mdName) + { + this(HashFactory.getInstance(mdName)); + } + + public RSAPKCS1V1_5Signature(IMessageDigest md) + { + super(Registry.RSA_PKCS1_V1_5_SIG, md); + + pkcs1 = EMSA_PKCS1_V1_5.getInstance(md.name()); + } + + /** Private constructor for cloning purposes. */ + private RSAPKCS1V1_5Signature(final RSAPKCS1V1_5Signature that) + { + this(that.md.name()); + + this.publicKey = that.publicKey; + this.privateKey = that.privateKey; + this.md = (IMessageDigest) that.md.clone(); + this.pkcs1 = (EMSA_PKCS1_V1_5) that.pkcs1.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in superclass ------------------------ + + public Object clone() + { + return new RSAPKCS1V1_5Signature(this); + } + + protected void setupForVerification(final PublicKey k) + throws IllegalArgumentException + { + if (!(k instanceof RSAPublicKey)) + { + throw new IllegalArgumentException(); + } + publicKey = k; + } + + protected void setupForSigning(final PrivateKey k) + throws IllegalArgumentException + { + if (!(k instanceof RSAPrivateKey)) + { + throw new IllegalArgumentException(); + } + privateKey = k; + } + + protected Object generateSignature() throws IllegalStateException + { + // 1. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding + // operation (Section 9.2) to the message M to produce an encoded + // message EM of length k octets: + // + // EM = EMSA-PKCS1-V1_5-ENCODE (M, k). + // + // If the encoding operation outputs "message too long," output + // "message too long" and stop. If the encoding operation outputs + // "intended encoded message length too short," output "RSA modulus + // too short" and stop. + final int modBits = ((RSAPrivateKey) privateKey).getModulus().bitLength(); + final int k = (modBits + 7) / 8; + final byte[] EM = pkcs1.encode(md.digest(), k); + + // 2. RSA signature: + // a. Convert the encoded message EM to an integer message epresentative + // m (see Section 4.2): m = OS2IP (EM). + final BigInteger m = new BigInteger(1, EM); + // b. Apply the RSASP1 signature primitive (Section 5.2.1) to the RSA + // private key K and the message representative m to produce an + // integer signature representative s: s = RSASP1 (K, m). + final BigInteger s = RSA.sign(privateKey, m); + // c. Convert the signature representative s to a signature S of length + // k octets (see Section 4.1): S = I2OSP (s, k). + // 3. Output the signature S. + return RSA.I2OSP(s, k); + } + + protected boolean verifySignature(final Object sig) + throws IllegalStateException + { + if (publicKey == null) + { + throw new IllegalStateException(); + } + final byte[] S = (byte[]) sig; + // 1. Length checking: If the length of the signature S is not k octets, + // output "invalid signature" and stop. + final int modBits = ((RSAPublicKey) publicKey).getModulus().bitLength(); + final int k = (modBits + 7) / 8; + if (S.length != k) + { + return false; + } + // 2. RSA verification: + // a. Convert the signature S to an integer signature representative + // s (see Section 4.2): s = OS2IP (S). + final BigInteger s = new BigInteger(1, S); + // b. Apply the RSAVP1 verification primitive (Section 5.2.2) to the + // RSA public key (n, e) and the signature representative s to + // produce an integer message representative m: + // m = RSAVP1 ((n, e), s). + // If RSAVP1 outputs "signature representative out of range," + // output "invalid signature" and stop. + final BigInteger m; + try + { + m = RSA.verify(publicKey, s); + } + catch (IllegalArgumentException x) + { + return false; + } + // c. Convert the message representative m to an encoded message EM + // of length k octets (see Section 4.1): EM = I2OSP (m, k). + // If I2OSP outputs "integer too large," output "invalid signature" + // and stop. + final byte[] EM; + try + { + EM = RSA.I2OSP(m, k); + } + catch (IllegalArgumentException x) + { + return false; + } + // 3. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding + // operation (Section 9.2) to the message M to produce a second + // encoded message EM' of length k octets: + // EM' = EMSA-PKCS1-V1_5-ENCODE (M, k). + // If the encoding operation outputs "message too long," output + // "message too long" and stop. If the encoding operation outputs + // "intended encoded message length too short," output "RSA modulus + // too short" and stop. + final byte[] EMp = pkcs1.encode(md.digest(), k); + // 4. Compare the encoded message EM and the second encoded message EM'. + // If they are the same, output "valid signature"; otherwise, output + // "invalid signature." + return Arrays.equals(EM, EMp); + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java new file mode 100644 index 0000000..68c1eda --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java @@ -0,0 +1,153 @@ +/* RSAPKCS1V1_5SignatureRawCodec.java -- Raw RSA PKCS1 v1.5 signature codeec + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import java.io.ByteArrayOutputStream; + +import gnu.java.security.Registry; +import gnu.java.security.sig.ISignatureCodec; + +/** + * An object that implements the {@link ISignatureCodec} operations for the + * Raw format to use with RSA-PKCS#1 v1.5 signatures. + */ +public class RSAPKCS1V1_5SignatureRawCodec + implements ISignatureCodec +{ + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + * Returns the encoded form of the designated RSA-PKCS#1 (v1.5) signature + * object according to the Raw format supported by this library. + *

+ * The Raw format for such a signature, in this implementation, is a + * byte sequence consisting of the following: + *

+ *

    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE}, + *
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the RSA-PKCS#1 (v1.5) + * signature bytes in internet order,
    5. + *
  5. the RSA-PKCS#1 (v1.5) signature bytes in internet order.
    6. + *
+ * + * @param signature the signature to encode, consisting of the output of the + * sign() method of a {@link RSAPKCS1V1_5Signature} + * instance --a byte array. + * @return the Raw format encoding of the designated signature. + * @exception IllegalArgumentException if the designated signature is not an + * RSA-PKCS#1 (v1.5) one. + */ + public byte[] encodeSignature(Object signature) + { + byte[] buffer; + try + { + buffer = (byte[]) signature; + } + catch (Exception x) + { + throw new IllegalArgumentException("Signature/codec mismatch"); + } + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[0]); + baos.write(Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[1]); + baos.write(Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[2]); + baos.write(Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[3]); + + // version + baos.write(0x01); + + // signature bytes + int length = buffer.length; + baos.write( length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + /** + * Returns the decoded object from a designated input assumed to have been + * generated by the {@link #encodeSignature(Object)} method. + * + * @param input the input bytes of a previously Raw-encoded RSA PKCS1 (v1.5) + * signature. + * @return the signature object. + * @throws IllegalArgumentException if the designated input does not start + * with the right magic characters, or if the version + * is not supported. + */ + public Object decodeSignature(byte[] input) + { + // magic + if (input[0] != Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[0] + || input[1] != Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[1] + || input[2] != Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[2] + || input[3] != Registry.MAGIC_RAW_RSA_PKCS1V1_5_SIGNATURE[3]) + throw new IllegalArgumentException("Signature/codec mismatch"); + + // version + if (input[4] != 0x01) + throw new IllegalArgumentException("Wrong or unsupported format version"); + + int i = 5; + int l; + + // signature bytes + l = input[i++] << 24 + | (input[i++] & 0xFF) << 16 + | (input[i++] & 0xFF) << 8 + | (input[i++] & 0xFF); + byte[] result = new byte[l]; + System.arraycopy(input, i, result, 0, l); + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java new file mode 100644 index 0000000..3cb3756 --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java @@ -0,0 +1,128 @@ +/* RSAPSSSignatureX509Codec.java -- X.509 encoder/decoder for RSA signatures + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.sig.ISignatureCodec; + +import java.security.InvalidParameterException; + +/** + * An implementation of an {@link ISignatureCodec} that knows to encode and + * decode RSA PKCS1 (v1.5) signatures into the raw bytes which would constitute + * a DER-encoded form of the ASN.1 structure defined in RFC-2459, and RFC-2313 + * as described in the next paragraphs. + *

+ * Digital signatures when transmitted in an X.509 certificates are encoded + * in DER (Distinguished Encoding Rules) as a BIT STRING; i.e. + * + * 

+ * Certificate ::= SEQUENCE {
+ *   tbsCertificate       TBSCertificate,
+ *   signatureAlgorithm   AlgorithmIdentifier,
+ *   signature            BIT STRING
+ * }
+ *
+ *

+ * The output of the encoder, and the input of the decoder, of this codec are + * then the raw bytes of such a BIT STRING; i.e. not the DER-encoded + * form itself. + *

+ * Our implementation of the RSA PKCS1 signature algorithm outputs a byte array + * as the result of generating a digital signature, in accordance with RFC-2313. + * As a consequence, the encoder and decoder of this codec, simply pass through + * such a byte array. + *

+ * Client code that needs to build a DER BIT STRING MUST construct such + * an ASN.1 value. The following is an example of how to do this: + *

+ * 

+ * ...
+ * import gnu.java.security.der.BitString;
+ * import gnu.java.security.der.DER;
+ * import gnu.java.security.der.DERValue;
+ * ...
+ * DERValue bitString = new DERValue(DER.BIT_STRING, new BitString(sigBytes));
+ * ...
+ *
+ */ +public class RSAPKCS1V1_5SignatureX509Codec + implements ISignatureCodec +{ + // default 0-arguments constructor + + public int getFormatID() + { + return Registry.X509_ENCODING_ID; + } + + /** + * Encodes an RSA Signature output as a signature BIT STRING as + * defined in the documentation of this class. + * + * @param signature the output of the RSA PKCS1 (v1.5) signature algorithm; + * i.e. the value returned by the invocation of + * {@link gnu.java.security.sig.ISignature#sign()} method. In the + * case of the RSA PKCS1 (v1.5) signature this is an array of bytes. + * @return the raw bytes of an RSA signature which could be then used as the + * contents of a BIT STRING as per rfc-2459. + */ + public byte[] encodeSignature(Object signature) + { + byte[] result = (byte[]) signature; + return result; + } + + /** + * Decodes a signature as defined in the documentation of this class. + * + * @param input the byte array to unmarshall into a valid RSA PKCS1 (v1.5) + * signature instance; i.e. a byte array. MUST NOT be null. + * @return an array of raw bytes decoded from the designated input. In the + * case of RSA PKCS1 (v1.5) this is the same as the input. + * @throw InvalidParameterException if the input array is null. + */ + public Object decodeSignature(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + return input; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java new file mode 100644 index 0000000..95a6653f --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java @@ -0,0 +1,348 @@ +/* RSAPSSSignature.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.sig.BaseSignature; +import gnu.java.security.util.Util; + +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; + +/** + *

The RSA-PSS signature scheme is a public-key encryption scheme combining + * the RSA algorithm with the Probabilistic Signature Scheme (PSS) encoding + * method.

+ * + *

The inventors of RSA are Ronald L. Rivest, Adi Shamir, and Leonard Adleman, + * while the inventors of the PSS encoding method are Mihir Bellare and Phillip + * Rogaway. During efforts to adopt RSA-PSS into the P1363a standards effort, + * certain adaptations to the original version of RSA-PSS were made by Mihir + * Bellare and Phillip Rogaway and also by Burt Kaliski (the editor of IEEE + * P1363a) to facilitate implementation and integration into existing protocols.

+ * + *

References: + *

    + *
  1. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @version $Revision: 1.2 $ + */ +public class RSAPSSSignature extends BaseSignature +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "rsa-pss"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 1; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The underlying EMSA-PSS instance for this object. */ + private EMSA_PSS pss; + + /** The desired length in octets of the EMSA-PSS salt. */ + private int sLen; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Default 0-arguments constructor. Uses SHA-1 as the default hash and a + * 0-octet salt. + */ + public RSAPSSSignature() + { + this(Registry.SHA160_HASH, 0); + } + + /** + *

Constructs an instance of this object using the designated message + * digest algorithm as its underlying hash function, and having 0-octet + * salt.

+ * + * @param mdName the canonical name of the underlying hash function. + */ + public RSAPSSSignature(String mdName) + { + this(mdName, 0); + } + + /** + *

Constructs an instance of this object using the designated message + * digest algorithm as its underlying hash function.

+ * + * @param mdName the canonical name of the underlying hash function. + * @param sLen the desired length in octets of the salt to use for encoding / + * decoding signatures. + */ + public RSAPSSSignature(String mdName, int sLen) + { + this(HashFactory.getInstance(mdName), sLen); + } + + public RSAPSSSignature(IMessageDigest md, int sLen) + { + super(Registry.RSA_PSS_SIG, md); + + pss = EMSA_PSS.getInstance(md.name()); + this.sLen = sLen; + } + + /** Private constructor for cloning purposes. */ + private RSAPSSSignature(RSAPSSSignature that) + { + this(that.md.name(), that.sLen); + + this.publicKey = that.publicKey; + this.privateKey = that.privateKey; + this.md = (IMessageDigest) that.md.clone(); + this.pss = (EMSA_PSS) that.pss.clone(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in superclass ------------------------ + + public Object clone() + { + return new RSAPSSSignature(this); + } + + protected void setupForVerification(PublicKey k) + throws IllegalArgumentException + { + if (!(k instanceof RSAPublicKey)) + { + throw new IllegalArgumentException(); + } + publicKey = (RSAPublicKey) k; + } + + protected void setupForSigning(PrivateKey k) throws IllegalArgumentException + { + if (!(k instanceof RSAPrivateKey)) + { + throw new IllegalArgumentException(); + } + privateKey = (RSAPrivateKey) k; + } + + protected Object generateSignature() throws IllegalStateException + { + // 1. Apply the EMSA-PSS encoding operation to the message M to produce an + // encoded message EM of length CEILING((modBits ? 1)/8) octets such + // that the bit length of the integer OS2IP(EM) is at most modBits ? 1: + // EM = EMSA-PSS-Encode(M,modBits ? 1). + // Note that the octet length of EM will be one less than k if + // modBits ? 1 is divisible by 8. If the encoding operation outputs + // 'message too long' or 'encoding error,' then output 'message too + // long' or 'encoding error' and stop. + int modBits = ((RSAPrivateKey) privateKey).getModulus().bitLength(); + byte[] salt = new byte[sLen]; + this.nextRandomBytes(salt); + byte[] EM = pss.encode(md.digest(), modBits - 1, salt); + if (DEBUG && debuglevel > 8) + { + debug("EM (sign): " + Util.toString(EM)); + } + // 2. Convert the encoded message EM to an integer message representative + // m (see Section 1.2.2): m = OS2IP(EM). + BigInteger m = new BigInteger(1, EM); + // 3. Apply the RSASP signature primitive to the public key K and the + // message representative m to produce an integer signature + // representative s: s = RSASP(K,m). + BigInteger s = RSA.sign(privateKey, m); + // 4. Convert the signature representative s to a signature S of length k + // octets (see Section 1.2.1): S = I2OSP(s, k). + // 5. Output the signature S. + int k = (modBits + 7) / 8; + // return encodeSignature(s, k); + return RSA.I2OSP(s, k); + } + + protected boolean verifySignature(Object sig) throws IllegalStateException + { + if (publicKey == null) + { + throw new IllegalStateException(); + } + // byte[] S = decodeSignature(sig); + byte[] S = (byte[]) sig; + // 1. If the length of the signature S is not k octets, output 'signature + // invalid' and stop. + int modBits = ((RSAPublicKey) publicKey).getModulus().bitLength(); + int k = (modBits + 7) / 8; + if (S.length != k) + { + return false; + } + // 2. Convert the signature S to an integer signature representative s: + // s = OS2IP(S). + BigInteger s = new BigInteger(1, S); + // 3. Apply the RSAVP verification primitive to the public key (n, e) and + // the signature representative s to produce an integer message + // representative m: m = RSAVP((n, e), s). + // If RSAVP outputs 'signature representative out of range,' then + // output 'signature invalid' and stop. + BigInteger m = null; + try + { + m = RSA.verify(publicKey, s); + } + catch (IllegalArgumentException x) + { + return false; + } + // 4. Convert the message representative m to an encoded message EM of + // length emLen = CEILING((modBits - 1)/8) octets, where modBits is + // equal to the bit length of the modulus: EM = I2OSP(m, emLen). + // Note that emLen will be one less than k if modBits - 1 is divisible + // by 8. If I2OSP outputs 'integer too large,' then output 'signature + // invalid' and stop. + int emBits = modBits - 1; + int emLen = (emBits + 7) / 8; + byte[] EM = m.toByteArray(); + if (DEBUG && debuglevel > 8) + { + debug("EM (verify): " + Util.toString(EM)); + } + if (EM.length > emLen) + { + return false; + } + else if (EM.length < emLen) + { + byte[] newEM = new byte[emLen]; + System.arraycopy(EM, 0, newEM, emLen - EM.length, EM.length); + EM = newEM; + } + // 5. Apply the EMSA-PSS decoding operation to the message M and the + // encoded message EM: Result = EMSA-PSS-Decode(M, EM, emBits). If + // Result = 'consistent,' output 'signature verified.' Otherwise, + // output 'signature invalid.' + byte[] mHash = md.digest(); + boolean result = false; + try + { + result = pss.decode(mHash, EM, emBits, sLen); + } + catch (IllegalArgumentException x) + { + result = false; + } + return result; + } + + // Other instance methods -------------------------------------------------- + + /** + * Converts the signature representative s to a signature + * S of length k octets; i.e. + * S = I2OSP(s, k), where k = CEILING(modBits/8). + * + * @param s the signature representative. + * @param k the length of the output. + * @return the signature as an octet sequence. + * @exception IllegalArgumentException if the length in octets of meaningful + * bytes of s is greater than k, implying that + * s is not less than the RSA modulus. + */ + // private Object encodeSignature(BigInteger s, int k) { + // if (DEBUG && debuglevel > 8) { + // debug("s.bitLength(): "+String.valueOf(s.bitLength())); + // debug("k: "+String.valueOf(k)); + // } + // byte[] result = s.toByteArray(); + // if (DEBUG && debuglevel > 8) { + // debug("s: "+Util.toString(result)); + // debug("s (bytes): "+String.valueOf(result.length)); + // } + // if (result.length < k) { + // byte[] newResult = new byte[k]; + // System.arraycopy(result, 0, newResult, k-result.length, result.length); + // result = newResult; + // } else if (result.length > k) { // leftmost extra bytes should all be 0 + // int limit = result.length - k; + // for (int i = 0; i < limit; i++) { + // if (result[i] != 0x00) { + // throw new IllegalArgumentException("integer too large"); + // } + // } + // byte[] newResult = new byte[k]; + // System.arraycopy(result, limit, newResult, 0, k); + // result = newResult; + // } + // return result; + // } + /** + * Returns the output of a previously generated signature object as an octet + * sequence.

+ * + * @return the octet sequence S. + */ + // private byte[] decodeSignature(Object signature) { + // return (byte[]) signature; + // } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java new file mode 100644 index 0000000..64a972c --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java @@ -0,0 +1,159 @@ +/* RSAPSSSignatureRawCodec.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import gnu.java.security.Registry; +import gnu.java.security.sig.ISignatureCodec; + +import java.io.ByteArrayOutputStream; + +/** + *

An object that implements the {@link gnu.crypto.sig.ISignatureCodec} + * operations for the Raw format to use with RSA-PSS signatures.

+ * + * @version $Revision: 1.1 $ + */ +public class RSAPSSSignatureRawCodec implements ISignatureCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // gnu.crypto.keys.IKeyPairCodec interface implementation + // ------------------------------------------------------------------------- + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated RSA-PSS signature object + * according to the Raw format supported by this library.

+ * + *

The Raw format for an RSA-PSS signature, in this implementation, + * is a byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_RSA_PSS_SIGNATURE},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the RSA-PSS signature + * bytes in internet order,
    5. + *
  5. the RSA-PSS signature bytes in internet order.
    6. + *
+ * + * @param signature the signature to encode, consisting of the output of the + * sign() method of a {@link RSAPSSSignature} instance --a byte + * array. + * @return the Raw format encoding of the designated signature. + * @exception IllegalArgumentException if the designated signature is not an + * RSA-PSS one. + */ + public byte[] encodeSignature(Object signature) + { + byte[] buffer; + try + { + buffer = (byte[]) signature; + } + catch (Exception x) + { + throw new IllegalArgumentException("key"); + } + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[0]); + baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[1]); + baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[2]); + baos.write(Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[3]); + + // version + baos.write(0x01); + + // signature bytes + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public Object decodeSignature(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[0] + || k[1] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[1] + || k[2] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[2] + || k[3] != Registry.MAGIC_RAW_RSA_PSS_SIGNATURE[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + + int i = 5; + int l; + + // signature bytes + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + byte[] result = new byte[l]; + System.arraycopy(k, i, result, 0, l); + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSASignatureFactory.java b/libjava/classpath/gnu/java/security/sig/rsa/RSASignatureFactory.java new file mode 100644 index 0000000..b8e12ca --- /dev/null +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSASignatureFactory.java @@ -0,0 +1,176 @@ +/* RSASignatureFactory.java -- A Factory class to instantiate RSA Signatures + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.sig.rsa; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.sig.ISignature; + +/** + * A Factory class to instantiate RSA Signature classes. + */ +public class RSASignatureFactory +{ + private static Set names; + + /** + * Private constructor to enforce usage through Factory (class) methods. + */ + private RSASignatureFactory() + { + super(); + } + + /** + * Returns a new instance of an RSA Signature given its name. The name of an + * RSA Signature always starts with rsa-, followed by either + * pss or pkcs1_v1.5. An optional message digest + * name, to be used with the RSA signature may be specified by appending the + * hyphen chanaracter - followed by the canonical message digest + * algorithm name. When no message digest algorithm name is given, SHA-160 is + * used. + * + * @param name the composite RSA signature name. + * @return a new instance of an RSA Signature algorithm implementation. + * Returns null if the given name does not correspond to any + * supported RSA Signature encoding and message digest combination. + */ + public static final ISignature getInstance(String name) + { + if (name == null) + return null; + + name = name.trim(); + if (name.length() == 0) + return null; + + name = name.toLowerCase(); + if (! name.startsWith(Registry.RSA_SIG_PREFIX)) + return null; + + name = name.substring(Registry.RSA_SIG_PREFIX.length()).trim(); + if (name.startsWith(Registry.RSA_PSS_ENCODING)) + return getPSSSignature(name); + else if (name.startsWith(Registry.RSA_PKCS1_V1_5_ENCODING)) + return getPKCS1Signature(name); + else + return null; + } + + /** + * Returns a {@link Set} of names of RSA signatures supported by this + * Factory. + * + * @return a {@link Set} of RSA Signature algorithm names (Strings). + */ + public static synchronized final Set getNames() + { + if (names == null) + { + Set hashNames = HashFactory.getNames(); + HashSet hs = new HashSet(); + for (Iterator it = hashNames.iterator(); it.hasNext();) + { + String mdName = (String) it.next(); + hs.add(Registry.RSA_PSS_SIG + "-" + mdName); + } + + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD2_HASH); + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD5_HASH); + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA160_HASH); + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA256_HASH); + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA384_HASH); + hs.add(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA512_HASH); + + names = Collections.unmodifiableSet(hs); + } + + return names; + } + + private static final ISignature getPSSSignature(String name) + { + name = name.substring(Registry.RSA_PSS_ENCODING.length()).trim(); + // remove the hyphen if found at the beginning + if (name.startsWith("-")) + name = name.substring(1).trim(); + + IMessageDigest md; + if (name.length() == 0) + md = HashFactory.getInstance(Registry.SHA160_HASH); + else + { + // check if there is such a hash + md = HashFactory.getInstance(name); + if (md == null) + return null; + } + + ISignature result = new RSAPSSSignature(md, 0); + return result; + } + + private static final ISignature getPKCS1Signature(String name) + { + name = name.substring(Registry.RSA_PKCS1_V1_5_ENCODING.length()).trim(); + // remove the hyphen if found at the beginning + if (name.startsWith("-")) + name = name.substring(1).trim(); + + IMessageDigest md; + if (name.length() == 0) + md = HashFactory.getInstance(Registry.SHA160_HASH); + else + { + // check if there is such a hash + md = HashFactory.getInstance(name); + if (md == null) + return null; + } + + ISignature result = new RSAPKCS1V1_5Signature(md); + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/util/Base64.java b/libjava/classpath/gnu/java/security/util/Base64.java new file mode 100644 index 0000000..f9998c3 --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/Base64.java @@ -0,0 +1,396 @@ +/* Base64.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; + +/** + * Most of this implementation is from Robert Harder's public domain Base64 + * code (version 1.4.1 available from <http://iharder.net/xmlizable>). + */ +public class Base64 +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "Base64"; + + private static final boolean DEBUG = true; + + private static final int debuglevel = 9; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Maximum line length (76) of Base64 output. */ + private static final int MAX_LINE_LENGTH = 76; + + /** The new line character (\n) as one byte. */ + private static final byte NEW_LINE = (byte) '\n'; + + /** The equals sign (=) as a byte. */ + private static final byte EQUALS_SIGN = (byte) '='; + + private static final byte WHITE_SPACE_ENC = -5; // white space in encoding + + private static final byte EQUALS_SIGN_ENC = -1; // equals sign in encoding + + /** The 64 valid Base64 values. */ + private static final byte[] ALPHABET = { (byte) 'A', (byte) 'B', (byte) 'C', + (byte) 'D', (byte) 'E', (byte) 'F', + (byte) 'G', (byte) 'H', (byte) 'I', + (byte) 'J', (byte) 'K', (byte) 'L', + (byte) 'M', (byte) 'N', (byte) 'O', + (byte) 'P', (byte) 'Q', (byte) 'R', + (byte) 'S', (byte) 'T', (byte) 'U', + (byte) 'V', (byte) 'W', (byte) 'X', + (byte) 'Y', (byte) 'Z', (byte) 'a', + (byte) 'b', (byte) 'c', (byte) 'd', + (byte) 'e', (byte) 'f', (byte) 'g', + (byte) 'h', (byte) 'i', (byte) 'j', + (byte) 'k', (byte) 'l', (byte) 'm', + (byte) 'n', (byte) 'o', (byte) 'p', + (byte) 'q', (byte) 'r', (byte) 's', + (byte) 't', (byte) 'u', (byte) 'v', + (byte) 'w', (byte) 'x', (byte) 'y', + (byte) 'z', (byte) '0', (byte) '1', + (byte) '2', (byte) '3', (byte) '4', + (byte) '5', (byte) '6', (byte) '7', + (byte) '8', (byte) '9', (byte) '+', + (byte) '/' }; + + /** + * Translates a Base64 value to either its 6-bit reconstruction value or a + * negative number indicating some other meaning. + */ + private static final byte[] DECODABET = { -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 0 - 8 + -5, -5, // Whitespace: Tab and Linefeed + -9, -9, // Decimal 11 - 12 + -5, // Whitespace: Carriage Return + -9, -9, -9, -9, -9, -9, -9, -9, -9, + -9, -9, -9, -9, // Decimal 14 - 26 + -9, -9, -9, -9, -9, // Decimal 27 - 31 + -5, // Whitespace: Space + -9, -9, -9, -9, -9, -9, -9, -9, -9, + -9, // Decimal 33 - 42 + 62, // Plus sign at decimal 43 + -9, -9, -9, // Decimal 44 - 46 + 63, // Slash at decimal 47 + 52, 53, 54, 55, 56, 57, 58, 59, 60, + 61, // Numbers zero through nine + -9, -9, -9, // Decimal 58 - 60 + -1, // Equals sign at decimal 61 + -9, -9, -9, // Decimal 62 - 64 + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, + 11, 12, 13, // Letters 'A' through 'N' + 14, 15, 16, 17, 18, 19, 20, 21, 22, + 23, 24, 25, // Letters 'O' through 'Z' + -9, -9, -9, -9, -9, -9, // Decimal 91 - 96 + 26, 27, 28, 29, 30, 31, 32, 33, 34, + 35, 36, 37, 38, // Letters 'a' through 'm' + 39, 40, 41, 42, 43, 44, 45, 46, 47, + 48, 49, 50, 51, // Letters 'n' through 'z' + -9, -9, -9, -9 // Decimal 123 - 126 + }; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial private ctor to enfore Singleton pattern. */ + private Base64() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * Encodes a byte array into Base64 notation. Equivalent to calling + * encode(source, 0, source.length). + * + * @param src the data to convert. + */ + public static final String encode(final byte[] src) + { + return encode(src, 0, src.length, true); + } + + /** + * Encodes a byte array into Base64 notation. + * + * @param src the data to convert. + * @param off offset in array where conversion should begin. + * @param len length of data to convert. + * @param breakLines break lines at 80 characters or less. + */ + public static final String encode(final byte[] src, final int off, + final int len, final boolean breakLines) + { + final int len43 = len * 4 / 3; + final byte[] outBuff = new byte[len43 // Main 4:3 + + ((len % 3) > 0 ? 4 : 0) // Account for padding + + (breakLines ? (len43 / MAX_LINE_LENGTH) + : 0)]; // New lines + int d = 0; + int e = 0; + final int len2 = len - 2; + int lineLength = 0; + for (; d < len2; d += 3, e += 4) + { + encode3to4(src, d + off, 3, outBuff, e); + lineLength += 4; + if (breakLines && lineLength == MAX_LINE_LENGTH) + { + outBuff[e + 4] = NEW_LINE; + e++; + lineLength = 0; + } + } + + if (d < len) + { // padding needed + encode3to4(src, d + off, len - d, outBuff, e); + e += 4; + } + + return new String(outBuff, 0, e); + } + + /** + * Decodes data from Base64 notation. + * + * @param s the string to decode. + * @return the decoded data. + */ + public static final byte[] decode(final String s) + throws UnsupportedEncodingException + { + final byte[] bytes; + bytes = s.getBytes("US-ASCII"); + return decode(bytes, 0, bytes.length); + } + + /** + * Decodes Base64 content in byte array format and returns the decoded byte + * array. + * + * @param src the Base64 encoded data. + * @param off the offset of where to begin decoding. + * @param len the length of characters to decode. + * @return the decoded data. + * @throws IllegalArgumentException if src contains an illegal + * Base-64 character. + */ + public static byte[] decode(final byte[] src, final int off, final int len) + { + final int len34 = len * 3 / 4; + final byte[] outBuff = new byte[len34]; // Upper limit on size of output + int outBuffPosn = 0; + final byte[] b4 = new byte[4]; + int b4Posn = 0; + int i; + byte sbiCrop, sbiDecode; + for (i = off; i < off + len; i++) + { + sbiCrop = (byte) (src[i] & 0x7F); // Only the low seven bits + sbiDecode = DECODABET[sbiCrop]; + if (sbiDecode >= WHITE_SPACE_ENC) + { // White space, Equals sign or better + if (sbiDecode >= EQUALS_SIGN_ENC) + { + b4[b4Posn++] = sbiCrop; + if (b4Posn > 3) + { + outBuffPosn += decode4to3(b4, 0, outBuff, outBuffPosn); + b4Posn = 0; + // If that was the equals sign, break out of 'for' loop + if (sbiCrop == EQUALS_SIGN) + break; + } // end if: quartet built + } // end if: equals sign or better + } + else + { + throw new IllegalArgumentException("Illegal BASE-64 character at #" + + i + ": " + src[i] + + "(decimal)"); + } + } + + final byte[] result = new byte[outBuffPosn]; + System.arraycopy(outBuff, 0, result, 0, outBuffPosn); + return result; + } + + /** + *

Encodes up to three bytes of the array src and writes + * the resulting four Base64 bytes to dest. The source and + * destination arrays can be manipulated anywhere along their length by + * specifying sOffset and dOffset.

+ * + *

This method does not check to make sure the arrays are large enough to + * accomodate sOffset + 3 for the src array or + * dOffset + 4 for the dest array. The actual + * number of significant bytes in the input array is given by + * numBytes.

+ * + * @param src the array to convert. + * @param sOffset the index where conversion begins. + * @param numBytes the number of significant bytes in your array. + * @param dest the array to hold the conversion. + * @param dOffset the index where output will be put. + * @return the destination array. + */ + private static final byte[] encode3to4(final byte[] src, final int sOffset, + final int numBytes, final byte[] dest, + final int dOffset) + { + // 1 2 3 + // 01234567890123456789012345678901 Bit position + // --------000000001111111122222222 Array position from threeBytes + // --------| || || || | Six bit groups to index ALPHABET + // >>18 >>12 >> 6 >> 0 Right shift necessary + // 0x3F 0x3F 0x3F Additional AND + + // Create buffer with zero-padding if there are only one or two + // significant bytes passed in the array. + // We have to shift left 24 in order to flush out the 1's that appear + // when Java treats a value as negative that is cast from a byte to an int. + final int inBuff = (numBytes > 0 ? ((src[sOffset] << 24) >>> 8) : 0) + | (numBytes > 1 ? ((src[sOffset + 1] << 24) >>> 16) : 0) + | (numBytes > 2 ? ((src[sOffset + 2] << 24) >>> 24) : 0); + switch (numBytes) + { + case 3: + dest[dOffset] = ALPHABET[(inBuff >>> 18)]; + dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; + dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F]; + dest[dOffset + 3] = ALPHABET[(inBuff) & 0x3F]; + break; + case 2: + dest[dOffset] = ALPHABET[(inBuff >>> 18)]; + dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; + dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F]; + dest[dOffset + 3] = EQUALS_SIGN; + break; + case 1: + dest[dOffset] = ALPHABET[(inBuff >>> 18)]; + dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; + dest[dOffset + 2] = EQUALS_SIGN; + dest[dOffset + 3] = EQUALS_SIGN; + break; + } + return dest; + } + + /** + *

Decodes four bytes from array src and writes the + * resulting bytes (up to three of them) to dest.

+ * + *

The source and destination arrays can be manipulated anywhere along + * their length by specifying sOffset and dOffset. + *

+ * + *

This method does not check to make sure your arrays are large enough + * to accomodate sOffset + 4 for the src array or + * dOffset + 3 for the dest array. This method + * returns the actual number of bytes that were converted from the Base64 + * encoding.

+ * + * @param src the array to convert. + * @param sOffset the index where conversion begins. + * @param dest the array to hold the conversion. + * @param dOffset the index where output will be put. + * @return the number of decoded bytes converted. + */ + private static final int decode4to3(final byte[] src, final int sOffset, + final byte[] dest, final int dOffset) + { + if (src[sOffset + 2] == EQUALS_SIGN) + { // Example: Dk== + final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18) + | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12); + dest[dOffset] = (byte) (outBuff >>> 16); + return 1; + } + + if (src[sOffset + 3] == EQUALS_SIGN) + { // Example: DkL= + final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18) + | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12) + | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6); + dest[dOffset] = (byte) (outBuff >>> 16); + dest[dOffset + 1] = (byte) (outBuff >>> 8); + return 2; + } + + try + { // Example: DkLE + final int outBuff = ((DECODABET[src[sOffset]] & 0xFF) << 18) + | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12) + | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6) + | ((DECODABET[src[sOffset + 3]] & 0xFF)); + dest[dOffset] = (byte) (outBuff >> 16); + dest[dOffset + 1] = (byte) (outBuff >> 8); + dest[dOffset + 2] = (byte) outBuff; + return 3; + } + catch (Exception x) + { + if (DEBUG && debuglevel > 8) + { + debug("" + src[sOffset] + ": " + (DECODABET[src[sOffset]])); + debug("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]])); + debug("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]])); + debug("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]])); + } + return -1; + } + } +} diff --git a/libjava/classpath/gnu/java/security/util/DerUtil.java b/libjava/classpath/gnu/java/security/util/DerUtil.java new file mode 100644 index 0000000..26232ba --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/DerUtil.java @@ -0,0 +1,64 @@ +/* DerUtil.java -- Utility methods for DER read/write operations + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import gnu.java.security.der.DEREncodingException; +import gnu.java.security.der.DERValue; + +import java.math.BigInteger; + +/** + * Utility methods for DER encoding handling. + */ +public abstract class DerUtil +{ + public static final void checkIsConstructed(DERValue v, String msg) + throws DEREncodingException + { + if (! v.isConstructed()) + throw new DEREncodingException(msg); + } + + public static final void checkIsBigInteger(DERValue v, String msg) + throws DEREncodingException + { + if (! (v.getValue() instanceof BigInteger)) + throw new DEREncodingException(msg); + } +} diff --git a/libjava/classpath/gnu/java/security/util/ExpirableObject.java b/libjava/classpath/gnu/java/security/util/ExpirableObject.java new file mode 100644 index 0000000..2d44520 --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/ExpirableObject.java @@ -0,0 +1,172 @@ +/* ExpirableObject.java -- an object that is automatically destroyed. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.util.Timer; +import java.util.TimerTask; + +import javax.security.auth.DestroyFailedException; +import javax.security.auth.Destroyable; + +/** + * The base class for objects with sensitive data that are automatically + * destroyed after a timeout elapses. On creation, an object that extends + * this class will automatically be added to a {@link Timer} object that, + * once a timeout elapses, will automatically call the {@link + * Destroyable#destroy()} method. + * + *

Concrete subclasses must implement the {@link doDestroy()} method + * instead of {@link Destroyable#destroy()}; the behavior of that method + * should match exactly the behavior desired of destroy(). + * + *

Note that if a {@link DestroyFailedException} occurs when the timeout + * expires, it will not be reported. + * + * @see Destroyable + */ +public abstract class ExpirableObject implements Destroyable +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + /** + * The default timeout, used in the default constructor. + */ + public static final long DEFAULT_TIMEOUT = 3600000L; + + /** + * The timer that expires instances. + */ + private static final Timer EXPIRER = new Timer(true); + + /** + * A reference to the task that will destroy this object when the timeout + * expires. + */ + private final Destroyer destroyer; + + // Constructors. + // ------------------------------------------------------------------------- + + /** + * Create a new expirable object that will expire after one hour. + */ + protected ExpirableObject() + { + this(DEFAULT_TIMEOUT); + } + + /** + * Create a new expirable object that will expire after the specified + * timeout. + * + * @param delay The delay before expiration. + * @throws IllegalArgumentException If delay is negative, or if + * delay + System.currentTimeMillis() is negative. + */ + protected ExpirableObject(final long delay) + { + destroyer = new Destroyer(this); + EXPIRER.schedule(destroyer, delay); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + /** + * Destroys this object. This method calls {@link doDestroy}, then, if + * no exception is thrown, cancels the task that would destroy this object + * when the timeout is reached. + * + * @throws DestroyFailedException If this operation fails. + */ + public final void destroy() throws DestroyFailedException + { + doDestroy(); + destroyer.cancel(); + } + + /** + * Subclasses must implement this method instead of the {@link + * Destroyable#destroy()} method. + * + * @throws DestroyFailedException If this operation fails. + */ + protected abstract void doDestroy() throws DestroyFailedException; + + // Inner classes. + // ------------------------------------------------------------------------- + + /** + * The task that destroys the target when the timeout elapses. + */ + private final class Destroyer extends TimerTask + { + + // Fields. + // ----------------------------------------------------------------------- + + private final ExpirableObject target; + + // Constructor. + // ----------------------------------------------------------------------- + + Destroyer(final ExpirableObject target) + { + super(); + this.target = target; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public void run() + { + try + { + if (!target.isDestroyed()) + target.doDestroy(); + } + catch (DestroyFailedException dfe) + { + } + } + } +} diff --git a/libjava/classpath/gnu/java/security/util/FormatUtil.java b/libjava/classpath/gnu/java/security/util/FormatUtil.java new file mode 100644 index 0000000..eed669c --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/FormatUtil.java @@ -0,0 +1,140 @@ +/* FormatUtil.java -- Encoding and decoding format utility methods + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import gnu.java.security.Registry; + +/** + * Encoding and decoding format utility methods. + */ +public class FormatUtil +{ + /** Trivial constructor to enforce Singleton pattern. */ + private FormatUtil() + { + super(); + } + + /** + * Returns the fully qualified name of the designated encoding ID. + * + * @param formatID the unique identifier of the encoding format. + * @return the fully qualified name of the designated format. Returns + * null if no such encoding format is known. + */ + public static final String getEncodingName(int formatID) + { + String result = null; + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + result = Registry.RAW_ENCODING; + break; + case Registry.X509_ENCODING_ID: + result = Registry.X509_ENCODING; + break; + case Registry.PKCS8_ENCODING_ID: + result = Registry.PKCS8_ENCODING; + break; + case Registry.ASN1_ENCODING_ID: + result = Registry.ASN1_ENCODING; + break; + } + + return result; + } + + /** + * Returns the short name of the designated encoding ID. This is used by the + * JCE Adapters. + * + * @param formatID the unique identifier of the encoding format. + * @return the short name of the designated format. Returns null + * if no such encoding format is known. + */ + public static final String getEncodingShortName(int formatID) + { + String result = null; + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + result = Registry.RAW_ENCODING_SHORT_NAME; + break; + case Registry.X509_ENCODING_ID: + result = Registry.X509_ENCODING_SORT_NAME; + break; + case Registry.PKCS8_ENCODING_ID: + result = Registry.PKCS8_ENCODING_SHORT_NAME; + break; + case Registry.ASN1_ENCODING_ID: + result = Registry.ASN1_ENCODING_SHORT_NAME; + break; + } + + return result; + } + + /** + * Returns the identifier of the encoding format given its short name. + * + * @param name the case-insensitive canonical short name of an encoding + * format. + * @return the identifier of the designated encoding format, or 0 + * if the name does not correspond to any known format. + */ + public static final int getFormatID(String name) + { + if (name == null) + return 0; + + name = name.trim(); + if (name.length() == 0) + return 0; + + int result = 0; + if (name.equalsIgnoreCase(Registry.RAW_ENCODING_SHORT_NAME)) + result = Registry.RAW_ENCODING_ID; + else if (name.equalsIgnoreCase(Registry.X509_ENCODING_SORT_NAME)) + result = Registry.X509_ENCODING_ID; + else if (name.equalsIgnoreCase(Registry.PKCS8_ENCODING_SHORT_NAME)) + result = Registry.PKCS8_ENCODING_ID; + + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/util/PRNG.java b/libjava/classpath/gnu/java/security/util/PRNG.java new file mode 100644 index 0000000..138cc6b --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/PRNG.java @@ -0,0 +1,156 @@ +/* PRNG.java -- A Utility methods for default source of randomness + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.util.HashMap; + +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.prng.MDGenerator; + +/** + * A useful hash-based (SHA) pseudo-random number generator used + * throughout this library. + * + * @see MDGenerator + */ +public class PRNG +{ + // Constans and fields + // -------------------------------------------------------------------------- + + /** The underlying {@link IRandom}. */ + private IRandom delegate; + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** + * Private constructor to enforce using the Factory method. + * + * @param delegate + * the undelying {@link IRandom} object used. + */ + private PRNG(IRandom delegate) + { + super(); + + this.delegate = delegate; + } + + // Class methods + // -------------------------------------------------------------------------- + + public static final PRNG getInstance() + { + IRandom delegate = new MDGenerator(); + try + { + HashMap map = new HashMap(); + // initialise it with a seed + long t = System.currentTimeMillis(); + byte[] seed = new byte[] { + (byte) (t >>> 56), (byte) (t >>> 48), + (byte) (t >>> 40), (byte) (t >>> 32), + (byte) (t >>> 24), (byte) (t >>> 16), + (byte) (t >>> 8), (byte) t}; + map.put(MDGenerator.SEEED, seed); + delegate.init(map); // default is to use SHA-1 hash + } + catch (Exception x) + { + throw new ExceptionInInitializerError(x); + } + + return new PRNG(delegate); + } + + // Instance methods + // -------------------------------------------------------------------------- + + /** + * Completely fills the designated buffer with random data + * generated by the underlying delegate. + * + * @param buffer + * the place holder of random bytes generated by the underlying + * delegate. On output, the contents of buffer are + * replaced with pseudo-random data, iff the buffer + * size is not zero. + */ + public void nextBytes(byte[] buffer) + { + nextBytes(buffer, 0, buffer.length); + } + + /** + * Fills the designated buffer, starting from byte at position + * offset with, at most, length bytes of random + * data generated by the underlying delegate. + * + * @see IRandom#nextBytes + */ + public void nextBytes(byte[] buffer, int offset, int length) + { + try + { + delegate.nextBytes(buffer, offset, length); + } + catch (LimitReachedException x) // re-initialise with a seed + { + try + { + HashMap map = new HashMap(); + long t = System.currentTimeMillis(); + byte[] seed = new byte[] { + (byte)(t >>> 56), (byte)(t >>> 48), + (byte)(t >>> 40), (byte)(t >>> 32), + (byte)(t >>> 24), (byte)(t >>> 16), + (byte)(t >>> 8), (byte) t }; + map.put(MDGenerator.SEEED, seed); + delegate.init(map); // default is to use SHA-1 hash + delegate.nextBytes(buffer, offset, length); + } + catch (Exception y) + { + throw new ExceptionInInitializerError(y); + } + } + } +} diff --git a/libjava/classpath/gnu/java/security/util/Prime2.java b/libjava/classpath/gnu/java/security/util/Prime2.java new file mode 100644 index 0000000..6e46f5f --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/Prime2.java @@ -0,0 +1,417 @@ +/* Prime2.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.io.PrintWriter; +import java.lang.ref.WeakReference; +import java.math.BigInteger; +import java.util.Map; +import java.util.WeakHashMap; + +/** + *

A collection of prime number related utilities used in this library.

+ */ +public class Prime2 +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "prime"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 5; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int DEFAULT_CERTAINTY = 20; // XXX is this a good value? + + private static final BigInteger ZERO = BigInteger.ZERO; + + private static final BigInteger ONE = BigInteger.ONE; + + private static final BigInteger TWO = BigInteger.valueOf(2L); + + /** + * The first SMALL_PRIME primes: Algorithm P, section 1.3.2, The Art of + * Computer Programming, Donald E. Knuth. + */ + private static final int SMALL_PRIME_COUNT = 1000; + + private static final BigInteger[] SMALL_PRIME = new BigInteger[SMALL_PRIME_COUNT]; + static + { + long time = -System.currentTimeMillis(); + SMALL_PRIME[0] = TWO; + int N = 3; + int J = 0; + int prime; + P2: while (true) + { + SMALL_PRIME[++J] = BigInteger.valueOf(N); + if (J >= 999) + { + break P2; + } + P4: while (true) + { + N += 2; + P6: for (int K = 1; true; K++) + { + prime = SMALL_PRIME[K].intValue(); + if ((N % prime) == 0) + { + continue P4; + } + else if ((N / prime) <= prime) + { + continue P2; + } + } + } + } + time += System.currentTimeMillis(); + if (DEBUG && debuglevel > 8) + { + StringBuffer sb; + for (int i = 0; i < (SMALL_PRIME_COUNT / 10); i++) + { + sb = new StringBuffer(); + for (int j = 0; j < 10; j++) + { + sb.append(String.valueOf(SMALL_PRIME[i * 10 + j])).append(" "); + } + debug(sb.toString()); + } + } + if (DEBUG && debuglevel > 4) + { + debug("Generating first " + String.valueOf(SMALL_PRIME_COUNT) + + " primes took: " + String.valueOf(time) + " ms."); + } + } + + private static final Map knownPrimes = new WeakHashMap(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private Prime2() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Trial division for the first 1000 small primes.

+ * + *

Returns true if at least one small prime, among the first + * 1000 ones, was found to divide the designated number. Retuens false + * otherwise.

+ * + * @param w the number to test. + * @return true if at least one small prime was found to divide + * the designated number. + */ + public static boolean hasSmallPrimeDivisor(BigInteger w) + { + BigInteger prime; + for (int i = 0; i < SMALL_PRIME_COUNT; i++) + { + prime = SMALL_PRIME[i]; + if (w.mod(prime).equals(ZERO)) + { + if (DEBUG && debuglevel > 4) + { + debug(prime.toString(16) + " | " + w.toString(16) + "..."); + } + return true; + } + } + if (DEBUG && debuglevel > 4) + { + debug(w.toString(16) + " has no small prime divisors..."); + } + return false; + } + + /** + *

Java port of Colin Plumb primality test (Euler Criterion) + * implementation for a base of 2 --from bnlib-1.1 release, function + * primeTest() in prime.c. this is his comments.

+ * + *

"Now, check that bn is prime. If it passes to the base 2, it's prime + * beyond all reasonable doubt, and everything else is just gravy, but it + * gives people warm fuzzies to do it.

+ * + *

This starts with verifying Euler's criterion for a base of 2. This is + * the fastest pseudoprimality test that I know of, saving a modular squaring + * over a Fermat test, as well as being stronger. 7/8 of the time, it's as + * strong as a strong pseudoprimality test, too. (The exception being when + * bn == 1 mod 8 and 2 is a quartic residue, i.e. + * bn is of the form a^2 + (8*b)^2.) The precise + * series of tricks used here is not documented anywhere, so here's an + * explanation. Euler's criterion states that if p is prime + * then a^((p-1)/2) is congruent to Jacobi(a,p), + * modulo p. Jacobi(a, p) is a function which is + * +1 if a is a square modulo p, and -1 + * if it is not. For a = 2, this is particularly simple. It's + * +1 if p == +/-1 (mod 8), and -1 if + * m == +/-3 (mod 8). If p == 3 (mod 4), then all + * a strong test does is compute 2^((p-1)/2). and see if it's + * +1 or -1. (Euler's criterion says which + * it should be.) If p == 5 (mod 8), then 2^((p-1)/2) + * is -1, so the initial step in a strong test, looking at + * 2^((p-1)/4), is wasted --you're not going to find a + * +/-1 before then if it is prime, and it shouldn't + * have either of those values if it isn't. So don't bother.

+ * + *

The remaining case is p == 1 (mod 8). In this case, we + * expect 2^((p-1)/2) == 1 (mod p), so we expect that the + * square root of this, 2^((p-1)/4), will be +/-1 (mod p) + * . Evaluating this saves us a modular squaring 1/4 of the time. If + * it's -1, a strong pseudoprimality test would call p + * prime as well. Only if the result is +1, indicating that + * 2 is not only a quadratic residue, but a quartic one as well, + * does a strong pseudoprimality test verify more things than this test does. + * Good enough.

+ * + *

We could back that down another step, looking at 2^((p-1)/8) + * if there was a cheap way to determine if 2 were expected to + * be a quartic residue or not. Dirichlet proved that 2 is a + * quadratic residue iff p is of the form a^2 + (8*b^2). + * All primes == 1 (mod 4) can be expressed as a^2 + + * (2*b)^2, but I see no cheap way to evaluate this condition."

+ * + * @param bn the number to test. + * @return true iff the designated number passes Euler criterion + * as implemented by Colin Plumb in his bnlib version 1.1. + */ + public static boolean passEulerCriterion(final BigInteger bn) + { + BigInteger bn_minus_one = bn.subtract(ONE); + BigInteger e = bn_minus_one; + // l is the 3 least-significant bits of e + int l = e.and(BigInteger.valueOf(7L)).intValue(); + int j = 1; // Where to start in prime array for strong prime tests + BigInteger a; + int k; + + if (l != 0) + { + e = e.shiftRight(1); + a = TWO.modPow(e, bn); + if (l == 6) // bn == 7 mod 8, expect +1 + { + if (a.bitLength() != 1) + { + debugBI("Fails Euler criterion #1", bn); + return false; // Not prime + } + k = 1; + } + else // bn == 3 or 5 mod 8, expect -1 == bn-1 + { + a = a.add(ONE); + if (a.compareTo(bn) != 0) + { + debugBI("Fails Euler criterion #2", bn); + return false; // Not prime + } + k = 1; + if ((l & 4) != 0) // bn == 5 mod 8, make odd for strong tests + { + e = e.shiftRight(1); + k = 2; + } + } + } + else // bn == 1 mod 8, expect 2^((bn-1)/4) == +/-1 mod bn + { + e = e.shiftRight(2); + a = TWO.modPow(e, bn); + if (a.bitLength() == 1) + j = 0; // Re-do strong prime test to base 2 + else + { + a = a.add(ONE); + if (a.compareTo(bn) != 0) + { + debugBI("Fails Euler criterion #3", bn); + return false; // Not prime + } + } + // bnMakeOdd(n) = d * 2^s. Replaces n with d and returns s. + k = e.getLowestSetBit(); + e = e.shiftRight(k); + k += 2; + } + // It's prime! Now go on to confirmation tests + + // Now, e = (bn-1)/2^k is odd. k >= 1, and has a given value with + // probability 2^-k, so its expected value is 2. j = 1 in the usual case + // when the previous test was as good as a strong prime test, but 1/8 of + // the time, j = 0 because the strong prime test to the base 2 needs to + // be re-done. + for (int i = j; i < 7; i++) // try only the first 7 primes + { + a = SMALL_PRIME[i]; + a = a.modPow(e, bn); + if (a.bitLength() == 1) + continue; // Passed this test + + l = k; + while (true) + { +// a = a.add(ONE); +// if (a.compareTo(w) == 0) { // Was result bn-1? + if (a.compareTo(bn_minus_one) == 0) // Was result bn-1? + break; // Prime + + if (--l == 0) // Reached end, not -1? luck? + { + debugBI("Fails Euler criterion #4", bn); + return false; // Failed, not prime + } + // This portion is executed, on average, once +// a = a.subtract(ONE); // Put a back where it was + a = a.modPow(TWO, bn); + if (a.bitLength() == 1) + { + debugBI("Fails Euler criterion #5", bn); + return false; // Failed, not prime + } + } + // It worked (to the base primes[i]) + } + debugBI("Passes Euler criterion", bn); + return true; + } + + public static boolean isProbablePrime(BigInteger w) + { + return isProbablePrime(w, DEFAULT_CERTAINTY); + } + + /** + * Wrapper around {@link BigInteger#isProbablePrime(int)} with few pre-checks. + * + * @param w the integer to test. + * @param certainty the certainty with which to compute the test. + */ + public static boolean isProbablePrime(BigInteger w, int certainty) + { + // Nonnumbers are not prime. + if (w == null) + return false; + + // eliminate trivial cases when w == 0 or 1 + if (w.equals(ZERO) || w.equals(ONE)) + return false; + + // Test if w is a known small prime. + for (int i = 0; i < SMALL_PRIME_COUNT; i++) + if (w.equals(SMALL_PRIME[i])) + { + if (DEBUG && debuglevel > 4) + debug(w.toString(16) + " is a small prime"); + return true; + } + + // Check if it's already a known prime + WeakReference obj = (WeakReference) knownPrimes.get(w); + if (obj != null && w.equals(obj.get())) + { + if (DEBUG && debuglevel > 4) + debug("found in known primes"); + return true; + } + + // trial division with first 1000 primes + if (hasSmallPrimeDivisor(w)) + { + if (DEBUG && debuglevel > 4) + debug(w.toString(16) + " has a small prime divisor. Rejected..."); + return false; + } + +// Euler's criterion. +// if (passEulerCriterion(w)) { +// if (DEBUG && debuglevel > 4) { +// debug(w.toString(16)+" passes Euler's criterion..."); +// } +// } else { +// if (DEBUG && debuglevel > 4) { +// debug(w.toString(16)+" fails Euler's criterion. Rejected..."); +// } +// return false; +// } +// +// if (DEBUG && debuglevel > 4) +// { +// debug(w.toString(16) + " is probable prime. Accepted..."); +// } + + boolean result = w.isProbablePrime(certainty); + if (result && certainty > 0) // store it in the known primes weak hash-map + knownPrimes.put(w, new WeakReference(w)); + + return result; + } + + // helper methods ----------------------------------------------------------- + + private static final void debugBI(String msg, BigInteger bn) + { + if (DEBUG && debuglevel > 4) + debug("*** " + msg + ": 0x" + bn.toString(16)); + } +} diff --git a/libjava/classpath/gnu/java/security/util/Sequence.java b/libjava/classpath/gnu/java/security/util/Sequence.java new file mode 100644 index 0000000..5edc794 --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/Sequence.java @@ -0,0 +1,149 @@ +/* Sequence.java -- a sequence of integers. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.util.AbstractList; +import java.util.LinkedList; + +/** + * A monotonic sequence of integers in the finite field 232. + */ +public final class Sequence extends AbstractList +{ + + // Field. + // ------------------------------------------------------------------------ + + private final Integer[] sequence; + + // Constructor. + // ------------------------------------------------------------------------ + + /** + * Create a sequence of integers from 0 to end, with an increment + * of 1. If end is less than 0, then the sequence will wrap around + * through all positive integers then negative integers until the end + * value is reached. Naturally, this will result in an enormous object, + * so don't do this. + * + * @param end The ending value. + */ + public Sequence(int end) + { + this(0, end, 1); + } + + /** + * Create a sequence of integers from start to end, with an + * increment of 1. If end is less than start, then the sequence + * will wrap around until the end value is reached. Naturally, this will + * result in an enormous object, so don't do this. + * + * @param start The starting value. + * @param end The ending value. + */ + public Sequence(int start, int end) + { + this(start, end, 1); + } + + /** + * Create a sequence of integers from start to end, with an + * increment of span. If end is less than start, then + * the sequence will wrap around until the end value is reached. Naturally, + * this will result in an enormous object, so don't do this. + * + *

span can be negative, resulting in a decresing sequence. + * + *

If span is 0, then the sequence will contain {start, + * end} if start != end, or just the singleton + * start if start == end. + * + * @param start The starting value. + * @param end The ending value. + * @param span The increment value. + */ + public Sequence(int start, int end, int span) + { + if (span == 0) + { + if (start != end) + { + sequence = new Integer[] { new Integer(start), new Integer(end) }; + } + else + { + sequence = new Integer[] { new Integer(start) }; + } + } + else + { + LinkedList l = new LinkedList(); + for (int i = start; i != end; i += span) + { + l.add(new Integer(i)); + } + l.add(new Integer(end)); + sequence = (Integer[]) l.toArray(new Integer[l.size()]); + } + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public Object get(int index) + { + if (index < 0 || index >= size()) + { + throw new IndexOutOfBoundsException("index=" + index + ", size=" + + size()); + } + return sequence[index]; + } + + public int size() + { + return sequence.length; + } + + public Object[] toArray() + { + return (Object[]) sequence.clone(); + } +} diff --git a/libjava/classpath/gnu/java/security/util/SimpleList.java b/libjava/classpath/gnu/java/security/util/SimpleList.java new file mode 100644 index 0000000..b2525c4 --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/SimpleList.java @@ -0,0 +1,171 @@ +/* SimpleList.java -- simple way to make tuples. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.util.AbstractList; +import java.util.Collection; +import java.util.Iterator; + +/** + * A simple way to create immutable n-tuples. This class can be created with + * up to four elements specified via one of the constructors, or with a + * collection of arbitrary size. + */ +public final class SimpleList extends AbstractList +{ + + // Fields. + // ------------------------------------------------------------------------ + + private final Object[] elements; + + // Constructors. + // ------------------------------------------------------------------------ + + /** + * Create a singleton list. + * + * @param e1 The first element. + */ + public SimpleList(final Object element) + { + elements = new Object[1]; + elements[0] = element; + } + + /** + * Create an ordered pair (2-tuple). + * + * @param e1 The first element. + * @param e2 The second element. + */ + public SimpleList(final Object e1, final Object e2) + { + elements = new Object[2]; + elements[0] = e1; + elements[1] = e2; + } + + /** + * Create a 3-tuple. + * + * @param e1 The first element. + * @param e2 The second element. + * @param e3 The third element. + */ + public SimpleList(final Object e1, final Object e2, final Object e3) + { + elements = new Object[3]; + elements[0] = e1; + elements[1] = e2; + elements[2] = e3; + } + + /** + * Create a 4-tuple. + * + * @param e1 The first element. + * @param e2 The second element. + * @param e3 The third element. + * @param e4 The fourth element. + */ + public SimpleList(final Object e1, final Object e2, final Object e3, + final Object e4) + { + elements = new Object[4]; + elements[0] = e1; + elements[1] = e2; + elements[2] = e3; + elements[3] = e4; + } + + /** + * Create the empty list. + */ + public SimpleList() + { + elements = null; + } + + /** + * Create an n-tuple of arbitrary size. Even if the supplied collection has + * no natural order, the created n-tuple will have the order that the + * elements are returned by the collection's iterator. + * + * @param c The collection. + */ + public SimpleList(Collection c) + { + elements = new Object[c.size()]; + int i = 0; + for (Iterator it = c.iterator(); it.hasNext() && i < elements.length;) + { + elements[i++] = it.next(); + } + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public int size() + { + if (elements == null) + return 0; + return elements.length; + } + + public Object get(int index) + { + if (elements == null) + { + throw new IndexOutOfBoundsException("list is empty"); + } + if (index < 0 || index >= elements.length) + { + throw new IndexOutOfBoundsException("index=" + index + ", size=" + + size()); + } + return elements[index]; + } + + public String toString() + { + return SimpleList.class.getName() + "(" + size() + ") " + super.toString(); + } +} diff --git a/libjava/classpath/gnu/java/security/util/Util.java b/libjava/classpath/gnu/java/security/util/Util.java new file mode 100644 index 0000000..53f8e3c --- /dev/null +++ b/libjava/classpath/gnu/java/security/util/Util.java @@ -0,0 +1,692 @@ +/* Util.java -- various utility routines. + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.util; + +import java.math.BigInteger; + +/** + *

A collection of utility methods used throughout this project.

+ * + * @version $Revision: 1.1 $ + */ +public class Util +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Hex charset + private static final char[] HEX_DIGITS = "0123456789ABCDEF".toCharArray(); + + // Base-64 charset + private static final String BASE64_CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./"; + + private static final char[] BASE64_CHARSET = BASE64_CHARS.toCharArray(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private Util() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns a string of hexadecimal digits from a byte array. Each byte is + * converted to 2 hex symbols; zero(es) included.

+ * + *

This method calls the method with same name and three arguments as:

+ * + * 
+   *    toString(ba, 0, ba.length);
+   *
+ * + * @param ba the byte array to convert. + * @return a string of hexadecimal characters (two for each byte) + * representing the designated input byte array. + */ + public static String toString(byte[] ba) + { + return toString(ba, 0, ba.length); + } + + /** + *

Returns a string of hexadecimal digits from a byte array, starting at + * offset and consisting of length bytes. Each byte + * is converted to 2 hex symbols; zero(es) included.

+ * + * @param ba the byte array to convert. + * @param offset the index from which to start considering the bytes to + * convert. + * @param length the count of bytes, starting from the designated offset to + * convert. + * @return a string of hexadecimal characters (two for each byte) + * representing the designated input byte sub-array. + */ + public static final String toString(byte[] ba, int offset, int length) + { + char[] buf = new char[length * 2]; + for (int i = 0, j = 0, k; i < length;) + { + k = ba[offset + i++]; + buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F]; + buf[j++] = HEX_DIGITS[k & 0x0F]; + } + return new String(buf); + } + + /** + *

Returns a string of hexadecimal digits from a byte array. Each byte is + * converted to 2 hex symbols; zero(es) included. The argument is + * treated as a large little-endian integer and is returned as a + * large big-endian integer.

+ * + *

This method calls the method with same name and three arguments as:

+ * + * 
+   *    toReversedString(ba, 0, ba.length);
+   *
+ * + * @param ba the byte array to convert. + * @return a string of hexadecimal characters (two for each byte) + * representing the designated input byte array. + */ + public static String toReversedString(byte[] ba) + { + return toReversedString(ba, 0, ba.length); + } + + /** + *

Returns a string of hexadecimal digits from a byte array, starting at + * offset and consisting of length bytes. Each byte + * is converted to 2 hex symbols; zero(es) included.

+ * + *

The byte array is treated as a large little-endian integer, and + * is returned as a large big-endian integer.

+ * + * @param ba the byte array to convert. + * @param offset the index from which to start considering the bytes to + * convert. + * @param length the count of bytes, starting from the designated offset to + * convert. + * @return a string of hexadecimal characters (two for each byte) + * representing the designated input byte sub-array. + */ + public static final String toReversedString(byte[] ba, int offset, int length) + { + char[] buf = new char[length * 2]; + for (int i = offset + length - 1, j = 0, k; i >= offset;) + { + k = ba[offset + i--]; + buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F]; + buf[j++] = HEX_DIGITS[k & 0x0F]; + } + return new String(buf); + } + + /** + *

Returns a byte array from a string of hexadecimal digits.

+ * + * @param s a string of hexadecimal ASCII characters + * @return the decoded byte array from the input hexadecimal string. + */ + public static byte[] toBytesFromString(String s) + { + int limit = s.length(); + byte[] result = new byte[((limit + 1) / 2)]; + int i = 0, j = 0; + if ((limit % 2) == 1) + { + result[j++] = (byte) fromDigit(s.charAt(i++)); + } + while (i < limit) + { + result[j] = (byte) (fromDigit(s.charAt(i++)) << 4); + result[j++] |= (byte) fromDigit(s.charAt(i++)); + } + return result; + } + + /** + *

Returns a byte array from a string of hexadecimal digits, interpreting + * them as a large big-endian integer and returning it as a large + * little-endian integer.

+ * + * @param s a string of hexadecimal ASCII characters + * @return the decoded byte array from the input hexadecimal string. + */ + public static byte[] toReversedBytesFromString(String s) + { + int limit = s.length(); + byte[] result = new byte[((limit + 1) / 2)]; + int i = 0; + if ((limit % 2) == 1) + { + result[i++] = (byte) fromDigit(s.charAt(--limit)); + } + while (limit > 0) + { + result[i] = (byte) fromDigit(s.charAt(--limit)); + result[i++] |= (byte) (fromDigit(s.charAt(--limit)) << 4); + } + return result; + } + + /** + *

Returns a number from 0 to 15 corresponding + * to the designated hexadecimal digit.

+ * + * @param c a hexadecimal ASCII symbol. + */ + public static int fromDigit(char c) + { + if (c >= '0' && c <= '9') + { + return c - '0'; + } + else if (c >= 'A' && c <= 'F') + { + return c - 'A' + 10; + } + else if (c >= 'a' && c <= 'f') + { + return c - 'a' + 10; + } + else + throw new IllegalArgumentException("Invalid hexadecimal digit: " + c); + } + + /** + *

Returns a string of 8 hexadecimal digits (most significant digit first) + * corresponding to the unsigned integer n.

+ * + * @param n the unsigned integer to convert. + * @return a hexadecimal string 8-character long. + */ + public static String toString(int n) + { + char[] buf = new char[8]; + for (int i = 7; i >= 0; i--) + { + buf[i] = HEX_DIGITS[n & 0x0F]; + n >>>= 4; + } + return new String(buf); + } + + /** + *

Returns a string of hexadecimal digits from an integer array. Each int + * is converted to 4 hex symbols.

+ */ + public static String toString(int[] ia) + { + int length = ia.length; + char[] buf = new char[length * 8]; + for (int i = 0, j = 0, k; i < length; i++) + { + k = ia[i]; + buf[j++] = HEX_DIGITS[(k >>> 28) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 24) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 20) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 16) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 12) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 8) & 0x0F]; + buf[j++] = HEX_DIGITS[(k >>> 4) & 0x0F]; + buf[j++] = HEX_DIGITS[k & 0x0F]; + } + return new String(buf); + } + + /** + *

Returns a string of 16 hexadecimal digits (most significant digit first) + * corresponding to the unsigned long n.

+ * + * @param n the unsigned long to convert. + * @return a hexadecimal string 16-character long. + */ + public static String toString(long n) + { + char[] b = new char[16]; + for (int i = 15; i >= 0; i--) + { + b[i] = HEX_DIGITS[(int) (n & 0x0FL)]; + n >>>= 4; + } + return new String(b); + } + + /** + *

Similar to the toString() method except that the Unicode + * escape character is inserted before every pair of bytes. Useful to + * externalise byte arrays that will be constructed later from such strings; + * eg. s-box values.

+ * + * @throws ArrayIndexOutOfBoundsException if the length is odd. + */ + public static String toUnicodeString(byte[] ba) + { + return toUnicodeString(ba, 0, ba.length); + } + + /** + *

Similar to the toString() method except that the Unicode + * escape character is inserted before every pair of bytes. Useful to + * externalise byte arrays that will be constructed later from such strings; + * eg. s-box values.

+ * + * @throws ArrayIndexOutOfBoundsException if the length is odd. + */ + public static final String toUnicodeString(byte[] ba, int offset, int length) + { + StringBuffer sb = new StringBuffer(); + int i = 0; + int j = 0; + int k; + sb.append('\n').append("\""); + while (i < length) + { + sb.append("\\u"); + + k = ba[offset + i++]; + sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]); + sb.append(HEX_DIGITS[k & 0x0F]); + + k = ba[offset + i++]; + sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]); + sb.append(HEX_DIGITS[k & 0x0F]); + + if ((++j % 8) == 0) + { + sb.append("\"+").append('\n').append("\""); + } + } + sb.append("\"").append('\n'); + return sb.toString(); + } + + /** + *

Similar to the toString() method except that the Unicode + * escape character is inserted before every pair of bytes. Useful to + * externalise integer arrays that will be constructed later from such + * strings; eg. s-box values.

+ * + * @throws ArrayIndexOutOfBoundsException if the length is not a multiple of 4. + */ + public static String toUnicodeString(int[] ia) + { + StringBuffer sb = new StringBuffer(); + int i = 0; + int j = 0; + int k; + sb.append('\n').append("\""); + while (i < ia.length) + { + k = ia[i++]; + sb.append("\\u"); + sb.append(HEX_DIGITS[(k >>> 28) & 0x0F]); + sb.append(HEX_DIGITS[(k >>> 24) & 0x0F]); + sb.append(HEX_DIGITS[(k >>> 20) & 0x0F]); + sb.append(HEX_DIGITS[(k >>> 16) & 0x0F]); + sb.append("\\u"); + sb.append(HEX_DIGITS[(k >>> 12) & 0x0F]); + sb.append(HEX_DIGITS[(k >>> 8) & 0x0F]); + sb.append(HEX_DIGITS[(k >>> 4) & 0x0F]); + sb.append(HEX_DIGITS[k & 0x0F]); + + if ((++j % 4) == 0) + { + sb.append("\"+").append('\n').append("\""); + } + } + sb.append("\"").append('\n'); + return sb.toString(); + } + + public static byte[] toBytesFromUnicode(String s) + { + int limit = s.length() * 2; + byte[] result = new byte[limit]; + char c; + for (int i = 0; i < limit; i++) + { + c = s.charAt(i >>> 1); + result[i] = (byte) (((i & 1) == 0) ? c >>> 8 : c); + } + return result; + } + + /** + *

Dumps a byte array as a string, in a format that is easy to read for + * debugging. The string m is prepended to the start of each + * line.

+ * + *

If offset and length are omitted, the whole + * array is used. If m is omitted, nothing is prepended to each + * line.

+ * + * @param data the byte array to be dumped. + * @param offset the offset within data to start from. + * @param length the number of bytes to dump. + * @param m a string to be prepended to each line. + * @return a string containing the result. + */ + public static String dumpString(byte[] data, int offset, int length, String m) + { + if (data == null) + { + return m + "null\n"; + } + StringBuffer sb = new StringBuffer(length * 3); + if (length > 32) + { + sb.append(m).append("Hexadecimal dump of ").append(length).append( + " bytes...\n"); + } + // each line will list 32 bytes in 4 groups of 8 each + int end = offset + length; + String s; + int l = Integer.toString(length).length(); + if (l < 4) + { + l = 4; + } + for (; offset < end; offset += 32) + { + if (length > 32) + { + s = " " + offset; + sb.append(m).append(s.substring(s.length() - l)).append(": "); + } + int i = 0; + for (; i < 32 && offset + i + 7 < end; i += 8) + { + sb.append(toString(data, offset + i, 8)).append(' '); + } + if (i < 32) + { + for (; i < 32 && offset + i < end; i++) + { + sb.append(byteToString(data[offset + i])); + } + } + sb.append('\n'); + } + return sb.toString(); + } + + public static String dumpString(byte[] data) + { + return (data == null) ? "null\n" : dumpString(data, 0, data.length, ""); + } + + public static String dumpString(byte[] data, String m) + { + return (data == null) ? "null\n" : dumpString(data, 0, data.length, m); + } + + public static String dumpString(byte[] data, int offset, int length) + { + return dumpString(data, offset, length, ""); + } + + /** + *

Returns a string of 2 hexadecimal digits (most significant digit first) + * corresponding to the lowest 8 bits of n.

+ * + * @param n the byte value to convert. + * @return a string of 2 hex characters representing the input. + */ + public static String byteToString(int n) + { + char[] buf = { HEX_DIGITS[(n >>> 4) & 0x0F], HEX_DIGITS[n & 0x0F] }; + return new String(buf); + } + + /** + *

Converts a designated byte array to a Base-64 representation, with the + * exceptions that (a) leading 0-byte(s) are ignored, and (b) the character + * '.' (dot) shall be used instead of "+' (plus).

+ * + *

Used by SASL password file manipulation primitives.

+ * + * @param buffer an arbitrary sequence of bytes to represent in Base-64. + * @return unpadded (without the '=' character(s)) Base-64 representation of + * the input. + */ + public static final String toBase64(byte[] buffer) + { + int len = buffer.length, pos = len % 3; + byte b0 = 0, b1 = 0, b2 = 0; + switch (pos) + { + case 1: + b2 = buffer[0]; + break; + case 2: + b1 = buffer[0]; + b2 = buffer[1]; + break; + } + StringBuffer sb = new StringBuffer(); + int c; + boolean notleading = false; + do + { + c = (b0 & 0xFC) >>> 2; + if (notleading || c != 0) + { + sb.append(BASE64_CHARSET[c]); + notleading = true; + } + c = ((b0 & 0x03) << 4) | ((b1 & 0xF0) >>> 4); + if (notleading || c != 0) + { + sb.append(BASE64_CHARSET[c]); + notleading = true; + } + c = ((b1 & 0x0F) << 2) | ((b2 & 0xC0) >>> 6); + if (notleading || c != 0) + { + sb.append(BASE64_CHARSET[c]); + notleading = true; + } + c = b2 & 0x3F; + if (notleading || c != 0) + { + sb.append(BASE64_CHARSET[c]); + notleading = true; + } + if (pos >= len) + { + break; + } + else + { + try + { + b0 = buffer[pos++]; + b1 = buffer[pos++]; + b2 = buffer[pos++]; + } + catch (ArrayIndexOutOfBoundsException x) + { + break; + } + } + } + while (true); + + if (notleading) + { + return sb.toString(); + } + return "0"; + } + + /** + *

The inverse function of the above.

+ * + *

Converts a string representing the encoding of some bytes in Base-64 + * to their original form.

+ * + * @param str the Base-64 encoded representation of some byte(s). + * @return the bytes represented by the str. + * @throws NumberFormatException if str is null, or + * str contains an illegal Base-64 character. + * @see #toBase64(byte[]) + */ + public static final byte[] fromBase64(String str) + { + int len = str.length(); + if (len == 0) + { + throw new NumberFormatException("Empty string"); + } + byte[] a = new byte[len + 1]; + int i, j; + for (i = 0; i < len; i++) + { + try + { + a[i] = (byte) BASE64_CHARS.indexOf(str.charAt(i)); + } + catch (ArrayIndexOutOfBoundsException x) + { + throw new NumberFormatException("Illegal character at #" + i); + } + } + i = len - 1; + j = len; + try + { + while (true) + { + a[j] = a[i]; + if (--i < 0) + { + break; + } + a[j] |= (a[i] & 0x03) << 6; + j--; + a[j] = (byte) ((a[i] & 0x3C) >>> 2); + if (--i < 0) + { + break; + } + a[j] |= (a[i] & 0x0F) << 4; + j--; + a[j] = (byte) ((a[i] & 0x30) >>> 4); + if (--i < 0) + { + break; + } + a[j] |= (a[i] << 2); + j--; + a[j] = 0; + if (--i < 0) + { + break; + } + } + } + catch (Exception ignored) + { + } + + try + { // ignore leading 0-bytes + while (a[j] == 0) + { + j++; + } + } + catch (Exception x) + { + return new byte[1]; // one 0-byte + } + byte[] result = new byte[len - j + 1]; + System.arraycopy(a, j, result, 0, len - j + 1); + return result; + } + + // BigInteger utilities ---------------------------------------------------- + + /** + *

Treats the input as the MSB representation of a number, and discards + * leading zero elements. For efficiency, the input is simply returned if no + * leading zeroes are found.

+ * + * @param n the {@link BigInteger} to trim. + * @return the byte array representation of the designated {@link BigInteger} + * with no leading 0-bytes. + */ + public static final byte[] trim(BigInteger n) + { + byte[] in = n.toByteArray(); + if (in.length == 0 || in[0] != 0) + { + return in; + } + int len = in.length; + int i = 1; + while (in[i] == 0 && i < len) + { + ++i; + } + byte[] result = new byte[len - i]; + System.arraycopy(in, i, result, 0, len - i); + return result; + } + + /** + *

Returns a hexadecimal dump of the trimmed bytes of a {@link BigInteger}. + *

+ * + * @param x the {@link BigInteger} to display. + * @return the string representation of the designated {@link BigInteger}. + */ + public static final String dump(BigInteger x) + { + return dumpString(trim(x)); + } +} diff --git a/libjava/classpath/gnu/java/security/x509/X509Certificate.java b/libjava/classpath/gnu/java/security/x509/X509Certificate.java index 14ac43a..cf01617 100644 --- a/libjava/classpath/gnu/java/security/x509/X509Certificate.java +++ b/libjava/classpath/gnu/java/security/x509/X509Certificate.java @@ -40,7 +40,6 @@ package gnu.java.security.x509; import gnu.classpath.debug.Component; import gnu.classpath.debug.SystemLogger; - import gnu.java.security.OID; import gnu.java.security.der.BitString; import gnu.java.security.der.DER; @@ -88,8 +87,6 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; - -import java.util.logging.Level; import java.util.logging.Logger; import javax.security.auth.x500.X500Principal; @@ -661,10 +658,7 @@ public class X509Certificate extends java.security.cert.X509Certificate der.skip(spki.getLength()); logger.log (Component.X509, "read subjectPublicKey == {0}", subjectKey); - if (version > 1) - { - val = der.read(); - } + val = der.read(); if (version >= 2 && val.getTagClass() != DER.UNIVERSAL && val.getTag() == 1) { byte[] b = (byte[]) val.getValue(); diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java index e92aeda..dae94cd 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java +++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java @@ -52,6 +52,8 @@ import java.util.Iterator; import java.util.LinkedList; import java.util.List; +import javax.security.auth.x500.X500Principal; + public class GeneralNames { @@ -81,12 +83,14 @@ public class GeneralNames if (!nameList.isConstructed()) throw new IOException("malformed GeneralNames"); int len = 0; + int i = 0; while (len < nameList.getLength()) { DERValue name = der.read(); List namePair = new ArrayList(2); - if (name.getTagClass() != DER.APPLICATION) - throw new IOException("malformed GeneralName"); + int tagClass = name.getTagClass(); + if (tagClass != DER.CONTEXT) + throw new IOException("malformed GeneralName: Tag class is " + tagClass); namePair.add(new Integer(name.getTag())); DERValue val = null; switch (name.getTag()) @@ -99,6 +103,15 @@ public class GeneralNames break; case OTHER_NAME: + // MUST return the encoded bytes of the OID/OctetString sequence + byte[] anotherName = name.getEncoded(); + anotherName[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE); + namePair.add(anotherName); + // DERReader goes back on Constructed things so we need to skip over them + DERValue skip = der.read(); // skip OID + skip = der.read(); // skip Octet String + break; + case EDI_PARTY_NAME: namePair.add(name.getValue()); break; @@ -106,7 +119,9 @@ public class GeneralNames case DIRECTORY_NAME: byte[] b = name.getEncoded(); b[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE); - namePair.add(new X500DistinguishedName(b).toString()); + DERReader r = new DERReader (b); + r.read (); + namePair.add(new X500Principal(r.read ().getEncoded ()).toString()); break; case IP_ADDRESS: diff --git a/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java b/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java new file mode 100644 index 0000000..feabe4d --- /dev/null +++ b/libjava/classpath/gnu/java/util/prefs/EventDispatcher.java @@ -0,0 +1,112 @@ +/* EventDispatcher.java -- Dispatch events for prefs + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.util.prefs; + +import java.util.ArrayList; + +/** + * This is a helper class used for dispatching events for + * the prefs package. + */ +public class EventDispatcher extends Thread +{ + // This is a singleton class. We dispatch all events via a + // new Thread which is created on demand. + private static final Thread dispatchThread = new EventDispatcher(); + + // This is a queue of events to dispatch. This thread waits on + // the queue and when notified will remove events until the queue + // is empty. + private static final ArrayList queue = new ArrayList(); + + // FIXME: this thread probably ought to go in some classpath-internal + // ThreadGroup. But we don't have that yet. + private EventDispatcher() + { + setDaemon(true); + start(); + } + + public void run() + { + while (true) + { + Runnable r; + synchronized (queue) + { + while (queue.size() == 0) + { + try + { + wait(); + } + catch (InterruptedException _) + { + // Ignore. + } + } + r = (Runnable) queue.remove(0); + } + // Invoke outside the synchronization, so that + // we aren't blocking other threads from posting events. + try + { + r.run(); + } + catch (Throwable _) + { + // Ignore. + } + } + } + + /** + * Add a new runnable to the event dispatch queue. The + * runnable will be invoked in the event dispatch queue + * without any locks held. + * @param runner the Runnable to dispatch + */ + public static void dispatch(Runnable runner) + { + synchronized (queue) + { + queue.add(runner); + } + } +} diff --git a/libjava/classpath/gnu/java/util/prefs/FileBasedFactory.java b/libjava/classpath/gnu/java/util/prefs/FileBasedFactory.java index 70f3558..e5f24ef 100644 --- a/libjava/classpath/gnu/java/util/prefs/FileBasedFactory.java +++ b/libjava/classpath/gnu/java/util/prefs/FileBasedFactory.java @@ -47,11 +47,19 @@ import java.util.prefs.*; */ public class FileBasedFactory implements PreferencesFactory { + // We don't save or read any system preferences for the + // time being. + private static final Preferences systemPreferences + = new MemoryBasedPreferences(null, "", false); + + private static final Preferences userPreferences + = new FileBasedPreferences(); + public Preferences systemRoot() { - return null; + return systemPreferences; } public Preferences userRoot() { - return null; + return userPreferences; } } diff --git a/libjava/classpath/gnu/java/util/prefs/FileBasedPreferences.java b/libjava/classpath/gnu/java/util/prefs/FileBasedPreferences.java new file mode 100644 index 0000000..f7566dd --- /dev/null +++ b/libjava/classpath/gnu/java/util/prefs/FileBasedPreferences.java @@ -0,0 +1,273 @@ +/* FileBasedPreferences.java -- File-based preference implementation + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.util.prefs; + +import gnu.classpath.SystemProperties; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.FilenameFilter; +import java.io.IOException; +import java.nio.channels.FileChannel; +import java.nio.channels.FileLock; +import java.util.Properties; +import java.util.prefs.AbstractPreferences; +import java.util.prefs.BackingStoreException; + +/** + * This is a simple file-based preference implementation which writes + * the preferences as properties files. A node is represented as a directory + * beneath the user's home directory. The preferences for the node are + * stored in a single properties file in that directory. Sub-nodes are + * stored in subdirectories. This implementation uses file locking to + * mediate access to the properties files. + */ +public class FileBasedPreferences + extends AbstractPreferences +{ + /** + * Name of the property file storing the data in a given directory. + */ + private static final String DATA_FILE = "data.properties"; + + /** + * The directory corresponding to this preference node. + */ + private File directory; + + /** + * The file holding the data for this node. + */ + private File dataFile; + + /** + * The data in this node. + */ + private Properties properties; + + /** + * Create the root node for the file-based preferences. + */ + FileBasedPreferences() + { + super(null, ""); + String home = SystemProperties.getProperty("user.home"); + this.directory = new File(new File(home, ".classpath"), "userPrefs"); + this.dataFile = new File(this.directory, DATA_FILE); + load(); + } + + /** + * Create a new file-based preference object with the given parent + * and the given name. + * @param parent the parent + * @param name the name of this node + */ + FileBasedPreferences(FileBasedPreferences parent, String name) + { + super(parent, name); + this.directory = new File(parent.directory, name); + this.dataFile = new File(this.directory, DATA_FILE); + load(); + } + + private void load() + { + this.properties = new Properties(); + FileInputStream fis = null; + FileLock lock = null; + try + { + fis = new FileInputStream(this.dataFile); + FileChannel channel = fis.getChannel(); + lock = channel.lock(0, Long.MAX_VALUE, true); + this.properties.load(fis); + // We release the lock and close the stream in the 'finally' + // clause. + } + catch (IOException _) + { + // We don't mind; this means we're making a new node. + newNode = true; + } + finally + { + try + { + // Release the lock and close the stream. + if (lock != null) + lock.release(); + } + catch (IOException ignore) + { + // Ignore. + } + try + { + // Close the stream. + if (fis != null) + fis.close(); + } + catch (IOException ignore) + { + // Ignore. + } + } + } + + public boolean isUserNode() + { + // For now file preferences are always user nodes. + return true; + } + + protected String[] childrenNamesSpi() throws BackingStoreException + { + // FIXME: security manager. + String[] result = directory.list(new FilenameFilter() + { + public boolean accept(File dir, String name) + { + return new File(dir, name).isDirectory(); + } + }); + if (result == null) + result = new String[0]; + return result; + } + + protected AbstractPreferences childSpi(String name) + { + return new FileBasedPreferences(this, name); + } + + protected String[] keysSpi() throws BackingStoreException + { + return (String[]) properties.keySet().toArray(new String[0]); + } + + protected String getSpi(String key) + { + return properties.getProperty(key); + } + + protected void putSpi(String key, String value) + { + properties.put(key, value); + } + + protected void removeSpi(String key) + { + properties.remove(key); + } + + protected void flushSpi() throws BackingStoreException + { + // FIXME: security manager. + try + { + if (isRemoved()) + { + // Delete the underlying file. + // FIXME: ideally we would also delete the directory + // if it had no subdirectories. This doesn't matter + // much though. + // FIXME: there's a strange race here if a different VM is + // simultaneously updating this node. + dataFile.delete(); + } + else + { + // Write the underlying file. + directory.mkdirs(); + + FileOutputStream fos = null; + FileLock lock = null; + try + { + // Note that we let IOExceptions from the try clause + // propagate to the outer 'try'. + fos = new FileOutputStream(dataFile); + FileChannel channel = fos.getChannel(); + lock = channel.lock(); + properties.store(fos, "created by GNU Classpath FileBasedPreferences"); + // Lock is released and file closed in the finally clause. + } + finally + { + try + { + if (lock != null) + lock.release(); + } + catch (IOException _) + { + // Ignore. + } + try + { + if (fos != null) + fos.close(); + } + catch (IOException _) + { + // Ignore. + } + } + } + } + catch (IOException ioe) + { + throw new BackingStoreException(ioe); + } + } + + protected void syncSpi() throws BackingStoreException + { + // FIXME: we ought to synchronize but instead we merely flush. + flushSpi(); + } + + protected void removeNodeSpi() throws BackingStoreException + { + // We can simply delegate. + flushSpi(); + } +} diff --git a/libjava/classpath/gnu/java/util/prefs/MemoryBasedFactory.java b/libjava/classpath/gnu/java/util/prefs/MemoryBasedFactory.java index abaf001..275b879 100644 --- a/libjava/classpath/gnu/java/util/prefs/MemoryBasedFactory.java +++ b/libjava/classpath/gnu/java/util/prefs/MemoryBasedFactory.java @@ -40,7 +40,7 @@ package gnu.java.util.prefs; import java.util.prefs.*; /** - * Memory based PreferencesFactory usefull for testing. + * Memory based PreferencesFactory useful for testing. * Returns completely empty Preferences for system and user roots. * All changes are only backed by the current instances in memory. * diff --git a/libjava/classpath/gnu/java/util/prefs/MemoryBasedPreferences.java b/libjava/classpath/gnu/java/util/prefs/MemoryBasedPreferences.java index b2f321c..cccb9bf 100644 --- a/libjava/classpath/gnu/java/util/prefs/MemoryBasedPreferences.java +++ b/libjava/classpath/gnu/java/util/prefs/MemoryBasedPreferences.java @@ -1,5 +1,5 @@ /* MemoryBasedPreferences - A Preference node which holds all entries in memory - Copyright (C) 2001 Free Software Foundation, Inc. + Copyright (C) 2001, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -79,7 +79,7 @@ public class MemoryBasedPreferences extends AbstractPreferences { /** * Returns an empty array since all children names are always already - * chached. + * cached. */ protected String[] childrenNamesSpi() throws BackingStoreException { return new String[0]; diff --git a/libjava/classpath/gnu/java/util/prefs/NodeWriter.java b/libjava/classpath/gnu/java/util/prefs/NodeWriter.java index 1eed9e6..c3cf8e8 100644 --- a/libjava/classpath/gnu/java/util/prefs/NodeWriter.java +++ b/libjava/classpath/gnu/java/util/prefs/NodeWriter.java @@ -1,5 +1,5 @@ /* NodeWriter - Writes and exports preferences nodes to files - Copyright (C) 2001 Free Software Foundation, Inc. + Copyright (C) 2001, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -41,6 +41,7 @@ import java.io.BufferedWriter; import java.io.IOException; import java.io.OutputStream; import java.io.OutputStreamWriter; +import java.io.UnsupportedEncodingException; import java.io.Writer; import java.util.StringTokenizer; @@ -67,23 +68,24 @@ public class NodeWriter { private boolean subtree; /** - * Creates a new NodeWriter for the given preferences node and writer. - */ - public NodeWriter(Preferences prefs, Writer w) { - this.prefs = prefs; - if (w instanceof BufferedWriter) { - this.bw = (BufferedWriter) w; - } else { - this.bw = new BufferedWriter(w); - } - } - - /** * Creates a new NodeWriter for the given preferences node and * outputstream. Creates a new OutputStreamWriter. */ public NodeWriter(Preferences prefs, OutputStream os) { - this(prefs, new OutputStreamWriter(os)); + this.prefs = prefs; + Writer w; + try + { + w = new OutputStreamWriter(os, "UTF-8"); + } + catch (UnsupportedEncodingException uee) + { + // Shouldn't happen, since we always have UTF-8 available. + InternalError ie = new InternalError("UTF-8 encoding missing"); + ie.initCause(uee); + throw ie; + } + this.bw = new BufferedWriter(w); } /** @@ -112,6 +114,9 @@ public class NodeWriter { private void writeHeader() throws BackingStoreException, IOException { bw.write(""); bw.newLine(); + bw.write(""); + bw.newLine(); bw.newLine(); bw.write(" S-Box keys:"); + for (i = 0; i < k64Cnt; i++) + { + System.out.println("0x" + Util.toString(k32o[i]) + " 0x" + + Util.toString(k32e[i]) + " --> 0x" + + Util.toString(sBoxKey[k64Cnt - 1 - i])); + } + System.out.println(); + System.out.println("Round keys:"); + for (i = 0; i < ROUND_SUBKEYS + 2 * ROUNDS; i += 2) + { + System.out.println("0x" + Util.toString(subKeys[i]) + " 0x" + + Util.toString(subKeys[i + 1])); + } + System.out.println(); + } + + return new Object[] { sBox, subKeys }; + } + + public void encrypt(byte[] in, int inOffset, byte[] out, int outOffset, + Object sessionKey, int bs) + { + if (bs != DEFAULT_BLOCK_SIZE) + { + throw new IllegalArgumentException(); + } + + Object[] sk = (Object[]) sessionKey; // extract S-box and session key + int[] sBox = (int[]) sk[0]; + int[] sKey = (int[]) sk[1]; + + if (DEBUG && debuglevel > 6) + { + System.out.println("PT=" + Util.toString(in, inOffset, bs)); + } + + int x0 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x1 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x2 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x3 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + + x0 ^= sKey[INPUT_WHITEN]; + x1 ^= sKey[INPUT_WHITEN + 1]; + x2 ^= sKey[INPUT_WHITEN + 2]; + x3 ^= sKey[INPUT_WHITEN + 3]; + if (DEBUG && debuglevel > 6) + { + System.out.println("PTw=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); + } + + int t0, t1; + int k = ROUND_SUBKEYS; + for (int R = 0; R < ROUNDS; R += 2) + { + t0 = Fe32(sBox, x0, 0); + t1 = Fe32(sBox, x1, 3); + x2 ^= t0 + t1 + sKey[k++]; + x2 = x2 >>> 1 | x2 << 31; + x3 = x3 << 1 | x3 >>> 31; + x3 ^= t0 + 2 * t1 + sKey[k++]; + if (DEBUG && debuglevel > 6) + { + System.out.println("CT" + (R) + "=" + Util.toString(x0) + + Util.toString(x1) + Util.toString(x2) + + Util.toString(x3)); + } + + t0 = Fe32(sBox, x2, 0); + t1 = Fe32(sBox, x3, 3); + x0 ^= t0 + t1 + sKey[k++]; + x0 = x0 >>> 1 | x0 << 31; + x1 = x1 << 1 | x1 >>> 31; + x1 ^= t0 + 2 * t1 + sKey[k++]; + if (DEBUG && debuglevel > 6) + { + System.out.println("CT" + (R + 1) + "=" + Util.toString(x0) + + Util.toString(x1) + Util.toString(x2) + + Util.toString(x3)); + } + } + x2 ^= sKey[OUTPUT_WHITEN]; + x3 ^= sKey[OUTPUT_WHITEN + 1]; + x0 ^= sKey[OUTPUT_WHITEN + 2]; + x1 ^= sKey[OUTPUT_WHITEN + 3]; + if (DEBUG && debuglevel > 6) + { + System.out.println("CTw=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); + } + + out[outOffset++] = (byte) x2; + out[outOffset++] = (byte) (x2 >>> 8); + out[outOffset++] = (byte) (x2 >>> 16); + out[outOffset++] = (byte) (x2 >>> 24); + out[outOffset++] = (byte) x3; + out[outOffset++] = (byte) (x3 >>> 8); + out[outOffset++] = (byte) (x3 >>> 16); + out[outOffset++] = (byte) (x3 >>> 24); + out[outOffset++] = (byte) x0; + out[outOffset++] = (byte) (x0 >>> 8); + out[outOffset++] = (byte) (x0 >>> 16); + out[outOffset++] = (byte) (x0 >>> 24); + out[outOffset++] = (byte) x1; + out[outOffset++] = (byte) (x1 >>> 8); + out[outOffset++] = (byte) (x1 >>> 16); + out[outOffset] = (byte) (x1 >>> 24); + + if (DEBUG && debuglevel > 6) + { + System.out.println("CT=" + Util.toString(out, outOffset - 15, 16)); + System.out.println(); + } + } + + public void decrypt(byte[] in, int inOffset, byte[] out, int outOffset, + Object sessionKey, int bs) + { + if (bs != DEFAULT_BLOCK_SIZE) + { + throw new IllegalArgumentException(); + } + + Object[] sk = (Object[]) sessionKey; // extract S-box and session key + int[] sBox = (int[]) sk[0]; + int[] sKey = (int[]) sk[1]; + + if (DEBUG && debuglevel > 6) + { + System.out.println("CT=" + Util.toString(in, inOffset, bs)); + } + + int x2 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x3 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x0 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + int x1 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 + | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; + + x2 ^= sKey[OUTPUT_WHITEN]; + x3 ^= sKey[OUTPUT_WHITEN + 1]; + x0 ^= sKey[OUTPUT_WHITEN + 2]; + x1 ^= sKey[OUTPUT_WHITEN + 3]; + if (DEBUG && debuglevel > 6) + { + System.out.println("CTw=" + Util.toString(x2) + Util.toString(x3) + + Util.toString(x0) + Util.toString(x1)); + } + + int k = ROUND_SUBKEYS + 2 * ROUNDS - 1; + int t0, t1; + for (int R = 0; R < ROUNDS; R += 2) + { + t0 = Fe32(sBox, x2, 0); + t1 = Fe32(sBox, x3, 3); + x1 ^= t0 + 2 * t1 + sKey[k--]; + x1 = x1 >>> 1 | x1 << 31; + x0 = x0 << 1 | x0 >>> 31; + x0 ^= t0 + t1 + sKey[k--]; + if (DEBUG && debuglevel > 6) + { + System.out.println("PT" + (ROUNDS - R) + "=" + Util.toString(x2) + + Util.toString(x3) + Util.toString(x0) + + Util.toString(x1)); + } + + t0 = Fe32(sBox, x0, 0); + t1 = Fe32(sBox, x1, 3); + x3 ^= t0 + 2 * t1 + sKey[k--]; + x3 = x3 >>> 1 | x3 << 31; + x2 = x2 << 1 | x2 >>> 31; + x2 ^= t0 + t1 + sKey[k--]; + if (DEBUG && debuglevel > 6) + { + System.out.println("PT" + (ROUNDS - R - 1) + "=" + + Util.toString(x2) + Util.toString(x3) + + Util.toString(x0) + Util.toString(x1)); + } + } + x0 ^= sKey[INPUT_WHITEN]; + x1 ^= sKey[INPUT_WHITEN + 1]; + x2 ^= sKey[INPUT_WHITEN + 2]; + x3 ^= sKey[INPUT_WHITEN + 3]; + if (DEBUG && debuglevel > 6) + { + System.out.println("PTw=" + Util.toString(x2) + Util.toString(x3) + + Util.toString(x0) + Util.toString(x1)); + } + + out[outOffset++] = (byte) x0; + out[outOffset++] = (byte) (x0 >>> 8); + out[outOffset++] = (byte) (x0 >>> 16); + out[outOffset++] = (byte) (x0 >>> 24); + out[outOffset++] = (byte) x1; + out[outOffset++] = (byte) (x1 >>> 8); + out[outOffset++] = (byte) (x1 >>> 16); + out[outOffset++] = (byte) (x1 >>> 24); + out[outOffset++] = (byte) x2; + out[outOffset++] = (byte) (x2 >>> 8); + out[outOffset++] = (byte) (x2 >>> 16); + out[outOffset++] = (byte) (x2 >>> 24); + out[outOffset++] = (byte) x3; + out[outOffset++] = (byte) (x3 >>> 8); + out[outOffset++] = (byte) (x3 >>> 16); + out[outOffset] = (byte) (x3 >>> 24); + + if (DEBUG && debuglevel > 6) + { + System.out.println("PT=" + Util.toString(out, outOffset - 15, 16)); + System.out.println(); + } + } + + public boolean selfTest() + { + if (valid == null) + { + boolean result = super.selfTest(); // do symmetry tests + if (result) + { + result = testKat(KAT_KEY, KAT_CT); + } + valid = new Boolean(result); + } + return valid.booleanValue(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java b/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java new file mode 100644 index 0000000..4454e0e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/cipher/WeakKeyException.java @@ -0,0 +1,71 @@ +/* WeakKeyException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.cipher; + +import java.security.InvalidKeyException; + +/** + *

Checked exception thrown to indicate that a weak key has been generated + * and or specified instead of a valid non-weak value.

+ */ +public class WeakKeyException extends InvalidKeyException +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public WeakKeyException() + { + super(); + } + + public WeakKeyException(String msg) + { + super(msg); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java b/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java new file mode 100644 index 0000000..0276147 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/DiffieHellmanImpl.java @@ -0,0 +1,155 @@ +/* DiffieHellmanImpl.java -- implementation of the Diffie-Hellman key agreement. + Copyright (C) 2005, 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.KeyAgreementSpi; +import javax.crypto.SecretKey; +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +/** + * The JCE implementation of a 2-party Diffie-Hellman key agreement. + * + * @author Casey Marshall (csm@gnu.org) + */ +public final class DiffieHellmanImpl + extends KeyAgreementSpi +{ + /** The private key being used for this agreement. */ + private DHPrivateKey key; + + /** The current result. */ + private BigInteger result; + + /** True if the caller told us we are done. */ + private boolean last_phase_done; + + /** Trivial default constructor. */ + public DiffieHellmanImpl() + { + super(); + + key = null; + result = null; + last_phase_done = false; + } + + protected Key engineDoPhase(Key incoming, boolean lastPhase) + throws InvalidKeyException + { + if (key == null) + throw new IllegalStateException("Not initialized"); + + if (last_phase_done) + throw new IllegalStateException("Last phase already done"); + + if (! (incoming instanceof DHPublicKey)) + throw new InvalidKeyException("Key MUST be a DHPublicKey"); + + DHPublicKey pub = (DHPublicKey) incoming; + DHParameterSpec s1 = key.getParams(); + DHParameterSpec s2 = pub.getParams(); + if (! s1.getG().equals(s2.getG()) || ! s1.getP().equals(s2.getP()) + || s1.getL() != s2.getL()) + throw new InvalidKeyException("Incompatible key"); + + result = pub.getY().modPow(key.getX(), s1.getP()); + if (! lastPhase) + throw new IllegalArgumentException("This key-agreement MUST be concluded in one step only"); + + last_phase_done = true; + return null; + } + + protected byte[] engineGenerateSecret() + { + if (result == null || ! last_phase_done) + throw new IllegalStateException("Not finished"); + + byte[] buf = result.toByteArray(); + if (buf[0] == 0x00) + { + byte[] buf2 = new byte[buf.length - 1]; + System.arraycopy(buf, 1, buf2, 0, buf2.length); + buf = buf2; + } + + return buf; + } + + protected int engineGenerateSecret(byte[] secret, int offset) + { + byte[] s = engineGenerateSecret(); + System.arraycopy(s, 0, secret, offset, s.length); + return s.length; + } + + protected SecretKey engineGenerateSecret(String algorithm) + throws InvalidKeyException + { + byte[] s = engineGenerateSecret(); + return new SecretKeySpec(s, algorithm); + } + + protected void engineInit(Key key, SecureRandom random) + throws InvalidKeyException + { + if (! (key instanceof DHPrivateKey)) + throw new InvalidKeyException("Key MUST be a DHPrivateKey"); + + this.key = (DHPrivateKey) key; + result = null; + last_phase_done = false; + } + + protected void engineInit(Key key, AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidKeyException + { + engineInit(key, random); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java b/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java new file mode 100644 index 0000000..b0e73b1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/GnuCrypto.java @@ -0,0 +1,620 @@ +/* GnuCrypto.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.mac.MacFactory; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Provider; +import java.util.HashSet; +import java.util.Set; + +/** + *

The GNU Crypto implementation of the Java Cryptographic Extension (JCE) + * Provider.

+ * + * @see java.security.Provider + */ +public final class GnuCrypto extends Provider +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

The GNU Crypto + * Provider.

+ */ + public GnuCrypto() + { + super(Registry.GNU_CRYPTO, 2.1, "GNU Crypto JCE Provider"); + + AccessController.doPrivileged(new PrivilegedAction() + { + public Object run() + { + // Cipher + put("Cipher.ANUBIS", + gnu.javax.crypto.jce.cipher.AnubisSpi.class.getName()); + put("Cipher.ANUBIS ImplementedIn", "Software"); + put("Cipher.ARCFOUR", + gnu.javax.crypto.jce.cipher.ARCFourSpi.class.getName()); + put("Cipher.ARCFOUR ImplementedIn", "Software"); + put("Cipher.BLOWFISH", + gnu.javax.crypto.jce.cipher.BlowfishSpi.class.getName()); + put("Cipher.BLOWFISH ImplementedIn", "Software"); + put("Cipher.DES", gnu.javax.crypto.jce.cipher.DESSpi.class.getName()); + put("Cipher.DES ImplementedIn", "Software"); + put("Cipher.KHAZAD", + gnu.javax.crypto.jce.cipher.KhazadSpi.class.getName()); + put("Cipher.KHAZAD ImplementedIn", "Software"); + put("Cipher.NULL", + gnu.javax.crypto.jce.cipher.NullCipherSpi.class.getName()); + put("Cipher.NULL ImplementedIn", "Software"); + put("Cipher.AES", + gnu.javax.crypto.jce.cipher.RijndaelSpi.class.getName()); + put("Cipher.AES ImplementedIn", "Software"); + put("Cipher.RIJNDAEL", + gnu.javax.crypto.jce.cipher.RijndaelSpi.class.getName()); + put("Cipher.RIJNDAEL ImplementedIn", "Software"); + put("Cipher.SERPENT", + gnu.javax.crypto.jce.cipher.SerpentSpi.class.getName()); + put("Cipher.SERPENT ImplementedIn", "Software"); + put("Cipher.SQUARE", + gnu.javax.crypto.jce.cipher.SquareSpi.class.getName()); + put("Cipher.SQUARE ImplementedIn", "Software"); + put("Cipher.TRIPLEDES", + gnu.javax.crypto.jce.cipher.TripleDESSpi.class.getName()); + put("Cipher.TRIPLEDES ImplementedIn", "Software"); + put("Cipher.TWOFISH", + gnu.javax.crypto.jce.cipher.TwofishSpi.class.getName()); + put("Cipher.TWOFISH ImplementedIn", "Software"); + put("Cipher.CAST5", + gnu.javax.crypto.jce.cipher.Cast5Spi.class.getName()); + put("Cipher.CAST5 ImplementedIn", "Software"); + + // PBES2 ciphers. + put("Cipher.PBEWithHMacHavalAndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.AES.class.getName()); + put("Cipher.PBEWithHMacHavalAndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacHavalAndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Blowfish.class.getName()); + put("Cipher.PBEWithHMacHavalAndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Cast5.class.getName()); + put("Cipher.PBEWithHMacHavalAndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.DES.class.getName()); + put("Cipher.PBEWithHMacHavalAndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Khazad.class.getName()); + put("Cipher.PBEWithHMacHavalAndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Serpent.class.getName()); + put("Cipher.PBEWithHMacHavalAndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Square.class.getName()); + put( + "Cipher.PBEWithHMacHavalAndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.TripleDES.class.getName()); + put("Cipher.PBEWithHMacHavalAndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacHaval.Twofish.class.getName()); + + put("Cipher.PBEWithHMacMD2AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.AES.class.getName()); + put("Cipher.PBEWithHMacMD2AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Anubis.class.getName()); + put("Cipher.PBEWithHMacMD2AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Blowfish.class.getName()); + put("Cipher.PBEWithHMacMD2AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Cast5.class.getName()); + put("Cipher.PBEWithHMacMD2AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.DES.class.getName()); + put("Cipher.PBEWithHMacMD2AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Khazad.class.getName()); + put("Cipher.PBEWithHMacMD2AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Serpent.class.getName()); + put("Cipher.PBEWithHMacMD2AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Square.class.getName()); + put("Cipher.PBEWithHMacMD2AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.TripleDES.class.getName()); + put("Cipher.PBEWithHMacMD2AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD2.Twofish.class.getName()); + + put("Cipher.PBEWithHMacMD4AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.AES.class.getName()); + put("Cipher.PBEWithHMacMD4AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Anubis.class.getName()); + put("Cipher.PBEWithHMacMD4AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Blowfish.class.getName()); + put("Cipher.PBEWithHMacMD4AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Cast5.class.getName()); + put("Cipher.PBEWithHMacMD4AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.DES.class.getName()); + put("Cipher.PBEWithHMacMD4AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Khazad.class.getName()); + put("Cipher.PBEWithHMacMD4AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Serpent.class.getName()); + put("Cipher.PBEWithHMacMD4AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Square.class.getName()); + put("Cipher.PBEWithHMacMD4AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.TripleDES.class.getName()); + put("Cipher.PBEWithHMacMD4AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD4.Twofish.class.getName()); + + put("Cipher.PBEWithHMacMD5AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.AES.class.getName()); + put("Cipher.PBEWithHMacMD5AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Anubis.class.getName()); + put("Cipher.PBEWithHMacMD5AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Blowfish.class.getName()); + put("Cipher.PBEWithHMacMD5AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Cast5.class.getName()); + put("Cipher.PBEWithHMacMD5AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.DES.class.getName()); + put("Cipher.PBEWithHMacMD5AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Khazad.class.getName()); + put("Cipher.PBEWithHMacMD5AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Serpent.class.getName()); + put("Cipher.PBEWithHMacMD5AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Square.class.getName()); + put("Cipher.PBEWithHMacMD5AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.TripleDES.class.getName()); + put("Cipher.PBEWithHMacMD5AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacMD5.Twofish.class.getName()); + + put("Cipher.PBEWithHMacSHA1AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.AES.class.getName()); + put("Cipher.PBEWithHMacSHA1AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Anubis.class.getName()); + put("Cipher.PBEWithHMacSHA1AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Blowfish.class.getName()); + put("Cipher.PBEWithHMacSHA1AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Cast5.class.getName()); + put("Cipher.PBEWithHMacSHA1AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.DES.class.getName()); + put("Cipher.PBEWithHMacSHA1AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Khazad.class.getName()); + put("Cipher.PBEWithHMacSHA1AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Serpent.class.getName()); + put("Cipher.PBEWithHMacSHA1AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Square.class.getName()); + put( + "Cipher.PBEWithHMacSHA1AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.TripleDES.class.getName()); + put("Cipher.PBEWithHMacSHA1AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA1.Twofish.class.getName()); + + put("Cipher.PBEWithHMacSHA256AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.AES.class.getName()); + put("Cipher.PBEWithHMacSHA256AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacSHA256AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Blowfish.class.getName()); + put("Cipher.PBEWithHMacSHA256AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Cast5.class.getName()); + put("Cipher.PBEWithHMacSHA256AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.DES.class.getName()); + put("Cipher.PBEWithHMacSHA256AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Khazad.class.getName()); + put( + "Cipher.PBEWithHMacSHA256AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Serpent.class.getName()); + put("Cipher.PBEWithHMacSHA256AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Square.class.getName()); + put( + "Cipher.PBEWithHMacSHA256AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.TripleDES.class.getName()); + put( + "Cipher.PBEWithHMacSHA256AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA256.Twofish.class.getName()); + + put("Cipher.PBEWithHMacSHA384AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.AES.class.getName()); + put("Cipher.PBEWithHMacSHA384AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacSHA384AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Blowfish.class.getName()); + put("Cipher.PBEWithHMacSHA384AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Cast5.class.getName()); + put("Cipher.PBEWithHMacSHA384AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.DES.class.getName()); + put("Cipher.PBEWithHMacSHA384AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Khazad.class.getName()); + put( + "Cipher.PBEWithHMacSHA384AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Serpent.class.getName()); + put("Cipher.PBEWithHMacSHA384AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Square.class.getName()); + put( + "Cipher.PBEWithHMacSHA384AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.TripleDES.class.getName()); + put( + "Cipher.PBEWithHMacSHA384AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA384.Twofish.class.getName()); + + put("Cipher.PBEWithHMacSHA512AndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.AES.class.getName()); + put("Cipher.PBEWithHMacSHA512AndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacSHA512AndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Blowfish.class.getName()); + put("Cipher.PBEWithHMacSHA512AndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Cast5.class.getName()); + put("Cipher.PBEWithHMacSHA512AndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.DES.class.getName()); + put("Cipher.PBEWithHMacSHA512AndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Khazad.class.getName()); + put( + "Cipher.PBEWithHMacSHA512AndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Serpent.class.getName()); + put("Cipher.PBEWithHMacSHA512AndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Square.class.getName()); + put( + "Cipher.PBEWithHMacSHA512AndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.TripleDES.class.getName()); + put( + "Cipher.PBEWithHMacSHA512AndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacSHA512.Twofish.class.getName()); + + put("Cipher.PBEWithHMacTigerAndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.AES.class.getName()); + put("Cipher.PBEWithHMacTigerAndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacTigerAndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Blowfish.class.getName()); + put("Cipher.PBEWithHMacTigerAndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Cast5.class.getName()); + put("Cipher.PBEWithHMacTigerAndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.DES.class.getName()); + put("Cipher.PBEWithHMacTigerAndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Khazad.class.getName()); + put("Cipher.PBEWithHMacTigerAndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Serpent.class.getName()); + put("Cipher.PBEWithHMacTigerAndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Square.class.getName()); + put( + "Cipher.PBEWithHMacTigerAndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.TripleDES.class.getName()); + put("Cipher.PBEWithHMacTigerAndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacTiger.Twofish.class.getName()); + + put("Cipher.PBEWithHMacWhirlpoolAndAES", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.AES.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndAnubis", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Anubis.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndBlowfish", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Blowfish.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndCast5", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Cast5.class.getName()); + put("Cipher.PBEWithHMacWhirlpoolAndDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.DES.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndKhazad", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Khazad.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndSerpent", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Serpent.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndSquare", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Square.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndTripleDES", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.TripleDES.class.getName()); + put( + "Cipher.PBEWithHMacWhirlpoolAndTwofish", + gnu.javax.crypto.jce.cipher.PBES2.HMacWhirlpool.Twofish.class.getName()); + + // SecretKeyFactory interface to PBKDF2. + put( + "SecretKeyFactory.PBKDF2WithHMacHaval", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacHaval.class.getName()); + put("SecretKeyFactory.PBKDF2WithHMacMD2", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD2.class.getName()); + put("SecretKeyFactory.PBKDF2WithHMacMD4", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD4.class.getName()); + put("SecretKeyFactory.PBKDF2WithHMacMD5", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacMD5.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacSHA1", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA1.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacSHA256", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA256.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacSHA384", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA384.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacSHA512", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacSHA512.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacTiger", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacTiger.class.getName()); + put( + "SecretKeyFactory.PBKDF2WithHMacWhirlpool", + gnu.javax.crypto.jce.PBKDF2SecretKeyFactory.HMacWhirlpool.class.getName()); + + // Simple SecretKeyFactory implementations. + put("SecretKeyFactory.Anubis", + gnu.javax.crypto.jce.key.AnubisSecretKeyFactoryImpl.class.getName()); + put( + "SecretKeyFactory.Blowfish", + gnu.javax.crypto.jce.key.BlowfishSecretKeyFactoryImpl.class.getName()); + put("SecretKeyFactory.Cast5", + gnu.javax.crypto.jce.key.Cast5SecretKeyFactoryImpl.class.getName()); + put("SecretKeyFactory.DES", + gnu.javax.crypto.jce.key.DESSecretKeyFactoryImpl.class.getName()); + put("SecretKeyFactory.Khazad", + gnu.javax.crypto.jce.key.KhazadSecretKeyFactoryImpl.class.getName()); + put( + "SecretKeyFactory.Rijndael", + gnu.javax.crypto.jce.key.RijndaelSecretKeyFactoryImpl.class.getName()); + put( + "SecretKeyFactory.Serpent", + gnu.javax.crypto.jce.key.SerpentSecretKeyFactoryImpl.class.getName()); + put("SecretKeyFactory.Square", + gnu.javax.crypto.jce.key.SquareSecretKeyFactoryImpl.class.getName()); + put("SecretKeyFactory.TripleDES", + gnu.javax.crypto.jce.key.DESedeSecretKeyFactoryImpl.class.getName()); + put("Alg.Alias.SecretKeyFactory.AES", "Rijndael"); + put("Alg.Alias.SecretKeyFactory.DESede", "TripleDES"); + put("Alg.Alias.SecretKeyFactory.3-DES", "TripleDES"); + put("Alg.Alias.SecretKeyFactory.3DES", "TripleDES"); + + put("AlgorithmParameters.BlockCipherParameters", + gnu.javax.crypto.jce.params.BlockCipherParameters.class.getName()); + + + // KeyGenerator Adapter implementations + put("KeyGenerator.Anubis", + gnu.javax.crypto.jce.key.AnubisKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Blowfish", + gnu.javax.crypto.jce.key.BlowfishKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Cast5", + gnu.javax.crypto.jce.key.Cast5KeyGeneratorImpl.class.getName()); + put("KeyGenerator.DES", + gnu.javax.crypto.jce.key.DESKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Khazad", + gnu.javax.crypto.jce.key.KhazadKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Rijndael", + gnu.javax.crypto.jce.key.RijndaelKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Serpent", + gnu.javax.crypto.jce.key.SerpentKeyGeneratorImpl.class.getName()); + put("KeyGenerator.Square", + gnu.javax.crypto.jce.key.SquareKeyGeneratorImpl.class.getName()); + put("KeyGenerator.TripleDES", + gnu.javax.crypto.jce.key.TripleDESKeyGeneratorImpl.class.getName()); + put("Alg.Alias.KeyGenerator.AES", "Rijndael"); + put("Alg.Alias.KeyGenerator.DESede", "TripleDES"); + put("Alg.Alias.KeyGenerator.3-DES", "TripleDES"); + put("Alg.Alias.KeyGenerator.3DES", "TripleDES"); + + // MAC + put("Mac.HMAC-MD2", gnu.javax.crypto.jce.mac.HMacMD2Spi.class.getName()); + put("Mac.HMAC-MD4", gnu.javax.crypto.jce.mac.HMacMD4Spi.class.getName()); + put("Mac.HMAC-MD5", gnu.javax.crypto.jce.mac.HMacMD5Spi.class.getName()); + put("Mac.HMAC-RIPEMD128", + gnu.javax.crypto.jce.mac.HMacRipeMD128Spi.class.getName()); + put("Mac.HMAC-RIPEMD160", + gnu.javax.crypto.jce.mac.HMacRipeMD160Spi.class.getName()); + put("Mac.HMAC-SHA160", + gnu.javax.crypto.jce.mac.HMacSHA160Spi.class.getName()); + put("Mac.HMAC-SHA256", + gnu.javax.crypto.jce.mac.HMacSHA256Spi.class.getName()); + put("Mac.HMAC-SHA384", + gnu.javax.crypto.jce.mac.HMacSHA384Spi.class.getName()); + put("Mac.HMAC-SHA512", + gnu.javax.crypto.jce.mac.HMacSHA512Spi.class.getName()); + put("Mac.HMAC-TIGER", + gnu.javax.crypto.jce.mac.HMacTigerSpi.class.getName()); + put("Mac.HMAC-HAVAL", + gnu.javax.crypto.jce.mac.HMacHavalSpi.class.getName()); + put("Mac.HMAC-WHIRLPOOL", + gnu.javax.crypto.jce.mac.HMacWhirlpoolSpi.class.getName()); + put("Mac.TMMH16", gnu.javax.crypto.jce.mac.TMMH16Spi.class.getName()); + put("Mac.UHASH32", gnu.javax.crypto.jce.mac.UHash32Spi.class.getName()); + put("Mac.UMAC32", gnu.javax.crypto.jce.mac.UMac32Spi.class.getName()); + + put("Mac.OMAC-ANUBIS", + gnu.javax.crypto.jce.mac.OMacAnubisImpl.class.getName()); + put("Mac.OMAC-BLOWFISH", + gnu.javax.crypto.jce.mac.OMacBlowfishImpl.class.getName()); + put("Mac.OMAC-CAST5", + gnu.javax.crypto.jce.mac.OMacCast5Impl.class.getName()); + put("Mac.OMAC-DES", + gnu.javax.crypto.jce.mac.OMacDESImpl.class.getName()); + put("Mac.OMAC-KHAZAD", + gnu.javax.crypto.jce.mac.OMacKhazadImpl.class.getName()); + put("Mac.OMAC-RIJNDAEL", + gnu.javax.crypto.jce.mac.OMacRijndaelImpl.class.getName()); + put("Mac.OMAC-SERPENT", + gnu.javax.crypto.jce.mac.OMacSerpentImpl.class.getName()); + put("Mac.OMAC-SQUARE", + gnu.javax.crypto.jce.mac.OMacSquareImpl.class.getName()); + put("Mac.OMAC-TRIPLEDES", + gnu.javax.crypto.jce.mac.OMacTripleDESImpl.class.getName()); + put("Mac.OMAC-TWOFISH", + gnu.javax.crypto.jce.mac.OMacTwofishImpl.class.getName()); + + // Aliases + put("Alg.Alias.AlgorithmParameters.AES", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.BLOWFISH", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.ANUBIS", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.KHAZAD", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.NULL", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.RIJNDAEL", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.SERPENT", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.SQUARE", "BlockCipherParameters"); + put("Alg.Alias.AlgorithmParameters.TWOFISH", "BlockCipherParameters"); + put("Alg.Alias.Cipher.RC4", "ARCFOUR"); + put("Alg.Alias.Cipher.3-DES", "TRIPLEDES"); + put("Alg.Alias.Cipher.3DES", "TRIPLEDES"); + put("Alg.Alias.Cipher.DES-EDE", "TRIPLEDES"); + put("Alg.Alias.Cipher.DESede", "TRIPLEDES"); + put("Alg.Alias.Cipher.CAST128", "CAST5"); + put("Alg.Alias.Cipher.CAST-128", "CAST5"); + put("Alg.Alias.Mac.HMAC-SHS", "HMAC-SHA160"); + put("Alg.Alias.Mac.HMAC-SHA", "HMAC-SHA160"); + put("Alg.Alias.Mac.HMAC-SHA1", "HMAC-SHA160"); + put("Alg.Alias.Mac.HMAC-SHA-160", "HMAC-SHA160"); + put("Alg.Alias.Mac.HMAC-SHA-256", "HMAC-SHA256"); + put("Alg.Alias.Mac.HMAC-SHA-384", "HMAC-SHA384"); + put("Alg.Alias.Mac.HMAC-SHA-512", "HMAC-SHA512"); + put("Alg.Alias.Mac.HMAC-RIPEMD-160", "HMAC-RIPEMD160"); + put("Alg.Alias.Mac.HMAC-RIPEMD-128", "HMAC-RIPEMD128"); + put("Alg.Alias.Mac.OMAC-AES", "OMAC-RIJNDAEL"); + put("Alg.Alias.Mac.OMAC-3DES", "OMAC-3DES"); + put("Alg.Alias.Mac.HmacMD4", "HMAC-MD4"); + put("Alg.Alias.Mac.HmacMD5", "HMAC-MD5"); + put("Alg.Alias.Mac.HmacSHA-1", "HMAC-SHA-1"); + put("Alg.Alias.Mac.HmacSHA1", "HMAC-SHA1"); + put("Alg.Alias.Mac.HmacSHA-160", "HMAC-SHA-160"); + put("Alg.Alias.Mac.HmacSHA160", "HMAC-SHA-160"); + put("Alg.Alias.Mac.HmacSHA-256", "HMAC-SHA-256"); + put("Alg.Alias.Mac.HmacSHA256", "HMAC-SHA-256"); + put("Alg.Alias.Mac.HmacSHA-384", "HMAC-SHA-384"); + put("Alg.Alias.Mac.HmacSHA384", "HMAC-SHA-384"); + put("Alg.Alias.Mac.HmacSHA-512", "HMAC-SHA-512"); + put("Alg.Alias.Mac.HmacSHA512", "HMAC-SHA-512"); + put("Alg.Alias.Mac.HmacRIPEMD128", "HMAC-RIPEMD128"); + put("Alg.Alias.Mac.HmacRIPEMD-128", "HMAC-RIPEMD128"); + put("Alg.Alias.Mac.HmacRIPEMD160", "HMAC-RIPEMD160"); + put("Alg.Alias.Mac.HmacRIPEMD-160", "HMAC-RIPEMD160"); + put("Alg.Alias.Mac.HmacTiger", "HMAC-TIGER"); + put("Alg.Alias.Mac.HmacHaval", "HMAC-HAVAL"); + put("Alg.Alias.Mac.HmacWhirlpool", "HMAC-WHIRLPOOL"); + + // KeyAgreement + put("KeyAgreement.DH", + gnu.javax.crypto.jce.DiffieHellmanImpl.class.getName()); + put("Alg.Alias.KeyAgreement.DiffieHellman", "DH"); + + // Cipher + put("Cipher.RSAES-PKCS1-v1_5", + gnu.javax.crypto.RSACipherImpl.class.getName()); + put("Alg.Alias.Cipher.RSA", "RSAES-PKCS1-v1_5"); + + // SecureRandom + put("SecureRandom.ARCFOUR", gnu.javax.crypto.jce.prng.ARCFourRandomSpi.class.getName()); + put("SecureRandom.ARCFOUR ImplementedIn", "Software"); + put("SecureRandom.CSPRNG", gnu.javax.crypto.jce.prng.CSPRNGSpi.class.getName()); + put("SecureRandom.CSPRNG ImplementedIn", "Software"); + put("SecureRandom.ICM", gnu.javax.crypto.jce.prng.ICMRandomSpi.class.getName()); + put("SecureRandom.ICM ImplementedIn", "Software"); + put("SecureRandom.UMAC-KDF", gnu.javax.crypto.jce.prng.UMacRandomSpi.class.getName()); + put("SecureRandom.UMAC-KDF ImplementedIn", "Software"); + put("SecureRandom.Fortuna", gnu.javax.crypto.jce.prng.FortunaImpl.class.getName ()); + put("SecureRandom.Fortuna ImplementedIn", "Software"); + + // KeyStore + put("KeyStore.GKR", gnu.javax.crypto.jce.keyring.GnuKeyring.class.getName()); + put("Alg.Alias.KeyStore.GnuKeyring", "GKR"); + + // KeyPairGenerator --------------------------------------------------- + put("KeyPairGenerator.DH", + gnu.javax.crypto.jce.sig.DHKeyPairGeneratorSpi.class.getName()); + put("KeyPairGenerator.DH KeySize", "512"); + put("KeyPairGenerator.DH ImplementedIn", "Software"); + + put("Alg.Alias.KeyPairGenerator.DiffieHellman", "DH"); + + // KeyFactory --------------------------------------------------------- + put("KeyFactory.DH", + gnu.javax.crypto.jce.sig.DHKeyFactory.class.getName()); + + put("Alg.Alias,KeyFactory.DiffieHellman", "DH"); + + // Algorithm Parameters ----------------------------------------------- + put("AlgorithmParameters.DH", + gnu.javax.crypto.jce.sig.DHParameters.class.getName()); + + put("Alg.Alias.AlgorithmParameters.DiffieHellman", "DH"); + + // Algorithm Parameters Generator ------------------------------------- + put("AlgorithmParameterGenerator.DH", + gnu.javax.crypto.jce.sig.DHParametersGenerator.class.getName()); + + put("Alg.Alias.AlgorithmParameterGenerator.DiffieHellman", "DH"); + + return null; + } + }); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns a {@link Set} of names of symmetric key block cipher algorithms + * available from this {@link Provider}.

+ * + * @return a {@link Set} of cipher names (Strings). + */ + public static final Set getCipherNames() + { + HashSet s = new HashSet(); + s.addAll(CipherFactory.getNames()); + s.add(Registry.ARCFOUR_PRNG); + return s; + } + + /** + *

Returns a {@link Set} of names of MAC algorithms available from + * this {@link Provider}.

+ * + * @return a {@link Set} of MAC names (Strings). + */ + public static final Set getMacNames() + { + return MacFactory.getNames(); + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java b/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java new file mode 100644 index 0000000..6ee86ae --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/GnuSasl.java @@ -0,0 +1,114 @@ +/* GnuSasl.java -- javax.security.sasl algorithms. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.ClientFactory; +import gnu.javax.crypto.sasl.ServerFactory; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Provider; +import java.util.Set; + +public final class GnuSasl extends Provider +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public GnuSasl() + { + super (Registry.GNU_SASL, 2.1, "GNU Crypto SASL Provider"); + + AccessController.doPrivileged (new PrivilegedAction() + { + public Object run() + { + // SASL Client and Server mechanisms + put("SaslClientFactory.ANONYMOUS", gnu.javax.crypto.sasl.ClientFactory.class.getName()); + put("SaslClientFactory.PLAIN", gnu.javax.crypto.sasl.ClientFactory.class.getName()); + put("SaslClientFactory.CRAM-MD5", gnu.javax.crypto.sasl.ClientFactory.class.getName()); + put("SaslClientFactory.SRP", gnu.javax.crypto.sasl.ClientFactory.class.getName()); + + put("SaslServerFactory.ANONYMOUS", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.PLAIN", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.CRAM-MD5", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-MD5", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-SHA-160", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-RIPEMD128", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-RIPEMD160", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-TIGER", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + put("SaslServerFactory.SRP-WHIRLPOOL", gnu.javax.crypto.sasl.ServerFactory.class.getName()); + + put("Alg.Alias.SaslServerFactory.SRP-SHS", "SRP-SHA-160"); + put("Alg.Alias.SaslServerFactory.SRP-SHA", "SRP-SHA-160"); + put("Alg.Alias.SaslServerFactory.SRP-SHA1", "SRP-SHA-160"); + put("Alg.Alias.SaslServerFactory.SRP-SHA-1", "SRP-SHA-160"); + put("Alg.Alias.SaslServerFactory.SRP-SHA160", "SRP-SHA-160"); + put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-128", "SRP-RIPEMD128"); + put("Alg.Alias.SaslServerFactory.SRP-RIPEMD-160", "SRP-RIPEMD160"); + + return null; + } + }); + } + + /** + *

Returns a {@link Set} of names of SASL Client mechanisms available from + * this {@link Provider}.

+ * + * @return a {@link Set} of SASL Client mechanisms (Strings). + */ + public static final Set getSaslClientMechanismNames() + { + return ClientFactory.getNames(); + } + + /** + *

Returns a {@link Set} of names of SASL Server mechanisms available from + * this {@link Provider}.

+ * + * @return a {@link Set} of SASL Server mechanisms (Strings). + */ + public static final Set getSaslServerMechanismNames() + { + return ServerFactory.getNames(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java b/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java new file mode 100644 index 0000000..59231c6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/PBKDF2SecretKeyFactory.java @@ -0,0 +1,229 @@ +/* PBKDF2SecretKeyFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce; + +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import java.util.HashMap; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +import gnu.javax.crypto.prng.IPBE; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.PRNGFactory; + +public abstract class PBKDF2SecretKeyFactory extends SecretKeyFactorySpi +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + protected String macName; + + private static final int DEFAULT_ITERATION_COUNT = 1000; + + private static final int DEFAULT_KEY_LEN = 32; + + // Constructor. + // ------------------------------------------------------------------------ + + protected PBKDF2SecretKeyFactory(String macName) + { + this.macName = macName; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + protected SecretKey engineGenerateSecret(KeySpec spec) + throws InvalidKeySpecException + { + if (!(spec instanceof PBEKeySpec)) + { + throw new InvalidKeySpecException("not a PBEKeySpec"); + } + IRandom kdf = PRNGFactory.getInstance("PBKDF2-" + macName); + HashMap attr = new HashMap(); + attr.put(IPBE.PASSWORD, ((PBEKeySpec) spec).getPassword()); + byte[] salt = ((PBEKeySpec) spec).getSalt(); + if (salt == null) + { + salt = new byte[0]; + } + attr.put(IPBE.SALT, salt); + int ic = ((PBEKeySpec) spec).getIterationCount(); + if (ic <= 0) + { + ic = DEFAULT_ITERATION_COUNT; + } + attr.put(IPBE.ITERATION_COUNT, new Integer(ic)); + kdf.init(attr); + int len = ((PBEKeySpec) spec).getKeyLength(); + if (len <= 0) + { + len = DEFAULT_KEY_LEN; + } + byte[] dk = new byte[len]; + try + { + kdf.nextBytes(dk, 0, len); + } + catch (LimitReachedException lre) + { + throw new IllegalArgumentException(lre.toString()); + } + + return new SecretKeySpec(dk, "PBKDF2"); + } + + protected KeySpec engineGetKeySpec(SecretKey key, Class clazz) + throws InvalidKeySpecException + { + throw new InvalidKeySpecException("not supported"); + } + + protected SecretKey engineTranslateKey(SecretKey key) + { + return new SecretKeySpec(key.getEncoded(), key.getAlgorithm()); + } + + // Inner classes. + // ------------------------------------------------------------------------ + + public static class HMacHaval extends PBKDF2SecretKeyFactory + { + public HMacHaval() + { + super("HMAC-HAVAL"); + } + } + + public static class HMacMD2 extends PBKDF2SecretKeyFactory + { + public HMacMD2() + { + super("HMAC-MD2"); + } + } + + public static class HMacMD4 extends PBKDF2SecretKeyFactory + { + public HMacMD4() + { + super("HMAC-MD4"); + } + } + + public static class HMacMD5 extends PBKDF2SecretKeyFactory + { + public HMacMD5() + { + super("HMAC-MD5"); + } + } + + public static class HMacRipeMD128 extends PBKDF2SecretKeyFactory + { + public HMacRipeMD128() + { + super("HMAC-RIPEMD128"); + } + } + + public static class HMacRipeMD160 extends PBKDF2SecretKeyFactory + { + public HMacRipeMD160() + { + super("HMAC-RIPEMD160"); + } + } + + public static class HMacSHA1 extends PBKDF2SecretKeyFactory + { + public HMacSHA1() + { + super("HMAC-SHA1"); + } + } + + public static class HMacSHA256 extends PBKDF2SecretKeyFactory + { + public HMacSHA256() + { + super("HMAC-SHA256"); + } + } + + public static class HMacSHA384 extends PBKDF2SecretKeyFactory + { + public HMacSHA384() + { + super("HMAC-SHA384"); + } + } + + public static class HMacSHA512 extends PBKDF2SecretKeyFactory + { + public HMacSHA512() + { + super("HMAC-SHA512"); + } + } + + public static class HMacTiger extends PBKDF2SecretKeyFactory + { + public HMacTiger() + { + super("HMAC-TIGER"); + } + } + + public static class HMacWhirlpool extends PBKDF2SecretKeyFactory + { + public HMacWhirlpool() + { + super("HMAC-WHIRLPOOL"); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java new file mode 100644 index 0000000..ba7466f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AESSpi.java @@ -0,0 +1,104 @@ +/* AESSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; +import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +/** + * The implementation of the AES Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class AESSpi extends CipherAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public AESSpi() + { + super(Registry.AES_CIPHER, 16); + } + + // Methods from CipherAdapter + // ----------------------------------------------------------------------- + + protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + if (params instanceof BlockCipherParameterSpec) + { + if (((BlockCipherParameterSpec) params).getBlockSize() != 16) + { + throw new InvalidAlgorithmParameterException( + "AES block size must be 16 bytes"); + } + } + super.engineInit(opmode, key, params, random); + } + + protected void engineInit(int opmode, Key key, AlgorithmParameters params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + AlgorithmParameterSpec spec = null; + try + { + if (params != null) + { + spec = params.getParameterSpec(BlockCipherParameterSpec.class); + } + } + catch (InvalidParameterSpecException ipse) + { + } + engineInit(opmode, key, spec, random); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java new file mode 100644 index 0000000..8fc1fe4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/ARCFourSpi.java @@ -0,0 +1,208 @@ +/* ARCFourSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; +import gnu.javax.crypto.prng.ARCFour; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.PRNGFactory; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import java.util.HashMap; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.CipherSpi; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.ShortBufferException; + +/** + * The Service Provider Interface (SPI) for the ARCFOUR + * stream cipher. + * + * @version $Revision: 1.1 $ + */ +public class ARCFourSpi extends CipherSpi +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + private IRandom keystream; + + // Constructors. + // ----------------------------------------------------------------------- + + public ARCFourSpi() + { + super(); + keystream = PRNGFactory.getInstance(Registry.ARCFOUR_PRNG); + } + + // Methods implementing CipherSpi. + // ----------------------------------------------------------------------- + + protected int engineGetBlockSize() + { + return 0; // stream cipher. + } + + protected void engineSetMode(String s) throws NoSuchAlgorithmException + { + // ignored. + } + + protected void engineSetPadding(String s) throws NoSuchPaddingException + { + // ignored. + } + + protected byte[] engineGetIV() + { + return null; + } + + protected int engineGetOutputSize(int in) + { + return in; + } + + protected AlgorithmParameters engineGetParameters() + { + return null; + } + + protected void engineInit(int mode, Key key, SecureRandom r) + throws InvalidKeyException + { + if (mode != Cipher.ENCRYPT_MODE && mode != Cipher.DECRYPT_MODE) + { + throw new IllegalArgumentException( + "arcfour is for encryption or decryption only"); + } + if (key == null || !key.getFormat().equalsIgnoreCase("RAW")) + { + throw new InvalidKeyException("key must be non-null raw bytes"); + } + HashMap attrib = new HashMap(); + attrib.put(ARCFour.ARCFOUR_KEY_MATERIAL, key.getEncoded()); + keystream.init(attrib); + } + + protected void engineInit(int mode, Key key, AlgorithmParameterSpec p, + SecureRandom r) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + engineInit(mode, key, r); + } + + protected void engineInit(int mode, Key key, AlgorithmParameters p, + SecureRandom r) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + engineInit(mode, key, r); + } + + protected byte[] engineUpdate(byte[] in, int offset, int length) + { + if (length < 0 || offset < 0 || length + offset > in.length) + { + throw new ArrayIndexOutOfBoundsException(); + } + byte[] result = new byte[length]; + try + { + for (int i = 0; i < length; i++) + { + result[i] = (byte) (in[i + offset] ^ keystream.nextByte()); + } + } + catch (LimitReachedException wontHappen) + { + } + return result; + } + + protected int engineUpdate(byte[] in, int inOffset, int length, byte[] out, + int outOffset) throws ShortBufferException + { + if (length < 0 || inOffset < 0 || length + inOffset > in.length + || outOffset < 0) + { + throw new ArrayIndexOutOfBoundsException(); + } + if (outOffset + length > out.length) + { + throw new ShortBufferException(); + } + try + { + for (int i = 0; i < length; i++) + { + out[i + outOffset] = (byte) (in[i + inOffset] ^ keystream.nextByte()); + } + } + catch (LimitReachedException wontHappen) + { + } + return length; + } + + protected byte[] engineDoFinal(byte[] in, int offset, int length) + throws IllegalBlockSizeException, BadPaddingException + { + return engineUpdate(in, offset, length); + } + + protected int engineDoFinal(byte[] in, int inOffset, int length, byte[] out, + int outOffset) throws ShortBufferException, + IllegalBlockSizeException, BadPaddingException + { + return engineUpdate(in, inOffset, length, out, outOffset); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java new file mode 100644 index 0000000..ac2f596 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/AnubisSpi.java @@ -0,0 +1,59 @@ +/* AnubisSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Anubis Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class AnubisSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public AnubisSpi() + { + super(Registry.ANUBIS_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java new file mode 100644 index 0000000..d1a2861 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/BlowfishSpi.java @@ -0,0 +1,59 @@ +/* BlowfishSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Blowfish Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class BlowfishSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public BlowfishSpi() + { + super(Registry.BLOWFISH_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java new file mode 100644 index 0000000..b1d4cf70 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/Cast5Spi.java @@ -0,0 +1,68 @@ +/* Cast5Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the CAST5 (a.k.a. CAST-128) Service + * Provider Interface (SPI) Adapter. + * + * @version Revision: $ + */ +public class Cast5Spi extends CipherAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public Cast5Spi() + { + super(Registry.CAST5_CIPHER); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java new file mode 100644 index 0000000..9667a67 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/CipherAdapter.java @@ -0,0 +1,507 @@ +/* CipherAdapter.java -- + Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.pad.IPad; +import gnu.javax.crypto.pad.PadFactory; +import gnu.javax.crypto.pad.WrongPaddingException; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.HashMap; +import java.util.Map; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.CipherSpi; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.ShortBufferException; +import javax.crypto.spec.IvParameterSpec; + +/** + *

The implementation of a generic {@link Cipher} Adapter class to + * wrap GNU Crypto cipher instances.

+ * + *

This class defines the Service Provider Interface (SPI) for + * the {@link Cipher} class, which provides the functionality of symmetric-key + * block ciphers, such as the AES.

+ * + *

This base class defines all of the abstract methods in {@link CipherSpi}, + * but does not define the (non-abstract) key wrapping functions that extended + * the base cipher SPI, and these methods thus immediately throw an + * {@link UnsupportedOperationException}. If a cipher implementation provides + * this functionality, or if it in fact accepts parameters other than the key + * and the initialization vector, the subclass should override those methods. + * Otherwise a subclass need only call the {@link #CipherAdapter(String)} + * constructor with the name of the cipher.

+ * + * @version $Revision: 1.1 $ + */ +class CipherAdapter extends CipherSpi +{ + + // Constants and variables. + // ------------------------------------------------------------------------- + + /** Our cipher instance. */ + protected IBlockCipher cipher; + + /** Our mode instance. */ + protected IMode mode; + + /** Our padding instance. */ + protected IPad pad; + + /** The current key size. */ + protected int keyLen; + + /** Our attributes map. */ + protected Map attributes; + + /** An incomplete block. */ + protected byte[] partBlock; + + /** The number of bytes in {@link #partBlock}. */ + protected int partLen; + + /** The length of blocks we are processing. */ + protected int blockLen; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Protected constructor to be called by subclasses. The cipher name + * argument should be the appropriate one listed in {@link gnu.crypto.Registry}. + * The basic cipher instance is created, along with an instance of the + * {@link gnu.crypto.mode.ECB} mode and no padding.

+ * + * @param cipherName The cipher to instantiate. + * @param blockLen The block length to use. + */ + protected CipherAdapter(String cipherName, int blockLen) + { + cipher = CipherFactory.getInstance(cipherName); + attributes = new HashMap(); + this.blockLen = blockLen; + mode = ModeFactory.getInstance("ECB", cipher, blockLen); + attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen)); + } + + /** + *

Creates a new cipher adapter with the default block size.

+ * + * @param cipherName The cipher to instantiate. + */ + protected CipherAdapter(String cipherName) + { + cipher = CipherFactory.getInstance(cipherName); + blockLen = cipher.defaultBlockSize(); + attributes = new HashMap(); + mode = ModeFactory.getInstance("ECB", cipher, blockLen); + attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen)); + } + + // Instance methods implementing javax.crypto.CipherSpi. + // ------------------------------------------------------------------------- + + protected void engineSetMode(String modeName) throws NoSuchAlgorithmException + { + if (modeName.length() >= 3 + && modeName.substring(0, 3).equalsIgnoreCase("CFB")) + { + if (modeName.length() > 3) + { + try + { + int bs = Integer.parseInt(modeName.substring(3)); + attributes.put(IMode.MODE_BLOCK_SIZE, new Integer(bs / 8)); + } + catch (NumberFormatException nfe) + { + throw new NoSuchAlgorithmException(modeName); + } + modeName = "CFB"; + } + } + else + { + attributes.remove(IMode.MODE_BLOCK_SIZE); + } + mode = ModeFactory.getInstance(modeName, cipher, blockLen); + if (mode == null) + { + throw new NoSuchAlgorithmException(modeName); + } + } + + protected void engineSetPadding(String padName) throws NoSuchPaddingException + { + if (padName.equalsIgnoreCase("NoPadding")) + { + pad = null; + return; + } + pad = PadFactory.getInstance(padName); + if (pad == null) + { + throw new NoSuchPaddingException(padName); + } + } + + protected int engineGetBlockSize() + { + if (cipher != null) + { + return blockLen; + } + return 0; + } + + protected int engineGetOutputSize(int inputLen) + { + final int blockSize = mode.currentBlockSize(); + return ((inputLen + partLen) / blockSize) * blockSize; + } + + protected byte[] engineGetIV() + { + byte[] iv = (byte[]) attributes.get(IMode.IV); + if (iv == null) + { + return null; + } + return (byte[]) iv.clone(); + } + + protected AlgorithmParameters engineGetParameters() + { + BlockCipherParameterSpec spec = new BlockCipherParameterSpec( + (byte[]) attributes.get(IMode.IV), + cipher.currentBlockSize(), + keyLen); + AlgorithmParameters params; + try + { + params = AlgorithmParameters.getInstance("BlockCipherParameters"); + params.init(spec); + } + catch (NoSuchAlgorithmException nsae) + { + return null; + } + catch (InvalidParameterSpecException ipse) + { + return null; + } + return params; + } + + protected void engineInit(int opmode, Key key, SecureRandom random) + throws InvalidKeyException + { + switch (opmode) + { + case Cipher.ENCRYPT_MODE: + attributes.put(IMode.STATE, new Integer(IMode.ENCRYPTION)); + break; + case Cipher.DECRYPT_MODE: + attributes.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + break; + } + if (!key.getFormat().equalsIgnoreCase("RAW")) + { + throw new InvalidKeyException("bad key format " + key.getFormat()); + } + byte[] kb = key.getEncoded(); + if (keyLen == 0) + { + keyLen = kb.length; + } + else if (keyLen < kb.length) + { + byte[] kbb = kb; + kb = new byte[keyLen]; + System.arraycopy(kbb, 0, kb, 0, keyLen); + } + attributes.put(IBlockCipher.KEY_MATERIAL, kb); + reset(); + } + + protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + if (params == null) + { + byte[] iv = new byte[blockLen]; + random.nextBytes(iv); + attributes.put(IMode.IV, iv); + blockLen = cipher.defaultBlockSize(); + attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen)); + keyLen = 0; + } + else if (params instanceof BlockCipherParameterSpec) + { + attributes.put( + IBlockCipher.CIPHER_BLOCK_SIZE, + new Integer( + ((BlockCipherParameterSpec) params).getBlockSize())); + attributes.put(IMode.IV, ((BlockCipherParameterSpec) params).getIV()); + keyLen = ((BlockCipherParameterSpec) params).getKeySize(); + blockLen = ((BlockCipherParameterSpec) params).getBlockSize(); + } + else if (params instanceof IvParameterSpec) + { + attributes.put(IMode.IV, ((IvParameterSpec) params).getIV()); + blockLen = cipher.defaultBlockSize(); + attributes.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(blockLen)); + keyLen = 0; + } + engineInit(opmode, key, random); + } + + protected void engineInit(int opmode, Key key, AlgorithmParameters params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + AlgorithmParameterSpec spec = null; + try + { + if (params != null) + { + spec = params.getParameterSpec(BlockCipherParameterSpec.class); + } + } + catch (InvalidParameterSpecException ignored) + { + } + engineInit(opmode, key, spec, random); + } + + protected byte[] engineUpdate(byte[] input, int off, int len) + { + final int blockSize = mode.currentBlockSize(); + final int count = (partLen + len) / blockSize; + final byte[] out = new byte[count * blockSize]; + try + { + engineUpdate(input, off, len, out, 0); + } + catch (ShortBufferException x) + { // should not happen + x.printStackTrace(System.err); + } + return out; + } + + // protected int + // engineUpdate(byte[] in, int inOff, int inLen, byte[] out, int outOff) + // throws ShortBufferException + // { + // int blockSize = mode.currentBlockSize(); + // int count = (partLen + inLen) / blockSize; + // if (count * blockSize > out.length - outOff) { + // throw new ShortBufferException(); + // } + // byte[] buf; + // if (partLen > 0 && count > 0) { + // buf = new byte[partLen + inLen]; + // System.arraycopy(partBlock, 0, buf, 0, partLen); + // if (in != null && inLen > 0) { + // System.arraycopy(in, inOff, buf, partLen, inLen); + // } + // partLen = 0; + // inOff = 0; + // } else { + // buf = in; + // } + // for (int i = 0; i < count; i++) { + // mode.update(buf, i * blockSize + inOff, out, i * blockSize + outOff); + // } + // if (inOff + inLen > count * blockSize) { + // partLen = (inOff + inLen) - (count * blockSize); + // System.arraycopy(in, count * blockSize, partBlock, 0, partLen); + // } + // return count * blockSize; + // } + + protected int engineUpdate(byte[] in, int inOff, int inLen, byte[] out, + int outOff) throws ShortBufferException + { + if (inLen == 0) + { // nothing to process + return 0; + } + final int blockSize = mode.currentBlockSize(); + final int blockCount = (partLen + inLen) / blockSize; + final int result = blockCount * blockSize; + if (result > out.length - outOff) + { + throw new ShortBufferException(); + } + if (blockCount == 0) + { // not enough bytes for even 1 block + System.arraycopy(in, inOff, partBlock, partLen, inLen); + partLen += inLen; + return 0; + } + final byte[] buf; + // we have enough bytes for at least 1 block + if (partLen == 0) + { // if no cached bytes use input + buf = in; + } + else + { // prefix input with cached bytes + buf = new byte[partLen + inLen]; + System.arraycopy(partBlock, 0, buf, 0, partLen); + if (in != null && inLen > 0) + { + System.arraycopy(in, inOff, buf, partLen, inLen); + } + inOff = 0; + } + for (int i = 0; i < blockCount; i++) + { // update blockCount * blockSize + mode.update(buf, inOff, out, outOff); + inOff += blockSize; + outOff += blockSize; + } + partLen += inLen - result; + if (partLen > 0) + { // cache remaining bytes from buf + System.arraycopy(buf, inOff, partBlock, 0, partLen); + } + return result; + } + + protected byte[] engineDoFinal(byte[] input, int off, int len) + throws IllegalBlockSizeException, BadPaddingException + { + final byte[] result; + final byte[] buf = engineUpdate(input, off, len); + if (pad != null) + { + switch (((Integer) attributes.get(IMode.STATE)).intValue()) + { + case IMode.ENCRYPTION: + byte[] padding = pad.pad(partBlock, 0, partLen); + byte[] buf2 = engineUpdate(padding, 0, padding.length); + result = new byte[buf.length + buf2.length]; + System.arraycopy(buf, 0, result, 0, buf.length); + System.arraycopy(buf2, 0, result, buf.length, buf2.length); + break; + case IMode.DECRYPTION: + int padLen; + try + { + padLen = pad.unpad(buf, 0, buf.length); + } + catch (WrongPaddingException wpe) + { + throw new BadPaddingException(wpe.getMessage()); + } + result = new byte[buf.length - padLen]; + System.arraycopy(buf, 0, result, 0, result.length); + break; + default: + throw new IllegalStateException(); + } + } + else + { + if (partLen > 0) + { + throw new IllegalBlockSizeException(partLen + " trailing bytes"); + } + result = buf; + } + + try + { + reset(); + } + catch (InvalidKeyException ike) + { + // Should not happen; if we initialized it with the current + // parameters before, we should be able to do it again. + throw new Error(ike); + } + return result; + } + + protected int engineDoFinal(byte[] in, int inOff, int inLen, byte[] out, + int outOff) throws BadPaddingException, + IllegalBlockSizeException, ShortBufferException + { + byte[] buf = engineDoFinal(in, inOff, inLen); + if (out.length + outOff < buf.length) + { + throw new ShortBufferException(); + } + System.arraycopy(buf, 0, out, outOff, buf.length); + return buf.length; + } + + private void reset() throws InvalidKeyException + { + mode.reset(); + mode.init(attributes); + if (pad != null) + { + pad.reset(); + pad.init(blockLen); + } + partBlock = new byte[blockLen]; + partLen = 0; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java new file mode 100644 index 0000000..f3ec822 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/DESSpi.java @@ -0,0 +1,59 @@ +/* DESSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the DES Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class DESSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public DESSpi() + { + super(Registry.DES_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java new file mode 100644 index 0000000..7f43dd0 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/KhazadSpi.java @@ -0,0 +1,59 @@ +/* KhazadSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Khazad Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class KhazadSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public KhazadSpi() + { + super(Registry.KHAZAD_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java new file mode 100644 index 0000000..0876c95 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/NullCipherSpi.java @@ -0,0 +1,59 @@ +/* NullCipherSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Null cipher Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class NullCipherSpi extends CipherAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public NullCipherSpi() + { + super(Registry.NULL_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java new file mode 100644 index 0000000..28b327d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/PBES2.java @@ -0,0 +1,1352 @@ +/* PBES2.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.javax.crypto.prng.IPBE; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.PRNGFactory; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; + +import javax.crypto.interfaces.PBEKey; +import javax.crypto.spec.SecretKeySpec; + +/** + *

.

+ * + * @version $Revision: 1.1 $ + */ +public abstract class PBES2 extends CipherAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The HMac (PRF) algorithm name. */ + protected String macName; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected PBES2(String cipherName, int blockLen, String macName) + { + super(cipherName, blockLen); + this.macName = macName; + } + + protected PBES2(String cipherName, String macName) + { + super(cipherName); + this.macName = macName; + } + + // Instance methods + // ------------------------------------------------------------------------- + + protected void engineInit(int opmode, Key key, SecureRandom random) + throws InvalidKeyException + { + if (!(key instanceof PBEKey)) + throw new InvalidKeyException("not a PBE key"); + + super.engineInit(opmode, genkey((PBEKey) key), random); + } + + protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + if (!(key instanceof PBEKey)) + throw new InvalidKeyException("not a PBE key"); + + super.engineInit(opmode, genkey((PBEKey) key), params, random); + } + + protected void engineInit(int opmode, Key key, AlgorithmParameters params, + SecureRandom random) throws InvalidKeyException, + InvalidAlgorithmParameterException + { + if (!(key instanceof PBEKey)) + throw new InvalidKeyException("not a PBE key"); + + super.engineInit(opmode, genkey((PBEKey) key), params, random); + } + + private SecretKeySpec genkey(PBEKey key) throws InvalidKeyException + { + IRandom kdf = PRNGFactory.getInstance("PBKDF2-" + macName); + if (kdf == null) + { + throw new IllegalArgumentException("no such KDF: PBKDF2-" + macName); + } + HashMap attrib = new HashMap(); + attrib.put(IPBE.ITERATION_COUNT, new Integer(key.getIterationCount())); + attrib.put(IPBE.PASSWORD, key.getPassword()); + attrib.put(IPBE.SALT, key.getSalt()); + try + { + kdf.init(attrib); + } + catch (IllegalArgumentException iae) + { + throw new InvalidKeyException(iae.toString()); + } + byte[] dk = new byte[mode.defaultKeySize()]; + try + { + kdf.nextBytes(dk, 0, dk.length); + } + catch (LimitReachedException shouldNotHappen) + { + // throw new Error(shouldNotHappen); + throw new Error(String.valueOf(shouldNotHappen)); + } + return new SecretKeySpec(dk, cipher.name()); + } + + // Inner classe(s) + // ========================================================================= + + public static class HMacSHA1 extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacSHA1(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-SHA1"); + } + + public HMacSHA1(String cipher) + { + super(cipher, "HMAC-SHA1"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacSHA1 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacSHA1 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacSHA1 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacSHA1 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacSHA1 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacSHA1 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacSHA1 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacSHA1 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacSHA1 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacSHA1 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacMD5 extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacMD5(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-MD5"); + } + + public HMacMD5(String cipher) + { + super(cipher, "HMAC-MD5"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacMD5 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacMD5 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacMD5 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacMD5 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacMD5 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacMD5 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacMD5 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacMD5 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacMD5 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacMD5 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacMD2 extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacMD2(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-MD2"); + } + + public HMacMD2(String cipher) + { + super(cipher, "HMAC-MD2"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacMD2 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacMD2 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacMD2 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacMD2 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacMD2 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacMD2 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacMD2 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacMD2 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacMD2 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacMD2 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacMD4 extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacMD4(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-MD4"); + } + + public HMacMD4(String cipher) + { + super(cipher, "HMAC-MD4"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacMD4 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacMD4 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacMD4 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacMD4 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacMD4 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacMD4 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacMD4 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacMD4 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacMD4 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacMD4 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacHaval extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacHaval(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-HAVAL"); + } + + public HMacHaval(String cipher) + { + super(cipher, "HMAC-HAVAL"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacHaval + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacHaval + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacHaval + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacHaval + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacHaval + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacHaval + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacHaval + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacHaval + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacHaval + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacHaval + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacRipeMD128 extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacRipeMD128(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-RIPEMD128"); + } + + public HMacRipeMD128(String cipher) + { + super(cipher, "HMAC-RIPEMD128"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacRipeMD128 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacRipeMD128 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacRipeMD128 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacRipeMD128 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacRipeMD128 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacRipeMD128 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacRipeMD128 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacRipeMD128 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacRipeMD128 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacRipeMD128 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacRipeMD160 extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacRipeMD160(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-RIPEMD160"); + } + + public HMacRipeMD160(String cipher) + { + super(cipher, "HMAC-RIPEMD160"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacRipeMD160 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacRipeMD160 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacRipeMD160 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacRipeMD160 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacRipeMD160 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacRipeMD160 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacRipeMD160 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacRipeMD160 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacRipeMD160 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacRipeMD160 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacSHA256 extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacSHA256(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-SHA-256"); + } + + public HMacSHA256(String cipher) + { + super(cipher, "HMAC-SHA-256"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacSHA256 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacSHA256 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacSHA256 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacSHA256 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacSHA256 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacSHA256 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacSHA256 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacSHA256 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacSHA256 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacSHA256 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacSHA384 extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacSHA384(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-SHA-384"); + } + + public HMacSHA384(String cipher) + { + super(cipher, "HMAC-SHA-384"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacSHA384 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacSHA384 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacSHA384 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacSHA384 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacSHA384 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacSHA384 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacSHA384 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacSHA384 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacSHA384 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacSHA384 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacSHA512 extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacSHA512(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-SHA-512"); + } + + public HMacSHA512(String cipher) + { + super(cipher, "HMAC-SHA-512"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacSHA512 + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacSHA512 + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacSHA512 + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacSHA512 + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacSHA512 + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacSHA512 + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacSHA512 + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacSHA512 + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacSHA512 + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacSHA512 + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacTiger extends PBES2 + { + + // Constructor(s) + // --------------------------------------------------------------------- + + public HMacTiger(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-TIGER"); + } + + public HMacTiger(String cipher) + { + super(cipher, "HMAC-TIGER"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacTiger + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacTiger + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacTiger + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacTiger + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacTiger + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacTiger + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacTiger + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacTiger + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacTiger + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacTiger + { + public Twofish() + { + super("Twofish"); + } + } + } + + public static class HMacWhirlpool extends PBES2 + { + + // Constructor(s) + // ---------------------------------------------------------------------- + + public HMacWhirlpool(String cipher, int blockLen) + { + super(cipher, blockLen, "HMAC-WHIRLPOOL"); + } + + public HMacWhirlpool(String cipher) + { + super(cipher, "HMAC-WHIRLPOOL"); + } + + // Inner classe(s) + // ====================================================================== + + public static class AES extends HMacWhirlpool + { + public AES() + { + super("AES"); + } + } + + public static class Anubis extends HMacWhirlpool + { + public Anubis() + { + super("Anubis"); + } + } + + public static class Blowfish extends HMacWhirlpool + { + public Blowfish() + { + super("Blowfish"); + } + } + + public static class Cast5 extends HMacWhirlpool + { + public Cast5() + { + super("Cast5"); + } + } + + public static class DES extends HMacWhirlpool + { + public DES() + { + super("DES"); + } + } + + public static class Khazad extends HMacWhirlpool + { + public Khazad() + { + super("Khazad"); + } + } + + public static class Serpent extends HMacWhirlpool + { + public Serpent() + { + super("Serpent"); + } + } + + public static class Square extends HMacWhirlpool + { + public Square() + { + super("Square"); + } + } + + public static class TripleDES extends HMacWhirlpool + { + public TripleDES() + { + super("TripleDES"); + } + } + + public static class Twofish extends HMacWhirlpool + { + public Twofish() + { + super("Twofish"); + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java new file mode 100644 index 0000000..1a67f93 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/RijndaelSpi.java @@ -0,0 +1,59 @@ +/* RijndaelSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Rijndael Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class RijndaelSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public RijndaelSpi() + { + super(Registry.RIJNDAEL_CIPHER, 16); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java new file mode 100644 index 0000000..394a0ce --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/SerpentSpi.java @@ -0,0 +1,59 @@ +/* SerpentSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Serpent Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class SerpentSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public SerpentSpi() + { + super(Registry.SERPENT_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java new file mode 100644 index 0000000..bb59cd2 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/SquareSpi.java @@ -0,0 +1,59 @@ +/* SquareSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Square Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class SquareSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public SquareSpi() + { + super(Registry.SQUARE_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java new file mode 100644 index 0000000..cec30f6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/TripleDESSpi.java @@ -0,0 +1,59 @@ +/* TripleDESSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Triple-DES Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class TripleDESSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public TripleDESSpi() + { + super(Registry.TRIPLEDES_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java b/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java new file mode 100644 index 0000000..34f2d95 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/cipher/TwofishSpi.java @@ -0,0 +1,59 @@ +/* TwofishSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.cipher; + +import gnu.java.security.Registry; + +/** + * The implementation of the Twofish Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class TwofishSpi extends CipherAdapter +{ + + // Constructors. + // -------------------------------------------------------------------- + + public TwofishSpi() + { + super(Registry.TWOFISH_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java new file mode 100644 index 0000000..e8d7788 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisKeyGeneratorImpl.java @@ -0,0 +1,53 @@ +/* AnubisKeyGeneratorImpl.java -- Anubis key generator. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class AnubisKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public AnubisKeyGeneratorImpl () + { + super (Registry.ANUBIS_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java new file mode 100644 index 0000000..f9725ea --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java @@ -0,0 +1,53 @@ +/* AnubisSecretKeyFactoryImpl.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class AnubisSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public AnubisSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java new file mode 100644 index 0000000..a0e687a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishKeyGeneratorImpl.java @@ -0,0 +1,53 @@ +/* BlowfishKeyGeneratorImpl.java -- Blowfish key generator. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class BlowfishKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public BlowfishKeyGeneratorImpl () + { + super (Registry.BLOWFISH_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java new file mode 100644 index 0000000..4b3620b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java @@ -0,0 +1,53 @@ +/* BlowfishSecretKeyFactoryImpl.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class BlowfishSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public BlowfishSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java new file mode 100644 index 0000000..18d26e6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5KeyGeneratorImpl.java @@ -0,0 +1,53 @@ +/* Cast5KeyGeneratorImpl.java -- CAST-5 key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class Cast5KeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public Cast5KeyGeneratorImpl () + { + super (Registry.CAST5_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java new file mode 100644 index 0000000..4bd3171 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java @@ -0,0 +1,53 @@ +/* Cast5SecretKeyFactoryImpl.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class Cast5SecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public Cast5SecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java new file mode 100644 index 0000000..19c5465 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESKeyGeneratorImpl.java @@ -0,0 +1,73 @@ +/* DESKeyGeneratorImpl.java -- DES key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.DES; + +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +public class DESKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public DESKeyGeneratorImpl () + { + super (Registry.DES_CIPHER); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected SecretKey engineGenerateKey () + { + if (!init) + throw new IllegalStateException ("not initialized"); + byte[] buf = new byte [currentKeySize]; + do + { + random.nextBytes (buf); + } + while (DES.isWeak (buf) || DES.isSemiWeak (buf)); + DES.adjustParity (buf, 0); + return new SecretKeySpec (buf, algorithm); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java new file mode 100644 index 0000000..e0f1c58 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESSecretKeyFactoryImpl.java @@ -0,0 +1,80 @@ +/* DESSecretKeyFactoryImpl.java -- DES key factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.spec.DESKeySpec; +import javax.crypto.spec.SecretKeySpec; + +public class DESSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + + public DESSecretKeyFactoryImpl() + { + } + + protected SecretKey engineGenerateSecret (KeySpec spec) + throws InvalidKeySpecException + { + if (spec instanceof DESKeySpec) + return new SecretKeySpec (((DESKeySpec) spec).getKey(), "DES"); + return super.engineGenerateSecret (spec); + } + + protected KeySpec engineGetKeySpec (SecretKey key, Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom (DESKeySpec.class)) + try + { + return new DESKeySpec (key.getEncoded()); + } + catch (InvalidKeyException ike) + { + InvalidKeySpecException ikse = new InvalidKeySpecException + ("can't create DES key spec"); + ikse.initCause (ike); + throw ikse; + } + return super.engineGetKeySpec (key, spec); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java new file mode 100644 index 0000000..15e1099 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/DESedeSecretKeyFactoryImpl.java @@ -0,0 +1,80 @@ +/* DESedeSecretKeyFactoryImpl.java -- DESede key factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.spec.DESedeKeySpec; +import javax.crypto.spec.SecretKeySpec; + +public class DESedeSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + + public DESedeSecretKeyFactoryImpl() + { + } + + protected SecretKey engineGenerateSecret (KeySpec spec) + throws InvalidKeySpecException + { + if (spec instanceof DESedeKeySpec) + return new SecretKeySpec (((DESedeKeySpec) spec).getKey(), "DESede"); + return super.engineGenerateSecret (spec); + } + + protected KeySpec engineGetKeySpec (SecretKey key, Class spec) + throws InvalidKeySpecException + { + if (spec.equals (DESedeKeySpec.class)) + try + { + return new DESedeKeySpec (key.getEncoded()); + } + catch (InvalidKeyException ike) + { + InvalidKeySpecException ikse = new InvalidKeySpecException + ("can't create DESede key spec"); + ikse.initCause (ike); + throw ikse; + } + return super.engineGetKeySpec (key, spec); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java new file mode 100644 index 0000000..c01391e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* KhazadKeyGeneratorImpl.java -- Khazad key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class KhazadKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public KhazadKeyGeneratorImpl () + { + super (Registry.KHAZAD_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java new file mode 100644 index 0000000..c86e011 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java @@ -0,0 +1,52 @@ +/* KhazadSecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class KhazadSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public KhazadSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java new file mode 100644 index 0000000..535e573 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* RijndaelKeyGeneratorImpl.java -- Rijndael key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class RijndaelKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public RijndaelKeyGeneratorImpl () + { + super (Registry.RIJNDAEL_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java new file mode 100644 index 0000000..4aab584 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java @@ -0,0 +1,52 @@ +/* RijndaelSecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class RijndaelSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public RijndaelSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java new file mode 100644 index 0000000..72defe1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyFactoryImpl.java @@ -0,0 +1,87 @@ +/* SecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public abstract class SecretKeyFactoryImpl extends SecretKeyFactorySpi +{ + + protected SecretKeyFactoryImpl() + { + } + + protected SecretKey engineGenerateSecret (KeySpec spec) + throws InvalidKeySpecException + { + if (spec instanceof SecretKeySpec) + return (SecretKey) spec; + throw new InvalidKeySpecException ("unknown key spec: " + + spec.getClass().getName()); + } + + protected KeySpec engineGetKeySpec (SecretKey key, Class spec) + throws InvalidKeySpecException + { + if (spec.equals (SecretKeySpec.class)) + { + if (key instanceof SecretKeySpec) + return (KeySpec) key; + else + return new SecretKeySpec (key.getEncoded(), key.getAlgorithm()); + } + throw new InvalidKeySpecException ("unsupported key spec: " + + spec.getName()); + } + + protected SecretKey engineTranslateKey (SecretKey key) + throws InvalidKeyException + { + if (!"RAW".equals (key.getFormat())) + throw new InvalidKeyException ("only raw keys are supported"); + + // SecretKeySpec is good enough for our purposes. + return new SecretKeySpec (key.getEncoded(), key.getAlgorithm()); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java new file mode 100644 index 0000000..0a62655 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SecretKeyGeneratorImpl.java @@ -0,0 +1,120 @@ +/* SecretKeyGeneratorImpl.java -- symmetric key pair generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; + +import javax.crypto.KeyGeneratorSpi; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +public class SecretKeyGeneratorImpl extends KeyGeneratorSpi +{ + + // Fields. + // ------------------------------------------------------------------------- + + protected final int defaultKeySize; + protected final List keySizes; + protected final String algorithm; + protected boolean init; + protected int currentKeySize; + protected SecureRandom random; + + // Constructors. + // ------------------------------------------------------------------------- + + protected SecretKeyGeneratorImpl (final String algorithm) + { + this.algorithm = algorithm; + IBlockCipher cipher = CipherFactory.getInstance (algorithm); + if (cipher == null) + throw new IllegalArgumentException ("no such cipher: "+algorithm); + defaultKeySize = cipher.defaultKeySize (); + keySizes = new LinkedList(); + for (Iterator it = cipher.keySizes (); it.hasNext (); ) + { + keySizes.add (it.next ()); + } + init = false; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected SecretKey engineGenerateKey () + { + if (!init) + throw new IllegalStateException ("not initialized"); + byte[] buf = new byte [currentKeySize]; + random.nextBytes (buf); + return new SecretKeySpec (buf, algorithm); + } + + protected void engineInit (AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException (algorithm + + " does not support algorithm paramaters"); + } + + protected void engineInit (int keySize, SecureRandom random) + { + keySize >>>= 3; // Use bytes. + if (!keySizes.contains (new Integer (keySize))) + throw new InvalidParameterException ("unsupported key size: " + keySize); + currentKeySize = keySize; + this.random = random; + init = true; + } + + protected void engineInit (SecureRandom random) + { + engineInit (defaultKeySize << 3, random); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java new file mode 100644 index 0000000..766860a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* SerpentKeyGeneratorImpl.java -- Serpent key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class SerpentKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public SerpentKeyGeneratorImpl () + { + super (Registry.SERPENT_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java new file mode 100644 index 0000000..6e80671 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java @@ -0,0 +1,52 @@ +/* SerpentSecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class SerpentSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public SerpentSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java new file mode 100644 index 0000000..4bfbeb6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SquareKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* SquareKeyGeneratorImpl.java -- Square key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class SquareKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public SquareKeyGeneratorImpl () + { + super (Registry.SQUARE_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java new file mode 100644 index 0000000..d1d5d55 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java @@ -0,0 +1,52 @@ +/* SquareSecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class SquareSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public SquareSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java new file mode 100644 index 0000000..eb423fc --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/TripleDESKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* TripleDESKeyGeneratorImpl.java -- TripleDES key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class TripleDESKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public TripleDESKeyGeneratorImpl () + { + super (Registry.TRIPLEDES_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java new file mode 100644 index 0000000..ae7e22f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishKeyGeneratorImpl.java @@ -0,0 +1,52 @@ +/* TwofishKeyGeneratorImpl.java -- Twofish key generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import gnu.java.security.Registry; + +public class TwofishKeyGeneratorImpl extends SecretKeyGeneratorImpl +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public TwofishKeyGeneratorImpl () + { + super (Registry.TWOFISH_CIPHER); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java new file mode 100644 index 0000000..e6ca80b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java @@ -0,0 +1,52 @@ +/* TwofishSecretKeyFactoryImpl.java -- simple byte array-wrapping factory. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.javax.crypto.jce.key; + +import java.security.InvalidKeyException; +import java.security.spec.InvalidKeySpecException; + +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactorySpi; +import javax.crypto.spec.SecretKeySpec; + +public class TwofishSecretKeyFactoryImpl extends SecretKeyFactoryImpl +{ + public TwofishSecretKeyFactoryImpl() + { + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java b/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java new file mode 100644 index 0000000..d74d386 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/keyring/GnuKeyring.java @@ -0,0 +1,413 @@ +/* GnuKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.keyring; + +import java.io.BufferedInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +import java.security.Key; +import java.security.KeyStoreSpi; +import java.security.KeyStoreException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; + +import java.util.Arrays; +import java.util.Date; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.NoSuchElementException; + +import javax.crypto.SecretKey; + +import gnu.java.security.Registry; +import gnu.javax.crypto.keyring.IKeyring; +import gnu.javax.crypto.keyring.IPrivateKeyring; +import gnu.javax.crypto.keyring.IPublicKeyring; +import gnu.javax.crypto.keyring.GnuPrivateKeyring; +import gnu.javax.crypto.keyring.GnuPublicKeyring; +import gnu.javax.crypto.keyring.MalformedKeyringException; +import gnu.javax.crypto.keyring.PrimitiveEntry; + +public class GnuKeyring extends KeyStoreSpi +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + private boolean loaded; + + private IKeyring keyring; + + // Constructor. + // ------------------------------------------------------------------------ + + public GnuKeyring() + { + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public Enumeration engineAliases() + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return new Enumeration() + { + public boolean hasMoreElements() + { + return false; + } + + public Object nextElement() + { + throw new NoSuchElementException(); + } + }; + } + return keyring.aliases(); + } + + public boolean engineContainsAlias(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return false; + } + return keyring.containsAlias(alias); + } + + public void engineDeleteEntry(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring != null) + { + keyring.remove(alias); + } + } + + public Certificate engineGetCertificate(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return null; + } + if (!(keyring instanceof IPublicKeyring)) + { + throw new IllegalStateException("not a public keyring"); + } + return ((IPublicKeyring) keyring).getCertificate(alias); + } + + public String engineGetCertificateAlias(Certificate cert) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return null; + } + if (!(keyring instanceof IPublicKeyring)) + { + throw new IllegalStateException("not a public keyring"); + } + Enumeration aliases = keyring.aliases(); + while (aliases.hasMoreElements()) + { + String alias = (String) aliases.nextElement(); + Certificate cert2 = ((IPublicKeyring) keyring).getCertificate(alias); + if (cert.equals(cert2)) + { + return alias; + } + } + return null; + } + + public void engineSetCertificateEntry(String alias, Certificate cert) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + keyring = new GnuPublicKeyring("HMAC-SHA-1", 20); + } + if (!(keyring instanceof IPublicKeyring)) + { + throw new IllegalStateException("not a public keyring"); + } + ((IPublicKeyring) keyring).putCertificate(alias, cert); + } + + public Certificate[] engineGetCertificateChain(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return null; + } + if (!(keyring instanceof IPrivateKeyring)) + { + throw new IllegalStateException("not a private keyring"); + } + return ((IPrivateKeyring) keyring).getCertPath(alias); + } + + public Date engineGetCreationDate(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return null; + } + List entries = keyring.get(alias); + if (entries.size() == 0) + { + return null; + } + for (Iterator it = entries.iterator(); it.hasNext();) + { + Object o = it.next(); + if (o instanceof PrimitiveEntry) + { + return ((PrimitiveEntry) o).getCreationDate(); + } + } + return null; + } + + public Key engineGetKey(String alias, char[] password) + throws UnrecoverableKeyException + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return null; + } + if (!(keyring instanceof IPrivateKeyring)) + { + throw new IllegalStateException("not a private keyring"); + } + if (password == null) + { + if (((IPrivateKeyring) keyring).containsPublicKey(alias)) + { + return ((IPrivateKeyring) keyring).getPublicKey(alias); + } + } + if (((IPrivateKeyring) keyring).containsPrivateKey(alias)) + { + return ((IPrivateKeyring) keyring).getPrivateKey(alias, password); + } + return null; + } + + public void engineSetKeyEntry(String alias, Key key, char[] password, + Certificate[] chain) throws KeyStoreException + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + keyring = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16); + } + if (!(keyring instanceof IPrivateKeyring)) + { + throw new IllegalStateException("not a private keyring"); + } + if (key instanceof PublicKey) + { + ((IPrivateKeyring) keyring).putPublicKey(alias, (PublicKey) key); + return; + } + if (!(key instanceof PrivateKey) && !(key instanceof SecretKey)) + { + throw new KeyStoreException("cannot store keys of type " + + key.getClass().getName()); + } + try + { + CertificateFactory fact = CertificateFactory.getInstance("X.509"); + ((IPrivateKeyring) keyring).putCertPath(alias, chain); + } + catch (CertificateException ce) + { + throw new KeyStoreException(ce.toString()); + } + ((IPrivateKeyring) keyring).putPrivateKey(alias, key, password); + } + + public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) + throws KeyStoreException + { + throw new KeyStoreException("method not supported"); + } + + public boolean engineIsCertificateEntry(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return false; + } + if (!(keyring instanceof IPublicKeyring)) + { + return false; + } + return ((IPublicKeyring) keyring).containsCertificate(alias); + } + + public boolean engineIsKeyEntry(String alias) + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return false; + } + if (!(keyring instanceof IPrivateKeyring)) + { + return false; + } + return ((IPrivateKeyring) keyring).containsPublicKey(alias) + || ((IPrivateKeyring) keyring).containsPrivateKey(alias); + } + + public void engineLoad(InputStream in, char[] password) throws IOException + { + if (in != null) + { + if (!in.markSupported()) + { + in = new BufferedInputStream(in); + } + in.mark(5); + for (int i = 0; i < 4; i++) + if (in.read() != Registry.GKR_MAGIC[i]) + throw new MalformedKeyringException("incorrect magic"); + int usage = in.read(); + in.reset(); + HashMap attr = new HashMap(); + attr.put(IKeyring.KEYRING_DATA_IN, in); + attr.put(IKeyring.KEYRING_PASSWORD, password); + switch (usage) + { + case GnuPublicKeyring.USAGE: + keyring = new GnuPublicKeyring(); + break; + case GnuPrivateKeyring.USAGE: + keyring = new GnuPrivateKeyring(); + break; + default: + throw new MalformedKeyringException("unsupported ring usage: " + + Integer.toBinaryString(usage)); + } + keyring.load(attr); + } + loaded = true; + } + + public void engineStore(OutputStream out, char[] password) throws IOException + { + if (!loaded || keyring == null) + { + throw new IllegalStateException ("not loaded"); + } + HashMap attr = new HashMap(); + attr.put(IKeyring.KEYRING_DATA_OUT, out); + attr.put(IKeyring.KEYRING_PASSWORD, password); + keyring.store(attr); + } + + public int engineSize() + { + if (!loaded) + { + throw new IllegalStateException ("not loaded"); + } + if (keyring == null) + { + return 0; + } + return keyring.size(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java new file mode 100644 index 0000000..df1319c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacHavalSpi.java @@ -0,0 +1,67 @@ +/* HMacHavalSpi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-HAVAL Service Provider Interface + * (SPI) Adapter. + * + * @version Revision: $ + */ +public class HMacHavalSpi extends MacAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public HMacHavalSpi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.HAVAL_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java new file mode 100644 index 0000000..935f5e5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD2Spi.java @@ -0,0 +1,59 @@ +/* HMacMD2Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-MD2 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacMD2Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacMD2Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.MD2_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java new file mode 100644 index 0000000..49507a6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD4Spi.java @@ -0,0 +1,59 @@ +/* HMacMD4Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-MD4 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacMD4Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacMD4Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.MD4_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java new file mode 100644 index 0000000..3bc0fea --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacMD5Spi.java @@ -0,0 +1,59 @@ +/* HMacMD5Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-MD5 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacMD5Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacMD5Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.MD5_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java new file mode 100644 index 0000000..6a57e6c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD128Spi.java @@ -0,0 +1,59 @@ +/* HMacRipeMD128Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-RIPEMD-128 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacRipeMD128Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacRipeMD128Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.RIPEMD128_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java new file mode 100644 index 0000000..a47e1a5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacRipeMD160Spi.java @@ -0,0 +1,59 @@ +/* HMacRipeMD160Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-RIPEMD-160 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacRipeMD160Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacRipeMD160Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.RIPEMD160_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java new file mode 100644 index 0000000..e251dc3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA160Spi.java @@ -0,0 +1,59 @@ +/* HMacSHA160Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-SHA-160 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacSHA160Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacSHA160Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.SHA160_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java new file mode 100644 index 0000000..7caa260 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA256Spi.java @@ -0,0 +1,67 @@ +/* HMacSHA256Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; +import gnu.java.security.Registry; + +/** + *

The implementation of the HMAC-SHA-256 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public final class HMacSHA256Spi extends MacAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ----------------------------------------------------------------------- + + public HMacSHA256Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.SHA256_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java new file mode 100644 index 0000000..d3e454b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA384Spi.java @@ -0,0 +1,67 @@ +/* HMacSHA384Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; +import gnu.java.security.Registry; + +/** + *

The implementation of the HMAC-SHA-384 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class HMacSHA384Spi extends MacAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ----------------------------------------------------------------------- + + public HMacSHA384Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.SHA384_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java new file mode 100644 index 0000000..f02267c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacSHA512Spi.java @@ -0,0 +1,67 @@ +/* HMacSHA512Spi.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; +import gnu.java.security.Registry; + +/** + *

The implementation of the HMAC-SHA-512 Service Provider Interface + * (SPI) adapter.

+ * + * @version $Revision: 1.1 $ + */ +public class HMacSHA512Spi extends MacAdapter +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ----------------------------------------------------------------------- + + public HMacSHA512Spi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.SHA512_HASH); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java new file mode 100644 index 0000000..e4eb26c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacTigerSpi.java @@ -0,0 +1,59 @@ +/* HMacTigerSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the Tiger Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacTigerSpi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacTigerSpi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.TIGER_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java new file mode 100644 index 0000000..8e2ef6d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/HMacWhirlpoolSpi.java @@ -0,0 +1,59 @@ +/* HMacWhirlpoolSpi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the HMAC-Whirlpool Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class HMacWhirlpoolSpi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public HMacWhirlpoolSpi() + { + super(Registry.HMAC_NAME_PREFIX + Registry.WHIRLPOOL_HASH); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java b/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java new file mode 100644 index 0000000..c323413 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/MacAdapter.java @@ -0,0 +1,156 @@ +/* MacAdapter.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; +import java.util.Map; +import javax.crypto.MacSpi; + +/** + *

The implementation of a generic {@link javax.crypto.Mac} adapter class + * to wrap GNU Crypto MAC instances.

+ * + *

This class defines the Service Provider Interface (SPI) for + * the {@link javax.crypto.Mac} class, which provides the functionality of a + * message authentication code algorithm, such as the Hashed Message + * Authentication Code (HMAC) algorithms.

+ * + * @version $Revision: 1.2 $ + */ +class MacAdapter extends MacSpi implements Cloneable +{ + + // Constants and variables + // ----------------------------------------------------------------------- + + /** Our MAC instance. */ + protected IMac mac; + + /** Our MAC attributes. */ + protected Map attributes; + + // Constructor(s) + // ----------------------------------------------------------------------- + + /** + *

Creates a new Mac instance for the given name.

+ * + * @param name The name of the mac to create. + */ + protected MacAdapter(String name) + { + mac = MacFactory.getInstance(name); + attributes = new HashMap(); + } + + /** + * Private constructor for cloning purposes. + * + * @param mac a clone of the internal {@link IMac} instance. + * @param attributes a clone of the current {@link Map} of attributes. + */ + private MacAdapter(IMac mac, Map attributes) + { + super(); + + this.mac = mac; + this.attributes = attributes; + } + + // Class methods + // ----------------------------------------------------------------------- + + // Instance methods + // ----------------------------------------------------------------------- + + // Cloneable interface implementation ------------------------------------ + + public Object clone() throws CloneNotSupportedException + { + return new MacAdapter((IMac) mac.clone(), new HashMap(attributes)); + } + + // Instance methods implementing javax.crypto.MacSpi --------------------- + + protected byte[] engineDoFinal() + { + byte[] result = mac.digest(); + engineReset(); + return result; + } + + protected int engineGetMacLength() + { + return mac.macSize(); + } + + protected void engineInit(Key key, AlgorithmParameterSpec params) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + if (!key.getFormat().equalsIgnoreCase("RAW")) + { + throw new InvalidKeyException("unknown key format " + key.getFormat()); + } + attributes.put(IMac.MAC_KEY_MATERIAL, key.getEncoded()); + mac.reset(); + mac.init(attributes); + } + + protected void engineReset() + { + mac.reset(); + } + + protected void engineUpdate(byte b) + { + mac.update(b); + } + + protected void engineUpdate(byte[] in, int off, int len) + { + mac.update(in, off, len); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java new file mode 100644 index 0000000..4bfda4f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacAnubisImpl.java @@ -0,0 +1,53 @@ +/* OMacAnubisImpl.java -- OMAC-ANUBIS adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacAnubisImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacAnubisImpl() + { + super(Registry.OMAC_PREFIX + Registry.ANUBIS_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java new file mode 100644 index 0000000..8d168e5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacBlowfishImpl.java @@ -0,0 +1,53 @@ +/* OMacBlowfishImpl.java -- OMAC-BLOWFISH adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacBlowfishImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacBlowfishImpl() + { + super(Registry.OMAC_PREFIX + Registry.BLOWFISH_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java new file mode 100644 index 0000000..3385d11 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacCast5Impl.java @@ -0,0 +1,53 @@ +/* OMacCast5Impl.java -- OMAC-CAST5 adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacCast5Impl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacCast5Impl() + { + super(Registry.OMAC_PREFIX + Registry.CAST5_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java new file mode 100644 index 0000000..3fb23bd --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacDESImpl.java @@ -0,0 +1,53 @@ +/* OMacDESImpl.java -- OMAC-DES adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacDESImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacDESImpl() + { + super(Registry.OMAC_PREFIX + Registry.DES_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java new file mode 100644 index 0000000..f91902a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacImpl.java @@ -0,0 +1,137 @@ +/* OMacImpl.java -- OMAC adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; +import javax.crypto.MacSpi; + +public abstract class OMacImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + protected OMacImpl(String name) + { + super(Registry.OMAC_PREFIX + name); + } + + // Inner classes. + // ------------------------------------------------------------------------- + + public class Anubis extends OMacImpl + { + public Anubis() + { + super(Registry.ANUBIS_CIPHER); + } + } + + public class Blowfish extends OMacImpl + { + public Blowfish() + { + super(Registry.BLOWFISH_CIPHER); + } + } + + public class Cast5 extends OMacImpl + { + public Cast5() + { + super(Registry.CAST5_CIPHER); + } + } + + public class DES extends OMacImpl + { + public DES() + { + super(Registry.DES_CIPHER); + } + } + + public class Khazad extends OMacImpl + { + public Khazad() + { + super(Registry.KHAZAD_CIPHER); + } + } + + public class Rijndael extends OMacImpl + { + public Rijndael() + { + super(Registry.RIJNDAEL_CIPHER); + } + } + + public class Serpent extends OMacImpl + { + public Serpent() + { + super(Registry.SERPENT_CIPHER); + } + } + + public class Square extends OMacImpl + { + public Square() + { + super(Registry.SQUARE_CIPHER); + } + } + + public class TripleDES extends OMacImpl + { + public TripleDES() + { + super(Registry.TRIPLEDES_CIPHER); + } + } + + public class Twofish extends OMacImpl + { + public Twofish() + { + super(Registry.TWOFISH_CIPHER); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java new file mode 100644 index 0000000..82c047c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacKhazadImpl.java @@ -0,0 +1,53 @@ +/* OMacKhazadImpl.java -- OMAC-KHAZAD adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacKhazadImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacKhazadImpl() + { + super(Registry.OMAC_PREFIX + Registry.KHAZAD_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java new file mode 100644 index 0000000..47d3f6a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacRijndaelImpl.java @@ -0,0 +1,53 @@ +/* OMacRijndaelImpl.java -- OMAC-RIJNDAEL adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacRijndaelImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacRijndaelImpl() + { + super(Registry.OMAC_PREFIX + Registry.RIJNDAEL_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java new file mode 100644 index 0000000..bec2c1f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSerpentImpl.java @@ -0,0 +1,53 @@ +/* OMacSerpentImpl.java -- OMAC-SERPENT adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacSerpentImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacSerpentImpl() + { + super(Registry.OMAC_PREFIX + Registry.SERPENT_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java new file mode 100644 index 0000000..0442b7c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacSquareImpl.java @@ -0,0 +1,53 @@ +/* OMacSquareImpl.java -- OMAC-SQUARE adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacSquareImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacSquareImpl() + { + super(Registry.OMAC_PREFIX + Registry.SQUARE_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java new file mode 100644 index 0000000..0defdd1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTripleDESImpl.java @@ -0,0 +1,53 @@ +/* OMacTripleDESImpl.java -- OMAC-TRIPLEDES adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacTripleDESImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacTripleDESImpl() + { + super(Registry.OMAC_PREFIX + Registry.TRIPLEDES_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java new file mode 100644 index 0000000..a12f9f3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/OMacTwofishImpl.java @@ -0,0 +1,53 @@ +/* OMacTwofishImpl.java -- OMAC-TWOFISH adapter. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +public class OMacTwofishImpl extends MacAdapter +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public OMacTwofishImpl() + { + super(Registry.OMAC_PREFIX + Registry.TWOFISH_CIPHER); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java new file mode 100644 index 0000000..0a42222 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/TMMH16Spi.java @@ -0,0 +1,91 @@ +/* TMMH16Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; +import gnu.javax.crypto.mac.TMMH16; +import gnu.javax.crypto.jce.spec.TMMHParameterSpec; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.spec.AlgorithmParameterSpec; + +/** + * The implementation of the TMMH16 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class TMMH16Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public TMMH16Spi() + { + super(Registry.TMMH16); + } + + // Instance methods overriding MacAdapter. + // ----------------------------------------------------------------------- + + protected void engineInit(Key key, AlgorithmParameterSpec params) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + if (!(params instanceof TMMHParameterSpec)) + { + throw new InvalidAlgorithmParameterException(); + } + TMMHParameterSpec spec = (TMMHParameterSpec) params; + attributes.put(TMMH16.TAG_LENGTH, spec.getTagLength()); + attributes.put(TMMH16.KEYSTREAM, spec.getKeystream()); + attributes.put(TMMH16.PREFIX, spec.getPrefix()); + try + { + mac.reset(); + mac.init(attributes); + } + catch (IllegalArgumentException iae) + { + throw new InvalidAlgorithmParameterException(iae.getMessage()); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java new file mode 100644 index 0000000..a24b8e5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/UHash32Spi.java @@ -0,0 +1,59 @@ +/* UHash32Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; + +/** + * The implementation of the UHash-32 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class UHash32Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public UHash32Spi() + { + super(Registry.UHASH32); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java b/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java new file mode 100644 index 0000000..52c58f3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/mac/UMac32Spi.java @@ -0,0 +1,91 @@ +/* UMac32Spi.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.mac; + +import gnu.java.security.Registry; +import gnu.javax.crypto.mac.UMac32; +import gnu.javax.crypto.jce.spec.UMac32ParameterSpec; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.spec.AlgorithmParameterSpec; + +/** + * The implementation of the UMAC-32 Service Provider Interface + * (SPI) adapter. + * + * @version $Revision: 1.1 $ + */ +public final class UMac32Spi extends MacAdapter +{ + + // Constructors. + // ----------------------------------------------------------------------- + + public UMac32Spi() + { + super(Registry.UMAC32); + } + + // Instance methods overriding MacAdapter. + // ----------------------------------------------------------------------- + + protected void engineInit(Key key, AlgorithmParameterSpec params) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + if (!(params instanceof UMac32ParameterSpec)) + { + throw new InvalidAlgorithmParameterException(); + } + if (params != null) + { + attributes.put(UMac32.NONCE_MATERIAL, + ((UMac32ParameterSpec) params).getNonce()); + } + try + { + super.engineInit(key, null); + } + catch (IllegalArgumentException iae) + { + throw new InvalidAlgorithmParameterException(iae.getMessage()); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java b/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java new file mode 100644 index 0000000..bae7cbf --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/params/BlockCipherParameters.java @@ -0,0 +1,209 @@ +/* BlockCipherParameters.java -- + Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.params; + +import gnu.javax.crypto.jce.spec.BlockCipherParameterSpec; + +import java.io.IOException; +import java.math.BigInteger; + +import java.security.AlgorithmParametersSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +/** + * An implementation of algorithm parameters for the GNU Crypto block + * ciphers. This encompasses the cipher's block size, its key size, and + * an optional initialization vector (IV). + */ +public class BlockCipherParameters extends AlgorithmParametersSpi +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** + * The underlying block cipher specification. + */ + protected BlockCipherParameterSpec cipherSpec; + + private static final String DEFAULT_FORMAT = "ASN.1"; + + // Instance methods implementing AlgorithmParametersSpi. + // ----------------------------------------------------------------------- + + /** + * Return these parameters encoded in ASN.1 (DER). + * + *

For GNU Crypto block ciphers we will define these parameters as + * + *

+ * 
BlockCipherParameters ::= SEQUENCE {
+   *   blockSize            INTEGER,
+   *   keySize              INTEGER,
+   *   initializationVector OCTET STRING OPTIONAL }
+ *
+ * + * @return The parameters, encoded an an ASN.1 DER sequence. + * @throws java.io.IOException If encoding these parameters fails. + */ + protected byte[] engineGetEncoded() throws IOException + { + return engineGetEncoded(DEFAULT_FORMAT); + } + + protected byte[] engineGetEncoded(String format) throws IOException + { + if (!format.equalsIgnoreCase(DEFAULT_FORMAT) + && !format.equalsIgnoreCase("asn1")) + { + throw new IOException("unknown format \"" + format + "\""); + } + // This is probably a bad idea. + /* + int len = 12 + ((cipherSpec.getIV() != null) + ? cipherSpec.getIV().length + 2 : 0); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + out.write(0x30); + out.write(len); + out.write(0x02); + out.write(4); + out.write(cipherSpec.getBlockSize() >>> 24 & 0xff); + out.write(cipherSpec.getBlockSize() >>> 16 & 0xff); + out.write(cipherSpec.getBlockSize() >>> 8 & 0xff); + out.write(cipherSpec.getBlockSize() & 0xff); + out.write(0x02); + out.write(4); + out.write(cipherSpec.getKeySize() >>> 24 & 0xff); + out.write(cipherSpec.getKeySize() >>> 16 & 0xff); + out.write(cipherSpec.getKeySize() >>> 8 & 0xff); + out.write(cipherSpec.getKeySize() & 0xff); + if (cipherSpec.getIV() != null) { + out.write(0x04); + len = cipherSpec.getIV().length; + out.write(len & 0xff); + out.write(cipherSpec.getIV()); + } + out.write(0); out.write(0); + return out.toByteArray();*/ + DERWriter writer = new DERWriter(); + return writer.joinarrays( + writer.writeBigInteger(BigInteger.valueOf(cipherSpec.getBlockSize())), + writer.writeBigInteger(BigInteger.valueOf(cipherSpec.getKeySize())), + (cipherSpec.getIV() != null) ? writer.writeBigInteger(new BigInteger( + cipherSpec.getIV())) + : new byte[0]); + } + + protected void engineInit(AlgorithmParameterSpec spec) + throws InvalidParameterSpecException + { + if (spec instanceof BlockCipherParameterSpec) + { + cipherSpec = (BlockCipherParameterSpec) spec; + } + else + { + throw new InvalidParameterSpecException(); + } + } + + protected void engineInit(byte[] encoded, String format) throws IOException + { + if (!format.equalsIgnoreCase(DEFAULT_FORMAT) + && !format.equalsIgnoreCase("ASN1")) + { + throw new IOException("invalid format: only accepts ASN.1"); + } + engineInit(encoded); + } + + protected void engineInit(byte[] encoded) throws IOException + { + // This is probably an equally bad idea. + /*if (encoded[0] != 0x30) { + throw new IOException("malformed ASN.1 sequence"); + } + if (encoded[2] != 0x02 || encoded[3] != 4) { + throw new IOException("malformed ASN.1 sequence"); + } + int blockSize = encoded[4] << 24 | encoded[5] << 16 + | encoded[6] << 8 | encoded[7]; + if (encoded[8] != 0x02 || encoded[9] != 4) { + throw new IOException("malformed ASN.1 sequence"); + } + int keySize = encoded[10] << 24 | encoded[11] << 16 + | encoded[12] << 8 | encoded[13]; + if (encoded[14] == 0x04) { + int len = encoded[15] & 0xff; + byte[] iv = new byte[len]; + System.arraycopy(encoded, 16, iv, 0, len); + cipherSpec = new BlockCipherParameterSpec(iv, blockSize, keySize); + } else if (encoded[14] == 0) { + cipherSpec = new BlockCipherParameterSpec(blockSize, keySize); + } else { + throw new IOException("malformed ASN.1 sequence"); + }*/ + DERReader reader = new DERReader(encoded); + int bs = reader.getBigInteger().intValue(); + int ks = reader.getBigInteger().intValue(); + byte[] iv = null; + if (reader.hasMorePrimitives()) + { + iv = reader.getBigInteger().toByteArray(); + } + cipherSpec = new BlockCipherParameterSpec(iv, bs, ks); + System.out.println(cipherSpec); + } + + protected AlgorithmParameterSpec engineGetParameterSpec(Class c) + throws InvalidParameterSpecException + { + if (c.isInstance(cipherSpec)) + { + return cipherSpec; + } + throw new InvalidParameterSpecException(); + } + + protected String engineToString() + { + return cipherSpec.toString(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java b/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java new file mode 100644 index 0000000..ddfa6e1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/params/DEREncodingException.java @@ -0,0 +1,53 @@ +/* DEREncodingException.java -- + Copyright (C) 1999, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.params; + +class DEREncodingException extends java.io.IOException +{ + + public DEREncodingException() + { + super(); + } + + public DEREncodingException(String msg) + { + super(msg); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java b/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java new file mode 100644 index 0000000..f614232 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/params/DERReader.java @@ -0,0 +1,160 @@ +/* DERReader.java -- + Copyright (C) 1999, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.params; + +import java.math.BigInteger; + +class DERReader +{ + byte source[]; + + int pos; + + static final int UNIVERSAL = 1; + + static final int APPLICATION = 2; + + static final int CONTEXT_SPECIFIC = 3; + + static final int PRIVATE = 4; + + public DERReader() + { + source = null; + pos = 0; + } + + public DERReader(byte source[]) + { + init(source); + } + + public void init(String source) + { + init(source.getBytes()); + } + + public void init(byte source[]) + { + this.source = source; + pos = 0; + } + + public boolean hasMorePrimitives() + { + return pos < source.length; + } + + public BigInteger getBigInteger() throws DEREncodingException + { + return new BigInteger(getPrimitive()); + } + + //Reads Primitive, definite-length method + private byte[] getPrimitive() throws DEREncodingException + { + int tmp = pos; + + //Read Identifier + byte identifier = source[tmp++]; + if ((0x20 & identifier) != 0) + throw new DEREncodingException(); + int type = translateLeadIdentifierByte(identifier); + //System.out.println("Type: " + type); + + //get tag + int tag = (0x1f & identifier); + //if( tag == 0x1f) + // tag = getIdentifier(tmp); + //System.out.println("Tag: " + tag); + + //get length + byte len = source[tmp]; //may be length of length parameter + long length = 0x7f & len; + int i; + if ((0x80 & len) != 0) + { + //System.out.println("Extra Long Length"); + len &= 0x7f; + //System.out.println("Length of Length: " + len); + //get length here + length = 0; + for (i = 0; i < len; i++) + { + tmp++; + length <<= 8; + length += (source[tmp] < 0) ? (256 + source[tmp]) : source[tmp]; + //System.out.println("Length of Length: " + length); + } + tmp++; + } + else + tmp++; + + /*System.out.println("Position: " + tmp); + System.out.println("Length: " + length); + for( i = 0; i < 10; i++) + System.out.print(source[tmp + i] + " "); + System.out.println();*/ + + byte tmpb[] = new byte[(int) length]; + System.arraycopy(source, tmp, tmpb, 0, (int) length); + pos = (int) (tmp + length); + return tmpb; + } + + private int translateLeadIdentifierByte(byte b) + { + if ((0x3f & b) == b) + return UNIVERSAL; + else if ((0x7f & b) == b) + return APPLICATION; + else if ((0xbf & b) == b) + return CONTEXT_SPECIFIC; + else + return PRIVATE; + } + + private int getIdentifier(int tpos) + { + while ((0x80 & source[tpos]) != 0) + tpos++; + return tpos; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java b/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java new file mode 100644 index 0000000..876c2cd --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/params/DERWriter.java @@ -0,0 +1,154 @@ +/* DERWriter.java -- + Copyright (C) 1999, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.params; + +import java.math.BigInteger; + +class DERWriter +{ + static final int UNIVERSAL = 1; + + static final int APPLICATION = 2; + + static final int CONTEXT_SPECIFIC = 3; + + static final int PRIVATE = 4; + + public DERWriter() + { + } + + public byte[] writeBigInteger(BigInteger i) + { + return writePrimitive(0x02, UNIVERSAL, + (int) Math.ceil((double) i.bitLength() / 8), + i.toByteArray()); + } + + private byte[] writePrimitive(int identifier, int identifierencoding, + int length, byte contents[]) + { + return joinarrays(generateIdentifier(identifier, identifierencoding), + generateLength(length), contents); + } + + public byte[] joinarrays(byte a[], byte b[]) + { + byte d[] = new byte[a.length + b.length]; + System.arraycopy(a, 0, d, 0, a.length); + System.arraycopy(b, 0, d, a.length, b.length); + return d; + } + + public byte[] joinarrays(byte a[], byte b[], byte c[]) + { + byte d[] = new byte[a.length + b.length + c.length]; + System.arraycopy(a, 0, d, 0, a.length); + System.arraycopy(b, 0, d, a.length, b.length); + System.arraycopy(c, 0, d, a.length + b.length, c.length); + return d; + } + + private byte[] generateIdentifier(int identifier, int identifierencoding) + { + byte b[]; + if (identifier > 31) + { + int count = (int) (Math.log(identifier) / Math.log(256)); + b = new byte[count + 1]; + b[0] = (byte) (translateLeadIdentifierByte(identifierencoding) | 0x1f); + int i; + for (i = 1; i < (count + 1); i++) + { + b[i] = (byte) (0x7f & (identifier >> (7 * (count - i)))); + b[i] |= 0x80; + } + b[i - 1] ^= 0x80; + //System.out.println("Identifier1: " + b[0]); + return b; + } + else + { + b = new byte[1]; + b[0] = (byte) ((translateLeadIdentifierByte(identifierencoding) | (byte) (identifier & 0x1f)) & 0xdf); + //System.out.println("Identifier2: " + b[0]); + return b; + } + } + + private byte translateLeadIdentifierByte(int b) + { + if (b == UNIVERSAL) + return (byte) 0x3f; + else if (b == APPLICATION) + return (byte) 0x7f; + else if (b == CONTEXT_SPECIFIC) + return (byte) 0xbf; + else + return (byte) 0xC0; + } + + private byte[] generateLength(int length) + { + byte b[]; + if (length > 127) + { + int count = (int) Math.ceil(Math.log(length) / Math.log(256)); + //System.out.println("Length byte count: " + count); + b = new byte[count + 1]; + b[0] = (byte) ((count & 0x7f) | 0x80); + for (int i = 1; i < (count + 1); i++) + { + b[i] = (byte) (length >>> (8 * (count - i))); + //System.out.println("Length1 byte1: " + (length >>> (8 * ( count - i) ))); + //System.out.println("Length1 byte2: " + b[i]); + } + + //System.out.println("Length1: " + length); + return b; + } + else + { + b = new byte[1]; + b[0] = (byte) (length & 0x7f); + //System.out.println("Length2: " + length); + return b; + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java new file mode 100644 index 0000000..0c07156 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java @@ -0,0 +1,120 @@ +/* ARCFourRandomSpi.java -- + Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.prng; + +import gnu.java.security.Registry; +import gnu.javax.crypto.prng.ARCFour; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.PRNGFactory; + +import java.security.SecureRandomSpi; +import java.util.HashMap; + +/** + * Implementation of the Service Provider Interface (SPI) + * for the ARCFOUR keystream generator. + */ +public class ARCFourRandomSpi extends SecureRandomSpi +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Our underlying prng instance. */ + private IRandom adaptee; + + /** Have we been initialized? */ + private boolean virgin; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Default 0-arguments constructor. + */ + public ARCFourRandomSpi() + { + super(); + adaptee = PRNGFactory.getInstance(Registry.ARCFOUR_PRNG); + virgin = true; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.SecureRandomSpi interface implementation ------------------ + + public byte[] engineGenerateSeed(int numBytes) + { + if (numBytes < 1) + { + return new byte[0]; + } + byte[] result = new byte[numBytes]; + this.engineNextBytes(result); + return result; + } + + public void engineNextBytes(byte[] bytes) + { + if (virgin) + { + this.engineSetSeed(new byte[0]); + } + try + { + adaptee.nextBytes(bytes, 0, bytes.length); + } + catch (LimitReachedException ignored) + { + } + } + + public void engineSetSeed(byte[] seed) + { + HashMap attributes = new HashMap(); + attributes.put(ARCFour.ARCFOUR_KEY_MATERIAL, seed); + adaptee.init(attributes); + virgin = false; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java new file mode 100644 index 0000000..c0aa015 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/prng/CSPRNGSpi.java @@ -0,0 +1,114 @@ +/* CSPRNGSpi.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.prng; + +import gnu.java.security.Registry; +import gnu.javax.crypto.prng.CSPRNG; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +import java.net.MalformedURLException; +import java.security.SecureRandomSpi; + +/** + * The implementation of the continuously-seeded SecureRandom + * Service Provider Interface (SPI) adapter.

+ */ +public class CSPRNGSpi extends SecureRandomSpi +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private final IRandom adaptee; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public CSPRNGSpi() throws ClassNotFoundException, MalformedURLException, + NumberFormatException + { + super(); + + adaptee = CSPRNG.getSystemInstance(); + } + + // Instance methods + // ------------------------------------------------------------------------- + + protected byte[] engineGenerateSeed(final int count) + { + if (count < 0) + { + throw new IllegalArgumentException("count must be nonnegative"); + } + byte[] buf = new byte[count]; + if (count == 0) + { + return buf; + } + engineNextBytes(buf); + return buf; + } + + protected void engineNextBytes(final byte[] buffer) + { + if (buffer == null) + { + throw new NullPointerException(); + } + try + { + adaptee.nextBytes(buffer, 0, buffer.length); + } + catch (LimitReachedException lre) + { + throw new RuntimeException("random-number generator has been exhausted"); + } + } + + protected void engineSetSeed(final byte[] seed) + { + if (seed == null) + { + throw new NullPointerException(); + } + adaptee.addRandomBytes(seed, 0, seed.length); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java b/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java new file mode 100644 index 0000000..7006bbb --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/prng/FortunaImpl.java @@ -0,0 +1,85 @@ +/* FortunaImpl.java -- Fortuna SecureRandom adapter. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.prng; + +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.Fortuna; +import java.security.SecureRandomSpi; +import java.util.Collections; + +public final class FortunaImpl extends SecureRandomSpi +{ + private final Fortuna adaptee; + + public FortunaImpl () + { + adaptee = new Fortuna (); + adaptee.init (Collections.singletonMap (Fortuna.SEED, new byte[0])); + } + + protected void engineSetSeed (byte[] seed) + { + synchronized (adaptee) + { + adaptee.addRandomBytes (seed); + } + } + + protected void engineNextBytes(byte[] buffer) + { + synchronized (adaptee) + { + try + { + adaptee.nextBytes (buffer); + } + catch (LimitReachedException shouldNotHappen) + { + throw new Error (shouldNotHappen); + } + } + } + + protected byte[] engineGenerateSeed (int numbytes) + { + byte[] seed = new byte[numbytes]; + engineNextBytes (seed); + return seed; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java new file mode 100644 index 0000000..d04b782 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/prng/ICMRandomSpi.java @@ -0,0 +1,260 @@ +/* ICMRandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.prng; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.prng.ICMGenerator; +import gnu.java.security.prng.LimitReachedException; + +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.SecureRandomSpi; +import java.util.HashMap; +import java.util.Random; + +/** + *

An Adapter class around {@link ICMGenerator} to allow using this + * algorithm as a JCE {@link java.security.SecureRandom}.

+ */ +public class ICMRandomSpi extends SecureRandomSpi +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "ICMRandomSpi"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 0; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Class-wide prng to generate random material for the underlying prng.*/ + private static final ICMGenerator prng; // blank final + static + { + prng = new ICMGenerator(); + resetLocalPRNG(); + } + + // error messages + private static final String MSG = "Exception while setting up an " + + Registry.ICM_PRNG + " SPI: "; + + private static final String RETRY = "Retry..."; + + private static final String LIMIT_REACHED_MSG = "Limit reached: "; + + private static final String RESEED = "Re-seed..."; + + /** Our underlying prng instance. */ + private ICMGenerator adaptee = new ICMGenerator(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + private static void resetLocalPRNG() + { + if (DEBUG && debuglevel > 8) + debug(">>> resetLocalPRNG()"); + HashMap attributes = new HashMap(); + attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER); + byte[] key = new byte[128 / 8]; // AES default key size + Random rand = new Random(System.currentTimeMillis()); + rand.nextBytes(key); + attributes.put(IBlockCipher.KEY_MATERIAL, key); + int aesBlockSize = 128 / 8; // AES block size in bytes + byte[] offset = new byte[aesBlockSize]; + rand.nextBytes(offset); + attributes.put(ICMGenerator.OFFSET, offset); + int ndxLen = 0; // the segment length + // choose a random value between 1 and aesBlockSize / 2 + int limit = aesBlockSize / 2; + while (ndxLen < 1 || ndxLen > limit) + { + ndxLen = rand.nextInt(limit + 1); + } + attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, new Integer(ndxLen)); + byte[] index = new byte[ndxLen]; + rand.nextBytes(index); + attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index)); + + prng.setup(attributes); + if (DEBUG && debuglevel > 8) + debug("<<< resetLocalPRNG()"); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.SecureRandomSpi interface implementation ------------------ + + public byte[] engineGenerateSeed(int numBytes) + { + if (DEBUG && debuglevel > 8) + debug(">>> engineGenerateSeed()"); + if (numBytes < 1) + { + if (DEBUG && debuglevel > 8) + debug("<<< engineGenerateSeed()"); + return new byte[0]; + } + byte[] result = new byte[numBytes]; + this.engineNextBytes(result); + if (DEBUG && debuglevel > 8) + debug("<<< engineGenerateSeed()"); + return result; + } + + public void engineNextBytes(byte[] bytes) + { + if (DEBUG && debuglevel > 8) + debug(">>> engineNextBytes()"); + if (!adaptee.isInitialised()) + { + this.engineSetSeed(new byte[0]); + } + + while (true) + { + try + { + adaptee.nextBytes(bytes, 0, bytes.length); + break; + } + catch (LimitReachedException x) + { // reseed the generator + if (DEBUG) + { + debug(LIMIT_REACHED_MSG + String.valueOf(x)); + x.printStackTrace(err); + debug(RESEED); + } + resetLocalPRNG(); + } + } + if (DEBUG && debuglevel > 8) + debug("<<< engineNextBytes()"); + } + + public void engineSetSeed(byte[] seed) + { + if (DEBUG && debuglevel > 8) + debug(">>> engineSetSeed()"); + // compute the total number of random bytes required to setup adaptee + int materialLength = 0; + materialLength += 16; // key material size + materialLength += 16; // offset size + materialLength += 8; // index size == half of an AES block + byte[] material = new byte[materialLength]; + + // use as much as possible bytes from the seed + int materialOffset = 0; + int materialLeft = material.length; + if (seed.length > 0) + { // copy some bytes into key and update indices + int lenToCopy = Math.min(materialLength, seed.length); + System.arraycopy(seed, 0, material, 0, lenToCopy); + materialOffset += lenToCopy; + materialLeft -= lenToCopy; + } + if (materialOffset > 0) + { // generate the rest + while (true) + { + try + { + prng.nextBytes(material, materialOffset, materialLeft); + break; + } + catch (IllegalStateException x) + { // should not happen + throw new InternalError(MSG + String.valueOf(x)); + } + catch (LimitReachedException x) + { + if (DEBUG) + { + debug(MSG + String.valueOf(x)); + debug(RETRY); + } + } + } + } + + // setup the underlying adaptee instance + HashMap attributes = new HashMap(); + + // use AES cipher with 128-bit block size + attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER); + // use an index the size of quarter of an AES block + attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, new Integer(4)); + // specify the key + byte[] key = new byte[16]; + System.arraycopy(material, 0, key, 0, 16); + attributes.put(IBlockCipher.KEY_MATERIAL, key); + // specify the offset + byte[] offset = new byte[16]; + System.arraycopy(material, 16, offset, 0, 16); + attributes.put(ICMGenerator.OFFSET, offset); + // specify the index + byte[] index = new byte[8]; + System.arraycopy(material, 32, index, 0, 8); + attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index)); + + adaptee.init(attributes); + if (DEBUG && debuglevel > 8) + debug("<<< engineSetSeed()"); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java b/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java new file mode 100644 index 0000000..7dad68b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/prng/UMacRandomSpi.java @@ -0,0 +1,207 @@ +/* UMacRandomSpi.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.prng; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.UMacGenerator; + +import java.io.PrintWriter; +import java.security.SecureRandomSpi; +import java.util.HashMap; +import java.util.Random; + +/** + *

An Adapter class around {@link UMacGenerator} to allow using this + * algorithm as a JCE {@link java.security.SecureRandom}.

+ */ +public class UMacRandomSpi extends SecureRandomSpi +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "UMacRandomSpi"; + + private static final boolean DEBUG = false; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Class-wide prng to generate random material for the underlying prng.*/ + private static final UMacGenerator prng; // blank final + static + { + prng = new UMacGenerator(); + resetLocalPRNG(); + } + + // error messages + private static final String MSG = "Exception while setting up a " + + Registry.UMAC_PRNG + " SPI: "; + + private static final String RETRY = "Retry..."; + + /** Our underlying prng instance. */ + private UMacGenerator adaptee = new UMacGenerator(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + private static void resetLocalPRNG() + { + HashMap attributes = new HashMap(); + attributes.put(UMacGenerator.CIPHER, Registry.AES_CIPHER); + byte[] key = new byte[128 / 8]; // AES default key size + Random rand = new Random(System.currentTimeMillis()); + rand.nextBytes(key); + attributes.put(IBlockCipher.KEY_MATERIAL, key); + int index = rand.nextInt() & 0xFF; + attributes.put(UMacGenerator.INDEX, new Integer(index)); + + prng.setup(attributes); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.SecureRandomSpi interface implementation ------------------ + + public byte[] engineGenerateSeed(int numBytes) + { + if (numBytes < 1) + { + return new byte[0]; + } + byte[] result = new byte[numBytes]; + this.engineNextBytes(result); + return result; + } + + public void engineNextBytes(byte[] bytes) + { + if (!adaptee.isInitialised()) + { + this.engineSetSeed(new byte[0]); + } + + while (true) + { + try + { + adaptee.nextBytes(bytes, 0, bytes.length); + break; + } + catch (LimitReachedException x) + { // reseed the generator + resetLocalPRNG(); + } + } + } + + public void engineSetSeed(byte[] seed) + { + // compute the total number of random bytes required to setup adaptee + int materialLength = 0; + materialLength += 16; // key material size + materialLength++; // index size + byte[] material = new byte[materialLength]; + + // use as much as possible bytes from the seed + int materialOffset = 0; + int materialLeft = material.length; + if (seed.length > 0) + { // copy some bytes into key and update indices + int lenToCopy = Math.min(materialLength, seed.length); + System.arraycopy(seed, 0, material, 0, lenToCopy); + materialOffset += lenToCopy; + materialLeft -= lenToCopy; + } + if (materialOffset > 0) + { // generate the rest + while (true) + { + try + { + prng.nextBytes(material, materialOffset, materialLeft); + break; + } + catch (IllegalStateException x) + { // should not happen + throw new InternalError(MSG + String.valueOf(x)); + } + catch (LimitReachedException x) + { + if (DEBUG) + { + debug(MSG + String.valueOf(x)); + debug(RETRY); + } + } + } + } + + // setup the underlying adaptee instance + HashMap attributes = new HashMap(); + + // use AES cipher with 128-bit block size + attributes.put(UMacGenerator.CIPHER, Registry.AES_CIPHER); + // specify the key + byte[] key = new byte[16]; + System.arraycopy(material, 0, key, 0, 16); + attributes.put(IBlockCipher.KEY_MATERIAL, key); + // use a 1-byte index + attributes.put(UMacGenerator.INDEX, new Integer(material[16] & 0xFF)); + + adaptee.init(attributes); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java new file mode 100644 index 0000000..701191a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyFactory.java @@ -0,0 +1,232 @@ +/* DHKeyFactory.java -- DH key-factory JCE Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.sig; + +import gnu.java.security.Registry; +import gnu.javax.crypto.key.dh.DHKeyPairPKCS8Codec; +import gnu.javax.crypto.key.dh.DHKeyPairX509Codec; +import gnu.javax.crypto.key.dh.GnuDHPrivateKey; +import gnu.javax.crypto.key.dh.GnuDHPublicKey; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHPrivateKeySpec; +import javax.crypto.spec.DHPublicKeySpec; + +/** + * Implementation of a JCE Adapter for DH a key-factory. + */ +public class DHKeyFactory + extends KeyFactorySpi +{ + // implicit 0-arguments constructor + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DHPublicKeySpec) + { + DHPublicKeySpec spec = (DHPublicKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + return new GnuDHPublicKey(Registry.X509_ENCODING_ID, null, p, g, y); + } + + if (keySpec instanceof X509EncodedKeySpec) + { + X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PublicKey result; + try + { + result = new DHKeyPairX509Codec().decodePublicKey(encoded); + return result; + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DHPrivateKeySpec) + { + DHPrivateKeySpec spec = (DHPrivateKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, null, p, g, x); + } + + if (keySpec instanceof PKCS8EncodedKeySpec) + { + PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PrivateKey result; + try + { + result = new DHKeyPairPKCS8Codec().decodePrivateKey(encoded); + return result; + } + catch (RuntimeException x) + { + InvalidKeySpecException y = new InvalidKeySpecException(); + y.initCause(x); + throw y; + } + } + + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof DHPublicKey) + { + if (keySpec.isAssignableFrom(DHPublicKeySpec.class)) + { + DHPublicKey dssKey = (DHPublicKey) key; + BigInteger p = dssKey.getParams().getP(); + BigInteger g = dssKey.getParams().getG(); + BigInteger y = dssKey.getY(); + return new DHPublicKeySpec(y, p, g); + } + + if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + { + if (key instanceof GnuDHPublicKey) + { + GnuDHPublicKey dhKey = (GnuDHPublicKey) key; + byte[] encoded = dhKey.getEncoded(Registry.X509_ENCODING_ID); + return new X509EncodedKeySpec(encoded); + } + + if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new X509EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (public) key specification"); + } + + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + if (key instanceof DHPrivateKey) + { + if (keySpec.isAssignableFrom(DHPrivateKeySpec.class)) + { + DHPrivateKey dhKey = (DHPrivateKey) key; + BigInteger p = dhKey.getParams().getP(); + BigInteger g = dhKey.getParams().getG(); + BigInteger x = dhKey.getX(); + return new DHPrivateKeySpec(x, p, g); + } + + if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + { + if (key instanceof GnuDHPrivateKey) + { + GnuDHPrivateKey dhKey = (GnuDHPrivateKey) key; + byte[] encoded = dhKey.getEncoded(Registry.PKCS8_ENCODING_ID); + return new PKCS8EncodedKeySpec(encoded); + } + + if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new PKCS8EncodedKeySpec(encoded); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported (private) key specification"); + } + + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + throw new InvalidKeySpecException("Wrong key type or unsupported key specification"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof GnuDHPublicKey) || (key instanceof GnuDHPrivateKey)) + return key; + + if (key instanceof DHPublicKey) + { + DHPublicKey dsaKey = (DHPublicKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger y = dsaKey.getY(); + return new GnuDHPublicKey(Registry.X509_ENCODING_ID, null, p, g, y); + } + + if (key instanceof DHPrivateKey) + { + DHPrivateKey dsaKey = (DHPrivateKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger x = dsaKey.getX(); + return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, null, p, g, x); + } + + throw new InvalidKeyException("Wrong key type"); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java new file mode 100644 index 0000000..5b3badc --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHKeyPairGeneratorSpi.java @@ -0,0 +1,91 @@ +/* DHKeyPairGeneratorSpi.java -- DH key-pair generator JCE Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.sig; + +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; + +import javax.crypto.spec.DHGenParameterSpec; + +import gnu.java.security.Registry; +import gnu.java.security.jce.sig.KeyPairGeneratorAdapter; +import gnu.javax.crypto.key.dh.GnuDHKeyPairGenerator; + +public class DHKeyPairGeneratorSpi + extends KeyPairGeneratorAdapter +{ + public DHKeyPairGeneratorSpi() + { + super(Registry.DH_KPG); + } + + public void initialize(int keysize, SecureRandom random) + { + HashMap attributes = new HashMap(); + attributes.put(GnuDHKeyPairGenerator.PRIME_SIZE, new Integer(keysize)); + if (random != null) + attributes.put(GnuDHKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(GnuDHKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } + + public void initialize(AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + HashMap attributes = new HashMap(); + if (params != null) + { + if (! (params instanceof DHGenParameterSpec)) + throw new InvalidAlgorithmParameterException("params"); + + attributes.put(GnuDHKeyPairGenerator.DH_PARAMETERS, params); + } + + if (random != null) + attributes.put(GnuDHKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(GnuDHKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + new Integer(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHParameters.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHParameters.java new file mode 100644 index 0000000..0357c16 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHParameters.java @@ -0,0 +1,220 @@ +/* DHParameters.java -- DH parameters DAO + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.AlgorithmParametersSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.ArrayList; + +import javax.crypto.spec.DHGenParameterSpec; +import javax.crypto.spec.DHParameterSpec; + +/** + * A JCE-specific Data Access Object (DAO) for DH parameters. + */ +public class DHParameters + extends AlgorithmParametersSpi +{ + /** The prime public modulus. */ + private BigInteger p; + + /** The generator. */ + private BigInteger g; + + /** A prime factor of p-1. */ + private BigInteger q; + + /** The (private) random exponent's size (in bits). */ + private int l; + + // default 0-arguments constructor + + protected void engineInit(AlgorithmParameterSpec spec) + throws InvalidParameterSpecException + { + if (! (spec instanceof DHParameterSpec)) + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + DHParameterSpec dhSpec = (DHParameterSpec) spec; + p = dhSpec.getP(); + g = dhSpec.getG(); + l = dhSpec.getL(); + } + + /** + * Decodes the set of DH parameters as per RFC-2459; i.e. the DER-encoded + * form of the following ASN.1 construct: + * + * 
+   *   DhParams ::= SEQUENCE {
+   *     p  INTEGER, -- odd prime, p=jq +1
+   *     g  INTEGER, -- generator, g
+   *     q  INTEGER  -- factor of p-1
+   *   }
+   *
+ */ + protected void engineInit(byte[] params) throws IOException + { + DERReader der = new DERReader(params); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DH Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + l = q.bitLength(); + } + + protected void engineInit(byte[] params, String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + + engineInit(params); + } + + protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec.isAssignableFrom(DHParameterSpec.class)) + return new DHParameterSpec(p, g, l); + + if (paramSpec.isAssignableFrom(DHGenParameterSpec.class)) + return new DHGenParameterSpec(p.bitLength(), l); + + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + paramSpec.getName()); + } + + /** + * Encodes the set of DH parameters as per RFC-2459; i.e. as the DER-encoded + * form of the following ASN.1 construct: + * + * 
+   *   DhParams ::= SEQUENCE {
+   *     p  INTEGER, -- odd prime, p=jq +1
+   *     g  INTEGER, -- generator, g
+   *     q  INTEGER  -- factor of p-1
+   *   }
+   *
+ */ + protected byte[] engineGetEncoded() throws IOException + { + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derG = new DERValue(DER.INTEGER, g); + DERValue derQ = new DERValue(DER.INTEGER, q); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derG); + params.add(derQ); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + DERWriter.write(baos, derParams); + byte[] result = baos.toByteArray(); + + return result; + } + + protected byte[] engineGetEncoded(String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + + return engineGetEncoded(); + } + + protected String engineToString() + { + StringBuffer sb = new StringBuffer("p="); + if (p == null) + sb.append("???"); + else + sb.append("0x").append(p.toString(16)); + + sb.append(", g="); + if (g == null) + sb.append("???"); + else + sb.append("0x").append(g.toString(16)); + + sb.append(", q="); + if (q == null) + sb.append("???"); + else + sb.append("0x").append(q.toString(16)); + + sb.append(", l=").append(l); + + return sb.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/sig/DHParametersGenerator.java b/libjava/classpath/gnu/javax/crypto/jce/sig/DHParametersGenerator.java new file mode 100644 index 0000000..3687ac3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/sig/DHParametersGenerator.java @@ -0,0 +1,152 @@ +/* DHParametersGenerator.java -- JCE Adapter for a generator of DH parameters + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.sig; + +import gnu.java.security.Registry; +import gnu.javax.crypto.jce.GnuCrypto; +import gnu.javax.crypto.key.dh.GnuDHKeyPairGenerator; +import gnu.javax.crypto.key.dh.RFC2631; + +import java.math.BigInteger; +import java.security.AlgorithmParameterGeneratorSpi; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import javax.crypto.spec.DHGenParameterSpec; +import javax.crypto.spec.DHParameterSpec; + +/** + * A JCE Adapter for a generator of DH parameters. + */ +public class DHParametersGenerator + extends AlgorithmParameterGeneratorSpi +{ + private static final Provider GNU_CRYPTO = new GnuCrypto(); + + /** Size of the prime (public) modulus in bits. */ + private int modulusSize = -1; + + /** Size of the prime (private) modulus in bits. */ + private int exponentSize = -1; + + /** User specified source of randomness. */ + private SecureRandom rnd; + + /** Our concrete DH parameters generator. */ + private RFC2631 rfc2631; + + + protected void engineInit(int size, SecureRandom random) + { + if ((size % 256) != 0 || size < GnuDHKeyPairGenerator.DEFAULT_PRIME_SIZE) + throw new InvalidParameterException("Prime modulus (p) size (in bits) " + + "MUST be a multiple of 256, and " + + "greater than or equal to 1024"); + this.modulusSize = size; + this.rnd = random; + } + + protected void engineInit(AlgorithmParameterSpec spec, SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (spec instanceof DHParameterSpec) + { + DHParameterSpec dhSpec = (DHParameterSpec) spec; + BigInteger p = dhSpec.getP(); + int size = p.bitLength(); + this.engineInit(size, random); + } + else if (spec instanceof DHGenParameterSpec) + { + DHGenParameterSpec dhSpec = (DHGenParameterSpec) spec; + int size = dhSpec.getPrimeSize(); + this.engineInit(size, random); + exponentSize = dhSpec.getExponentSize(); + + if ((exponentSize % 8) != 0 + || exponentSize < GnuDHKeyPairGenerator.DEFAULT_EXPONENT_SIZE) + throw new InvalidParameterException("Random exponent size (in bits) " + + "MUST be a multiple of 8, and " + + "greater than or equal to " + + GnuDHKeyPairGenerator.DEFAULT_EXPONENT_SIZE); + if (exponentSize > modulusSize) + throw new InvalidParameterException("Random exponent size (in bits) " + + "MUST be less than that of the " + + "public prime modulus (p)"); + } + + throw new InvalidAlgorithmParameterException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + } + + protected AlgorithmParameters engineGenerateParameters() + { + if (modulusSize < 1) + modulusSize = GnuDHKeyPairGenerator.DEFAULT_PRIME_SIZE; + + if (exponentSize < 1) + exponentSize = GnuDHKeyPairGenerator.DEFAULT_EXPONENT_SIZE; + + rfc2631 = new RFC2631(exponentSize, modulusSize, rnd); + BigInteger[] params = rfc2631.generateParameters(); + BigInteger p = params[RFC2631.DH_PARAMS_P]; + BigInteger g = params[RFC2631.DH_PARAMS_G]; + int l = params[RFC2631.DH_PARAMS_Q].bitLength(); + DHParameterSpec spec = new DHParameterSpec(p, g, l); + AlgorithmParameters result = null; + try + { + result = AlgorithmParameters.getInstance(Registry.DH_KPG, GNU_CRYPTO); + result.init(spec); + } + catch (NoSuchAlgorithmException ignore) + { + } + catch (InvalidParameterSpecException ignore) + { + } + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java new file mode 100644 index 0000000..63e7740 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/spec/BlockCipherParameterSpec.java @@ -0,0 +1,139 @@ +/* BlockCipherParameterSpec.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.spec; + +import gnu.java.security.util.Util; + +import java.security.spec.AlgorithmParameterSpec; + +/** + * Block cipher parameters in GNU Crypto are the cipher's name, its block + * and key sizes, and an optional initialization vector. + */ +public class BlockCipherParameterSpec implements AlgorithmParameterSpec +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** + * The initialization vector. + */ + protected byte[] iv; + + /** + * The cipher's block size, in bytes. + */ + protected int blockSize; + + /** + * The cipher's key size, in bytes. + */ + protected int keySize; + + // Constructors. + // ----------------------------------------------------------------------- + + /** + * Create a new parameter specification. + * + * @param iv The initialization vector, or null if + * there is no IV. + * @param blockSize The cipher's block size, in bytes. + * @param keySize The cipher's key size, in bytes. + */ + public BlockCipherParameterSpec(byte[] iv, int blockSize, int keySize) + { + this.iv = (iv != null) ? (byte[]) iv.clone() : null; + this.blockSize = blockSize; + this.keySize = keySize; + } + + /** + * Create a new parameter specification with no IV. + * + * @param blockSize The cipher's block size, in bytes. + * @param keySize The cipher's key size, in bytes. + */ + public BlockCipherParameterSpec(int blockSize, int keySize) + { + this(null, blockSize, keySize); + } + + // Instance methods. + // ----------------------------------------------------------------------- + + /** + * Get the initialization vector for the cipher, or null + * if there is no IV. + * + * @return The IV. + */ + public byte[] getIV() + { + return iv; + } + + /** + * Get the block size of the cipher these parameters are for. + * + * @return The block size. + */ + public int getBlockSize() + { + return blockSize; + } + + /** + * Get the key size of the cipher these parameters are for. + * + * @return The block size. + */ + public int getKeySize() + { + return keySize; + } + + public String toString() + { + return getClass().getName() + " { " + + ((iv != null) ? ("IV=" + Util.toString(iv)) + ", " : "") + "BS=" + + blockSize + ", KS=" + keySize + " }"; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java new file mode 100644 index 0000000..0ebec09 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java @@ -0,0 +1,129 @@ +/* TMMHParameterSpec.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.spec; + +import gnu.java.security.prng.IRandom; + +import java.security.spec.AlgorithmParameterSpec; + +/** + * This class represents the algorithm parameters for the Truncated + * Multi-Modular Hash function for use with JCE-derived instances of + * {@link gnu.crypto.mac.TMMH16}. + * + *

This class is little more than a container for the key stream, tag + * length, and prefix parameters for the TMMH algorithm. + */ +public class TMMHParameterSpec implements AlgorithmParameterSpec +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** The keystream. */ + protected IRandom keystream; + + /** The tag length. */ + protected Integer tagLength; + + /** The prefix. */ + protected byte[] prefix; + + // Constructors. + // ----------------------------------------------------------------------- + + /** + * Create a new parameter specification. + * + * @param keystream The (PRNG) key stream. + * @param tagLength The tag length. + * @param prefix The prefix. + */ + public TMMHParameterSpec(IRandom keystream, Integer tagLength, byte[] prefix) + { + this.keystream = keystream; + this.tagLength = tagLength; + this.prefix = prefix; + } + + /** + * Create a new parameter specification with no prefix. + * + * @param keystream The (PRNG) key stream. + * @param tagLength The tag length. + */ + public TMMHParameterSpec(IRandom keystream, Integer tagLength) + { + this(keystream, tagLength, null); + } + + // Instance methods. + // ----------------------------------------------------------------------- + + /** + * Return the key stream this specification was initialized with. + * + * @return The key stream. + */ + public IRandom getKeystream() + { + return keystream; + } + + /** + * Return the tag length this specification was initialized with. + * + * @return The tag length. + */ + public Integer getTagLength() + { + return tagLength; + } + + /** + * Return the prefix, or null if no prefix was + * specified. + * + * @return The prefix. + */ + public byte[] getPrefix() + { + return prefix; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java b/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java new file mode 100644 index 0000000..47d807d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/jce/spec/UMac32ParameterSpec.java @@ -0,0 +1,82 @@ +/* UMac32ParameterSpec.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.jce.spec; + +import java.security.spec.AlgorithmParameterSpec; + +/** + * This class represents the parameters for the UMAC-32 message + * authentication code algorithm. In practice this means the + * Nonce material used to initialize the algorithm. + */ +public class UMac32ParameterSpec implements AlgorithmParameterSpec +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** The Nonce material. */ + protected byte[] nonce; + + // Constructors. + // ----------------------------------------------------------------------- + + /** + * Create a new parameter instance. + * + * @param nonce The nonce material. + */ + public UMac32ParameterSpec(byte[] nonce) + { + this.nonce = nonce; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + /** + * Return the nonce material. + * + * @return The nonce material. + */ + public byte[] getNonce() + { + return nonce; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java b/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java new file mode 100644 index 0000000..bfd9378 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/BaseKeyAgreementParty.java @@ -0,0 +1,208 @@ +/* BaseKeyAgreementParty.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; + +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Map; + +/** + *

A base abstract class to facilitate implementations of concrete key + * agreement protocol handlers.

+ */ +public abstract class BaseKeyAgreementParty implements IKeyAgreementParty +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + protected static final BigInteger TWO = BigInteger.valueOf(2L); + + /** The canonical name of the protocol. */ + protected String name; + + /** Whether the instance is initialised or not. */ + protected boolean initialised = false; + + /** The current step index of the protocol exchange. */ + protected int step = -1; + + /** Whether the exchange has concluded or not. */ + protected boolean complete = false; + + /** The optional {@link SecureRandom} instance to use. */ + protected SecureRandom rnd = null; + + /** The optional {@link IRandom} instance to use. */ + protected IRandom irnd = null; + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected BaseKeyAgreementParty(String name) + { + super(); + + this.name = name; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public String name() + { + return name; + } + + public void init(Map attributes) throws KeyAgreementException + { + if (initialised) + { + throw new IllegalStateException("already initialised"); + } + + this.engineInit(attributes); + + initialised = true; + this.step = -1; + this.complete = false; + } + + public OutgoingMessage processMessage(IncomingMessage in) + throws KeyAgreementException + { + if (!initialised) + { + throw new IllegalStateException("not initialised"); + } + if (complete) + { + throw new IllegalStateException("exchange has already concluded"); + } + + step++; + return this.engineProcessMessage(in); + } + + public boolean isComplete() + { + return complete; + } + + public byte[] getSharedSecret() throws KeyAgreementException + { + if (!initialised) + { + throw new KeyAgreementException("not yet initialised"); + } + if (!isComplete()) + { + throw new KeyAgreementException("not yet computed"); + } + return engineSharedSecret(); + } + + public void reset() + { + if (initialised) + { + this.engineReset(); + initialised = false; + } + } + + // abstract methods to be implemented by concrete subclasses --------------- + + protected abstract void engineInit(Map attributes) + throws KeyAgreementException; + + protected abstract OutgoingMessage engineProcessMessage(IncomingMessage in) + throws KeyAgreementException; + + protected abstract byte[] engineSharedSecret() throws KeyAgreementException; + + protected abstract void engineReset(); + + // helper methods ---------------------------------------------------------- + + /** + * Fills the designated byte array with random data. + * + * @param buffer the byte array to fill with random data. + */ + protected void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else if (irnd != null) + { + try + { + irnd.nextBytes(buffer, 0, buffer.length); + } + catch (LimitReachedException lre) + { + irnd = null; + getDefaultPRNG().nextBytes(buffer); + } + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java b/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java new file mode 100644 index 0000000..93b21a6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/GnuSecretKey.java @@ -0,0 +1,149 @@ +/* GnuSecretKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import gnu.java.security.util.Util; +import java.security.Key; + +/** + * A secret key composed of a sequence of raw, unformatted octets. This class + * is analogous to the {@link javax.crypto.spec.SecretKeySpec} class, but is + * provided for platforms that do not or cannot contain that class. + */ +public class GnuSecretKey implements Key +{ + + // Field. + // ------------------------------------------------------------------------ + + private final byte[] key; + + private final String algorithm; + + // Constructors. + // ------------------------------------------------------------------------ + + /** + * Creates a new secret key. The supplied byte array is copied by this + * constructor. + * + * @param key The raw, secret key. + * @param algorithm The algorithm name, which can be null or empty. + */ + public GnuSecretKey(byte[] key, String algorithm) + { + this(key, 0, key.length, algorithm); + } + + /** + * Creates a new secret key from a portion of a byte array. + * + * @param key The raw, secret key. + * @param offset The offset at which the key begins. + * @param length The number of bytes that comprise the key. + * @param algorithm The algorithm name, which can be null or empty. + */ + public GnuSecretKey(byte[] key, int offset, int length, String algorithm) + { + this.key = new byte[length]; + System.arraycopy(key, offset, this.key, 0, length); + this.algorithm = algorithm; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Returns the algorithm name, if any. + * + * @return The algorithm name. + */ + public String getAlgorithm() + { + return null; + } + + /** + * Returns the encoded key, which is merely the byte array this class was + * created with. A reference to the internal byte array is returned, so the + * caller can delete this key from memory by modifying the returned array. + * + * @return The raw key. + */ + public byte[] getEncoded() + { + return key; + } + + /** + * Returns the string "RAW". + * + * @return The string "RAW". + */ + public String getFormat() + { + return "RAW"; + } + + public boolean equals(Object o) + { + if (!(o instanceof GnuSecretKey)) + { + return false; + } + if (key.length != ((GnuSecretKey) o).key.length) + { + return false; + } + byte[] key2 = ((GnuSecretKey) o).key; + for (int i = 0; i < key.length; i++) + { + if (key[i] != key2[i]) + { + return false; + } + } + return true; + } + + public String toString() + { + return "GnuSecretKey [ " + algorithm + " " + Util.toString(key) + " ]"; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java b/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java new file mode 100644 index 0000000..05aef5e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/IKeyAgreementParty.java @@ -0,0 +1,105 @@ +/* IKeyAgreementParty.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import java.util.Map; + +/** + *

The visible methods of an key agreement protocol participating party.

+ */ +public interface IKeyAgreementParty +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + *

Returns the canonical name of the key agreement protocol.

+ * + * @return the canonical name of the key agreement protocol. + */ + String name(); + + /** + *

Sets up the instance to operate with specific attributes.

+ * + * @param attributes a map of name-values used by concrete implementations. + * @throws KeyAgreementException if an exception occurs during the setup. + */ + void init(Map attributes) throws KeyAgreementException; + + /** + *

Processes an incoming message at one end, generating a message that + * will be processed by the other party(ies).

+ * + * @param in the incoming message. + * @return an outgoing message, or null if this is an + * intermediary step that does not cause any output. + * @throws KeyAgreementException if an exception occurs during the processing + * of the incoming message, or during the generation of the outgoing message. + */ + OutgoingMessage processMessage(IncomingMessage in) + throws KeyAgreementException; + + /** + *

Returns true if the party in the key agreement protocol + * exchange has completed its part of the exchange. If this is the case an + * {@link IllegalStateException} is thrown for any method invocation except + * init() or reset(). + * @return true if this party has completed its part of the key + * agreement protocol exchange; false otherwise. + */ + boolean isComplete(); + + /** + *

Returns the byte array containing the shared secret as generated by + * this party.

+ * + * @return the generated shared secret. + * @throws KeyAgreementException if the key agreement is not yet initialised, + * or is initialised but the exchange is still in progress. + */ + byte[] getSharedSecret() throws KeyAgreementException; + + /** Resets this instance for re-use with another set of attributes. */ + void reset(); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java b/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java new file mode 100644 index 0000000..e04c853 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/IncomingMessage.java @@ -0,0 +1,356 @@ +/* IncomingMessage.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.key.dss.DSSKeyPairPKCS8Codec; +import gnu.java.security.key.dss.DSSKeyPairRawCodec; +import gnu.java.security.key.dss.DSSKeyPairX509Codec; +import gnu.java.security.key.rsa.RSAKeyPairPKCS8Codec; +import gnu.java.security.key.rsa.RSAKeyPairRawCodec; +import gnu.java.security.key.rsa.RSAKeyPairX509Codec; +import gnu.javax.crypto.key.dh.DHKeyPairPKCS8Codec; +import gnu.javax.crypto.key.dh.DHKeyPairRawCodec; +import gnu.javax.crypto.key.dh.DHKeyPairX509Codec; +import gnu.javax.crypto.key.srp6.SRPKeyPairRawCodec; + +import java.io.ByteArrayInputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

An implementation of an incoming message for use with key agreement + * protocols.

+ */ +public class IncomingMessage +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The internal buffer stream containing the message's contents. */ + protected ByteArrayInputStream in; + + /** The length of the message contents, according to its 4-byte header. */ + protected int length; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Constructs an incoming message given the message's encoded form, + * including its header bytes.

+ * + * @param b the encoded form, including the header bytes, of an incoming + * message. + * @throws KeyAgreementException if the buffer is malformed. + */ + public IncomingMessage(byte[] b) throws KeyAgreementException + { + this(); + + if (b.length < 4) + { + throw new KeyAgreementException("message header too short"); + } + length = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8 + | (b[3] & 0xFF); + if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) + { + throw new KeyAgreementException("message size limit exceeded"); + } + in = new ByteArrayInputStream(b, 4, length); + } + + /** Trivial private constructor for use by the class method. */ + private IncomingMessage() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a message given its encoded contents, excluding + * the message's header bytes.

+ * + *

Calls the method with the same name and three arguments as: + * getInstance(raw, 0, raw.length). + * + * @param raw the encoded form, excluding the header bytes. + * @return a new instance of IncomingMessage. + */ + public static IncomingMessage getInstance(byte[] raw) + { + return getInstance(raw, 0, raw.length); + } + + /** + *

Returns an instance of a message given its encoded contents, excluding + * the message's header bytes.

+ * + * @param raw the encoded form, excluding the header bytes. + * @param offset offset where to start using raw bytes from. + * @param len number of bytes to use. + * @return a new instance of IncomingMessage. + */ + public static IncomingMessage getInstance(byte[] raw, int offset, int len) + { + IncomingMessage result = new IncomingMessage(); + result.in = new ByteArrayInputStream(raw, offset, len); + return result; + } + + /** + *

Converts two octets into the number that they represent.

+ * + * @param b the two octets. + * @return the length. + */ + public static int twoBytesToLength(byte[] b) throws KeyAgreementException + { + int result = (b[0] & 0xFF) << 8 | (b[1] & 0xFF); + if (result > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new KeyAgreementException("encoded MPI size limit exceeded"); + } + return result; + } + + /** + *

Converts four octets into the number that they represent.

+ * + * @param b the four octets. + * @return the length. + */ + public static int fourBytesToLength(byte[] b) throws KeyAgreementException + { + int result = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8 + | (b[3] & 0xFF); + if (result > Registry.SASL_FOUR_BYTE_MAX_LIMIT || result < 0) + { + throw new KeyAgreementException("encoded entity size limit exceeded"); + } + return result; + } + + // Instance methods + // ------------------------------------------------------------------------- + + public boolean hasMoreElements() + { + return (in.available() > 0); + } + + /** + * Decodes a public key from the message. + *

+ * See {@link OutgoingMessage#writePublicKey(java.security.PublicKey)} for + * more details on the internal format. + * + * @throws KeyAgreementException if an encoding size constraint is violated or + * a mismatch was detected in the encoding. + */ + public PublicKey readPublicKey() throws KeyAgreementException + { + if (in.available() < 5) + throw new KeyAgreementException("not enough bytes for a public key in message"); + + byte[] elementLengthBytes = new byte[4]; + in.read(elementLengthBytes, 0, 4); + int elementLength = fourBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + throw new KeyAgreementException("illegal public key encoding"); + + int keyTypeAndFormatID = in.read() & 0xFF; + elementLength--; + byte[] kb = new byte[elementLength]; + in.read(kb, 0, elementLength); + + // instantiate the right codec and decode + IKeyPairCodec kpc = getKeyPairCodec(keyTypeAndFormatID); + return kpc.decodePublicKey(kb); + } + + /** + * Decodes a private key from the message. + *

+ * See {@link OutgoingMessage#writePrivateKey(java.security.PrivateKey)} for + * more details. + * + * @throws KeyAgreementException if an encoding size constraint is violated or + * a mismatch was detected in the encoding. + */ + public PrivateKey readPrivateKey() throws KeyAgreementException + { + if (in.available() < 5) + throw new KeyAgreementException("not enough bytes for a private key in message"); + + byte[] elementLengthBytes = new byte[4]; + in.read(elementLengthBytes, 0, 4); + int elementLength = fourBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + throw new KeyAgreementException("illegal private key encoding"); + + int keyTypeAndFormatID = in.read() & 0xFF; + elementLength--; + byte[] kb = new byte[elementLength]; + in.read(kb, 0, elementLength); + + // instantiate the right codec and decode + IKeyPairCodec kpc = getKeyPairCodec(keyTypeAndFormatID); + return kpc.decodePrivateKey(kb); + } + + /** + *

Decodes an MPI from the current message's contents.

+ * + * @return a native representation of an MPI. + * @throws KeyAgreementException if an encoding exception occurs during the + * operation. + */ + public BigInteger readMPI() throws KeyAgreementException + { + if (in.available() < 2) + { + throw new KeyAgreementException( + "not enough bytes for an MPI in message"); + } + byte[] elementLengthBytes = new byte[2]; + in.read(elementLengthBytes, 0, 2); + int elementLength = twoBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + { + throw new KeyAgreementException("illegal MPI encoding"); + } + + byte[] element = new byte[elementLength]; + in.read(element, 0, element.length); + + return new BigInteger(1, element); + } + + public String readString() throws KeyAgreementException + { + if (in.available() < 2) + { + throw new KeyAgreementException( + "not enough bytes for a text in message"); + } + byte[] elementLengthBytes = new byte[2]; + in.read(elementLengthBytes, 0, 2); + int elementLength = twoBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + { + throw new KeyAgreementException("illegal text encoding"); + } + + byte[] element = new byte[elementLength]; + in.read(element, 0, element.length); + String result = null; + try + { + result = new String(element, "UTF8"); + } + catch (UnsupportedEncodingException x) + { + throw new KeyAgreementException("unxupported UTF8 encoding", x); + } + + return result; + } + + private IKeyPairCodec getKeyPairCodec(int keyTypeAndFormatID) + throws KeyAgreementException + { + int keyType = (keyTypeAndFormatID >>> 4) & 0x0F; + int formatID = keyTypeAndFormatID & 0x0F; + switch (formatID) + { + case Registry.RAW_ENCODING_ID: + switch (keyType) + { + case 0: + return new DSSKeyPairRawCodec(); + case 1: + return new RSAKeyPairRawCodec(); + case 2: + return new DHKeyPairRawCodec(); + case 3: + return new SRPKeyPairRawCodec(); + default: + throw new KeyAgreementException("Unknown key-type for Raw format: " + + keyType); + } + case Registry.X509_ENCODING_ID: + switch (keyType) + { + case 0: + return new DSSKeyPairX509Codec(); + case 1: + return new RSAKeyPairX509Codec(); + case 2: + return new DHKeyPairX509Codec(); + default: + throw new KeyAgreementException("Unknown key-type for X.509 format: " + + keyType); + } + case Registry.PKCS8_ENCODING_ID: + switch (keyType) + { + case 0: + return new DSSKeyPairPKCS8Codec(); + case 1: + return new RSAKeyPairPKCS8Codec(); + case 2: + return new DHKeyPairPKCS8Codec(); + default: + throw new KeyAgreementException("Unknown key-type for PKCS#8 format: " + + keyType); + } + default: + throw new KeyAgreementException("Unknown format identifier: " + + formatID); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java new file mode 100644 index 0000000..c2fa434 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementException.java @@ -0,0 +1,187 @@ +/* KeyAgreementException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import java.io.PrintStream; +import java.io.PrintWriter; +import java.io.Serializable; +import java.security.KeyManagementException; + +/** + * A generic exception indicating that an unexpected condition has + * been detected during the setup and/or processing of a key agreement + * protocol exchange. + */ +public class KeyAgreementException extends KeyManagementException implements + Serializable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** @serial The possibly null root cause exception. */ + private Throwable cause = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Constructs a new instance of KeyAgreementException. The + * root exception and the detailed message are null.

+ */ + public KeyAgreementException() + { + super(); + } + + /** + *

Constructs a new instance of KeyAgreementException with a + * detailed message. The root exception is null.

+ * + * @param detail a possibly null string containing details of + * the exception. + * @see Throwable#getMessage() + */ + public KeyAgreementException(String detail) + { + super(detail); + } + + /** + *

Constructs a new instance of KeyAgreementException with a + * detailed message and a root exception.

+ * + * @param detail a possibly null string containing details of + * the exception. + * @param cause a possibly null root exception that caused this + * exception. + * @see Throwable#getMessage() + * @see #getCause() + */ + public KeyAgreementException(String detail, Throwable cause) + { + super(detail); + this.cause = cause; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the cause of this throwable or null if the cause + * is nonexistent or unknown. The cause is the throwable that caused + * this exception to be thrown.

+ * + * @return the possibly null exception that caused this one. + */ + public Throwable getCause() + { + return cause; + } + + /** + *

Prints this exception's stack trace to System.err. If this + * exception has a root exception; the stack trace of the root + * exception is also printed to System.err.

+ */ + public void printStackTrace() + { + super.printStackTrace(); + if (cause != null) + { + cause.printStackTrace(); + } + } + + /** + *

Prints this exception's stack trace to a print stream. If this + * exception has a root exception; the stack trace of the root + * exception is also printed to the print stream.

+ * + * @param ps the non-null print stream to which to print. + */ + public void printStackTrace(PrintStream ps) + { + super.printStackTrace(ps); + if (cause != null) + { + cause.printStackTrace(ps); + } + } + + /** + *

Prints this exception's stack trace to a print writer. If this + * exception has a root exception; the stack trace of the root + * exception is also printed to the print writer.

+ * + * @param pw the non-null print writer to use for output. + */ + public void printStackTrace(PrintWriter pw) + { + super.printStackTrace(pw); + if (cause != null) + { + cause.printStackTrace(pw); + } + } + + /** + *

Returns the string representation of this exception. The string + * representation contains this exception's class name, its detailed + * messsage, and if it has a root exception, the string representation + * of the root exception. This string representation is meant for debugging + * and is not meant to be interpreted programmatically.

+ * + * @return the non-null string representation of this exception. + * @see Throwable#getMessage() + */ + public String toString() + { + StringBuffer sb = new StringBuffer(this.getClass().getName()).append(": ").append( + super.toString()); + if (cause != null) + { + sb.append("; caused by: ").append(cause.toString()); + } + return sb.toString(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java new file mode 100644 index 0000000..e2a7fab --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/KeyAgreementFactory.java @@ -0,0 +1,181 @@ +/* KeyAgreementFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import gnu.java.security.Registry; + +import gnu.javax.crypto.key.dh.DiffieHellmanSender; +import gnu.javax.crypto.key.dh.DiffieHellmanReceiver; +import gnu.javax.crypto.key.dh.ElGamalSender; +import gnu.javax.crypto.key.dh.ElGamalReceiver; +import gnu.javax.crypto.key.srp6.SRP6Host; +import gnu.javax.crypto.key.srp6.SRP6User; +import gnu.javax.crypto.key.srp6.SRP6SaslClient; +import gnu.javax.crypto.key.srp6.SRP6SaslServer; +import gnu.javax.crypto.key.srp6.SRP6TLSClient; +import gnu.javax.crypto.key.srp6.SRP6TLSServer; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + *

A Factory class to generate key agreement protocol handlers.

+ */ +public class KeyAgreementFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private KeyAgreementFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a key agreeent protocol handler, for party + * A in a two-party A..B exchange, given the + * canonical name of this protocol. Party A is usually the + * initiator of the exchange.

+ * + * @param name the case-insensitive key agreement protocol name. + * @return an instance of the key agreement protocol handler for party + * A, or null if none found. + */ + public static IKeyAgreementParty getPartyAInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + IKeyAgreementParty result = null; + if (name.equalsIgnoreCase(Registry.DH_KA)) + { + result = new DiffieHellmanSender(); + } + else if (name.equalsIgnoreCase(Registry.ELGAMAL_KA)) + { + result = new ElGamalSender(); + } + else if (name.equalsIgnoreCase(Registry.SRP6_KA)) + { + result = new SRP6User(); + } + else if (name.equalsIgnoreCase(Registry.SRP_SASL_KA)) + { + result = new SRP6SaslClient(); + } + else if (name.equalsIgnoreCase(Registry.SRP_TLS_KA)) + { + result = new SRP6TLSClient(); + } + + return result; + } + + /** + *

Returns an instance of a key agreeent protocol handler, for party + * B in a two-party A..B exchange, given the + * canonical name of this protocol.

+ * + * @param name the case-insensitive key agreement protocol name. + * @return an instance of the key agreement protocol handler for party + * B, or null if none found. + */ + public static IKeyAgreementParty getPartyBInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + IKeyAgreementParty result = null; + if (name.equalsIgnoreCase(Registry.DH_KA)) + { + result = new DiffieHellmanReceiver(); + } + else if (name.equalsIgnoreCase(Registry.ELGAMAL_KA)) + { + result = new ElGamalReceiver(); + } + else if (name.equalsIgnoreCase(Registry.SRP6_KA)) + { + result = new SRP6Host(); + } + else if (name.equalsIgnoreCase(Registry.SRP_SASL_KA)) + { + result = new SRP6SaslServer(); + } + else if (name.equalsIgnoreCase(Registry.SRP_TLS_KA)) + { + result = new SRP6TLSServer(); + } + + return result; + } + + /** + *

Returns a {@link Set} of key agreement protocol names supported by this + * Factory.

+ * + * @return a {@link Set} of key agreement protocol names (Strings). + */ + public static final Set getNames() + { + HashSet hs = new HashSet(); + hs.add(Registry.DH_KA); + hs.add(Registry.ELGAMAL_KA); + hs.add(Registry.SRP6_KA); + hs.add(Registry.SRP_SASL_KA); + hs.add(Registry.SRP_TLS_KA); + + return Collections.unmodifiableSet(hs); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java b/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java new file mode 100644 index 0000000..5880121 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/OutgoingMessage.java @@ -0,0 +1,255 @@ +/* OutgoingMessage.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKey; +import gnu.java.security.key.rsa.GnuRSAKey; +import gnu.java.security.util.FormatUtil; +import gnu.javax.crypto.key.dh.GnuDHKey; +import gnu.javax.crypto.key.srp6.SRPKey; + +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.math.BigInteger; + +/** + *

An implementation of outgoing messages for use with key agreement + * protocols.

+ */ +public class OutgoingMessage +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The internal output stream. */ + private ByteArrayOutputStream out; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public OutgoingMessage() + { + super(); + + out = new ByteArrayOutputStream(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the encoded form of the current message including the 4-byte + * length header.

+ * + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + public byte[] toByteArray() throws KeyAgreementException + { + byte[] buffer = wrap(); + int length = buffer.length; + byte[] result = new byte[length + 4]; + result[0] = (byte) (length >>> 24); + result[1] = (byte) (length >>> 16); + result[2] = (byte) (length >>> 8); + result[3] = (byte) length; + System.arraycopy(buffer, 0, result, 4, length); + + return result; + } + + /** + *

Returns the encoded form of the current message excluding the 4-byte + * length header.

+ * + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + public byte[] wrap() throws KeyAgreementException + { + int length = out.size(); + if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) + { + throw new KeyAgreementException("message content is too long"); + } + return out.toByteArray(); + } + + /** + * Encodes a public key into the message. + *

+ * When a public key is encoded into an outgoing message, the byte array of + * the encoded key --according to its encoding/decoding format specified when + * the key was first instantiated-- are put in the message (a) preceeded by + * one byte representing both the type of key (upper 4-bit) and the identifier + * of the format used (lower 4-bit), and (b) preceeed by a 4-byte entity + * representing the total length, excluding these 4 bytes, of the bytes + * representing the encoded key and the one-byte representing the key-type and + * format; i.e. + * + * 

+   *    key --> 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
+   *
+ * + * @param k the public key to encode. + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + public void writePublicKey(PublicKey k) throws KeyAgreementException + { + writeKey(k); + } + + /** + * Encodes a private key into the message. + *

+ * When a private key is encoded into an outgoing message, the byte array of + * the encoded key --according to its encoding/decoding format specified when + * the key was first instantiated-- are put in the message (a) preceeded by + * one byte representing both the type of key (upper 4-bit) and the identifier + * of the format used (lower 4-bit), and (b) preceeed by a 4-byte entity + * representing the total length, excluding these 4 bytes, of the bytes + * representing the encoded key and the one-byte representing the key-type and + * format; i.e. + * + * 

+   *    key --> 4-byte-length || 1-byte-type-and-format || encoded-key-bytes
+   *
+ * + * @param k the private key to encode. + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + public void writePrivateKey(PrivateKey k) throws KeyAgreementException + { + writeKey(k); + } + + /** + *

Encodes an MPI into the message.

+ * + * @param val the MPI to encode. + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + public void writeMPI(BigInteger val) throws KeyAgreementException + { + byte[] b = val.toByteArray(); + int length = b.length; + if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new KeyAgreementException("MPI is too long"); + } + byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes, 0, 2); + out.write(b, 0, b.length); + } + + /** + *

Encodes a string into the message.

+ * + * @param s the string to encode. + * @throws KeyAgreementException if the UTF8 encoding is not supported on + * this platform, or if an encoding size constraint is violated. + */ + public void writeString(String s) throws KeyAgreementException + { + byte[] b = null; + try + { + b = s.getBytes("UTF8"); + } + catch (UnsupportedEncodingException x) + { + throw new KeyAgreementException("unxupported UTF8 encoding", x); + } + int length = b.length; + if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new KeyAgreementException("text too long"); + } + byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes, 0, 2); + out.write(b, 0, b.length); + } + + /** + * @param k the key to encode. + * @throws KeyAgreementException if an encoding size constraint is violated. + */ + private void writeKey(Key k) throws KeyAgreementException + { + byte[] b = k.getEncoded(); + int keyType = getKeyType(k); + int formatID = FormatUtil.getFormatID(k.getFormat()); + int length = b.length + 1; + if (length > Registry.SASL_FOUR_BYTE_MAX_LIMIT) + throw new KeyAgreementException("Encoded key is too long"); + + byte[] lengthBytes = { (byte) (length >>> 24), (byte) (length >>> 16), + (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes, 0, 4); + out.write(((keyType & 0x0F) << 4) | (formatID & 0x0F)); + out.write(b, 0, b.length); + } + + /** + * @param k the key to find an identifier for. + * @return an integer from 0 to 3 identifying + * the type of key. + * @throws KeyAgreementException if the designated key is of unknown or + * unsupported type. + */ + private int getKeyType(Key k) throws KeyAgreementException + { + if (k instanceof DSSKey) + return 0; + if (k instanceof GnuRSAKey) + return 1; + if (k instanceof GnuDHKey) + return 2; + if (k instanceof SRPKey) + return 3; + throw new KeyAgreementException("Unknown or unsupported key type: " + + k.getClass().getName()); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java new file mode 100644 index 0000000..34fb007 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java @@ -0,0 +1,229 @@ +/* DHKeyPairPKCS8Codec.java -- PKCS#8 encoder/decoder for DH keys + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; +import gnu.java.security.util.Util; + +public class DHKeyPairPKCS8Codec + implements IKeyPairCodec +{ + private static final OID DH_ALG_OID = new OID(Registry.DH_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return PKCS8_FORMAT; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePublicKey(PublicKey key) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * Returns the DER-encoded form of the PKCS#8 ASN.1 PrivateKeyInfo + * representation of a DH private key. The ASN.1 specification is as follows: + * + * 
+   *   PrivateKeyInfo ::= SEQUENCE {
+   *     version              INTEGER, -- MUST be 0
+   *     privateKeyAlgorithm  AlgorithmIdentifier,
+   *     privateKey           OCTET STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+   *   DhParams ::= SEQUENCE {
+   *     p  INTEGER, -- odd prime, p=jq +1
+   *     g  INTEGER, -- generator, g
+   *     q  INTEGER  -- factor of p-1
+   *   }
+   *
+ * + * @return the DER encoded form of the ASN.1 representation of the + * PrivateKeyInfo field in an X.509 certificate. + * @throw InvalidParameterException if an error occurs during the marshalling + * process. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (! (key instanceof GnuDHPrivateKey)) + throw new InvalidParameterException("Wrong key type"); + + DERValue derVersion = new DERValue(DER.INTEGER, BigInteger.ZERO); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DH_ALG_OID); + + GnuDHPrivateKey pk = (GnuDHPrivateKey) key; + BigInteger p = pk.getParams().getP(); + BigInteger g = pk.getParams().getG(); + BigInteger q = pk.getQ(); + BigInteger x = pk.getX(); + + ArrayList params = new ArrayList(3); + params.add(new DERValue(DER.INTEGER, p)); + params.add(new DERValue(DER.INTEGER, g)); + params.add(new DERValue(DER.INTEGER, q)); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, Util.trim(x)); + + ArrayList pki = new ArrayList(3); + pki.add(derVersion); + pki.add(derAlgorithmID); + pki.add(derPrivateKey); + DERValue derPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, pki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derPKI); + result = baos.toByteArray(); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PublicKey decodePublicKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DH + * {@link PrivateKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuDHPrivateKey} decoded from the + * PrivateKeyInfo material fed as input. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger version, p, q, g, x; + DERReader der = new DERReader(input); + try + { + DERValue derPKI = der.read(); + DerUtil.checkIsConstructed(derPKI, "Wrong PrivateKeyInfo field"); + + DERValue derVersion = der.read(); + if (! (derVersion.getValue() instanceof BigInteger)) + throw new InvalidParameterException("Wrong Version field"); + + version = (BigInteger) derVersion.getValue(); + if (version.compareTo(BigInteger.ZERO) != 0) + throw new InvalidParameterException("Unexpected Version: " + version); + + DERValue derAlgoritmID = der.read(); + DerUtil.checkIsConstructed(derAlgoritmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DH_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + + val = der.read(); + byte[] xBytes = (byte[]) val.getValue(); + x = new BigInteger(1, xBytes); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, q, p, g, x); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java new file mode 100644 index 0000000..c0ff82be --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java @@ -0,0 +1,370 @@ +/* DHKeyPairRawCodec.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

An object that implements the {@link IKeyPairCodec} operations for the + * Raw format to use with Diffie-Hellman keypairs.

+ */ +public class DHKeyPairRawCodec implements IKeyPairCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments ctor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------- + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated Diffie-Hellman public key + * according to the Raw format supported by this library.

+ * + *

The Raw format for a DH public key, in this implementation, is + * a byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DH_PUBLIC_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the DH parameter + * q in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter q,
    6. + *
  6. 4-byte count of following bytes representing the DH parameter + * p in internet order,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter p,
    8. + *
  8. 4-byte count of following bytes representing the DH parameter + * g,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter g,
    10. + *
  10. 4-byte count of following bytes representing the DH parameter + * y,
    11. + *
  11. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter y,
    12. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not a DH one. + * @see Registry#MAGIC_RAW_DH_PUBLIC_KEY + */ + public byte[] encodePublicKey(PublicKey key) + { + if (!(key instanceof GnuDHPublicKey)) + { + throw new IllegalArgumentException("key"); + } + + GnuDHPublicKey dhKey = (GnuDHPublicKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[0]); + baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[1]); + baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[2]); + baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[3]); + + // version + baos.write(0x01); + + // q + byte[] buffer = dhKey.getQ().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // p + buffer = dhKey.getParams().getP().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = dhKey.getParams().getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // y + buffer = dhKey.getY().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PublicKey decodePublicKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[0] + || k[1] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[1] + || k[2] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[2] + || k[3] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + int l; + byte[] buffer; + + // q + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger q = new BigInteger(1, buffer); + + // p + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger p = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // y + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger y = new BigInteger(1, buffer); + + return new GnuDHPublicKey(q, p, g, y); + } + + /** + *

Returns the encoded form of the designated Diffie-Hellman private key + * according to the Raw format supported by this library.

+ * + *

The Raw format for a DH private key, in this implementation, is + * a byte sequence consisting of the following:

+ * + *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DH_PRIVATE_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the DH parameter + * q,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter q,
    6. + *
  6. 4-byte count of following bytes representing the DH parameter + * p in internet order,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter p,
    8. + *
  8. 4-byte count of following bytes representing the DH parameter + * g,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter g,
    10. + *
  10. 4-byte count of following bytes representing the DH parameter + * x,
    11. + *
  11. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the DH parameter x,
    12. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not a DH one. + * @see Registry#MAGIC_RAW_DH_PRIVATE_KEY + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (!(key instanceof GnuDHPrivateKey)) + { + throw new IllegalArgumentException("key"); + } + + GnuDHPrivateKey dhKey = (GnuDHPrivateKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[0]); + baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[1]); + baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[2]); + baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[3]); + + // version + baos.write(0x01); + + // q + byte[] buffer = dhKey.getQ().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // p + buffer = dhKey.getParams().getP().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = dhKey.getParams().getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // x + buffer = dhKey.getX().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PrivateKey decodePrivateKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[0] + || k[1] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[1] + || k[2] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[2] + || k[3] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + int l; + byte[] buffer; + + // q + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger q = new BigInteger(1, buffer); + + // p + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger p = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // x + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger x = new BigInteger(1, buffer); + + return new GnuDHPrivateKey(q, p, g, x); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java new file mode 100644 index 0000000..7e8688b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java @@ -0,0 +1,244 @@ +/* DHKeyPairX509Codec.java -- X.509 DER encoder/decoder for DH keys + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.BitString; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.DerUtil; + +public class DHKeyPairX509Codec + implements IKeyPairCodec +{ + private static final OID DH_ALG_OID = new OID(Registry.DH_OID_STRING); + + // implicit 0-arguments constructor + + public int getFormatID() + { + return X509_FORMAT; + } + + /** + * Returns the DER-encoded form of the X.509 ASN.1 SubjectPublicKeyInfo + * representation of a DH public key. The ASN.1 specification, as defined in + * RFC-3280, and RFC-2459, is as follows: + * + * 
+   *   SubjectPublicKeyInfo ::= SEQUENCE {
+   *     algorithm         AlgorithmIdentifier,
+   *     subjectPublicKey  BIT STRING
+   *   }
+   *
+   *   AlgorithmIdentifier ::= SEQUENCE {
+   *     algorithm   OBJECT IDENTIFIER,
+   *     parameters  ANY DEFINED BY algorithm OPTIONAL
+   *   }
+   *
+   *   DhParams ::= SEQUENCE {
+   *     p  INTEGER, -- odd prime, p=jq +1
+   *     g  INTEGER, -- generator, g
+   *     q  INTEGER  -- factor of p-1
+   *   }
+   *
+ * + *

The subjectPublicKey field, which is a BIT STRING, contains the + * DER-encoded form of the DH public key as an INTEGER.

+ * + * 
+   *       DHPublicKey ::= INTEGER -- public key, y = g^x mod p
+   *
+ * + * @param key the {@link PublicKey} instance to encode. MUST be an instance of + * {@link GnuDHPublicKey}. + * @return the DER-encoded form of the ASN.1 representation of the + * SubjectPublicKeyInfo in an X.509 certificate. + * @throw InvalidParameterException if key is not an instance + * of {@link GnuDHPublicKey} or if an exception occurs during the + * marshalling process. + */ + public byte[] encodePublicKey(PublicKey key) + { + if (! (key instanceof GnuDHPublicKey)) + throw new InvalidParameterException("Wrong key type"); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DH_ALG_OID); + + GnuDHPublicKey dhKey = (GnuDHPublicKey) key; + BigInteger p = dhKey.getParams().getP(); + BigInteger g = dhKey.getParams().getG(); + BigInteger q = dhKey.getQ(); + BigInteger y = dhKey.getY(); + + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derG = new DERValue(DER.INTEGER, g); + DERValue derQ = new DERValue(DER.INTEGER, q); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derG); + params.add(derQ); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derDHPublicKey = new DERValue(DER.INTEGER, y); + byte[] yBytes = derDHPublicKey.getEncoded(); + DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes)); + + ArrayList spki = new ArrayList(2); + spki.add(derAlgorithmID); + spki.add(derSPK); + DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derSPKI); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + throw new InvalidParameterException("Wrong format for private keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DH + * {@link PublicKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuDHPublicKey} decoded from the + * SubjectPublicKeyInfo material in an X.509 certificate. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PublicKey decodePublicKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger p, g, q, y; + DERReader der = new DERReader(input); + try + { + DERValue derSPKI = der.read(); + DerUtil.checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field"); + + DERValue derAlgorithmID = der.read(); + DerUtil.checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + if (! (derOID.getValue() instanceof OID)) + throw new InvalidParameterException("Wrong Algorithm field"); + + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DH_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DH Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + + val = der.read(); + if (! (val.getValue() instanceof BitString)) + throw new InvalidParameterException("Wrong SubjectPublicKey field"); + + byte[] yBytes = ((BitString) val.getValue()).toByteArray(); + + DERReader dhPub = new DERReader(yBytes); + val = dhPub.read(); + DerUtil.checkIsBigInteger(val, "Wrong Y field"); + y = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return new GnuDHPublicKey(Registry.X509_ENCODING_ID, q, p, g, y); + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for private keys"); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java new file mode 100644 index 0000000..5b1caa7 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java @@ -0,0 +1,134 @@ +/* DiffieHellmanKeyAgreement.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.BaseKeyAgreementParty; +import gnu.javax.crypto.key.KeyAgreementException; + +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPrivateKey; + +/** + *

The basic version of the Diffie-Hellman key agreement is described in the + * Handbook of Applied Cryptography [HAC] as follows:

+ *
    + *
  • An appropriate prime p and generator g of Zp* + * (2 <= g <= p-2) are selected and published.
    • + *
  • A and B each send the other one message over an open channel; as a + * result, they both can then compute a shared secret key K which they can + * use to protect their future communication.
    • + *
  • A chooses a random secret x, 1 <= x <= p-2, and sends B message + * (1) which is g^x mod p.
    • + *
  • B chooses a random secret y, 1 <= y <= p-2, and sends A message + * (2) which is g^y mod p.
    • + *
  • B receives message (1) and computes the shared key as K = (g^x)^y mod + * p.
    • + *
  • A receives message (2) and computes the shared key as K = (g^y)^x mod + * p.
    • + *
+ * + *

RFC-2631 describes a Static-Static Mode of operations with + * Diffie-Hellman keypairs as follows:

+ * 
+ * "In Static-Static mode, both the sender and the recipient have a
+ static (and certified) key pair. Since the sender's and recipient's
+ keys are therefore the same for each message, ZZ will be the same for
+ each message. Thus, partyAInfo MUST be used (and different for each
+ message) in order to ensure that different messages use different
+ KEKs. Implementations MAY implement Static-Static mode."
+ *
+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
  2. [HAC]: Handbook of + * Applied Cryptography.
    + * CRC Press, Inc. ISBN 0-8493-8523-7, 1997
    + * Menezes, A., van Oorschot, P. and S. Vanstone.
    3. + *
+ */ +public abstract class DiffieHellmanKeyAgreement extends BaseKeyAgreementParty +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.ka.prng"; + + public static final String KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY = "gnu.crypto.dh.ka.owner.private.key"; + + /** The key agreement party's private key. */ + protected DHPrivateKey ownerKey; + + /** The shared secret key. */ + protected BigInteger ZZ; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected DiffieHellmanKeyAgreement() + { + super(Registry.DH_KA); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of common abstract methods in BaseKeyAGreementParty ------ + + protected byte[] engineSharedSecret() throws KeyAgreementException + { + return Util.trim(ZZ); + } + + protected void engineReset() + { + ownerKey = null; + ZZ = null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java new file mode 100644 index 0000000..4a3664d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java @@ -0,0 +1,147 @@ +/* DiffieHellmanReceiver.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.prng.IRandom; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Map; + +import javax.crypto.interfaces.DHPrivateKey; + +/** + *

This implementation is the receiver's part of the basic version of the + * Diffie-Hellman key agreement exchange (B in [HAC]).

+ * + * @see DiffieHellmanKeyAgreement + */ +public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private BigInteger y; // the receiver's random secret + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(Map attributes) throws KeyAgreementException + { + Object random = attributes.get(SOURCE_OF_RANDOMNESS); + rnd = null; + irnd = null; + if (random instanceof SecureRandom) + { + rnd = (SecureRandom) random; + } + else if (random instanceof IRandom) + { + irnd = (IRandom) random; + } + ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY); + if (ownerKey == null) + { + throw new KeyAgreementException("missing owner's private key"); + } + } + + protected OutgoingMessage engineProcessMessage(IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage computeSharedSecret(IncomingMessage in) + throws KeyAgreementException + { + BigInteger m1 = in.readMPI(); + if (m1 == null) + { + throw new KeyAgreementException("missing message (1)"); + } + + BigInteger p = ownerKey.getParams().getP(); + BigInteger g = ownerKey.getParams().getG(); + + // B chooses a random integer y, 1 <= y <= p-2 + // rfc-2631 restricts y to only be in [2, p-1] + BigInteger p_minus_2 = p.subtract(TWO); + byte[] xBytes = new byte[(p_minus_2.bitLength() + 7) / 8]; + do + { + nextRandomBytes(xBytes); + y = new BigInteger(1, xBytes); + } + while (!(y.compareTo(TWO) >= 0 && y.compareTo(p_minus_2) <= 0)); + + ZZ = m1.modPow(y, p); // ZZ = (yb ^ xa) mod p + + complete = true; + + // B sends A the message: g^y mod p + OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(g.modPow(y, p)); // message (2) + + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java new file mode 100644 index 0000000..6b9cf70 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java @@ -0,0 +1,156 @@ +/* DiffieHellmanSender.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.prng.IRandom; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Map; + +import javax.crypto.interfaces.DHPrivateKey; + +/** + *

This implementation is the sender's part of the basic version of the + * Diffie-Hellman key agreement exchange (A in [HAC]).

+ * + * @see DiffieHellmanKeyAgreement + * @version $Revision: 1.1 $ + */ +public class DiffieHellmanSender extends DiffieHellmanKeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private BigInteger x; // the sender's random secret + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(Map attributes) throws KeyAgreementException + { + Object random = attributes.get(SOURCE_OF_RANDOMNESS); + rnd = null; + irnd = null; + if (random instanceof SecureRandom) + { + rnd = (SecureRandom) random; + } + else if (random instanceof IRandom) + { + irnd = (IRandom) random; + } + ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY); + if (ownerKey == null) + { + throw new KeyAgreementException("missing owner's private key"); + } + } + + protected OutgoingMessage engineProcessMessage(IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return sendRandomSecret(in); + case 1: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage sendRandomSecret(IncomingMessage in) + throws KeyAgreementException + { + BigInteger p = ownerKey.getParams().getP(); + BigInteger g = ownerKey.getParams().getG(); + + // A chooses a random integer x, 1 <= x <= p-2 + // rfc-2631 restricts x to only be in [2, p-1] + BigInteger p_minus_2 = p.subtract(TWO); + byte[] xBytes = new byte[(p_minus_2.bitLength() + 7) / 8]; + do + { + nextRandomBytes(xBytes); + x = new BigInteger(1, xBytes); + } + while (!(x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0)); + + // A sends B the message: g^x mod p + OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(g.modPow(x, p)); + + return result; + } + + private OutgoingMessage computeSharedSecret(IncomingMessage in) + throws KeyAgreementException + { + BigInteger m1 = in.readMPI(); + if (m1 == null) + { + throw new KeyAgreementException("missing message (2)"); + } + + BigInteger p = ownerKey.getParams().getP(); + ZZ = m1.modPow(x, p); // ZZ = (yb ^ xa) mod p + + complete = true; + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java new file mode 100644 index 0000000..1c4e11c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java @@ -0,0 +1,130 @@ +/* ElGamalKeyAgreement.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.BaseKeyAgreementParty; +import gnu.javax.crypto.key.KeyAgreementException; + +import java.math.BigInteger; + +/** + *

The ElGamal key agreement, also known as the half-certified Diffie-Hellman + * key agreement, is described in the Handbook of Applied Cryptography [HAC] as + * follows:

+ *
    + *
  • A sends to B a single message allowing one-pass key agreement.
    • + *
  • A obtains an authentic copy of B's public key (p, g, yb), where + * yb = g**xb.
    • + *
  • A chooses a random integer x, 1 <= x <= p-2, and sends B the + * message g**x. A computes the shared secret key K as yb**x.
    • + *
  • B computes the same key K on receipt of the previous message as + * (g**x)**xb.
    • + *
+ * + *

RFC-2631 describes an Ephemeral-Static Mode of operations with + * Diffie-Hellman keypairs as follows:

+ * 
+ * "In Ephemeral-Static mode, the recipient has a static (and certified)
+ * key pair, but the sender generates a new key pair for each message
+ * and sends it using the originatorKey production. If the sender's key
+ * is freshly generated for each message, the shared secret ZZ will be
+ * similarly different for each message and partyAInfo MAY be omitted,
+ * since it serves merely to decouple multiple KEKs generated by the
+ * same set of pairwise keys. If, however, the same ephemeral sender key
+ * is used for multiple messages (e.g. it is cached as a performance
+ * optimization) then a separate partyAInfo MUST be used for each
+ * message. All implementations of this standard MUST implement
+ * Ephemeral-Static mode."
+ *
+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
  2. [HAC]: Handbook of + * Applied Cryptography.
    + * CRC Press, Inc. ISBN 0-8493-8523-7, 1997
    + * Menezes, A., van Oorschot, P. and S. Vanstone.
    3. + *
+ */ +public abstract class ElGamalKeyAgreement extends BaseKeyAgreementParty +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.elgamal.ka.prng"; + + public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY = "gnu.crypto.elgamal.ka.recipient.private.key"; + + public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY = "gnu.crypto.elgamal.ka.recipient.public.key"; + + /** The shared secret key. */ + protected BigInteger ZZ; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected ElGamalKeyAgreement() + { + super(Registry.ELGAMAL_KA); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of common abstract methods in BaseKeyAGreementParty ------ + + protected byte[] engineSharedSecret() throws KeyAgreementException + { + return Util.trim(ZZ); + } + + protected void engineReset() + { + ZZ = null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java new file mode 100644 index 0000000..24776cb --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java @@ -0,0 +1,121 @@ +/* ElGamalReceiver.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Map; + +import javax.crypto.interfaces.DHPrivateKey; + +/** + *

This implementation is the receiver's part of the ElGamal key agreement + * exchange (B in [HAC]).

+ * + * @see ElGamalKeyAgreement + */ +public class ElGamalReceiver extends ElGamalKeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The recipient's private key. */ + private DHPrivateKey B; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + // One-time setup (key generation and publication). Each user B generates + // a keypair and publishes its public key + B = (DHPrivateKey) attributes.get(KA_ELGAMAL_RECIPIENT_PRIVATE_KEY); + if (B == null) + { + throw new KeyAgreementException("missing recipient private key"); + } + } + + protected OutgoingMessage engineProcessMessage(IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage computeSharedSecret(IncomingMessage in) + throws KeyAgreementException + { + // (b) B computes the same key on receipt of message (1) as + // K = (g^x)^xb mod p + BigInteger m1 = in.readMPI(); + if (m1 == null) + { + throw new KeyAgreementException("missing message (1)"); + } + + ZZ = m1.modPow(B.getX(), B.getParams().getP()); // ZZ = (ya ^ xb) mod p + + complete = true; + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java new file mode 100644 index 0000000..a2de80a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java @@ -0,0 +1,134 @@ +/* ElGamalSender.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Map; + +import javax.crypto.interfaces.DHPublicKey; + +/** + *

This implementation is the sender's part of the ElGamal key agreement + * exchange (A in [HAC]).

+ * + * @see ElGamalKeyAgreement + */ +public class ElGamalSender extends ElGamalKeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The recipient's public key. */ + private DHPublicKey B; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + // One-time setup (key generation and publication). Each user B generates + // a keypair and publishes its public key + B = (DHPublicKey) attributes.get(KA_ELGAMAL_RECIPIENT_PUBLIC_KEY); + if (B == null) + { + throw new KeyAgreementException("missing recipient public key"); + } + } + + protected OutgoingMessage engineProcessMessage(IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage computeSharedSecret(IncomingMessage in) + throws KeyAgreementException + { + BigInteger p = B.getParams().getP(); + BigInteger g = B.getParams().getG(); + BigInteger yb = B.getY(); + + // A chooses a random integer x, 1 <= x <= p-2 + // rfc-2631 restricts x to only be in [2, p-1] + BigInteger p_minus_2 = p.subtract(TWO); + byte[] xBytes = new byte[(p_minus_2.bitLength() + 7) / 8]; + BigInteger x; + do + { + nextRandomBytes(xBytes); + x = new BigInteger(1, xBytes); + } + while (x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0); + + // A sends B the message: g^x mod p + OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(g.modPow(x, p)); + + // A computes the key as K = (yb)^x mod p + ZZ = yb.modPow(x, p); // ZZ = (yb ^ xa) mod p + + complete = true; + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java new file mode 100644 index 0000000..f1e42d9 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java @@ -0,0 +1,184 @@ +/* GnuDHKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.util.FormatUtil; + +import java.math.BigInteger; +import java.security.Key; + +import javax.crypto.interfaces.DHKey; +import javax.crypto.spec.DHParameterSpec; + +/** + *

A base asbtract class for both public and private Diffie-Hellman keys. It + * encapsulates the two DH numbers: p, and g.

+ * + *

According to the JDK, cryptographic Keys all have a format. + * The format used in this implementation is called Raw, and basically + * consists of the raw byte sequences of algorithm parameters. The exact order + * of the byte sequences and the implementation details are given in each of + * the relevant getEncoded() methods of each of the private and + * public keys.

+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
+ */ +public abstract class GnuDHKey implements Key, DHKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The public prime q. A prime divisor of p-1. */ + protected BigInteger q; + + /** The public prime p. */ + protected BigInteger p; + + /** The generator g. */ + protected BigInteger g; + + /** + * Identifier of the default encoding format to use when externalizing the + * key material. + */ + protected final int defaultFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial protected constructor. + * + * @param defaultFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + */ + protected GnuDHKey(int defaultFormat, BigInteger q, BigInteger p, BigInteger g) + { + super(); + + this.defaultFormat = defaultFormat <= 0 ? Registry.RAW_ENCODING_ID + : defaultFormat; + this.q = q; + this.p = p; + this.g = g; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // javax.crypto.interfaces.DHKey interface implementation ------------------ + + public DHParameterSpec getParams() + { + if (q == null) + { + return new DHParameterSpec(p, g); + } + else + { + return new DHParameterSpec(p, g, q.bitLength()); + } + } + + // java.security.Key interface implementation ------------------------------ + + public String getAlgorithm() + { + return Registry.DH_KPG; + } + + /** @deprecated see getEncoded(int). */ + public byte[] getEncoded() + { + return getEncoded(defaultFormat); + } + + public String getFormat() + { + return FormatUtil.getEncodingShortName(defaultFormat); + } + + // Other instance methods -------------------------------------------------- + + public BigInteger getQ() + { + return q; + } + + /** + *

Returns true if the designated object is an instance of + * {@link DHKey} and has the same Diffie-Hellman parameter values as this + * one.

+ * + * @param obj the other non-null DH key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof DHKey)) + { + return false; + } + DHKey that = (DHKey) obj; + return p.equals(that.getParams().getP()) + && g.equals(that.getParams().getG()); + } + + // abstract methods to be implemented by subclasses ------------------------ + + public abstract byte[] getEncoded(int format); +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java new file mode 100644 index 0000000..eafc8d0 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java @@ -0,0 +1,290 @@ +/* GnuDHKeyPairGenerator.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.hash.Sha160; +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.util.PRNG; + +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.util.Map; + +import javax.crypto.spec.DHGenParameterSpec; +import javax.crypto.spec.DHParameterSpec; + +/** + *

An implementation of a Diffie-Hellman keypair generator.

+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
+ */ +public class GnuDHKeyPairGenerator implements IKeyPairGenerator +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "dh"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 5; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * Property name of an optional {@link SecureRandom} instance to use. The + * default is to use a classloader singleton from {@link PRNG}. + */ + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.prng"; + + /** + * Property name of an optional {@link DHGenParameterSpec} or + * {@link DHParameterSpec} instance to use for this generator. + */ + public static final String DH_PARAMETERS = "gnu.crypto.dh.params"; + + /** Property name of the size in bits (Integer) of the public prime (p). */ + public static final String PRIME_SIZE = "gnu.crypto.dh.L"; + + /** Property name of the size in bits (Integer) of the private exponent (x). */ + public static final String EXPONENT_SIZE = "gnu.crypto.dh.m"; + + /** + * Property name of the preferred encoding format to use when externalizing + * generated instance of key-pairs from this generator. The property is taken + * to be an {@link Integer} that encapsulates an encoding format identifier. + */ + public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.dh.encoding"; + + /** Default value for the size in bits of the public prime (p). */ + // private static final int DEFAULT_PRIME_SIZE = 1024; + public static final int DEFAULT_PRIME_SIZE = 512; + + /** Default value for the size in bits of the private exponent (x). */ + public static final int DEFAULT_EXPONENT_SIZE = 160; + + /** Default encoding format to use when none was specified. */ + private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; + + /** The SHA instance to use. */ + private Sha160 sha = new Sha160(); + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + /** The desired size in bits of the public prime (p). */ + private int l; + + /** The desired size in bits of the private exponent (x). */ + private int m; + + private BigInteger seed; + + private BigInteger counter; + + private BigInteger q; + + private BigInteger p; + + private BigInteger j; + + private BigInteger g; + + /** Our default source of randomness. */ + private PRNG prng = null; + + /** Preferred encoding format of generated keys. */ + private int preferredFormat; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.keys.IKeyPairGenerator interface implementation --------------- + + public String name() + { + return Registry.DH_KPG; + } + + public void setup(Map attributes) + { + // do we have a SecureRandom, or should we use our own? + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + // are we given a set of Diffie-Hellman generation parameters or we shall + // use our own? + Object params = attributes.get(DH_PARAMETERS); + + // find out the desired sizes + if (params instanceof DHGenParameterSpec) + { + DHGenParameterSpec jceSpec = (DHGenParameterSpec) params; + l = jceSpec.getPrimeSize(); + m = jceSpec.getExponentSize(); + } + else if (params instanceof DHParameterSpec) + { + DHParameterSpec jceSpec = (DHParameterSpec) params; + l = jceSpec.getP().bitLength(); + m = jceSpec.getL(); + } + else + { + Integer bi = (Integer) attributes.get(PRIME_SIZE); + l = (bi == null ? DEFAULT_PRIME_SIZE : bi.intValue()); + bi = (Integer) attributes.get(EXPONENT_SIZE); + m = (bi == null ? DEFAULT_EXPONENT_SIZE : bi.intValue()); + } + + // if ((L % 256) != 0 || L < 1024) { + if ((l % 256) != 0 || l < DEFAULT_PRIME_SIZE) + { + throw new IllegalArgumentException("invalid modulus size"); + } + if ((m % 8) != 0 || m < DEFAULT_EXPONENT_SIZE) + { + throw new IllegalArgumentException("invalid exponent size"); + } + if (m > l) + { + throw new IllegalArgumentException("exponent size > modulus size"); + } + + // what is the preferred encoding format + Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); + preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT + : formatID.intValue(); + } + + public KeyPair generate() + { + if (p == null) + { + BigInteger[] params = new RFC2631(m, l, rnd).generateParameters(); + seed = params[RFC2631.DH_PARAMS_SEED]; + counter = params[RFC2631.DH_PARAMS_COUNTER]; + q = params[RFC2631.DH_PARAMS_Q]; + p = params[RFC2631.DH_PARAMS_P]; + j = params[RFC2631.DH_PARAMS_J]; + g = params[RFC2631.DH_PARAMS_G]; + if (DEBUG && debuglevel > 0) + { + debug("seed: 0x" + seed.toString(16)); + debug("counter: " + counter.intValue()); + debug("q: 0x" + q.toString(16)); + debug("p: 0x" + p.toString(16)); + debug("j: 0x" + j.toString(16)); + debug("g: 0x" + g.toString(16)); + } + } + + // generate a private number x of length m such as: 1 < x < q - 1 + BigInteger q_minus_1 = q.subtract(BigInteger.ONE); + byte[] mag = new byte[(m + 7) / 8]; + BigInteger x; + while (true) + { + nextRandomBytes(mag); + x = new BigInteger(1, mag); + if (x.bitLength() == m && x.compareTo(BigInteger.ONE) > 0 + && x.compareTo(q_minus_1) < 0) + { + break; + } + } + BigInteger y = g.modPow(x, p); + + PrivateKey secK = new GnuDHPrivateKey(preferredFormat, q, p, g, x); + PublicKey pubK = new GnuDHPublicKey(preferredFormat, q, p, g, y); + + return new KeyPair(pubK, secK); + } + + // other methods ----------------------------------------------------------- + + /** + *

Fills the designated byte array with random data.

+ * + * @param buffer the byte array to fill with random data. + */ + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java new file mode 100644 index 0000000..0e71623 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java @@ -0,0 +1,196 @@ +/* GnuDHPrivateKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPrivateKey; + +/** + *

An implementation of the Diffie-Hellman private key.

+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
+ */ +public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The private exponent. */ + private final BigInteger x; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Convenience constructor. Calls the constructor with five arguments passing + * {@link Registry#RAW_ENCODING_ID} as the value of its first argument. + * + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param x the private value x. + */ + public GnuDHPrivateKey(BigInteger q, BigInteger p, BigInteger g, BigInteger x) + { + this(Registry.RAW_ENCODING_ID, q, p, g, x); + } + + /** + * Constructs a new instance of GnuDHPrivateKey given the + * designated parameters. + * + * @param preferredFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param x the private value x. + */ + public GnuDHPrivateKey(int preferredFormat, + BigInteger q, BigInteger p, BigInteger g, BigInteger x) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID + : preferredFormat, + q, p, g); + + this.x = x; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

A class method that takes the output of the encodePrivateKey() + * method of a DH keypair codec object (an instance implementing + * {@link IKeyPairCodec} for DH keys, and re-constructs an instance of this + * object.

+ * + * @param k the contents of a previously encoded instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, + * in k, to represent a valid encoding of an instance of + * this object. + * @exception IllegalArgumentException if the byte sequence does not + * represent a valid encoding of an instance of this object. + */ + public static GnuDHPrivateKey valueOf(byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_DH_PRIVATE_KEY[0]) + try + { + return (GnuDHPrivateKey) new DHKeyPairRawCodec().decodePrivateKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try PKCS#8 codec + return (GnuDHPrivateKey) new DHKeyPairPKCS8Codec().decodePrivateKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // javax.crypto.interfaces.DHPrivateKey interface implementation ----------- + + public BigInteger getX() + { + return x; + } + + // other methods ----------------------------------------------------------- + + /** + *

Returns the encoded form of this private key according to the + * designated format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @exception IllegalArgumentException if the format is not supported. + * @see gnu.crypto.key.dh.DHKeyPairRawCodec + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new DHKeyPairRawCodec().encodePrivateKey(this); + break; + case IKeyPairCodec.PKCS8_FORMAT: + result = new DHKeyPairPKCS8Codec().encodePrivateKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + * Returns true if the designated object is an instance of + * {@link DHPrivateKey} and has the same parameter values as this one. + * + * @param obj the other non-null DH key to compare to. + * @return true if the designated object is of the same type + * and value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + return false; + + if (! (obj instanceof DHPrivateKey)) + return false; + + DHPrivateKey that = (DHPrivateKey) obj; + return super.equals(that) && x.equals(that.getX()); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java new file mode 100644 index 0000000..56516c9 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java @@ -0,0 +1,194 @@ +/* GnuDHPublicKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPublicKey; + +/** + *

An implementation of the Diffie-Hellman public key.

+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
+ */ +public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private BigInteger y; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Convenience constructor. Calls the constructor with five arguments passing + * {@link Registry#RAW_ENCODING_ID} as the value of its first argument. + * + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param y the public value y. + */ + public GnuDHPublicKey(BigInteger q, BigInteger p, BigInteger g, BigInteger y) + { + this(Registry.RAW_ENCODING_ID, q, p, g, y); + } + + /** + * Constructs a new instance of GnuDHPublicKey given the + * designated parameters. + * + * @param preferredFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param y the public value y. + */ + public GnuDHPublicKey(int preferredFormat, + BigInteger q, BigInteger p, BigInteger g, BigInteger y) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID + : preferredFormat, + q, p, g); + + this.y = y; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

A class method that takes the output of the encodePublicKey() + * method of a DH keypair codec object (an instance implementing + * {@link IKeyPairCodec} for DSS keys, and re-constructs an instance of this + * object.

+ * + * @param k the contents of a previously encoded instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, + * in k, to represent a valid encoding of an instance of this + * object. + * @exception IllegalArgumentException if the byte sequence does not + * represent a valid encoding of an instance of this object. + */ + public static GnuDHPublicKey valueOf(byte[] k) + { + // try RAW codec + if (k[0] == Registry.MAGIC_RAW_DH_PUBLIC_KEY[0]) + try + { + return (GnuDHPublicKey) new DHKeyPairRawCodec().decodePublicKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try X.509 codec + return (GnuDHPublicKey) new DHKeyPairX509Codec().decodePublicKey(k); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // javax.crypto.interfaces.DHPublicKey interface implementation ------------ + + public BigInteger getY() + { + return y; + } + + // other methods ----------------------------------------------------------- + + /** + *

Returns the encoded form of this public key according to the designated + * format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @exception IllegalArgumentException if the format is not supported. + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new DHKeyPairRawCodec().encodePublicKey(this); + break; + case IKeyPairCodec.X509_FORMAT: + result = new DHKeyPairX509Codec().encodePublicKey(this); + break; + default: + throw new IllegalArgumentException("Unsupported encoding format: " + + format); + } + return result; + } + + /** + * Returns true if the designated object is an instance of + * {@link DHPublicKey} and has the same parameter values as this one. + * + * @param obj the other non-null DH key to compare to. + * @return true if the designated object is of the same type + * and value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + return false; + + if (! (obj instanceof DHPublicKey)) + return false; + + DHPublicKey that = (DHPublicKey) obj; + return super.equals(that) && y.equals(that.getY()); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java new file mode 100644 index 0000000..d6e30b4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java @@ -0,0 +1,255 @@ +/* RFC2631.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import gnu.java.security.hash.Sha160; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Prime2; + +import java.math.BigInteger; +import java.security.SecureRandom; + +/** + *

An implementation of the Diffie-Hellman parameter generation as defined in + * RFC-2631.

+ * + *

Reference:

+ *
    + *
  1. Diffie-Hellman Key + * Agreement Method
    + * Eric Rescorla.
    2. + *
+ */ +public class RFC2631 +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int DH_PARAMS_SEED = 0; + + public static final int DH_PARAMS_COUNTER = 1; + + public static final int DH_PARAMS_Q = 2; + + public static final int DH_PARAMS_P = 3; + + public static final int DH_PARAMS_J = 4; + + public static final int DH_PARAMS_G = 5; + + private static final BigInteger TWO = BigInteger.valueOf(2L); + + /** The SHA instance to use. */ + private Sha160 sha = new Sha160(); + + /** Length of private modulus and of q. */ + private int m; + + /** Length of public modulus p. */ + private int L; + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public RFC2631(int m, int L, SecureRandom rnd) + { + super(); + + this.m = m; + this.L = L; + this.rnd = rnd; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public BigInteger[] generateParameters() + { + int i, j, counter; + byte[] u1, u2, v; + byte[] seedBytes = new byte[m / 8]; + BigInteger SEED, U, q, R, V, W, X, p, g; + // start by genrating p and q, where q is of length m and p is of length L + // 1. Set m' = m/160 where / represents integer division with rounding + // upwards. I.e. 200/160 = 2. + int m_ = (m + 159) / 160; + // 2. Set L'= L/160 + int L_ = (L + 159) / 160; + // 3. Set N'= L/1024 + int N_ = (L + 1023) / 1024; + algorithm: while (true) + { + step4: while (true) + { + // 4. Select an arbitrary bit string SEED such that length of SEED >= m + nextRandomBytes(seedBytes); + SEED = new BigInteger(1, seedBytes).setBit(m - 1).setBit(0); + // 5. Set U = 0 + U = BigInteger.ZERO; + // 6. For i = 0 to m' - 1 + // U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i) + // Note that for m=160, this reduces to the algorithm of [FIPS-186] + // U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ]. + for (i = 0; i < m_; i++) + { + u1 = SEED.add(BigInteger.valueOf(i)).toByteArray(); + u2 = SEED.add(BigInteger.valueOf(m_ + i)).toByteArray(); + sha.update(u1, 0, u1.length); + u1 = sha.digest(); + sha.update(u2, 0, u2.length); + u2 = sha.digest(); + for (j = 0; j < u1.length; j++) + { + u1[j] ^= u2[j]; + } + U = U.add(new BigInteger(1, u1).multiply(TWO.pow(160 * i))); + } + // 5. Form q from U by computing U mod (2^m) and setting the most + // significant bit (the 2^(m-1) bit) and the least significant bit to + // 1. In terms of boolean operations, q = U OR 2^(m-1) OR 1. Note + // that 2^(m-1) < q < 2^m + q = U.setBit(m - 1).setBit(0); + // 6. Use a robust primality algorithm to test whether q is prime. + // 7. If q is not prime then go to 4. + if (Prime2.isProbablePrime(q)) + { + break step4; + } + } + // 8. Let counter = 0 + counter = 0; + step9: while (true) + { + // 9. Set R = seed + 2*m' + (L' * counter) + R = SEED.add(BigInteger.valueOf(2 * m_)).add( + BigInteger.valueOf(L_ + * counter)); + // 10. Set V = 0 + V = BigInteger.ZERO; + // 12. For i = 0 to L'-1 do: V = V + SHA1(R + i) * 2^(160 * i) + for (i = 0; i < L_; i++) + { + v = R.toByteArray(); + sha.update(v, 0, v.length); + v = sha.digest(); + V = V.add(new BigInteger(1, v).multiply(TWO.pow(160 * i))); + } + // 13. Set W = V mod 2^L + W = V.mod(TWO.pow(L)); + // 14. Set X = W OR 2^(L-1) + // Note that 0 <= W < 2^(L-1) and hence X >= 2^(L-1) + X = W.setBit(L - 1); + // 15. Set p = X - (X mod (2*q)) + 1 + p = X.add(BigInteger.ONE).subtract(X.mod(TWO.multiply(q))); + // 16. If p > 2^(L-1) use a robust primality test to test whether p is + // prime. Else go to 18. + //17. If p is prime output p, q, seed, counter and stop. + if (Prime2.isProbablePrime(p)) + { + break algorithm; + } + // 18. Set counter = counter + 1 + counter++; + // 19. If counter < (4096 * N) then go to 8. + // 20. Output "failure" + if (counter >= 4096 * N_) + { + continue algorithm; + } + } + } + + // compute g. from FIPS-186, Appendix 4: + // 1. Generate p and q as specified in Appendix 2. + // 2. Let e = (p - 1) / q + BigInteger e = p.subtract(BigInteger.ONE).divide(q); + BigInteger h = TWO; + BigInteger p_minus_1 = p.subtract(BigInteger.ONE); + g = TWO; + // 3. Set h = any integer, where 1 < h < p - 1 and h differs from any + // value previously tried + for (; h.compareTo(p_minus_1) < 0; h = h.add(BigInteger.ONE)) + { + // 4. Set g = h**e mod p + g = h.modPow(e, p); + // 5. If g = 1, go to step 3 + if (!g.equals(BigInteger.ONE)) + { + break; + } + } + + return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g }; + } + + // helper methods ---------------------------------------------------------- + + /** + *

Fills the designated byte array with random data.

+ * + * @param buffer the byte array to fill with random data. + */ + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java new file mode 100644 index 0000000..192e877 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6Host.java @@ -0,0 +1,213 @@ +/* SRP6Host.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.sasl.srp.SRP; +import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider; +import gnu.javax.crypto.sasl.srp.SRPRegistry; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +/** + *

The implementation of the Host in the SRP-6 key agreement protocol.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRP6Host extends SRP6KeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The user's ephemeral key pair. */ + private KeyPair hostKeyPair; + + /** The SRP password database. */ + private SRPAuthInfoProvider passwordDB; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(final Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + N = (BigInteger) attributes.get(SHARED_MODULUS); + if (N == null) + { + throw new KeyAgreementException("missing shared modulus"); + } + g = (BigInteger) attributes.get(GENERATOR); + if (g == null) + { + throw new KeyAgreementException("missing generator"); + } + + final String md = (String) attributes.get(HASH_FUNCTION); + if (md == null || "".equals(md.trim())) + { + throw new KeyAgreementException("missing hash function"); + } + srp = SRP.instance(md); + + passwordDB = (SRPAuthInfoProvider) attributes.get(HOST_PASSWORD_DB); + if (passwordDB == null) + { + throw new KeyAgreementException("missing SRP password database"); + } + } + + protected OutgoingMessage engineProcessMessage(final IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + protected void engineReset() + { + hostKeyPair = null; + super.engineReset(); + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + final String I = in.readString(); + final BigInteger A = in.readMPI(); + + // get s and v for user identified by I + // ---------------------------------------------------------------------- + final Map credentials; + try + { + final Map userID = new HashMap(); + userID.put(Registry.SASL_USERNAME, I); + userID.put(SRPRegistry.MD_NAME_FIELD, srp.getAlgorithm()); + credentials = passwordDB.lookup(userID); + } + catch (IOException x) + { + throw new KeyAgreementException("computeSharedSecret()", x); + } + + final BigInteger s = new BigInteger( + 1, + Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD))); + final BigInteger v = new BigInteger( + 1, + Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD))); + + // Map configuration = null; + // try { + // String mode = (String) credentials.get(SRPRegistry.CONFIG_NDX_FIELD); + // configuration = passwordDB.getConfiguration(mode); + // } catch (IOException x) { + // throw new KeyAgreementException("computeSharedSecret()", x); + // } + // + // BigInteger N = new BigInteger(1, Util.fromBase64( + // (String) configuration.get(SRPRegistry.SHARED_MODULUS))); + // BigInteger g = new BigInteger(1, Util.fromBase64( + // (String) configuration.get(SRPRegistry.FIELD_GENERATOR))); + // ---------------------------------------------------------------------- + + final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator(); + final Map attributes = new HashMap(); + if (rnd != null) + { + attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd); + } + attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N); + attributes.put(SRPKeyPairGenerator.GENERATOR, g); + attributes.put(SRPKeyPairGenerator.USER_VERIFIER, v); + kpg.setup(attributes); + hostKeyPair = kpg.generate(); + + final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY(); + final BigInteger u = uValue(A, B); // u = H(A | B) + + // compute S = (Av^u) ^ b + final BigInteger b = ((SRPPrivateKey) hostKeyPair.getPrivate()).getX(); + final BigInteger S = A.multiply(v.modPow(u, N)).modPow(b, N); + + final byte[] sBytes = Util.trim(S); + final IMessageDigest hash = srp.newDigest(); + hash.update(sBytes, 0, sBytes.length); + K = new BigInteger(1, hash.digest()); + + final OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(s); + result.writeMPI(B); + + complete = true; + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java new file mode 100644 index 0000000..63c981d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6KeyAgreement.java @@ -0,0 +1,172 @@ +/* SRP6KeyAgreement.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.BaseKeyAgreementParty; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.sasl.srp.SRP; + +import java.math.BigInteger; + +/** + *

The Secure Remote Password (SRP) key agreement protocol, also known as + * SRP-6, is designed by Thomas J. Wu (see references). The protocol, and its + * elements are described as follows:

+ * + * 
+ * N    A large safe prime (N = 2q+1, where q is prime)
+ *      All arithmetic is done modulo N.
+ * g    A generator modulo N
+ * s    User's salt
+ * I    Username
+ * p    Cleartext Password
+ * H()  One-way hash function
+ * ^    (Modular) Exponentiation
+ * u    Random scrambling parameter
+ * a,b  Secret ephemeral values
+ * A,B  Public ephemeral values
+ * x    Private key (derived from p and s)
+ * v    Password verifier
+ *
+ * The host stores passwords using the following formula:
+ * x = H(s | H(I ":" p))           (s is chosen randomly)
+ * v = g^x                   (computes password verifier)
+ *
+ * The host then keeps {I, s, v} in its password database.
+ *
+ * The authentication protocol itself goes as follows:
+ * User -> Host:  I, A = g^a         (identifies self, a = random number)
+ * Host -> User:  s, B = 3v + g^b    (sends salt, b = random number)
+ *
+ * Both:  u = H(A, B)
+ *
+ * User:  x = H(s, p)                (user enters password)
+ * User:  S = (B - 3g^x) ^ (a + ux)  (computes session key)
+ * User:  K = H(S)
+ *
+ * Host:  S = (Av^u) ^ b             (computes session key)
+ * Host:  K = H(S)
+ *
+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public abstract class SRP6KeyAgreement extends BaseKeyAgreementParty +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.srp6.ka.prng"; + + public static final String SHARED_MODULUS = "gnu.crypto.srp6.ka.N"; + + public static final String GENERATOR = "gnu.crypto.srp6.ka.g"; + + public static final String HASH_FUNCTION = "gnu.crypto.srp6.ka.H"; + + public static final String USER_IDENTITY = "gnu.crypto.srp6.ka.I"; + + public static final String USER_PASSWORD = "gnu.crypto.srp6.ka.p"; + + public static final String HOST_PASSWORD_DB = "gnu.crypto.srp6.ka.password.db"; + + protected static final BigInteger THREE = BigInteger.valueOf(3L); + + protected SRP srp; + + protected BigInteger N; + + protected BigInteger g; + + /** The shared secret key. */ + protected BigInteger K; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected SRP6KeyAgreement() + { + super(Registry.SRP6_KA); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of common abstract methods in BaseKeyAGreementParty ------ + + protected byte[] engineSharedSecret() throws KeyAgreementException + { + return Util.trim(K); + } + + protected void engineReset() + { + // mda = null; + srp = null; + N = null; + g = null; + K = null; + } + + // helper methods ---------------------------------------------------------- + + protected BigInteger uValue(final BigInteger A, final BigInteger B) + { + // IMessageDigest hash = (IMessageDigest) mda.clone(); + final IMessageDigest hash = srp.newDigest(); + byte[] b; + b = Util.trim(A); + hash.update(b, 0, b.length); + b = Util.trim(B); + hash.update(b, 0, b.length); + + return new BigInteger(1, hash.digest()); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java new file mode 100644 index 0000000..ef460b1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslClient.java @@ -0,0 +1,101 @@ +/* SRP6SaslClient.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; + +/** + *

A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for + * the User (client side).

+ * + *

In this alternative, the exchange goes as follows:

+ * 
+ *    C -> S:  I                      (identifies self)
+ *    S -> C:  N, g, s, B = 3v + g^b  (sends salt, b = random number)
+ *    C -> S:  A = g^a                (a = random number)
+ *
+ * + *

All elements are computed the same way as in the standard version.

+ * + *

Reference:

+ *
    + *
  1. + * Secure Remote Password Authentication Mechanism
    + * K. Burdis, R. Naffah.
    2. + *
  2. SRP Protocol Design
    + * Thomas J. Wu.
    3. + *
+ */ +public class SRP6SaslClient extends SRP6TLSClient +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + protected OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + final OutgoingMessage result = super.computeSharedSecret(in); + + final byte[] sBytes = Util.trim(K); + final IMessageDigest hash = srp.newDigest(); + hash.update(sBytes, 0, sBytes.length); + K = new BigInteger(1, hash.digest()); + + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java new file mode 100644 index 0000000..5e75996 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6SaslServer.java @@ -0,0 +1,101 @@ +/* SRP6SaslServer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; + +import java.math.BigInteger; + +/** + *

A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for + * the Host (server side).

+ * + *

In this alternative, the exchange goes as follows:

+ * 
+ *    C -> S:  I                      (identifies self)
+ *    S -> C:  N, g, s, B = 3v + g^b  (sends salt, b = random number)
+ *    C -> S:  A = g^a                (a = random number)
+ *
+ * + *

All elements are computed the same way as in the standard version.

+ * + *

Reference:

+ *
    + *
  1. + * Secure Remote Password Authentication Mechanism
    + * K. Burdis, R. Naffah.
    2. + *
  2. SRP Protocol Design
    + * Thomas J. Wu.
    3. + *
+ */ +public class SRP6SaslServer extends SRP6TLSServer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + protected OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + super.computeSharedSecret(in); + + final byte[] sBytes = Util.trim(K); + final IMessageDigest hash = srp.newDigest(); + hash.update(sBytes, 0, sBytes.length); + K = new BigInteger(1, hash.digest()); + + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java new file mode 100644 index 0000000..5474a1e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSClient.java @@ -0,0 +1,191 @@ +/* SRP6TLSClient.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.util.Util; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.sasl.srp.SRP; + +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +/** + *

A variation of the SRP6 key agreement protocol, for the client-side as + * proposed in + * Using + * SRP for TLS Authentication. The only difference between it and the SASL + * variant is that the shared secret is the entity S and not + * H(S).

+ */ +public class SRP6TLSClient extends SRP6KeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The user's identity. */ + private String I; + + /** The user's cleartext password. */ + private byte[] p; + + /** The user's ephemeral key pair. */ + private KeyPair userKeyPair; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(final Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + final String md = (String) attributes.get(HASH_FUNCTION); + if (md == null || "".equals(md.trim())) + { + throw new KeyAgreementException("missing hash function"); + } + srp = SRP.instance(md); + + I = (String) attributes.get(USER_IDENTITY); + if (I == null) + { + throw new KeyAgreementException("missing user identity"); + } + p = (byte[]) attributes.get(USER_PASSWORD); + if (p == null) + { + throw new KeyAgreementException("missing user password"); + } + } + + protected OutgoingMessage engineProcessMessage(final IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return sendIdentity(in); + case 1: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + protected void engineReset() + { + I = null; + p = null; + userKeyPair = null; + super.engineReset(); + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage sendIdentity(final IncomingMessage in) + throws KeyAgreementException + { + final OutgoingMessage result = new OutgoingMessage(); + result.writeString(I); + + return result; + } + + protected OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + N = in.readMPI(); + g = in.readMPI(); + final BigInteger s = in.readMPI(); + final BigInteger B = in.readMPI(); + + // generate an ephemeral keypair + final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator(); + final Map attributes = new HashMap(); + if (rnd != null) + { + attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd); + } + attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N); + attributes.put(SRPKeyPairGenerator.GENERATOR, g); + kpg.setup(attributes); + userKeyPair = kpg.generate(); + + final BigInteger A = ((SRPPublicKey) userKeyPair.getPublic()).getY(); + final BigInteger u = uValue(A, B); // u = H(A | B) + final BigInteger x; + try + { + x = new BigInteger(1, srp.computeX(Util.trim(s), I, p)); + } + catch (Exception e) + { + throw new KeyAgreementException("computeSharedSecret()", e); + } + + // compute S = (B - 3g^x) ^ (a + ux) + final BigInteger a = ((SRPPrivateKey) userKeyPair.getPrivate()).getX(); + final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N))).modPow( + a.add(u.multiply(x)), + N); + + K = S; + + final OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(A); + + complete = true; + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java new file mode 100644 index 0000000..23e4440 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6TLSServer.java @@ -0,0 +1,220 @@ +/* SRP6TLSServer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.sasl.srp.SRP; +import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider; +import gnu.javax.crypto.sasl.srp.SRPRegistry; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +/** + *

A variation of the SRP6 key agreement protocol, for the server-side as + * proposed in + * Using + * SRP for TLS Authentication. The only difference between it and the SASL + * variant is that the shared secret is the entity S and not + * H(S).

+ * + * @version $Revision: 1.1 $ + */ +public class SRP6TLSServer extends SRP6KeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The user's ephemeral key pair. */ + private KeyPair hostKeyPair; + + /** The SRP password database. */ + private SRPAuthInfoProvider passwordDB; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(final Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + final String md = (String) attributes.get(HASH_FUNCTION); + if (md == null || "".equals(md.trim())) + { + throw new KeyAgreementException("missing hash function"); + } + srp = SRP.instance(md); + + passwordDB = (SRPAuthInfoProvider) attributes.get(HOST_PASSWORD_DB); + if (passwordDB == null) + { + throw new KeyAgreementException("missing SRP password database"); + } + } + + protected OutgoingMessage engineProcessMessage(final IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return sendParameters(in); + case 1: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + protected void engineReset() + { + hostKeyPair = null; + super.engineReset(); + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage sendParameters(final IncomingMessage in) + throws KeyAgreementException + { + final String I = in.readString(); + + // get s and v for user identified by I + // ---------------------------------------------------------------------- + final Map credentials; + try + { + final Map userID = new HashMap(); + userID.put(Registry.SASL_USERNAME, I); + userID.put(SRPRegistry.MD_NAME_FIELD, srp.getAlgorithm()); + credentials = passwordDB.lookup(userID); + } + catch (IOException x) + { + throw new KeyAgreementException("computeSharedSecret()", x); + } + + final BigInteger s = new BigInteger( + 1, + Util.fromBase64((String) credentials.get(SRPRegistry.SALT_FIELD))); + final BigInteger v = new BigInteger( + 1, + Util.fromBase64((String) credentials.get(SRPRegistry.USER_VERIFIER_FIELD))); + + final Map configuration; + try + { + final String mode = (String) credentials.get(SRPRegistry.CONFIG_NDX_FIELD); + configuration = passwordDB.getConfiguration(mode); + } + catch (IOException x) + { + throw new KeyAgreementException("computeSharedSecret()", x); + } + + N = new BigInteger( + 1, + Util.fromBase64((String) configuration.get(SRPRegistry.SHARED_MODULUS))); + g = new BigInteger( + 1, + Util.fromBase64((String) configuration.get(SRPRegistry.FIELD_GENERATOR))); + // ---------------------------------------------------------------------- + + // generate an ephemeral keypair + final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator(); + final Map attributes = new HashMap(); + if (rnd != null) + { + attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd); + } + attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N); + attributes.put(SRPKeyPairGenerator.GENERATOR, g); + attributes.put(SRPKeyPairGenerator.USER_VERIFIER, v); + kpg.setup(attributes); + hostKeyPair = kpg.generate(); + + final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY(); + + final OutgoingMessage result = new OutgoingMessage(); + result.writeMPI(N); + result.writeMPI(g); + result.writeMPI(s); + result.writeMPI(B); + + return result; + } + + protected OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + final BigInteger A = in.readMPI(); + + final BigInteger B = ((SRPPublicKey) hostKeyPair.getPublic()).getY(); + final BigInteger u = uValue(A, B); // u = H(A | B) + + // compute S = (Av^u) ^ b + final BigInteger b = ((SRPPrivateKey) hostKeyPair.getPrivate()).getX(); + final BigInteger v = ((SRPPrivateKey) hostKeyPair.getPrivate()).getV(); + final BigInteger S = A.multiply(v.modPow(u, N)).modPow(b, N); + + K = S; + + complete = true; + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java new file mode 100644 index 0000000..d300d6f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRP6User.java @@ -0,0 +1,203 @@ +/* SRP6User.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.sasl.srp.SRP; + +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.util.HashMap; +import java.util.Map; + +/** + *

The implementation of the User in the SRP-6 protocol.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRP6User extends SRP6KeyAgreement +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The user's identity. */ + private String I; + + /** The user's cleartext password. */ + private byte[] p; + + /** The user's ephemeral key pair. */ + private KeyPair userKeyPair; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // implementation of abstract methods in base class ------------------------ + + protected void engineInit(final Map attributes) throws KeyAgreementException + { + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + N = (BigInteger) attributes.get(SHARED_MODULUS); + if (N == null) + { + throw new KeyAgreementException("missing shared modulus"); + } + g = (BigInteger) attributes.get(GENERATOR); + if (g == null) + { + throw new KeyAgreementException("missing generator"); + } + + final String md = (String) attributes.get(HASH_FUNCTION); + if (md == null || "".equals(md.trim())) + { + throw new KeyAgreementException("missing hash function"); + } + srp = SRP.instance(md); + + I = (String) attributes.get(USER_IDENTITY); + if (I == null) + { + throw new KeyAgreementException("missing user identity"); + } + p = (byte[]) attributes.get(USER_PASSWORD); + if (p == null) + { + throw new KeyAgreementException("missing user password"); + } + } + + protected OutgoingMessage engineProcessMessage(final IncomingMessage in) + throws KeyAgreementException + { + switch (step) + { + case 0: + return sendIdentity(in); + case 1: + return computeSharedSecret(in); + default: + throw new IllegalStateException("unexpected state"); + } + } + + protected void engineReset() + { + I = null; + p = null; + userKeyPair = null; + super.engineReset(); + } + + // own methods ------------------------------------------------------------- + + private OutgoingMessage sendIdentity(final IncomingMessage in) + throws KeyAgreementException + { + // generate an ephemeral keypair + final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator(); + final Map attributes = new HashMap(); + if (rnd != null) + { + attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd); + } + attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N); + attributes.put(SRPKeyPairGenerator.GENERATOR, g); + kpg.setup(attributes); + userKeyPair = kpg.generate(); + + final OutgoingMessage result = new OutgoingMessage(); + result.writeString(I); + result.writeMPI(((SRPPublicKey) userKeyPair.getPublic()).getY()); + + return result; + } + + private OutgoingMessage computeSharedSecret(final IncomingMessage in) + throws KeyAgreementException + { + final BigInteger s = in.readMPI(); + final BigInteger B = in.readMPI(); + + final BigInteger A = ((SRPPublicKey) userKeyPair.getPublic()).getY(); + final BigInteger u = uValue(A, B); // u = H(A | B) + + final BigInteger x; + try + { + x = new BigInteger(1, srp.computeX(Util.trim(s), I, p)); + } + catch (Exception e) + { + throw new KeyAgreementException("computeSharedSecret()", e); + } + + // compute S = (B - 3g^x) ^ (a + ux) + final BigInteger a = ((SRPPrivateKey) userKeyPair.getPrivate()).getX(); + final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N))).modPow( + a.add(u.multiply(x)), + N); + + final byte[] sBytes = Util.trim(S); + final IMessageDigest hash = srp.newDigest(); + hash.update(sBytes, 0, sBytes.length); + K = new BigInteger(1, hash.digest()); + + complete = true; + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java new file mode 100644 index 0000000..b068863 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPAlgorithm.java @@ -0,0 +1,175 @@ +/* SRPAlgorithm.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.util.Prime2; +import gnu.javax.crypto.sasl.srp.SRPRegistry; + +import java.math.BigInteger; + +/** + *

Utilities for use with SRP-6 based methods and protocols.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRPAlgorithm +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // lifted from draft-burdis-cat-srp-sasl-09 + public static final BigInteger N_2048 = new BigInteger( + "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050" + + "A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50" + + "E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B8" + + "55F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773B" + + "CA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748" + + "544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6" + + "AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6" + + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F9E4AFF73", + 16); + + public static final BigInteger N_1536 = new BigInteger( + "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA9614B19CC4D" + + "5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F84380B655BB9A22E8DC" + + "DF028A7CEC67F0D08134B1C8B97989149B609E0BE3BAB63D47548381DBC5B1FC" + + "764E3F4B53DD9DA1158BFD3E2B9C8CF56EDF019539349627DB2FD53D24B7C486" + + "65772E437D6C7F8CE442734AF7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E" + + "5A021FFF5E91479E8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB", + 16); + + public static final BigInteger N_1280 = new BigInteger( + "D77946826E811914B39401D56A0A7843A8E7575D738C672A090AB1187D690DC4" + + "3872FC06A7B6A43F3B95BEAEC7DF04B9D242EBDC481111283216CE816E004B78" + + "6C5FCE856780D41837D95AD787A50BBE90BD3A9C98AC0F5FC0DE744B1CDE1891" + + "690894BC1F65E00DE15B4B2AA6D87100C9ECC2527E45EB849DEB14BB2049B163" + + "EA04187FD27C1BD9C7958CD40CE7067A9C024F9B7C5A0B4F5003686161F0605B", + 16); + + public static final BigInteger N_1024 = new BigInteger( + "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576" + + "D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD1" + + "5DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC" + + "68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3", + 16); + + public static final BigInteger N_768 = new BigInteger( + "B344C7C4F8C495031BB4E04FF8F84EE95008163940B9558276744D91F7CC9F40" + + "2653BE7147F00F576B93754BCDDF71B636F2099E6FFF90E79575F3D0DE694AFF" + + "737D9BE9713CEF8D837ADA6380B1093E94B6A529A8C6C2BE33E0867C60C3262B", + 16); + + public static final BigInteger N_640 = new BigInteger( + "C94D67EB5B1A2346E8AB422FC6A0EDAEDA8C7F894C9EEEC42F9ED250FD7F0046" + + "E5AF2CF73D6B2FA26BB08033DA4DE322E144E7A8E9B12A0E4637F6371F34A207" + + "1C4B3836CBEEAB15034460FAA7ADF483", + 16); + + public static final BigInteger N_512 = new BigInteger( + "D4C7F8A2B32C11B8FBA9581EC4BA4F1B04215642EF7355E37C0FC0443EF756EA" + + "2C6B8EEB755A1C723027663CAA265EF785B8FF6A9B35227A52D86633DBDFCA43", + 16); + + public static final BigInteger N_384 = new BigInteger( + "8025363296FB943FCE54BE717E0E2958A02A9672EF561953B2BAA3BAACC3ED57" + + "54EB764C7AB7184578C57D5949CCB41B", + 16); + + public static final BigInteger N_264 = new BigInteger( + "115B8B692E0E045692CF280B436735C77A5A9E8A9E7ED56C965F87DB5B2A2ECE3", + 16); + + private static final BigInteger ZERO = BigInteger.ZERO; + + private static final BigInteger ONE = BigInteger.ONE; + + private static final BigInteger TWO = BigInteger.valueOf(2L); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce usage through class methods. */ + private SRPAlgorithm() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static void checkParams(final BigInteger N, final BigInteger g) + { + // 1. N should be at least 512-bit long + final int blen = N.bitLength(); + if (blen < SRPRegistry.MINIMUM_MODULUS_BITLENGTH) + { + throw new IllegalArgumentException( + "Bit length of N (" + + blen + + ") is too low. Should be at least " + + SRPRegistry.MINIMUM_MODULUS_BITLENGTH); + } + // 2. N should be a prime + if (!Prime2.passEulerCriterion(N)) + { + throw new IllegalArgumentException("N should be prime but isn't"); + } + // 3. N should be of the form 2*q + 1, where q is prime + final BigInteger q = N.subtract(ONE).divide(TWO); + if (!Prime2.passEulerCriterion(q)) + { + throw new IllegalArgumentException("(N-1)/2 should be prime but isn't"); + } + // 4. g**q should be -1 mod N + final BigInteger gq = g.modPow(q, N).add(ONE).mod(N); + if (gq.compareTo(ZERO) != 0) + { + throw new IllegalArgumentException( + "g**q should be -1 (mod N) but isn't"); + } + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java new file mode 100644 index 0000000..202ef33 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKey.java @@ -0,0 +1,170 @@ +/* SRPKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.io.Serializable; +import java.math.BigInteger; +import java.security.Key; + +/** + *

An abstract representation of a base SRP ephemeral key.

+ * + *

This object encapsulates the two numbers:

+ *
    + *
  • N: A large safe prime (N = 2q+1, where q is prime).
    • + *
  • g: A generator modulo N.
    • + *
+ * + *

Note that in SRP, all arithmetic is done modulo N.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public abstract class SRPKey implements Key, Serializable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The public, Germaine prime, shared modulus. */ + protected final BigInteger N; + + /** The generator. */ + protected final BigInteger g; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected SRPKey(BigInteger N, BigInteger g) + { + super(); + + this.N = N; + this.g = g; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.security.Key interface implementation ------------------------------ + + /** + *

Returns the standard algorithm name for this key.

+ * + * @return the standard algorithm name for this key. + */ + public String getAlgorithm() + { + return Registry.SRP_KPG; + } + + /** @deprecated see getEncoded(int). */ + public byte[] getEncoded() + { + return getEncoded(IKeyPairCodec.RAW_FORMAT); + } + + /** + * Returns {@link Registry#RAW_ENCODING_SHORT_NAME} which is the sole format + * supported for this type of keys. + * + * @return {@link Registry#RAW_ENCODING_SHORT_NAME} ALWAYS. + */ + public String getFormat() + { + return Registry.RAW_ENCODING_SHORT_NAME; + } + + // other methods ----------------------------------------------------------- + + /** + *

Returns the public shared modulus.

+ * + * @return N. + */ + public BigInteger getN() + { + return N; + } + + /** + *

Returns the generator.

+ * + * @return g. + */ + public BigInteger getG() + { + return g; + } + + /** + *

Returns true if the designated object is an instance of + * SRPKey and has the same SRP parameter values as this one.

+ * + * @param obj the other non-null SRP key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof SRPKey)) + { + return false; + } + SRPKey that = (SRPKey) obj; + return N.equals(that.getN()) && g.equals(that.getG()); + } + + // abstract methods to be implemented by subclasses ------------------------ + + public abstract byte[] getEncoded(int format); +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java new file mode 100644 index 0000000..2957fc3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java @@ -0,0 +1,351 @@ +/* SRPKeyPairGenerator.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Prime2; + +import java.io.PrintWriter; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.util.Map; + +/** + * + * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRPKeyPairGenerator implements IKeyPairGenerator +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "srp"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 5; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final BigInteger ZERO = BigInteger.ZERO; + + private static final BigInteger ONE = BigInteger.ONE; + + private static final BigInteger TWO = BigInteger.valueOf(2L); + + private static final BigInteger THREE = BigInteger.valueOf(3L); + + /** Property name of the length (Integer) of the modulus (N) of an SRP key. */ + public static final String MODULUS_LENGTH = "gnu.crypto.srp.L"; + + /** Property name of the Boolean indicating wether or not to use defaults. */ + public static final String USE_DEFAULTS = "gnu.crypto.srp.use.defaults"; + + /** Property name of the modulus (N) of an SRP key. */ + public static final String SHARED_MODULUS = "gnu.crypto.srp.N"; + + /** Property name of the generator (g) of an SRP key. */ + public static final String GENERATOR = "gnu.crypto.srp.g"; + + /** Property name of the user's verifier (v) for a Server SRP key. */ + public static final String USER_VERIFIER = "gnu.crypto.srp.v"; + + /** + * Property name of an optional {@link SecureRandom} instance to use. The + * default is to use a classloader singleton from {@link PRNG}. + */ + public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.srp.prng"; + + /** Default value for the modulus length. */ + private static final int DEFAULT_MODULUS_LENGTH = 1024; + + /** The optional {@link SecureRandom} instance to use. */ + private SecureRandom rnd = null; + + /** Bit length of the shared modulus. */ + private int l; + + /** The shared public modulus. */ + private BigInteger N; + + /** The Field generator. */ + private BigInteger g; + + /** The user's verifier MPI. */ + private BigInteger v; + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.key.IKeyPairGenerator interface implementation --------------- + + public String name() + { + return Registry.SRP_KPG; + } + + public void setup(Map attributes) + { + // do we have a SecureRandom, or should we use our own? + rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); + + N = (BigInteger) attributes.get(SHARED_MODULUS); + if (N != null) + { + l = N.bitLength(); + g = (BigInteger) attributes.get(GENERATOR); + if (g == null) + { + g = TWO; + } + SRPAlgorithm.checkParams(N, g); + } + else + { // generate or use default values for N and g + Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS); + if (useDefaults == null) + { + useDefaults = Boolean.TRUE; + } + Integer L = (Integer) attributes.get(MODULUS_LENGTH); + l = DEFAULT_MODULUS_LENGTH; + if (useDefaults.equals(Boolean.TRUE)) + { + if (L != null) + { + l = L.intValue(); + switch (l) + { + case 512: + N = SRPAlgorithm.N_512; + break; + case 640: + N = SRPAlgorithm.N_640; + break; + case 768: + N = SRPAlgorithm.N_768; + break; + case 1024: + N = SRPAlgorithm.N_1024; + break; + case 1280: + N = SRPAlgorithm.N_1280; + break; + case 1536: + N = SRPAlgorithm.N_1536; + break; + case 2048: + N = SRPAlgorithm.N_2048; + break; + default: + throw new IllegalArgumentException( + "unknown default shared modulus bit length"); + } + g = TWO; + l = N.bitLength(); + } + } + else + { // generate new N and g + if (L != null) + { + l = L.intValue(); + if ((l % 256) != 0 || l < 512 || l > 2048) + { + throw new IllegalArgumentException( + "invalid shared modulus bit length"); + } + } + } + } + + // are we using this generator on the server side, or the client side? + v = (BigInteger) attributes.get(USER_VERIFIER); + } + + public KeyPair generate() + { + if (N == null) + { + BigInteger[] params = generateParameters(); + BigInteger q = params[0]; + N = params[1]; + g = params[2]; + if (DEBUG && debuglevel > 0) + { + debug("q: " + q.toString(16)); + debug("N: " + N.toString(16)); + debug("g: " + g.toString(16)); + } + } + + return (v != null ? hostKeyPair() : userKeyPair()); + } + + // helper methods ---------------------------------------------------------- + + private synchronized BigInteger[] generateParameters() + { + // N A large safe prime (N = 2q+1, where q is prime) + // g A generator modulo N + BigInteger q, p, g; + byte[] qBytes = new byte[l / 8]; + do + { + do + { + nextRandomBytes(qBytes); + q = new BigInteger(1, qBytes); + q = q.setBit(0).setBit(l - 2).clearBit(l - 1); + } + while (!Prime2.isProbablePrime(q)); + p = q.multiply(TWO).add(ONE); + } + while (p.bitLength() != l || !Prime2.isProbablePrime(p)); + + // compute g. from FIPS-186, Appendix 4: e == 2 + BigInteger p_minus_1 = p.subtract(ONE); + g = TWO; + // Set h = any integer, where 1 < h < p - 1 and + // h differs from any value previously tried + for (BigInteger h = TWO; h.compareTo(p_minus_1) < 0; h = h.add(ONE)) + { + // Set g = h**2 mod p + g = h.modPow(TWO, p); + // If g = 1, go to step 3 + if (!g.equals(ONE)) + { + break; + } + } + + return new BigInteger[] { q, p, g }; + } + + private KeyPair hostKeyPair() + { + byte[] bBytes = new byte[(l + 7) / 8]; + BigInteger b, B; + do + { + do + { + nextRandomBytes(bBytes); + b = new BigInteger(1, bBytes); + } + while (b.compareTo(ONE) <= 0 || b.compareTo(N) >= 0); + B = THREE.multiply(v).add(g.modPow(b, N)).mod(N); + } + while (B.compareTo(ZERO) == 0 || B.compareTo(N) >= 0); + + KeyPair result = new KeyPair( + new SRPPublicKey(new BigInteger[] { N, g, B }), + new SRPPrivateKey(new BigInteger[] { N, g, b, + v })); + return result; + } + + private KeyPair userKeyPair() + { + byte[] aBytes = new byte[(l + 7) / 8]; + BigInteger a, A; + do + { + do + { + nextRandomBytes(aBytes); + a = new BigInteger(1, aBytes); + } + while (a.compareTo(ONE) <= 0 || a.compareTo(N) >= 0); + A = g.modPow(a, N); + } + while (A.compareTo(ZERO) == 0 || A.compareTo(N) >= 0); + + KeyPair result = new KeyPair( + new SRPPublicKey(new BigInteger[] { N, g, A }), + new SRPPrivateKey(new BigInteger[] { N, g, a })); + return result; + } + + private void nextRandomBytes(byte[] buffer) + { + if (rnd != null) + { + rnd.nextBytes(buffer); + } + else + getDefaultPRNG().nextBytes(buffer); + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java new file mode 100644 index 0000000..39234b6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPKeyPairRawCodec.java @@ -0,0 +1,380 @@ +/* SRPKeyPairRawCodec.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; + +/** + *

An object that implements the {@link IKeyPairCodec} operations for the + * Raw format to use with SRP keypairs.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRPKeyPairRawCodec implements IKeyPairCodec +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------ + + public int getFormatID() + { + return RAW_FORMAT; + } + + /** + *

Returns the encoded form of the designated SRP public key according to + * the Raw format supported by this library.

+ * + *

The Raw format for an SRP public key, in this implementation, is + * a byte sequence consisting of the following:

+ *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_SRP_PUBLIC_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the SRP parameter + * N in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * N,
    6. + *
  6. 4-byte count of following bytes representing the SRP parameter + * g,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * g,
    8. + *
  8. 4-byte count of following bytes representing the SRP parameter + * y,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * y,
    10. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not an SRP one. + */ + public byte[] encodePublicKey(PublicKey key) + { + if (!(key instanceof SRPPublicKey)) + { + throw new IllegalArgumentException("key"); + } + + SRPPublicKey srpKey = (SRPPublicKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[0]); + baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[1]); + baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[2]); + baos.write(Registry.MAGIC_RAW_SRP_PUBLIC_KEY[3]); + + // version + baos.write(0x01); + + // N + byte[] buffer = srpKey.getN().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = srpKey.getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // y + buffer = srpKey.getY().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + return baos.toByteArray(); + } + + public PublicKey decodePublicKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[0] + || k[1] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[1] + || k[2] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[2] + || k[3] != Registry.MAGIC_RAW_SRP_PUBLIC_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // N + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger N = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // y + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger y = new BigInteger(1, buffer); + + return new SRPPublicKey(N, g, y); + } + + /** + *

Returns the encoded form of the designated SRP private key according to + * the Raw format supported by this library.

+ * + *

The Raw format for an SRP private key, in this implementation, + * is a byte sequence consisting of the following:

+ *
    + *
  1. 4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_SRP_PRIVATE_KEY},
  2. + *
  3. 1-byte version consisting of the constant: 0x01,
    4. + *
  4. 4-byte count of following bytes representing the SRP parameter + * N in internet order,
    5. + *
  5. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * N,
    6. + *
  6. 4-byte count of following bytes representing the SRP parameter + * g,
    7. + *
  7. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * g,
    8. + *
  8. 4-byte count of following bytes representing the SRP parameter + * x,
    9. + *
  9. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * x,
    10. + *
  10. one byte which indicates whether the SRP parameter v + * is included in this encoding (value 0x01) or not + * (value 0x00).
    11. + *
  11. 4-byte count of following bytes representing the SRP parameter + * v,
    12. + *
  12. n-bytes representation of a {@link BigInteger} obtained by invoking + * the toByteArray() method on the SRP parameter + * v,
    13. + *
+ * + * @param key the key to encode. + * @return the Raw format encoding of the designated key. + * @throws IllegalArgumentException if the designated key is not an SRP one. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (!(key instanceof SRPPrivateKey)) + { + throw new IllegalArgumentException("key"); + } + + SRPPrivateKey srpKey = (SRPPrivateKey) key; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + + // magic + baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[0]); + baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[1]); + baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[2]); + baos.write(Registry.MAGIC_RAW_SRP_PRIVATE_KEY[3]); + + // version + baos.write(0x01); + + // N + byte[] buffer = srpKey.getN().toByteArray(); + int length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // g + buffer = srpKey.getG().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // x + buffer = srpKey.getX().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + + // v + if (srpKey.getV() != null) + { + baos.write(0x01); + + buffer = srpKey.getV().toByteArray(); + length = buffer.length; + baos.write(length >>> 24); + baos.write((length >>> 16) & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write(length & 0xFF); + baos.write(buffer, 0, length); + } + else + { + baos.write(0x00); + } + + return baos.toByteArray(); + } + + public PrivateKey decodePrivateKey(byte[] k) + { + // magic + if (k[0] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[0] + || k[1] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[1] + || k[2] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[2] + || k[3] != Registry.MAGIC_RAW_SRP_PRIVATE_KEY[3]) + { + throw new IllegalArgumentException("magic"); + } + + // version + if (k[4] != 0x01) + { + throw new IllegalArgumentException("version"); + } + int i = 5; + + int l; + byte[] buffer; + + // N + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger N = new BigInteger(1, buffer); + + // g + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger g = new BigInteger(1, buffer); + + // x + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger x = new BigInteger(1, buffer); + + // v + l = k[i++]; + if (l == 0x01) + { + l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); + buffer = new byte[l]; + System.arraycopy(k, i, buffer, 0, l); + i += l; + BigInteger v = new BigInteger(1, buffer); + + return new SRPPrivateKey(N, g, x, v); + } + else + { + return new SRPPrivateKey(N, g, x); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java new file mode 100644 index 0000000..d9f7a19a6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPrivateKey.java @@ -0,0 +1,250 @@ +/* SRPPrivateKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PrivateKey; + +/** + *

A representation of an SRP ephemeral private key.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRPPrivateKey extends SRPKey implements PrivateKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * The private exponent for either the server or the client engaged in the + * SRP protocol exchange. + */ + private final BigInteger X; + + /** + * The user's verifier (v) --for the server-- also computed at the client + * side as g.modPow(x, N), where x is the hashed output of the user name and + * password . + */ + private final BigInteger v; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Public constructor for use from outside this package.

+ * + * @param N the public shared modulus. + * @param g the generator. + * @param x the private exponent of the ephemeral key. + */ + public SRPPrivateKey(BigInteger N, BigInteger g, BigInteger x) + { + this(N, g, x, null); + } + + /** + *

Public constructor for use from outside this package.

+ * + * @param N the public shared modulus. + * @param g the generator. + * @param x the private exponent of the ephemeral key. + * @param v the user's verifier value (for the server side only). + */ + public SRPPrivateKey(BigInteger N, BigInteger g, BigInteger x, BigInteger v) + { + super(N, g); + + SRPAlgorithm.checkParams(N, g); + this.X = x; + this.v = v; + } + + /** + *

Default constructor. Assumes N and g are already validated.

+ * + * @param params an array of either 3 or 4 values representing N, g, and + * either v and X for the server, or just X for the client. Those values + * represent the following: + *
    + *
  1. v (server side): the user's verifier.
    2. + *
  2. X (both sides): the server's or client's ephemeral private exponent.
    3. + *
+ */ + SRPPrivateKey(BigInteger[] params) + { + super(params[0], params[1]); + + if (params.length == 3) + { + X = params[2]; + v = null; + } + else if (params.length == 4) + { + X = params[2]; + v = params[3]; + } + else + { + throw new IllegalArgumentException("invalid number of SRP parameters"); + } + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

A class method that takes the output of the encodePrivateKey() + * method of an SRP keypair codec object (an instance implementing + * {@link IKeyPairCodec} for DSS keys, and re-constructs an instance of this + * object.

+ * + * @param k the contents of a previously encoded instance of this object. + * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an instance of this object. + * @throws IllegalArgumentException if the byte sequence does not represent a + * valid encoding of an instance of this object. + */ + public static SRPPrivateKey valueOf(byte[] k) + { + // check magic... + // we should parse here enough bytes to know which codec to use, and + // direct the byte array to the appropriate codec. since we only have one + // codec, we could have immediately tried it; nevertheless since testing + // one byte is cheaper than instatiating a codec that will fail we test + // the first byte before we carry on. + if (k[0] == Registry.MAGIC_RAW_SRP_PRIVATE_KEY[0]) + { + // it's likely to be in raw format. get a raw codec and hand it over + IKeyPairCodec codec = new SRPKeyPairRawCodec(); + return (SRPPrivateKey) codec.decodePrivateKey(k); + } + else + { + throw new IllegalArgumentException("magic"); + } + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the private exponent of the key as a {@link BigInteger}.

+ * + * @return the private exponent of the key as a {@link BigInteger}. + */ + public BigInteger getX() + { + return X; + } + + /** + *

Returns the user's verifier as a {@link BigInteger}.

+ * + * @return the user's verifier as a {@link BigInteger} if this is an SRP + * private key of a Host, or null if this is a private SRP key + * for a User. + */ + public BigInteger getV() + { + return v; + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns the encoded form of this private key according to the + * designated format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @throws IllegalArgumentException if the format is not supported. + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new SRPKeyPairRawCodec().encodePrivateKey(this); + break; + default: + throw new IllegalArgumentException("format"); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * SRPPrivateKey and has the same SRP parameter values as this + * one.

+ * + * @param obj the other non-null SRP key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof SRPPrivateKey)) + { + return false; + } + SRPPrivateKey that = (SRPPrivateKey) obj; + boolean result = super.equals(that) && X.equals(that.getX()); + if (v != null) + { + result = result && v.equals(that.getV()); + } + return result; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java new file mode 100644 index 0000000..7283fd3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/key/srp6/SRPPublicKey.java @@ -0,0 +1,194 @@ +/* SRPPublicKey.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.srp6; + +import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; + +import java.math.BigInteger; +import java.security.PublicKey; + +/** + *

A representation of an SRP ephemeral public key.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class SRPPublicKey extends SRPKey implements PublicKey +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * The public exponent for either the server or the client engaged in the + * SRP protocol exchange. + */ + private final BigInteger Y; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Public constructor for use from outside this package.

+ * + * @param N the public shared modulus. + * @param g the generator. + * @param Y the public exponent of the ephemeral key. + */ + public SRPPublicKey(BigInteger N, BigInteger g, BigInteger Y) + { + super(N, g); + + SRPAlgorithm.checkParams(N, g); + this.Y = Y; + } + + /** + *

Default constructor. Assumes that N and g are already validated.

+ * + * @param params an array of 3 values representing N, g and Y; the latter + * being the client's or server's public exponent. + */ + SRPPublicKey(BigInteger[] params) + { + super(params[0], params[1]); + + this.Y = params[2]; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

A class method that takes the output of the encodePublicKey() + * method of an SRP keypair codec object (an instance implementing + * {@link IKeyPairCodec} for SRP keys, and re-constructs an instance of this + * object.

+ * + * @param k the contents of a previously encoded instance of this object. + * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in + * k, to represent a valid encoding of an instance of this object. + * @throws IllegalArgumentException if the byte sequence does not represent a + * valid encoding of an instance of this object. + */ + public static SRPPublicKey valueOf(byte[] k) + { + // check magic... + // we should parse here enough bytes to know which codec to use, and + // direct the byte array to the appropriate codec. since we only have one + // codec, we could have immediately tried it; nevertheless since testing + // one byte is cheaper than instatiating a codec that will fail we test + // the first byte before we carry on. + if (k[0] == Registry.MAGIC_RAW_SRP_PUBLIC_KEY[0]) + { + // it's likely to be in raw format. get a raw codec and hand it over + IKeyPairCodec codec = new SRPKeyPairRawCodec(); + return (SRPPublicKey) codec.decodePublicKey(k); + } + else + { + throw new IllegalArgumentException("magic"); + } + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the public exponent of the key as a {@link BigInteger}.

+ * + * @return the public exponent of the key as a {@link BigInteger}. + */ + public BigInteger getY() + { + return Y; + } + + // Other instance methods -------------------------------------------------- + + /** + *

Returns the encoded form of this public key according to the designated + * format.

+ * + * @param format the desired format identifier of the resulting encoding. + * @return the byte sequence encoding this key according to the designated + * format. + * @throws IllegalArgumentException if the format is not supported. + */ + public byte[] getEncoded(int format) + { + byte[] result; + switch (format) + { + case IKeyPairCodec.RAW_FORMAT: + result = new SRPKeyPairRawCodec().encodePublicKey(this); + break; + default: + throw new IllegalArgumentException("format"); + } + return result; + } + + /** + *

Returns true if the designated object is an instance of + * SRPPublicKeyand has the same SRP parameter values as this one. + *

+ * + * @param obj the other non-null SRP key to compare to. + * @return true if the designated object is of the same type and + * value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + { + return false; + } + if (!(obj instanceof SRPPublicKey)) + { + return false; + } + SRPPublicKey that = (SRPPublicKey) obj; + return super.equals(that) && Y.equals(that.getY()); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java new file mode 100644 index 0000000..22b42b3 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/AuthenticatedEntry.java @@ -0,0 +1,222 @@ +/* AuthenticatedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.security.InvalidKeyException; + +import java.util.Arrays; +import java.util.Date; +import java.util.Iterator; +import java.util.HashMap; +import java.util.List; + +import gnu.java.security.Registry; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mac.MacInputStream; +import gnu.javax.crypto.mac.MacOutputStream; + +public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements + Registry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 2; + + // Constructor. + // ------------------------------------------------------------------------ + + public AuthenticatedEntry(String mac, int macLen, Properties properties) + { + super(TYPE, properties); + + if (macLen <= 0) + { + throw new IllegalArgumentException("invalid mac length"); + } + this.properties.put("mac", mac); + this.properties.put("maclen", String.valueOf(macLen)); + setMasked(false); + } + + private AuthenticatedEntry() + { + super(TYPE); + setMasked(true); + } + + // Class methods. + // ------------------------------------------------------------------------ + + public static AuthenticatedEntry decode(DataInputStream in) + throws IOException + { + AuthenticatedEntry entry = new AuthenticatedEntry(); + entry.properties.decode(in); + if (!entry.properties.containsKey("mac")) + { + throw new MalformedKeyringException("no mac specified"); + } + if (!entry.properties.containsKey("maclen")) + { + throw new MalformedKeyringException("no mac length specified"); + } + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Computes the mac over this envelope's data. This method must be + * called before this entry in encoded. + * + * @param key The key to authenticate with. + * @throws IOException If encoding fails. + * @throws InvalidKeyException If the supplied key is bad. + */ + public void authenticate(byte[] key) throws IOException, InvalidKeyException + { + if (isMasked()) + { + throw new IllegalStateException("entry is masked"); + } + IMac m = getMac(key); + + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + MacOutputStream macout = new MacOutputStream(bout, m); + DataOutputStream out2 = new DataOutputStream(macout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry entry = (Entry) it.next(); + entry.encode(out2); + } + bout.write(m.digest()); + payload = bout.toByteArray(); + } + + /** + * Verifies this entry's payload. This method will unmask this entry, + * thus it must be called before accessing its contents. + * + * @param key The key to use to authenticate. + * @throws InvalidKeyException If the given key is improper. + */ + public void verify(byte[] key) throws InvalidKeyException + { + if (!isMasked() || payload == null) + { + return; + } + IMac m = getMac(key); + + m.update(payload, 0, payload.length - m.macSize()); + byte[] macValue = new byte[m.macSize()]; + System.arraycopy(payload, payload.length - macValue.length, macValue, 0, + macValue.length); + if (!Arrays.equals(macValue, m.digest())) + { + throw new IllegalArgumentException("MAC verification failed"); + } + try + { + DataInputStream in = new DataInputStream( + new ByteArrayInputStream( + payload, + 0, + payload.length + - m.macSize())); + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("malformed keyring fragment"); + } + setMasked(false); + payload = null; + } + + protected void encodePayload() throws IOException + { + if (payload == null) + { + throw new IllegalStateException("not authenticated"); + } + } + + // Own methods. + // ------------------------------------------------------------------------ + + private IMac getMac(byte[] key) throws InvalidKeyException + { + IMac mac = MacFactory.getInstance(properties.get("mac")); + if (mac == null) + { + throw new IllegalArgumentException("no such mac: " + + properties.get("mac")); + } + int maclen = 0; + if (!properties.containsKey("maclen")) + { + throw new IllegalArgumentException("no MAC length"); + } + try + { + maclen = Integer.parseInt(properties.get("maclen")); + } + catch (NumberFormatException nfe) + { + throw new IllegalArgumentException("bad MAC length"); + } + + HashMap macAttr = new HashMap(); + macAttr.put(IMac.MAC_KEY_MATERIAL, key); + macAttr.put(IMac.TRUNCATED_SIZE, new Integer(maclen)); + mac.init(macAttr); + return mac; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java new file mode 100644 index 0000000..5fe7dbf --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/BaseKeyring.java @@ -0,0 +1,198 @@ +/* BaseKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +import java.util.Enumeration; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; + +import gnu.java.security.Registry; + +public abstract class BaseKeyring implements IKeyring +{ + + // Fields. + // ------------------------------------------------------------------------ + + /** + * The top-level keyring data. + */ + protected PasswordAuthenticatedEntry keyring; + + protected CompressedEntry keyring2; + + // Constructors. + // ------------------------------------------------------------------------ + + public BaseKeyring() + { + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public void load(Map attributes) throws IOException + { + InputStream in = (InputStream) attributes.get(KEYRING_DATA_IN); + if (in == null) + { + throw new IllegalArgumentException("no input stream"); + } + char[] password = (char[]) attributes.get(KEYRING_PASSWORD); + if (password == null) + { + password = new char[0]; + } + + if (in.read() != Registry.GKR_MAGIC[0] + || in.read() != Registry.GKR_MAGIC[1] + || in.read() != Registry.GKR_MAGIC[2] + || in.read() != Registry.GKR_MAGIC[3]) + { + throw new MalformedKeyringException("magic"); + } + + load(in, password); + + List l = keyring.getEntries(); + if (l.size() == 1 && (l.get(0) instanceof CompressedEntry)) + { + keyring2 = (CompressedEntry) l.get(0); + } + } + + public void store(Map attributes) throws IOException + { + OutputStream out = (OutputStream) attributes.get(KEYRING_DATA_OUT); + if (out == null) + { + throw new IllegalArgumentException("no output stream"); + } + char[] password = (char[]) attributes.get(KEYRING_PASSWORD); + if (password == null) + { + password = new char[0]; + } + if (keyring == null) + { + throw new IllegalStateException("empty keyring"); + } + + out.write(Registry.GKR_MAGIC); + store(out, password); + } + + public void reset() + { + keyring = null; + } + + public int size() + { + if (keyring == null) + { + throw new IllegalStateException ("keyring not loaded"); + } + return ((StringTokenizer) aliases()).countTokens(); + } + + public Enumeration aliases() + { + if (keyring == null) + { + throw new IllegalStateException ("keyring not loaded"); + } + return new StringTokenizer(keyring.getAliasList(), ";"); + } + + public boolean containsAlias(String alias) + { + if (keyring == null) + { + throw new IllegalStateException("keyring not loaded"); + } + return keyring.containsAlias(alias); + } + + public List get(String alias) + { + if (keyring == null) + { + throw new IllegalStateException("keyring not loaded"); + } + return keyring.get(alias); + } + + public void add(Entry entry) + { + if (keyring == null) + { + throw new IllegalStateException("keyring not loaded"); + } + if (keyring2 != null) + keyring2.add(entry); + else + keyring.add(entry); + } + + public void remove(String alias) + { + if (keyring == null) + { + throw new IllegalStateException("keyring not loaded"); + } + keyring.remove(alias); + } + + protected String fixAlias(String alias) + { + return alias.replace(';', '_'); + } + + protected abstract void load(InputStream in, char[] password) + throws IOException; + + protected abstract void store(OutputStream out, char[] password) + throws IOException; +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java new file mode 100644 index 0000000..2dcd545 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/BinaryDataEntry.java @@ -0,0 +1,128 @@ +/* BinaryDataEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataInputStream; +import java.io.IOException; + +import java.util.Date; + +/** + * A binary data entry is a primitive entry that simply contains some amount + * of arbitrary binary data and an optional content type. + */ +public class BinaryDataEntry extends PrimitiveEntry +{ + + // Fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 9; + + // Constructors. + // ------------------------------------------------------------------------ + + /** + * Creates a new binary data entry. + * + * @param contentType The content type of this entry. This parameter can + * be null if no content type is needed. + * @param data The data. + * @param creationDate The creation date. + * @param properties This entry's properties. + */ + public BinaryDataEntry(String contentType, byte[] data, Date creationDate, + Properties properties) + { + super(TYPE, creationDate, properties); + if (data == null) + { + throw new IllegalArgumentException("no data"); + } + payload = (byte[]) data.clone(); + if (contentType != null) + { + this.properties.put("content-type", contentType); + } + } + + private BinaryDataEntry() + { + super(TYPE); + } + + // Class methods. + // ------------------------------------------------------------------------ + + public static BinaryDataEntry decode(DataInputStream in) throws IOException + { + BinaryDataEntry entry = new BinaryDataEntry(); + entry.defaultDecode(in); + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Returns the content type of this entry, or null if this + * property is not set. + * + * @return The content type. + */ + public String getContentType() + { + return properties.get("content-type"); + } + + /** + * Returns this object's data field. + * + * @return The data. + */ + public byte[] getData() + { + return getPayload(); + } + + protected void encodePayload() + { + // Empty. + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java new file mode 100644 index 0000000..ef62347 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/CertPathEntry.java @@ -0,0 +1,133 @@ +/* CertPathEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; + +import java.util.Date; + +/** + * A primitive entry that contains a path of X.509 certificates. + */ +public final class CertPathEntry extends PrimitiveEntry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 8; + + private Certificate[] path; + + // Constructor. + // ------------------------------------------------------------------------ + + public CertPathEntry(Certificate[] path, Date creationDate, + Properties properties) + { + super(TYPE, creationDate, properties); + if (path == null || path.length == 0) + { + throw new IllegalArgumentException("no certificate path"); + } + this.path = (Certificate[]) path.clone(); + } + + private CertPathEntry() + { + super(TYPE); + } + + // Class method. + // ------------------------------------------------------------------------ + + public static CertPathEntry decode(DataInputStream in) throws IOException + { + CertPathEntry entry = new CertPathEntry(); + entry.properties.decode(in); + entry.makeCreationDate(); + int len = in.readInt(); + MeteredInputStream in2 = new MeteredInputStream(in, len); + try + { + CertificateFactory fact = CertificateFactory.getInstance("X.509"); + entry.path = (Certificate[]) fact.generateCertificates(in2).toArray( + new Certificate[0]); + } + catch (CertificateException ce) + { + throw new MalformedKeyringException(ce.toString()); + } + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public Certificate[] getCertPath() + { + return path; + } + + protected void encodePayload() throws IOException + { + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + byte[] enc = null; + try + { + for (int i = 0; i < path.length; i++) + { + bout.write(path[i].getEncoded()); + } + } + catch (CertificateEncodingException cee) + { + throw new IOException(cee.toString()); + } + payload = bout.toByteArray(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java new file mode 100644 index 0000000..95a708a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/CertificateEntry.java @@ -0,0 +1,150 @@ +/* CertificateEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Date; + +/** + *

An immutable class representing a trusted certificate entry.

+ */ +public final class CertificateEntry extends PrimitiveEntry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int TYPE = 5; + + /** The certificate. */ + private Certificate certificate; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Creates a new certificate entry. + * + * @param certificate The certificate. + * @param creationDate The creation date. + * @param properties The alias. + * @throws IllegalArgumentException If any argument is null, or if the alias + * is empty. + */ + public CertificateEntry(Certificate certificate, Date creationDate, + Properties properties) + { + super(TYPE, creationDate, properties); + + if (certificate == null) + { + throw new IllegalArgumentException("no certificate"); + } + this.certificate = certificate; + this.properties.put("type", certificate.getType()); + } + + private CertificateEntry() + { + super(TYPE); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static CertificateEntry decode(DataInputStream in) throws IOException + { + CertificateEntry entry = new CertificateEntry(); + entry.properties.decode(in); + entry.makeCreationDate(); + String type = entry.properties.get("type"); + if (type == null) + { + throw new MalformedKeyringException("no certificate type"); + } + int len = in.readInt(); + MeteredInputStream in2 = new MeteredInputStream(in, len); + try + { + CertificateFactory fact = CertificateFactory.getInstance(type); + entry.certificate = fact.generateCertificate(in2); + } + catch (CertificateException ce) + { + throw new MalformedKeyringException(ce.toString()); + } + if (!in2.limitReached()) + { + throw new MalformedKeyringException("extra data at end of payload"); + } + return entry; + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + * Returns this entry's certificate. + * + * @return The certificate. + */ + public Certificate getCertificate() + { + return certificate; + } + + protected void encodePayload() throws IOException + { + try + { + payload = certificate.getEncoded(); + } + catch (CertificateEncodingException cee) + { + throw new IOException(cee.toString()); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java new file mode 100644 index 0000000..cce930d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/CompressedEntry.java @@ -0,0 +1,113 @@ +/* CompressedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.util.Iterator; +import java.util.zip.DeflaterOutputStream; +import java.util.zip.InflaterInputStream; + +public class CompressedEntry extends EnvelopeEntry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 4; + + // Constructor. + // ------------------------------------------------------------------------ + + public CompressedEntry(Properties properties) + { + super(TYPE, properties); + this.properties.put("algorithm", "DEFLATE"); + } + + private CompressedEntry() + { + this(new Properties()); + } + + // Class methods. + // ------------------------------------------------------------------------ + + public static CompressedEntry decode(DataInputStream in) throws IOException + { + CompressedEntry entry = new CompressedEntry(); + entry.properties.decode(in); + String alg = entry.properties.get("algorithm"); + if (alg == null) + { + throw new MalformedKeyringException("no compression algorithm"); + } + if (!alg.equalsIgnoreCase("DEFLATE")) + { + throw new MalformedKeyringException( + "unsupported compression algorithm: " + + alg); + } + int len = in.readInt(); + MeteredInputStream min = new MeteredInputStream(in, len); + InflaterInputStream infin = new InflaterInputStream(min); + DataInputStream in2 = new DataInputStream(infin); + entry.decodeEnvelope(in2); + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + protected void encodePayload() throws IOException + { + ByteArrayOutputStream buf = new ByteArrayOutputStream(1024); + DeflaterOutputStream dout = new DeflaterOutputStream(buf); + DataOutputStream out2 = new DataOutputStream(dout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + ((Entry) it.next()).encode(out2); + } + dout.finish(); + payload = buf.toByteArray(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java new file mode 100644 index 0000000..fad5f54 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/EncryptedEntry.java @@ -0,0 +1,235 @@ +/* EncryptedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.security.InvalidKeyException; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Date; +import java.util.Iterator; +import java.util.HashMap; +import java.util.List; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.pad.IPad; +import gnu.javax.crypto.pad.PadFactory; +import gnu.javax.crypto.pad.WrongPaddingException; + +public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 0; + + // Constructor. + // ------------------------------------------------------------------------ + + public EncryptedEntry(String cipher, String mode, Properties properties) + { + super(TYPE, properties); + if (cipher == null || mode == null) + { + throw new IllegalArgumentException( + "neither cipher nor mode can be null"); + } + properties.put("cipher", cipher); + properties.put("mode", mode); + setMasked(false); + } + + private EncryptedEntry() + { + super(TYPE, new Properties()); + setMasked(true); + } + + // Class methods. + // ------------------------------------------------------------------------ + + public static EncryptedEntry decode(DataInputStream in) throws IOException + { + EncryptedEntry entry = new EncryptedEntry(); + entry.defaultDecode(in); + if (!entry.properties.containsKey("cipher")) + { + throw new MalformedKeyringException("no cipher"); + } + if (!entry.properties.containsKey("cipher")) + { + throw new MalformedKeyringException("no cipher"); + } + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public void decrypt(byte[] key, byte[] iv) throws IllegalArgumentException, + WrongPaddingException + { + if (!isMasked() || payload == null) + { + return; + } + IMode mode = getMode(key, iv, IMode.DECRYPTION); + IPad padding = null; + padding = PadFactory.getInstance("PKCS7"); + padding.init(mode.currentBlockSize()); + byte[] buf = new byte[payload.length]; + int count = 0; + for (int i = 0; i < payload.length; i++) + { + mode.update(payload, count, buf, count); + count += mode.currentBlockSize(); + } + int padlen = padding.unpad(buf, 0, buf.length); + DataInputStream in = new DataInputStream( + new ByteArrayInputStream( + buf, + 0, + buf.length + - padlen)); + try + { + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("decryption failed"); + } + setMasked(false); + payload = null; + } + + public void encrypt(byte[] key, byte[] iv) throws IOException + { + IMode mode = getMode(key, iv, IMode.ENCRYPTION); + IPad pad = PadFactory.getInstance("PKCS7"); + pad.init(mode.currentBlockSize()); + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + DataOutputStream out2 = new DataOutputStream(bout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry entry = (Entry) it.next(); + entry.encode(out2); + } + byte[] plaintext = bout.toByteArray(); + byte[] padding = pad.pad(plaintext, 0, plaintext.length); + payload = new byte[plaintext.length + padding.length]; + byte[] lastBlock = new byte[mode.currentBlockSize()]; + int l = mode.currentBlockSize() - padding.length; + System.arraycopy(plaintext, plaintext.length - l, lastBlock, 0, l); + System.arraycopy(padding, 0, lastBlock, l, padding.length); + int count = 0; + while (count + mode.currentBlockSize() < plaintext.length) + { + mode.update(plaintext, count, payload, count); + count += mode.currentBlockSize(); + } + mode.update(lastBlock, 0, payload, count); + } + + public void encodePayload() throws IOException + { + if (payload == null) + { + throw new IOException("not encrypted"); + } + } + + // Own methods. + // ------------------------------------------------------------------------ + + private IMode getMode(byte[] key, byte[] iv, int state) + { + IBlockCipher cipher = CipherFactory.getInstance(properties.get("cipher")); + if (cipher == null) + { + throw new IllegalArgumentException("no such cipher: " + + properties.get("cipher")); + } + int blockSize = cipher.defaultBlockSize(); + if (properties.containsKey("block-size")) + { + try + { + blockSize = Integer.parseInt(properties.get("block-size")); + } + catch (NumberFormatException nfe) + { + throw new IllegalArgumentException("bad block size: " + + nfe.getMessage()); + } + } + IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher, + blockSize); + if (mode == null) + { + throw new IllegalArgumentException("no such mode: " + + properties.get("mode")); + } + + HashMap modeAttr = new HashMap(); + modeAttr.put(IMode.KEY_MATERIAL, key); + modeAttr.put(IMode.STATE, new Integer(state)); + modeAttr.put(IMode.IV, iv); + try + { + mode.init(modeAttr); + } + catch (InvalidKeyException ike) + { + throw new IllegalArgumentException(ike.toString()); + } + return mode; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/Entry.java b/libjava/classpath/gnu/javax/crypto/keyring/Entry.java new file mode 100644 index 0000000..fa7f496 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/Entry.java @@ -0,0 +1,178 @@ +/* Entry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +/** + * An immutable class representing a single entry in a keyring. + */ +public abstract class Entry +{ + + // Fields. + // ------------------------------------------------------------------------ + + /** This entry's type identifier. */ + protected int type; + + /** This entry's property set. */ + protected Properties properties; + + /** This entry's payload. */ + protected byte[] payload; + + // Constructor. + // ------------------------------------------------------------------------ + + /** + * Creates a new Entry. + * + * @param type This entry's type. + * @param properties This entry's properties. + * @throws IllegalArgumentException If the properties argument is null, + * or if the type is out of range. + */ + protected Entry(int type, Properties properties) + { + if (type < 0 || type > 255) + { + throw new IllegalArgumentException("invalid packet type"); + } + if (properties == null) + { + throw new IllegalArgumentException("no properties"); + } + this.type = type; + this.properties = (Properties) properties.clone(); + } + + /** + * Constructor for use by subclasses. + */ + protected Entry(final int type) + { + if (type < 0 || type > 255) + { + throw new IllegalArgumentException("invalid packet type"); + } + this.type = type; + properties = new Properties(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Returns this entry's properties object. The properties are cloned before + * being returned. + * + * @return The properties. + */ + public Properties getProperties() + { + return (Properties) properties.clone(); + } + + /** + * Returns this entry's payload data, or null if + */ + public byte[] getPayload() + { + if (payload == null) + return null; + return (byte[]) payload.clone(); + } + + /** + * This method is called when this entry needs to be written to an + * output stream. + * + * @param out The stream to write to. + * @throws IOException If an I/O exception occurs. + */ + public void encode(DataOutputStream out) throws IOException + { + if (payload == null) + { + encodePayload(); + } + if (out == null) + { + return; + } + out.write(type); + properties.encode(out); + out.writeInt(payload.length); + out.write(payload); + } + + /** + * Generic decoding method, which simply decodes the properties field + * and reads the payload field. + * + * @param in The input data stream. + * @throws IOException If an I/O error occurs. + */ + protected void defaultDecode(DataInputStream in) throws IOException + { + properties = new Properties(); + properties.decode(in); + int len = in.readInt(); + if (len < 0) + { + throw new IOException("corrupt length"); + } + payload = new byte[len]; + in.readFully(payload); + } + + // Abstract methods. + // ------------------------------------------------------------------------ + + /** + * This method is called of subclasses when the payload data needs to be + * created. + * + * @throws IOException If an encoding error occurs. + */ + protected abstract void encodePayload() throws IOException; +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java new file mode 100644 index 0000000..25b1dc2 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/EnvelopeEntry.java @@ -0,0 +1,398 @@ +/* EnvelopeEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.StringTokenizer; + +/** + * An envelope entry is a generic container for some number of primitive + * and other envelope entries. + */ +public abstract class EnvelopeEntry extends Entry +{ + + // Fields. + // ------------------------------------------------------------------------ + + /** The envelope that contains this one (if any). */ + protected EnvelopeEntry containingEnvelope; + + /** The contained entries. */ + protected List entries; + + // Constructor. + // ------------------------------------------------------------------------ + + public EnvelopeEntry(int type, Properties properties) + { + super(type, properties); + entries = new LinkedList(); + if (this.properties.get("alias-list") != null) + { + this.properties.remove("alias-list"); + } + } + + protected EnvelopeEntry(int type) + { + super(type); + entries = new LinkedList(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Adds an entry to this envelope. + * + * @param entry The entry to add. + */ + public void add(Entry entry) + { + if (!containsEntry(entry)) + { + if (entry instanceof EnvelopeEntry) + { + ((EnvelopeEntry) entry).setContainingEnvelope(this); + } + entries.add(entry); + payload = null; + makeAliasList(); + } + } + + /** + * Tests if this envelope contains a primitive entry with the + * given alias. + * + * @param alias The alias to test. + * @return True if this envelope (or one of the contained envelopes) + * contains a primitive entry with the given alias. + */ + public boolean containsAlias(String alias) + { + String aliases = getAliasList(); + if (aliases == null) + { + return false; + } + StringTokenizer tok = new StringTokenizer(aliases, ";"); + while (tok.hasMoreTokens()) + { + if (tok.nextToken().equals(alias)) + { + return true; + } + } + return false; + } + + /** + * Tests if this envelope contains the given entry. + * + * @param entry The entry to test. + * @return True if this envelope contains the given entry. + */ + public boolean containsEntry(Entry entry) + { + if (entry instanceof EnvelopeEntry) + { + return entries.contains(entry); + } + else if (entry instanceof PrimitiveEntry) + { + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e.equals(entry)) + return true; + if ((e instanceof EnvelopeEntry) + && ((EnvelopeEntry) e).containsEntry(entry)) + return true; + } + } + return false; + } + + /** + * Returns a copy of all entries this envelope contains. + * + * @return All contained entries. + */ + public List getEntries() + { + return new ArrayList(entries); + } + + /** + * Gets all primitive entries that have the given alias. If there + * are any masked entries that contain the given alias, they will + * be returned as well. + * + * @param alias The alias of the entries to get. + * @return A list of all primitive entries that have the given alias. + */ + public List get(String alias) + { + List result = new LinkedList(); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof EnvelopeEntry) + { + if (!((EnvelopeEntry) e).containsAlias(alias)) + { + continue; + } + if (e instanceof MaskableEnvelopeEntry) + { + if (((MaskableEnvelopeEntry) e).isMasked()) + { + result.add(e); + continue; + } + } + result.addAll(((EnvelopeEntry) e).get(alias)); + } + else if (e instanceof PrimitiveEntry) + { + if (((PrimitiveEntry) e).getAlias().equals(alias)) + { + result.add(e); + } + } + } + return result; + } + + /** + * Returns the list of all aliases contained by this envelope, + * separated by a semicolon (';'). + * + * @return The list of aliases. + */ + public String getAliasList() + { + String list = properties.get("alias-list"); + if (list == null) + { + return ""; + } + else + { + return list; + } + } + + /** + * Removes the specified entry. + * + * @param entry The entry. + * @return True if an entry was removed. + */ + public boolean remove(Entry entry) + { + boolean ret = false; + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof EnvelopeEntry) + { + if (e == entry) + { + it.remove(); + ret = true; + break; + } + if (((EnvelopeEntry) e).remove(entry)) + { + ret = true; + break; + } + } + else if (e instanceof PrimitiveEntry) + { + if (((PrimitiveEntry) e).equals(entry)) + { + it.remove(); + ret = true; + break; + } + } + } + if (ret) + { + payload = null; + makeAliasList(); + } + return ret; + } + + /** + * Removes all primitive entries that have the specified alias. + * + * @param alias The alias of the entries to remove. + */ + public void remove(String alias) + { + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof EnvelopeEntry) + { + ((EnvelopeEntry) e).remove(alias); + } + else if (e instanceof PrimitiveEntry) + { + if (((PrimitiveEntry) e).getAlias().equals(alias)) + { + it.remove(); + } + } + } + payload = null; + makeAliasList(); + } + + // Protected methods. + // ------------------------------------------------------------------------ + + protected void encodePayload() throws IOException + { + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + DataOutputStream out = new DataOutputStream(bout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + ((Entry) it.next()).encode(out); + } + } + + protected void setContainingEnvelope(EnvelopeEntry e) + { + if (containingEnvelope != null) + { + throw new IllegalArgumentException("envelopes may not be shared"); + } + containingEnvelope = e; + } + + protected void decodeEnvelope(DataInputStream in) throws IOException + { + while (true) + { + int type = in.read(); + switch (type) + { + case EncryptedEntry.TYPE: + add(EncryptedEntry.decode(in)); + break; + case PasswordEncryptedEntry.TYPE: + add(PasswordEncryptedEntry.decode(in)); + break; + case PasswordAuthenticatedEntry.TYPE: + add(PasswordAuthenticatedEntry.decode(in)); + break; + case AuthenticatedEntry.TYPE: + add(AuthenticatedEntry.decode(in)); + break; + case CompressedEntry.TYPE: + add(CompressedEntry.decode(in)); + break; + case CertificateEntry.TYPE: + add(CertificateEntry.decode(in)); + break; + case PublicKeyEntry.TYPE: + add(PublicKeyEntry.decode(in)); + break; + case PrivateKeyEntry.TYPE: + add(PrivateKeyEntry.decode(in)); + break; + case CertPathEntry.TYPE: + add(CertPathEntry.decode(in)); + break; + case BinaryDataEntry.TYPE: + add(BinaryDataEntry.decode(in)); + break; + case -1: + return; + default: + throw new MalformedKeyringException("unknown type " + type); + } + } + } + + // Own methods. + // ------------------------------------------------------------------------ + + private void makeAliasList() + { + if (entries.isEmpty()) + return; + StringBuffer buf = new StringBuffer(); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry entry = (Entry) it.next(); + if (entry instanceof EnvelopeEntry) + { + buf.append(((EnvelopeEntry) entry).getAliasList()); + } + else if (entry instanceof PrimitiveEntry) + { + buf.append(((PrimitiveEntry) entry).getAlias()); + } + if (it.hasNext()) + buf.append(';'); + } + properties.put("alias-list", buf.toString()); + if (containingEnvelope != null) + { + containingEnvelope.makeAliasList(); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java new file mode 100644 index 0000000..d49bd09 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/GnuPrivateKeyring.java @@ -0,0 +1,328 @@ +/* GnuPrivateKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import gnu.java.security.Registry; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.security.Key; +import java.security.PublicKey; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +/** + *

.

+ */ +public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int USAGE = Registry.GKR_PRIVATE_KEYS + | Registry.GKR_PUBLIC_CREDENTIALS; + + protected String mac; + + protected int maclen; + + protected String cipher; + + protected String mode; + + protected int keylen; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public GnuPrivateKeyring(String mac, int maclen, String cipher, String mode, + int keylen) + { + keyring = new PasswordAuthenticatedEntry(mac, maclen, new Properties()); + keyring2 = new CompressedEntry(new Properties()); + keyring.add(keyring2); + this.mac = mac; + this.maclen = maclen; + this.cipher = cipher; + this.mode = mode; + this.keylen = keylen; + } + + public GnuPrivateKeyring() + { + this("HMAC-SHA-1", 20, "AES", "OFB", 16); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public boolean containsPrivateKey(String alias) + { + if (!containsAlias(alias)) + { + return false; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + if (it.next() instanceof PasswordAuthenticatedEntry) + { + return true; + } + } + return false; + } + + public Key getPrivateKey(String alias, char[] password) + throws UnrecoverableKeyException + { + if (!containsAlias(alias)) + { + return null; + } + List l = get(alias); + PasswordAuthenticatedEntry e1 = null; + PasswordEncryptedEntry e2 = null; + for (Iterator it = l.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PasswordAuthenticatedEntry) + { + e1 = (PasswordAuthenticatedEntry) e; + break; + } + } + if (e1 == null) + { + return null; + } + try + { + e1.verify(password); + } + catch (Exception e) + { + throw new UnrecoverableKeyException("authentication failed"); + } + for (Iterator it = e1.getEntries().iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PasswordEncryptedEntry) + { + e2 = (PasswordEncryptedEntry) e; + break; + } + } + if (e2 == null) + { + return null; + } + try + { + e2.decrypt(password); + } + catch (Exception e) + { + throw new UnrecoverableKeyException("decryption failed"); + } + for (Iterator it = e2.get(alias).iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PrivateKeyEntry) + { + return ((PrivateKeyEntry) e).getKey(); + } + } + return null; + } + + public void putPrivateKey(String alias, Key key, char[] password) + { + if (containsPrivateKey(alias)) + { + return; + } + alias = fixAlias(alias); + Properties p = new Properties(); + p.put("alias", alias); + PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p); + PasswordEncryptedEntry enc = new PasswordEncryptedEntry(cipher, mode, + keylen, + new Properties()); + PasswordAuthenticatedEntry auth = new PasswordAuthenticatedEntry( + mac, + maclen, + new Properties()); + enc.add(pke); + auth.add(enc); + try + { + enc.encode(null, password); + auth.encode(null, password); + } + catch (IOException ioe) + { + throw new IllegalArgumentException(ioe.toString()); + } + keyring.add(auth); + } + + public boolean containsPublicKey(String alias) + { + if (!containsAlias(alias)) + { + return false; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + if (it.next() instanceof PublicKeyEntry) + { + return true; + } + } + return false; + } + + public PublicKey getPublicKey(String alias) + { + if (!containsAlias(alias)) + { + return null; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof PublicKeyEntry) + { + return ((PublicKeyEntry) e).getKey(); + } + } + return null; + } + + public void putPublicKey(String alias, PublicKey key) + { + if (containsPublicKey(alias)) + { + return; + } + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new PublicKeyEntry(key, new Date(), p)); + } + + public boolean containsCertPath(String alias) + { + if (!containsAlias(alias)) + { + return false; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + if (it.next() instanceof CertPathEntry) + { + return true; + } + } + return false; + } + + public Certificate[] getCertPath(String alias) + { + if (!containsAlias(alias)) + { + return null; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof CertPathEntry) + { + return ((CertPathEntry) e).getCertPath(); + } + } + return null; + } + + public void putCertPath(String alias, Certificate[] path) + { + if (containsCertPath(alias)) + { + return; + } + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new CertPathEntry(path, new Date(), p)); + } + + protected void load(InputStream in, char[] password) throws IOException + { + if (in.read() != USAGE) + { + throw new MalformedKeyringException("incompatible keyring usage"); + } + if (in.read() != PasswordAuthenticatedEntry.TYPE) + { + throw new MalformedKeyringException( + "expecting password-authenticated entry tag"); + } + keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), + password); + } + + protected void store(OutputStream out, char[] password) throws IOException + { + out.write(USAGE); + keyring.encode(new DataOutputStream(out), password); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java new file mode 100644 index 0000000..318eb03 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/GnuPublicKeyring.java @@ -0,0 +1,146 @@ +/* GnuPublicKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +import java.util.Date; +import java.util.Iterator; +import java.util.List; + +import java.security.cert.Certificate; + +import gnu.java.security.Registry; + +public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring +{ + + // Fields. + // ------------------------------------------------------------------------ + + public static final int USAGE = Registry.GKR_CERTIFICATES; + + // Constructors. + // ------------------------------------------------------------------------ + + public GnuPublicKeyring(String mac, int macLen) + { + keyring = new PasswordAuthenticatedEntry(mac, macLen, new Properties()); + keyring2 = new CompressedEntry(new Properties()); + keyring.add(keyring2); + } + + public GnuPublicKeyring() + { + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public boolean containsCertificate(String alias) + { + if (!containsAlias(alias)) + { + return false; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + if (it.next() instanceof CertificateEntry) + { + return true; + } + } + return false; + } + + public Certificate getCertificate(String alias) + { + if (!containsAlias(alias)) + { + return null; + } + List l = get(alias); + for (Iterator it = l.iterator(); it.hasNext();) + { + Entry e = (Entry) it.next(); + if (e instanceof CertificateEntry) + { + return ((CertificateEntry) e).getCertificate(); + } + } + return null; + } + + public void putCertificate(String alias, Certificate cert) + { + if (containsCertificate(alias)) + { + return; + } + Properties p = new Properties(); + p.put("alias", fixAlias(alias)); + add(new CertificateEntry(cert, new Date(), p)); + } + + protected void load(InputStream in, char[] password) throws IOException + { + if (in.read() != USAGE) + { + throw new MalformedKeyringException("incompatible keyring usage"); + } + if (in.read() != PasswordAuthenticatedEntry.TYPE) + { + throw new MalformedKeyringException( + "expecting password-authenticated entry tag"); + } + keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), + password); + } + + protected void store(OutputStream out, char[] password) throws IOException + { + out.write(USAGE); + keyring.encode(new DataOutputStream(out), password); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java new file mode 100644 index 0000000..56f467d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/IKeyring.java @@ -0,0 +1,164 @@ +/* IKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.IOException; +import java.util.Enumeration; +import java.util.List; +import java.util.Map; + +/** + *

The top-level interface to a keyring: a file that is used to + * store and protect public and private cryptographic keys.

+ * + *

A keyring is modelled as a mapping of one alias to one or + * more entries (optionally of different types).

+ * + *

See also the sub-interfaces {@link IPublicKeyring} and + * {@link IPrivateKeyring} for special types of keyrings --the difference + * being in the type of entries they contain.

+ */ +public interface IKeyring +{ + + /** + *

Property name for the source of data to load the keyring from. The + * value mapped must be a {@link java.io.InputStream}.

+ */ + public static final String KEYRING_DATA_IN = "gnu.crypto.keyring.data.in"; + + /** + *

Property name for the data sink to store the keyring to. The value + * mapped must be a {@link java.io.OutputStream}.

+ */ + public static final String KEYRING_DATA_OUT = "gun.crypto.keyring.data.out"; + + /** + *

Property name for the keyring's top-level password, used to + * authenticate and/or transform the store itself. The mapped value must be a + * char array.

+ */ + public static final String KEYRING_PASSWORD = "gnu.crypto.keyring.password"; + + /** + *

Loads a keyring into memory.

+ * + *

What happens to the current contents of this keyring? are the new ones + * merged with the current ones or do they simply replace them?

+ * + * @param attributes The attributes that designate the source where the store + * is to be loaded from. What happens + * @throws IllegalArgumentException If the attributes are inappropriate. + * @throws IOException If the keyring file cannot be read. + * @throws SecurityException If the given password is incorrect, or if the + * top-level authentication or decryption fails. + */ + void load(Map attributes) throws IOException; + + /** + *

Stores the contents of this keyring to persistent storage as specified + * by the designated attributes.

+ * + * @param attributes the attributes that define where the contents of this + * keyring will be stored. + * @throws IOException if an exception occurs during the process. + */ + void store(Map attributes) throws IOException; + + /** + *

Resets this keyring, clearing all sensitive data. This method always + * suceeds.

+ */ + void reset(); + + /** + *

Returns the number of entries in this keyring.

+ * + * @return The number of current entries in this keyring. + */ + int size(); + + /** + *

Returns an {@link Enumeration} of all aliases (instances of + * {@link String}) in this keyring.

+ * + * @return The enumeration of {@link String}s each representing an + * alias found in this keyring. + */ + Enumeration aliases(); + + /** + * Tests whether or not this keyring contains the given alias. + * + * @param alias The alias to check. + * @return true if this keyring contains the alias. + */ + boolean containsAlias(String alias); + + /** + *

Returns a {@link List} of entries (instances of {@link Entry}) for the + * given alias, or null if there no such entry + * exists.

+ * + * @param alias The alias of the entry(ies) to return. + * @return A list of all entries (instances of {@link Entry} that have the + * given alias, or null if no one {@link Entry} can + * be found with the designated alias. + */ + List get(String alias); + + /** + *

Adds a designated {@link Entry} to this keyring.

+ * + *

What happens if there is already an entry with the same alias?

+ * + * @param entry The entry to put in this keyring. + */ + void add(Entry entry); + + /** + *

Removes an entry with the designated alias from this + * keyring. Does nothing if there was no such entry.

+ * + *

What happens if there are more than one?

+ * + * @param alias The alias of the entry to remove. + */ + void remove(String alias); +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java new file mode 100644 index 0000000..66bbd84 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/IPrivateKeyring.java @@ -0,0 +1,142 @@ +/* IPrivateKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.security.Key; +import java.security.PublicKey; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; + +/** + *

An interface to private, or "personal", keyrings, which contain private + * credentials. The contract is that each such entry is known by a unique + * alias.

+ * + *

What about public keys? and certificate-path?

+ */ +public interface IPrivateKeyring extends IKeyring +{ + + /** + *

Tests if this keyring contains a private key entry with the given + * alias.

+ * + * @param alias The alias to check. + * @return true if this keyring contains a private key with the + * given alias; false otherwise.

+ */ + boolean containsPrivateKey(String alias); + + /** + *

Returns the private key with the given alias.

+ * + * @param alias The alias of the private key to find. + * @param password The password of the private key. + * @return The private, or secret, key if one is found; null if + * none were found. + * @throws UnrecoverableKeyException If the private key could not be + * recovered, possibly due to a bad password. + */ + Key getPrivateKey(String alias, char[] password) + throws UnrecoverableKeyException; + + /** + *

Adds a private key to this keyring.

+ * + * @param alias The alias of the private key. + * @param key The private key. + * @param password The password used to protect this private key. + */ + void putPrivateKey(String alias, Key key, char[] password); + + /** + *

Checks if this keyring contains a public key with the given + * alias.

+ * + * @param alias The alias to test. + * @return true if this keyring contains a public key entry with + * the given alias; false otherwise. + */ + boolean containsPublicKey(String alias); + + /** + *

Returns the public key with the given alias, or + * null if there is no such entry.

+ * + * @param alias The alias of the public key to find. + * @return The public key; or null if none were found. + */ + PublicKey getPublicKey(String alias); + + /** + *

Sets a public key entry.

+ * + * @param alias The alias for this public key. + * @param key The public key. + */ + void putPublicKey(String alias, PublicKey key); + + /** + *

Checks if this keyring contains a certificate path with the given + * alias.

+ * + * @param alias The alias to check. + * @return true if this keyring contains a certificate path with + * the given alias; false otherwise. + */ + boolean containsCertPath(String alias); + + /** + *

Returns the certificate path with the given alias, or + * null if there is no such entry.

+ * + * @param alias The alias of the certificate path to find. + * @return The certificate path for the designated alias; or + * null if none were found. + */ + Certificate[] getCertPath(String alias); + + /** + *

Sets a certificate path entry.

+ * + * @param alias The alias for this certificate path. + * @param path The certificate path. + */ + void putCertPath(String alias, Certificate[] path); +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java b/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java new file mode 100644 index 0000000..ccf9ca7 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/IPublicKeyring.java @@ -0,0 +1,81 @@ +/* IPublicKeyring.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.security.cert.Certificate; + +/** + *

An interface for keyrings that contain trusted (by the owner) public + * credentials (incl. certificates).

+ * + * @see IKeyring + */ +public interface IPublicKeyring extends IKeyring +{ + + /** + *

Tests if this keyring contains a certificate entry with the specified + * alias.

+ * + * @param alias The alias of the certificate to check. + * @return true if this keyring contains a certificate entry + * that has the given alias; false otherwise. + */ + boolean containsCertificate(String alias); + + /** + *

Returns a certificate that has the given alias, or + * null if this keyring has no such entry.

+ * + * @param alias The alias of the certificate to find. + * @return The certificate with the designated alias, or + * null if none found. + */ + Certificate getCertificate(String alias); + + /** + *

Adds a certificate in this keyring, with the given alias.

+ * + *

What happens if there is already a certificate entry with this alias?

+ * + * @param alias The alias of this certificate entry. + * @param cert The certificate. + */ + void putCertificate(String alias, Certificate cert); +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java b/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java new file mode 100644 index 0000000..44c9539 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/MalformedKeyringException.java @@ -0,0 +1,58 @@ +/* MalformedKeyringException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.IOException; + +public class MalformedKeyringException extends IOException +{ + + // Constructors. + // ------------------------------------------------------------------------ + + public MalformedKeyringException() + { + super(); + } + + public MalformedKeyringException(String msg) + { + super(msg); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java new file mode 100644 index 0000000..7fed7c4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java @@ -0,0 +1,148 @@ +/* MaskableEnvelopeEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.util.ArrayList; +import java.util.List; + +/** + * An envelope entry that can be "masked" -- placed in a state where the + * envelope's contents cannot be accessed, due to the envelope not being + * fully decoded, for example. + */ +public abstract class MaskableEnvelopeEntry extends EnvelopeEntry +{ + + // Fields. + // ------------------------------------------------------------------------ + + /** The masked state. */ + protected boolean masked; + + // Constructors. + // ------------------------------------------------------------------------ + + public MaskableEnvelopeEntry(int type, Properties properties) + { + super(type, properties); + } + + protected MaskableEnvelopeEntry(int type) + { + super(type); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Sets the masked state to the specified value. + * + * @param masked The new masked state. + */ + protected final void setMasked(boolean masked) + { + this.masked = masked; + } + + /** + * Gets the masked state of this object. Certain operations on this object + * will fail if it is masked. + * + * @return The current masked state. + */ + public boolean isMasked() + { + return masked; + } + + public void add(Entry entry) + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + super.add(entry); + } + + public boolean containsEntry(Entry entry) + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + return super.containsEntry(entry); + } + + public List getEntries() + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + return new ArrayList(entries); + } + + public List get(String alias) + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + return super.get(alias); + } + + public boolean remove(Entry entry) + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + return super.remove(entry); + } + + public void remove(String alias) + { + if (isMasked()) + { + throw new IllegalStateException("masked envelope"); + } + super.remove(alias); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java b/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java new file mode 100644 index 0000000..fcf2be7 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/MeteredInputStream.java @@ -0,0 +1,137 @@ +/* MeteredInputStream.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.FilterInputStream; +import java.io.InputStream; +import java.io.IOException; + +final class MeteredInputStream extends FilterInputStream +{ + + // Fields. + // ------------------------------------------------------------------------ + + private int count; + + private final int limit; + + // Constructor. + // ------------------------------------------------------------------------ + + MeteredInputStream(InputStream in, int limit) + { + super(in); + if (limit < 0) + throw new IllegalArgumentException("limit must be nonnegative"); + this.limit = limit; + count = 0; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Tests if the number of bytes read has reached the limit. + * + * @return True if the limit has been reached. + */ + public boolean limitReached() + { + return count == limit; + } + + public int available() throws IOException + { + return Math.min(in.available(), limit - count); + } + + public void close() throws IOException + { + in.close(); + } + + public void mark(int readLimit) + { + } + + public boolean markSupported() + { + return false; + } + + public int read() throws IOException + { + if (limitReached()) + return -1; + int i = in.read(); + if (i != -1) + count++; + return i; + } + + public int read(byte[] buf) throws IOException + { + return read(buf, 0, buf.length); + } + + public int read(byte[] buf, int off, int len) throws IOException + { + if (limitReached()) + return -1; + int i = in.read(buf, off, Math.min(len, limit - count)); + if (i != -1) + count += i; + return i; + } + + public void reset() throws IOException + { + } + + public long skip(long len) throws IOException + { + if (limitReached()) + return 0L; + len = Math.min(len, limit - count); + len = in.skip(len); + count += (int) len; + return len; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java new file mode 100644 index 0000000..2e3a0d1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java @@ -0,0 +1,285 @@ +/* PasswordAuthenticatedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import gnu.java.security.Registry; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.Util; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mac.MacInputStream; +import gnu.javax.crypto.mac.MacOutputStream; +import gnu.javax.crypto.prng.IPBE; +import gnu.javax.crypto.prng.PRNGFactory; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.SecureRandom; +import java.util.Arrays; +import java.util.Iterator; +import java.util.HashMap; + +/** + *

An entry authenticated with a password-based MAC.

+ */ +public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry + implements PasswordProtectedEntry, Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int TYPE = 3; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PasswordAuthenticatedEntry(String mac, int maclen, + Properties properties) + { + super(TYPE, properties); + + if (mac == null || mac.length() == 0) + { + throw new IllegalArgumentException("no MAC specified"); + } + this.properties.put("mac", mac); + this.properties.put("maclen", String.valueOf(maclen)); + setMasked(false); + } + + private PasswordAuthenticatedEntry() + { + super(TYPE); + setMasked(true); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static PasswordAuthenticatedEntry decode(DataInputStream in, + char[] password) + throws IOException + { + PasswordAuthenticatedEntry entry = new PasswordAuthenticatedEntry(); + entry.properties.decode(in); + IMac mac = entry.getMac(password); + int len = in.readInt() - mac.macSize(); + MeteredInputStream min = new MeteredInputStream(in, len); + MacInputStream macin = new MacInputStream(min, mac); + DataInputStream in2 = new DataInputStream(macin); + entry.setMasked(false); + entry.decodeEnvelope(in2); + byte[] macValue = new byte[mac.macSize()]; + in.readFully(macValue); + if (!Arrays.equals(macValue, mac.digest())) + { + throw new MalformedKeyringException("MAC verification failed"); + } + return entry; + } + + public static PasswordAuthenticatedEntry decode(DataInputStream in) + throws IOException + { + PasswordAuthenticatedEntry entry = new PasswordAuthenticatedEntry(); + entry.defaultDecode(in); + if (!entry.properties.containsKey("mac")) + { + throw new MalformedKeyringException("no MAC"); + } + if (!entry.properties.containsKey("maclen")) + { + throw new MalformedKeyringException("no MAC length"); + } + if (!entry.properties.containsKey("salt")) + { + throw new MalformedKeyringException("no salt"); + } + return entry; + } + + // Instance methods + // ------------------------------------------------------------------------- + + public void verify(char[] password) + { + if (!isMasked() || payload == null) + { + return; + } + IMac m = null; + try + { + m = getMac(password); + } + catch (Exception x) + { + throw new IllegalArgumentException(x.toString()); + } + + m.update(payload, 0, payload.length - m.macSize()); + byte[] macValue = new byte[m.macSize()]; + System.arraycopy(payload, payload.length - macValue.length, macValue, 0, + macValue.length); + if (!Arrays.equals(macValue, m.digest())) + { + throw new IllegalArgumentException("MAC verification failed"); + } + try + { + DataInputStream in = new DataInputStream( + new ByteArrayInputStream( + payload, + 0, + payload.length + - m.macSize())); + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("malformed keyring fragment"); + } + setMasked(false); + payload = null; + } + + public void authenticate(char[] password) throws IOException + { + if (isMasked()) + { + throw new IllegalStateException("entry is masked"); + } + byte[] salt = new byte[8]; + new SecureRandom ().nextBytes (salt); + properties.put("salt", Util.toString(salt)); + IMac m = getMac(password); + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + MacOutputStream macout = new MacOutputStream(bout, m); + DataOutputStream out2 = new DataOutputStream(macout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry entry = (Entry) it.next(); + entry.encode(out2); + } + bout.write(m.digest()); + payload = bout.toByteArray(); + } + + public void encode(DataOutputStream out, char[] password) throws IOException + { + authenticate(password); + encode(out); + } + + protected void encodePayload(DataOutputStream out) throws IOException + { + if (payload == null) + { + throw new IllegalStateException("mac not computed"); + } + } + + // Own methods. + // ------------------------------------------------------------------------ + + private IMac getMac(char[] password) throws MalformedKeyringException + { + if (!properties.containsKey("salt")) + { + throw new MalformedKeyringException("no salt"); + } + byte[] salt = Util.toBytesFromString(properties.get("salt")); + IMac mac = MacFactory.getInstance(properties.get("mac")); + if (mac == null) + { + throw new MalformedKeyringException("no such mac: " + + properties.get("mac")); + } + int keylen = mac.macSize(); + int maclen = 0; + if (!properties.containsKey("maclen")) + { + throw new MalformedKeyringException("no MAC length"); + } + try + { + maclen = Integer.parseInt(properties.get("maclen")); + } + catch (NumberFormatException nfe) + { + throw new MalformedKeyringException("bad MAC length"); + } + + HashMap pbAttr = new HashMap(); + pbAttr.put(IPBE.PASSWORD, password); + pbAttr.put(IPBE.SALT, salt); + pbAttr.put(IPBE.ITERATION_COUNT, ITERATION_COUNT); + IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA"); + kdf.init(pbAttr); + + byte[] dk = new byte[keylen]; + try + { + kdf.nextBytes(dk, 0, keylen); + } + catch (LimitReachedException shouldNotHappen) + { + throw new Error(shouldNotHappen.toString()); + } + + HashMap macAttr = new HashMap(); + macAttr.put(IMac.MAC_KEY_MATERIAL, dk); + macAttr.put(IMac.TRUNCATED_SIZE, new Integer(maclen)); + try + { + mac.init(macAttr); + } + catch (InvalidKeyException shouldNotHappen) + { + throw new Error(shouldNotHappen.toString()); + } + return mac; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java new file mode 100644 index 0000000..26b4032 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java @@ -0,0 +1,301 @@ +/* PasswordEncryptedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import gnu.java.security.Registry; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.pad.IPad; +import gnu.javax.crypto.pad.PadFactory; +import gnu.javax.crypto.pad.WrongPaddingException; +import gnu.javax.crypto.prng.IPBE; +import gnu.javax.crypto.prng.PRNGFactory; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.security.InvalidKeyException; +import java.security.SecureRandom; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Date; +import java.util.Iterator; +import java.util.HashMap; +import java.util.List; + +/** + * An envelope that is encrypted with a password-derived key. + */ +public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements + PasswordProtectedEntry, Registry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 1; + + // Constructors. + // ------------------------------------------------------------------------ + + public PasswordEncryptedEntry(String cipher, String mode, int keylen, + Properties properties) + { + super(TYPE, properties); + if ((cipher == null || cipher.length() == 0) + || (mode == null || mode.length() == 0)) + { + throw new IllegalArgumentException("cipher nor mode can be empty"); + } + this.properties.put("cipher", cipher); + this.properties.put("mode", mode); + this.properties.put("keylen", String.valueOf(keylen)); + setMasked(false); + } + + private PasswordEncryptedEntry() + { + super(TYPE); + setMasked(true); + } + + // Class methods. + // ------------------------------------------------------------------------ + + public static PasswordEncryptedEntry decode(DataInputStream in, + char[] password) + throws IOException + { + PasswordEncryptedEntry entry = decode(in); + try + { + entry.decrypt(password); + } + catch (WrongPaddingException wpe) + { + throw new MalformedKeyringException("wrong padding in decrypted data"); + } + return entry; + } + + public static PasswordEncryptedEntry decode(DataInputStream in) + throws IOException + { + PasswordEncryptedEntry entry = new PasswordEncryptedEntry(); + entry.defaultDecode(in); + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public void decrypt(char[] password) throws IllegalArgumentException, + WrongPaddingException + { + if (!isMasked() || payload == null) + { + return; + } + IMode mode = getMode(password, IMode.DECRYPTION); + IPad padding = PadFactory.getInstance("PKCS7"); + padding.init(mode.currentBlockSize()); + byte[] buf = new byte[payload.length]; + int count = 0; + for (int i = 0; i < payload.length; i++) + { + mode.update(payload, count, buf, count); + count += mode.currentBlockSize(); + } + int padlen = padding.unpad(buf, 0, buf.length); + DataInputStream in = new DataInputStream( + new ByteArrayInputStream( + buf, + 0, + buf.length + - padlen)); + try + { + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("decryption failed"); + } + setMasked(false); + payload = null; + } + + public void encrypt(char[] password) throws IOException + { + byte[] salt = new byte[8]; + new SecureRandom ().nextBytes (salt); + properties.put("salt", Util.toString(salt)); + IMode mode = getMode(password, IMode.ENCRYPTION); + IPad pad = PadFactory.getInstance("PKCS7"); + pad.init(mode.currentBlockSize()); + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + DataOutputStream out2 = new DataOutputStream(bout); + for (Iterator it = entries.iterator(); it.hasNext();) + { + Entry entry = (Entry) it.next(); + entry.encode(out2); + } + byte[] plaintext = bout.toByteArray(); + byte[] padding = pad.pad(plaintext, 0, plaintext.length); + payload = new byte[plaintext.length + padding.length]; + byte[] lastBlock = new byte[mode.currentBlockSize()]; + int l = mode.currentBlockSize() - padding.length; + System.arraycopy(plaintext, plaintext.length - l, lastBlock, 0, l); + System.arraycopy(padding, 0, lastBlock, l, padding.length); + int count = 0; + while (count + mode.currentBlockSize() < plaintext.length) + { + mode.update(plaintext, count, payload, count); + count += mode.currentBlockSize(); + } + mode.update(lastBlock, 0, payload, count); + } + + public void encode(DataOutputStream out, char[] password) throws IOException + { + encrypt(password); + encode(out); + } + + protected void encodePayload() throws IOException + { + if (payload == null) + { + throw new IllegalStateException("not encrypted"); + } + } + + // Own methods. + // ------------------------------------------------------------------------ + + private IMode getMode(char[] password, int state) + { + String s = properties.get("salt"); + if (s == null) + { + throw new IllegalArgumentException("no salt"); + } + byte[] salt = Util.toBytesFromString(s); + IBlockCipher cipher = CipherFactory.getInstance(properties.get("cipher")); + if (cipher == null) + { + throw new IllegalArgumentException("no such cipher: " + + properties.get("cipher")); + } + int blockSize = cipher.defaultBlockSize(); + if (properties.containsKey("block-size")) + { + try + { + blockSize = Integer.parseInt(properties.get("block-size")); + } + catch (NumberFormatException nfe) + { + throw new IllegalArgumentException("bad block size: " + + nfe.getMessage()); + } + } + IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher, + blockSize); + if (mode == null) + { + throw new IllegalArgumentException("no such mode: " + + properties.get("mode")); + } + + HashMap pbAttr = new HashMap(); + pbAttr.put(IPBE.PASSWORD, password); + pbAttr.put(IPBE.SALT, salt); + pbAttr.put(IPBE.ITERATION_COUNT, ITERATION_COUNT); + IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA"); + kdf.init(pbAttr); + + int keylen = 0; + if (!properties.containsKey("keylen")) + { + throw new IllegalArgumentException("no key length"); + } + try + { + keylen = Integer.parseInt(properties.get("keylen")); + } + catch (NumberFormatException nfe) + { + } + byte[] dk = new byte[keylen]; + byte[] iv = new byte[blockSize]; + try + { + kdf.nextBytes(dk, 0, keylen); + kdf.nextBytes(iv, 0, blockSize); + } + catch (LimitReachedException shouldNotHappen) + { + throw new Error(shouldNotHappen.toString()); + } + HashMap modeAttr = new HashMap(); + modeAttr.put(IMode.KEY_MATERIAL, dk); + modeAttr.put(IMode.STATE, new Integer(state)); + modeAttr.put(IMode.IV, iv); + try + { + mode.init(modeAttr); + } + catch (InvalidKeyException ike) + { + throw new IllegalArgumentException(ike.toString()); + } + return mode; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java new file mode 100644 index 0000000..0dcf73e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordProtectedEntry.java @@ -0,0 +1,66 @@ +/* PasswordProtectedEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataOutputStream; +import java.io.IOException; + +public interface PasswordProtectedEntry +{ + + // Constant. + // ------------------------------------------------------------------------ + + /** + * The iteration count for password-based KDFs. + */ + Integer ITERATION_COUNT = new Integer(1000); + + // Method. + // ------------------------------------------------------------------------ + + /** + * Encodes this entry, protected by a password. + * + * @param out The output stream to encode to. + * @param password The password. + * @throws IOException If an I/O error occurs. + */ + void encode(DataOutputStream out, char[] password) throws IOException; +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java new file mode 100644 index 0000000..4c9ff0f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PrimitiveEntry.java @@ -0,0 +1,129 @@ +/* PrimitiveEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.util.Date; + +/** + * A primitive entry is an entry that contains a single cryptographic entity. + */ +public abstract class PrimitiveEntry extends Entry +{ + + // Fields. + // ------------------------------------------------------------------------ + + /** The creation date. */ + protected Date creationDate; + + // Constructor. + // ------------------------------------------------------------------------ + + protected PrimitiveEntry(int type, Date creationDate, Properties properties) + { + super(type, properties); + if (creationDate == null) + { + this.creationDate = new Date(); + } + else + { + this.creationDate = (Date) creationDate.clone(); + } + if (!this.properties.containsKey("alias") + || this.properties.get("alias").length() == 0) + { + throw new IllegalArgumentException( + "primitive entries MUST have an alias"); + } + this.properties.put("creation-date", String.valueOf(creationDate.getTime())); + } + + protected PrimitiveEntry(int type) + { + super(type); + } + + // Instance method. + // ------------------------------------------------------------------------ + + /** + * Returns the alias of this primitive entry. + * + * @return The alias. + */ + public String getAlias() + { + return properties.get("alias"); + } + + /** + * Returns the creation date of this primitive entry. + * + * @return The creation date. + */ + public Date getCreationDate() + { + return (Date) creationDate.clone(); + } + + public boolean equals(Object object) + { + if (!getClass().equals(object.getClass())) + return false; + return getAlias().equals(((PrimitiveEntry) object).getAlias()); + } + + protected final void makeCreationDate() throws MalformedKeyringException + { + String s = properties.get("creation-date"); + if (s == null) + { + throw new MalformedKeyringException("no creation date"); + } + try + { + creationDate = new Date(Long.parseLong(s)); + } + catch (NumberFormatException nfe) + { + throw new MalformedKeyringException("invalid creation date"); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java new file mode 100644 index 0000000..3063499 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PrivateKeyEntry.java @@ -0,0 +1,221 @@ +/* PrivateKeyEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.key.KeyPairCodecFactory; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; + +import gnu.javax.crypto.key.GnuSecretKey; +import gnu.javax.crypto.key.dh.GnuDHPrivateKey; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.security.Key; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Date; + +/** + *

An immutable class representing a private or secret key entry.

+ * + * @version $Revision: 1.1 $ + */ +public final class PrivateKeyEntry extends PrimitiveEntry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final int TYPE = 7; + + /** The key. */ + private Key key; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Creates a new key entry.

+ * + * @param key The key. + * @param creationDate The entry creation date. + * @param properties The entry properties. + * @throws IllegalArgumentException If any parameter is null. + */ + public PrivateKeyEntry(Key key, Date creationDate, Properties properties) + { + super(TYPE, creationDate, properties); + + if (key == null) + { + throw new IllegalArgumentException("no private key"); + } + if (!(key instanceof PrivateKey) && !(key instanceof GnuSecretKey)) + { + throw new IllegalArgumentException("not a private or secret key"); + } + this.key = key; + } + + private PrivateKeyEntry() + { + super(TYPE); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static PrivateKeyEntry decode(DataInputStream in) throws IOException + { + PrivateKeyEntry entry = new PrivateKeyEntry(); + entry.defaultDecode(in); + String type = entry.properties.get("type"); + if (type == null) + { + throw new MalformedKeyringException("no key type"); + } + if (type.equalsIgnoreCase("RAW-DSS")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss"); + entry.key = coder.decodePrivateKey(entry.payload); + } + else if (type.equalsIgnoreCase("RAW-RSA")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("rsa"); + entry.key = coder.decodePrivateKey(entry.payload); + } + else if (type.equalsIgnoreCase("RAW-DH")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dh"); + entry.key = coder.decodePrivateKey(entry.payload); + } + else if (type.equalsIgnoreCase("RAW")) + { + entry.key = new GnuSecretKey(entry.payload, null); + } + else if (type.equalsIgnoreCase("PKCS8")) + { + try + { + KeyFactory kf = KeyFactory.getInstance("RSA"); + entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec( + entry.payload)); + } + catch (Exception x) + { + } + if (entry.key == null) + { + try + { + KeyFactory kf = KeyFactory.getInstance("DSA"); + entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec( + entry.payload)); + } + catch (Exception x) + { + } + if (entry.key == null) + { + throw new MalformedKeyringException( + "could not decode PKCS#8 key"); + } + } + } + else + { + throw new MalformedKeyringException("unsupported key type " + type); + } + return entry; + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns this entry's key.

+ * + * @return The key. + */ + public Key getKey() + { + return key; + } + + protected void encodePayload() throws IOException + { + String format = key.getFormat(); + if (key instanceof DSSPrivateKey) + { + properties.put("type", "RAW-DSS"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss"); + payload = coder.encodePrivateKey((PrivateKey) key); + } + else if (key instanceof GnuRSAPrivateKey) + { + properties.put("type", "RAW-RSA"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("rsa"); + payload = coder.encodePrivateKey((PrivateKey) key); + } + else if (key instanceof GnuDHPrivateKey) + { + properties.put("type", "RAW-DH"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dh"); + payload = coder.encodePrivateKey((PrivateKey) key); + } + else if (key instanceof GnuSecretKey) + { + properties.put("type", "RAW"); + payload = key.getEncoded(); + } + else if (format != null && format.equals("PKCS#8")) + { + properties.put("type", "PKCS8"); + payload = key.getEncoded(); + } + else + { + throw new IllegalArgumentException("unsupported private key"); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/Properties.java b/libjava/classpath/gnu/javax/crypto/keyring/Properties.java new file mode 100644 index 0000000..646b571 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/Properties.java @@ -0,0 +1,227 @@ +/* Properties.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +/** + * A set of (name => value) pairs used in keyring entries. + * Keys and values are simple strings, with the key never being empty and + * always treated case-insensitively. + */ +public class Properties implements Cloneable +{ + + // Field. + // ------------------------------------------------------------------------ + + private HashMap props; + + // Constructor. + // ------------------------------------------------------------------------ + + /** + * Creates a new properties object. + */ + public Properties() + { + props = new HashMap(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Removes all properties from this object. + */ + public void clear() + { + props.clear(); + } + + /** + * Creates a copy of this properties object. + * + * @return The copy. + */ + public Object clone() + { + Properties result = new Properties(); + result.props.putAll(props); + return result; + } + + /** + * Tests if this object contains a given property name. + * + * @param key The key to test. + * @return True if this object contains the given key. + */ + public boolean containsKey(String key) + { + if (key == null || key.length() == 0) + { + return false; + } + return props.containsKey(canonicalize(key)); + } + + /** + * Tests if this object contains a given property value. + * + * @param value The value to test. + * @return True if this object contains the given value. + */ + public boolean containsValue(String value) + { + if (value == null) + { + return false; + } + return props.containsValue(value); + } + + /** + * Adds a new property to this object. + * + * @param key The key, which can neither be null nor empty. + * @param value The value, which cannot be null. + * @return The old value mapped by the key, if any. + * @throws IllegalArgumentException If either the key or value parameter + + * is null, or if the key is empty. + */ + public String put(String key, String value) + { + if (key == null || value == null || key.length() == 0) + { + throw new IllegalArgumentException("key nor value can be null"); + } + return (String) props.put(canonicalize(key), value); + } + + /** + * Returns the value mapped by the given key, or null if there is no + * such mapping. + * + * @param key + */ + public String get(String key) + { + if (key == null || key.length() == 0) + { + return null; + } + return (String) props.get(canonicalize(key)); + } + + /** + * Removes a key and its value from this object. + * + * @param key The key of the property to remove. + * @return The old value mapped by the key, if any. + */ + public String remove(String key) + { + if (key == null || key.length() == 0) + { + return null; + } + return (String) props.remove(canonicalize(key)); + } + + /** + * Decodes a set of properties from the given input stream. + * + * @param in The input stream. + * @throws IOException If an I/O error occurs. + */ + public void decode(DataInputStream in) throws IOException + { + int len = in.readInt(); + MeteredInputStream min = new MeteredInputStream(in, len); + DataInputStream in2 = new DataInputStream(min); + while (!min.limitReached()) + { + String name = in2.readUTF(); + String value = in2.readUTF(); + put(name, value); + } + } + + /** + * Encodes this set of properties to the given output stream. + * + * @param out The output stream to encode to. + * @throws IOException If an I/O error occurs. + */ + public void encode(DataOutputStream out) throws IOException + { + ByteArrayOutputStream buf = new ByteArrayOutputStream(); + DataOutputStream out2 = new DataOutputStream(buf); + for (Iterator it = props.entrySet().iterator(); it.hasNext();) + { + Map.Entry entry = (Map.Entry) it.next(); + out2.writeUTF((String) entry.getKey()); + out2.writeUTF((String) entry.getValue()); + } + out.writeInt(buf.size()); + buf.writeTo(out); + } + + public String toString() + { + return props.toString(); + } + + // Own methods. + // ------------------------------------------------------------------------ + + private String canonicalize(String key) + { + return key.toLowerCase(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java new file mode 100644 index 0000000..528e70c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/keyring/PublicKeyEntry.java @@ -0,0 +1,192 @@ +/* PublicKeyEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.keyring; + +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; + +import java.security.PublicKey; +import java.security.KeyFactory; +import java.security.spec.X509EncodedKeySpec; + +import java.util.Date; + +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.key.KeyPairCodecFactory; +import gnu.java.security.key.dss.DSSPublicKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; +import gnu.javax.crypto.key.dh.GnuDHPublicKey; + +public final class PublicKeyEntry extends PrimitiveEntry +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + public static final int TYPE = 6; + + private PublicKey key; + + // Constructor. + // ------------------------------------------------------------------------ + + public PublicKeyEntry(PublicKey key, Date creationDate, Properties properties) + { + super(TYPE, creationDate, properties); + + if (key == null) + { + throw new IllegalArgumentException("no key specified"); + } + this.key = key; + } + + private PublicKeyEntry() + { + super(TYPE); + } + + // Class method. + // ------------------------------------------------------------------------ + + public static PublicKeyEntry decode(DataInputStream in) throws IOException + { + PublicKeyEntry entry = new PublicKeyEntry(); + entry.defaultDecode(in); + String type = entry.properties.get("type"); + if (type == null) + { + throw new MalformedKeyringException("no key type"); + } + if (type.equalsIgnoreCase("RAW-DSS")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss"); + entry.key = coder.decodePublicKey(entry.payload); + } + else if (type.equalsIgnoreCase("RAW-RSA")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("rsa"); + entry.key = coder.decodePublicKey(entry.payload); + } + else if (type.equalsIgnoreCase("RAW-DH")) + { + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dh"); + entry.key = coder.decodePublicKey(entry.payload); + } + else if (type.equalsIgnoreCase("X.509")) + { + try + { + KeyFactory kf = KeyFactory.getInstance("RSA"); + entry.key = kf.generatePublic(new X509EncodedKeySpec(entry.payload)); + } + catch (Exception x) + { + } + if (entry.key == null) + { + try + { + KeyFactory kf = KeyFactory.getInstance("DSA"); + entry.key = kf.generatePublic(new X509EncodedKeySpec( + entry.payload)); + } + catch (Exception x) + { + } + if (entry.key == null) + { + throw new MalformedKeyringException( + "could not decode X.509 key"); + } + } + } + else + { + throw new MalformedKeyringException("unsupported public key type: " + + type); + } + return entry; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Returns the public key. + * + * @return The public key. + */ + public PublicKey getKey() + { + return key; + } + + protected void encodePayload() throws IOException + { + if (key instanceof DSSPublicKey) + { + properties.put("type", "RAW-DSS"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss"); + payload = coder.encodePublicKey(key); + } + else if (key instanceof GnuRSAPublicKey) + { + properties.put("type", "RAW-RSA"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("rsa"); + payload = coder.encodePublicKey(key); + } + else if (key instanceof GnuDHPublicKey) + { + properties.put("type", "RAW-DH"); + IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dh"); + payload = coder.encodePublicKey(key); + } + else if (key.getFormat() != null && key.getFormat().equals("X.509")) + { + properties.put("type", "X.509"); + payload = key.getEncoded(); + } + else + { + throw new IllegalArgumentException("cannot encode public key"); + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java b/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java new file mode 100644 index 0000000..1b42a16 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/BaseMac.java @@ -0,0 +1,148 @@ +/* BaseMac.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.hash.IMessageDigest; + +import java.util.Map; +import java.security.InvalidKeyException; + +/** + *

A base abstract class to facilitate MAC (Message Authentication + * Code) implementations.

+ */ +public abstract class BaseMac implements IMac +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name prefix of the MAC. */ + protected String name; + + /** Reference to the underlying hash algorithm instance. */ + protected IMessageDigest underlyingHash; + + /** The length of the truncated output in bytes. */ + protected int truncatedSize; + + /** The authentication key for this instance. */ + // protected transient byte[] K; + // Constructor(s) + // ------------------------------------------------------------------------- + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param name the canonical name of this instance. + */ + protected BaseMac(String name) + { + super(); + + this.name = name; + } + + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param name the canonical name of this instance. + * @param underlyingHash the underlying message digest algorithm instance. + */ + protected BaseMac(String name, IMessageDigest underlyingHash) + { + this(name); + + if (underlyingHash != null) + { + truncatedSize = underlyingHash.hashSize(); + } + this.underlyingHash = underlyingHash; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.mac.IMac interface implementation ---------------------------- + + public String name() + { + return name; + } + + public int macSize() + { + return truncatedSize; + } + + public void update(byte b) + { + underlyingHash.update(b); + } + + public void update(byte[] b, int offset, int len) + { + underlyingHash.update(b, offset, len); + } + + public void reset() + { + underlyingHash.reset(); + } + + public Object clone() throws CloneNotSupportedException + { + BaseMac result = (BaseMac) super.clone(); + if (this.underlyingHash != null) + result.underlyingHash = (IMessageDigest) this.underlyingHash.clone(); + + return result; + } + + // methods to be implemented by concrete subclasses ------------------------ + + public abstract void init(Map attributes) throws InvalidKeyException, + IllegalStateException; + + public abstract byte[] digest(); + + public abstract boolean selfTest(); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/HMac.java b/libjava/classpath/gnu/javax/crypto/mac/HMac.java new file mode 100644 index 0000000..c1f97b5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/HMac.java @@ -0,0 +1,328 @@ +/* HMac.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.hash.MD5; +import gnu.java.security.util.Util; + +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +/** + *

The implementation of the HMAC (Keyed-Hash Message Authentication + * Code).

+ * + *

HMAC can be used in combination with any iterated cryptographic + * hash function. HMAC also uses a secret key for calculation and + * verification of the message authentication values. The main goals behind this + * construction are

+ * + *
    + *
  • To use, without modifications, available hash functions. In + * particular, hash functions that perform well in software, and for which + * code is freely and widely available.
    • + * + *
  • To preserve the original performance of the hash function without + * incurring a significant degradation.
    • + * + *
  • To use and handle keys in a simple way.
    • + * + *
  • To have a well understood cryptographic analysis of the strength of + * the authentication mechanism based on reasonable assumptions on the + * underlying hash function.
    • + * + *
  • To allow for easy replaceability of the underlying hash function in + * case that faster or more secure hash functions are found or required.
    • + *
+ * + *

References:

+ * + *
    + *
  1. RFC 2104HMAC: + * Keyed-Hashing for Message Authentication.
    + * H. Krawczyk, M. Bellare, and R. Canetti.
    2. + *
+ */ +public class HMac extends BaseMac implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String USE_WITH_PKCS5_V2 = "gnu.crypto.hmac.pkcs5"; + + private static final byte IPAD_BYTE = 0x36; + + private static final byte OPAD_BYTE = 0x5C; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + protected int macSize; + + protected int blockSize; + + protected IMessageDigest ipadHash; + + protected IMessageDigest opadHash; + + protected byte[] ipad; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param underlyingHash the underlying hash algorithm instance. + */ + protected HMac(IMessageDigest underlyingHash) + { + super(Registry.HMAC_NAME_PREFIX + underlyingHash.name(), underlyingHash); + + this.blockSize = underlyingHash.blockSize(); + this.macSize = underlyingHash.hashSize(); + ipadHash = opadHash = null; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() throws CloneNotSupportedException + { + HMac result = (HMac) super.clone(); + if (this.ipadHash != null) + result.ipadHash = (IMessageDigest) this.ipadHash.clone(); + if (this.opadHash != null) + result.opadHash = (IMessageDigest) this.opadHash.clone(); + if (this.ipad != null) + result.ipad = (byte[]) this.ipad.clone(); + + return result; + } + + // implementation of abstract methods in BaseMac --------------------------- + + public void init(Map attributes) throws InvalidKeyException, + IllegalStateException + { + Integer ts = (Integer) attributes.get(TRUNCATED_SIZE); + truncatedSize = (ts == null ? macSize : ts.intValue()); + if (truncatedSize < (macSize / 2)) + { + throw new IllegalArgumentException("Truncated size too small"); + } + else if (truncatedSize < 10) + { + throw new IllegalArgumentException("Truncated size less than 80 bits"); + } + + // we dont use/save the key outside this method + byte[] K = (byte[]) attributes.get(MAC_KEY_MATERIAL); + if (K == null) + { // take it as an indication to re-use previous key if set + if (ipadHash == null) + { + throw new InvalidKeyException("Null key"); + } + // we already went through the motions; ie. up to step #4. re-use + underlyingHash = (IMessageDigest) ipadHash.clone(); + return; + } + + // for HMACs used in key-derivation functions (e.g. PBKDF2) the key + // material need not be >= the (output) block size of the underlying + // algorithm + Boolean pkcs5 = (Boolean) attributes.get(USE_WITH_PKCS5_V2); + if (pkcs5 == null) + { + pkcs5 = Boolean.FALSE; + } + if (K.length < macSize && !pkcs5.booleanValue()) + { + throw new InvalidKeyException("Key too short"); + } + + if (K.length > blockSize) + { + // (0) replace K with HASH(K) if K is larger than the hash's + // block size. Then pad with zeros until it is the correct + // size (the next `if'). + underlyingHash.update(K, 0, K.length); + K = underlyingHash.digest(); + } + if (K.length < blockSize) + { + // (1) append zeros to the end of K to create a B byte string + // (e.g., if K is of length 20 bytes and B=64, then K will be + // appended with 44 zero bytes 0x00) + int limit = (K.length > blockSize) ? blockSize : K.length; + byte[] newK = new byte[blockSize]; + System.arraycopy(K, 0, newK, 0, limit); + K = newK; + } + + underlyingHash.reset(); + opadHash = (IMessageDigest) underlyingHash.clone(); + if (ipad == null) + { + ipad = new byte[blockSize]; + } + // (2) XOR (bitwise exclusive-OR) the B byte string computed in step + // (1) with ipad + // (3) append the stream of data 'text' to the B byte string resulting + // from step (2) + // (4) apply H to the stream generated in step (3) + for (int i = 0; i < blockSize; i++) + { + // underlyingHash.update((byte)(K[i] ^ IPAD_BYTE)); + ipad[i] = (byte) (K[i] ^ IPAD_BYTE); + } + for (int i = 0; i < blockSize; i++) + { + opadHash.update((byte) (K[i] ^ OPAD_BYTE)); + } + + underlyingHash.update(ipad, 0, blockSize); + ipadHash = (IMessageDigest) underlyingHash.clone(); + K = null; + } + + public void reset() + { + super.reset(); + if (ipad != null) + { + underlyingHash.update(ipad, 0, blockSize); + ipadHash = (IMessageDigest) underlyingHash.clone(); + } + } + + public byte[] digest() + { + if (ipadHash == null) + { + throw new IllegalStateException("HMAC not initialised"); + } + + byte[] out = underlyingHash.digest(); + // (5) XOR (bitwise exclusive-OR) the B byte string computed in + // step (1) with opad + underlyingHash = (IMessageDigest) opadHash.clone(); + // (6) append the H result from step (4) to the B byte string + // resulting from step (5) + underlyingHash.update(out, 0, macSize); + // (7) apply H to the stream generated in step (6) and output + // the result + out = underlyingHash.digest(); // which also resets the underlying hash + + // truncate and return + if (truncatedSize == macSize) + return out; + + byte[] result = new byte[truncatedSize]; + System.arraycopy(out, 0, result, 0, truncatedSize); + + return result; + } + + public boolean selfTest() + { + if (valid == null) + { + try + { + IMac mac = new HMac(new MD5()); // use rfc-2104 test vectors + String tv1 = "9294727A3638BB1C13F48EF8158BFC9D"; + String tv3 = "56BE34521D144C88DBB8C733F0E8B3F6"; + byte[] k1 = new byte[] { 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, + 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, + 0x0B, 0x0B }; + byte[] k3 = new byte[] { (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, + (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, + (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, + (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, + (byte) 0xAA, (byte) 0xAA, (byte) 0xAA, + (byte) 0xAA }; + byte[] data = new byte[50]; + for (int i = 0; i < 50;) + { + data[i++] = (byte) 0xDD; + } + + HashMap map = new HashMap(); + + // test vector #1 + map.put(MAC_KEY_MATERIAL, k1); + mac.init(map); + mac.update("Hi There".getBytes("ASCII"), 0, 8); + if (!tv1.equals(Util.toString(mac.digest()))) + { + valid = Boolean.FALSE; + } + + // test #2 is not used since it causes a "Key too short" exception + + // test vector #3 + map.put(MAC_KEY_MATERIAL, k3); + mac.init(map); + mac.update(data, 0, 50); + if (!tv3.equals(Util.toString(mac.digest()))) + { + valid = Boolean.FALSE; + } + valid = Boolean.TRUE; + } + catch (Exception x) + { + x.printStackTrace(System.err); + valid = Boolean.FALSE; + } + } + return valid.booleanValue(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java b/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java new file mode 100644 index 0000000..156e6ce --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/HMacFactory.java @@ -0,0 +1,128 @@ +/* HMacFactory.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + *

A Factory to instantiate Keyed-Hash Message Authentication Code + * (HMAC) algorithm instances.

+ */ +public class HMacFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private HMacFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Return an instance of a HMAC algorithm given the name of its + * underlying hash function, prefixed with the literal defined in + * {@link Registry#HMAC_NAME_PREFIX}.

+ * + * @param name the fully qualified name of the underlying algorithm: composed + * as the concatenation of a literal prefix (see {@link Registry#HMAC_NAME_PREFIX}) + * and the name of the underlying hash algorithm. + * @return an instance of the HMAC algorithm, or null if + * none can be constructed. + * @exception InternalError if the implementation does not pass its self-test. + */ + public static IMac getInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + name = name.toLowerCase(); + if (!name.startsWith(HMAC_NAME_PREFIX)) + { + return null; + } + + // strip the prefix + name = name.substring(HMAC_NAME_PREFIX.length()).trim(); + IMac result = new HMac(HashFactory.getInstance(name)); + if (result != null && !result.selfTest()) + { + throw new InternalError(result.name()); + } + + return result; + } + + /** + *

Returns a {@link java.util.Set} of names of HMAC algorithms + * supported by this Factory.

+ * + * @return a {@link java.util.Set} of HMAC algorithm names (Strings). + */ + public static final Set getNames() + { + Set hashNames = HashFactory.getNames(); + HashSet hs = new HashSet(); + for (Iterator it = hashNames.iterator(); it.hasNext();) + { + hs.add(HMAC_NAME_PREFIX + ((String) it.next())); + } + + return Collections.unmodifiableSet(hs); + } + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/IMac.java b/libjava/classpath/gnu/javax/crypto/mac/IMac.java new file mode 100644 index 0000000..c4170c4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/IMac.java @@ -0,0 +1,197 @@ +/* IMac.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import java.util.Map; +import java.security.InvalidKeyException; + +/** + *

The basic visible methods of any MAC (Message Authentication Code) + * algorithm.

+ * + *

A MAC provides a way to check the integrity of information + * transmitted over, or stored in, an unreliable medium, based on a secret key. + * Typically, MACs are used between two parties, that share a common + * secret key, in order to validate information transmitted between them.

+ * + *

When a MAC algorithm is based on a cryptographic hash function, it + * is then called to a HMAC (Hashed Message Authentication Code) --see + * RFC-2104.

+ * + * Another type of MAC algorithms exist: UMAC or Universal Message + * Authentication Code, described in + * + * draft-krovetz-umac-01.txt.

+ * + *

With UMACs, the sender and receiver share a common secret key (the + * MAC key) which determines:

+ * + *
    + *
  • The key for a universal hash function. This hash function is + * non-cryptographic, in the sense that it does not need to have any + * cryptographic hardness property. Rather, it needs to satisfy some + * combinatorial property, which can be proven to hold without relying on + * unproven hardness assumptions.
    • + * + *
  • The key for a pseudorandom function. This is where one needs a + * cryptographic hardness assumption. The pseudorandom function may be + * obtained from a block cipher or a cryptographic hash function. + *
    • + *
+ * + *

References:

+ * + *
    + *
  1. RFC 2104HMAC: + * Keyed-Hashing for Message Authentication.
    + * H. Krawczyk, M. Bellare, and R. Canetti.
    2. + * + *
  2. + * UMAC: Message Authentication Code using Universal Hashing.
    + * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.
    3. + *
+ */ +public interface IMac +{ + + // Constants + // ------------------------------------------------------------------------- + + /** + * Property name of the user-supplied key material. The value associated to + * this property name is taken to be a byte array. + */ + String MAC_KEY_MATERIAL = "gnu.crypto.mac.key.material"; + + /** + *

Property name of the desired truncated output size in bytes. The value + * associated to this property name is taken to be an integer. If no value + * is specified in the attributes map at initialisation time, then all bytes + * of the underlying hash algorithm's output are emitted.

+ * + *

This implementation, follows the recommendation of the RFC 2104 + * authors; specifically:

+ * + * 
+   *    We recommend that the output length t be not less than half the
+   *    length of the hash output (to match the birthday attack bound)
+   *    and not less than 80 bits (a suitable lower bound on the number
+   *    of bits that need to be predicted by an attacker).
+   *
+ */ + String TRUNCATED_SIZE = "gnu.crypto.mac.truncated.size"; + + // Methods + // ------------------------------------------------------------------------- + + /** + *

Returns the canonical name of this algorithm.

+ * + * @return the canonical name of this algorithm. + */ + String name(); + + /** + *

Returns the output length in bytes of this MAC algorithm.

+ * + * @return the output length in bytes of this MAC algorithm. + */ + int macSize(); + + /** + *

Initialises the algorithm with designated attributes. Permissible names + * and values are described in the class documentation above.

+ * + * @param attributes a set of name-value pairs that describe the desired + * future instance behaviour. + * @exception InvalidKeyException if the key data is invalid. + * @exception IllegalStateException if the instance is already initialised. + * @see #MAC_KEY_MATERIAL + */ + void init(Map attributes) throws InvalidKeyException, IllegalStateException; + + /** + *

Continues a MAC operation using the input byte.

+ * + * @param b the input byte to digest. + */ + void update(byte b); + + /** + *

Continues a MAC operation, by filling the buffer, processing + * data in the algorithm's MAC_SIZE-bit block(s), updating the context and + * count, and buffering the remaining bytes in buffer for the next + * operation.

+ * + * @param in the input block. + * @param offset start of meaningful bytes in input block. + * @param length number of bytes, in input block, to consider. + */ + void update(byte[] in, int offset, int length); + + /** + *

Completes the MAC by performing final operations such as + * padding and resetting the instance.

+ * + * @return the array of bytes representing the MAC value. + */ + byte[] digest(); + + /** + *

Resets the algorithm instance for re-initialisation and use with other + * characteristics. This method always succeeds.

+ */ + void reset(); + + /** + *

A basic test. Ensures that the MAC of a pre-determined message is equal + * to a known pre-computed value.

+ * + * @return true if the implementation passes a basic self-test. + * Returns false otherwise. + */ + boolean selfTest(); + + /** + *

Returns a clone copy of this instance.

+ * + * @return a clone copy of this instance. + */ + Object clone() throws CloneNotSupportedException; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java b/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java new file mode 100644 index 0000000..d8f8bcf --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/MacFactory.java @@ -0,0 +1,164 @@ +/* MacFactory.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + *

A Factory that instantiates instances of every supported Message + * Authentication Code algorithms, including all HMAC algorithms.

+ */ +public class MacFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private MacFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a MAC algorithm given its name.

+ * + * @param name the name of the MAC algorithm. + * @return an instance of the MAC algorithm, or null if + * none can be constructed. + * @exception InternalError if the implementation does not pass its self-test. + */ + public static IMac getInstance(String name) + { + if (name == null) + { + return null; + } + + name = name.trim(); + name = name.toLowerCase(); + if (name.startsWith(HMAC_NAME_PREFIX)) + { + return HMacFactory.getInstance(name); + } + + if (name.startsWith(OMAC_PREFIX)) + { + name = name.substring(OMAC_PREFIX.length()); + IBlockCipher cipher = CipherFactory.getInstance(name); + if (cipher == null) + { + return null; + } + return new OMAC(cipher); + } + + IMac result = null; + if (name.equalsIgnoreCase(UHASH32)) + { + result = new UHash32(); + } + else if (name.equalsIgnoreCase(UMAC32)) + { + result = new UMac32(); + } + else if (name.equalsIgnoreCase(TMMH16)) + { + result = new TMMH16(); + } + // else if (name.equalsIgnoreCase(TMMH32)) { + // result = new TMMH32(); + // } + + if (result != null && !result.selfTest()) + { + throw new InternalError(result.name()); + } + + return result; + } + + /** + *

Returns a {@link java.util.Set} of names of MAC algorithms + * supported by this Factory.

+ * + * @return a {@link java.util.Set} of MAC names (Strings). + */ + public static final Set getNames() + { + synchronized (MacFactory.class) + { + if (names == null) + { + HashSet hs = new HashSet(); + hs.addAll(HMacFactory.getNames()); + hs.add(UHASH32); + hs.add(UMAC32); + hs.add(TMMH16); + // hs.add(TMMH32); + + for (Iterator it = CipherFactory.getNames().iterator(); it.hasNext();) + { + hs.add(OMAC_PREFIX + it.next()); + } + + names = Collections.unmodifiableSet(hs); + } + } + return names; + } + + private static Set names; + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java b/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java new file mode 100644 index 0000000..9acd18b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/MacInputStream.java @@ -0,0 +1,138 @@ +/* MacInputStream.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import java.io.FilterInputStream; +import java.io.InputStream; +import java.io.IOException; + +/** + * A filtering input stream that computes a MAC (message authentication code) + * over all data read from the stream. + */ +public class MacInputStream extends FilterInputStream +{ + + // Field. + // ------------------------------------------------------------------------ + + /** + * The digesting state. The MAC is updated only if this flag is true. + */ + private boolean digesting; + + /** + * The MAC being updated. + */ + private IMac mac; + + // Constructor. + // ------------------------------------------------------------------------ + + /** + * Creates a new MacInputStream. The stream is initially set to digest + * data written, the mac argument must have already been initialized, + * and the mac argument is not cloned. + * + * @param in The underlying input stream. + * @param mac The mac instance to use. + */ + public MacInputStream(InputStream in, IMac mac) + { + super(in); + if (mac == null) + throw new NullPointerException(); + this.mac = mac; + digesting = true; + } + + // Instance methods. + // ------------------------------------------------------------------------ + + /** + * Returns the MAC this stream is updating. + * + * @return The MAC. + */ + public IMac getMac() + { + return mac; + } + + /** + * Sets the MAC this stream is updating, which must have already been + * initialized. The argument is not cloned by this method. + * + * @param mac The new MAC. + * @throws NullPointerException If the argument is null. + */ + public void setMac(IMac mac) + { + if (mac == null) + throw new NullPointerException(); + this.mac = mac; + } + + /** + * Turns the digesting state on or off. When off, the MAC will not be + * updated when data is written to the stream. + * + * @param flag The new digesting state. + */ + public void on(boolean flag) + { + digesting = flag; + } + + public int read() throws IOException + { + int i = in.read(); + if (digesting && i != -1) + mac.update((byte) i); + return i; + } + + public int read(byte[] buf, int off, int len) throws IOException + { + int i = in.read(buf, off, len); + if (digesting && i != -1) + mac.update(buf, off, i); + return i; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java b/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java new file mode 100644 index 0000000..a48d25b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/MacOutputStream.java @@ -0,0 +1,140 @@ +/* MacOutputStream.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import java.io.FilterOutputStream; +import java.io.IOException; +import java.io.OutputStream; + +/** + *

A filtering output stream that computes a MAC (message authentication + * code) over all data written to the stream.

+ */ +public class MacOutputStream extends FilterOutputStream +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The digesting state. The MAC is updated only if this flag is true. */ + private boolean digesting; + + /** The MAC being updated. */ + private IMac mac; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Creates a new MacOutputStream. The stream is initially set + * to digest data written, the mac argument must have already + * been initialized, and the mac argument is not cloned.

+ * + * @param out The underlying output stream. + * @param mac The mac instance to use. + */ + public MacOutputStream(OutputStream out, IMac mac) + { + super(out); + if (mac == null) + { + throw new NullPointerException(); + } + this.mac = mac; + digesting = true; + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns the MAC this stream is updating.

+ * + * @return The MAC. + */ + public IMac getMac() + { + return mac; + } + + /** + *

Sets the MAC this stream is updating, which must have already been + * initialized. The argument is not cloned by this method.

+ * + * @param mac The non-null new MAC. + * @throws NullPointerException If the argument is null. + */ + public void setMac(IMac mac) + { + if (mac == null) + { + throw new NullPointerException(); + } + this.mac = mac; + } + + /** + *

Turns the digesting state on or off. When off, the MAC will not be + * updated when data is written to the stream.

+ * + * @param flag The new digesting state. + */ + public void on(boolean flag) + { + digesting = flag; + } + + public void write(int b) throws IOException + { + if (digesting) + { + mac.update((byte) b); + } + out.write(b); + } + + public void write(byte[] buf, int off, int len) throws IOException + { + if (digesting) + { + mac.update(buf, off, len); + } + out.write(buf, off, len); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/OMAC.java b/libjava/classpath/gnu/javax/crypto/mac/OMAC.java new file mode 100644 index 0000000..c83320a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/OMAC.java @@ -0,0 +1,402 @@ +/* OMAC.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; + +import java.security.InvalidKeyException; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +/** + *

The One-Key CBC MAC, OMAC. This message authentication code is based on + * a block cipher in CBC mode.

+ * + *

References:

+ *
    + *
  1. Tetsu Iwata and Kaoru Kurosawa, OMAC: One-Key CBC + * MAC.
    2. + *
+ */ +public class OMAC implements IMac +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + private static final boolean DEBUG = false; + + private static void debug(String msg) + { + System.out.print(">>> OMAC: "); + System.out.println(msg); + } + + private static final byte C1 = (byte) 0x87; + + private static final byte C2 = 0x1b; + + // Test key for OMAC-AES-128 + private static final byte[] KEY0 = Util.toBytesFromString("2b7e151628aed2a6abf7158809cf4f3c"); + + // Test MAC for zero-length input. + private static final byte[] DIGEST0 = Util.toBytesFromString("bb1d6929e95937287fa37d129b756746"); + + private static Boolean valid; + + private final IBlockCipher cipher; + + private final String name; + + private IMode mode; + + private int blockSize; + + private int outputSize; + + private byte[] Lu, Lu2; + + private byte[] M; + + private byte[] Y; + + private boolean init; + + private int index; + + // Constructor. + // ------------------------------------------------------------------------ + + public OMAC(IBlockCipher cipher) + { + this.cipher = cipher; + this.name = "OMAC-" + cipher.name(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public Object clone() + { + return new OMAC(cipher); + } + + public String name() + { + return name; + } + + public int macSize() + { + return outputSize; + } + + public void init(Map attrib) throws InvalidKeyException + { + HashMap attrib2 = new HashMap(); + attrib2.put(IBlockCipher.KEY_MATERIAL, attrib.get(MAC_KEY_MATERIAL)); + cipher.reset(); + cipher.init(attrib2); + + blockSize = cipher.currentBlockSize(); + Integer os = (Integer) attrib.get(TRUNCATED_SIZE); + if (os != null) + { + outputSize = os.intValue(); + if (outputSize < 0 || outputSize > blockSize) + { + throw new IllegalArgumentException("truncated size out of range"); + } + } + else + { + outputSize = blockSize; + } + + byte[] L = new byte[blockSize]; + cipher.encryptBlock(L, 0, L, 0); + + if (DEBUG) + { + debug("L = " + Util.toString(L).toLowerCase()); + } + + if (Lu != null) + { + Arrays.fill(Lu, (byte) 0); + if (Lu.length != blockSize) + { + Lu = new byte[blockSize]; + } + } + else + { + Lu = new byte[blockSize]; + } + if (Lu2 != null) + { + Arrays.fill(Lu2, (byte) 0); + if (Lu2.length != blockSize) + { + Lu2 = new byte[blockSize]; + } + } + else + { + Lu2 = new byte[blockSize]; + } + + boolean msb = (L[0] & 0x80) != 0; + for (int i = 0; i < blockSize; i++) + { + Lu[i] = (byte) (L[i] << 1 & 0xFF); + if (i + 1 < blockSize) + { + Lu[i] |= (byte) ((L[i + 1] & 0x80) >> 7); + } + } + if (msb) + { + if (blockSize == 16) + { + Lu[Lu.length - 1] ^= C1; + } + else if (blockSize == 8) + { + Lu[Lu.length - 1] ^= C2; + } + else + { + throw new IllegalArgumentException( + "unsupported cipher block size: " + + blockSize); + } + } + if (DEBUG) + { + debug("Lu = " + Util.toString(Lu).toLowerCase()); + } + + msb = (Lu[0] & 0x80) != 0; + for (int i = 0; i < blockSize; i++) + { + Lu2[i] = (byte) (Lu[i] << 1 & 0xFF); + if (i + 1 < blockSize) + { + Lu2[i] |= (byte) ((Lu[i + 1] & 0x80) >> 7); + } + } + if (msb) + { + if (blockSize == 16) + { + Lu2[Lu2.length - 1] ^= C1; + } + else + { + Lu2[Lu2.length - 1] ^= C2; + } + } + if (DEBUG) + { + debug("Lu2 = " + Util.toString(Lu2).toLowerCase()); + } + + if (M != null) + { + Arrays.fill(M, (byte) 0); + if (M.length != blockSize) + { + M = new byte[blockSize]; + } + } + else + { + M = new byte[blockSize]; + } + if (Y != null) + { + Arrays.fill(Y, (byte) 0); + if (Y.length != blockSize) + { + Y = new byte[blockSize]; + } + } + else + { + Y = new byte[blockSize]; + } + + index = 0; + init = true; + } + + public void update(byte b) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + if (index == M.length) + { + process(); + index = 0; + } + M[index++] = b; + } + + public void update(byte[] buf, int off, int len) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + if (off < 0 || len < 0 || off + len > buf.length) + { + throw new IndexOutOfBoundsException("size=" + buf.length + "; off=" + + off + "; len=" + len); + } + for (int i = 0; i < len;) + { + if (index == blockSize) + { + process(); + index = 0; + } + int count = Math.min(blockSize - index, len - i); + System.arraycopy(buf, off + i, M, index, count); + index += count; + i += count; + } + } + + public byte[] digest() + { + byte[] b = new byte[outputSize]; + digest(b, 0); + return b; + } + + public void digest(byte[] out, int off) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + if (off < 0 || off + outputSize > out.length) + { + throw new IndexOutOfBoundsException("size=" + out.length + "; off=" + + off + "; len=" + outputSize); + } + byte[] T = new byte[blockSize]; + byte[] L = Lu; + if (index < blockSize) + { + M[index++] = (byte) 0x80; + while (index < blockSize) + { + M[index++] = 0; + } + L = Lu2; + } + for (int i = 0; i < blockSize; i++) + { + T[i] = (byte) (M[i] ^ Y[i] ^ L[i]); + } + cipher.encryptBlock(T, 0, T, 0); + System.arraycopy(T, 0, out, off, outputSize); + reset(); + } + + public void reset() + { + index = 0; + if (Y != null) + { + Arrays.fill(Y, (byte) 0); + } + if (M != null) + { + Arrays.fill(M, (byte) 0); + } + } + + public boolean selfTest() + { + OMAC mac = new OMAC(CipherFactory.getInstance(Registry.AES_CIPHER)); + mac.reset(); + Map attr = new HashMap(); + attr.put(MAC_KEY_MATERIAL, KEY0); + byte[] digest = null; + try + { + mac.init(attr); + digest = mac.digest(); + } + catch (Exception x) + { + return false; + } + if (digest == null) + { + return false; + } + return Arrays.equals(DIGEST0, digest); + } + + // Own methods. + // ------------------------------------------------------------------------ + + private void process() + { + for (int i = 0; i < blockSize; i++) + { + M[i] = (byte) (M[i] ^ Y[i]); + } + cipher.encryptBlock(M, 0, Y, 0); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java new file mode 100644 index 0000000..af6e78f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java @@ -0,0 +1,402 @@ +/* TMMH16.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +import java.security.InvalidKeyException; +import java.util.Map; + +/** + *

TMMH is a universal hash function suitable for message + * authentication in the Wegman-Carter paradigm, as in the Stream Cipher + * Security Transform. It is simple, quick, and especially appropriate for + * Digital Signal Processors and other processors with a fast multiply + * operation, though a straightforward implementation requires storage equal in + * length to the largest message to be hashed.

+ * + *

TMMH is a simple hash function which maps a key and a message to a + * hash value. There are two versions of TMMH: TMMH/16 and TMMH/32. TMMH + * can be used as a message authentication code, as described in Section 5 (see + * References).

+ * + *

The key, message, and hash value are all octet strings, and the lengths of + * these quantities are denoted as KEY_LENGTH, + * MESSAGE_LENGTH, and TAG_LENGTH, respectively. The + * values of KEY_LENGTH and TAG_LENGTH + * MUST be fixed for any particular fixed value of the key, and + * must obey the alignment restrictions described below.

+ * + *

The parameter MAX_HASH_LENGTH, which denotes the maximum + * value which MESSAGE_LENGTH may take, is equal to + * KEY_LENGTH - TAG_LENGTH.

+ * + *

References:

+ * + *
    + *
  1. + * The Truncated Multi-Modular Hash Function (TMMH), David A. McGrew.
    2. + *
+ */ +public class TMMH16 extends BaseMac implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + public static final String TAG_LENGTH = "gnu.crypto.mac.tmmh.tag.length"; + + public static final String KEYSTREAM = "gnu.crypto.mac.tmmh.keystream"; + + public static final String PREFIX = "gnu.crypto.mac.tmmh.prefix"; + + private static final int P = (1 << 16) + 1; // the TMMH/16 prime + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + private int tagWords = 0; // the tagLength expressed in words + + private IRandom keystream = null; // the keystream generator + + private byte[] prefix; // mask to use when operating as an authentication f. + + private long keyWords; // key words counter + + private long msgLength; // in bytes + + private long msgWords; // should be = msgLength * WORD_LENGTH + + private int[] context; // the tmmh running context; length == TAG_WORDS + + private int[] K0; // the first TAG_WORDS words of the keystream + + private int[] Ki; // the sliding TAG_WORDS words of the keystream + + private int Mi; // current message word being constructed + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public TMMH16() + { + super(Registry.TMMH16); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // gnu.crypto.mac.IMac interface implementation ---------------------------- + + public int macSize() + { + return tagWords * 2; + } + + public void init(Map attributes) throws InvalidKeyException, + IllegalStateException + { + int wantTagLength = 0; + Integer tagLength = (Integer) attributes.get(TAG_LENGTH); // get tag length + if (tagLength == null) + { + if (tagWords == 0) + { // was never set + throw new IllegalArgumentException(TAG_LENGTH); + } // else re-use + } + else + { // check if positive and is divisible by WORD_LENGTH + wantTagLength = tagLength.intValue(); + if (wantTagLength < 2 || (wantTagLength % 2 != 0)) + { + throw new IllegalArgumentException(TAG_LENGTH); + } + else if (wantTagLength > (512 / 8)) + { // 512-bits is our maximum + throw new IllegalArgumentException(TAG_LENGTH); + } + + tagWords = wantTagLength / 2; // init local vars + K0 = new int[tagWords]; + Ki = new int[tagWords]; + context = new int[tagWords]; + } + + prefix = (byte[]) attributes.get(PREFIX); + if (prefix == null) + { // default to all-zeroes + prefix = new byte[tagWords * 2]; + } + else + { // ensure it's as long as it should + if (prefix.length != tagWords * 2) + { + throw new IllegalArgumentException(PREFIX); + } + } + + IRandom prng = (IRandom) attributes.get(KEYSTREAM); // get keystream + if (prng == null) + { + if (keystream == null) + { + throw new IllegalArgumentException(KEYSTREAM); + } // else reuse + } + else + { + keystream = prng; + } + + reset(); // reset context variables + for (int i = 0; i < tagWords; i++) + { // init starting key words + Ki[i] = K0[i] = getNextKeyWord(keystream); + } + } + + // The words of the key are denoted as K[1], K[2], ..., K[KEY_WORDS], and the + // words of the message (after zero padding, if needed) are denoted as M[1], + // M[2], ..., M[MSG_WORDS], where MSG_WORDS is the smallest number such that + // 2 * MSG_WORDS is at least MESSAGE_LENGTH, and KEY_WORDS is KEY_LENGTH / 2. + // + // If MESSAGE_LENGTH is greater than MAX_HASH_LENGTH, then the value of + // TMMH/16 is undefined. Implementations MUST indicate an error if asked to + // hash a message with such a length. Otherwise, the hash value is defined + // to be the length TAG_WORDS sequence of words in which the j-th word in the + // sequence is defined as + // + // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2] + // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 + // + // where j ranges from 1 to TAG_WORDS. + public void update(byte b) + { + this.update(b, keystream); + } + + public void update(byte[] b, int offset, int len) + { + for (int i = 0; i < len; i++) + { + this.update(b[offset + i], keystream); + } + } + + // For TMMH/16, KEY_LENGTH and TAG_LENGTH MUST be a multiple of two. The key, + // message, and hash value are treated as a sequence of unsigned sixteen bit + // integers in network byte order. (In this section, we call such an integer + // a word.) If MESSAGE_LENGTH is odd, then a zero byte is appended to the + // message to align it on a word boundary, though this process does not + // change the value of MESSAGE_LENGTH. + // + // ... Otherwise, the hash value is defined to be the length TAG_WORDS + // sequence of words in which the j-th word in the sequence is defined as + // + // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2] + // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 + // + // where j ranges from 1 to TAG_WORDS. + // + // Here, TAG_WORDS is equal to TAG_LENGTH / 2, and p is equal to 2^16 + 1. + // The symbol * denotes multiplication and the symbol +32 denotes addition + // modulo 2^32. + public byte[] digest() + { + return this.digest(keystream); + } + + public void reset() + { + msgLength = msgWords = keyWords = 0L; + Mi = 0; + for (int i = 0; i < tagWords; i++) + { + context[i] = 0; + } + } + + public boolean selfTest() + { + if (valid == null) + { + // TODO: compute and test equality with one known vector + + valid = Boolean.TRUE; + } + return valid.booleanValue(); + } + + // Cloneable interface implementation --------------------------------------- + + public Object clone() throws CloneNotSupportedException + { + TMMH16 result = (TMMH16) super.clone(); + + if (this.keystream != null) + result.keystream = (IRandom) this.keystream.clone(); + + if (this.prefix != null) + result.prefix = (byte[]) this.prefix.clone(); + + if (this.context != null) + result.context = (int[]) this.context.clone(); + + if (this.K0 != null) + result.K0 = (int[]) this.K0.clone(); + + if (this.Ki != null) + result.Ki = (int[]) this.Ki.clone(); + + return result; + } + + // own methods ------------------------------------------------------------- + + /** + *

Similar to the same method with one argument, but uses the designated + * random number generator to compute needed keying material.

+ * + * @param b the byte to process. + * @param prng the source of randomness to use. + */ + public void update(byte b, IRandom prng) + { + Mi <<= 8; // update message buffer + Mi |= b & 0xFF; + msgLength++; // update message length (bytes) + if (msgLength % 2 == 0) + { // got a full word + msgWords++; // update message words counter + System.arraycopy(Ki, 1, Ki, 0, tagWords - 1); // 1. shift Ki up by 1 + Ki[tagWords - 1] = getNextKeyWord(prng); // 2. fill last box of Ki + long t; // temp var to allow working in modulo 2^32 + for (int i = 0; i < tagWords; i++) + { // 3. update context + t = context[i] & 0xFFFFFFFFL; + t += Ki[i] * Mi; + context[i] = (int) t; + } + Mi = 0; // reset message buffer + } + } + + /** + *

Similar to the same method with three arguments, but uses the + * designated random number generator to compute needed keying material.

+ * + * @param b the byte array to process. + * @param offset the starting offset in b to start considering + * the bytes to process. + * @param len the number of bytes in b starting from + * offset to process. + * @param prng the source of randomness to use. + */ + public void update(byte[] b, int offset, int len, IRandom prng) + { + for (int i = 0; i < len; i++) + { + this.update(b[offset + i], prng); + } + } + + /** + *

Similar to the same method with no arguments, but uses the designated + * random number generator to compute needed keying material.

+ * + * @param prng the source of randomness to use. + * @return the final result of the algorithm. + */ + public byte[] digest(IRandom prng) + { + doFinalRound(prng); + byte[] result = new byte[tagWords * 2]; + for (int i = 0, j = 0; i < tagWords; i++) + { + result[j] = (byte) ((context[i] >>> 8) ^ prefix[j]); + j++; + result[j] = (byte) (context[i] ^ prefix[j]); + j++; + } + + reset(); + return result; + } + + private int getNextKeyWord(IRandom prng) + { + int result = 0; + try + { + result = (prng.nextByte() & 0xFF) << 8 | (prng.nextByte() & 0xFF); + } + catch (LimitReachedException x) + { + throw new RuntimeException(String.valueOf(x)); + } + + keyWords++; // update key words counter + return result; + } + + private void doFinalRound(IRandom prng) + { + long limit = msgLength; // formula works on real message length + while (msgLength % 2 != 0) + { + update((byte) 0x00, prng); + } + long t; + for (int i = 0; i < tagWords; i++) + { + t = context[i] & 0xFFFFFFFFL; + t += K0[i] * limit; + t %= P; + context[i] = (int) t; + } + } +} diff --git a/libjava/classpath/gnu/javax/crypto/mac/UHash32.java b/libjava/classpath/gnu/javax/crypto/mac/UHash32.java new file mode 100644 index 0000000..8abb025 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/UHash32.java @@ -0,0 +1,957 @@ +/* UHash32.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.prng.UMacGenerator; + +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +/** + *

UHASH is a keyed hash function, which takes as input a string of + * arbitrary length, and produces as output a string of fixed length (such as 8 + * bytes). The actual output length depends on the parameter UMAC-OUTPUT-LEN.

+ * + *

UHASH has been shown to be epsilon-ASU ("Almost Strongly + * Universal"), where epsilon is a small (parameter-dependent) real number. + * Informally, saying that a keyed hash function is epsilon-ASU means + * that for any two distinct fixed input strings, the two outputs of the hash + * function with a random key "look almost like a pair of random strings". The + * number epsilon measures how non-random the output strings may be.

+ * + * UHASH has been designed to be fast by exploiting several architectural + * features of modern commodity processors. It was specifically designed for use + * in UMAC. But UHASH is useful beyond that domain, and can be + * easily adopted for other purposes.

+ * + * UHASH does its work in three layers. First, a hash function called + * NH is used to compress input messages into strings which are + * typically many times smaller than the input message. Second, the compressed + * message is hashed with an optimized polynomial hash function into a + * fixed-length 16-byte string. Finally, the 16-byte string is hashed using an + * inner-product hash into a string of length WORD-LEN bytes. These three + * layers are repeated (with a modified key) until the outputs total + * UMAC-OUTPUT-LEN bytes.

+ * + *

References:

+ * + *
    + *
  1. + * UMAC: Message Authentication Code using Universal Hashing.
    + * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.
    2. + *
+ */ +public class UHash32 extends BaseMac +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // UMAC prime values + private static final BigInteger PRIME_19 = BigInteger.valueOf(0x7FFFFL); + + private static final BigInteger PRIME_32 = BigInteger.valueOf(0xFFFFFFFBL); + + private static final BigInteger PRIME_36 = BigInteger.valueOf(0xFFFFFFFFBL); + + private static final BigInteger PRIME_64 = new BigInteger( + 1, + new byte[] { + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xC5 }); + + private static final BigInteger PRIME_128 = new BigInteger( + 1, + new byte[] { + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0xFF, + (byte) 0x61 }); + + static final BigInteger TWO = BigInteger.valueOf(2L); + + static final long BOUNDARY = TWO.shiftLeft(17).longValue(); + + // 2**64 - 2**32 + static final BigInteger LOWER_RANGE = TWO.pow(64).subtract(TWO.pow(32)); + + // 2**128 - 2**96 + static final BigInteger UPPER_RANGE = TWO.pow(128).subtract(TWO.pow(96)); + + static final byte[] ALL_ZEROES = new byte[32]; + + int streams; + + L1Hash32[] l1hash; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public UHash32() + { + super("uhash32"); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private UHash32(UHash32 that) + { + this(); + + this.streams = that.streams; + if (that.l1hash != null) + { + // this.l1hash = new L1Hash32[that.l1hash.length]; + this.l1hash = new L1Hash32[that.streams]; + // for (int i = 0; i < that.l1hash.length; i++) { + for (int i = 0; i < that.streams; i++) + { + if (that.l1hash[i] != null) + { + this.l1hash[i] = (L1Hash32) that.l1hash[i].clone(); + } + } + } + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

The prime numbers used in UMAC are:

+ * 
+   *   +-----+--------------------+---------------------------------------+
+   *   |  x  | prime(x) [Decimal] | prime(x) [Hexadecimal]                |
+   *   +-----+--------------------+---------------------------------------+
+   *   | 19  | 2^19  - 1          | 0x0007FFFF                            |
+   *   | 32  | 2^32  - 5          | 0xFFFFFFFB                            |
+   *   | 36  | 2^36  - 5          | 0x0000000F FFFFFFFB                   |
+   *   | 64  | 2^64  - 59         | 0xFFFFFFFF FFFFFFC5                   |
+   *   | 128 | 2^128 - 159        | 0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFF61 |
+   *   +-----+--------------------+---------------------------------------+
+   *
+ * + * @param n a number of bits. + * @return the largest prime number less than 2**n. + */ + static final BigInteger prime(int n) + { + switch (n) + { + case 19: + return PRIME_19; + case 32: + return PRIME_32; + case 36: + return PRIME_36; + case 64: + return PRIME_64; + case 128: + return PRIME_128; + default: + throw new IllegalArgumentException("Undefined prime(" + + String.valueOf(n) + ")"); + } + } + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new UHash32(this); + } + + // gnu.crypto.mac.IMac interface implementation ---------------------------- + + public int macSize() + { + return UMac32.OUTPUT_LEN; + } + + public void init(Map attributes) throws InvalidKeyException, + IllegalStateException + { + byte[] K = (byte[]) attributes.get(MAC_KEY_MATERIAL); + if (K == null) + { + throw new InvalidKeyException("Null Key"); + } + if (K.length != UMac32.KEY_LEN) + { + throw new InvalidKeyException("Invalid Key length: " + + String.valueOf(K.length)); + } + + // Calculate iterations needed to make UMAC-OUTPUT-LEN bytes + streams = (UMac32.OUTPUT_LEN + 3) / 4; + + // Define total key needed for all iterations using UMacGenerator. + // L1Key and L3Key1 both reuse most key between iterations. + IRandom kdf1 = new UMacGenerator(); + IRandom kdf2 = new UMacGenerator(); + IRandom kdf3 = new UMacGenerator(); + IRandom kdf4 = new UMacGenerator(); + Map map = new HashMap(); + map.put(IBlockCipher.KEY_MATERIAL, K); + map.put(UMacGenerator.INDEX, new Integer(0)); + kdf1.init(map); + map.put(UMacGenerator.INDEX, new Integer(1)); + kdf2.init(map); + map.put(UMacGenerator.INDEX, new Integer(2)); + kdf3.init(map); + map.put(UMacGenerator.INDEX, new Integer(3)); + kdf4.init(map); + + // need to generate all bytes for use later in a Toepliz construction + byte[] L1Key = new byte[UMac32.L1_KEY_LEN + (streams - 1) * 16]; + try + { + kdf1.nextBytes(L1Key, 0, L1Key.length); + } + catch (LimitReachedException x) + { + x.printStackTrace(System.err); + throw new RuntimeException("KDF for L1Key reached limit"); + } + + l1hash = new L1Hash32[streams]; + for (int i = 0; i < streams; i++) + { + byte[] k1 = new byte[UMac32.L1_KEY_LEN]; + System.arraycopy(L1Key, i * 16, k1, 0, UMac32.L1_KEY_LEN); + byte[] k2 = new byte[24]; + try + { + kdf2.nextBytes(k2, 0, 24); + } + catch (LimitReachedException x) + { + x.printStackTrace(System.err); + throw new RuntimeException("KDF for L2Key reached limit"); + } + + byte[] k31 = new byte[64]; + try + { + kdf3.nextBytes(k31, 0, 64); + } + catch (LimitReachedException x) + { + x.printStackTrace(System.err); + throw new RuntimeException("KDF for L3Key1 reached limit"); + } + + byte[] k32 = new byte[4]; + try + { + kdf4.nextBytes(k32, 0, 4); + } + catch (LimitReachedException x) + { + x.printStackTrace(System.err); + throw new RuntimeException("KDF for L3Key2 reached limit"); + } + + L1Hash32 mac = new L1Hash32(); + mac.init(k1, k2, k31, k32); + l1hash[i] = mac; + } + } + + public void update(byte b) + { + for (int i = 0; i < streams; i++) + { + l1hash[i].update(b); + } + } + + public void update(byte[] b, int offset, int len) + { + for (int i = 0; i < len; i++) + { + this.update(b[offset + i]); + } + } + + public byte[] digest() + { + byte[] result = new byte[UMac32.OUTPUT_LEN]; + for (int i = 0; i < streams; i++) + { + byte[] partialResult = l1hash[i].digest(); + System.arraycopy(partialResult, 0, result, 4 * i, 4); + } + reset(); + return result; + } + + public void reset() + { + for (int i = 0; i < streams; i++) + { + l1hash[i].reset(); + } + } + + public boolean selfTest() + { + return true; + } + + // helper methods ---------------------------------------------------------- + + // Inner classes + // ========================================================================= + + /** + * First hash stage of the UHash32 algorithm. + */ + class L1Hash32 implements Cloneable + { + + // Constants and variables + // ---------------------------------------------------------------------- + + private int[] key; // key material as an array of 32-bit ints + + private byte[] buffer; // work buffer L1_KEY_LEN long + + private int count; // meaningful bytes in buffer + + private ByteArrayOutputStream Y; + + // private byte[] y; + private long totalCount; + + private L2Hash32 l2hash; + + private L3Hash32 l3hash; + + // Constructor(s) + // ---------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + L1Hash32() + { + super(); + + key = new int[UMac32.L1_KEY_LEN / 4]; + buffer = new byte[UMac32.L1_KEY_LEN]; + count = 0; + Y = new ByteArrayOutputStream(); + totalCount = 0L; + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private L1Hash32(L1Hash32 that) + { + this(); + + System.arraycopy(that.key, 0, this.key, 0, that.key.length); + System.arraycopy(that.buffer, 0, this.buffer, 0, that.count); + this.count = that.count; + byte[] otherY = that.Y.toByteArray(); + this.Y.write(otherY, 0, otherY.length); + this.totalCount = that.totalCount; + if (that.l2hash != null) + { + this.l2hash = (L2Hash32) that.l2hash.clone(); + } + if (that.l3hash != null) + { + this.l3hash = (L3Hash32) that.l3hash.clone(); + } + } + + // Class methods + // ---------------------------------------------------------------------- + + // Instance methods + // ---------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ------------------------- + + public Object clone() + { + return new L1Hash32(this); + } + + // other instance methods ----------------------------------------------- + + public void init(byte[] k1, byte[] k2, byte[] k31, byte[] k32) + { + for (int i = 0, j = 0; i < (UMac32.L1_KEY_LEN / 4); i++) + { + key[i] = k1[j++] << 24 | (k1[j++] & 0xFF) << 16 + | (k1[j++] & 0xFF) << 8 | (k1[j++] & 0xFF); + } + + l2hash = new L2Hash32(k2); + l3hash = new L3Hash32(k31, k32); + } + + public void update(byte b) + { + // Break M into L1_KEY_LEN byte chunks (final chunk may be shorter) + + // Let M_1, M_2, ..., M_t be strings so that M = M_1 || M_2 || .. || + // M_t, and length(M_i) = L1_KEY_LEN for all 0 < i < t. + + // For each chunk, except the last: endian-adjust, NH hash + // and add bit-length. Use results to build Y. + buffer[count] = b; + count++; + totalCount++; + if (count >= UMac32.L1_KEY_LEN) + { + byte[] y = nh32(UMac32.L1_KEY_LEN); + Y.write(y, 0, 8); + + count = 0; + + // For each iteration, extract key and three-layer hash. + // If length(M) <= L1_KEY_LEN, then skip L2-HASH. + if (Y.size() == 16) + { // we already hashed twice L1_KEY_LEN + byte[] A = Y.toByteArray(); + Y.reset(); + l2hash.update(A, 0, 16); + } + } + } + + public byte[] digest() + { + // For the last chunk: pad to 32-byte boundary, endian-adjust, + // NH hash and add bit-length. Concatenate the result to Y. + if (count != 0) + { + if (count % 32 != 0) + { + int limit = 32 * ((count + 31) / 32); + System.arraycopy(ALL_ZEROES, 0, buffer, count, limit - count); + count += limit - count; + } + byte[] y = nh32(count); + Y.write(y, 0, 8); + } + + byte[] A = Y.toByteArray(); + Y.reset(); + byte[] B; + if (totalCount <= UMac32.L1_KEY_LEN) + { + // we might have 'update'd the bytes already. check + if (A.length == 0) + { // we did + B = l2hash.digest(); + } + else + { // did not + B = new byte[16]; + System.arraycopy(A, 0, B, 8, 8); + } + } + else + { + if (A.length != 0) + { + l2hash.update(A, 0, A.length); + } + B = l2hash.digest(); + } + + byte[] result = l3hash.digest(B); + reset(); + return result; + } + + public void reset() + { + count = 0; + Y.reset(); + totalCount = 0L; + if (l2hash != null) + { + l2hash.reset(); + } + } + + // helper methods ------------------------------------------------------- + + /** + * 5.1 NH-32: NH hashing with a 32-bit word size. + * + * @param len count of bytes, divisible by 32, in buffer to process + * @return Y, string of length 8 bytes. + */ + private byte[] nh32(int len) + { + // Break M and K into 4-byte chunks + int t = len / 4; + + // Let M_1, M_2, ..., M_t be 4-byte strings + // so that M = M_1 || M_2 || .. || M_t. + // Let K_1, K_2, ..., K_t be 4-byte strings + // so that K_1 || K_2 || .. || K_t is a prefix of K. + int[] m = new int[t]; + + int i; + int j = 0; + for (i = 0, j = 0; i < t; i++) + { + m[i] = buffer[j++] << 24 | (buffer[j++] & 0xFF) << 16 + | (buffer[j++] & 0xFF) << 8 | (buffer[j++] & 0xFF); + } + + // Perform NH hash on the chunks, pairing words for multiplication + // which are 4 apart to accommodate vector-parallelism. + long result = len * 8L; + for (i = 0; i < t; i += 8) + { + result += ((m[i + 0] + key[i + 0]) & 0xFFFFFFFFL) + * ((m[i + 4] + key[i + 4]) & 0xFFFFFFFFL); + result += ((m[i + 1] + key[i + 1]) & 0xFFFFFFFFL) + * ((m[i + 5] + key[i + 5]) & 0xFFFFFFFFL); + result += ((m[i + 2] + key[i + 2]) & 0xFFFFFFFFL) + * ((m[i + 6] + key[i + 6]) & 0xFFFFFFFFL); + result += ((m[i + 3] + key[i + 3]) & 0xFFFFFFFFL) + * ((m[i + 7] + key[i + 7]) & 0xFFFFFFFFL); + } + + return new byte[] { (byte) (result >>> 56), (byte) (result >>> 48), + (byte) (result >>> 40), (byte) (result >>> 32), + (byte) (result >>> 24), (byte) (result >>> 16), + (byte) (result >>> 8), (byte) result }; + } + } + + // ========================================================================= + + /** + *

Second hash stage of the UHash32 algorithm.

+ * + * 5.4 L2-HASH-32: Second-layer hash.

+ *

    + *
  • Input:
    + * K string of length 24 bytes.
    + * M string of length less than 2^64 bytes.
    • + *
  • Returns:
    + * Y, string of length 16 bytes.
    • + *
+ */ + class L2Hash32 implements Cloneable + { + + // Constants and variables + // ---------------------------------------------------------------------- + + private BigInteger k64, k128; + + private BigInteger y; + + private boolean highBound; + + private long bytesSoFar; + + private ByteArrayOutputStream buffer; + + // Constructor(s) + // ---------------------------------------------------------------------- + + L2Hash32(byte[] K) + { + super(); + + if (K.length != 24) + { + throw new ExceptionInInitializerError("K length is not 24"); + } + + // Extract keys and restrict to special key-sets + // Mask64 = uint2str(0x01FFFFFF01FFFFFF, 8); + // Mask128 = uint2str(0x01FFFFFF01FFFFFF01FFFFFF01FFFFFF, 16); + // k64 = str2uint(K[1..8] and Mask64); + // k128 = str2uint(K[9..24] and Mask128); + int i = 0; + k64 = new BigInteger(1, new byte[] { (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF) }); + k128 = new BigInteger(1, new byte[] { (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0x01), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF), + (byte) (K[i++] & 0xFF) }); + + y = BigInteger.ONE; + highBound = false; + bytesSoFar = 0L; + } + + private L2Hash32(L2Hash32 that) + { + super(); + + this.k64 = that.k64; + this.k128 = that.k128; + this.y = that.y; + this.highBound = that.highBound; + this.bytesSoFar = that.bytesSoFar; + if (that.buffer != null) + { + byte[] thatbuffer = that.buffer.toByteArray(); + this.buffer = new ByteArrayOutputStream(); + this.buffer.write(thatbuffer, 0, thatbuffer.length); + } + } + + // Class methods + // ---------------------------------------------------------------------- + + // Instance methods + // ---------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ------------------------- + + public Object clone() + { + return new L2Hash32(this); + } + + // other instance methods ----------------------------------------------- + + // this is called with either 8-bytes or 16-bytes + void update(byte[] b, int offset, int len) + { + if (len == 0) + { + return; + } + + if (!highBound) + { // do the first (only?) 8-bytes + poly(64, LOWER_RANGE, k64, b, offset, 8); + bytesSoFar += 8L; + highBound = (bytesSoFar > BOUNDARY); + if (highBound) + { // if we just crossed the limit then process y + poly(128, UPPER_RANGE, k128, yTo16bytes(), 0, 16); + buffer = new ByteArrayOutputStream(); + } + // do the rest if any + update(b, offset + 8, len - 8); + } + else + { // we're already beyond the 2**17 bytes size limit + // process in chuncks of 16 + buffer.write(b, offset, len); + if (buffer.size() > 16) + { + byte[] bb = buffer.toByteArray(); + poly(128, UPPER_RANGE, k128, bb, 0, 16); + if (bb.length > 16) + { + buffer.write(bb, 16, bb.length - 16); + } + } + } + } + + byte[] digest() + { + // If M no more than 2^17 bytes, hash under 64-bit prime, + // otherwise, hash first 2^17 bytes under 64-bit prime and + // remainder under 128-bit prime. + if (!highBound) + { // y is up-to-date + // do nothing + } + else + { // we may have some bytes in buffer + byte[] bb = buffer.toByteArray(); + byte[] lastBlock = new byte[16]; + System.arraycopy(bb, 0, lastBlock, 0, bb.length); + lastBlock[bb.length] = (byte) 0x80; + poly(128, UPPER_RANGE, k128, lastBlock, 0, 16); + } + + byte[] result = yTo16bytes(); + reset(); + return result; + } + + void reset() + { + y = BigInteger.ONE; + highBound = false; + bytesSoFar = 0L; + if (buffer != null) + { + buffer.reset(); + } + } + + // helper methods ------------------------------------------------------- + + private byte[] yTo16bytes() + { + byte[] yy = y.toByteArray(); + byte[] result = new byte[16]; + if (yy.length > 16) + { + System.arraycopy(yy, yy.length - 16, result, 0, 16); + } + else + { + System.arraycopy(yy, 0, result, 16 - yy.length, yy.length); + } + + return result; + } + + /** + * 5.3 POLY: Polynomial hash + * Function Name: POLY + * + * @param wordbits positive integer divisible by 8: called with 64 or 128. + * @param maxwordrange positive integer less than 2**wordbits. + * @param k integer in the range 0 .. prime(wordbits) - 1. + * @param M string with length divisible by (wordbits / 8) bytes. + * return y, integer in the range 0 .. prime(wordbits) - 1. + */ + private void poly(int wordbits, BigInteger maxwordrange, BigInteger k, + byte[] M, int off, int len) + { + byte[] mag = new byte[len]; + System.arraycopy(M, off, mag, 0, len); + // Define constants used for fixing out-of-range words + // int wordbytes = wordbits / 8; + + BigInteger p = prime(wordbits); + BigInteger offset = TWO.pow(wordbits).subtract(p); // 2^wordbits - p; + BigInteger marker = p.subtract(BigInteger.ONE); + + // Break M into chunks of length wordbytes bytes + // long n = M.length / wordbytes; + // Let M_1, M_2, ..., M_n be strings of length wordbytes bytes + // so that M = M_1 || M_2 || .. || M_n + + // For each input word, compare it with maxwordrange. If larger + // then hash the words 'marker' and (m - offset), both in range. + // for (int i = 0; i < n; i++) { + BigInteger m = new BigInteger(1, mag); + if (m.compareTo(maxwordrange) >= 0) + { // m >= maxwordrange + y = y.multiply(k).add(marker).mod(p); // (k * y + marker) % p; + y = y.multiply(k).add(m.subtract(offset)).mod(p); // (k * y + (m - offset)) % p; + } + else + { + y = y.multiply(k).add(m).mod(p); // (k * y + m) % p; + } + // } + + // return y; + } + } + + // ========================================================================= + + /** + * Third hash stage of the UHash32 algorithm. + * + * Input: + * K1 string of length 64 bytes. + * K2 string of length 4 bytes. + * M string of length 16 bytes. + * Returns: + * Y, string of length 4 bytes. + */ + class L3Hash32 implements Cloneable + { + + // Constants and variables + // ---------------------------------------------------------------------- + + private static final long PRIME_36 = 0x0000000FFFFFFFFBL; + + private int[] k = new int[9]; + + // Constructor(s) + // ---------------------------------------------------------------------- + + /** + * + * @param K1 string of length 64 bytes. + * @param K2 string of length 4 bytes. + */ + L3Hash32(byte[] K1, byte[] K2) + { + super(); + + // pre-conditions + if (K1.length != 64) + { + throw new ExceptionInInitializerError("K1 length is not 64"); + } + if (K2.length != 4) + { + throw new ExceptionInInitializerError("K2 length is not 4"); + } + + // Break K1 into 8 chunks and convert to integers + // int i = 0; + // for (int j = 0; i < 8; ) { + for (int i = 0, j = 0; i < 8; i++) + { + long kk = (K1[j++] & 0xFFL) << 56 | (K1[j++] & 0xFFL) << 48 + | (K1[j++] & 0xFFL) << 40 | (K1[j++] & 0xFFL) << 32 + | (K1[j++] & 0xFFL) << 24 | (K1[j++] & 0xFFL) << 16 + | (K1[j++] & 0xFFL) << 8 | (K1[j++] & 0xFFL); + // k[i++] = (int)(kk % PRIME_36); + k[i] = (int) (kk % PRIME_36); + } + // k[i] = K2[0] << 24 | (K2[1] & 0xFF) << 16 | (K2[2] & 0xFF) << 8 | (K2[3] & 0xFF); + k[8] = K2[0] << 24 | (K2[1] & 0xFF) << 16 | (K2[2] & 0xFF) << 8 + | (K2[3] & 0xFF); + } + + private L3Hash32(int[] k) + { + super(); + + this.k = k; + } + + // Class methods + // ---------------------------------------------------------------------- + + // Instance methods + // ---------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ------------------------- + + public Object clone() + { + return new L3Hash32((int[]) k.clone()); + } + + // other instance methods ----------------------------------------------- + + /** + * @param M string of length 16 bytes. + * @return Y, string of length 4 bytes. + */ + byte[] digest(byte[] M) + { + if (M.length != 16) + { + throw new IllegalArgumentException("M length is not 16"); + } + + long m, y = 0L; + for (int i = 0, j = 0; i < 8; i++) + { + // Break M into 8 chunks and convert to integers + m = (M[j++] & 0xFFL) << 8 | (M[j++] & 0xFFL); + + // Inner-product hash, extract last 32 bits and affine-translate + // y = (m_1 * k_1 + ... + m_8 * k_8) mod prime(36); + // y = y mod 2^32; + y += (m * (k[i] & 0xFFFFFFFFL)) % PRIME_36; + } + int Y = ((int) y) ^ k[8]; + return new byte[] { (byte) (Y >>> 24), (byte) (Y >>> 16), + (byte) (Y >>> 8), (byte) Y }; + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mac/UMac32.java b/libjava/classpath/gnu/javax/crypto/mac/UMac32.java new file mode 100644 index 0000000..d20d4f4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mac/UMac32.java @@ -0,0 +1,491 @@ +/* UMac32.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mac; + +import gnu.java.security.Registry; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.Util; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.prng.UMacGenerator; + +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +/** + *

The implementation of the UMAC (Universal Message Authentication + * Code).

+ * + *

The UMAC algorithms described are parameterized. This means + * that various low-level choices, like the endian convention and the underlying + * cryptographic primitive, have not been fixed. One must choose values for + * these parameters before the authentication tag generated by UMAC (for + * a given message, key, and nonce) becomes fully-defined. In this document + * we provide two collections of parameter settings, and have named the sets + * UMAC16 and UMAC32. The parameter sets have been chosen based on + * experimentation and provide good performance on a wide variety of processors. + * UMAC16 is designed to excel on processors which provide small-scale + * SIMD parallelism of the type found in Intel's MMX and Motorola's AltiVec + * instruction sets, while UMAC32 is designed to do well on processors + * with good 32- and 64- bit support. UMAC32 may take advantage of SIMD + * parallelism in future processors.

+ * + *

UMAC has been designed to allow implementations which accommodate + * on-line authentication. This means that pieces of the message may + * be presented to UMAC at different times (but in correct order) and an + * on-line implementation will be able to process the message correctly without + * the need to buffer more than a few dozen bytes of the message. For + * simplicity, the algorithms in this specification are presented as if the + * entire message being authenticated were available at once.

+ * + *

To authenticate a message, Msg, one first applies the + * universal hash function, resulting in a string which is typically much + * shorter than the original message. The pseudorandom function is applied to a + * nonce, and the result is used in the manner of a Vernam cipher: the + * authentication tag is the xor of the output from the hash function and the + * output from the pseudorandom function. Thus, an authentication tag is + * generated as

+ * + * 
+ *    AuthTag = f(Nonce) xor h(Msg)
+ *
+ * + *

Here f is the pseudorandom function shared between the sender + * and the receiver, and h is a universal hash function shared by the sender and + * the receiver. In UMAC, a shared key is used to key the pseudorandom + * function f, and then f is used for both tag + * generation and internally to generate all of the bits needed by the universal + * hash function.

+ * + *

The universal hash function that we use is called UHASH. It + * combines several software-optimized algorithms into a multi-layered + * structure. The algorithm is moderately complex. Some of this complexity comes + * from extensive speed optimizations.

+ * + *

For the pseudorandom function we use the block cipher of the Advanced + * Encryption Standard (AES).

+ * + *

The UMAC32 parameters, considered in this implementation are:

+ * 
+ *                                   UMAC32
+ *                                   ------
+ *        WORD-LEN                        4
+ *        UMAC-OUTPUT-LEN                 8
+ *        L1-KEY-LEN                   1024
+ *        UMAC-KEY-LEN                   16
+ *        ENDIAN-FAVORITE               BIG *
+ *        L1-OPERATIONS-SIGN       UNSIGNED
+ *
+ * + *

Please note that this UMAC32 differs from the one described in the paper + * by the ENDIAN-FAVORITE value.

+ * + *

References:

+ * + *
    + *
  1. + * UMAC: Message Authentication Code using Universal Hashing.
    + * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.
    2. + *
+ */ +public class UMac32 extends BaseMac +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * Property name of the user-supplied Nonce. The value associated to + * this property name is taken to be a byte array. + */ + public static final String NONCE_MATERIAL = "gnu.crypto.umac.nonce.material"; + + /** Known test vector. */ + // private static final String TV1 = "3E5A0E09198B0F94"; + // private static final String TV1 = "5FD764A6D3A9FD9D"; + // private static final String TV1 = "48658DE1D9A70304"; + private static final String TV1 = "455ED214A6909F20"; + + private static final BigInteger MAX_NONCE_ITERATIONS = BigInteger.ONE.shiftLeft(16 * 8); + + // UMAC32 parameters + static final int OUTPUT_LEN = 8; + + static final int L1_KEY_LEN = 1024; + + static final int KEY_LEN = 16; + + /** caches the result of the correctness test, once executed. */ + private static Boolean valid; + + private byte[] nonce; + + private UHash32 uhash32; + + private BigInteger nonceReuseCount; + + /** The authentication key for this instance. */ + private transient byte[] K; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public UMac32() + { + super("umac32"); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private UMac32(UMac32 that) + { + this(); + + if (that.K != null) + { + this.K = (byte[]) that.K.clone(); + } + if (that.nonce != null) + { + this.nonce = (byte[]) that.nonce.clone(); + } + if (that.uhash32 != null) + { + this.uhash32 = (UHash32) that.uhash32.clone(); + } + this.nonceReuseCount = that.nonceReuseCount; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new UMac32(this); + } + + // gnu.crypto.mac.IMac interface implementation ---------------------------- + + public int macSize() + { + return OUTPUT_LEN; + } + + /** + *

Initialising a UMAC instance consists of defining values for + * the following parameters:

+ * + *
    + *
  1. Key Material: as the value of the attribute entry keyed by + * {@link #MAC_KEY_MATERIAL}. The value is taken to be a byte array + * containing the user-specified key material. The length of this array, + * if/when defined SHOULD be exactly equal to {@link #KEY_LEN}.
    2. + * + *
  2. Nonce Material: as the value of the attribute entry keyed by + * {@link #NONCE_MATERIAL}. The value is taken to be a byte array + * containing the user-specified nonce material. The length of this array, + * if/when defined SHOULD be (a) greater than zero, and (b) less or equal + * to 16 (the size of the AES block).
    3. + *
+ * + *

For convenience, this implementation accepts that not both parameters + * be always specified.

+ * + *
    + *
  • If the Key Material is specified, but the Nonce Material + * is not, then this implementation, re-uses the previously set Nonce + * Material after (a) converting the bytes to an unsigned integer, + * (b) incrementing the number by one, and (c) converting it back to 16 + * bytes.
    • + * + *
  • If the Nonce Material is specified, but the Key Material + * is not, then this implementation re-uses the previously set Key + * Material.
    • + *
+ * + *

This method throws an exception if no Key Material is specified + * in the input map, and there is no previously set/defined Key Material + * (from an earlier invocation of this method). If a Key Material can + * be used, but no Nonce Material is defined or previously set/defined, + * then a default value of all-zeroes shall be used.

+ * + * @param attributes one or both of required parameters. + * @throws InvalidKeyException the key material specified is not of the + * correct length. + */ + public void init(Map attributes) throws InvalidKeyException, + IllegalStateException + { + byte[] key = (byte[]) attributes.get(MAC_KEY_MATERIAL); + byte[] n = (byte[]) attributes.get(NONCE_MATERIAL); + + boolean newKey = (key != null); + boolean newNonce = (n != null); + + if (newKey) + { + if (key.length != KEY_LEN) + { + throw new InvalidKeyException("Key length: " + + String.valueOf(key.length)); + } + K = key; + } + else + { + if (K == null) + { + throw new InvalidKeyException("Null Key"); + } + } + + if (newNonce) + { + if (n.length < 1 || n.length > 16) + { + throw new IllegalArgumentException("Invalid Nonce length: " + + String.valueOf(n.length)); + } + + if (n.length < 16) + { // pad with zeroes + byte[] newN = new byte[16]; + System.arraycopy(n, 0, newN, 0, n.length); + nonce = newN; + } + else + { + nonce = n; + } + + nonceReuseCount = BigInteger.ZERO; + } + else if (nonce == null) + { // use all-0 nonce if 1st time + nonce = new byte[16]; + nonceReuseCount = BigInteger.ZERO; + } + else if (!newKey) + { // increment nonce if still below max count + nonceReuseCount = nonceReuseCount.add(BigInteger.ONE); + if (nonceReuseCount.compareTo(MAX_NONCE_ITERATIONS) >= 0) + { + // limit reached. we SHOULD have a key + throw new InvalidKeyException("Null Key and unusable old Nonce"); + } + BigInteger N = new BigInteger(1, nonce); + N = N.add(BigInteger.ONE).mod(MAX_NONCE_ITERATIONS); + n = N.toByteArray(); + if (n.length == 16) + { + nonce = n; + } + else if (n.length < 16) + { + nonce = new byte[16]; + System.arraycopy(n, 0, nonce, 16 - n.length, n.length); + } + else + { + nonce = new byte[16]; + System.arraycopy(n, n.length - 16, nonce, 0, 16); + } + } + else + { // do nothing, re-use old nonce value + nonceReuseCount = BigInteger.ZERO; + } + + if (uhash32 == null) + { + uhash32 = new UHash32(); + } + + Map map = new HashMap(); + map.put(MAC_KEY_MATERIAL, K); + uhash32.init(map); + } + + public void update(byte b) + { + uhash32.update(b); + } + + public void update(byte[] b, int offset, int len) + { + uhash32.update(b, offset, len); + } + + public byte[] digest() + { + byte[] result = uhash32.digest(); + byte[] pad = pdf(); // pdf(K, nonce); + for (int i = 0; i < OUTPUT_LEN; i++) + { + result[i] = (byte) (result[i] ^ pad[i]); + } + + return result; + } + + public void reset() + { + if (uhash32 != null) + { + uhash32.reset(); + } + } + + public boolean selfTest() + { + if (valid == null) + { + byte[] key; + try + { + key = "abcdefghijklmnop".getBytes("ASCII"); + } + catch (UnsupportedEncodingException x) + { + throw new RuntimeException("ASCII not supported"); + } + byte[] nonce = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7 }; + UMac32 mac = new UMac32(); + Map attributes = new HashMap(); + attributes.put(MAC_KEY_MATERIAL, key); + attributes.put(NONCE_MATERIAL, nonce); + try + { + mac.init(attributes); + } + catch (InvalidKeyException x) + { + x.printStackTrace(System.err); + return false; + } + + byte[] data = new byte[128]; + data[0] = (byte) 0x80; + + mac.update(data, 0, 128); + byte[] result = mac.digest(); + // System.out.println("UMAC test vector: "+Util.toString(result)); + valid = new Boolean(TV1.equals(Util.toString(result))); + } + return valid.booleanValue(); + } + + // helper methods ---------------------------------------------------------- + + /** + * + * @return byte array of length 8 (or OUTPUT_LEN) bytes. + */ + private byte[] pdf() + { + // Make Nonce 16 bytes by prepending zeroes. done (see init()) + + // one AES invocation is enough for more than one PDF invocation + // number of index bits needed = 1 + + // Extract index bits and zero low bits of Nonce + BigInteger Nonce = new BigInteger(1, nonce); + int nlowbitsnum = Nonce.testBit(0) ? 1 : 0; + Nonce = Nonce.clearBit(0); + + // Generate subkey, AES and extract indexed substring + IRandom kdf = new UMacGenerator(); + Map map = new HashMap(); + map.put(IBlockCipher.KEY_MATERIAL, K); + // map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(128/8)); + map.put(UMacGenerator.INDEX, new Integer(128)); + // map.put(UMacGenerator.CIPHER, Registry.AES_CIPHER); + kdf.init(map); + byte[] Kp = new byte[KEY_LEN]; + try + { + kdf.nextBytes(Kp, 0, KEY_LEN); + } + catch (IllegalStateException x) + { + x.printStackTrace(System.err); + throw new RuntimeException(String.valueOf(x)); + } + catch (LimitReachedException x) + { + x.printStackTrace(System.err); + throw new RuntimeException(String.valueOf(x)); + } + IBlockCipher aes = CipherFactory.getInstance(Registry.AES_CIPHER); + map.put(IBlockCipher.KEY_MATERIAL, Kp); + try + { + aes.init(map); + } + catch (InvalidKeyException x) + { + x.printStackTrace(System.err); + throw new RuntimeException(String.valueOf(x)); + } + catch (IllegalStateException x) + { + x.printStackTrace(System.err); + throw new RuntimeException(String.valueOf(x)); + } + byte[] T = new byte[16]; + aes.encryptBlock(nonce, 0, T, 0); + byte[] result = new byte[OUTPUT_LEN]; + System.arraycopy(T, nlowbitsnum, result, 0, OUTPUT_LEN); + + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java new file mode 100644 index 0000000..0a9ab2d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java @@ -0,0 +1,352 @@ +/* BaseMode.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.security.InvalidKeyException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +/** + *

A basic abstract class to facilitate implementing block cipher modes of + * operations.

+ */ +public abstract class BaseMode implements IMode +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name prefix of this mode. */ + protected String name; + + /** The state indicator of this instance. */ + protected int state; + + /** The underlying block cipher implementation. */ + protected IBlockCipher cipher; + + /** The block size, in bytes, to operate the underlying block cipher in. */ + protected int cipherBlockSize; + + /** The block size, in bytes, in which to operate the mode instance. */ + protected int modeBlockSize; + + /** The initialisation vector value. */ + protected byte[] iv; + + /** The instance lock. */ + protected Object lock = new Object(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial constructor for use by concrete subclasses.

+ * + * @param name the canonical name prefix of this mode. + * @param underlyingCipher the implementation of the underlying cipher. + * @param cipherBlockSize the block size, in bytes, in which to operate the + * underlying cipher. + */ + protected BaseMode(String name, IBlockCipher underlyingCipher, + int cipherBlockSize) + { + super(); + + this.name = name; + this.cipher = underlyingCipher; + this.cipherBlockSize = cipherBlockSize; + state = -1; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IMode interface implementation ------------------------------------------ + + public void update(byte[] in, int inOffset, byte[] out, int outOffset) + throws IllegalStateException + { + synchronized (lock) + { + switch (state) + { + case ENCRYPTION: + encryptBlock(in, inOffset, out, outOffset); + break; + case DECRYPTION: + decryptBlock(in, inOffset, out, outOffset); + break; + default: + throw new IllegalStateException(); + } + } + } + + // IBlockCipher interface implementation ----------------------------------- + + public String name() + { + return new StringBuffer().append(name).append('(').append(cipher.name()).append( + ')').toString(); + } + + /** + *

Returns the default value, in bytes, of the mode's block size. This + * value is part of the construction arguments passed to the Factory methods + * in {@link ModeFactory}. Unless changed by an invocation of any of the + * init() methods, a Mode instance would operate with + * the same block size as its underlying block cipher. As mentioned earlier, + * the block size of the underlying block cipher itself is specified in one + * of the method(s) available in the factory class.

+ * + * @return the default value, in bytes, of the mode's block size. + * @see gnu.crypto.mode.ModeFactory + */ + public int defaultBlockSize() + { + return cipherBlockSize; + } + + /** + *

Returns the default value, in bytes, of the underlying block cipher + * key size.

+ * + * @return the default value, in bytes, of the underlying cipher's key size. + */ + public int defaultKeySize() + { + return cipher.defaultKeySize(); + } + + /** + *

Returns an {@link Iterator} over the supported block sizes. Each + * element returned by this object is an {@link Integer}.

+ * + *

The default behaviour is to return an iterator with just one value, + * which is that currently configured for the underlying block cipher. + * Concrete implementations may override this behaviour to signal their + * ability to support other values.

+ * + * @return an {@link Iterator} over the supported block sizes. + */ + public Iterator blockSizes() + { + ArrayList al = new ArrayList(); + al.add(new Integer(cipherBlockSize)); + + return Collections.unmodifiableList(al).iterator(); + } + + /** + *

Returns an {@link Iterator} over the supported underlying block cipher + * key sizes. Each element returned by this object is an instance of + * {@link Integer}.

+ * + * @return an {@link Iterator} over the supported key sizes. + */ + public Iterator keySizes() + { + return cipher.keySizes(); + } + + public void init(Map attributes) throws InvalidKeyException, + IllegalStateException + { + synchronized (lock) + { + if (state != -1) + { + throw new IllegalStateException(); + } + + Integer want = (Integer) attributes.get(STATE); + if (want != null) + { + switch (want.intValue()) + { + case ENCRYPTION: + state = ENCRYPTION; + break; + case DECRYPTION: + state = DECRYPTION; + break; + default: + throw new IllegalArgumentException(); + } + } + + Integer bs = (Integer) attributes.get(MODE_BLOCK_SIZE); + modeBlockSize = (bs == null ? cipherBlockSize : bs.intValue()); + + byte[] iv = (byte[]) attributes.get(IV); + if (iv != null) + { + this.iv = (byte[]) iv.clone(); + } + else + { + this.iv = new byte[modeBlockSize]; + } + + cipher.init(attributes); + setup(); + } + } + + public int currentBlockSize() + { + if (state == -1) + { + throw new IllegalStateException(); + } + return modeBlockSize; + } + + public void reset() + { + synchronized (lock) + { + state = -1; + iv = null; + cipher.reset(); + + teardown(); + } + } + + public boolean selfTest() + { + int ks; + Iterator bit; + for (Iterator kit = keySizes(); kit.hasNext();) + { + ks = ((Integer) kit.next()).intValue(); + for (bit = blockSizes(); bit.hasNext();) + { + if (!testSymmetry(ks, ((Integer) bit.next()).intValue())) + { + return false; + } + } + } + + return true; + } + + // methods to be implemented by concrete subclasses ------------------------ + + public abstract Object clone(); + + /** The initialisation phase of the concrete mode implementation. */ + public abstract void setup(); + + /** The termination phase of the concrete mode implementation. */ + public abstract void teardown(); + + public abstract void encryptBlock(byte[] in, int i, byte[] out, int o); + + public abstract void decryptBlock(byte[] in, int i, byte[] out, int o); + + // own methods ------------------------------------------------------------- + + private boolean testSymmetry(int ks, int bs) + { + try + { + IMode mode = (IMode) this.clone(); + byte[] iv = new byte[cipherBlockSize]; // all zeroes + byte[] k = new byte[ks]; + int i; + for (i = 0; i < ks; i++) + { + k[i] = (byte) i; + } + + int blockCount = 5; + int limit = blockCount * bs; + byte[] pt = new byte[limit]; + for (i = 0; i < limit; i++) + { + pt[i] = (byte) i; + } + byte[] ct = new byte[limit]; + byte[] cpt = new byte[limit]; + + Map map = new HashMap(); + map.put(KEY_MATERIAL, k); + map.put(CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize)); + map.put(STATE, new Integer(ENCRYPTION)); + map.put(IV, iv); + map.put(MODE_BLOCK_SIZE, new Integer(bs)); + + mode.reset(); + mode.init(map); + for (i = 0; i < blockCount; i++) + { + mode.update(pt, i * bs, ct, i * bs); + } + + mode.reset(); + map.put(STATE, new Integer(DECRYPTION)); + mode.init(map); + for (i = 0; i < blockCount; i++) + { + mode.update(ct, i * bs, cpt, i * bs); + } + + return Arrays.equals(pt, cpt); + + } + catch (Exception x) + { + x.printStackTrace(System.err); + return false; + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/CBC.java b/libjava/classpath/gnu/javax/crypto/mode/CBC.java new file mode 100644 index 0000000..10578a6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/CBC.java @@ -0,0 +1,143 @@ +/* CBC.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + * The Cipher Block Chaining mode. This mode introduces feedback into + * the cipher by XORing the previous ciphertext block with the plaintext + * block before encipherment. That is, encrypting looks like this:

+ * + *

Ci = EK(Pi ^ + * Ci-1

+ * + *

Similarly, decrypting is:

+ * + *

Pi = Ci-1 ^ + * DK(Ci)

+ */ +public class CBC extends BaseMode implements Cloneable +{ + + // Constants and Variables + //------------------------------------------------------------------ + + /** The last (de|en)crypted block */ + private byte[] lastBlock; + + /** An intermediate buffer. */ + private byte[] scratch; + + // Constructors + // ----------------------------------------------------------------- + + /** + * Package-private constructor for the factory class. + * + * @param underlyingCipher The cipher implementation. + * @param cipherBlockSize The cipher's block size. + */ + CBC(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.CBC_MODE, underlyingCipher, cipherBlockSize); + } + + /** Our constructor for cloning. */ + private CBC(CBC that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Cloneable interface implementation + // ----------------------------------------------------------------- + + public Object clone() + { + return new CBC(this); + } + + // Implementation of abstract methods in BaseMode + // ----------------------------------------------------------------- + + public void setup() + { + if (modeBlockSize != cipherBlockSize) + { + throw new IllegalArgumentException(); + } + scratch = new byte[cipherBlockSize]; + lastBlock = new byte[cipherBlockSize]; + + // lastBlock gets initialized to the initialization vector. + for (int i = 0; i < lastBlock.length && i < iv.length; i++) + { + lastBlock[i] = iv[i]; + } + } + + public void teardown() + { + lastBlock = null; + scratch = null; + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + for (int k = 0; k < scratch.length; k++) + { + scratch[k] = (byte) (lastBlock[k] ^ in[k + i]); + } + cipher.encryptBlock(scratch, 0, out, o); + System.arraycopy(out, o, lastBlock, 0, cipherBlockSize); + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + byte[] buf = new byte[cipherBlockSize]; + System.arraycopy(in, i, buf, 0, cipherBlockSize); + cipher.decryptBlock(in, i, scratch, 0); + for (int k = 0; k < scratch.length; k++) + { + out[o + k] = (byte) (lastBlock[k] ^ scratch[k]); + } + System.arraycopy(buf, 0, lastBlock, 0, cipherBlockSize); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/CFB.java b/libjava/classpath/gnu/javax/crypto/mode/CFB.java new file mode 100644 index 0000000..fef2b63 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/CFB.java @@ -0,0 +1,175 @@ +/* CFB.java -- + Copyright (C) 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + * The cipher feedback mode. CFB mode is a stream mode that operates on + * s bit blocks, where 1 <= s <= b, if + * b is the underlying cipher's block size. Encryption is: + * + 
+ I[1] = IV
+ I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
+ O[j] = CIPH(K, I[j])               for j = 1,2...n
+ C[j] = P[j] ^ MSB(s, O[j])         for j = 1,2...n
+
+ * + *

And decryption is:

+ * + 
+ I[1] = IV
+ I[j] = LSB(b-s, I[j-1]) | C[j-1]   for j = 2...n
+ O[j] = CIPH(K, I[j])               for j = 1,2...n
+ P[j] = C[j] ^ MSB(s, O[j])         for j = 1,2...n
+
+ * + *

CFB mode requires an initialization vector, which need not be kept + * secret.

+ * + *

References:

+ *
    + *
  1. Bruce Schneier, Applied Cryptography: Protocols, Algorithms, + * and Source Code in C, Second Edition. (1996 John Wiley and Sons) + * ISBN 0-471-11709-9.
    2. + * + *
  2. + * Recommendation for Block Cipher Modes of Operation Methods and Techniques, + * Morris Dworkin.
    3. + *
+ */ +public class CFB extends BaseMode +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** The shift register, the input block to the block cipher. */ + private byte[] shiftRegister; + + /** The output block from the block cipher. */ + private byte[] scratch; + + // Constructors. + // ----------------------------------------------------------------------- + + /** + * Package-private constructor for the factory class. + * + * @param underlyingCipher The cipher implementation. + * @param cipherBlockSize The cipher's block size. + */ + CFB(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.CFB_MODE, underlyingCipher, cipherBlockSize); + } + + /** + * Cloneing constructor. + * + * @param that The instance being cloned. + */ + private CFB(CFB that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Instance methods implementing BaseMode. + // ----------------------------------------------------------------------- + + public Object clone() + { + return new CFB(this); + } + + public void setup() + { + if (modeBlockSize > cipherBlockSize) + { + throw new IllegalArgumentException( + "CFB block size cannot be larger than the cipher block size"); + } + shiftRegister = new byte[cipherBlockSize]; + scratch = new byte[cipherBlockSize]; + System.arraycopy(iv, 0, shiftRegister, 0, Math.min(iv.length, + cipherBlockSize)); + } + + public void teardown() + { + if (shiftRegister != null) + { + for (int i = 0; i < shiftRegister.length; i++) + { + shiftRegister[i] = 0; + } + } + shiftRegister = null; + } + + public void encryptBlock(byte[] in, int inOffset, byte[] out, int outOffset) + { + cipher.encryptBlock(shiftRegister, 0, scratch, 0); + for (int i = 0; i < modeBlockSize; i++) + { + out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]); + } + System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0, + cipherBlockSize - modeBlockSize); + System.arraycopy(out, outOffset, shiftRegister, cipherBlockSize + - modeBlockSize, + modeBlockSize); + } + + public void decryptBlock(byte[] in, int inOffset, byte[] out, int outOffset) + { + cipher.encryptBlock(shiftRegister, 0, scratch, 0); + for (int i = 0; i < modeBlockSize; i++) + { + out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]); + } + System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0, + cipherBlockSize - modeBlockSize); + System.arraycopy(in, inOffset, shiftRegister, cipherBlockSize + - modeBlockSize, + modeBlockSize); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/CTR.java b/libjava/classpath/gnu/javax/crypto/mode/CTR.java new file mode 100644 index 0000000..49f4b9f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/CTR.java @@ -0,0 +1,221 @@ +/* CTR.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.java.security.util.Sequence; + +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.math.BigInteger; +import java.util.Arrays; +import java.util.Iterator; + +/** + *

The implementation of the Counter Mode.

+ * + *

The algorithm steps are formally described as follows:

+ * + * 
+ *    CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
+ *                    C[j] = P[j] ^ O[j]; for j = 1, 2...n.
+ *    CTR Decryption: O[j] = E(K)(T[j]); for j = 1, 2...n;
+ *                    P[j] = C[j] ^ O[j]; for j = 1, 2...n.
+ *
+ * + *

where P is the plaintext, C is the ciphertext, + * E(K) is the underlying block cipher encryption function + * parametrised with the session key K, and T is the + * Counter.

+ * + *

This implementation, uses a standard incrementing function with a step of + * 1, and an initial value similar to that described in the NIST document.

+ * + *

References:

+ * + *
    + *
  1. + * Recommendation for Block Cipher Modes of Operation Methods and Techniques, + * Morris Dworkin.
    2. + *
+ */ +public class CTR extends BaseMode implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The current counter. */ + // private BigInteger T; + private int off; + + private byte[] counter, enc; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial package-private constructor for use by the Factory class.

+ * + * @param underlyingCipher the underlying cipher implementation. + * @param cipherBlockSize the underlying cipher block size to use. + */ + CTR(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.CTR_MODE, underlyingCipher, cipherBlockSize); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private CTR(CTR that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Cloneable interface implementation + // ------------------------------------------------------------------------- + + public Object clone() + { + return new CTR(this); + } + + // Implementation of abstract methods in BaseMode + // ------------------------------------------------------------------------- + + public void setup() + { + if (modeBlockSize > cipherBlockSize) + { + throw new IllegalArgumentException( + "mode size exceeds cipher block size"); + } + off = 0; + counter = new byte[cipherBlockSize]; + int i = cipherBlockSize - 1; + int j = iv.length - 1; + while (i >= 0 && j >= 0) + { + counter[i--] = iv[j--]; + } + enc = new byte[cipherBlockSize]; + cipher.encryptBlock(counter, 0, enc, 0); + // if (modeBlockSize != cipherBlockSize) { + // throw new IllegalArgumentException(); + // } + + // byte[] tBytes = new byte[modeBlockSize+1]; + // tBytes[0] = (byte) 0x80; + // for (int i = 0; i < modeBlockSize; i++) { + // tBytes[i+1] = (byte)(256 - modeBlockSize + i); + // } + + // T = new BigInteger(1, tBytes); + } + + public void teardown() + { + if (counter != null) + { + Arrays.fill(counter, (byte) 0); + } + if (enc != null) + { + Arrays.fill(enc, (byte) 0); + } + // T = null; + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + ctr(in, i, out, o); + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + ctr(in, i, out, o); + } + + public Iterator blockSizes() + { + return new Sequence(1, cipherBlockSize).iterator(); + } + + // own methods + // ------------------------------------------------------------------------- + + private void ctr(byte[] in, int inOffset, byte[] out, int outOffset) + { + // T = T.add(BigInteger.ONE); + // byte[] O = T.toByteArray(); + // int ndx = O.length - modeBlockSize; + // cipher.encryptBlock(O, ndx, O, ndx); + // for (int i = 0; i < modeBlockSize; i++) { + // out[outOffset++] = (byte)(in[inOffset++] ^ O[ndx++]); + // } + for (int i = 0; i < modeBlockSize; i++) + { + out[outOffset++] = (byte) (in[inOffset++] ^ enc[off++]); + if (off == cipherBlockSize) + { + int j; + for (j = cipherBlockSize - 1; j >= 0; j--) + { + counter[j]++; + if ((counter[j] & 0xFF) != 0) + { + break; + } + } + if (j == 0) + { + counter[cipherBlockSize - 1]++; + } + off = 0; + cipher.encryptBlock(counter, 0, enc, 0); + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/EAX.java b/libjava/classpath/gnu/javax/crypto/mode/EAX.java new file mode 100644 index 0000000..bf26098 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/EAX.java @@ -0,0 +1,352 @@ +/* EAX.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; + +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; + +import java.security.InvalidKeyException; + +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +/** + *

A conventional two-pass authenticated-encrypted mode, EAX. EAX is a + * Authenticated Encryption with Additional Data (AEAD) scheme, + * which provides protection and authentication for the message, and provides + * authentication of an (optional) header. EAX is composed of the counter mode + * (CTR) and the one-key CBC MAC (OMAC). + * + *

This class makes full use of the {@link IAuthenticatedMode} interface, + * that is, all methods of both {@link IMode} and {@link IMac} can be used + * as specified in the {@link IAuthenticatedMode} interface. + * + *

References:

+ *
    + *
  1. M. Bellare, P. Rogaway, and D. Wagner; A + * Conventional Authenticated-Encryption Mode.
    2. + *
+ */ +public class EAX implements IAuthenticatedMode +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + /** The tag size, in bytes. */ + private int tagSize; + + /** The nonce OMAC instance. */ + private IMac nonceOmac; + + /** The header OMAC instance. */ + private IMac headerOmac; + + /** The message OMAC instance. */ + private IMac msgOmac; + + /** The CTR instance. */ + private IMode ctr; + + /** The direction state (encrypting or decrypting). */ + private int state; + + /** Whether we're initialized or not. */ + private boolean init; + + /** The cipher block size. */ + private int cipherBlockSize; + + /** The cipher. */ + private IBlockCipher cipher; + + /** The [t]_n array. */ + private byte[] t_n; + + private static boolean valid = false; + + // Constructor. + // ------------------------------------------------------------------------ + + public EAX(IBlockCipher cipher, int cipherBlockSize) + { + this.cipher = cipher; + this.cipherBlockSize = cipherBlockSize; + String name = cipher.name(); + int i = name.indexOf('-'); + if (i >= 0) + { + name = name.substring(0, i); + } + String omacname = Registry.OMAC_PREFIX + name; + nonceOmac = MacFactory.getInstance(omacname); + headerOmac = MacFactory.getInstance(omacname); + msgOmac = MacFactory.getInstance(omacname); + ctr = ModeFactory.getInstance(Registry.CTR_MODE, cipher, cipherBlockSize); + t_n = new byte[cipherBlockSize]; + init = false; + } + + // IMode instance methods. + // ------------------------------------------------------------------------ + + public Object clone() + { + return new EAX((IBlockCipher) cipher.clone(), cipherBlockSize); + } + + public String name() + { + return Registry.EAX_MODE + "(" + cipher.name() + ")"; + } + + public int defaultBlockSize() + { + return ctr.defaultBlockSize(); + } + + public int defaultKeySize() + { + return ctr.defaultKeySize(); + } + + public Iterator blockSizes() + { + return ctr.blockSizes(); + } + + public Iterator keySizes() + { + return ctr.keySizes(); + } + + public void init(Map attrib) throws InvalidKeyException + { + byte[] nonce = (byte[]) attrib.get(IV); + if (nonce == null) + { + throw new IllegalArgumentException("no nonce provided"); + } + byte[] key = (byte[]) attrib.get(KEY_MATERIAL); + if (key == null) + { + throw new IllegalArgumentException("no key provided"); + } + + Arrays.fill(t_n, (byte) 0); + + nonceOmac.reset(); + nonceOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); + nonceOmac.update(t_n, 0, t_n.length); + nonceOmac.update(nonce, 0, nonce.length); + byte[] N = nonceOmac.digest(); + nonceOmac.reset(); + nonceOmac.update(t_n, 0, t_n.length); + nonceOmac.update(nonce, 0, nonce.length); + + t_n[t_n.length - 1] = 1; + headerOmac.reset(); + headerOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); + headerOmac.update(t_n, 0, t_n.length); + + t_n[t_n.length - 1] = 2; + msgOmac.reset(); + msgOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); + msgOmac.update(t_n, 0, t_n.length); + + Integer modeSize = (Integer) attrib.get(MODE_BLOCK_SIZE); + if (modeSize == null) + { + modeSize = new Integer(cipherBlockSize); + } + HashMap ctrAttr = new HashMap(); + ctrAttr.put(KEY_MATERIAL, key); + ctrAttr.put(IV, N); + ctrAttr.put(STATE, new Integer(ENCRYPTION)); + ctrAttr.put(MODE_BLOCK_SIZE, modeSize); + ctr.reset(); + ctr.init(ctrAttr); + + Integer st = (Integer) attrib.get(STATE); + if (st != null) + { + state = st.intValue(); + if (state != ENCRYPTION && state != DECRYPTION) + { + throw new IllegalArgumentException("invalid state"); + } + } + else + { + state = ENCRYPTION; + } + + Integer ts = (Integer) attrib.get(TRUNCATED_SIZE); + if (ts != null) + { + tagSize = ts.intValue(); + } + else + { + tagSize = cipherBlockSize; + } + if (tagSize < 0 || tagSize > cipherBlockSize) + { + throw new IllegalArgumentException("tag size out of range"); + } + init = true; + } + + public int currentBlockSize() + { + return ctr.currentBlockSize(); + } + + public void encryptBlock(byte[] in, int inOff, byte[] out, int outOff) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + if (state != ENCRYPTION) + { + throw new IllegalStateException("not encrypting"); + } + ctr.update(in, inOff, out, outOff); + msgOmac.update(out, outOff, ctr.currentBlockSize()); + } + + public void decryptBlock(byte[] in, int inOff, byte[] out, int outOff) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + if (state != DECRYPTION) + { + throw new IllegalStateException("not decrypting"); + } + msgOmac.update(in, inOff, ctr.currentBlockSize()); + ctr.update(in, inOff, out, outOff); + } + + public void update(byte[] in, int inOff, byte[] out, int outOff) + { + switch (state) + { + case ENCRYPTION: + encryptBlock(in, inOff, out, outOff); + break; + case DECRYPTION: + decryptBlock(in, inOff, out, outOff); + break; + default: + throw new IllegalStateException("impossible state " + state); + } + } + + public void reset() + { + nonceOmac.reset(); + headerOmac.reset(); + msgOmac.reset(); + ctr.reset(); + } + + public boolean selfTest() + { + return true; // XXX + } + + // IMac instance methods. + // ------------------------------------------------------------------------ + + public int macSize() + { + return tagSize; + } + + public byte[] digest() + { + byte[] tag = new byte[tagSize]; + digest(tag, 0); + return tag; + } + + public void digest(byte[] out, int outOffset) + { + if (outOffset < 0 || outOffset + tagSize > out.length) + { + throw new IndexOutOfBoundsException(); + } + byte[] N = nonceOmac.digest(); + byte[] H = headerOmac.digest(); + byte[] M = msgOmac.digest(); + for (int i = 0; i < tagSize; i++) + { + out[outOffset + i] = (byte) (N[i] ^ H[i] ^ M[i]); + } + reset(); + } + + public void update(byte b) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + headerOmac.update(b); + } + + public void update(byte[] buf, int off, int len) + { + if (!init) + { + throw new IllegalStateException("not initialized"); + } + headerOmac.update(buf, off, len); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/ECB.java b/libjava/classpath/gnu/javax/crypto/mode/ECB.java new file mode 100644 index 0000000..3b33a18 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/ECB.java @@ -0,0 +1,137 @@ +/* ECB.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + *

The implementation of the Electronic Codebook mode.

+ * + *

The Electronic Codebook (ECB) mode is a confidentiality mode that is + * defined as follows:

+ * + *
    + *
  • ECB Encryption: Cj = CIPHK(Pj) for j = 1...n
    • + *
  • ECB Decryption: Pj = CIPH-1K(Cj) for j = 1...n
    • + *
+ * + *

In ECB encryption, the forward cipher function is applied directly, and + * independently, to each block of the plaintext. The resulting sequence of + * output blocks is the ciphertext.

+ * + *

In ECB decryption, the inverse cipher function is applied directly, and + * independently, to each block of the ciphertext. The resulting sequence of + * output blocks is the plaintext.

+ * + *

References:

+ * + *
    + *
  1. + * Recommendation for Block Cipher Modes of Operation Methods and Techniques, + * Morris Dworkin.
    2. + *
+ */ +public class ECB extends BaseMode implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial package-private constructor for use by the Factory class.

+ * + * @param underlyingCipher the underlying cipher implementation. + * @param cipherBlockSize the underlying cipher block size to use. + */ + ECB(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.ECB_MODE, underlyingCipher, cipherBlockSize); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the mode to clone. + */ + private ECB(ECB that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new ECB(this); + } + + // Implementation of abstract methods in BaseMode -------------------------- + + public void setup() + { + if (modeBlockSize != cipherBlockSize) + { + throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); + } + } + + public void teardown() + { + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + cipher.encryptBlock(in, i, out, o); + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + cipher.decryptBlock(in, i, out, o); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java new file mode 100644 index 0000000..d89c001 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java @@ -0,0 +1,60 @@ +/* IAuthenticatedMode.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.javax.crypto.mac.IMac; + +/** + * The interface for encryption modes that also produce a message authentication + * tag. + * + *

This interface is merely the conjuction of the {@link IMode} and + * {@link IMac} interfaces. Encryption and decryption is done via the + * {@link IMode#update(byte[],int,byte[],int)} method, tag generation + * is done via the {@link IMac#digest()} method, and header updating + * (if supported by the mode) is done via the {@link + * IMac#update(byte[],int,int)} method. + * + * @version $Revision: 1.1 $ + */ +public interface IAuthenticatedMode extends IMode, IMac +{ + + // Trivial conjunction of IMode and IMac. +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/ICM.java b/libjava/classpath/gnu/javax/crypto/mode/ICM.java new file mode 100644 index 0000000..d37908b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/ICM.java @@ -0,0 +1,228 @@ +/* ICM.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.math.BigInteger; + +/** + *

An implementation of David McGrew Integer Counter Mode (ICM) as an + * {@link IMode}.

+ * + *

ICM is a way to define a pseudorandom keystream generator using a block + * cipher. The keystream can be used for additive encryption, key derivation, + * or any other application requiring pseudorandom data. In the case of this + * class, it is used as additive encryption, XOR-ing the keystream with the + * input text --for both encryption and decryption.

+ * + *

In ICM, the keystream is logically broken into segments. Each segment is + * identified with a segment index, and the segments have equal lengths. This + * segmentation makes ICM especially appropriate for securing packet-based + * protocols. ICM also allows a variety of configurations based, among other + * things, on two parameters: the block index length and the + * segment index length. A constraint on those two values exists: The sum + * of segment index length and block index length must not + * half the block size of the underlying cipher. This requirement protects + * the ICM keystream generator from potentially failing to be pseudorandom.

+ * + *

For simplicity, this implementation, fixes these two values to the + * following:

+ * + *
    + *
  • block index length: is half the underlying cipher block size, and
    • + *
  • segment index length: is zero.
    • + *
+ * + *

For a 128-bit block cipher, the above values imply a maximum keystream + * length of 295,147,905,179,352,825,856 octets, since in ICM, each segment must + * not exceed the value (256 ^ block index length) * block length + * octets.

+ * + *

Finally, for this implementation of the ICM, the IV placeholder will be + * used to pass the value of the Offset in the keystream segment.

+ * + *

References:

+ * + *
    + *
  1. + * Integer Counter Mode, David A. McGrew.
    2. + *
+ */ +public class ICM extends BaseMode implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The integer value 256 as a BigInteger. */ + private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256"); + + /** Maximum number of blocks per segment. */ + private BigInteger maxBlocksPerSegment; + + /** A work constant. */ + private BigInteger counterRange; + + /** The initial counter for a given keystream segment. */ + private BigInteger C0; + + /** The index of the next block for a given keystream segment. */ + private BigInteger blockNdx; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial package-private constructor for use by the Factory class.

+ * + * @param underlyingCipher the underlying cipher implementation. + * @param cipherBlockSize the underlying cipher block size to use. + */ + ICM(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.ICM_MODE, underlyingCipher, cipherBlockSize); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the instance to clone. + */ + private ICM(ICM that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Cloneable interface implementation + // ------------------------------------------------------------------------- + + public Object clone() + { + return new ICM(this); + } + + // Implementation of abstract methods in BaseMode + // ------------------------------------------------------------------------- + + public void setup() + { + if (modeBlockSize != cipherBlockSize) + { + throw new IllegalArgumentException(); + } + + counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize); + maxBlocksPerSegment = TWO_FIFTY_SIX.pow(cipherBlockSize / 2); + BigInteger r = new BigInteger(1, iv); + C0 = maxBlocksPerSegment.add(r).modPow(BigInteger.ONE, counterRange); + blockNdx = BigInteger.ZERO; + } + + public void teardown() + { + counterRange = null; + maxBlocksPerSegment = null; + C0 = null; + blockNdx = null; + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + icm(in, i, out, o); + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + icm(in, i, out, o); + } + + // Instance methods + // ------------------------------------------------------------------------- + + private void icm(byte[] in, int inOffset, byte[] out, int outOffset) + { + if (blockNdx.compareTo(maxBlocksPerSegment) >= 0) + throw new RuntimeException("Maximum blocks for segment reached"); + + // encrypt the counter for the current blockNdx + // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH). + + BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange); + byte[] result = Ci.toByteArray(); + int limit = result.length; + // if (limit < cipherBlockSize) { + // byte[] data = new byte[cipherBlockSize]; + // System.arraycopy(result, 0, data, cipherBlockSize-limit, limit); + // result = data; + // } else if (limit > cipherBlockSize) { + // byte[] data = new byte[cipherBlockSize]; + // System.arraycopy(result, limit-cipherBlockSize, data, 0, cipherBlockSize); + // result = data; + // } + // + // cipher.encryptBlock(result, 0, result, 0); + // blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx + // for (int i = 0; i < modeBlockSize; ) { // xor result with input block + // out[outOffset++] = (byte)(in[inOffset++] ^ result[i++]); + // } + int ndx = 0; + if (limit < cipherBlockSize) + { + byte[] data = new byte[cipherBlockSize]; + System.arraycopy(result, 0, data, cipherBlockSize - limit, limit); + result = data; + } + else if (limit > cipherBlockSize) + { + ndx = limit - cipherBlockSize; + } + + cipher.encryptBlock(result, ndx, result, ndx); + blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx + for (int i = 0; i < modeBlockSize; i++) + { // xor result with input block + out[outOffset++] = (byte) (in[inOffset++] ^ result[ndx++]); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/IMode.java b/libjava/classpath/gnu/javax/crypto/mode/IMode.java new file mode 100644 index 0000000..4cb6ca6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/IMode.java @@ -0,0 +1,145 @@ +/* IMode.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + *

The basic visible methods of any block cipher mode.

+ * + *

Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages + * larger than n bits, the simplest approach is to segment the message into + * n-bit blocks and process (encrypt and/or decrypt) each one separately + * (Electronic Codebook or ECB mode). But this approach has disadvantages in + * most applications. The block cipher modes of operations are one way of + * working around those disadvantages.

+ * + *

A Mode always employs an underlying block cipher for processing its + * input. For all intents and purposes, a Mode appears to behave as any + * other block cipher with the following differences:

+ * + *
    + *
  • Depending on the specifications of the mode, the block size may be + * different that that of the underlying cipher.
    • + * + *
  • While some modes of operations allow operations on block sizes that + * can be 1-bit long, this library will only deal with sizes that are + * multiple of 8 bits. This is because the byte is the smallest, + * easy to handle, primitive type in Java.
    • + * + *
  • Some modes need an Initialisation Vector (IV) to be properly + * initialised.
    • + *
+ * + *

Possible additional initialisation values for an instance of that type + * are:

+ * + *
    + *
  • The block size in which to operate this mode instance. This + * value is optional, if unspecified, the underlying block cipher's + * configured block size shall be used.
    • + * + *
  • Whether this mode will be used for encryption or decryption. This + * value is mandatory and should be included in the initialisation + * parameters. If it isn't, a {@link java.lang.IllegalStateException} will + * be thrown if any method, other than reset() is invoked on the + * instance.
    • + * + *
  • The byte array containing the initialisation vector, if + * required by this type of mode.
    • + *
+ */ +public interface IMode extends IBlockCipher +{ + + // Constants + // ------------------------------------------------------------------------- + + /** + *

Property name of the state in which to operate this mode. The value + * associated to this property name is taken to be an {@link Integer} which + * value is either ENCRYPTION or DECRYPTION.

+ */ + String STATE = "gnu.crypto.mode.state"; + + /** + *

Property name of the block size in which to operate this mode. The + * value associated with this property name is taken to be an {@link Integer}. + * If it is not specified, the value of the block size of the underlying + * block cipher, used to construct the mode instance, shall be used.

+ */ + String MODE_BLOCK_SIZE = "gnu.crypto.mode.block.size"; + + /** + *

Property name of the initialisation vector to use, if required, with + * this instance. The value associated with this property name is taken to + * be a byte array. If the concrete instance needs such a parameter, and it + * has not been specified as part of the initialissation parameters, an + * all-zero byte array of the appropriate size shall be used.

+ */ + String IV = "gnu.crypto.mode.iv"; + + /** + *

Constant indicating the instance is being used for encryption.

+ */ + int ENCRYPTION = 1; + + /** + *

Constant indicating the instance is being used for decryption.

+ */ + int DECRYPTION = 2; + + // Methods + // ------------------------------------------------------------------------- + + /** + *

A convenience method. Effectively invokes the encryptBlock() + * or decryptBlock() method depending on the operational state + * of the instance.

+ * + * @param in the plaintext. + * @param inOffset index of in from which to start considering + * data. + * @param out the ciphertext. + * @param outOffset index of out from which to store result. + * @exception IllegalStateException if the instance is not initialised. + */ + void update(byte[] in, int inOffset, byte[] out, int outOffset) + throws IllegalStateException; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java new file mode 100644 index 0000000..0e949ed --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java @@ -0,0 +1,192 @@ +/* ModeFactory.java -- + Copyright (C) 2001, 2002, 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + *

A Factory to instantiate block cipher modes of operations.

+ */ +public class ModeFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private ModeFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a block cipher mode of operations given its name + * and characteristics of the underlying block cipher.

+ * + * @param mode the case-insensitive name of the mode of operations. + * @param cipher the case-insensitive name of the block cipher. + * @param cipherBlockSize the block size, in bytes, of the underlying cipher. + * @return an instance of the block cipher algorithm, operating in a given + * mode of operations, or null if none found. + * @exception InternalError if either the mode or the underlying block cipher + * implementation does not pass its self-test. + */ + public static IMode getInstance(String mode, String cipher, + int cipherBlockSize) + { + if (mode == null || cipher == null) + { + return null; + } + + mode = mode.trim(); + cipher = cipher.trim(); + + IBlockCipher cipherImpl = CipherFactory.getInstance(cipher); + if (cipherImpl == null) + { + return null; + } + + return getInstance(mode, cipherImpl, cipherBlockSize); + } + + public static IMode getInstance(String mode, IBlockCipher cipher, + int cipherBlockSize) + { + // ensure that cipherBlockSize is valid for the chosen underlying cipher + boolean ok = false; + for (Iterator it = cipher.blockSizes(); it.hasNext();) + { + ok = (cipherBlockSize == ((Integer) it.next()).intValue()); + if (ok) + { + break; + } + } + + if (!ok) + { + throw new IllegalArgumentException("cipherBlockSize"); + } + + IMode result = null; + if (mode.equalsIgnoreCase(ECB_MODE)) + { + result = new ECB(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(CTR_MODE)) + { + result = new CTR(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(ICM_MODE)) + { + result = new ICM(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(OFB_MODE)) + { + result = new OFB(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(CBC_MODE)) + { + result = new CBC(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(CFB_MODE)) + { + result = new CFB(cipher, cipherBlockSize); + } + else if (mode.equalsIgnoreCase(EAX_MODE)) + { + result = new EAX(cipher, cipherBlockSize); + } + + if (result != null && !result.selfTest()) + { + throw new InternalError(result.name()); + } + + return result; + } + + /** + *

Returns a {@link java.util.Set} of names of mode supported by this + * Factory.

+ * + * @return a {@link java.util.Set} of mode names (Strings). + */ + public static final Set getNames() + { + synchronized (ModeFactory.class) + { + if (names == null) + { + HashSet hs = new HashSet(); + hs.add(ECB_MODE); + hs.add(CTR_MODE); + hs.add(ICM_MODE); + hs.add(OFB_MODE); + hs.add(CBC_MODE); + hs.add(CFB_MODE); + hs.add(EAX_MODE); + + names = Collections.unmodifiableSet(hs); + } + } + return names; + } + + private static Set names; + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/mode/OFB.java b/libjava/classpath/gnu/javax/crypto/mode/OFB.java new file mode 100644 index 0000000..68065d1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/OFB.java @@ -0,0 +1,194 @@ +/* OFB.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; + +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + *

The Output Feedback (OFB) mode is a confidentiality mode that requires a + * unique IV for every message that is ever encrypted under the + * given key. The OFB mode is defined as follows:

+ * + *
    + *
  • OFB Encryption: + *
      + *
    • I1 = IV;
      • + *
    • Ij = Oj -1 for j = 2...n;
      • + *
    • Oj = CIPHK(Ij) for j = 1, 2...n;
      • + *
    • Cj = Pj XOR Oj for j = 1, 2...n.
      • + *
    • + *
  • OFB Decryption: + *
      + *
    • I1 = IV;
      • + *
    • Ij = Oj -1 for j = 2...n;
      • + *
    • Oj = CIPHK(Ij) for j = 1, 2...n;
      • + *
    • Pj = Cj XOR Oj for j = 1, 2...n.
      • + *
    • + *
+ * + *

In OFB encryption, the IV is transformed by the forward + * cipher function to produce the first output block. The first output block is + * exclusive-ORed with the first plaintext block to produce the first ciphertext + * block. The first output block is then transformed by the forward cipher + * function to produce the second output block. The second output block is + * exclusive-ORed with the second plaintext block to produce the second + * ciphertext block, and the second output block is transformed by the forward + * cipher function to produce the third output block. Thus, the successive + * output blocks are produced from enciphering the previous output blocks, and + * the output blocks are exclusive-ORed with the corresponding plaintext blocks + * to produce the ciphertext blocks.

+ * + *

In OFB decryption, the IV is transformed by the forward cipher + * function to produce the first output block. The first output block is + * exclusive-ORed with the first ciphertext block to recover the first plaintext + * block. The first output block is then transformed by the forward cipher + * function to produce the second output block. The second output block is + * exclusive-ORed with the second ciphertext block to produce the second + * plaintext block, and the second output block is also transformed by the + * forward cipher function to produce the third output block. Thus, the + * successive output blocks are produced from enciphering the previous output + * blocks, and the output blocks are exclusive-ORed with the corresponding + * ciphertext blocks to recover the plaintext blocks.

+ * + *

In both OFB encryption and OFB decryption, each forward cipher function + * (except the first) depends on the results of the previous forward cipher + * function; therefore, multiple forward cipher functions cannot be performed + * in parallel. However, if the IV is known, the output blocks can + * be generated prior to the availability of the plaintext or ciphertext data.

+ * + *

The OFB mode requires a unique IV for every message that is + * ever encrypted under the given key. If, contrary to this requirement, the + * same IV is used for the encryption of more than one message, + * then the confidentiality of those messages may be compromised. In particular, + * if a plaintext block of any of these messages is known, say, the jth + * plaintext block, then the jth output of the forward cipher + * function can be determined easily from the jth ciphertext block of + * the message. This information allows the jth plaintext block of + * any other message that is encrypted using the same IV to be + * easily recovered from the jth ciphertext block of that message.

+ * + *

Confidentiality may similarly be compromised if any of the input blocks to + * the forward cipher function for the encryption of a message is used as the + * IV for the encryption of another message under the given key.

+ * + *

References:

+ * + *
    + *
  1. + * Recommendation for Block Cipher Modes of Operation Methods and Techniques, + * Morris Dworkin.
    2. + *
+ */ +public class OFB extends BaseMode implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private byte[] outputBlock; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial package-private constructor for use by the Factory class.

+ * + * @param underlyingCipher the underlying cipher implementation. + * @param cipherBlockSize the underlying cipher block size to use. + */ + OFB(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.OFB_MODE, underlyingCipher, cipherBlockSize); + } + + /** + *

Private constructor for cloning purposes.

+ * + * @param that the mode to clone. + */ + private OFB(OFB that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // java.lang.Cloneable interface implementation ---------------------------- + + public Object clone() + { + return new OFB(this); + } + + // Implementation of abstract methods in BaseMode -------------------------- + + public void setup() + { + if (modeBlockSize != cipherBlockSize) + { + throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); + } + + outputBlock = (byte[]) iv.clone(); + } + + public void teardown() + { + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + cipher.encryptBlock(outputBlock, 0, outputBlock, 0); + for (int j = 0; j < cipherBlockSize;) + { + out[o++] = (byte) (in[i++] ^ outputBlock[j++]); + } + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + this.encryptBlock(in, i, out, o); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/BasePad.java b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java new file mode 100644 index 0000000..49c5d05 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/BasePad.java @@ -0,0 +1,153 @@ +/* BasePad.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +/** + *

An abstract class to facilitate implementing padding algorithms.

+ */ +public abstract class BasePad implements IPad +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The canonical name prefix of the padding algorithm. */ + protected String name; + + /** The block size, in bytes, for this instance. */ + protected int blockSize; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor for use by concrete subclasses. */ + protected BasePad(final String name) + { + super(); + + this.name = name; + blockSize = -1; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IPad interface implementation ------------------------------------------- + + public String name() + { + final StringBuffer sb = new StringBuffer(name); + if (blockSize != -1) + { + sb.append('-').append(String.valueOf(8 * blockSize)); + } + return sb.toString(); + } + + public void init(final int bs) throws IllegalStateException + { + if (blockSize != -1) + { + throw new IllegalStateException(); + } + blockSize = bs; + setup(); + } + + public void reset() + { + blockSize = -1; + } + + public boolean selfTest() + { + byte[] padBytes; + final int offset = 5; + final int limit = 1024; + final byte[] in = new byte[limit]; + for (int bs = 2; bs < 256; bs++) + { + this.init(bs); + for (int i = 0; i < limit - offset - blockSize; i++) + { + padBytes = pad(in, offset, i); + if (((i + padBytes.length) % blockSize) != 0) + { + new RuntimeException(name()).printStackTrace(System.err); + return false; + } + + System.arraycopy(padBytes, 0, in, offset + i, padBytes.length); + try + { + if (padBytes.length != unpad(in, offset, i + padBytes.length)) + { + new RuntimeException(name()).printStackTrace(System.err); + return false; + } + } + catch (WrongPaddingException x) + { + x.printStackTrace(System.err); + return false; + } + } + this.reset(); + } + + return true; + } + + // abstract methods to implement by subclasses ----------------------------- + + /** + *

If any additional checks or resource setup must be done by the + * subclass, then this is the hook for it. This method will be called before + * the {@link #init(int)} method returns.

+ */ + public abstract void setup(); + + public abstract byte[] pad(byte[] in, int off, int len); + + public abstract int unpad(byte[] in, int off, int len) + throws WrongPaddingException; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/IPad.java b/libjava/classpath/gnu/javax/crypto/pad/IPad.java new file mode 100644 index 0000000..4b4c925 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/IPad.java @@ -0,0 +1,110 @@ +/* IPad.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +/** + *

The basic visible methods of any padding algorithm.

+ * + *

Padding algorithms serve to pad and unpad byte arrays usually + * as the last step in an encryption or respectively a decryption + * operation. Their input buffers are usually those processed by instances of + * {@link gnu.crypto.mode.IMode} and/or {@link gnu.crypto.cipher.IBlockCipher}.

+ */ +public interface IPad +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** @return the canonical name of this instance. */ + String name(); + + /** + * Initialises the padding scheme with a designated block size. + * + * @param bs the designated block size. + * @exception IllegalStateException if the instance is already initialised. + * @exception IllegalArgumentException if the block size value is invalid. + */ + void init(int bs) throws IllegalStateException; + + /** + * Returns the byte sequence that should be appended to the designated input. + * + * @param in the input buffer containing the bytes to pad. + * @param offset the starting index of meaningful data in in. + * @param length the number of meaningful bytes in in. + * @return the possibly 0-byte long sequence to be appended to the designated + * input. + */ + byte[] pad(byte[] in, int offset, int length); + + /** + * Returns the number of bytes to discard from a designated input buffer. + * + * @param in the input buffer containing the bytes to unpad. + * @param offset the starting index of meaningful data in in. + * @param length the number of meaningful bytes in in. + * @return the number of bytes to discard, to the left of index position + * offset + length in in. In other words, if the return + * value of a successful invocation of this method is result, then + * the unpadded byte sequence will be offset + length - result bytes + * in in, starting from index position offset. + * @exception WrongPaddingException if the data is not terminated with the + * expected padding bytes. + */ + int unpad(byte[] in, int offset, int length) throws WrongPaddingException; + + /** + * Resets the scheme instance for re-initialisation and use with other + * characteristics. This method always succeeds. + */ + void reset(); + + /** + * A basic symmetric pad/unpad test. + * + * @return true if the implementation passes a basic symmetric + * self-test. Returns false otherwise. + */ + boolean selfTest(); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java new file mode 100644 index 0000000..03c3d61 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS1_V1_5.java @@ -0,0 +1,184 @@ +/* PKCS1_V1_5.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.EME_PKCS1_V1_5; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Util; + +import java.io.PrintWriter; + +/** + *

A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding + * algorithm as described in section 7.2 of RFC-3447. This is effectively an + * Adapter over an instance of {@link EME_PKCS1_V1_5} initialised with + * the RSA public shared modulus length (in bytes).

+ * + *

References:

+ *
    + *
  1. Public-Key Cryptography + * Standards (PKCS) #1:
    + * RSA Cryptography Specifications Version 2.1.
    + * Jakob Jonsson and Burt Kaliski.
    2. + *
+ * + * @see EME_PKCS1_V1_5 + */ +public class PKCS1_V1_5 extends BasePad +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = Registry.EME_PKCS1_V1_5_PAD; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 9; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(final String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private EME_PKCS1_V1_5 codec; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Trivial package-private constructor for use by the Factory class. + *

+ * + * @see gnu.crypto.pad.PadFactory + */ + PKCS1_V1_5() + { + super(Registry.EME_PKCS1_V1_5_PAD); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BasePad + // ------------------------------------------------------------------------- + + public void setup() + { + codec = EME_PKCS1_V1_5.getInstance(blockSize); + } + + public byte[] pad(final byte[] in, final int offset, final int length) + { + final byte[] M = new byte[length]; + System.arraycopy(in, offset, M, 0, length); + final byte[] EM = codec.encode(M); + final byte[] result = new byte[blockSize - length]; + System.arraycopy(EM, 0, result, 0, result.length); + if (DEBUG && debuglevel > 8) + { + debug("padding: 0x" + Util.toString(result)); + } + return result; + } + + public int unpad(final byte[] in, final int offset, final int length) + throws WrongPaddingException + { + final byte[] EM = new byte[length]; + System.arraycopy(in, offset, EM, 0, length); + final int result = length - codec.decode(EM).length; + if (DEBUG && debuglevel > 8) + { + debug("padding length: " + String.valueOf(result)); + } + return result; + } + + // overloaded methods ------------------------------------------------------ + + public boolean selfTest() + { + final int[] mLen = new int[] { 16, 20, 32, 48, 64 }; + final byte[] M = new byte[mLen[mLen.length - 1]]; + PRNG.getInstance().nextBytes(M); + final byte[] EM = new byte[1024]; + byte[] p; + int bs, i, j; + for (bs = 256; bs < 1025; bs += 256) + { + init(bs); + for (i = 0; i < mLen.length; i++) + { + j = mLen[i]; + p = pad(M, 0, j); + if (j + p.length != blockSize) + { + new RuntimeException(name()).printStackTrace(System.err); + return false; + } + + System.arraycopy(p, 0, EM, 0, p.length); + System.arraycopy(M, 0, EM, p.length, j); + try + { + if (p.length != unpad(EM, 0, blockSize)) + { + new RuntimeException(name()).printStackTrace(System.err); + return false; + } + } + catch (WrongPaddingException x) + { + x.printStackTrace(System.err); + return false; + } + } + reset(); + } + + return true; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java new file mode 100644 index 0000000..5697aff --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/PKCS7.java @@ -0,0 +1,149 @@ +/* PKCS7.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +import java.io.PrintWriter; + +/** + *

The implementation of the PKCS7 padding algorithm.

+ * + *

This algorithm is described for 8-byte blocks in [RFC-1423] and extended to + * block sizes of up to 256 bytes in [PKCS-7].

+ * + * References:
+ * RFC-1423: Privacy + * Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and + * Identifiers.
+ * IETF. + * [PKCS-7]PKCS #7: + * Cryptographic Message Syntax Standard - An RSA Laboratories Technical Note.
+ * RSA Security.

+ */ +public final class PKCS7 extends BasePad +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "pkcs7"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 9; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial package-private constructor for use by the Factory class.

+ * + * @see gnu.crypto.pad.PadFactory + */ + PKCS7() + { + super(Registry.PKCS7_PAD); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BasePad + // ------------------------------------------------------------------------- + + public void setup() + { + if (blockSize < 2 || blockSize > 256) + { + throw new IllegalArgumentException(); + } + } + + public byte[] pad(byte[] in, int offset, int length) + { + int padLength = blockSize; + if (length % blockSize != 0) + { + padLength = blockSize - length % blockSize; + } + byte[] result = new byte[padLength]; + for (int i = 0; i < padLength;) + { + result[i++] = (byte) padLength; + } + + if (DEBUG && debuglevel > 8) + { + debug("padding: 0x" + Util.toString(result)); + } + return result; + } + + public int unpad(byte[] in, int offset, int length) + throws WrongPaddingException + { + int limit = offset + length; + int result = in[limit - 1] & 0xFF; + for (int i = 0; i < result; i++) + { + if (result != (in[--limit] & 0xFF)) + { + throw new WrongPaddingException(); + } + } + + if (DEBUG && debuglevel > 8) + { + debug("padding length: " + String.valueOf(result)); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java new file mode 100644 index 0000000..e122719 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/PadFactory.java @@ -0,0 +1,136 @@ +/* PadFactory.java -- + Copyright (C) 2001, 2002, 2003, 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.Registry; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; + +/** + *

A Factory to instantiate padding schemes.

+ */ +public class PadFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private PadFactory() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a padding algorithm given its name.

+ * + * @param pad the case-insensitive name of the padding algorithm. + * @return an instance of the padding algorithm, operating with a given + * block size, or null if none found. + * @throws InternalError if the implementation does not pass its self-test. + */ + public static final IPad getInstance(String pad) + { + if (pad == null) + { + return null; + } + + pad = pad.trim().toLowerCase(); + if (pad.endsWith("padding")) + pad = pad.substring(0, pad.length() - "padding".length()); + IPad result = null; + if (pad.equals(PKCS7_PAD)) + { + result = new PKCS7(); + } + else if (pad.equals(TBC_PAD)) + { + result = new TBC(); + } + else if (pad.equals(EME_PKCS1_V1_5_PAD)) + { + result = new PKCS1_V1_5(); + } + else if (pad.equals(SSL3_PAD)) + { + result = new SSL3(); + } + else if (pad.equals(TLS1_PAD)) + { + result = new TLS1(); + } + + if (result != null && !result.selfTest()) + { + throw new InternalError(result.name()); + } + + return result; + } + + /** + *

Returns a {@link java.util.Set} of names of padding algorithms + * supported by this Factory.

+ * + * @return a {@link Set} of padding algorithm names (Strings). + */ + public static final Set getNames() + { + HashSet hs = new HashSet(); + hs.add(PKCS7_PAD); + hs.add(TBC_PAD); + hs.add(EME_PKCS1_V1_5_PAD); + hs.add(SSL3_PAD); + hs.add(TLS1_PAD); + + return Collections.unmodifiableSet(hs); + } + + // Instance methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/SSL3.java b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java new file mode 100644 index 0000000..25aeefa --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/SSL3.java @@ -0,0 +1,98 @@ +/* SSL3.java -- SSLv3 padding scheme. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +/** + * The padding scheme used by the Secure Sockets Layer, version 3. This + * padding scheme is used in the block-ciphered struct, e.g.: + * + * 
+ * block-ciphered struct {
+ *   opaque content[SSLCompressed.length];
+ *   opaque MAC[CipherSpec.hash_size];
+ *   uint8 padding[GenericBlockCipher.padding_length];
+ *   uint8 padding_length;
+ * } GenericBlockCipher;
+ *
+ * + *

Where padding_length is cipher_block_size - + * ((SSLCompressed.length + CipherSpec.hash_size) + * % cipher_block_size) - 1. That is, the padding is enough bytes + * to make the plaintext a multiple of the block size minus one, plus one + * additional byte for the padding length. The padding can be any arbitrary + * data.

+ */ +public class SSL3 extends BasePad +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public SSL3() + { + super("ssl3"); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void setup() + { + if (blockSize <= 0 || blockSize > 255) + throw new IllegalArgumentException("invalid block size: " + blockSize); + } + + public byte[] pad(final byte[] in, final int off, final int len) + { + int padlen = blockSize - (len % blockSize); + byte[] pad = new byte[padlen]; + for (int i = 0; i < padlen; i++) + pad[i] = (byte) (padlen - 1); + return pad; + } + + public int unpad(final byte[] in, final int off, final int len) + throws WrongPaddingException + { + int padlen = in[off + len - 1] & 0xFF; + if (padlen >= blockSize) + throw new WrongPaddingException(); + return padlen + 1; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/TBC.java b/libjava/classpath/gnu/javax/crypto/pad/TBC.java new file mode 100644 index 0000000..25c3e42 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/TBC.java @@ -0,0 +1,156 @@ +/* TBC.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +import java.io.PrintWriter; + +/** + *

The implementation of the Trailing Bit Complement (TBC) padding algorithm.

+ * + *

In this mode, "...the data string is padded at the trailing end with the + * complement of the trailing bit of the unpadded message: if the trailing bit + * is 1, then 0 bits are appended, and if the trailing bit is + * 0, then 1 bits are appended. As few bits are added as are + * necessary to meet the formatting size requirement."

+ * + * References:
+ * + * Recommendation for Block Cipher Modes of Operation Methods and Techniques, + * Morris Dworkin.

+ */ +public final class TBC extends BasePad +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "tbc"; + + private static final boolean DEBUG = false; + + private static final int debuglevel = 9; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String s) + { + err.println(">>> " + NAME + ": " + s); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Trivial package-private constructor for use by the Factory class.

+ * + * @see gnu.crypto.pad.PadFactory + */ + TBC() + { + super(Registry.TBC_PAD); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BasePad + // ------------------------------------------------------------------------- + + public void setup() + { + if (blockSize < 1 || blockSize > 256) + { + throw new IllegalArgumentException(); + } + } + + public byte[] pad(byte[] in, int offset, int length) + { + int padLength = blockSize; + if (length % blockSize != 0) + { + padLength = blockSize - length % blockSize; + } + byte[] result = new byte[padLength]; + int lastBit = in[offset + length - 1] & 0x01; + if (lastBit == 0) + { + for (int i = 0; i < padLength;) + { + result[i++] = 0x01; + } + } // else it's already set to zeroes by virtue of initialisation + + if (DEBUG && debuglevel > 8) + { + debug("padding: 0x" + Util.toString(result)); + } + return result; + } + + public int unpad(byte[] in, int offset, int length) + throws WrongPaddingException + { + int limit = offset + length - 1; + int lastBit = in[limit] & 0xFF; + int result = 0; + while (lastBit == (in[limit] & 0xFF)) + { + result++; + limit--; + } + + if (result > length) + { + throw new WrongPaddingException(); + } + + if (DEBUG && debuglevel > 8) + { + debug("padding length: " + String.valueOf(result)); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/TLS1.java b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java new file mode 100644 index 0000000..00a538f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/TLS1.java @@ -0,0 +1,105 @@ +/* TLS1.java -- TLSv1 padding scheme. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +import gnu.java.security.util.Util; + +/** + * The padding scheme used by the Transport Layer Security protocol, + * version 1. This padding scheme is used in the block-ciphered struct, + * e.g.: + * + * 

+ * block-ciphered struct {
+ *   opaque content[TLSCompressed.length];
+ *   opaque MAC[CipherSpec.hash_size];
+ *   uint8 padding[GenericBlockCipher.padding_length];
+ *   uint8 padding_length;
+ * } GenericBlockCipher;
+ *
+ * + *

Where padding_length is any multiple of cipher_block_size - + * ((SSLCompressed.length + CipherSpec.hash_size) + * % cipher_block_size) - 1 that is less than 255. Every byte of the + * padding must be equal to padding_length. That is, the end of the + * plaintext is n + 1 copies of the unsigned byte n.

+ */ +public class TLS1 extends BasePad +{ + + // Constructors. + // ------------------------------------------------------------------------- + + public TLS1() + { + super("tls1"); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void setup() + { + if (blockSize <= 0 || blockSize > 255) + throw new IllegalArgumentException("invalid block size: " + blockSize); + } + + public byte[] pad(final byte[] in, final int off, final int len) + { + int padlen = blockSize - (len % blockSize); + byte[] pad = new byte[padlen]; + for (int i = 0; i < padlen; i++) + { + pad[i] = (byte) (padlen - 1); + } + return pad; + } + + public int unpad(final byte[] in, final int off, final int len) + throws WrongPaddingException + { + int padlen = in[off + len - 1] & 0xFF; + for (int i = off + (len - padlen - 1); i < off + len - 1; i++) + { + if ((in[i] & 0xFF) != padlen) + throw new WrongPaddingException(); + } + return padlen + 1; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java new file mode 100644 index 0000000..cc74dfb --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/pad/WrongPaddingException.java @@ -0,0 +1,63 @@ +/* WrongPaddingException.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.pad; + +/** + *

A checked exception that indicates that a padding algorithm did not find the + * expected padding bytes when unpadding some data.

+ * + * @version $Revision: 1.1 $ + */ +public class WrongPaddingException extends Exception +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instant methods + // ------------------------------------------------------------------------- +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java b/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java new file mode 100644 index 0000000..22316ec --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/ARCFour.java @@ -0,0 +1,161 @@ +/* ARCFour.java -- + Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Registry; +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.LimitReachedException; + +import java.util.Map; + +/** + * RC4 is a stream cipher developed by Ron Rivest. Until 1994 RC4 was a + * trade secret of RSA Data Security, Inc., when it was released + * anonymously to a mailing list. This version is a descendent of that + * code, and since there is no proof that the leaked version was in fact + * RC4 and because "RC4" is a trademark, it is called "ARCFOUR", short for + * "Allegedly RC4". + * + *

This class only implements the keystream of ARCFOUR. To use + * this as a stream cipher, one would say:

+ * + * 
    out = in ^ arcfour.nextByte();
+ * + *

This operation works for encryption and decryption.

+ * + *

References:

+ * + *
    + *
  1. Schneier, Bruce: Applied Cryptography: Protocols, Algorithms, + * and Source Code in C, Second Edition. (1996 John Wiley and Sons), + * pp. 397--398. ISBN 0-471-11709-9
    2. + *
  2. K. Kaukonen and R. Thayer, "A Stream Cipher Encryption Algorithm + * 'Arcfour'", Internet Draft (expired), draft-kaukonen-cipher-arcfour-03.txt
    3. + *
+ */ +public class ARCFour extends BasePRNG implements Cloneable +{ + + // Constants and variables. + // ----------------------------------------------------------------------- + + /** The attributes property name for the key bytes. */ + public static final String ARCFOUR_KEY_MATERIAL = "gnu.crypto.prng.arcfour.key-material"; + + /** The size of the internal S-box. */ + public static final int ARCFOUR_SBOX_SIZE = 256; + + /** The S-box. */ + private byte[] s; + + private byte m, n; + + // Constructors. + // ----------------------------------------------------------------------- + + /** Default 0-arguments constructor. */ + public ARCFour() + { + super(Registry.ARCFOUR_PRNG); + } + + // Methods implementing BasePRNG. + // ----------------------------------------------------------------------- + + public void setup(Map attributes) + { + byte[] kb = (byte[]) attributes.get(ARCFOUR_KEY_MATERIAL); + + if (kb == null) + { + throw new IllegalArgumentException("ARCFOUR needs a key"); + } + + s = new byte[ARCFOUR_SBOX_SIZE]; + m = n = 0; + byte[] k = new byte[ARCFOUR_SBOX_SIZE]; + + for (int i = 0; i < ARCFOUR_SBOX_SIZE; i++) + { + s[i] = (byte) i; + } + + if (kb.length > 0) + { + for (int i = 0, j = 0; i < ARCFOUR_SBOX_SIZE; i++) + { + k[i] = kb[j++]; + if (j >= kb.length) + j = 0; + } + } + + for (int i = 0, j = 0; i < ARCFOUR_SBOX_SIZE; i++) + { + j = j + s[i] + k[i]; + byte temp = s[i]; + s[i] = s[j & 0xff]; + s[j & 0xff] = temp; + } + + buffer = new byte[ARCFOUR_SBOX_SIZE]; + try + { + fillBlock(); + } + catch (LimitReachedException wontHappen) + { + } + } + + public void fillBlock() throws LimitReachedException + { + for (int i = 0; i < buffer.length; i++) + { + m++; + n = (byte) (n + s[m & 0xff]); + byte temp = s[m & 0xff]; + s[m & 0xff] = s[n & 0xff]; + s[n & 0xff] = temp; + temp = (byte) (s[m & 0xff] + s[n & 0xff]); + buffer[i] = s[temp & 0xff]; + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java b/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java new file mode 100644 index 0000000..1970092 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/CSPRNG.java @@ -0,0 +1,1268 @@ +/* CSPRNG.java -- continuously-seeded pseudo-random number generator. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Properties; +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.EntropySource; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.SimpleList; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.io.ByteArrayOutputStream; +import java.io.FileInputStream; +import java.io.InputStream; +import java.io.PrintStream; + +import java.net.MalformedURLException; +import java.net.URL; + +import java.security.AccessController; +import java.security.InvalidKeyException; +import java.security.PrivilegedAction; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.StringTokenizer; + +/** + *

An entropy pool-based pseudo-random number generator based on the PRNG + * in Peter Gutmann's cryptlib (http://www.cs.auckland.ac.nz/~pgut001/cryptlib/).

+ * + *

The basic properties of this generator are:

+ * + *
    + *
  1. The internal state cannot be determined by knowledge of the input.
    2. + *
  2. It is resistant to bias introduced by specific inputs.
    3. + *
  3. The output does not reveal the state of the generator.
    4. + *
+ */ +public class CSPRNG extends BasePRNG +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + private static final boolean DEBUG = false; + + private static void debug(String msg) + { + System.err.print(">>> CSPRNG: "); + System.err.println(msg); + } + + /** + * Property name for the list of files to read for random values. The + * mapped value is a list with the following values: + * + *
    + *
  1. A {@link Double}, indicating the suggested quality of this + * source. This value must be between 0 and 100.
    2. + *
  2. An {@link Integer}, indicating the number of bytes to skip in the file + * before reading bytes. This can be any nonnegative value.
    3. + *
  3. An {@link Integer}, indicating the number of bytes to read.
    4. + *
  4. A {@link String}, indicating the path to the file.
    5. + *
+ * + * @see gnu.crypto.util.SimpleList + */ + public static final String FILE_SOURCES = "gnu.crypto.prng.pool.files"; + + /** + * Property name for the list of URLs to poll for random values. The + * mapped value is a list formatted similarly as in {@link #FILE_SOURCES}, + * but the fourth member is a {@link URL}. + */ + public static final String URL_SOURCES = "gnu.crypto.prng.pool.urls"; + + /** + * Property name for the list of programs to execute, and use the output + * as new random bytes. The mapped property is formatted similarly an in + * {@link #FILE_SOURCES} and {@link #URL_SOURCES}, except the fourth + * member is a {@link String} of the program to execute. + */ + public static final String PROGRAM_SOURCES = "gnu.crypto.prng.pool.programs"; + + /** + * Property name for a list of other sources of entropy. The mapped + * value must be a list of {@link EntropySource} objects. + */ + public static final String OTHER_SOURCES = "gnu.crypto.prng.pool.other"; + + /** + * Property name for whether or not to wait for the slow poll to + * complete, passed as a {@link Boolean}. The default value is true. + */ + public static final String BLOCKING = "gnu.crypto.prng.pool.blocking"; + + private static final String FILES = "gnu.crypto.csprng.file."; + + private static final String URLS = "gnu.crypto.csprng.url."; + + private static final String PROGS = "gnu.crypto.csprng.program."; + + private static final String OTHER = "gnu.crypto.csprng.other."; + + private static final String BLOCK = "gnu.crypto.csprng.blocking"; + + private static final int POOL_SIZE = 256; + + private static final int ALLOC_SIZE = 260; + + private static final int OUTPUT_SIZE = POOL_SIZE / 2; + + private static final int X917_POOL_SIZE = 16; + + private static final String HASH_FUNCTION = Registry.SHA160_HASH; + + private static final String CIPHER = Registry.AES_CIPHER; + + private static final int MIX_COUNT = 10; + + private static final int X917_LIFETIME = 8192; + + // FIXME this should be configurable. + private static final int SPINNER_COUNT = 8; + + /** + * The spinner group singleton. We use this to add a small amount of + * randomness (in addition to the current time and the amount of + * free memory) based on the randomness (if any) present due to + * system load and thread scheduling. + */ + private static final Spinner[] SPINNERS = new Spinner[SPINNER_COUNT]; + + private static final Thread[] SPINNER_THREADS = new Thread[SPINNER_COUNT]; + static + { + for (int i = 0; i < SPINNER_COUNT; i++) + { + SPINNER_THREADS[i] = new Thread(SPINNERS[i] = new Spinner(), + "spinner-" + i); + SPINNER_THREADS[i].setDaemon(true); + SPINNER_THREADS[i].setPriority(Thread.MIN_PRIORITY); + SPINNER_THREADS[i].start(); + } + } + + /** + * The message digest (SHA-1) used in the mixing function. + */ + private final IMessageDigest hash; + + /** + * The cipher (AES) used in the output masking function. + */ + private final IBlockCipher cipher; + + /** + * The number of times the pool has been mixed. + */ + private int mixCount; + + /** + * The entropy pool. + */ + private final byte[] pool; + + /** + * The quality of the random pool (percentage). + */ + private double quality; + + /** + * The index of the next byte in the entropy pool. + */ + private int index; + + /** + * The pool for the X9.17-like generator. + */ + private byte[] x917pool; + + /** + * The number of iterations of the X9.17-like generators. + */ + private int x917count; + + /** + * Whether or not the X9.17-like generator is initialized. + */ + private boolean x917init; + + /** + * The list of file soures. + */ + private final List files; + + /** + * The list of URL sources. + */ + private final List urls; + + /** + * The list of program sources. + */ + private final List progs; + + /** + * The list of other sources. + */ + private final List other; + + /** + * Whether or not to wait for the slow poll to complete. + */ + private boolean blocking; + + /** + * The thread that polls for random data. + */ + private Poller poller; + + private Thread pollerThread; + + // Constructor. + // ------------------------------------------------------------------------- + + public CSPRNG() + { + super("CSPRNG"); + pool = new byte[ALLOC_SIZE]; + x917pool = new byte[X917_POOL_SIZE]; + x917count = 0; + x917init = false; + quality = 0.0; + hash = HashFactory.getInstance(HASH_FUNCTION); + cipher = CipherFactory.getInstance(CIPHER); + buffer = new byte[OUTPUT_SIZE]; + ndx = 0; + initialised = false; + files = new LinkedList(); + urls = new LinkedList(); + progs = new LinkedList(); + other = new LinkedList(); + } + + // Class methods. + // ------------------------------------------------------------------------- + + /** + *

Create and initialize a CSPRNG instance with the "system" parameters; + * the files, URLs, programs, and {@link EntropySource} sources used by + * the instance are derived from properties set in the system {@link + * Properties}.

+ * + *

All properties are of the from name.N, where name + * is the name of the source, and N is an integer (staring at 1) that + * indicates the preference number for that source.

+ * + *

The following vales for name are used here:

+ * + *
+ *
gnu.crypto.csprng.file
+ *

These properties are file sources, passed as the {@link #FILE_SOURCES} + * parameter of the instance. The property value is a 4-tuple formatted as:

+ * + *
quality ; offset ; count ; path
+ * + *

The parameters are mapped to the parameters defined for {@link + * #FILE_SOURCES}. Leading or trailing spaces on any item are trimmed + * off.

+ * + *
gnu.crypto.csprng.url
+ *

These properties are URL sources, passed as the {@link #URL_SOURCES} + * parameter of the instance. The property is formatted the same way as file + * sources, but the path argument must be a valid URL.

+ * + *
gnu.crypto.csprng.program
+ *

These properties are program sources, passed as the {@link + * #PROGRAM_SOURCES} parameter of the instance. This property is formatted + * the same way as file and URL sources, but the last argument is a program + * and its arguments.

+ * + *
gnu.crypto.cspring.other
+ *

These properties are other sources, passed as the {@link OTHER_SOURCES} + * parameter of the instance. The property value must be the full name + * of a class that implements the {@link EntropySource} interface and has a + * public no-argument constructor.

+ *
+ * + *

Finally, a boolean property "gnu.crypto.csprng.blocking" can be set to + * the desired value of {@link #BLOCKING}.

+ * + *

An example of valid properties would be:

+ * + * 
+   * gnu.crypto.csprng.blocking=true
+   *
+   * gnu.crypto.csprng.file.1=75.0;0;256;/dev/random
+   * gnu.crypto.csprng.file.2=10.0;0;100;/home/user/file
+   *
+   * gnu.crypto.csprng.url.1=5.0;0;256;http://www.random.org/cgi-bin/randbyte?nbytes=256
+   * gnu.crypto.csprng.url.2=0;256;256;http://slashdot.org/
+   *
+   * gnu.crypto.csprng.program.1=0.5;0;10;last -n 50
+   * gnu.crypto.csprng.program.2=0.5;0;10;tcpdump -c 5
+   *
+   * gnu.crypto.csprng.other.1=foo.bar.MyEntropySource
+   * gnu.crypto.csprng.other.2=com.company.OtherEntropySource
+   *
+ */ + public static IRandom getSystemInstance() throws ClassNotFoundException, + MalformedURLException, NumberFormatException + { + CSPRNG instance = new CSPRNG(); + HashMap attrib = new HashMap(); + attrib.put(BLOCKING, new Boolean(getProperty(BLOCK))); + String s = null; + + // Get each file source "gnu.crypto.csprng.file.N". + List l = new LinkedList(); + for (int i = 0; (s = getProperty(FILES + i)) != null; i++) + { + try + { + l.add(parseString(s.trim())); + } + catch (NumberFormatException nfe) + { + } + } + attrib.put(FILE_SOURCES, l); + + l = new LinkedList(); + for (int i = 0; (s = getProperty(URLS + i)) != null; i++) + { + try + { + l.add(parseURL(s.trim())); + } + catch (NumberFormatException nfe) + { + } + catch (MalformedURLException mue) + { + } + } + attrib.put(URL_SOURCES, l); + + l = new LinkedList(); + for (int i = 0; (s = getProperty(PROGS + i)) != null; i++) + { + try + { + l.add(parseString(s.trim())); + } + catch (NumberFormatException nfe) + { + } + } + attrib.put(PROGRAM_SOURCES, l); + + l = new LinkedList(); + for (int i = 0; (s = getProperty(OTHER + i)) != null; i++) + { + try + { + Class c = Class.forName(s.trim()); + l.add(c.newInstance()); + } + catch (ClassNotFoundException cnfe) + { + } + catch (InstantiationException ie) + { + } + catch (IllegalAccessException iae) + { + } + } + attrib.put(OTHER_SOURCES, l); + + instance.init(attrib); + return instance; + } + + private static String getProperty(final String name) + { + return (String) AccessController.doPrivileged(new PrivilegedAction() + { + public Object run() + { + return Properties.getProperty(name); + } + }); + } + + private static List parseString(String s) throws NumberFormatException + { + StringTokenizer tok = new StringTokenizer(s, ";"); + if (tok.countTokens() != 4) + { + throw new IllegalArgumentException("malformed property"); + } + Double quality = new Double(tok.nextToken()); + Integer offset = new Integer(tok.nextToken()); + Integer length = new Integer(tok.nextToken()); + String str = tok.nextToken(); + return new SimpleList(quality, offset, length, str); + } + + private static List parseURL(String s) throws MalformedURLException, + NumberFormatException + { + StringTokenizer tok = new StringTokenizer(s, ";"); + if (tok.countTokens() != 4) + { + throw new IllegalArgumentException("malformed property"); + } + Double quality = new Double(tok.nextToken()); + Integer offset = new Integer(tok.nextToken()); + Integer length = new Integer(tok.nextToken()); + URL url = new URL(tok.nextToken()); + return new SimpleList(quality, offset, length, url); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public Object clone() + { + return new CSPRNG(); + } + + public void setup(Map attrib) + { + List list = null; + + if (DEBUG) + { + debug(String.valueOf(attrib)); + } + try + { + list = (List) attrib.get(FILE_SOURCES); + if (DEBUG) + { + debug(String.valueOf(list)); + } + if (list != null) + { + files.clear(); + for (Iterator it = list.iterator(); it.hasNext();) + { + List l = (List) it.next(); + if (DEBUG) + { + debug("l=" + l); + } + if (l.size() != 4) + { + if (DEBUG) + { + debug("file list too small: " + l.size()); + } + throw new IllegalArgumentException("invalid file list"); + } + Double quality = (Double) l.get(0); + Integer offset = (Integer) l.get(1); + Integer length = (Integer) l.get(2); + String source = (String) l.get(3); + files.add(new SimpleList(quality, offset, length, source)); + } + } + } + catch (ClassCastException cce) + { + if (DEBUG) + { + debug("bad file list: " + cce.getMessage()); + cce.printStackTrace(); + } + throw new IllegalArgumentException("invalid file list"); + } + + try + { + list = (List) attrib.get(URL_SOURCES); + if (DEBUG) + { + debug(String.valueOf(list)); + } + if (list != null) + { + urls.clear(); + for (Iterator it = list.iterator(); it.hasNext();) + { + List l = (List) it.next(); + if (DEBUG) + { + debug("l=" + l); + } + if (l.size() != 4) + { + if (DEBUG) + { + debug("URL list too small: " + l.size()); + } + throw new IllegalArgumentException("invalid URL list"); + } + Double quality = (Double) l.get(0); + Integer offset = (Integer) l.get(1); + Integer length = (Integer) l.get(2); + URL source = (URL) l.get(3); + urls.add(new SimpleList(quality, offset, length, source)); + } + } + } + catch (ClassCastException cce) + { + if (DEBUG) + { + debug("bad URL list: " + cce.getMessage()); + cce.printStackTrace(); + } + throw new IllegalArgumentException("invalid URL list"); + } + + try + { + list = (List) attrib.get(PROGRAM_SOURCES); + if (DEBUG) + { + debug(String.valueOf(list)); + } + if (list != null) + { + progs.clear(); + for (Iterator it = list.iterator(); it.hasNext();) + { + List l = (List) it.next(); + if (DEBUG) + { + debug("l=" + l); + } + if (l.size() != 4) + { + if (DEBUG) + { + debug("program list too small: " + l.size()); + } + throw new IllegalArgumentException("invalid program list"); + } + Double quality = (Double) l.get(0); + Integer offset = (Integer) l.get(1); + Integer length = (Integer) l.get(2); + String source = (String) l.get(3); + progs.add(new SimpleList(quality, offset, length, source)); + } + } + } + catch (ClassCastException cce) + { + if (DEBUG) + { + debug("bad program list: " + cce.getMessage()); + cce.printStackTrace(); + } + throw new IllegalArgumentException("invalid program list"); + } + + try + { + list = (List) attrib.get(OTHER_SOURCES); + if (DEBUG) + { + debug(String.valueOf(list)); + } + if (list != null) + { + other.clear(); + for (Iterator it = list.iterator(); it.hasNext();) + { + EntropySource src = (EntropySource) it.next(); + if (DEBUG) + { + debug("src=" + src); + } + if (src == null) + { + throw new NullPointerException("null source in source list"); + } + other.add(src); + } + } + } + catch (ClassCastException cce) + { + throw new IllegalArgumentException("invalid source list"); + } + + try + { + Boolean block = (Boolean) attrib.get(BLOCKING); + if (block != null) + { + blocking = block.booleanValue(); + } + else + { + blocking = true; + } + } + catch (ClassCastException cce) + { + throw new IllegalArgumentException("invalid blocking parameter"); + } + + poller = new Poller(files, urls, progs, other, this); + try + { + fillBlock(); + } + catch (LimitReachedException lre) + { + throw new RuntimeException("bootstrapping CSPRNG failed"); + } + } + + public void fillBlock() throws LimitReachedException + { + if (DEBUG) + { + debug("fillBlock"); + } + if (getQuality() < 100.0) + { + if (DEBUG) + { + debug("doing slow poll"); + } + slowPoll(); + } + + do + { + fastPoll(); + mixRandomPool(); + } + while (mixCount < MIX_COUNT); + + if (!x917init || x917count >= X917_LIFETIME) + { + mixRandomPool(pool); + Map attr = new HashMap(); + byte[] key = new byte[32]; + System.arraycopy(pool, 0, key, 0, 32); + cipher.reset(); + attr.put(IBlockCipher.KEY_MATERIAL, key); + try + { + cipher.init(attr); + } + catch (InvalidKeyException ike) + { + throw new Error(ike.toString()); + } + + mixRandomPool(pool); + generateX917(pool); + mixRandomPool(pool); + generateX917(pool); + + if (x917init) + { + quality = 0.0; + } + x917init = true; + x917count = 0; + } + + byte[] export = new byte[ALLOC_SIZE]; + for (int i = 0; i < ALLOC_SIZE; i++) + { + export[i] = (byte) (pool[i] ^ 0xFF); + } + + mixRandomPool(); + mixRandomPool(export); + + generateX917(export); + + for (int i = 0; i < OUTPUT_SIZE; i++) + { + buffer[i] = (byte) (export[i] ^ export[i + OUTPUT_SIZE]); + } + Arrays.fill(export, (byte) 0); + } + + /** + * Add an array of bytes into the randomness pool. Note that this method + * will not increment the pool's quality counter (this can only be + * done via a source provided to the setup method). + * + * @param buf The byte array. + * @param off The offset from whence to start reading bytes. + * @param len The number of bytes to add. + * @throws ArrayIndexOutOfBoundsException If off or len are + * out of the range of buf. + */ + public synchronized void addRandomBytes(byte[] buf, int off, int len) + { + if (off < 0 || len < 0 || off + len > buf.length) + { + throw new ArrayIndexOutOfBoundsException(); + } + if (DEBUG) + { + debug("adding random bytes:"); + debug(Util.toString(buf, off, len)); + } + final int count = off + len; + for (int i = off; i < count; i++) + { + pool[index++] ^= buf[i]; + if (index == pool.length) + { + mixRandomPool(); + index = 0; + } + } + } + + /** + * Add a single random byte to the randomness pool. Note that this method + * will not increment the pool's quality counter (this can only be + * done via a source provided to the setup method). + * + * @param b The byte to add. + */ + public synchronized void addRandomByte(byte b) + { + if (DEBUG) + { + debug("adding byte " + Integer.toHexString(b)); + } + pool[index++] ^= b; + if (index >= pool.length) + { + mixRandomPool(); + index = 0; + } + } + + // Package methods. + // ------------------------------------------------------------------------- + + synchronized void addQuality(double quality) + { + if (DEBUG) + { + debug("adding quality " + quality); + } + if (this.quality < 100) + { + this.quality += quality; + } + if (DEBUG) + { + debug("quality now " + this.quality); + } + } + + synchronized double getQuality() + { + return quality; + } + + // Own methods. + // ------------------------------------------------------------------------- + + /** + * The mix operation. This method will, for every 20-byte block in the + * random pool, hash that block, the previous 20 bytes, and the next + * 44 bytes with SHA-1, writing the result back into that block. + */ + private void mixRandomPool(byte[] buf) + { + int hashSize = hash.hashSize(); + for (int i = 0; i < buf.length; i += hashSize) + { + // First update the bytes [p-19..p-1]. + if (i == 0) + { + hash.update(buf, buf.length - hashSize, hashSize); + } + else + { + hash.update(buf, i - hashSize, hashSize); + } + + // Now the next 64 bytes. + if (i + 64 < buf.length) + { + hash.update(buf, i, 64); + } + else + { + hash.update(buf, i, buf.length - i); + hash.update(buf, 0, 64 - (buf.length - i)); + } + + byte[] digest = hash.digest(); + System.arraycopy(digest, 0, buf, i, hashSize); + } + } + + private void mixRandomPool() + { + mixRandomPool(pool); + mixCount++; + } + + private void generateX917(byte[] buf) + { + int off = 0; + for (int i = 0; i < buf.length; i += X917_POOL_SIZE) + { + int copy = Math.min(buf.length - i, X917_POOL_SIZE); + for (int j = 0; j < copy; j++) + { + x917pool[j] ^= pool[off + j]; + } + + cipher.encryptBlock(x917pool, 0, x917pool, 0); + System.arraycopy(x917pool, 0, buf, off, copy); + cipher.encryptBlock(x917pool, 0, x917pool, 0); + + off += copy; + x917count++; + } + } + + /** + * Add random data always immediately available into the random pool, such + * as the values of the eight asynchronous counters, the current time, the + * current memory usage, the calling thread name, and the current stack + * trace. + * + *

This method does not alter the quality counter, and is provided more + * to maintain randomness, not to seriously improve the current random + * state. + */ + private void fastPoll() + { + byte b = 0; + for (int i = 0; i < SPINNER_COUNT; i++) + b ^= SPINNERS[i].counter; + addRandomByte(b); + addRandomByte((byte) System.currentTimeMillis()); + addRandomByte((byte) Runtime.getRuntime().freeMemory()); + + String s = Thread.currentThread().getName(); + if (s != null) + { + byte[] buf = s.getBytes(); + addRandomBytes(buf, 0, buf.length); + } + + ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); + PrintStream pout = new PrintStream(bout); + Throwable t = new Throwable(); + t.printStackTrace(pout); + pout.flush(); + byte[] buf = bout.toByteArray(); + addRandomBytes(buf, 0, buf.length); + } + + private void slowPoll() throws LimitReachedException + { + if (DEBUG) + { + debug("poller is alive? " + + (pollerThread == null ? false : pollerThread.isAlive())); + } + if (pollerThread == null || !pollerThread.isAlive()) + { + boolean interrupted = false; + pollerThread = new Thread(poller); + pollerThread.setDaemon(true); + pollerThread.setPriority(Thread.NORM_PRIORITY - 1); + pollerThread.start(); + if (blocking) + { + try + { + pollerThread.join(); + } + catch (InterruptedException ie) + { + interrupted = true; + } + } + + // If the full slow poll has completed after we waited for it, + // and there in insufficient randomness, throw an exception. + if (!interrupted && blocking && quality < 100.0) + { + if (DEBUG) + { + debug("insufficient quality: " + quality); + } + throw new LimitReachedException( + "insufficient randomness was polled"); + } + } + } + + protected void finalize() throws Throwable + { + if (poller != null && pollerThread != null && pollerThread.isAlive()) + { + pollerThread.interrupt(); + poller.stopUpdating(); + pollerThread.interrupt(); + } + Arrays.fill(pool, (byte) 0); + Arrays.fill(x917pool, (byte) 0); + Arrays.fill(buffer, (byte) 0); + } + + // Inner classes. + // ------------------------------------------------------------------------- + + /** + * A simple thread that constantly updates a byte counter. This class is + * used in a group of lowest-priority threads and the values of their + * counters (updated in competition with all other threads) is used as a + * source of entropy bits. + */ + private static class Spinner implements Runnable + { + + // Field. + // ----------------------------------------------------------------------- + + private byte counter; + + // Constructor. + // ----------------------------------------------------------------------- + + private Spinner() + { + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public void run() + { + while (true) + { + counter++; + try + { + Thread.sleep(100); + } + catch (InterruptedException ie) + { + } + } + } + } + + private final class Poller implements Runnable + { + + // Fields. + // ----------------------------------------------------------------------- + + private final List files; + + private final List urls; + + private final List progs; + + private final List other; + + private final CSPRNG pool; + + private boolean running; + + // Constructor. + // ----------------------------------------------------------------------- + + Poller(List files, List urls, List progs, List other, CSPRNG pool) + { + super(); + this.files = Collections.unmodifiableList(files); + this.urls = Collections.unmodifiableList(urls); + this.progs = Collections.unmodifiableList(progs); + this.other = Collections.unmodifiableList(other); + this.pool = pool; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public void run() + { + running = true; + if (DEBUG) + { + debug("files: " + files); + debug("URLs: " + urls); + debug("progs: " + progs); + } + Iterator files_it = files.iterator(); + Iterator urls_it = urls.iterator(); + Iterator prog_it = progs.iterator(); + Iterator other_it = other.iterator(); + + while (files_it.hasNext() || urls_it.hasNext() || prog_it.hasNext() + || other_it.hasNext()) + { + + // There is enough random data. Go away. + if (pool.getQuality() >= 100.0 || !running) + { + return; + } + + if (files_it.hasNext()) + { + try + { + List l = (List) files_it.next(); + if (DEBUG) + { + debug(l.toString()); + } + double qual = ((Double) l.get(0)).doubleValue(); + int offset = ((Integer) l.get(1)).intValue(); + int count = ((Integer) l.get(2)).intValue(); + String src = (String) l.get(3); + InputStream in = new FileInputStream(src); + byte[] buf = new byte[count]; + if (offset > 0) + { + in.skip(offset); + } + int len = in.read(buf); + if (len >= 0) + { + pool.addRandomBytes(buf, 0, len); + pool.addQuality(qual * ((double) len / (double) count)); + } + if (DEBUG) + { + debug("got " + len + " bytes from " + src); + } + } + catch (Exception x) + { + if (DEBUG) + { + debug(x.toString()); + x.printStackTrace(); + } + } + } + + if (pool.getQuality() >= 100.0 || !running) + { + return; + } + + if (urls_it.hasNext()) + { + try + { + List l = (List) urls_it.next(); + if (DEBUG) + { + debug(l.toString()); + } + double qual = ((Double) l.get(0)).doubleValue(); + int offset = ((Integer) l.get(1)).intValue(); + int count = ((Integer) l.get(2)).intValue(); + URL src = (URL) l.get(3); + InputStream in = src.openStream(); + byte[] buf = new byte[count]; + if (offset > 0) + { + in.skip(offset); + } + int len = in.read(buf); + if (len >= 0) + { + pool.addRandomBytes(buf, 0, len); + pool.addQuality(qual * ((double) len / (double) count)); + } + if (DEBUG) + { + debug("got " + len + " bytes from " + src); + } + } + catch (Exception x) + { + if (DEBUG) + { + debug(x.toString()); + x.printStackTrace(); + } + } + } + + if (pool.getQuality() >= 100.0 || !running) + { + return; + } + + Process proc = null; + if (prog_it.hasNext()) + { + try + { + List l = (List) prog_it.next(); + if (DEBUG) + { + debug(l.toString()); + } + double qual = ((Double) l.get(0)).doubleValue(); + int offset = ((Integer) l.get(1)).intValue(); + int count = ((Integer) l.get(2)).intValue(); + String src = (String) l.get(3); + proc = null; + proc = Runtime.getRuntime().exec(src); + InputStream in = proc.getInputStream(); + byte[] buf = new byte[count]; + if (offset > 0) + { + in.skip(offset); + } + int len = in.read(buf); + if (len >= 0) + { + pool.addRandomBytes(buf, 0, len); + pool.addQuality(qual * ((double) len / (double) count)); + } + proc.destroy(); + proc.waitFor(); + if (DEBUG) + { + debug("got " + len + " bytes from " + src); + } + } + catch (Exception x) + { + if (DEBUG) + { + debug(x.toString()); + x.printStackTrace(); + } + try + { + if (proc != null) + { + proc.destroy(); + proc.waitFor(); + } + } + catch (Exception ignored) + { + } + } + } + + if (pool.getQuality() >= 100.0 || !running) + { + return; + } + + if (other_it.hasNext()) + { + try + { + EntropySource src = (EntropySource) other_it.next(); + byte[] buf = src.nextBytes(); + if (pool == null) + { + return; + } + pool.addRandomBytes(buf, 0, buf.length); + pool.addQuality(src.quality()); + if (DEBUG) + { + debug("got " + buf.length + " bytes from " + src); + } + } + catch (Exception x) + { + if (DEBUG) + { + debug(x.toString()); + x.printStackTrace(); + } + } + } + } + } + + public void stopUpdating() + { + running = false; + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java b/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java new file mode 100644 index 0000000..6453a9d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/Fortuna.java @@ -0,0 +1,366 @@ +/* Fortuna.java -- The Fortuna PRNG. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Registry; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.prng.RandomEvent; +import gnu.java.security.prng.RandomEventListener; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.io.Serializable; + +import java.security.InvalidKeyException; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Iterator; +import java.util.Map; + +/** + * The Fortuna continuously-seeded pseudo-random number generator. This + * generator is composed of two major pieces: the entropy accumulator + * and the generator function. The former takes in random bits and + * incorporates them into the generator's state. The latter takes this + * base entropy and generates pseudo-random bits from it. + * + *

There are some things users of this class must be aware of: + * + *

+ *
Adding Random Data
+ *
This class does not do any polling of random sources, but rather + * provides an interface for adding random events. Applications that use + * this code must provide this mechanism. We use this design + * because an application writer who knows the system he is targeting + * is in a better position to judge what random data is available.
+ * + *
Storing the Seed
+ *
This class implements {@link Serializable} in such a way that it + * writes a 64 byte seed to the stream, and reads it back again when being + * deserialized. This is the extent of seed file management, however, and + * those using this class are encouraged to think deeply about when, how + * often, and where to store the seed.
+ *
+ * + *

References:

+ * + *
    + *
  • Niels Ferguson and Bruce Schneier, Practical Cryptography, + * pp. 155--184. Wiley Publishing, Indianapolis. (2003 Niels Ferguson and + * Bruce Schneier). ISBN 0-471-22357-3.
    • + *
+ */ +public class Fortuna extends BasePRNG implements Serializable, + RandomEventListener +{ + + private static final long serialVersionUID = 0xFACADE; + + private static final int SEED_FILE_SIZE = 64; + + private static final int NUM_POOLS = 32; + + private static final int MIN_POOL_SIZE = 64; + + private final Generator generator; + + private final IMessageDigest[] pools; + + private long lastReseed; + + private int pool; + + private int pool0Count; + + private int reseedCount; + + public static final String SEED = "gnu.crypto.prng.fortuna.seed"; + + public Fortuna() + { + super(Registry.FORTUNA_PRNG); + generator = new Generator( + CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER), + HashFactory.getInstance(Registry.SHA256_HASH)); + pools = new IMessageDigest[NUM_POOLS]; + for (int i = 0; i < NUM_POOLS; i++) + pools[i] = HashFactory.getInstance(Registry.SHA256_HASH); + lastReseed = 0; + pool = 0; + pool0Count = 0; + buffer = new byte[256]; + } + + public void setup(Map attributes) + { + lastReseed = 0; + reseedCount = 0; + pool = 0; + pool0Count = 0; + generator.init(attributes); + } + + public void fillBlock() throws LimitReachedException + { + if (pool0Count >= MIN_POOL_SIZE + && System.currentTimeMillis() - lastReseed > 100) + { + reseedCount++; + byte[] seed = new byte[0]; + for (int i = 0; i < NUM_POOLS; i++) + { + if (reseedCount % (1 << i) == 0) + generator.addRandomBytes(pools[i].digest()); + } + lastReseed = System.currentTimeMillis(); + pool0Count = 0; + } + generator.nextBytes(buffer); + } + + public void addRandomByte(byte b) + { + pools[pool].update(b); + if (pool == 0) + pool0Count++; + pool = (pool + 1) % NUM_POOLS; + } + + public void addRandomBytes(byte[] buf, int offset, int length) + { + pools[pool].update(buf, offset, length); + if (pool == 0) + pool0Count += length; + pool = (pool + 1) % NUM_POOLS; + } + + public void addRandomEvent(RandomEvent event) + { + if (event.getPoolNumber() < 0 || event.getPoolNumber() >= pools.length) + throw new IllegalArgumentException("pool number out of range: " + + event.getPoolNumber()); + pools[event.getPoolNumber()].update(event.getSourceNumber()); + pools[event.getPoolNumber()].update((byte) event.getData().length); + pools[event.getPoolNumber()].update(event.getData()); + if (event.getPoolNumber() == 0) + pool0Count += event.getData().length; + } + + // Reading and writing this object is equivalent to storing and retrieving + // the seed. + + private void writeObject(ObjectOutputStream out) throws IOException + { + byte[] seed = new byte[SEED_FILE_SIZE]; + try + { + generator.nextBytes(seed); + } + catch (LimitReachedException shouldNeverHappen) + { + throw new Error(shouldNeverHappen); + } + out.write(seed); + } + + private void readObject(ObjectInputStream in) throws IOException + { + byte[] seed = new byte[SEED_FILE_SIZE]; + in.readFully(seed); + generator.addRandomBytes(seed); + } + + /** + * The Fortuna generator function. The generator is a PRNG in its own + * right; Fortuna itself is basically a wrapper around this generator + * that manages reseeding in a secure way. + */ + public static class Generator extends BasePRNG implements Cloneable + { + + private static final int LIMIT = 1 << 20; + + private final IBlockCipher cipher; + + private final IMessageDigest hash; + + private final byte[] counter; + + private final byte[] key; + + private boolean seeded; + + public Generator(final IBlockCipher cipher, final IMessageDigest hash) + { + super(Registry.FORTUNA_GENERATOR_PRNG); + this.cipher = cipher; + this.hash = hash; + counter = new byte[cipher.defaultBlockSize()]; + buffer = new byte[cipher.defaultBlockSize()]; + int keysize = 0; + for (Iterator it = cipher.keySizes(); it.hasNext();) + { + int ks = ((Integer) it.next()).intValue(); + if (ks > keysize) + keysize = ks; + if (keysize >= 32) + break; + } + key = new byte[keysize]; + } + + public byte nextByte() + { + byte[] b = new byte[1]; + nextBytes(b, 0, 1); + return b[0]; + } + + public void nextBytes(byte[] out, int offset, int length) + { + if (!seeded) + throw new IllegalStateException("generator not seeded"); + + int count = 0; + do + { + int amount = Math.min(LIMIT, length - count); + try + { + super.nextBytes(out, offset + count, amount); + } + catch (LimitReachedException shouldNeverHappen) + { + throw new Error(shouldNeverHappen); + } + count += amount; + + for (int i = 0; i < key.length; i += counter.length) + { + fillBlock(); + int l = Math.min(key.length - i, cipher.currentBlockSize()); + System.arraycopy(buffer, 0, key, i, l); + } + resetKey(); + } + while (count < length); + fillBlock(); + ndx = 0; + } + + public void addRandomByte(byte b) + { + addRandomBytes(new byte[] { b }); + } + + public void addRandomBytes(byte[] seed, int offset, int length) + { + hash.update(key); + hash.update(seed, offset, length); + byte[] newkey = hash.digest(); + System.arraycopy(newkey, 0, key, 0, Math.min(key.length, newkey.length)); + resetKey(); + incrementCounter(); + seeded = true; + } + + public void fillBlock() + { + if (!seeded) + throw new IllegalStateException("generator not seeded"); + cipher.encryptBlock(counter, 0, buffer, 0); + incrementCounter(); + } + + public void setup(Map attributes) + { + seeded = false; + Arrays.fill(key, (byte) 0); + Arrays.fill(counter, (byte) 0); + byte[] seed = (byte[]) attributes.get(SEED); + if (seed != null) + addRandomBytes(seed); + } + + /** + * Resets the cipher's key. This is done after every reseed, which + * combines the old key and the seed, and processes that throigh the + * hash function. + */ + private void resetKey() + { + try + { + cipher.reset(); + cipher.init(Collections.singletonMap(IBlockCipher.KEY_MATERIAL, key)); + } + // We expect to never get an exception here. + catch (InvalidKeyException ike) + { + throw new Error(ike); + } + catch (IllegalArgumentException iae) + { + throw new Error(iae); + } + } + + /** + * Increment `counter' as a sixteen-byte little-endian unsigned integer + * by one. + */ + private void incrementCounter() + { + for (int i = 0; i < counter.length; i++) + { + counter[i]++; + if (counter[i] != 0) + break; + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java b/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java new file mode 100644 index 0000000..0de38e2 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/ICMGenerator.java @@ -0,0 +1,379 @@ +/* ICMGenerator.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Registry; +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.LimitReachedException; + +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.cipher.CipherFactory; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +/** + *

Counter Mode is a way to define a pseudorandom keystream generator using + * a block cipher. The keystream can be used for additive encryption, key + * derivation, or any other application requiring pseudorandom data.

+ * + *

In ICM, the keystream is logically broken into segments. Each segment is + * identified with a segment index, and the segments have equal lengths. This + * segmentation makes ICM especially appropriate for securing packet-based + * protocols.

+ * + *

This implementation adheres to the definition of the ICM keystream + * generation function that allows for any symetric key block cipher algorithm + * (initialisation parameter gnu.crypto.prng.icm.cipher.name taken + * to be an instance of {@link java.lang.String}) to be used. If such a + * parameter is not defined/included in the initialisation Map, + * then the "Rijndael" algorithm is used. Furthermore, if the initialisation + * parameter gnu.crypto.cipher.block.size (taken to be a instance + * of {@link java.lang.Integer}) is missing or undefined in the initialisation + * Map, then the cipher's default block size is used.

+ * + *

The practical limits and constraints of such generator are:

+ *
    + *
  • The number of blocks in any segment MUST NOT exceed + * 256 ** BLOCK_INDEX_LENGTH. The number of segments MUST NOT + * exceed 256 ** SEGMENT_INDEX_LENGTH. These restrictions ensure + * the uniqueness of each block cipher input.
    • + * + *
  • Each segment contains SEGMENT_LENGTH octets; this value + * MUST NOT exceed the value (256 ** BLOCK_INDEX_LENGTH) * + * BLOCK_LENGTH.
    • + * + *
  • The sum of SEGMENT_INDEX_LENGTH and + * BLOCK_INDEX_LENGTH MUST NOT exceed BLOCK_LENGTH + * / 2. This requirement protects the ICM keystream generator from + * potentially failing to be pseudorandom.
    • + *
+ * + *

NOTE: Rijndael is used as the default symmetric key block cipher + * algorithm because, with its default block and key sizes, it is the AES. Yet + * being Rijndael, the algorithm offers more versatile block and key sizes which + * may prove to be useful for generating longer key streams.

+ * + *

References:

+ * + *
    + *
  1. + * Integer Counter Mode, David A. McGrew.
    2. + *
+ * + * @version $Revision: 1.1 $ + */ +public class ICMGenerator extends BasePRNG implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Property name of underlying block cipher for this ICM generator. */ + public static final String CIPHER = "gnu.crypto.prng.icm.cipher.name"; + + /** Property name of ICM's block index length. */ + public static final String BLOCK_INDEX_LENGTH = "gnu.crypto.prng.icm.block.index.length"; + + /** Property name of ICM's segment index length. */ + public static final String SEGMENT_INDEX_LENGTH = "gnu.crypto.prng.icm.segment.index.length"; + + /** Property name of ICM's offset. */ + public static final String OFFSET = "gnu.crypto.prng.icm.offset"; + + /** Property name of ICM's segment index. */ + public static final String SEGMENT_INDEX = "gnu.crypto.prng.icm.segment.index"; + + /** The integer value 256 as a BigInteger. */ + private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256"); + + /** The underlying cipher implementation. */ + private IBlockCipher cipher; + + /** This keystream block index length in bytes. */ + private int blockNdxLength = -1; + + /** This keystream segment index length in bytes. */ + private int segmentNdxLength = -1; + + /** The index of the next block for a given keystream segment. */ + private BigInteger blockNdx = BigInteger.ZERO; + + /** The segment index for this keystream. */ + private BigInteger segmentNdx; + + /** The initial counter for a given keystream segment. */ + private BigInteger C0; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public ICMGenerator() + { + super(Registry.ICM_PRNG); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BasePRNG -------------------------- + + // Conceptually, ICM is a keystream generator that takes a secret key + // and a segment index as an input and then outputs a keystream + // segment. The segmentation lends itself to packet encryption, as + // each keystream segment can be used to encrypt a distinct packet. + // + // An ICM key consists of the block cipher key and an Offset. The + // Offset is an integer with BLOCK_LENGTH octets... + // + public void setup(Map attributes) + { + // find out which cipher algorithm to use + boolean newCipher = true; + String underlyingCipher = (String) attributes.get(CIPHER); + if (underlyingCipher == null) + { + if (cipher == null) + { // happy birthday + // ensure we have a reliable implementation of this cipher + cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER); + } + else + { // we already have one. use it as is + newCipher = false; + } + } + else + { // ensure we have a reliable implementation of this cipher + cipher = CipherFactory.getInstance(underlyingCipher); + } + + // find out what block size we should use it in + int cipherBlockSize = 0; + Integer bs = (Integer) attributes.get(IBlockCipher.CIPHER_BLOCK_SIZE); + if (bs != null) + { + cipherBlockSize = bs.intValue(); + } + else + { + if (newCipher) + { // assume we'll use its default block size + cipherBlockSize = cipher.defaultBlockSize(); + } // else use as is + } + + // get the key material + byte[] key = (byte[]) attributes.get(IBlockCipher.KEY_MATERIAL); + if (key == null) + { + throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL); + } + + // now initialise the cipher + HashMap map = new HashMap(); + if (cipherBlockSize != 0) + { // only needed if new or changed + map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize)); + } + map.put(IBlockCipher.KEY_MATERIAL, key); + try + { + cipher.init(map); + } + catch (InvalidKeyException x) + { + throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL); + } + + // at this point we have an initialised (new or otherwise) cipher + // ensure that remaining params make sense + + cipherBlockSize = cipher.currentBlockSize(); + BigInteger counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize); + + // offset, like the underlying cipher key is not cloneable + // always look for it and throw an exception if it's not there + Object obj = attributes.get(OFFSET); + // allow either a byte[] or a BigInteger + BigInteger r; + if (obj instanceof BigInteger) + { + r = (BigInteger) obj; + } + else + { // assume byte[]. should be same length as cipher block size + byte[] offset = (byte[]) obj; + if (offset.length != cipherBlockSize) + { + throw new IllegalArgumentException(OFFSET); + } + + r = new BigInteger(1, offset); + } + + int wantBlockNdxLength = -1; // number of octets in the block index + Integer i = (Integer) attributes.get(BLOCK_INDEX_LENGTH); + if (i != null) + { + wantBlockNdxLength = i.intValue(); + if (wantBlockNdxLength < 1) + { + throw new IllegalArgumentException(BLOCK_INDEX_LENGTH); + } + } + + int wantSegmentNdxLength = -1; // number of octets in the segment index + i = (Integer) attributes.get(SEGMENT_INDEX_LENGTH); + if (i != null) + { + wantSegmentNdxLength = i.intValue(); + if (wantSegmentNdxLength < 1) + { + throw new IllegalArgumentException(SEGMENT_INDEX_LENGTH); + } + } + + // if both are undefined check if it's a reuse + if ((wantBlockNdxLength == -1) && (wantSegmentNdxLength == -1)) + { + if (blockNdxLength == -1) + { // new instance + throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", " + + SEGMENT_INDEX_LENGTH); + } // else reuse old values + } + else + { // only one is undefined, set it to BLOCK_LENGTH/2 minus the other + int limit = cipherBlockSize / 2; + if (wantBlockNdxLength == -1) + { + wantBlockNdxLength = limit - wantSegmentNdxLength; + } + else if (wantSegmentNdxLength == -1) + { + wantSegmentNdxLength = limit - wantBlockNdxLength; + } + else if ((wantSegmentNdxLength + wantBlockNdxLength) > limit) + { + throw new IllegalArgumentException(BLOCK_INDEX_LENGTH + ", " + + SEGMENT_INDEX_LENGTH); + } + // save new values + blockNdxLength = wantBlockNdxLength; + segmentNdxLength = wantSegmentNdxLength; + } + + // get the segment index as a BigInteger + BigInteger s = (BigInteger) attributes.get(SEGMENT_INDEX); + if (s == null) + { + if (segmentNdx == null) + { // segment index was never set + throw new IllegalArgumentException(SEGMENT_INDEX); + } + // reuse; check if still valid + if (segmentNdx.compareTo(TWO_FIFTY_SIX.pow(segmentNdxLength)) > 0) + { + throw new IllegalArgumentException(SEGMENT_INDEX); + } + } + else + { + if (s.compareTo(TWO_FIFTY_SIX.pow(segmentNdxLength)) > 0) + { + throw new IllegalArgumentException(SEGMENT_INDEX); + } + segmentNdx = s; + } + + // The initial counter of the keystream segment with segment index s is + // defined as follows, where r denotes the Offset: + // + // C[0] = (s * (256^BLOCK_INDEX_LENGTH) + r) modulo (256^BLOCK_LENGTH) + // + C0 = segmentNdx.multiply(TWO_FIFTY_SIX.pow(blockNdxLength)).add(r).modPow( + BigInteger.ONE, + counterRange); + } + + public void fillBlock() throws LimitReachedException + { + if (C0 == null) + { + throw new IllegalStateException(); + } + if (blockNdx.compareTo(TWO_FIFTY_SIX.pow(blockNdxLength)) >= 0) + { + throw new LimitReachedException(); + } + + int cipherBlockSize = cipher.currentBlockSize(); + BigInteger counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize); + + // encrypt the counter for the current blockNdx + // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH). + + BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange); + buffer = Ci.toByteArray(); + int limit = buffer.length; + if (limit < cipherBlockSize) + { + byte[] data = new byte[cipherBlockSize]; + System.arraycopy(buffer, 0, data, cipherBlockSize - limit, limit); + buffer = data; + } + else if (limit > cipherBlockSize) + { + byte[] data = new byte[cipherBlockSize]; + System.arraycopy(buffer, limit - cipherBlockSize, data, 0, + cipherBlockSize); + buffer = data; + } + + cipher.encryptBlock(buffer, 0, buffer, 0); + blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/IPBE.java b/libjava/classpath/gnu/javax/crypto/prng/IPBE.java new file mode 100644 index 0000000..531e7ea --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/IPBE.java @@ -0,0 +1,69 @@ +/* IPBE.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +/** + *

Trivial interface to group Password-based encryption property names.

+ * + * @version $Revision: 1.1 $ + */ +public interface IPBE +{ + + // Constants + // ------------------------------------------------------------------------- + + /** + * Property name for the iteration count in a PBE algorithm. The property + * associated with this is expected to be an {@link Integer}. + */ + public static final String ITERATION_COUNT = "gnu.crypto.pbe.iteration.count"; + + /** + * Property name for the password in a PBE algorithm. The property associated + * with this is expected to be a char array. + */ + public static final String PASSWORD = "gnu.crypto.pbe.password"; + + /** + * Property name for the salt in a PBE algorithm. The property associated + * with this is expected to be a byte array. + */ + public static final String SALT = "gnu.crypto.pbe.salt"; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java b/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java new file mode 100644 index 0000000..5146bd4 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/PBKDF2.java @@ -0,0 +1,216 @@ +/* PBKDF2.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.mac.HMac; +import gnu.javax.crypto.mac.IMac; + +import java.io.UnsupportedEncodingException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +/** + *

An implementation of the key derivation function KDF2 from PKCS #5: + * Password-Based Cryptography (PBE). This KDF is essentially a way to + * transform a password and a salt into a stream of random bytes, which may then + * be used to initialize a cipher or a MAC.

+ * + *

This version uses a MAC as its pseudo-random function, and the password is + * used as the key.

+ * + *

References:

+ *
    + *
  1. B. Kaliski, RFC 2898: + * Password-Based Cryptography Specification, Version 2.0
    2. + *
+ * + * @version $Revision: 1.1 $ + */ +public class PBKDF2 extends BasePRNG implements Cloneable +{ + + // Contstants and variables + // ------------------------------------------------------------------------- + + /** + * The bytes fed into the MAC. This is initially the concatenation of the + * salt and the block number. + */ + private byte[] in; + + /** The iteration count. */ + private int iterationCount; + + /** The salt. */ + private byte[] salt; + + /** The MAC (the pseudo-random function we use). */ + private IMac mac; + + /** The number of hLen-sized blocks generated. */ + private long count; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Creates a new PBKDF2 object. The argument is the MAC that will serve as + * the pseudo-random function. The MAC does not need to be initialized.

+ * + * @param mac The pseudo-random function. + */ + public PBKDF2(IMac mac) + { + super("PBKDF2-" + mac.name()); + this.mac = mac; + iterationCount = -1; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public void setup(Map attributes) + { + Map macAttrib = new HashMap(); + macAttrib.put(HMac.USE_WITH_PKCS5_V2, Boolean.TRUE); + + byte[] s = (byte[]) attributes.get(IPBE.SALT); + if (s == null) + { + if (salt == null) + { + throw new IllegalArgumentException("no salt specified"); + } // Otherwise re-use. + } + else + { + salt = s; + } + + char[] password = (char[]) attributes.get(IPBE.PASSWORD); + if (password != null) + { + try + { + macAttrib.put(IMac.MAC_KEY_MATERIAL, + new String(password).getBytes("UTF-8")); + } + catch (UnsupportedEncodingException uee) + { + throw new Error(uee.getMessage()); + } + } + else if (!initialised) + { + throw new IllegalArgumentException("no password specified"); + } // otherwise re-use previous password. + + try + { + mac.init(macAttrib); + } + catch (Exception x) + { + throw new IllegalArgumentException(x.getMessage()); + } + + Integer ic = (Integer) attributes.get(IPBE.ITERATION_COUNT); + if (ic != null) + { + iterationCount = ic.intValue(); + } + if (iterationCount <= 0) + { + throw new IllegalArgumentException("bad iteration count"); + } + + count = 0L; + buffer = new byte[mac.macSize()]; + try + { + fillBlock(); + // } catch (Exception x) { + } + catch (LimitReachedException x) + { + // x.printStackTrace(System.err); + throw new Error(x.getMessage()); + } + } + + public void fillBlock() throws LimitReachedException + { + if (++count > ((1L << 32) - 1)) + { + throw new LimitReachedException(); + } + // for (int i = 0; i < buffer.length; i++) { + // buffer[i] = 0; + // } + Arrays.fill(buffer, (byte) 0x00); + int limit = salt.length; + // in = new byte[salt.length + 4]; + in = new byte[limit + 4]; + System.arraycopy(salt, 0, in, 0, salt.length); + // in[salt.length ] = (byte)(count >>> 24); + // in[salt.length+1] = (byte)(count >>> 16); + // in[salt.length+2] = (byte)(count >>> 8); + // in[salt.length+3] = (byte) count; + in[limit++] = (byte) (count >>> 24); + in[limit++] = (byte) (count >>> 16); + in[limit++] = (byte) (count >>> 8); + in[limit] = (byte) count; + for (int i = 0; i < iterationCount; i++) + { + mac.reset(); + mac.update(in, 0, in.length); + in = mac.digest(); + for (int j = 0; j < buffer.length; j++) + { + buffer[j] ^= in[j]; + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java b/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java new file mode 100644 index 0000000..9ff6558 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/PRNGFactory.java @@ -0,0 +1,143 @@ +/* PRNGFactory.java -- + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Registry; +import gnu.java.security.prng.IRandom; + + +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mac.HMacFactory; + +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +/** + *

A Factory to instantiate pseudo random number generators.

+ */ +public class PRNGFactory implements Registry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private PRNGFactory() + { + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a padding algorithm given its name.

+ * + * @param prng the case-insensitive name of the PRNG. + * @return an instance of the pseudo-random number generator. + * @exception InternalError if the implementation does not pass its self- + * test. + */ + public static IRandom getInstance(String prng) + { + if (prng == null) + { + return null; + } + + prng = prng.trim(); + IRandom result = null; + if (prng.equalsIgnoreCase(ARCFOUR_PRNG) || prng.equalsIgnoreCase(RC4_PRNG)) + { + result = new ARCFour(); + } + else if (prng.equalsIgnoreCase(ICM_PRNG)) + { + result = new ICMGenerator(); + } + else if (prng.equalsIgnoreCase(UMAC_PRNG)) + { + result = new UMacGenerator(); + } + else if (prng.toLowerCase().startsWith(PBKDF2_PRNG_PREFIX)) + { + String macName = prng.substring(PBKDF2_PRNG_PREFIX.length()); + IMac mac = MacFactory.getInstance(macName); + if (mac == null) + { + return null; + } + result = new PBKDF2(mac); + } + + if (result != null) + return result; + + return gnu.java.security.prng.PRNGFactory.getInstance (prng); + } + + /** + *

Returns a {@link Set} of names of padding algorithms supported by this + * Factory.

+ * + * @return a {@link Set} of pseudo-random number generator algorithm names + * (Strings). + */ + public static Set getNames() + { + HashSet hs = new HashSet (gnu.java.security.prng.PRNGFactory.getNames ()); + hs.add(ICM_PRNG); + hs.add(UMAC_PRNG); + // add all hmac implementations as candidate PBKDF2 ones too + for (Iterator it = HMacFactory.getNames().iterator(); it.hasNext();) + { + hs.add(PBKDF2_PRNG_PREFIX + ((String) it.next())); + } + + return Collections.unmodifiableSet(hs); + } + + // Instance methods + // ------------------------------------------------------------------------- +} diff --git a/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java b/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java new file mode 100644 index 0000000..0e3725c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/prng/UMacGenerator.java @@ -0,0 +1,228 @@ +/* UMacGenerator.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.prng; + +import gnu.java.security.Registry; +import gnu.java.security.prng.BasePRNG; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.security.InvalidKeyException; + +/** + *

KDFs (Key Derivation Functions) are used to stretch user-supplied + * key material to specific size(s) required by high level cryptographic + * primitives. Described in the UMAC + * paper, this function basically operates an underlying symmetric key block + * cipher instance in output feedback mode (OFB), as a strong + * pseudo-random number generator.

+ * + *

UMacGenerator requires an index parameter + * (initialisation parameter gnu.crypto.prng.umac.kdf.index taken + * to be an instance of {@link java.lang.Integer} with a value between + * 0 and 255). Using the same key, but different + * indices, generates different pseudorandom outputs.

+ * + *

This implementation generalises the definition of the + * UmacGenerator algorithm to allow for other than the AES symetric + * key block cipher algorithm (initialisation parameter + * gnu.crypto.prng.umac.cipher.name taken to be an instance of + * {@link java.lang.String}). If such a parameter is not defined/included in the + * initialisation Map, then the "Rijndael" algorithm is used. + * Furthermore, if the initialisation parameter + * gnu.crypto.cipher.block.size (taken to be a instance of {@link + * java.lang.Integer}) is missing or undefined in the initialisation Map + * , then the cipher's default block size is used.

+ * + *

NOTE: Rijndael is used as the default symmetric key block cipher + * algorithm because, with its default block and key sizes, it is the AES. Yet + * being Rijndael, the algorithm offers more versatile block and key sizes which + * may prove to be useful for generating "longer" key streams.

+ * + *

References:

+ * + *
    + *
  1. + * UMAC: Message Authentication Code using Universal Hashing.
    + * T. Krovetz, J. Black, S. Halevi, A. Hevia, H. Krawczyk, and P. Rogaway.
    2. + *
+ */ +public class UMacGenerator extends BasePRNG implements Cloneable +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + *

Property name of the KDF index value to use in this + * instance. The value is taken to be an {@link Integer} less than + * 256.

+ */ + public static final String INDEX = "gnu.crypto.prng.umac.index"; + + /** The name of the underlying symmetric key block cipher algorithm. */ + public static final String CIPHER = "gnu.crypto.prng.umac.cipher.name"; + + /** The generator's underlying block cipher. */ + private IBlockCipher cipher; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial 0-arguments constructor. */ + public UMacGenerator() + { + super(Registry.UMAC_PRNG); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Implementation of abstract methods in BasePRNG -------------------------- + + public void setup(Map attributes) + { + boolean newCipher = true; + String cipherName = (String) attributes.get(CIPHER); + if (cipherName == null) + { + if (cipher == null) + { // happy birthday + cipher = CipherFactory.getInstance(Registry.RIJNDAEL_CIPHER); + } + else + { // we already have one. use it as is + newCipher = false; + } + } + else + { + cipher = CipherFactory.getInstance(cipherName); + } + + // find out what block size we should use it in + int cipherBlockSize = 0; + Integer bs = (Integer) attributes.get(IBlockCipher.CIPHER_BLOCK_SIZE); + if (bs != null) + { + cipherBlockSize = bs.intValue(); + } + else + { + if (newCipher) + { // assume we'll use its default block size + cipherBlockSize = cipher.defaultBlockSize(); + } // else use as is + } + + // get the key material + byte[] key = (byte[]) attributes.get(IBlockCipher.KEY_MATERIAL); + if (key == null) + { + throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL); + } + + int keyLength = key.length; + // ensure that keyLength is valid for the chosen underlying cipher + boolean ok = false; + for (Iterator it = cipher.keySizes(); it.hasNext();) + { + ok = (keyLength == ((Integer) it.next()).intValue()); + if (ok) + { + break; + } + } + if (!ok) + { + throw new IllegalArgumentException("key length"); + } + + // ensure that remaining params make sense + int index = -1; + Integer i = (Integer) attributes.get(INDEX); + if (i != null) + { + index = i.intValue(); + if (index < 0 || index > 255) + { + throw new IllegalArgumentException(INDEX); + } + } + + // now initialise the underlying cipher + Map map = new HashMap(); + if (cipherBlockSize != 0) + { // only needed if new or changed + map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize)); + } + map.put(IBlockCipher.KEY_MATERIAL, key); + try + { + cipher.init(map); + } + catch (InvalidKeyException x) + { + throw new IllegalArgumentException(IBlockCipher.KEY_MATERIAL); + } + + buffer = new byte[cipher.currentBlockSize()]; + buffer[cipher.currentBlockSize() - 1] = (byte) index; + try + { + fillBlock(); + } + catch (LimitReachedException impossible) + { + } + } + + public void fillBlock() throws LimitReachedException + { + cipher.encryptBlock(buffer, 0, buffer, 0); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java new file mode 100644 index 0000000..1e94255 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfo.java @@ -0,0 +1,143 @@ +/* AuthInfo.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.StringTokenizer; + +/** + * A static class for creating {@link IAuthInfoProvider} providers. It + * transparently locates and uses any provider instances, based on the value + * assigned to the System property with the key + * gnu.crypto.sasl.auth.info.provider.pkgs. If more than one is + * specified they SHOULD be separated with a vertical bar character. Please note + * that the GNU provider is always added last to the list, disregarding whether + * it was mentioned or not in the value of that property, or if it that property + * was not defined. + */ +public class AuthInfo +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final ArrayList factories = new ArrayList(); + static + { + IAuthInfoProviderFactory ours = new AuthInfoProviderFactory(); + // if SASL_AUTH_INFO_PROVIDER_PKGS is defined then parse it + String clazz; + String pkgs = System.getProperty(Registry.SASL_AUTH_INFO_PROVIDER_PKGS, + null); + if (pkgs != null) + { + for (StringTokenizer st = new StringTokenizer(pkgs, "|"); st.hasMoreTokens();) + { + clazz = st.nextToken(); + if (!"gnu.crypto.sasl".equals(clazz)) + { + clazz += ".AuthInfoProviderFactory"; + try + { + IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) Class.forName( + clazz).newInstance(); + factories.add(factory); + } + catch (ClassCastException ignored) + { + } + catch (ClassNotFoundException ignored) + { + } + catch (InstantiationException ignored) + { + } + catch (IllegalAccessException ignored) + { + } + } + } + } + // always add ours last; unless it's already there + if (!factories.contains(ours)) + { + factories.add(ours); + } + } + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial constructor to enforce Singleton pattern. */ + private AuthInfo() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + * A convenience method to return the authentication information provider + * for a designated SASL mechnanism. It goes through all the installed + * provider factories, one at a time, and attempts to return a new instance + * of the provider for the designated mechanism. It stops at the first + * factory returning a non-null provider. + * + * @param mechanism the name of a SASL mechanism. + * @return an implementation that provides {@link IAuthInfoProvider} for that + * mechanism; or null if none found. + */ + public static IAuthInfoProvider getProvider(String mechanism) + { + for (Iterator it = factories.iterator(); it.hasNext();) + { + IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) it.next(); + IAuthInfoProvider result = factory.getInstance(mechanism); + if (result != null) + { + return result; + } + } + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java new file mode 100644 index 0000000..6ba5fc5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java @@ -0,0 +1,89 @@ +/* AuthInfoProviderFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.crammd5.CramMD5AuthInfoProvider; +import gnu.javax.crypto.sasl.plain.PlainAuthInfoProvider; +import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider; + +/** + * The concrete SASL authentication information provider factory. + */ +public class AuthInfoProviderFactory implements IAuthInfoProviderFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-args constructor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IAuthInfoProviderFactory interface implementation ----------------------- + + public IAuthInfoProvider getInstance(String mechanism) + { + if (mechanism == null) + { + return null; + } + mechanism = mechanism.trim().toUpperCase(); + if (mechanism.startsWith(Registry.SASL_SRP_MECHANISM)) + { + return new SRPAuthInfoProvider(); + } + if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) + { + return new CramMD5AuthInfoProvider(); + } + if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) + { + return new PlainAuthInfoProvider(); + } + return null; + } +} diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java new file mode 100644 index 0000000..ef18463 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/ClientFactory.java @@ -0,0 +1,210 @@ +/* ClientFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.anonymous.AnonymousClient; +import gnu.javax.crypto.sasl.crammd5.CramMD5Client; +import gnu.javax.crypto.sasl.plain.PlainClient; +import gnu.javax.crypto.sasl.srp.SRPClient; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.HashMap; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslClientFactory; +import javax.security.sasl.SaslException; + +/** + * The implementation of {@link SaslClientFactory}. + */ +public class ClientFactory implements SaslClientFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + public static final Set getNames() + { + return Collections.unmodifiableSet(new HashSet( + Arrays.asList(getNamesInternal(null)))); + } + + private static final String[] getNamesInternal(Map props) + { + String[] all = new String[] { Registry.SASL_SRP_MECHANISM, + Registry.SASL_CRAM_MD5_MECHANISM, + Registry.SASL_PLAIN_MECHANISM, + Registry.SASL_ANONYMOUS_MECHANISM }; + + if (props == null) + { + return all; + } + if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) + { + return new String[0]; + } + + List result = new ArrayList(all.length); + ; + for (int i = 0; i < all.length;) + { + result.add(all[i++]); + } + + if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props)) + { + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NOACTIVE, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NODICTIONARY, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NOANONYMOUS, props)) + { + result.remove(Registry.SASL_ANONYMOUS_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_FORWARD_SECRECY, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_ANONYMOUS_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + return (String[]) result.toArray(new String[0]); + } + + public static final ClientMechanism getInstance(String mechanism) + { + if (mechanism == null) + { + return null; + } + mechanism = mechanism.trim().toUpperCase(); + if (mechanism.equals(Registry.SASL_SRP_MECHANISM)) + { + return new SRPClient(); + } + if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) + { + return new CramMD5Client(); + } + if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) + { + return new PlainClient(); + } + if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM)) + { + return new AnonymousClient(); + } + return null; + } + + // Instance methods + // ------------------------------------------------------------------------- + + public SaslClient createSaslClient(String[] mechanisms, + String authorisationID, String protocol, + String serverName, Map props, + CallbackHandler cbh) throws SaslException + { + ClientMechanism result = null; + String mechanism; + for (int i = 0; i < mechanisms.length; i++) + { + mechanism = mechanisms[i]; + result = getInstance(mechanism); + if (result != null) + { + break; + } + } + + if (result != null) + { + HashMap attributes = new HashMap(); + if (props != null) + { + attributes.putAll(props); + } + attributes.put(Registry.SASL_AUTHORISATION_ID, authorisationID); + attributes.put(Registry.SASL_PROTOCOL, protocol); + attributes.put(Registry.SASL_SERVER_NAME, serverName); + attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh); + + result.init(attributes); + return result; + } + + throw new SaslException( + "No supported mechanism found in given mechanism list"); + } + + public String[] getMechanismNames(Map props) + { + return getNamesInternal(props); + } + + private static boolean hasPolicy(String propertyName, Map props) + { + return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName))); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java b/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java new file mode 100644 index 0000000..45873ae --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/ClientMechanism.java @@ -0,0 +1,365 @@ +/* ClientMechanism.java -- + Copyright (C) 2003, 2005, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; + +import java.util.HashMap; +import java.util.Map; +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslException; + +/** + *

A base class to facilitate implementing SASL client-side mechanisms.

+ */ +public abstract class ClientMechanism implements SaslClient +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Name of this mechanism. */ + protected String mechanism; + + /** The authorisation identity. */ + protected String authorizationID; + + /** Name of protocol using this mechanism. */ + protected String protocol; + + /** Name of server to authenticate to. */ + protected String serverName; + + /** Properties of qualities desired for this mechanism. */ + protected Map properties; + + /** Callback handler to use with this mechanism instance. */ + protected CallbackHandler handler; + + /** Channel binding data to use with this mechanism instance. */ + protected byte[] channelBinding; + + /** Whether authentication phase is completed (true) or not (false). */ + protected boolean complete = false; + + /** The state of the authentication automaton. */ + protected int state = -1; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected ClientMechanism(final String mechanism) + { + super(); + + this.mechanism = mechanism; + this.state = -1; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods to be implemented by concrete subclasses --------------- + + protected abstract void initMechanism() throws SaslException; + + protected abstract void resetMechanism() throws SaslException; + + // javax.security.sasl.SaslClient interface implementation ----------------- + + public abstract byte[] evaluateChallenge(byte[] challenge) + throws SaslException; + + public abstract boolean hasInitialResponse(); + + public boolean isComplete() + { + return complete; + } + + public byte[] unwrap(final byte[] incoming, final int offset, final int len) + throws SaslException + { + if (!isComplete()) + { + throw new IllegalMechanismStateException(); + } + return this.engineUnwrap(incoming, offset, len); + } + + public byte[] wrap(final byte[] outgoing, final int offset, final int len) + throws SaslException + { + if (!isComplete()) + { + throw new IllegalMechanismStateException(); + } + return this.engineWrap(outgoing, offset, len); + } + + public String getMechanismName() + { + return mechanism; + } + + public Object getNegotiatedProperty(final String propName) + { + if (!isComplete()) + { + throw new IllegalStateException(); + } + if (Sasl.QOP.equals(propName)) + { + return getNegotiatedQOP(); + } + if (Sasl.STRENGTH.equals(propName)) + { + return getNegotiatedStrength(); + } + if (Sasl.SERVER_AUTH.equals(propName)) + { + return getNegotiatedServerAuth(); + } + if (Sasl.MAX_BUFFER.equals(propName)) + { + return getNegotiatedMaxBuffer(); + } + if (Sasl.RAW_SEND_SIZE.equals(propName)) + { + return getNegotiatedRawSendSize(); + } + if (Sasl.POLICY_NOPLAINTEXT.equals(propName)) + { + return getNegotiatedPolicyNoPlainText(); + } + if (Sasl.POLICY_NOACTIVE.equals(propName)) + { + return getNegotiatedPolicyNoActive(); + } + if (Sasl.POLICY_NODICTIONARY.equals(propName)) + { + return getNegotiatedPolicyNoDictionary(); + } + if (Sasl.POLICY_NOANONYMOUS.equals(propName)) + { + return getNegotiatedPolicyNoAnonymous(); + } + if (Sasl.POLICY_FORWARD_SECRECY.equals(propName)) + { + return getNegotiatedPolicyForwardSecrecy(); + } + if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName)) + { + return getNegotiatedPolicyPassCredentials(); + } + if (Sasl.REUSE.equals(propName)) + { + return getReuse(); + } + return null; + } + + public void dispose() throws SaslException + { + } + + // other Instance methods -------------------------------------------------- + + public String getAuthorizationID() + { + return authorizationID; + } + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } + + protected String getNegotiatedStrength() + { + return Registry.STRENGTH_LOW; + } + + protected String getNegotiatedServerAuth() + { + return Registry.SERVER_AUTH_FALSE; + } + + protected String getNegotiatedMaxBuffer() + { + return null; + } + + protected String getNegotiatedRawSendSize() + { + return String.valueOf(Registry.SASL_BUFFER_MAX_LIMIT); + } + + protected String getNegotiatedPolicyNoPlainText() + { + return null; + } + + protected String getNegotiatedPolicyNoActive() + { + return null; + } + + protected String getNegotiatedPolicyNoDictionary() + { + return null; + } + + protected String getNegotiatedPolicyNoAnonymous() + { + return null; + } + + protected String getNegotiatedPolicyForwardSecrecy() + { + return null; + } + + protected String getNegotiatedPolicyPassCredentials() + { + return null; + } + + protected String getReuse() + { + return Registry.REUSE_FALSE; + } + + protected byte[] engineUnwrap(final byte[] incoming, final int offset, + final int len) throws SaslException + { + final byte[] result = new byte[len]; + System.arraycopy(incoming, offset, result, 0, len); + return result; + } + + protected byte[] engineWrap(final byte[] outgoing, final int offset, + final int len) throws SaslException + { + final byte[] result = new byte[len]; + System.arraycopy(outgoing, offset, result, 0, len); + return result; + } + + /** + *

Initialises the mechanism with designated attributes. Permissible names + * and values are mechanism specific.

+ * + * @param attributes a set of name-value pairs that describes the desired + * future behaviour of this instance. + * @throws IllegalMechanismStateException if the instance is already + * initialised. + * @throws SaslException if an exception occurs during the process. + */ + public void init(final Map attributes) throws SaslException + { + if (state != -1) + { + throw new IllegalMechanismStateException("init()"); + } + + if (properties == null) + { + properties = new HashMap(); + } + else + { + properties.clear(); + } + if (attributes != null) + { + authorizationID = (String) attributes.get(Registry.SASL_AUTHORISATION_ID); + protocol = (String) attributes.get(Registry.SASL_PROTOCOL); + serverName = (String) attributes.get(Registry.SASL_SERVER_NAME); + handler = (CallbackHandler) attributes.get(Registry.SASL_CALLBACK_HANDLER); + channelBinding = (byte[]) attributes.get(Registry.SASL_CHANNEL_BINDING); + properties.putAll(attributes); + } + else + { + handler = null; + } + + if (authorizationID == null) + { + authorizationID = ""; + } + if (protocol == null) + { + protocol = ""; + } + if (serverName == null) + { + serverName = ""; + } + if (channelBinding == null) + { + channelBinding = new byte[0]; + } + initMechanism(); + complete = false; + state = 0; + } + + /** + *

Resets the mechanism instance for re-initialisation and use with other + * characteristics.

+ * + * @throws SaslException if an exception occurs during the process. + */ + public void reset() throws SaslException + { + resetMechanism(); + properties.clear(); + authorizationID = protocol = serverName = null; + channelBinding = null; + complete = false; + state = -1; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java b/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java new file mode 100644 index 0000000..561827d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/ConfidentialityException.java @@ -0,0 +1,84 @@ +/* ConfidentialityException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.SaslException; + +/** + * Used by mechanisms that offer a security services layer, this checked + * exception is thrown to indicate that a violation has occured during the + * processing of a confidentiality protection filter. + * + * @version $Revision: 1.1 $ + */ +public class ConfidentialityException extends SaslException +{ + + /** + * Constructs a new instance of ConfidentialityException with no + * detail message. + */ + public ConfidentialityException() + { + super(); + } + + /** + * Constructs a new instance of ConfidentialityException with + * the specified detail message. + * + * @param s the detail message. + */ + public ConfidentialityException(String s) + { + super(s); + } + + /** + * Constructs a new instance of ConfidentialityException with a + * detailed message and a root exception. + * + * @param s possibly null additional detail about the exception. + * @param x a possibly null root exception that caused this one. + */ + public ConfidentialityException(String s, Throwable x) + { + super(s, x); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java new file mode 100644 index 0000000..2b913a1 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProvider.java @@ -0,0 +1,117 @@ +/* IAuthInfoProvider.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import java.util.Map; + +import javax.security.sasl.AuthenticationException; + +/** + * The visible methods of any authentication information provider. + */ +public interface IAuthInfoProvider +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + * Activates (initialises) this provider instance. SHOULD be the first method + * invoked on the provider. + * + * @param context a collection of name-value bindings describing the + * activation context. + * @throws AuthenticationException if an exception occurs during the operation. + */ + void activate(Map context) throws AuthenticationException; + + /** + * Passivates (releases) this provider instance. SHOULD be the last method + * invoked on the provider. Once it is done, no other method may be invoked + * on the same instance before it is activated agains. + * + * @throws AuthenticationException if an exception occurs during the operation. + */ + void passivate() throws AuthenticationException; + + /** + * Checks if a user with a designated name is known to this provider. + * + * @param userName the name of a user to check. + * @return true if the user with the designated name is known to + * this provider; false otherwise. + * @throws AuthenticationException if an exception occurs during the operation. + */ + boolean contains(String userName) throws AuthenticationException; + + /** + * Returns a collection of information about a designated user. The contents + * of the returned map is provider-specific of name-to-value mappings. + * + * @param userID a map of name-to-value bindings that fully describe a user. + * @return a collection of information about the designated user. + * @throws AuthenticationException if an exception occurs during the operation. + */ + Map lookup(Map userID) throws AuthenticationException; + + /** + * Updates the credentials of a designated user. + * + * @param userCredentials a map of name-to-value bindings that fully describe + * a user, including per new credentials. + * @throws AuthenticationException if an exception occurs during the operation. + */ + void update(Map userCredentials) throws AuthenticationException; + + /** + * A provider may operate in more than mode; e.g. SRP-II caters for user + * credentials computed in more than one message digest algorithm. This + * method returns the set of name-to-value bindings describing the mode of + * the provider. + * + * @param mode a unique identifier describing the operational mode. + * @return a collection of name-to-value bindings describing the designated + * mode. + * @throws AuthenticationException if an exception occurs during the operation. + */ + Map getConfiguration(String mode) throws AuthenticationException; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java new file mode 100644 index 0000000..e630b8d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java @@ -0,0 +1,62 @@ +/* IAuthInfoProviderFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +/** + * The visible method of every authentication information provider factory. + */ +public interface IAuthInfoProviderFactory +{ + + // Constants + // ------------------------------------------------------------------------- + + // Methods + // ------------------------------------------------------------------------- + + /** + * Returns an implementation of a provider for a designated mechanism + * capable of honouring {@link IAuthInfoProvider} requests. + * + * @param mechanism the unique name of a mechanism. + * @return an implementation of {@link IAuthInfoProvider} for that mechanism + * or null if none found. + */ + IAuthInfoProvider getInstance(String mechanism); +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java b/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java new file mode 100644 index 0000000..94d9269a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/IllegalMechanismStateException.java @@ -0,0 +1,86 @@ +/* IllegalMechanismStateException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.AuthenticationException; + +/** + * A checked exception thrown to indicate that an operation that should be + * invoked on a completed mechanism was invoked but the authentication phase of + * that mechanism was not completed yet, or that an operation that should be + * invoked on incomplete mechanisms was invoked but the authentication phase of + * that mechanism was already completed. + * + * @version $Revision: 1.1 $ + */ +public class IllegalMechanismStateException extends AuthenticationException +{ + + /** + * Constructs a new instance of IllegalMechanismStateException + * with no detail message. + */ + public IllegalMechanismStateException() + { + super(); + } + + /** + * Constructs a new instance of IllegalMechanismStateException + * with the specified detail message. + * + * @param detail the detail message. + */ + public IllegalMechanismStateException(String detail) + { + super(detail); + } + + /** + * Constructs a new instance of IllegalMechanismStateException + * with the specified detail message, and cause. + * + * @param detail the detail message. + * @param ex the original cause. + */ + public IllegalMechanismStateException(String detail, Throwable ex) + { + super(detail, ex); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java b/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java new file mode 100644 index 0000000..a64ea3e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/InputBuffer.java @@ -0,0 +1,339 @@ +/* InputBuffer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.math.BigInteger; + +/** + *

The implementation of an incoming SASL buffer.

+ * + *

The data elements this class caters for are described in [1].

+ * + *

References:

+ *
    + *
  1. + * Secure Remote Password Authentication Mechanism;
    + * draft-burdis-cat-srp-sasl-09,
    + * Keith Burdis and + * Raïf S. Naffah.
    2. + *
+ */ +public class InputBuffer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The internal buffer stream containing the buffer's contents. */ + protected ByteArrayInputStream in; + + /** The length of the buffer, according to its header. */ + protected int length; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Constructs a SASL buffer given the buffer's encoded form, including its + * header bytes.

+ * + * @param frame the encoded form, including the header bytes, of a SASL buffer. + * @throws SaslEncodingException if the buffer is malformed. + */ + public InputBuffer(byte[] frame) throws SaslEncodingException + { + this(); + + if (frame.length < 4) + { + throw new SaslEncodingException("SASL buffer header too short"); + } + + length = (frame[0] & 0xFF) << 24 | (frame[1] & 0xFF) << 16 + | (frame[2] & 0xFF) << 8 | (frame[3] & 0xFF); + if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) + { + throw new SaslEncodingException("SASL buffer size limit exceeded"); + } + + in = new ByteArrayInputStream(frame, 4, length); + } + + /** Trivial private constructor for use by the class method. */ + private InputBuffer() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a SASL buffer given the buffer's encoded contents, + * excluding the buffer's header bytes.

+ * + *

Calls the method with the same name and three arguments as: + * getInstance(raw, 0, raw.length). + * + * @param raw the encoded form, excluding the header bytes, of a SASL buffer. + * @return a new instance of {@link InputBuffer}. + */ + public static InputBuffer getInstance(byte[] raw) + { + return getInstance(raw, 0, raw.length); + } + + /** + *

Returns an instance of a SASL buffer given the buffer's encoded + * contents, excluding the buffer's header bytes.

+ * + * @param raw the encoded form, excluding the header bytes, of a SASL buffer. + * @param offset offset where to start using raw bytes from. + * @param len number of bytes to use. + * @return a new instance of {@link InputBuffer}. + */ + public static InputBuffer getInstance(byte[] raw, int offset, int len) + { + InputBuffer result = new InputBuffer(); + result.in = new ByteArrayInputStream(raw, offset, len); + return result; + } + + /** + *

Converts four octets into the number that they represent.

+ * + * @param b the four octets. + * @return the length. + */ + // public static int fourBytesToLength(byte[] b) throws SaslEncodingException { + // int result = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8 | (b[3] & 0xFF); + // if (result > Registry.SASL_FOUR_BYTE_MAX_LIMIT || result < 0) { + // throw new SaslEncodingException("SASL EOS size limit exceeded"); + // } + // return result; + // } + /** + *

Converts two octets into the number that they represent.

+ * + * @param b the two octets. + * @return the length. + */ + public static int twoBytesToLength(byte[] b) throws SaslEncodingException + { + final int result = (b[0] & 0xFF) << 8 | (b[1] & 0xFF); + if (result > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException("SASL MPI/Text size limit exceeded"); + } + return result; + } + + // Instance methods + // ------------------------------------------------------------------------- + + public boolean hasMoreElements() + { + return (in.available() > 0); + } + + /** + *

Decodes a SASL scalar quantity, count-octet long, from the + * current buffer.

+ * + * @param count the number of octets of this scalar quantity. + * @return a native representation of a SASL scalar (unsigned integer) quantity. + * @throws SaslEncodingException if an encoding exception occurs during the + * operation. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public long getScalar(int count) throws IOException + { + if (count < 0 || count > 4) + { + throw new SaslEncodingException("Invalid SASL scalar octet count: " + + String.valueOf(count)); + } + if (!hasMoreElements()) + { + throw new SaslEncodingException( + "Not enough bytes for a scalar in buffer"); + } + if (in.available() < count) + { + throw new SaslEncodingException("Illegal SASL scalar encoding"); + } + byte[] element = new byte[count]; + in.read(element); + + long result = 0L; + for (int i = 0; i < count; i++) + { + result <<= 8; + result |= element[i] & 0xFFL; + } + return result; + } + + /** + *

Decodes a SASL OS from the current buffer.

+ * + * @return a native representation of a SASL OS. + * @throws SaslEncodingException if an encoding exception occurs during the + * operation. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public byte[] getOS() throws IOException + { + if (!hasMoreElements()) + { + throw new SaslEncodingException( + "Not enough bytes for an octet-sequence in buffer"); + } + final int elementLength = in.read(); + if (elementLength > Registry.SASL_ONE_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException( + "SASL octet-sequence size limit exceeded"); + } + + if (in.available() < elementLength) + { + throw new SaslEncodingException("Illegal SASL octet-sequence encoding"); + } + + byte[] result = new byte[elementLength]; + in.read(result); + + return result; + } + + /** + *

Decodes a SASL EOS from the current buffer.

+ * + * @return a native representation of a SASL EOS. + * @throws SaslEncodingException if an encoding exception occurs during the + * operation. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public byte[] getEOS() throws IOException + { + if (in.available() < 2) + { + throw new SaslEncodingException( + "Not enough bytes for an extended octet-sequence in buffer"); + } + + byte[] elementLengthBytes = new byte[2]; + in.read(elementLengthBytes); + final int elementLength = twoBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + { + throw new SaslEncodingException( + "Illegal SASL extended octet-sequence encoding"); + } + + byte[] result = new byte[elementLength]; + in.read(result); + + return result; + } + + /** + *

Decodes a SASL MPI from the current buffer.

+ * + * @return a native representation of a SASL MPI. + * @throws SaslEncodingException if an encoding exception occurs during the + * operation. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public BigInteger getMPI() throws IOException + { + if (in.available() < 2) + { + throw new SaslEncodingException("Not enough bytes for an MPI in buffer"); + } + byte[] elementLengthBytes = new byte[2]; + in.read(elementLengthBytes); + final int elementLength = twoBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + { + throw new SaslEncodingException( + "Illegal SASL multi-precision integer encoding"); + } + + byte[] element = new byte[elementLength]; + in.read(element); + + return new BigInteger(1, element); + } + + /** + *

Decodes a SASL Text from the current buffer.

+ * + * @return a native representation of a SASL Text. + * @throws SaslEncodingException if an encoding exception occurs during the + * operation. + * @throws SaslEncodingException if the UTF-8 character encoding is not + * supported on this platform. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public String getText() throws IOException + { + if (in.available() < 2) + { + throw new SaslEncodingException("Not enough bytes for a text in buffer"); + } + byte[] elementLengthBytes = new byte[2]; + in.read(elementLengthBytes); + final int elementLength = twoBytesToLength(elementLengthBytes); + if (in.available() < elementLength) + { + throw new SaslEncodingException("Illegal SASL text encoding"); + } + + byte[] element = new byte[elementLength]; + in.read(element); + + return new String(element, "UTF8"); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java b/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java new file mode 100644 index 0000000..4a56ca2d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/IntegrityException.java @@ -0,0 +1,83 @@ +/* IntegrityException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.SaslException; + +/** + * Used by mechanisms that offer a security services layer, this checked + * exception is thrown to indicate that a violation has occured during the + * processing of an integrity protection filter, including replay + * detection. + */ +public class IntegrityException extends SaslException +{ + + /** + * Constructs a new instance of IntegrityException with no + * detail message. + */ + public IntegrityException() + { + super(); + } + + /** + * Constructs a new instance of IntegrityException with the + * specified detail message. + * + * @param s the detail message. + */ + public IntegrityException(String s) + { + super(s); + } + + /** + * Constructs a new instance of IntegrityException with a + * detailed message and a root exception. + * + * @param s possibly null additional detail about the exception. + * @param x a possibly null root exception that caused this one. + */ + public IntegrityException(String s, Throwable x) + { + super(s, x); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java new file mode 100644 index 0000000..6543208 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchMechanismException.java @@ -0,0 +1,62 @@ +/* NoSuchMechanismException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.SaslException; + +/** + * A checked exception thrown to indicate that a designated SASL mechanism + * implementation was not found. + */ +public class NoSuchMechanismException extends SaslException +{ + + /** + * Constructs a NoSuchMechanismException with the specified + * detail message. In the case of this exception, the detail message + * designates the offending mechanism name. + * + * @param arg the detail message, which in this case is the offending + * mechanism name. + */ + public NoSuchMechanismException(String arg) + { + super(arg); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java new file mode 100644 index 0000000..fe362c7 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/NoSuchUserException.java @@ -0,0 +1,67 @@ +/* NoSuchUserException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.AuthenticationException; + +/** + * A checked exception thrown to indicate that a designated user is unknown to + * the authentication layer. + */ +public class NoSuchUserException extends AuthenticationException +{ + + /** Constructs a NoSuchUserException with no detail message. */ + public NoSuchUserException() + { + super(); + } + + /** + * Constructs a NoSuchUserException with the specified detail + * message. In the case of this exception, the detail message designates + * the offending username. + * + * @param arg the detail message, which in this case is the username. + */ + public NoSuchUserException(String arg) + { + super(arg); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java b/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java new file mode 100644 index 0000000..d219e7e --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/OutputBuffer.java @@ -0,0 +1,225 @@ +/* OutputBuffer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; + +/** + *

The implementation of an outgoing SASL buffer.

+ * + *

The data elements this class caters for are described in [1].

+ * + *

References:

+ *
    + *
  1. + * Secure Remote Password Authentication Mechanism;
    + * draft-burdis-cat-srp-sasl-09,
    + * Keith Burdis and + * Raïf S. Naffah.
    2. + *
+ */ +public class OutputBuffer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The internal output stream. */ + private ByteArrayOutputStream out; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public OutputBuffer() + { + super(); + + out = new ByteArrayOutputStream(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Encodes a SASL scalar quantity, count-octet long, to the + * current buffer.

+ * + * @param count number of octets to encode b with. + * @param b the scalar quantity. + * @throws SaslEncodingException if an encoding size constraint is violated. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public void setScalar(int count, int b) throws IOException + { + if (count < 0 || count > 4) + { + throw new SaslEncodingException("Invalid SASL scalar octet count: " + + String.valueOf(count)); + } + byte[] element = new byte[count]; + for (int i = count; --i >= 0; b >>>= 8) + { + element[i] = (byte) b; + } + out.write(element); + } + + /** + *

Encodes a SASL OS to the current buffer.

+ * + * @param b the OS element. + * @throws SaslEncodingException if an encoding size constraint is violated. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public void setOS(byte[] b) throws IOException + { + final int length = b.length; + if (length > Registry.SASL_ONE_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException("SASL octet-sequence too long"); + } + out.write(length & 0xFF); + out.write(b); + } + + /** + *

Encodes a SASL EOS to the current buffer.

+ * + * @param b the EOS element. + * @throws SaslEncodingException if an encoding size constraint is violated. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public void setEOS(byte[] b) throws IOException + { + final int length = b.length; + if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException("SASL extended octet-sequence too long"); + } + byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes); + out.write(b); + } + + /** + *

Encodes a SASL MPI to the current buffer.

+ * + * @param val the MPI element. + * @throws SaslEncodingException if an encoding size constraint is violated. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public void setMPI(BigInteger val) throws IOException + { + byte[] b = Util.trim(val); + final int length = b.length; + if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException("SASL multi-precision integer too long"); + } + byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes); + out.write(b); + } + + /** + *

Encodes a SASL Text to the current buffer.

+ * + * @param str the Text element. + * @throws SaslEncodingException if an encoding size constraint is violated. + * @throws SaslEncodingException if the UTF-8 encoding is not supported on + * this platform. + * @throws IOException if any other I/O exception occurs during the operation. + */ + public void setText(String str) throws IOException + { + byte[] b = str.getBytes("UTF8"); + final int length = b.length; + if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) + { + throw new SaslEncodingException("SASL text too long"); + } + byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + out.write(lengthBytes); + out.write(b); + } + + /** + *

Returns the encoded form of the current buffer including the 4-byte + * length header.

+ * + * @throws SaslEncodingException if an encoding size constraint is violated. + */ + public byte[] encode() throws SaslEncodingException + { + byte[] buffer = wrap(); + final int length = buffer.length; + byte[] result = new byte[length + 4]; + result[0] = (byte) (length >>> 24); + result[1] = (byte) (length >>> 16); + result[2] = (byte) (length >>> 8); + result[3] = (byte) length; + System.arraycopy(buffer, 0, result, 4, length); + + return result; + } + + /** + *

Returns the encoded form of the current buffer excluding the 4-byte + * length header.

+ * + * @throws SaslEncodingException if an encoding size constraint is violated. + */ + public byte[] wrap() throws SaslEncodingException + { + final int length = out.size(); + if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) + { + throw new SaslEncodingException("SASL buffer too long"); + } + return out.toByteArray(); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java new file mode 100644 index 0000000..9f4c59f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslEncodingException.java @@ -0,0 +1,66 @@ +/* SaslEncodingException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.SaslException; + +/** + * A checked exception, thrown when an exception occurs while decoding a SASL + * buffer and/or a SASL data element from/to a buffer. + */ +public class SaslEncodingException extends SaslException +{ + + /** Constructs a SaslEncodingException with no detail message. */ + public SaslEncodingException() + { + super(); + } + + /** + * Constructs a SaslEncodingException with the specified detail + * message. + * + * @param s the detail message. + */ + public SaslEncodingException(String s) + { + super(s); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java new file mode 100644 index 0000000..57eb2b5 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslInputStream.java @@ -0,0 +1,459 @@ +/* SaslInputStream.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.util.Util; + +import java.io.InputStream; +import java.io.InterruptedIOException; +import java.io.IOException; +import java.io.PrintWriter; + +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslServer; + +/** + * An input stream that uses either a {@link SaslClient} or a {@link SaslServer} + * to process the data through these entities' security layer filter(s). + */ +public class SaslInputStream extends InputStream +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "SaslOutputStream"; + + private static final String ERROR = "ERROR"; + + private static final String WARN = " WARN"; + + // private static final String INFO = " INFO"; + private static final String TRACE = "DEBUG"; + + private static final boolean DEBUG = true; + + private static final int debuglevel = 3; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String level, Object obj) + { + err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private SaslClient client; + + private SaslServer server; + + private int maxRawSendSize; + + private InputStream source; + + private byte[] internalBuf; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public SaslInputStream(SaslClient client, InputStream source) + throws IOException + { + super(); + + this.client = client; + maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + server = null; + this.source = source; + } + + public SaslInputStream(SaslServer server, InputStream source) + throws IOException + { + super(); + + this.server = server; + maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + client = null; + this.source = source; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // Overloaded java.io.InputStream methods ---------------------------------- + + public int available() throws IOException + { + return (internalBuf == null) ? 0 : internalBuf.length; + } + + public void close() throws IOException + { + source.close(); + } + + /** + *

Reads the next byte of data from the input stream. The value byte is + * returned as an int in the range 0 to + * 255. If no byte is available because the end of the stream + * has been reached, the value -1 is returned. This method + * blocks until input data is available, the end of the stream is detected, + * or an exception is thrown.

+ * + *

From a SASL mechanism provider's perspective, if a security layer has + * been negotiated, the underlying source is expected to contain SASL + * buffers, as defined in RFC 2222. Four octets in network byte order in the + * front of each buffer identify the length of the buffer. The provider is + * responsible for performing any integrity checking or other processing on + * the buffer before returning the data as a stream of octets. For example, + * the protocol driver's request for a single octet from the stream might; + * i.e. an invocation of this method, may result in an entire SASL buffer + * being read and processed before that single octet can be returned.

+ * + * @return the next byte of data, or -1 if the end of the stream + * is reached. + * @throws IOException if an I/O error occurs. + */ + public int read() throws IOException + { + int result = -1; + if (internalBuf != null && internalBuf.length > 0) + { + result = internalBuf[0] & 0xFF; + if (internalBuf.length == 1) + internalBuf = new byte[0]; + else + { + byte[] tmp = new byte[internalBuf.length - 1]; + // System.arraycopy(internalBuf, 0, tmp, 0, tmp.length); + System.arraycopy(internalBuf, 1, tmp, 0, tmp.length); + internalBuf = tmp; + } + } + else + { + byte[] buf = new byte[1]; + int check = read(buf); + result = (check > 0) ? (buf[0] & 0xFF) : -1; + } + + return result; + } + + /** + *

Reads up to len bytes of data from the underlying + * source input stream into an array of bytes. An attempt is made to + * read as many as len bytes, but a smaller number may be read, + * possibly zero. The number of bytes actually read is returned as an + * integer.

+ * + *

This method blocks until input data is available, end of file is + * detected, or an exception is thrown.

+ * + *

If b is null, a {@link NullPointerException} is + * thrown.

+ * + *

If off is negative, or len is negative, or + * off+len is greater than the length of the array b, + * then an {@link IndexOutOfBoundsException} is thrown.

+ * + *

If len is zero, then no bytes are read and 0 + * is returned; otherwise, there is an attempt to read at least one byte. If + * no byte is available because the stream is at end of file, the value + * -1 is returned; otherwise, at least one byte is read and + * stored into b.

+ * + *

The first byte read is stored into element b[off], the + * next one into b[off+1], and so on. The number of bytes read + * is, at most, equal to len. Let k be the number + * of bytes actually read; these bytes will be stored in elements + * b[off] through b[off+k-1], leaving elements + * b[off+k] through b[off+len-1] unaffected.

+ * + *

In every case, elements b[0] through b[off] + * and elements b[off+len] through b[b.length-1] + * are unaffected.

+ * + *

If the first byte cannot be read for any reason other than end of file, + * then an {@link IOException} is thrown. In particular, an {@link IOException} + * is thrown if the input stream has been closed.

+ * + *

From the SASL mechanism provider's perspective, if a security layer has + * been negotiated, the underlying source is expected to contain SASL + * buffers, as defined in RFC 2222. Four octets in network byte order in the + * front of each buffer identify the length of the buffer. The provider is + * responsible for performing any integrity checking or other processing on + * the buffer before returning the data as a stream of octets. The protocol + * driver's request for a single octet from the stream might result in an + * entire SASL buffer being read and processed before that single octet can + * be returned.

+ * + * @param b the buffer into which the data is read. + * @param off the start offset in array b at which the data is + * wricodeen. + * @param len the maximum number of bytes to read. + * @return the total number of bytes read into the buffer, or -1 + * if there is no more data because the end of the stream has been reached. + * @throws IOException if an I/O error occurs. + */ + public int read(byte[] b, int off, int len) throws IOException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> read(b, " + String.valueOf(off) + ", " + + String.valueOf(len) + ")"); + + if (b == null) + { + throw new NullPointerException("b"); + } + if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) + || ((off + len) < 0)) + { + throw new IndexOutOfBoundsException("off=" + String.valueOf(off) + + ", len=" + String.valueOf(len) + + ", b.length=" + + String.valueOf(b.length)); + } + if (len == 0) + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== read() --> 0"); + return 0; + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Available: " + String.valueOf(available())); + + int result = 0; + if (internalBuf == null || internalBuf.length < 1) + try + { + internalBuf = readSaslBuffer(); + if (internalBuf == null) + { + if (DEBUG && debuglevel > 4) + debug(WARN, "Underlying stream empty. Returning -1"); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== read() --> -1"); + return -1; + } + } + catch (InterruptedIOException x) + { + if (DEBUG && debuglevel > 6) + debug(TRACE, x); + if (DEBUG && debuglevel > 4) + debug(WARN, "Reading thread was interrupted. Returning -1"); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== read() --> -1"); + return -1; + } + + if (len <= internalBuf.length) + { + result = len; + System.arraycopy(internalBuf, 0, b, off, len); + if (len == internalBuf.length) + internalBuf = null; + else + { + byte[] tmp = new byte[internalBuf.length - len]; + System.arraycopy(internalBuf, len, tmp, 0, tmp.length); + internalBuf = tmp; + } + } + else + { + // first copy the available bytes to b + result = internalBuf.length; + System.arraycopy(internalBuf, 0, b, off, result); + internalBuf = null; + + off += result; + len -= result; + + int remaining; // count of bytes remaining in buffer after an iteration + int delta; // count of bytes moved to b after an iteration + int datalen; + byte[] data; + while (len > 0) + // we need to read SASL buffers, as long as there are at least + // 4 bytes available at the source + if (source.available() > 3) + { + // process a buffer + data = readSaslBuffer(); + if (data == null) + { + if (DEBUG && debuglevel > 4) + debug(WARN, "Underlying stream exhausted. Breaking..."); + break; + } + + datalen = data.length; + + // copy [part of] the result to b + remaining = (datalen <= len) ? 0 : datalen - len; + delta = datalen - remaining; + System.arraycopy(data, 0, b, off, delta); + if (remaining > 0) + { + internalBuf = new byte[remaining]; + System.arraycopy(data, delta, internalBuf, 0, remaining); + } + + // update off, result and len + off += delta; + result += delta; + len -= delta; + } + else + { // nothing much we can do except return what we have + if (DEBUG && debuglevel > 4) + debug(WARN, + "Not enough bytes in source to read a buffer. Breaking..."); + break; + } + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Remaining: " + + (internalBuf == null ? 0 : internalBuf.length)); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== read() --> " + String.valueOf(result)); + return result; + } + + // other nstance methods --------------------------------------------------- + + /** + * Reads a SASL buffer from the underlying source if at least 4 bytes are + * available. + * + * @return the byte[] of decoded buffer contents, or null if the underlying + * source was exhausted. + * @throws IOException if an I/O exception occurs during the operation. + */ + private byte[] readSaslBuffer() throws IOException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> readSaslBuffer()"); + + int realLength; // check if we read as many bytes as we're supposed to + byte[] result = new byte[4]; + try + { + realLength = source.read(result); + if (realLength == -1) + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== readSaslBuffer() --> null"); + return null; + } + } + catch (IOException x) + { + if (DEBUG && debuglevel > 0) + debug(ERROR, x); + throw x; + } + + if (realLength != 4) + { + throw new IOException("Was expecting 4 but found " + + String.valueOf(realLength)); + } + int bufferLength = result[0] << 24 | (result[1] & 0xFF) << 16 + | (result[2] & 0xFF) << 8 | (result[3] & 0xFF); + + if (DEBUG && debuglevel > 6) + debug(TRACE, "SASL buffer size: " + bufferLength); + if (bufferLength > maxRawSendSize || bufferLength < 0) + { + throw new SaslEncodingException("SASL buffer (security layer) too long"); + } + + result = new byte[bufferLength]; + try + { + realLength = source.read(result); + } + catch (IOException x) + { + if (DEBUG && debuglevel > 0) + debug(ERROR, x); + throw x; + } + + if (realLength != bufferLength) + throw new IOException("Was expecting " + String.valueOf(bufferLength) + + " but found " + String.valueOf(realLength)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (before security) (hex): " + + Util.dumpString(result)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (before security) (str): \"" + + new String(result) + "\""); + + if (client != null) + { + result = client.unwrap(result, 0, realLength); + } + else + { + result = server.unwrap(result, 0, realLength); + } + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (after security) (hex): " + + Util.dumpString(result)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (after security) (str): \"" + + new String(result) + "\""); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== readSaslBuffer()"); + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java new file mode 100644 index 0000000..6997201 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslOutputStream.java @@ -0,0 +1,218 @@ +/* SaslOutputStream.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.util.Util; + +import java.io.OutputStream; +import java.io.IOException; +import java.io.PrintWriter; + +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslServer; + +/** + * An output stream that uses either a {@link SaslClient} or a {@link SaslServer} + * to process the data through these entities' security layer filter(s). + */ +public class SaslOutputStream extends OutputStream +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "SaslOutputStream"; + + // private static final String ERROR = "ERROR"; + // private static final String WARN = " WARN"; + // private static final String INFO = " INFO"; + private static final String TRACE = "DEBUG"; + + private static final boolean DEBUG = true; + + private static final int debuglevel = 3; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(String level, Object obj) + { + err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private SaslClient client; + + private SaslServer server; + + private int maxRawSendSize; + + private OutputStream dest; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public SaslOutputStream(SaslClient client, OutputStream dest) + throws IOException + { + super(); + + this.client = client; + maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + server = null; + this.dest = dest; + } + + public SaslOutputStream(SaslServer server, OutputStream dest) + throws IOException + { + super(); + + this.server = server; + maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + client = null; + this.dest = dest; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Overloaded java.io.OutputStream methods + // ------------------------------------------------------------------------- + + public void close() throws IOException + { + dest.flush(); + dest.close(); + } + + public void flush() throws IOException + { + dest.flush(); + } + + /** + * When writing octets to the resulting stream, if a security layer has been + * negotiated, each piece of data written (by a single invocation of + * write()) will be encapsulated as a SASL buffer, as defined in + * RFC 2222, and then written to the underlying dest output stream. + */ + public void write(int b) throws IOException + { + write(new byte[] { (byte) b }); + } + + /** + * When writing octets to the resulting stream, if a security layer has been + * negotiated, each piece of data written (by a single invocation of + * write()) will be encapsulated as a SASL buffer, as defined in + * RFC 2222, and then written to the underlying dest output stream. + */ + public void write(byte[] b, int off, int len) throws IOException + { + if (b == null) + { + throw new NullPointerException("b"); + } + if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) + || ((off + len) < 0)) + { + throw new IndexOutOfBoundsException("off=" + String.valueOf(off) + + ", len=" + String.valueOf(len) + + ", b.length=" + + String.valueOf(b.length)); + } + if (len == 0) + { + return; + } + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> write()"); + + int chunckSize, length, chunck = 1; + byte[] output = null, result; + if (DEBUG && debuglevel > 6) + debug(TRACE, "About to wrap " + String.valueOf(len) + " byte(s)..."); + while (len > 0) + { + chunckSize = (len > maxRawSendSize ? maxRawSendSize : len); + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (before security) (hex): " + + Util.dumpString(b, off, chunckSize)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (before security) (str): \"" + + new String(b, off, chunckSize) + "\""); + + if (client != null) + output = client.wrap(b, off, chunckSize); + else + output = server.wrap(b, off, chunckSize); + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (after security) (hex): " + + Util.dumpString(output)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (after security) (str): \"" + + new String(output) + "\""); + + length = output.length; + result = new byte[length + 4]; + result[0] = (byte) (length >>> 24); + result[1] = (byte) (length >>> 16); + result[2] = (byte) (length >>> 8); + result[3] = (byte) length; + System.arraycopy(output, 0, result, 4, length); + + dest.write(result); + + off += chunckSize; + len -= chunckSize; + if (DEBUG && debuglevel > 6) + debug(TRACE, "Wrapped chunck #" + String.valueOf(chunck)); + chunck++; + } + + dest.flush(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== write()"); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java b/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java new file mode 100644 index 0000000..e70312c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/SaslUtil.java @@ -0,0 +1,89 @@ +/* SaslUtil.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.util.Util; + +import java.math.BigInteger; +import java.security.MessageDigest; + +/** + * Utility methods for SASL-related classes. + */ +public class SaslUtil +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + private SaslUtil() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + public static final boolean validEmailAddress(String address) + { + // need to do better than this + return (address.indexOf("@") != -1); + } + + // Visualisation methods + // ------------------------------------------------------------------------- + + /** Returns the context of the designated hash as a string. */ + public static final String dump(MessageDigest md) + { + String result; + try + { + result = Util.dumpString(((MessageDigest) md.clone()).digest()); + } + catch (Exception ignored) + { + result = "..."; + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java b/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java new file mode 100644 index 0000000..e9b08db --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/ServerFactory.java @@ -0,0 +1,194 @@ +/* ServerFactory.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.anonymous.AnonymousServer; +import gnu.javax.crypto.sasl.crammd5.CramMD5Server; +import gnu.javax.crypto.sasl.plain.PlainServer; +import gnu.javax.crypto.sasl.srp.SRPServer; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; +import javax.security.sasl.SaslServerFactory; + +/** + * The implementation of the {@link SaslServerFactory}. + */ +public class ServerFactory implements SaslServerFactory +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-arguments constructor + + // Class methods + // ------------------------------------------------------------------------- + + public static final Set getNames() + { + return Collections.unmodifiableSet(new HashSet( + Arrays.asList(getNamesInternal(null)))); + } + + private static final String[] getNamesInternal(Map props) + { + String[] all = new String[] { Registry.SASL_SRP_MECHANISM, + Registry.SASL_CRAM_MD5_MECHANISM, + Registry.SASL_PLAIN_MECHANISM, + Registry.SASL_ANONYMOUS_MECHANISM }; + + List result = new ArrayList(4); + int i; + for (i = 0; i < all.length;) + { + result.add(all[i++]); + } + + if (props == null) + { + return (String[]) result.toArray(new String[0]); // all + } + if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) + { // none + return new String[0]; + } + + if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props)) + { + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NOACTIVE, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NODICTIONARY, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_NOANONYMOUS, props)) + { + result.remove(Registry.SASL_ANONYMOUS_MECHANISM); + } + if (hasPolicy(Sasl.POLICY_FORWARD_SECRECY, props)) + { + result.remove(Registry.SASL_CRAM_MD5_MECHANISM); + result.remove(Registry.SASL_ANONYMOUS_MECHANISM); + result.remove(Registry.SASL_PLAIN_MECHANISM); + } + return (String[]) result.toArray(new String[0]); + } + + public static final ServerMechanism getInstance(String mechanism) + { + if (mechanism == null) + { + return null; + } + mechanism = mechanism.trim().toUpperCase(); + if (mechanism.equals(Registry.SASL_SRP_MECHANISM)) + { + return new SRPServer(); + } + if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) + { + return new CramMD5Server(); + } + if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) + { + return new PlainServer(); + } + if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM)) + { + return new AnonymousServer(); + } + return null; + } + + // Instance methods + // ------------------------------------------------------------------------- + + public SaslServer createSaslServer(String mechanism, String protocol, + String serverName, Map props, + CallbackHandler cbh) throws SaslException + { + ServerMechanism result = getInstance(mechanism); + if (result != null) + { + HashMap attributes = new HashMap(); + if (props != null) + { + attributes.putAll(props); + } + attributes.put(Registry.SASL_PROTOCOL, protocol); + attributes.put(Registry.SASL_SERVER_NAME, serverName); + attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh); + + result.init(attributes); + } + return result; + } + + public String[] getMechanismNames(Map props) + { + return getNamesInternal(props); + } + + private static boolean hasPolicy(String propertyName, Map props) + { + return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName))); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java b/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java new file mode 100644 index 0000000..f12a075 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/ServerMechanism.java @@ -0,0 +1,371 @@ +/* ServerMechanism.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import gnu.java.security.Registry; + +import java.util.HashMap; +import java.util.Map; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.Sasl; +import javax.security.sasl.SaslServer; +import javax.security.sasl.SaslException; + +/** + *

A base class to facilitate implementing SASL server-side mechanisms.

+ */ +public abstract class ServerMechanism implements SaslServer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** Name of this mechanism. */ + protected String mechanism; + + /** Name of protocol using this mechanism. */ + protected String protocol; + + /** Name of server to authenticate to. */ + protected String serverName; + + /** Properties of qualities desired for this mechanism. */ + protected Map properties; + + /** Callback handler to use with this mechanism instance. */ + protected CallbackHandler handler; + + /** Whether authentication phase is completed (true) or not (false). */ + protected boolean complete = false; + + /** The authorisation identity. */ + protected String authorizationID; + + /** Channel binding data to use with this mechanism instance. */ + protected byte[] channelBinding; + + /** The state of the authentication automaton. -1 means uninitialised. */ + protected int state = -1; + + /** The provider for authentication information. */ + protected IAuthInfoProvider authenticator; + + // Constructor(s) + // ------------------------------------------------------------------------- + + protected ServerMechanism(final String mechanism) + { + super(); + + this.mechanism = mechanism; + this.authenticator = AuthInfo.getProvider(mechanism); + this.state = -1; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods to be implemented by concrete subclasses --------------- + + protected abstract void initMechanism() throws SaslException; + + protected abstract void resetMechanism() throws SaslException; + + // javax.security.sasl.SaslServer interface implementation ----------------- + + public abstract byte[] evaluateResponse(byte[] response) throws SaslException; + + public boolean isComplete() + { + return complete; + } + + public byte[] unwrap(final byte[] incoming, final int offset, final int len) + throws SaslException + { + if (!isComplete()) + { + throw new IllegalMechanismStateException(); + } + return this.engineUnwrap(incoming, offset, len); + } + + public byte[] wrap(final byte[] outgoing, final int offset, final int len) + throws SaslException + { + if (!isComplete()) + { + throw new IllegalMechanismStateException(); + } + return this.engineWrap(outgoing, offset, len); + } + + public String getMechanismName() + { + return this.mechanism; + } + + public String getAuthorizationID() + { + return this.authorizationID; + } + + public Object getNegotiatedProperty(final String propName) + { + if (!isComplete()) + { + throw new IllegalStateException(); + } + if (Sasl.QOP.equals(propName)) + { + return getNegotiatedQOP(); + } + if (Sasl.STRENGTH.equals(propName)) + { + return getNegotiatedStrength(); + } + if (Sasl.SERVER_AUTH.equals(propName)) + { + return getNegotiatedServerAuth(); + } + if (Sasl.MAX_BUFFER.equals(propName)) + { + return getNegotiatedMaxBuffer(); + } + if (Sasl.RAW_SEND_SIZE.equals(propName)) + { + return getNegotiatedRawSendSize(); + } + if (Sasl.POLICY_NOPLAINTEXT.equals(propName)) + { + return getNegotiatedPolicyNoPlainText(); + } + if (Sasl.POLICY_NOACTIVE.equals(propName)) + { + return getNegotiatedPolicyNoActive(); + } + if (Sasl.POLICY_NODICTIONARY.equals(propName)) + { + return getNegotiatedPolicyNoDictionary(); + } + if (Sasl.POLICY_NOANONYMOUS.equals(propName)) + { + return getNegotiatedPolicyNoAnonymous(); + } + if (Sasl.POLICY_FORWARD_SECRECY.equals(propName)) + { + return getNegotiatedPolicyForwardSecrecy(); + } + if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName)) + { + return getNegotiatedPolicyPassCredentials(); + } + if (Sasl.REUSE.equals(propName)) + { + return getReuse(); + } + return null; + } + + public void dispose() throws SaslException + { + reset(); + } + + // other Instance methods -------------------------------------------------- + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } + + protected String getNegotiatedStrength() + { + return Registry.STRENGTH_LOW; + } + + protected String getNegotiatedServerAuth() + { + return Registry.SERVER_AUTH_FALSE; + } + + protected String getNegotiatedMaxBuffer() + { + return null; + } + + protected String getNegotiatedPolicyNoPlainText() + { + return null; + } + + protected String getNegotiatedPolicyNoActive() + { + return null; + } + + protected String getNegotiatedPolicyNoDictionary() + { + return null; + } + + protected String getNegotiatedPolicyNoAnonymous() + { + return null; + } + + protected String getNegotiatedPolicyForwardSecrecy() + { + return null; + } + + protected String getNegotiatedPolicyPassCredentials() + { + return null; + } + + protected String getNegotiatedRawSendSize() + { + return String.valueOf(Registry.SASL_BUFFER_MAX_LIMIT); + } + + protected String getReuse() + { + return Registry.REUSE_FALSE; + } + + protected byte[] engineUnwrap(final byte[] incoming, final int offset, + final int len) throws SaslException + { + final byte[] result = new byte[len]; + System.arraycopy(incoming, offset, result, 0, len); + return result; + } + + protected byte[] engineWrap(final byte[] outgoing, final int offset, + final int len) throws SaslException + { + final byte[] result = new byte[len]; + System.arraycopy(outgoing, offset, result, 0, len); + return result; + } + + /** + *

Initialises the mechanism with designated attributes. Permissible names + * and values are mechanism specific.

+ * + * @param attributes a set of name-value pairs that describes the desired + * future behaviour of this instance. + * @throws IllegalMechanismStateException if the instance is already + * initialised. + * @throws SaslException if an exception occurs during the process. + */ + public void init(final Map attributes) throws SaslException + { + if (state != -1) + { + throw new IllegalMechanismStateException("init()"); + } + + if (properties == null) + { + properties = new HashMap(); + } + else + { + properties.clear(); + } + if (attributes != null) + { + protocol = (String) attributes.get(Registry.SASL_PROTOCOL); + serverName = (String) attributes.get(Registry.SASL_SERVER_NAME); + handler = (CallbackHandler) attributes.get(Registry.SASL_CALLBACK_HANDLER); + channelBinding = (byte[]) attributes.get(Registry.SASL_CHANNEL_BINDING); + properties.putAll(attributes); + } + else + { + handler = null; + } + + if (protocol == null) + { + protocol = ""; + } + if (serverName == null) + { + serverName = ""; + } + if (authenticator != null) + { + authenticator.activate(properties); + } + if (channelBinding == null) + { + channelBinding = new byte[0]; + } + initMechanism(); + complete = false; + state = 0; + } + + /** + *

Resets the mechanism instance for re-initialisation and use with other + * characteristics.

+ * + * @throws SaslException if an exception occurs during the process. + */ + public void reset() throws SaslException + { + resetMechanism(); + properties.clear(); + if (authenticator != null) + { + authenticator.passivate(); + } + protocol = serverName = null; + channelBinding = null; + complete = false; + state = -1; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java b/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java new file mode 100644 index 0000000..764a36d --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/UserAlreadyExistsException.java @@ -0,0 +1,70 @@ +/* UserAlreadyExistsException.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl; + +import javax.security.sasl.SaslException; + +/** + * A checked exception thrown to indicate that a designated user is already + * known to the the authentication layer. + */ +public class UserAlreadyExistsException extends SaslException +{ + + /** + * Constructs a UserAlreadyExistsException with no detail + * message. + */ + public UserAlreadyExistsException() + { + super(); + } + + /** + * Constructs a UserAlreadyExistsException with the specified + * detail message. In the case of this exception, the detail message + * designates the offending username. + * + * @param userName the detail message, which in this case is the username. + */ + public UserAlreadyExistsException(String userName) + { + super(userName); + } +} diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java new file mode 100644 index 0000000..f5b1faa --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java @@ -0,0 +1,120 @@ +/* AnonymousClient.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.anonymous; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.ClientMechanism; +import gnu.javax.crypto.sasl.IllegalMechanismStateException; + +import java.io.UnsupportedEncodingException; + +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslException; +import javax.security.sasl.AuthenticationException; + +/** + *

The ANONYMOUS client-side mechanism.

+ */ +public class AnonymousClient extends ClientMechanism implements SaslClient +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public AnonymousClient() + { + super(Registry.SASL_ANONYMOUS_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslClient interface implementation ----------------- + + public boolean hasInitialResponse() + { + return true; + } + + public byte[] evaluateChallenge(final byte[] challenge) throws SaslException + { + if (complete) + { + throw new IllegalMechanismStateException("evaluateChallenge()"); + } + return response(); + } + + private byte[] response() throws SaslException + { + if (!AnonymousUtil.isValidTraceInformation(authorizationID)) + { + throw new AuthenticationException( + "Authorisation ID is not a valid email address"); + } + complete = true; + // return authorizationID.getBytes(); + final byte[] result; + try + { + result = authorizationID.getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("response()", x); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java new file mode 100644 index 0000000..2c10f78 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java @@ -0,0 +1,107 @@ +/* AnonymousServer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.anonymous; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.ServerMechanism; + +import java.io.UnsupportedEncodingException; + +import javax.security.sasl.AuthenticationException; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; + +/** + * The ANONYMOUS server-side mechanism. + */ +public class AnonymousServer extends ServerMechanism implements SaslServer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public AnonymousServer() + { + super(Registry.SASL_ANONYMOUS_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslServer interface implementation ----------------- + + public byte[] evaluateResponse(final byte[] response) throws SaslException + { + if (response == null) + { + return null; + } + try + { + authorizationID = new String(response, "UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("evaluateResponse()", x); + } + if (AnonymousUtil.isValidTraceInformation(authorizationID)) + { + this.complete = true; + return null; + } + authorizationID = null; + throw new AuthenticationException("Invalid email address"); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java new file mode 100644 index 0000000..99e95ea --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java @@ -0,0 +1,109 @@ +/* AnonymousUtil.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.anonymous; + +import gnu.javax.crypto.sasl.SaslUtil; + +/** + * An ANONYMOUS-specific utility class. + */ +public class AnonymousUtil +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Trivial private constructor to enforce Singleton pattern. */ + private AnonymousUtil() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + static boolean isValidTraceInformation(String traceInformation) + { + if (traceInformation == null) + { + return false; + } + if (traceInformation.length() == 0) + { + return true; + } + if (SaslUtil.validEmailAddress(traceInformation)) + { + return true; + } + return isValidToken(traceInformation); + } + + static boolean isValidToken(String token) + { + if (token == null) + { + return false; + } + if (token.length() == 0) + { + return false; + } + if (token.length() > 255) + { + return false; + } + if (token.indexOf('@') != -1) + { + return false; + } + for (int i = 0; i < token.length(); i++) + { + char c = token.charAt(i); + if (c < 0x20 || c > 0x7E) + { + return false; + } + } + return true; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java new file mode 100644 index 0000000..cf73b6f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java @@ -0,0 +1,200 @@ +/* CramMD5AuthInfoProvider.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.IAuthInfoProvider; +import gnu.javax.crypto.sasl.NoSuchUserException; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.security.sasl.AuthenticationException; + +/** + * The CRAM-MD5 mechanism authentication information provider implementation. + */ +public class CramMD5AuthInfoProvider implements IAuthInfoProvider +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private PasswordFile passwordFile = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-args constrcutor + + // Class methods + // ------------------------------------------------------------------------- + + // IAuthInfoProvider interface implementation + // ------------------------------------------------------------------------- + + public void activate(Map context) throws AuthenticationException + { + try + { + if (context == null) + { + passwordFile = new PasswordFile(); + } + else + { + String pfn = (String) context.get(CramMD5Registry.PASSWORD_FILE); + if (pfn == null) + { + passwordFile = new PasswordFile(); + } + else + { + passwordFile = new PasswordFile(pfn); + } + } + } + catch (IOException x) + { + throw new AuthenticationException("activate()", x); + } + } + + public void passivate() throws AuthenticationException + { + passwordFile = null; + } + + public boolean contains(String userName) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("contains()", + new IllegalStateException()); + } + boolean result = false; + try + { + result = passwordFile.contains(userName); + } + catch (IOException x) + { + throw new AuthenticationException("contains()", x); + } + return result; + } + + public Map lookup(Map userID) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("lookup()", + new IllegalStateException()); + } + Map result = new HashMap(); + try + { + String userName = (String) userID.get(Registry.SASL_USERNAME); + if (userName == null) + { + throw new NoSuchUserException(""); + } + String[] data = passwordFile.lookup(userName); + result.put(Registry.SASL_USERNAME, data[0]); + result.put(Registry.SASL_PASSWORD, data[1]); + result.put(CramMD5Registry.UID_FIELD, data[2]); + result.put(CramMD5Registry.GID_FIELD, data[3]); + result.put(CramMD5Registry.GECOS_FIELD, data[4]); + result.put(CramMD5Registry.DIR_FIELD, data[5]); + result.put(CramMD5Registry.SHELL_FIELD, data[6]); + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + throw new AuthenticationException("lookup()", x); + } + return result; + } + + public void update(Map userCredentials) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("update()", + new IllegalStateException()); + } + try + { + String userName = (String) userCredentials.get(Registry.SASL_USERNAME); + String password = (String) userCredentials.get(Registry.SASL_PASSWORD); + String uid = (String) userCredentials.get(CramMD5Registry.UID_FIELD); + String gid = (String) userCredentials.get(CramMD5Registry.GID_FIELD); + String gecos = (String) userCredentials.get(CramMD5Registry.GECOS_FIELD); + String dir = (String) userCredentials.get(CramMD5Registry.DIR_FIELD); + String shell = (String) userCredentials.get(CramMD5Registry.SHELL_FIELD); + if (uid == null || gid == null || gecos == null || dir == null + || shell == null) + { + passwordFile.changePasswd(userName, password); + } + else + { + String[] attributes = new String[] { uid, gid, gecos, dir, shell }; + passwordFile.add(userName, password, attributes); + } + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + throw new AuthenticationException("update()", x); + } + } + + public Map getConfiguration(String mode) throws AuthenticationException + { + throw new AuthenticationException("", new UnsupportedOperationException()); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java new file mode 100644 index 0000000..094109f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java @@ -0,0 +1,201 @@ +/* CramMD5Client.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.sasl.ClientMechanism; + +import java.io.IOException; +import java.security.InvalidKeyException; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.sasl.AuthenticationException; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslException; + +/** + * The CRAM-MD5 SASL client-side mechanism. + */ +public class CramMD5Client extends ClientMechanism implements SaslClient +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public CramMD5Client() + { + super(Registry.SASL_CRAM_MD5_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslClient interface implementation ----------------- + + public boolean hasInitialResponse() + { + return false; + } + + public byte[] evaluateChallenge(final byte[] challenge) throws SaslException + { + if (challenge == null) + { + throw new SaslException("null challenge"); + } + try + { + final String username; + final char[] password; + Callback[] callbacks; + + if ((!properties.containsKey(Registry.SASL_USERNAME)) + && (!properties.containsKey(Registry.SASL_PASSWORD))) + { + callbacks = new Callback[2]; + + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + final PasswordCallback pwdCB = new PasswordCallback("password: ", + false); + callbacks[0] = nameCB; + callbacks[1] = pwdCB; + this.handler.handle(callbacks); + username = nameCB.getName(); + password = pwdCB.getPassword(); + } + else + { + if (properties.containsKey(Registry.SASL_USERNAME)) + { + username = (String) properties.get(Registry.SASL_USERNAME); + } + else + { + callbacks = new Callback[1]; + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + callbacks[0] = nameCB; + this.handler.handle(callbacks); + username = nameCB.getName(); + } + + if (properties.containsKey(Registry.SASL_PASSWORD)) + { + password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); + } + else + { + callbacks = new Callback[1]; + final PasswordCallback pwdCB = new PasswordCallback( + "password: ", + false); + callbacks[0] = pwdCB; + this.handler.handle(callbacks); + password = pwdCB.getPassword(); + } + } + + if (password == null) + { + throw new SaslException("null password supplied"); + } + final byte[] digest; + try + { + digest = CramMD5Util.createHMac(password, challenge); + } + catch (InvalidKeyException x) + { + throw new AuthenticationException("evaluateChallenge()", x); + } + final String response = username + " " + + Util.toString(digest).toLowerCase(); + this.complete = true; + + return response.getBytes("UTF-8"); + } + catch (UnsupportedCallbackException x) + { + throw new AuthenticationException("evaluateChallenge()", x); + } + catch (IOException x) + { + throw new AuthenticationException("evaluateChallenge()", x); + } + } + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java new file mode 100644 index 0000000..1c61cac --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java @@ -0,0 +1,66 @@ +/* CramMD5Registry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +/** + * A list of properties common to CRAM-MD5 classes. + */ +public interface CramMD5Registry +{ + /** Name of the password file (used by the server) property. */ + String PASSWORD_FILE = "gnu.crypto.sasl.crammd5.password.file"; + + /** Default password file (used by the server) pathname. */ + String DEFAULT_PASSWORD_FILE = "/etc/passwd"; + + /** Name of the UID field in the plain password file. */ + String UID_FIELD = "crammd5.uid"; + + /** Name of the GID field in the plain password file. */ + String GID_FIELD = "crammd5.gid"; + + /** Name of the GECOS field in the plain password file. */ + String GECOS_FIELD = "crammd5.gecos"; + + /** Name of the DIR field in the plain password file. */ + String DIR_FIELD = "crammd5.dir"; + + /** Name of the SHELL field in the plain password file. */ + String SHELL_FIELD = "crammd5.shell"; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java new file mode 100644 index 0000000..d6622b6 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java @@ -0,0 +1,185 @@ +/* CramMD5Server.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.sasl.NoSuchUserException; +import gnu.javax.crypto.sasl.ServerMechanism; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.InvalidKeyException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import javax.security.sasl.AuthenticationException; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; + +/** + *

The CRAM-MD5 SASL server-side mechanism.

+ */ +public class CramMD5Server extends ServerMechanism implements SaslServer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private byte[] msgID; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public CramMD5Server() + { + super(Registry.SASL_CRAM_MD5_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslServer interface implementation ----------------- + + public byte[] evaluateResponse(final byte[] response) throws SaslException + { + if (state == 0) + { + msgID = CramMD5Util.createMsgID(); + state++; + return msgID; + } + + final String responseStr = new String(response); + final int index = responseStr.lastIndexOf(" "); + final String username = responseStr.substring(0, index); + final byte[] responseDigest; + try + { + responseDigest = responseStr.substring(index + 1).getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("evaluateResponse()", x); + } + + // Look up the password + final char[] password = lookupPassword(username); + + // Compute the digest + byte[] digest; + try + { + digest = CramMD5Util.createHMac(password, msgID); + } + catch (InvalidKeyException x) + { + throw new AuthenticationException("evaluateResponse()", x); + } + try + { + // digest = (new String(Util.toString(digest).toLowerCase())).getBytes("UTF-8"); + digest = Util.toString(digest).toLowerCase().getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("evaluateResponse()", x); + } + + // Compare the received and computed digests + if (!Arrays.equals(digest, responseDigest)) + { + throw new AuthenticationException("Digest mismatch"); + } + state++; + return null; + } + + public boolean isComplete() + { + return (state == 2); + } + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } + + // Other instance methods -------------------------------------------------- + + private char[] lookupPassword(final String userName) throws SaslException + { + try + { + if (!authenticator.contains(userName)) + { + throw new NoSuchUserException(userName); + } + final Map userID = new HashMap(); + userID.put(Registry.SASL_USERNAME, userName); + final Map credentials = authenticator.lookup(userID); + final String password = (String) credentials.get(Registry.SASL_PASSWORD); + if (password == null) + { + throw new AuthenticationException("lookupPassword()", + new InternalError()); + } + return password.toCharArray(); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("lookupPassword()", x); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java new file mode 100644 index 0000000..6e75393 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java @@ -0,0 +1,137 @@ +/* CramMD5Util.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.mac.HMacFactory; +import gnu.javax.crypto.mac.IMac; + +import java.io.UnsupportedEncodingException; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.InvalidKeyException; +import java.util.HashMap; + +import javax.security.sasl.SaslException; + +/** + * A package-private CRAM-MD5-specific utility class. + */ +class CramMD5Util +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + private CramMD5Util() + { + super(); + } + + // Class methods + // ------------------------------------------------------------------------- + + static byte[] createMsgID() throws SaslException + { + // + final String encoded; + try + { + encoded = Util.toBase64(Thread.currentThread().getName().getBytes( + "UTF-8")); + } + catch (UnsupportedEncodingException x) + { + throw new SaslException("createMsgID()", x); + } + String hostname = "localhost"; + try + { + hostname = InetAddress.getLocalHost().getHostAddress(); + } + catch (UnknownHostException ignored) + { + } + + final byte[] result; + try + { + result = new StringBuffer().append("<").append( + encoded.substring( + 0, + encoded.length())).append( + ".").append( + String.valueOf(System.currentTimeMillis())).append( + "@").append( + hostname).append( + ">").toString().getBytes( + "UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new SaslException("createMsgID()", x); + } + return result; + } + + static byte[] createHMac(final char[] passwd, final byte[] data) + throws InvalidKeyException, SaslException + { + final IMac mac = HMacFactory.getInstance(Registry.HMAC_NAME_PREFIX + + Registry.MD5_HASH); + final HashMap map = new HashMap(); + final byte[] km; + try + { + km = new String(passwd).getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new SaslException("createHMac()", x); + } + map.put(IMac.MAC_KEY_MATERIAL, km); + mac.init(map); + mac.update(data, 0, data.length); + return mac.digest(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java new file mode 100644 index 0000000..081af46 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/crammd5/PasswordFile.java @@ -0,0 +1,301 @@ +/* PasswordFile.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.crammd5; + +import gnu.javax.crypto.sasl.NoSuchUserException; +import gnu.javax.crypto.sasl.UserAlreadyExistsException; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.HashMap; +import java.util.Iterator; +import java.util.NoSuchElementException; +import java.util.StringTokenizer; + +/** + * The CRAM-MD5 password file representation. + */ +public class PasswordFile +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static String DEFAULT_FILE; + static + { + DEFAULT_FILE = System.getProperty(CramMD5Registry.PASSWORD_FILE, + CramMD5Registry.DEFAULT_PASSWORD_FILE); + } + + private HashMap entries; + + private File passwdFile; + + private long lastmod; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PasswordFile() throws IOException + { + this(DEFAULT_FILE); + } + + public PasswordFile(final File pwFile) throws IOException + { + this(pwFile.getAbsolutePath()); + } + + public PasswordFile(final String fileName) throws IOException + { + passwdFile = new File(fileName); + update(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public synchronized void add(final String user, final String passwd, + final String[] attributes) throws IOException + { + checkCurrent(); // check if the entry exists + if (entries.containsKey(user)) + { + throw new UserAlreadyExistsException(user); + } + if (attributes.length != 5) + { + throw new IllegalArgumentException("Wrong number of attributes"); + } + + final String[] fields = new String[7]; // create the new entry + fields[0] = user; + fields[1] = passwd; + System.arraycopy(attributes, 0, fields, 2, 5); + entries.put(user, fields); + savePasswd(); + } + + public synchronized void changePasswd(final String user, final String passwd) + throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { // check if the entry exists + throw new NoSuchUserException(user); + } + + final String[] fields = (String[]) entries.get(user); // get the existing entry + fields[1] = passwd; // modify the password field + entries.remove(user); // delete the existing entry + entries.put(user, fields); // add the new entry + + savePasswd(); + } + + public synchronized String[] lookup(final String user) throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { + throw new NoSuchUserException(user); + } + return (String[]) entries.get(user); + } + + public synchronized boolean contains(final String s) throws IOException + { + checkCurrent(); + + return entries.containsKey(s); + } + + private synchronized void update() throws IOException + { + lastmod = passwdFile.lastModified(); + readPasswd(new FileInputStream(passwdFile)); + } + + private void checkCurrent() throws IOException + { + if (passwdFile.lastModified() > lastmod) + { + update(); + } + } + + private synchronized void readPasswd(final InputStream in) throws IOException + { + final BufferedReader din = new BufferedReader(new InputStreamReader(in)); + String line; + entries = new HashMap(); + while ((line = din.readLine()) != null) + { + final String[] fields = new String[7]; + final StringTokenizer st = new StringTokenizer(line, ":", true); + try + { + fields[0] = st.nextToken(); // username + st.nextToken(); + + fields[1] = st.nextToken(); // passwd + if (fields[1].equals(":")) + { + fields[1] = ""; + } + else + { + st.nextToken(); + } + + fields[2] = st.nextToken(); // uid + if (fields[2].equals(":")) + { + fields[2] = ""; + } + else + { + st.nextToken(); + } + + fields[3] = st.nextToken(); // gid + if (fields[3].equals(":")) + { + fields[3] = ""; + } + else + { + st.nextToken(); + } + + fields[4] = st.nextToken(); // gecos + if (fields[4].equals(":")) + { + fields[4] = ""; + } + else + { + st.nextToken(); + } + + fields[5] = st.nextToken(); // dir + if (fields[5].equals(":")) + { + fields[5] = ""; + } + else + { + st.nextToken(); + } + + fields[6] = st.nextToken(); // shell + if (fields[6].equals(":")) + { + fields[6] = ""; + } + } + catch (NoSuchElementException x) + { + continue; + } + + entries.put(fields[0], fields); + } + } + + private synchronized void savePasswd() throws IOException + { + if (passwdFile != null) + { + final FileOutputStream fos = new FileOutputStream(passwdFile); + PrintWriter pw = null; + try + { + pw = new PrintWriter(fos); + String key; + String[] fields; + StringBuffer sb; + int i; + for (Iterator it = entries.keySet().iterator(); it.hasNext();) + { + key = (String) it.next(); + fields = (String[]) entries.get(key); + sb = new StringBuffer(fields[0]); + for (i = 1; i < fields.length; i++) + { + sb.append(":").append(fields[i]); + } + pw.println(sb.toString()); + } + } + finally + { + if (pw != null) + { + try + { + pw.flush(); + } + finally + { + pw.close(); + } + } + try + { + fos.close(); + } + catch (IOException ignored) + { + } + lastmod = passwdFile.lastModified(); + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java new file mode 100644 index 0000000..4ef6b85 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PasswordFile.java @@ -0,0 +1,309 @@ +/* PasswordFile.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.plain; + +import gnu.classpath.SystemProperties; + +import gnu.javax.crypto.sasl.NoSuchUserException; +import gnu.javax.crypto.sasl.UserAlreadyExistsException; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.StringTokenizer; +import java.util.NoSuchElementException; + +/** + * A representation of a Plain password file. + */ +public class PasswordFile +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static String DEFAULT_FILE; + static + { + DEFAULT_FILE = SystemProperties.getProperty(PlainRegistry.PASSWORD_FILE, + PlainRegistry.DEFAULT_PASSWORD_FILE); + } + + private Hashtable entries; + + private File passwdFile; + + // private String[] last_params; + private long lastmod; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PasswordFile() throws IOException + { + this(DEFAULT_FILE); + } + + public PasswordFile(File pwFile) throws IOException + { + this(pwFile.getAbsolutePath()); + } + + public PasswordFile(String fileName) throws IOException + { + passwdFile = new File(fileName); + update(); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + public synchronized void add(String user, String passwd, String[] attributes) + throws IOException + { + checkCurrent(); + if (entries.containsKey(user)) + { + throw new UserAlreadyExistsException(user); + } + if (attributes.length != 5) + { + throw new IllegalArgumentException("Wrong number of attributes"); + } + // create the new entry + String[] fields = new String[7]; + fields[0] = user; + fields[1] = passwd; + System.arraycopy(attributes, 0, fields, 2, 5); + entries.put(user, fields); + + savePasswd(); + } + + public synchronized void changePasswd(String user, String passwd) + throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { + throw new NoSuchUserException(user); + } + + String[] fields = (String[]) entries.get(user); // get the existing entry + fields[1] = passwd; // modify the password field + entries.remove(user); // delete the existing entry + entries.put(user, fields); // add the new entry + + savePasswd(); + } + + public synchronized String[] lookup(String user) throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { + throw new NoSuchUserException(user); + } + return (String[]) entries.get(user); + } + + public synchronized boolean contains(String s) throws IOException + { + checkCurrent(); + return entries.containsKey(s); + } + + //----------------------------------------------------------------// + + private synchronized void update() throws IOException + { + lastmod = passwdFile.lastModified(); + readPasswd(new FileInputStream(passwdFile)); + } + + private void checkCurrent() throws IOException + { + if (passwdFile.lastModified() > lastmod) + { + update(); + } + } + + private synchronized void readPasswd(InputStream in) throws IOException + { + BufferedReader din = new BufferedReader(new InputStreamReader(in)); + String line; + entries = new Hashtable(); + String[] fields = new String[7]; + while ((line = din.readLine()) != null) + { + StringTokenizer st = new StringTokenizer(line, ":", true); + try + { + fields[0] = st.nextToken(); // username + st.nextToken(); + + fields[1] = st.nextToken(); // passwd + if (fields[1].equals(":")) + { + fields[1] = ""; + } + else + { + st.nextToken(); + } + + fields[2] = st.nextToken(); // uid + if (fields[2].equals(":")) + { + fields[2] = ""; + } + else + { + st.nextToken(); + } + + fields[3] = st.nextToken(); // gid + if (fields[3].equals(":")) + { + fields[3] = ""; + } + else + { + st.nextToken(); + } + + fields[4] = st.nextToken(); // gecos + if (fields[4].equals(":")) + { + fields[4] = ""; + } + else + { + st.nextToken(); + } + + fields[5] = st.nextToken(); // dir + if (fields[5].equals(":")) + { + fields[5] = ""; + } + else + { + st.nextToken(); + } + + fields[6] = st.nextToken(); // shell + if (fields[6].equals(":")) + { + fields[6] = ""; + } + } + catch (NoSuchElementException ignored) + { + continue; + } + + entries.put(fields[0], fields); + } + } + + private synchronized void savePasswd() throws IOException + { + if (passwdFile != null) + { + FileOutputStream fos = new FileOutputStream(passwdFile); + PrintWriter pw = null; + try + { + pw = new PrintWriter(fos); + String key; + String[] fields; + StringBuffer sb; + Enumeration keys = entries.keys(); + while (keys.hasMoreElements()) + { + key = (String) keys.nextElement(); + fields = (String[]) entries.get(key); + sb = new StringBuffer(fields[0]); + for (int i = 1; i < fields.length; i++) + { + sb.append(":" + fields[i]); + } + pw.println(sb.toString()); + } + } + finally + { + if (pw != null) + { + try + { + pw.flush(); + } + finally + { + pw.close(); + } + } + if (fos != null) + { + try + { + fos.close(); + } + catch (IOException ignored) + { + } + } + lastmod = passwdFile.lastModified(); + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java new file mode 100644 index 0000000..9882ce9 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java @@ -0,0 +1,206 @@ +/* PlainAuthInfoProvider.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.plain; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.IAuthInfoProvider; +import gnu.javax.crypto.sasl.NoSuchUserException; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.security.sasl.AuthenticationException; + +/** + * The PLAIN mechanism authentication information provider implementation. + */ +public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private PasswordFile passwordFile = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-args constrcutor + + // Class methods + // ------------------------------------------------------------------------- + + // IAuthInfoProvider interface implementation + // ------------------------------------------------------------------------- + + public void activate(Map context) throws AuthenticationException + { + try + { + if (context == null) + { + passwordFile = new PasswordFile(); + } + else + { + String pfn = (String) context.get(PASSWORD_FILE); + if (pfn == null) + { + passwordFile = new PasswordFile(); + } + else + { + passwordFile = new PasswordFile(pfn); + } + } + } + catch (IOException x) + { + throw new AuthenticationException("activate()", x); + } + } + + public void passivate() throws AuthenticationException + { + passwordFile = null; + } + + public boolean contains(String userName) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("contains()", + new IllegalStateException()); + } + boolean result = false; + try + { + result = passwordFile.contains(userName); + } + catch (IOException x) + { + throw new AuthenticationException("contains()", x); + } + return result; + } + + public Map lookup(Map userID) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("lookup()", + new IllegalStateException()); + } + Map result = new HashMap(); + try + { + String userName = (String) userID.get(Registry.SASL_USERNAME); + if (userName == null) + { + throw new NoSuchUserException(""); + } + String[] data = passwordFile.lookup(userName); + result.put(Registry.SASL_USERNAME, data[0]); + result.put(Registry.SASL_PASSWORD, data[1]); + result.put(UID_FIELD, data[2]); + result.put(GID_FIELD, data[3]); + result.put(GECOS_FIELD, data[4]); + result.put(DIR_FIELD, data[5]); + result.put(SHELL_FIELD, data[6]); + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + else + { + throw new AuthenticationException("lookup()", x); + } + } + return result; + } + + public void update(Map userCredentials) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("update()", + new IllegalStateException()); + } + try + { + String userName = (String) userCredentials.get(Registry.SASL_USERNAME); + String password = (String) userCredentials.get(Registry.SASL_PASSWORD); + String uid = (String) userCredentials.get(UID_FIELD); + String gid = (String) userCredentials.get(GID_FIELD); + String gecos = (String) userCredentials.get(GECOS_FIELD); + String dir = (String) userCredentials.get(DIR_FIELD); + String shell = (String) userCredentials.get(SHELL_FIELD); + if (uid == null || gid == null || gecos == null || dir == null + || shell == null) + { + passwordFile.changePasswd(userName, password); + } + else + { + String[] attributes = new String[] { uid, gid, gecos, dir, shell }; + passwordFile.add(userName, password, attributes); + } + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + else + { + throw new AuthenticationException("update()", x); + } + } + } + + public Map getConfiguration(String mode) throws AuthenticationException + { + throw new AuthenticationException("", new UnsupportedOperationException()); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java new file mode 100644 index 0000000..066db37 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainClient.java @@ -0,0 +1,193 @@ +/* PlainClient.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.plain; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.ClientMechanism; + +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslException; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; + +/** + *

The PLAIN SASL client-side mechanism.

+ */ +public class PlainClient extends ClientMechanism implements SaslClient +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PlainClient() + { + super(Registry.SASL_PLAIN_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslClient interface implementation ----------------- + + public boolean hasInitialResponse() + { + return true; + } + + public byte[] evaluateChallenge(final byte[] challenge) throws SaslException + { + try + { + final String username; + final char[] password; + Callback[] callbacks; + + if ((!properties.containsKey(Registry.SASL_USERNAME)) + && (!properties.containsKey(Registry.SASL_PASSWORD))) + { + callbacks = new Callback[2]; + + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + final PasswordCallback pwdCB = new PasswordCallback("password: ", + false); + callbacks[0] = nameCB; + callbacks[1] = pwdCB; + this.handler.handle(callbacks); + username = nameCB.getName(); + password = pwdCB.getPassword(); + } + else + { + if (properties.containsKey(Registry.SASL_USERNAME)) + { + username = (String) properties.get(Registry.SASL_USERNAME); + } + else + { + callbacks = new Callback[1]; + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + callbacks[0] = nameCB; + this.handler.handle(callbacks); + username = nameCB.getName(); + } + + if (properties.containsKey(Registry.SASL_PASSWORD)) + { + password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); + } + else + { + callbacks = new Callback[1]; + final PasswordCallback pwdCB = new PasswordCallback( + "password: ", + false); + callbacks[0] = pwdCB; + this.handler.handle(callbacks); + password = pwdCB.getPassword(); + } + } + + if (password == null) + { + throw new SaslException("null password supplied"); + } + final StringBuffer sb = new StringBuffer(); + if (authorizationID != null) + { + sb.append(authorizationID); + } + sb.append('\0'); + sb.append(username); + sb.append('\0'); + sb.append(password); + this.complete = true; + + final byte[] response = sb.toString().getBytes("UTF-8"); + return response; + } + catch (Exception x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("evaluateChallenge()", x); + } + } + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java new file mode 100644 index 0000000..0b48c0a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainRegistry.java @@ -0,0 +1,67 @@ +/* PlainRegistry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.plain; + +public interface PlainRegistry +{ + + // Constants + // ------------------------------------------------------------------------- + + /** Name of PLAIN password file property. */ + String PASSWORD_FILE = "gnu.crypto.sasl.plain.password.file"; + + /** Default fully qualified pathname of the PLAIN password file. */ + String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; + + /** Name of the UID field in the plain password file. */ + String UID_FIELD = "plain.uid"; + + /** Name of the GID field in the plain password file. */ + String GID_FIELD = "plain.gid"; + + /** Name of the GECOS field in the plain password file. */ + String GECOS_FIELD = "plain.gecos"; + + /** Name of the DIR field in the plain password file. */ + String DIR_FIELD = "plain.dir"; + + /** Name of the SHELL field in the plain password file. */ + String SHELL_FIELD = "plain.shell"; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java new file mode 100644 index 0000000..2056884 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/plain/PlainServer.java @@ -0,0 +1,196 @@ +/* PlainServer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.plain; + +import gnu.java.security.Registry; +import gnu.javax.crypto.sasl.NoSuchUserException; +import gnu.javax.crypto.sasl.ServerMechanism; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; +import java.util.NoSuchElementException; +import java.util.StringTokenizer; + +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; + +/** + *

The PLAIN SASL server-side mechanism.

+ */ +public class PlainServer extends ServerMechanism implements SaslServer +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PlainServer() + { + super(Registry.SASL_PLAIN_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + } + + protected void resetMechanism() throws SaslException + { + } + + // javax.security.sasl.SaslServer interface implementation ----------------- + + public byte[] evaluateResponse(final byte[] response) throws SaslException + { + if (response == null) + { + return null; + } + try + { + final String nullStr = new String("\0"); + final StringTokenizer strtok = new StringTokenizer( + new String(response), + nullStr, true); + + authorizationID = strtok.nextToken(); + if (!authorizationID.equals(nullStr)) + { + strtok.nextToken(); + } + else + { + authorizationID = null; + } + final String id = strtok.nextToken(); + if (id.equals(nullStr)) + { + throw new SaslException("No identity given"); + } + if (authorizationID == null) + { + authorizationID = id; + } + if ((!authorizationID.equals(nullStr)) && (!authorizationID.equals(id))) + { + throw new SaslException("Delegation not supported"); + } + strtok.nextToken(); + final byte[] pwd; + try + { + pwd = strtok.nextToken().getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new SaslException("evaluateResponse()", x); + } + if (pwd == null) + { + throw new SaslException("No password given"); + } + final byte[] password; + try + { + password = new String(lookupPassword(id)).getBytes("UTF-8"); + } + catch (UnsupportedEncodingException x) + { + throw new SaslException("evaluateResponse()", x); + } + if (!Arrays.equals(pwd, password)) + { + throw new SaslException("Password incorrect"); + } + this.complete = true; + return null; + } + catch (NoSuchElementException x) + { + throw new SaslException("evaluateResponse()", x); + } + } + + protected String getNegotiatedQOP() + { + return Registry.QOP_AUTH; + } + + // other methods ----------------------------------------------------------- + + private char[] lookupPassword(final String userName) throws SaslException + { + try + { + if (!authenticator.contains(userName)) + { + throw new NoSuchUserException(userName); + } + final Map userID = new HashMap(); + userID.put(Registry.SASL_USERNAME, userName); + final Map credentials = authenticator.lookup(userID); + final String password = (String) credentials.get(Registry.SASL_PASSWORD); + if (password == null) + { + throw new SaslException("lookupPassword()", new InternalError()); + } + return password.toCharArray(); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("lookupPassword()", x); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java new file mode 100644 index 0000000..6215783 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/CALG.java @@ -0,0 +1,292 @@ +/* CALG.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.javax.crypto.assembly.Assembly; +import gnu.javax.crypto.assembly.Cascade; +import gnu.javax.crypto.assembly.Direction; +import gnu.javax.crypto.assembly.Stage; +import gnu.javax.crypto.assembly.Transformer; +import gnu.javax.crypto.assembly.TransformerException; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.pad.IPad; +import gnu.javax.crypto.pad.PadFactory; +import gnu.javax.crypto.sasl.ConfidentialityException; + +import java.util.HashMap; + +import javax.security.sasl.SaslException; + +/** + *

A Factory class that returns CALG (Confidentiality Algorithm) instances + * that operate as described in the draft-burdis-cat-sasl-srp-08.

+ * + *

The designated CALG block cipher should be used in OFB (Output Feedback + * Block) mode in the ISO variant, as described in The Handbook of Applied + * Cryptography, algorithm 7.20.

+ * + *

Let k be the block size of the chosen symmetric key block + * cipher algorithm; e.g. for AES this is 128 bits or 16 + * octets. The OFB mode used shall be of length/size k.

+ * + *

It is recommended that block ciphers operating in OFB mode be used with an + * Initial Vector (the mode's IV). In such a mode of operation - OFB with key + * re-use - the IV need not be secret. For the mechanism in question the IVs + * shall be a random octet sequence of k bytes.

+ * + * The input data to the confidentiality protection algorithm shall be + * a multiple of the symmetric cipher block size k. When the input + * length is not a multiple of k octets, the data shall be padded + * according to the following scheme:

+ * + *

Assuming the length of the input is l octets, + * (k - (l mod k)) octets, all having the value + * (k - (l mod k)), shall be appended to the original data. In + * other words, the input is padded at the trailing end with one of the + * following sequences:

+ * + * 
+ *
+ *                    01 -- if l mod k = k-1
+ *                   02 02 -- if l mod k = k-2
+ *                             ...
+ *                             ...
+ *                             ...
+ *                 k k ... k k -- if l mod k = 0
+ *
+ * + *

The padding can be removed unambiguously since all input is padded and no + * padding sequence is a suffix of another. This padding method is well-defined + * if and only if k < 256 octets, which is the case with + * symmetric key block ciphers today, and in the forseeable future.

+ */ +public final class CALG +{ + + // Constants and variables + // -------------------------------------------------------------------------- + + private Assembly assembly; + + private Object modeNdx; // initialisation key of the cascade's attributes + + private int blockSize; // the underlying cipher's blocksize == IV length + + private int keySize; // the underlying cipher's key size (in bytes). + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** Private constructor to enforce instantiation through Factory method. */ + private CALG(final int blockSize, final int keySize, final Object modeNdx, + final Assembly assembly) + { + super(); + + this.blockSize = blockSize; + this.keySize = keySize; + this.modeNdx = modeNdx; + this.assembly = assembly; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a SASL-SRP CALG implementation.

+ * + * @param algorithm the name of the symmetric cipher algorithm. + * @return an instance of this object. + */ + static synchronized CALG getInstance(final String algorithm) + { + final IBlockCipher cipher = CipherFactory.getInstance(algorithm); + final int blockSize = cipher.defaultBlockSize(); + final int keySize = cipher.defaultKeySize(); + final Cascade ofbCipher = new Cascade(); + final Object modeNdx = ofbCipher.append(Stage.getInstance( + ModeFactory.getInstance( + Registry.OFB_MODE, + cipher, + blockSize), + Direction.FORWARD)); + final IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD); + // the passed IV may be longer that what we need. ensure correct length + // byte[] realIV = null; + // if (iv.length == blockSize) { + // realIV = iv; + // } else { + // realIV = new byte[blockSize]; + // if (iv.length > blockSize) { + // System.arraycopy(iv, 0, realIV, 0, blockSize); + // } else { // shouldnt happen + // System.arraycopy(iv, 0, realIV, 0, iv.length); + // } + // } + + // HashMap modeAttributes = new HashMap(); + // modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone()); + // modeAttributes.put(IMode.IV, realIV); + + final Assembly asm = new Assembly(); + asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher)); + asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7)); + + // HashMap attributes = new HashMap(); + // attributes.put(Assembly.DIRECTION, dir); + // attributes.put(modeNdx, modeAttributes); + // try { + // asm.init(attributes); + // } catch (TransformerException x) { + // throw new SaslException("getInstance()", x); + // } + + return new CALG(blockSize, keySize, modeNdx, asm); + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Initialises a SASL-SRP CALG implementation.

+ * + * @param kdf the key derivation function. + * @param iv the initial vector value to use. + * @param dir whether this CALG is used for encryption or decryption. + */ + // public void init(byte[] K, byte[] iv, Direction dir) throws SaslException { + public void init(final KDF kdf, final byte[] iv, final Direction dir) + throws SaslException + { + // IBlockCipher cipher = CipherFactory.getInstance(algorithm); + // int blockSize = cipher.defaultBlockSize(); + // Cascade ofbCipher = new Cascade(); + // Object modeNdx = ofbCipher.append( + // Stage.getInstace( + // ModeFactory.getInstance(Registry.OFB_MODE, cipher, blockSize), + // Direction.FORWARD)); + // IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD); + // the passed IV may be longer that what we need. ensure correct length + final byte[] realIV; + if (iv.length == blockSize) + { + realIV = iv; + } + else + { + realIV = new byte[blockSize]; + if (iv.length > blockSize) + { + System.arraycopy(iv, 0, realIV, 0, blockSize); + } + else + { // shouldnt happen + System.arraycopy(iv, 0, realIV, 0, iv.length); + } + } + + final HashMap modeAttributes = new HashMap(); + // modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone()); + final byte[] sk = kdf.derive(keySize); + modeAttributes.put(IBlockCipher.KEY_MATERIAL, sk); + //System.out.println("**** Initialised CALG with: "+gnu.crypto.util.Util.dumpString(sk)); + modeAttributes.put(IMode.IV, realIV); + + // Assembly asm = new Assembly(); + // asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher)); + // asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7)); + + final HashMap attributes = new HashMap(); + attributes.put(Assembly.DIRECTION, dir); + attributes.put(modeNdx, modeAttributes); + try + { + // asm.init(attributes); + assembly.init(attributes); + } + catch (TransformerException x) + { + throw new SaslException("getInstance()", x); + } + + // return new CALG(asm); + } + + /** + *

Encrypts or decrypts, depending on the mode already set, a designated + * array of bytes and returns the result.

+ * + * @param data the data to encrypt/decrypt. + * @return the decrypted/encrypted result. + * @throws ConfidentialityException if an exception occurs duirng the process. + */ + public byte[] doFinal(final byte[] data) throws ConfidentialityException + { + return doFinal(data, 0, data.length); + } + + /** + *

Encrypts or decrypts, depending on the mode already set, a designated + * array of bytes and returns the result.

+ * + * @param data the data to encrypt/decrypt. + * @param offset where to start in data. + * @param length how many bytes to consider in data. + * @return the decrypted/encrypted result. + * @throws ConfidentialityException if an exception occurs duirng the process. + */ + public byte[] doFinal(final byte[] data, final int offset, final int length) + throws ConfidentialityException + { + final byte[] result; + try + { + result = assembly.lastUpdate(data, offset, length); + } + catch (TransformerException x) + { + throw new ConfidentialityException("doFinal()", x); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java new file mode 100644 index 0000000..ce16f4a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/ClientStore.java @@ -0,0 +1,173 @@ +/* ClientStore.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import java.util.HashMap; + +/** + *

The client-side implementation of the SRP security context store.

+ */ +public class ClientStore +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The underlying singleton. */ + private static ClientStore singleton = null; + + /** The map of uid --> SASL Security Context record. */ + private static final HashMap uid2ssc = new HashMap(); + + /** The map of sid --> Session timing record. */ + private static final HashMap uid2ttl = new HashMap(); + + /** A synchronisation lock. */ + private static final Object lock = new Object(); + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Private constructor to enforce Singleton pattern. */ + private ClientStore() + { + super(); + + // TODO: add a cleaning timer thread + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns the classloader Singleton.

+ * + * @return the classloader Singleton instance. + */ + static synchronized final ClientStore instance() + { + if (singleton == null) + { + singleton = new ClientStore(); + } + return singleton; + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns a boolean flag indicating if the designated client's session is + * still alive or not.

+ * + * @param uid the identifier of the client whose session to check. + * @return true if the designated client's session is still + * alive. false otherwise. + */ + boolean isAlive(final String uid) + { + final boolean result; + synchronized (lock) + { + final Object obj = uid2ssc.get(uid); + result = (obj != null); + if (result) + { // is it still alive? + final StoreEntry sto = (StoreEntry) uid2ttl.get(uid); + if (!sto.isAlive()) + { // invalidate it + uid2ssc.remove(uid); + uid2ttl.remove(uid); + } + } + } + return result; + } + + /** + *

Records a mapping between a client's unique identifier and its security + * context.

+ * + * @param uid the unique identifier of the SRP client for which the session + * is to be cached. + * @param ttl the session's Time-To-Live indicator (in seconds). + * @param ctx the client's security context. + */ + void cacheSession(final String uid, final int ttl, final SecurityContext ctx) + { + synchronized (lock) + { + uid2ssc.put(uid, ctx); + uid2ttl.put(uid, new StoreEntry(ttl)); + } + } + + /** + *

Removes the mapping between the designated SRP client unique identifier + * and the its session security context (and other timing information).

+ * + * @param uid the identifier of the client whose session is to invalidate. + */ + void invalidateSession(final String uid) + { + synchronized (lock) + { + uid2ssc.remove(uid); + uid2ttl.remove(uid); + } + } + + /** + *

Returns an SRP client's security context record mapped by that client's + * unique identifier.

+ * + * @param uid the identifier of the client whose session is to restore. + * @return the SRP client's security context. + */ + SecurityContext restoreSession(final String uid) + { + final SecurityContext result; + synchronized (lock) + { + result = (SecurityContext) uid2ssc.remove(uid); + uid2ttl.remove(uid); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java new file mode 100644 index 0000000..cfaf22b --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/IALG.java @@ -0,0 +1,159 @@ +/* IALG.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; + +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.util.HashMap; + +import javax.security.sasl.SaslException; + +/** + *

A Factory class that returns IALG (Integrity Algorithm) instances that + * operate as described in the draft-burdis-cat-sasl-srp-04 and later.

+ * + * @version $Revision: 1.1 $ + */ +public final class IALG implements Cloneable +{ + + // Constants and variables + // -------------------------------------------------------------------------- + + private IMac hmac; + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** Private constructor to enforce instantiation through Factory method. */ + private IALG(final IMac hmac) + { + super(); + + this.hmac = hmac; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of a SASL-SRP IALG implementation.

+ * + * @param algorithm the name of the HMAC algorithm. + * @return an instance of this object. + */ + static synchronized IALG getInstance(final String algorithm) + throws SaslException + { + final IMac hmac; + hmac = MacFactory.getInstance(algorithm); + if (hmac == null) + { + throw new SaslException("getInstance()", + new NoSuchAlgorithmException(algorithm)); + } + // try { + // byte[] sk = (byte[]) K.clone(); + // HashMap map = new HashMap(); + // map.put(IMac.MAC_KEY_MATERIAL, sk); + // hmac.init(map); + // } catch (InvalidKeyException x) { + // throw new SaslException("getInstance()", x); + // } + return new IALG(hmac); + } + + // Instance methods + // ------------------------------------------------------------------------- + + // Cloneable interface implementation -------------------------------------- + + public Object clone() throws CloneNotSupportedException + { + return new IALG((IMac) hmac.clone()); + } + + // other methdds ----------------------------------------------------------- + + // public void init(final byte[] K) throws SaslException { + public void init(final KDF kdf) throws SaslException + { + try + { + // final byte[] sk = (byte[]) K.clone(); + final byte[] sk = kdf.derive(hmac.macSize()); + final HashMap map = new HashMap(); + map.put(IMac.MAC_KEY_MATERIAL, sk); + hmac.init(map); + //System.out.println("**** Initialised IALG with: "+gnu.crypto.util.Util.dumpString(sk)); + } + catch (InvalidKeyException x) + { + throw new SaslException("getInstance()", x); + } + } + + public void update(final byte[] data) + { + hmac.update(data, 0, data.length); + } + + public void update(final byte[] data, final int offset, final int length) + { + hmac.update(data, offset, length); + } + + public byte[] doFinal() + { + return hmac.digest(); + } + + /** + *

Returns the length (in bytes) of this SASL SRP Integrity Algorithm.

+ * + * @return the length, in bytes, of this integrity protection algorithm. + */ + public int length() + { + return hmac.macSize(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java new file mode 100644 index 0000000..0d5eeac --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/KDF.java @@ -0,0 +1,169 @@ +/* KDF.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.prng.UMacGenerator; + +import java.util.HashMap; + +/** + *

The SASL-SRP KDF implementation, which is also used, depending on how it + * was instantiated, as a secure Pseudo Random Number Generator.

+ */ +public class KDF +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private static final int AES_BLOCK_SIZE = 16; // default block size for the AES + + private static final int AES_KEY_SIZE = 16; // default key size for the AES + + private static final byte[] buffer = new byte[1]; + + /** Our default source of randomness. */ + private static final PRNG prng = PRNG.getInstance(); + + /** The shared secret K to use. */ + // private byte[] keyMaterial; + /** The underlying UMAC Generator instance. */ + private UMacGenerator umac = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + *

Constructs an instance of the KDF initialised with the + * designated shared secret bytes.

+ * + * @param keyMaterial the SASL SRP shared secret (K) bytes. + */ + private KDF(final byte[] keyMaterial, final int ndx) + { + super(); + + // if (ndx != 0) { + // this.keyMaterial = (byte[]) keyMaterial.clone(); + // } + final HashMap map = new HashMap(); + map.put(UMacGenerator.CIPHER, Registry.AES_CIPHER); + map.put(UMacGenerator.INDEX, new Integer(ndx)); + map.put(IBlockCipher.CIPHER_BLOCK_SIZE, new Integer(AES_BLOCK_SIZE)); + final byte[] key = new byte[AES_KEY_SIZE]; + System.arraycopy(keyMaterial, 0, key, 0, AES_KEY_SIZE); + map.put(IBlockCipher.KEY_MATERIAL, key); + + umac = new UMacGenerator(); + umac.init(map); + //System.out.println("**** Initialised KDF with: "+gnu.crypto.util.Util.dumpString(key)); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

A Factory mehod that returns an instance of a KDF based on + * supplied seed data.

+ * + * @param K the SASL SRP shared secret for a KDF to be used for + * CALG and IALG setup. null otherwise. + * @return an instance of a KDF. + */ + static final KDF getInstance(final byte[] K) + { + int ndx = -1; + final byte[] keyMaterial; + if (K != null) + { + keyMaterial = K; + ndx = 0; + } + else + { + keyMaterial = new byte[AES_BLOCK_SIZE]; + while (ndx < 1 || ndx > 255) + ndx = (byte) nextByte(); + } + return new KDF(keyMaterial, ndx); + } + + private static synchronized final int nextByte() + { + prng.nextBytes(buffer); + return (buffer[0] & 0xFF); + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns a designated number of bytes suitable for use in the SASL SRP + * mechanism.

+ * + * @param length the number of bytes needed. + * @return a byte array containing the generated/selected bytes. + */ + public synchronized byte[] derive(final int length) + { + final byte[] result = new byte[length]; + // if (keyMaterial == null || length > keyMaterial.length) { + try + { + umac.nextBytes(result, 0, length); + } + catch (IllegalStateException x) + { // should not happen + x.printStackTrace(System.err); + } + catch (LimitReachedException x) + { // idem + x.printStackTrace(System.err); + } + // } else { + // System.arraycopy(keyMaterial, 0, result, 0, length); + // } + + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java new file mode 100644 index 0000000..1628a41 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/PasswordFile.java @@ -0,0 +1,699 @@ +/* PasswordFile.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; +import gnu.javax.crypto.key.srp6.SRPAlgorithm; +import gnu.javax.crypto.sasl.NoSuchUserException; +import gnu.javax.crypto.sasl.UserAlreadyExistsException; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.util.HashMap; +import java.util.Iterator; +import java.util.NoSuchElementException; +import java.util.StringTokenizer; + +/** + *

The implementation of SRP password files.

+ * + *

For SRP, there are three (3) files: + *

    + *
  1. The password configuration file: tpasswd.conf. It contains the pairs + * <N,g> indexed by a number for each pair used for a user. By default, + * this file's pathname is constructed from the base password file pathname + * by prepending it with the ".conf" suffix.
    2. + * + *
  2. The base password file: tpasswd. It contains the related password + * entries for all the users with values computed using SRP's default + * message digest algorithm: SHA-1 (with 160-bit output block size).
    3. + * + *
  3. The extended password file: tpasswd2. Its name, by default, is + * constructed by adding the suffix "2" to the fully qualified pathname of + * the base password file. It contains, in addition to the same fields as + * the base password file, albeit with a different verifier value, an extra + * field identifying the message digest algorithm used to compute this + * (verifier) value.
    4. + *

+ * + *

This implementation assumes the following message digest algorithm codes: + *

    + *
  • 0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).
    • + *
  • 1: MD5.
    • + *
  • 2: RIPEMD-128.
    • + *
  • 3: RIPEMD-160.
    • + *
  • 4: SHA-256.
    • + *
  • 5: SHA-384.
    • + *
  • 6: SHA-512.
    • + *

+ * + *

IMPORTANT: This method computes the verifiers as described in + * RFC-2945, which differs from the description given on the web page for + * SRP-6.

+ * + *

Reference:

+ *
    + *
  1. SRP Protocol Design
    + * Thomas J. Wu.
    2. + *
+ */ +public class PasswordFile +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + // names of property keys used in this class + private static final String USER_FIELD = "user"; + + private static final String VERIFIERS_FIELD = "verifier"; + + private static final String SALT_FIELD = "salt"; + + private static final String CONFIG_FIELD = "config"; + + private static String DEFAULT_FILE; + static + { + DEFAULT_FILE = System.getProperty(SRPRegistry.PASSWORD_FILE, + SRPRegistry.DEFAULT_PASSWORD_FILE); + } + + /** The SRP algorithm instances used by this object. */ + private static final HashMap srps; + static + { + final HashMap map = new HashMap(SRPRegistry.SRP_ALGORITHMS.length); + // The first entry MUST exist. The others are optional. + map.put("0", SRP.instance(SRPRegistry.SRP_ALGORITHMS[0])); + for (int i = 1; i < SRPRegistry.SRP_ALGORITHMS.length; i++) + { + try + { + map.put(String.valueOf(i), + SRP.instance(SRPRegistry.SRP_ALGORITHMS[i])); + } + catch (Exception x) + { + System.err.println("Ignored: " + x); + x.printStackTrace(System.err); + } + } + srps = map; + } + + private String confName, pwName, pw2Name; + + private File configFile, passwdFile, passwd2File; + + private long lastmodPasswdFile, lastmodPasswd2File; + + private HashMap entries = new HashMap(); + + private HashMap configurations = new HashMap(); + + // default N values to use when creating a new password.conf file + private static final BigInteger[] Nsrp = new BigInteger[] { + SRPAlgorithm.N_2048, + SRPAlgorithm.N_1536, + SRPAlgorithm.N_1280, + SRPAlgorithm.N_1024, + SRPAlgorithm.N_768, + SRPAlgorithm.N_640, + SRPAlgorithm.N_512 }; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public PasswordFile() throws IOException + { + this(DEFAULT_FILE); + } + + public PasswordFile(final File pwFile) throws IOException + { + this(pwFile.getAbsolutePath()); + } + + public PasswordFile(final String pwName) throws IOException + { + this(pwName, pwName + "2", pwName + ".conf"); + } + + public PasswordFile(final String pwName, final String confName) + throws IOException + { + this(pwName, pwName + "2", confName); + } + + public PasswordFile(final String pwName, final String pw2Name, + final String confName) throws IOException + { + super(); + + this.pwName = pwName; + this.pw2Name = pw2Name; + this.confName = confName; + + readOrCreateConf(); + update(); + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns a string representing the decimal value of an integer + * identifying the message digest algorithm to use for the SRP computations. + *

+ * + * @param mdName the canonical name of a message digest algorithm. + * @return a string representing the decimal value of an ID for that + * algorithm. + */ + private static final String nameToID(final String mdName) + { + if (Registry.SHA_HASH.equalsIgnoreCase(mdName) + || Registry.SHA1_HASH.equalsIgnoreCase(mdName) + || Registry.SHA160_HASH.equalsIgnoreCase(mdName)) + { + return "0"; + } + else if (Registry.MD5_HASH.equalsIgnoreCase(mdName)) + { + return "1"; + } + else if (Registry.RIPEMD128_HASH.equalsIgnoreCase(mdName)) + { + return "2"; + } + else if (Registry.RIPEMD160_HASH.equalsIgnoreCase(mdName)) + { + return "3"; + } + else if (Registry.SHA256_HASH.equalsIgnoreCase(mdName)) + { + return "4"; + } + else if (Registry.SHA384_HASH.equalsIgnoreCase(mdName)) + { + return "5"; + } + else if (Registry.SHA512_HASH.equalsIgnoreCase(mdName)) + { + return "6"; + } + return "0"; + } + + // SRP password configuration file methods --------------------------------- + + /** + *

Checks if the current configuration file contains the <N, g> pair + * for the designated index.

+ * + * @param index a string representing 1-digit identification of an <N, g> + * pair used. + * @return true if the designated index is that of + * a known <N, g> pair, and false otherwise. + * @throws IOException if an exception occurs during the process. + * @see SRPRegistry#N_2048_BITS + * @see SRPRegistry#N_1536_BITS + * @see SRPRegistry#N_1280_BITS + * @see SRPRegistry#N_1024_BITS + * @see SRPRegistry#N_768_BITS + * @see SRPRegistry#N_640_BITS + * @see SRPRegistry#N_512_BITS + */ + public synchronized boolean containsConfig(final String index) + throws IOException + { + checkCurrent(); + return configurations.containsKey(index); + } + + /** + *

Returns a pair of strings representing the pair of N and + * g MPIs for the designated index.

+ * + * @param index a string representing 1-digit identification of an <N, g> + * pair to look up. + * @return a pair of strings, arranged in an array, where the first (at index + * position #0) is the repesentation of the MPI N, and the + * second (at index position #1) is the representation of the MPI + * g. If the index refers to an unknown pair, then + * an empty string array is returned. + * @throws IOException if an exception occurs during the process. + */ + public synchronized String[] lookupConfig(final String index) + throws IOException + { + checkCurrent(); + String[] result = null; + if (configurations.containsKey(index)) + { + result = (String[]) configurations.get(index); + } + return result; + } + + // SRP base and extended password configuration files methods -------------- + + public synchronized boolean contains(final String user) throws IOException + { + checkCurrent(); + return entries.containsKey(user); + } + + public synchronized void add(final String user, final String passwd, + final byte[] salt, final String index) + throws IOException + { + checkCurrent(); + if (entries.containsKey(user)) + { + throw new UserAlreadyExistsException(user); + } + final HashMap fields = new HashMap(4); + fields.put(USER_FIELD, user); // 0 + fields.put(VERIFIERS_FIELD, newVerifiers(user, salt, passwd, index)); // 1 + fields.put(SALT_FIELD, Util.toBase64(salt)); // 2 + fields.put(CONFIG_FIELD, index); // 3 + entries.put(user, fields); + savePasswd(); + } + + public synchronized void changePasswd(final String user, final String passwd) + throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { + throw new NoSuchUserException(user); + } + final HashMap fields = (HashMap) entries.get(user); + final byte[] salt; + try + { + salt = Util.fromBase64((String) fields.get(SALT_FIELD)); + } + catch (NumberFormatException x) + { + throw new IOException("Password file corrupt"); + } + final String index = (String) fields.get(CONFIG_FIELD); + fields.put(VERIFIERS_FIELD, newVerifiers(user, salt, passwd, index)); + entries.put(user, fields); + savePasswd(); + } + + public synchronized void savePasswd() throws IOException + { + final FileOutputStream f1 = new FileOutputStream(passwdFile); + final FileOutputStream f2 = new FileOutputStream(passwd2File); + PrintWriter pw1 = null; + PrintWriter pw2 = null; + try + { + pw1 = new PrintWriter(f1, true); + pw2 = new PrintWriter(f2, true); + this.writePasswd(pw1, pw2); + } + finally + { + if (pw1 != null) + { + try + { + pw1.flush(); + } + finally + { + pw1.close(); + } + } + if (pw2 != null) + { + try + { + pw2.flush(); + } + finally + { + pw2.close(); + } + } + try + { + f1.close(); + } + catch (IOException ignored) + { + } + try + { + f2.close(); + } + catch (IOException ignored) + { + } + } + lastmodPasswdFile = passwdFile.lastModified(); + lastmodPasswd2File = passwd2File.lastModified(); + } + + /** + *

Returns the triplet: verifier, salt and configuration file index, of a + * designated user, and a designated message digest algorithm name, as an + * array of strings.

+ * + * @param user the username. + * @param mdName the canonical name of the SRP's message digest algorithm. + * @return a string array containing, in this order, the BASE-64 encodings of + * the verifier, the salt and the index in the password configuration file of + * the MPIs N and g of the designated user. + */ + public synchronized String[] lookup(final String user, final String mdName) + throws IOException + { + checkCurrent(); + if (!entries.containsKey(user)) + { + throw new NoSuchUserException(user); + } + final HashMap fields = (HashMap) entries.get(user); + final HashMap verifiers = (HashMap) fields.get(VERIFIERS_FIELD); + final String salt = (String) fields.get(SALT_FIELD); + final String index = (String) fields.get(CONFIG_FIELD); + final String verifier = (String) verifiers.get(nameToID(mdName)); + return new String[] { verifier, salt, index }; + } + + // Other instance methods -------------------------------------------------- + + private synchronized void readOrCreateConf() throws IOException + { + configurations.clear(); + final FileInputStream fis; + configFile = new File(confName); + try + { + fis = new FileInputStream(configFile); + readConf(fis); + } + catch (FileNotFoundException x) + { // create a default one + final String g = Util.toBase64(Util.trim(new BigInteger("2"))); + String index, N; + for (int i = 0; i < Nsrp.length; i++) + { + index = String.valueOf(i + 1); + N = Util.toBase64(Util.trim(Nsrp[i])); + configurations.put(index, new String[] { N, g }); + } + FileOutputStream f0 = null; + PrintWriter pw0 = null; + try + { + f0 = new FileOutputStream(configFile); + pw0 = new PrintWriter(f0, true); + this.writeConf(pw0); + } + finally + { + if (pw0 != null) + { + pw0.close(); + } + else if (f0 != null) + { + f0.close(); + } + } + } + } + + private void readConf(final InputStream in) throws IOException + { + final BufferedReader din = new BufferedReader(new InputStreamReader(in)); + String line, index, N, g; + StringTokenizer st; + while ((line = din.readLine()) != null) + { + st = new StringTokenizer(line, ":"); + try + { + index = st.nextToken(); + N = st.nextToken(); + g = st.nextToken(); + } + catch (NoSuchElementException x) + { + throw new IOException("SRP password configuration file corrupt"); + } + configurations.put(index, new String[] { N, g }); + } + } + + private void writeConf(final PrintWriter pw) + { + String ndx; + String[] mpi; + StringBuffer sb; + for (Iterator it = configurations.keySet().iterator(); it.hasNext();) + { + ndx = (String) it.next(); + mpi = (String[]) configurations.get(ndx); + sb = new StringBuffer(ndx).append(":").append(mpi[0]).append(":").append( + mpi[1]); + pw.println(sb.toString()); + } + } + + /** + *

Compute the new verifiers for the designated username and password.

+ * + *

IMPORTANT: This method computes the verifiers as described in + * RFC-2945, which differs from the description given on the web page for + * SRP-6.

+ * + * @param user the user's name. + * @param s the user's salt. + * @param password the user's password + * @param index the index of the <N, g> pair to use for this user. + * @return a {@link java.util.Map} of user verifiers. + * @throws UnsupportedEncodingException if the US-ASCII decoder is not + * available on this platform. + */ + private HashMap newVerifiers(final String user, final byte[] s, + final String password, final String index) + throws UnsupportedEncodingException + { + // to ensure inter-operability with non-java tools + final String[] mpi = (String[]) configurations.get(index); + final BigInteger N = new BigInteger(1, Util.fromBase64(mpi[0])); + final BigInteger g = new BigInteger(1, Util.fromBase64(mpi[1])); + + final HashMap result = new HashMap(srps.size()); + BigInteger x, v; + SRP srp; + for (int i = 0; i < srps.size(); i++) + { + final String digestID = String.valueOf(i); + srp = (SRP) srps.get(digestID); + x = new BigInteger(1, srp.computeX(s, user, password)); + v = g.modPow(x, N); + final String verifier = Util.toBase64(v.toByteArray()); + + result.put(digestID, verifier); + } + return result; + } + + private synchronized void update() throws IOException + { + entries.clear(); + + FileInputStream fis; + passwdFile = new File(pwName); + lastmodPasswdFile = passwdFile.lastModified(); + try + { + fis = new FileInputStream(passwdFile); + readPasswd(fis); + } + catch (FileNotFoundException ignored) + { + } + passwd2File = new File(pw2Name); + lastmodPasswd2File = passwd2File.lastModified(); + try + { + fis = new FileInputStream(passwd2File); + readPasswd2(fis); + } + catch (FileNotFoundException ignored) + { + } + } + + private void checkCurrent() throws IOException + { + if (passwdFile.lastModified() > lastmodPasswdFile + || passwd2File.lastModified() > lastmodPasswd2File) + { + update(); + } + } + + private void readPasswd(final InputStream in) throws IOException + { + final BufferedReader din = new BufferedReader(new InputStreamReader(in)); + String line, user, verifier, salt, index; + StringTokenizer st; + while ((line = din.readLine()) != null) + { + st = new StringTokenizer(line, ":"); + try + { + user = st.nextToken(); + verifier = st.nextToken(); + salt = st.nextToken(); + index = st.nextToken(); + } + catch (NoSuchElementException x) + { + throw new IOException("SRP base password file corrupt"); + } + + final HashMap verifiers = new HashMap(6); + verifiers.put("0", verifier); + + final HashMap fields = new HashMap(4); + fields.put(USER_FIELD, user); + fields.put(VERIFIERS_FIELD, verifiers); + fields.put(SALT_FIELD, salt); + fields.put(CONFIG_FIELD, index); + + entries.put(user, fields); + } + } + + private void readPasswd2(final InputStream in) throws IOException + { + final BufferedReader din = new BufferedReader(new InputStreamReader(in)); + String line, digestID, user, verifier; + StringTokenizer st; + HashMap fields, verifiers; + while ((line = din.readLine()) != null) + { + st = new StringTokenizer(line, ":"); + try + { + digestID = st.nextToken(); + user = st.nextToken(); + verifier = st.nextToken(); + } + catch (NoSuchElementException x) + { + throw new IOException("SRP extended password file corrupt"); + } + + fields = (HashMap) entries.get(user); + if (fields != null) + { + verifiers = (HashMap) fields.get(VERIFIERS_FIELD); + verifiers.put(digestID, verifier); + } + } + } + + private void writePasswd(final PrintWriter pw1, final PrintWriter pw2) + throws IOException + { + String user, digestID; + HashMap fields, verifiers; + StringBuffer sb1, sb2; + Iterator j; + final Iterator i = entries.keySet().iterator(); + while (i.hasNext()) + { + user = (String) i.next(); + fields = (HashMap) entries.get(user); + if (!user.equals(fields.get(USER_FIELD))) + { + throw new IOException("Inconsistent SRP password data"); + } + verifiers = (HashMap) fields.get(VERIFIERS_FIELD); + sb1 = new StringBuffer().append(user).append(":").append( + (String) verifiers.get("0")).append( + ":").append( + (String) fields.get(SALT_FIELD)).append( + ":").append( + (String) fields.get(CONFIG_FIELD)); + pw1.println(sb1.toString()); + // write extended information + j = verifiers.keySet().iterator(); + while (j.hasNext()) + { + digestID = (String) j.next(); + if (!"0".equals(digestID)) + { + // #0 is the default digest, already present in tpasswd! + sb2 = new StringBuffer().append(digestID).append(":").append( + user).append( + ":").append( + (String) verifiers.get(digestID)); + pw2.println(sb2.toString()); + } + } + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java new file mode 100644 index 0000000..d3eb596 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRP.java @@ -0,0 +1,285 @@ +/* SRP.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.util.Util; + +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.util.HashMap; + +/** + *

A Factory class that returns SRP Singletons that know all SRP-related + * mathematical computations and protocol-related operations for both the + * client- and server-sides.

+ */ +public final class SRP +{ + + // Constants and variables + // -------------------------------------------------------------------------- + + /** The map of already instantiated SRP algorithm instances. */ + private static final HashMap algorithms = new HashMap(); + + private static final byte COLON = (byte) 0x3A; + + /** The underlying message digest algorithm used for all SRP calculations. */ + private IMessageDigest mda; + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** Trivial private constructor to enforce Singleton pattern. */ + private SRP(final IMessageDigest mda) + { + super(); + + this.mda = mda; + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns an instance of this object that uses the designated message + * digest algorithm as its digest function.

+ * + * @return an instance of this object for the designated digest name. + */ + public static synchronized SRP instance(String mdName) + { + if (mdName != null) + { + mdName = mdName.trim().toLowerCase(); + } + if (mdName == null || mdName.equals("")) + { + mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME; + } + SRP result = (SRP) algorithms.get(mdName); + if (result == null) + { + final IMessageDigest mda = HashFactory.getInstance(mdName); + result = new SRP(mda); + algorithms.put(mdName, result); + } + return result; + } + + private static final byte[] xor(final byte[] b1, final byte[] b2, + final int length) + { + final byte[] result = new byte[length]; + for (int i = 0; i < length; ++i) + { + result[i] = (byte) (b1[i] ^ b2[i]); + } + return result; + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** @return the message digest algorithm name used by this instance. */ + public String getAlgorithm() + { + return mda.name(); + } + + // Message Digest algorithm related methods -------------------------------- + + /** + *

Returns a new instance of the SRP message digest algorithm --which is + * SHA-160 by default, but could be anything else provided the proper + * conditions as specified in the SRP specifications.

+ * + * @return a new instance of the underlying SRP message digest algorithm. + * @throws RuntimeException if the implementation of the message digest + * algorithm does not support cloning. + */ + public IMessageDigest newDigest() + { + return (IMessageDigest) mda.clone(); + } + + /** + *

Convenience method to return the result of digesting the designated + * input with a new instance of the SRP message digest algorithm.

+ * + * @param src some bytes to digest. + * @return the bytes constituting the result of digesting the designated + * input with a new instance of the SRP message digest algorithm. + */ + public byte[] digest(final byte[] src) + { + final IMessageDigest hash = (IMessageDigest) mda.clone(); + hash.update(src, 0, src.length); + return hash.digest(); + } + + /** + *

Convenience method to return the result of digesting the designated + * input with a new instance of the SRP message digest algorithm.

+ * + * @param src a String whose bytes (using US-ASCII encoding) are to be + * digested. + * @return the bytes constituting the result of digesting the designated + * input with a new instance of the SRP message digest algorithm. + * @throws UnsupportedEncodingException if US-ASCII charset is not found. + */ + public byte[] digest(final String src) throws UnsupportedEncodingException + { + return digest(src.getBytes("US-ASCII")); + } + + // Other methods ----------------------------------------------------------- + + /** + *

Convenience method to XOR N bytes from two arrays; N being the output + * size of the SRP message digest algorithm.

+ * + * @param a the first byte array. + * @param b the second one. + * @return N bytes which are the result of the XOR operations on the first N + * bytes from the designated arrays. N is the size of the SRP message digest + * algorithm; eg. 20 for SHA-160. + */ + public byte[] xor(final byte[] a, final byte[] b) + { + return xor(a, b, mda.hashSize()); + } + + public byte[] generateM1(final BigInteger N, final BigInteger g, + final String U, final byte[] s, final BigInteger A, + final BigInteger B, final byte[] K, final String I, + final String L, final byte[] cn, final byte[] cCB) + throws UnsupportedEncodingException + { + final IMessageDigest hash = (IMessageDigest) mda.clone(); + byte[] b; + b = xor(digest(Util.trim(N)), digest(Util.trim(g))); + hash.update(b, 0, b.length); + b = digest(U); + hash.update(b, 0, b.length); + hash.update(s, 0, s.length); + b = Util.trim(A); + hash.update(b, 0, b.length); + b = Util.trim(B); + hash.update(b, 0, b.length); + hash.update(K, 0, K.length); + b = digest(I); + hash.update(b, 0, b.length); + b = digest(L); + hash.update(b, 0, b.length); + hash.update(cn, 0, cn.length); + hash.update(cCB, 0, cCB.length); + + return hash.digest(); + } + + public byte[] generateM2(final BigInteger A, final byte[] M1, final byte[] K, + final String U, final String I, final String o, + final byte[] sid, final int ttl, final byte[] cIV, + final byte[] sIV, final byte[] sCB) + throws UnsupportedEncodingException + { + final IMessageDigest hash = (IMessageDigest) mda.clone(); + byte[] b; + b = Util.trim(A); + hash.update(b, 0, b.length); + hash.update(M1, 0, M1.length); + hash.update(K, 0, K.length); + b = digest(U); + hash.update(b, 0, b.length); + b = digest(I); + hash.update(b, 0, b.length); + b = digest(o); + hash.update(b, 0, b.length); + hash.update(sid, 0, sid.length); + hash.update((byte) (ttl >>> 24)); + hash.update((byte) (ttl >>> 16)); + hash.update((byte) (ttl >>> 8)); + hash.update((byte) ttl); + hash.update(cIV, 0, cIV.length); + hash.update(sIV, 0, sIV.length); + hash.update(sCB, 0, sCB.length); + + return hash.digest(); + } + + public byte[] generateKn(final byte[] K, final byte[] cn, final byte[] sn) + { + final IMessageDigest hash = (IMessageDigest) mda.clone(); + hash.update(K, 0, K.length); + hash.update(cn, 0, cn.length); + hash.update(sn, 0, sn.length); + + return hash.digest(); + } + + public byte[] computeX(final byte[] s, final String user, + final String password) + throws UnsupportedEncodingException + { + return computeX(s, user.getBytes("US-ASCII"), password.getBytes("US-ASCII")); + } + + public byte[] computeX(final byte[] s, final String user, final byte[] p) + throws UnsupportedEncodingException + { + return computeX(s, user.getBytes("US-ASCII"), p); + } + + private byte[] computeX(final byte[] s, final byte[] user, final byte[] p) + { + final IMessageDigest hash = (IMessageDigest) mda.clone(); + hash.update(user, 0, user.length); + hash.update(COLON); + hash.update(p, 0, p.length); + final byte[] up = hash.digest(); + + hash.update(s, 0, s.length); + hash.update(up, 0, up.length); + + return hash.digest(); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java new file mode 100644 index 0000000..9ea21ef --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java @@ -0,0 +1,218 @@ +/* SRPAuthInfoProvider.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.java.security.util.Util; +import gnu.javax.crypto.sasl.IAuthInfoProvider; +import gnu.javax.crypto.sasl.NoSuchUserException; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.security.sasl.AuthenticationException; + +/** + *

The SRP mechanism authentication information provider implementation.

+ */ +public class SRPAuthInfoProvider implements IAuthInfoProvider +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private PasswordFile passwordFile = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + // implicit 0-args constrcutor + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // IAuthInfoProvider interface implementation ------------------------------ + + public void activate(Map context) throws AuthenticationException + { + try + { + if (context == null) + { + passwordFile = new PasswordFile(); + } + else + { + passwordFile = (PasswordFile) context.get(SRPRegistry.PASSWORD_DB); + if (passwordFile == null) + { + String pfn = (String) context.get(SRPRegistry.PASSWORD_FILE); + if (pfn == null) + { + passwordFile = new PasswordFile(); + } + else + { + passwordFile = new PasswordFile(pfn); + } + } + } + } + catch (IOException x) + { + throw new AuthenticationException("activate()", x); + } + } + + public void passivate() throws AuthenticationException + { + passwordFile = null; + } + + public boolean contains(String userName) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("contains()", + new IllegalStateException()); + } + boolean result = false; + try + { + result = passwordFile.contains(userName); + } + catch (IOException x) + { + throw new AuthenticationException("contains()", x); + } + return result; + } + + public Map lookup(Map userID) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("lookup()", + new IllegalStateException()); + } + Map result = new HashMap(); + try + { + String userName = (String) userID.get(Registry.SASL_USERNAME); + if (userName == null) + { + throw new NoSuchUserException(""); + } + String mdName = (String) userID.get(SRPRegistry.MD_NAME_FIELD); + + String[] data = passwordFile.lookup(userName, mdName); + result.put(SRPRegistry.USER_VERIFIER_FIELD, data[0]); + result.put(SRPRegistry.SALT_FIELD, data[1]); + result.put(SRPRegistry.CONFIG_NDX_FIELD, data[2]); + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + throw new AuthenticationException("lookup()", x); + } + return result; + } + + public void update(Map userCredentials) throws AuthenticationException + { + if (passwordFile == null) + throw new AuthenticationException("update()", new IllegalStateException()); + + try + { + String userName = (String) userCredentials.get(Registry.SASL_USERNAME); + String password = (String) userCredentials.get(Registry.SASL_PASSWORD); + String salt = (String) userCredentials.get(SRPRegistry.SALT_FIELD); + String config = (String) userCredentials.get(SRPRegistry.CONFIG_NDX_FIELD); + if (salt == null || config == null) + { + passwordFile.changePasswd(userName, password); + } + else + { + passwordFile.add(userName, password, Util.fromBase64(salt), config); + } + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + throw new AuthenticationException("update()", x); + } + } + + public Map getConfiguration(String mode) throws AuthenticationException + { + if (passwordFile == null) + { + throw new AuthenticationException("getConfiguration()", + new IllegalStateException()); + } + Map result = new HashMap(); + try + { + String[] data = passwordFile.lookupConfig(mode); + result.put(SRPRegistry.SHARED_MODULUS, data[0]); + result.put(SRPRegistry.FIELD_GENERATOR, data[1]); + } + catch (Exception x) + { + if (x instanceof AuthenticationException) + { + throw (AuthenticationException) x; + } + throw new AuthenticationException("getConfiguration()", x); + } + return result; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java new file mode 100644 index 0000000..1a1664f --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPClient.java @@ -0,0 +1,1211 @@ +/* SRPClient.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.java.security.hash.MD5; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.key.IKeyAgreementParty; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.KeyAgreementFactory; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.key.srp6.SRP6KeyAgreement; +import gnu.javax.crypto.assembly.Direction; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.sasl.ClientMechanism; +import gnu.javax.crypto.sasl.IllegalMechanismStateException; +import gnu.javax.crypto.sasl.InputBuffer; +import gnu.javax.crypto.sasl.IntegrityException; +import gnu.javax.crypto.sasl.OutputBuffer; + +import gnu.javax.security.auth.Password; + +import java.io.IOException; +import java.io.PrintWriter; +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.security.NoSuchAlgorithmException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.StringTokenizer; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.DestroyFailedException; +import javax.security.sasl.AuthenticationException; +import javax.security.sasl.SaslClient; +import javax.security.sasl.SaslException; + +/** + *

The SASL-SRP client-side mechanism.

+ */ +public class SRPClient extends ClientMechanism implements SaslClient +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "SRPClient"; + + // private static final String ERROR = "ERROR"; + // private static final String WARN = " WARN"; + private static final String INFO = " INFO"; + + private static final String TRACE = "DEBUG"; + + private static final boolean DEBUG = true; + + private static final int debuglevel = 3; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(final String level, final Object obj) + { + err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + // private static final HashMap uid2ctx = new HashMap(); + + private String uid; // the unique key for this type of client + + private String U; // the authentication identity + + BigInteger N, g, A, B; + + private Password password; // the authentication credentials + + private byte[] s; // the user's salt + + private byte[] cIV, sIV; // client+server IVs, when confidentiality is on + + private byte[] M1, M2; // client+server evidences + + private byte[] cn, sn; // client's and server's nonce + + private SRP srp; // SRP algorithm instance used by this client + + private byte[] sid; // session ID when re-used + + private int ttl; // session time-to-live in seconds + + private byte[] sCB; // the peer's channel binding data + + private String L; // available options + + private String o; + + private String chosenIntegrityAlgorithm; + + private String chosenConfidentialityAlgorithm; + + private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT; + + private byte[] K; // shared session key + + private boolean replayDetection = true; // whether Replay Detection is on + + private int inCounter = 0; // messages sequence numbers + + private int outCounter = 0; + + private IALG inMac, outMac; // if !null, use for integrity + + private CALG inCipher, outCipher; // if !null, use for confidentiality + + private IKeyAgreementParty clientHandler = KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA); + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public SRPClient() + { + super(Registry.SASL_SRP_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + // we shall keep track of the sid (and the security context of this + // SRP client) based on the initialisation parameters of an SRP session. + // we shall compute a unique key for those parameters and key the sid + // (and the security context) accordingly. + // 1. compute the mapping key. use MD5 (the fastest) for this purpose + final MD5 md = new MD5(); + byte[] b; + b = authorizationID.getBytes(); + md.update(b, 0, b.length); + b = serverName.getBytes(); + md.update(b, 0, b.length); + b = protocol.getBytes(); + md.update(b, 0, b.length); + if (channelBinding.length > 0) + { + md.update(channelBinding, 0, channelBinding.length); + } + uid = Util.toBase64(md.digest()); + if (ClientStore.instance().isAlive(uid)) + { + final SecurityContext ctx = ClientStore.instance().restoreSession(uid); + srp = SRP.instance(ctx.getMdName()); + sid = ctx.getSID(); + K = ctx.getK(); + cIV = ctx.getClientIV(); + sIV = ctx.getServerIV(); + replayDetection = ctx.hasReplayDetection(); + inCounter = ctx.getInCounter(); + outCounter = ctx.getOutCounter(); + inMac = ctx.getInMac(); + outMac = ctx.getOutMac(); + inCipher = ctx.getInCipher(); + outCipher = ctx.getOutCipher(); + } + else + { + sid = new byte[0]; + ttl = 0; + K = null; + cIV = null; + sIV = null; + cn = null; + sn = null; + } + } + + protected void resetMechanism() throws SaslException + { + try + { + password.destroy(); + } + catch (DestroyFailedException dfe) + { + SaslException se = new SaslException("resetMechanism()"); + se.initCause(dfe); + throw se; + } + password = null; + M1 = null; + K = null; + cIV = null; + sIV = null; + inMac = outMac = null; + inCipher = outCipher = null; + + sid = null; + ttl = 0; + cn = null; + sn = null; + } + + // javax.security.sasl.SaslClient interface implementation ----------------- + + public boolean hasInitialResponse() + { + return true; + } + + public byte[] evaluateChallenge(final byte[] challenge) throws SaslException + { + switch (state) + { + case 0: + state++; + return sendIdentities(); + case 1: + state++; + final byte[] result = sendPublicKey(challenge); + try + { + password.destroy(); //don't need further this session + } + catch (DestroyFailedException x) + { + SaslException se = new SaslException("sendPublicKey()"); + se.initCause(se); + throw se; + } + return result; + case 2: // should only occur if session re-use was rejected + if (!complete) + { + state++; + return receiveEvidence(challenge); + } + // else fall through + default: + throw new IllegalMechanismStateException("evaluateChallenge()"); + } + } + + protected byte[] engineUnwrap(final byte[] incoming, final int offset, + final int len) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> engineUnwrap()"); + + if (inMac == null && inCipher == null) + { + throw new IllegalStateException("connection is not protected"); + } + + // at this point one, or both, of confidentiality and integrity protection + // services are active. + + final byte[] result; + try + { + // final InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len); + // result = frameIn.getEOS(); + if (inMac != null) + { // integrity bytes are at the end of the stream + final int macBytesCount = inMac.length(); + final int payloadLength = len - macBytesCount; + // final byte[] received_mac = frameIn.getOS(); + final byte[] received_mac = new byte[macBytesCount]; + System.arraycopy(incoming, offset + payloadLength, received_mac, 0, + macBytesCount); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got C (received MAC): " + + Util.dumpString(received_mac)); + // inMac.update(result); + inMac.update(incoming, offset, payloadLength); + if (replayDetection) + { + inCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "inCounter=" + String.valueOf(inCounter)); + inMac.update(new byte[] { (byte) (inCounter >>> 24), + (byte) (inCounter >>> 16), + (byte) (inCounter >>> 8), + (byte) inCounter }); + } + + final byte[] computed_mac = inMac.doFinal(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac)); + if (!Arrays.equals(received_mac, computed_mac)) + { + throw new IntegrityException("engineUnwrap()"); + } + + // deal with the payload, which can be either plain or encrypted + if (inCipher != null) + { + result = inCipher.doFinal(incoming, offset, payloadLength); + } + else + { + result = new byte[len - macBytesCount]; + System.arraycopy(incoming, offset, result, 0, result.length); + } + } + else + { // no integrity protection; just confidentiality + // if (inCipher != null) { + result = inCipher.doFinal(incoming, offset, len); + // } else { + // result = new byte[len]; + // System.arraycopy(incoming, offset, result, 0, len); + // } + } + // if (inCipher != null) { + // result = inCipher.doFinal(result); + // } + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("engineUnwrap()", x); + } + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== engineUnwrap()"); + return result; + } + + protected byte[] engineWrap(final byte[] outgoing, final int offset, + final int len) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> engineWrap()"); + + if (outMac == null && outCipher == null) + { + throw new IllegalStateException("connection is not protected"); + } + + // at this point one, or both, of confidentiality and integrity protection + // services are active. + + // byte[] data = new byte[len]; + // System.arraycopy(outgoing, offset, data, 0, len); + byte[] result; + try + { + // OutputBuffer frameOut = new OutputBuffer(); + final ByteArrayOutputStream out = new ByteArrayOutputStream(); + // Process the data + if (outCipher != null) + { + // data = outCipher.doFinal(data); + result = outCipher.doFinal(outgoing, offset, len); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding c (encrypted plaintext): " + + Util.dumpString(result)); + + // frameOut.setEOS(data); + out.write(result); + + if (outMac != null) + { + outMac.update(result); + if (replayDetection) + { + outCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "outCounter=" + String.valueOf(outCounter)); + outMac.update(new byte[] { (byte) (outCounter >>> 24), + (byte) (outCounter >>> 16), + (byte) (outCounter >>> 8), + (byte) outCounter }); + } + final byte[] C = outMac.doFinal(); + // frameOut.setOS(C); + out.write(C); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding C (integrity checksum): " + + Util.dumpString(C)); + } // else confidentiality only; do nothing + } + else + { // no confidentiality; just integrity [+ replay detection] + // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding p (plaintext): " + + Util.dumpString(outgoing, offset, len)); + + // frameOut.setEOS(data); + out.write(outgoing, offset, len); + + // if (outMac != null) { + // outMac.update(data); + outMac.update(outgoing, offset, len); + if (replayDetection) + { + outCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "outCounter=" + String.valueOf(outCounter)); + outMac.update(new byte[] { (byte) (outCounter >>> 24), + (byte) (outCounter >>> 16), + (byte) (outCounter >>> 8), + (byte) outCounter }); + } + final byte[] C = outMac.doFinal(); + // frameOut.setOS(C); + out.write(C); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding C (integrity checksum): " + + Util.dumpString(C)); + // } + } + + // frameOut.setEOS(data); + // + // if (outMac != null) { + // outMac.update(data); + // if (replayDetection) { + // outCounter++; + // if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter)); + // outMac.update(new byte[] { + // (byte)(outCounter >>> 24), + // (byte)(outCounter >>> 16), + // (byte)(outCounter >>> 8), + // (byte) outCounter }); + // } + // byte[] C = outMac.doFinal(); + // frameOut.setOS(C); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C)); + // } + + // result = frameOut.wrap(); + result = out.toByteArray(); + + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("engineWrap()", x); + } + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== engineWrap()"); + return result; + } + + protected String getNegotiatedQOP() + { + if (inMac != null) + { + if (inCipher != null) + { + return Registry.QOP_AUTH_CONF; + } + else + { + return Registry.QOP_AUTH_INT; + } + } + return Registry.QOP_AUTH; + } + + protected String getNegotiatedStrength() + { + if (inMac != null) + { + if (inCipher != null) + { + return Registry.STRENGTH_HIGH; + } + else + { + return Registry.STRENGTH_MEDIUM; + } + } + return Registry.STRENGTH_LOW; + } + + protected String getNegotiatedRawSendSize() + { + return String.valueOf(rawSendSize); + } + + protected String getReuse() + { + return Registry.REUSE_TRUE; + } + + // other methods ----------------------------------------------------------- + + private byte[] sendIdentities() throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> sendIdentities()"); + + // If necessary, prompt the client for the username and password + getUsernameAndPassword(); + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Password: \"" + new String(password.getPassword()) + "\""); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding U (username): \"" + U + "\""); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding I (userid): \"" + authorizationID + "\""); + + // if session re-use generate new 16-byte nonce + if (sid.length != 0) + { + cn = new byte[16]; + getDefaultPRNG().nextBytes(cn); + } + else + { + cn = new byte[0]; + } + + final OutputBuffer frameOut = new OutputBuffer(); + try + { + frameOut.setText(U); + frameOut.setText(authorizationID); + frameOut.setEOS(sid); // session ID to re-use + frameOut.setOS(cn); // client nonce + frameOut.setEOS(channelBinding); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendIdentities()", x); + } + final byte[] result = frameOut.encode(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendIdentities()"); + if (DEBUG && debuglevel > 2) + debug(INFO, "C: " + Util.dumpString(result)); + if (DEBUG && debuglevel > 2) + debug(INFO, " U = " + U); + if (DEBUG && debuglevel > 2) + debug(INFO, " I = " + authorizationID); + if (DEBUG && debuglevel > 2) + debug(INFO, "sid = " + new String(sid)); + if (DEBUG && debuglevel > 2) + debug(INFO, " cn = " + Util.dumpString(cn)); + if (DEBUG && debuglevel > 2) + debug(INFO, "cCB = " + Util.dumpString(channelBinding)); + return result; + } + + private byte[] sendPublicKey(final byte[] input) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> sendPublicKey()"); + if (DEBUG && debuglevel > 6) + debug(TRACE, "S: " + Util.dumpString(input)); + + // Server sends [00], N, g, s, B, L + // or [FF], sn, sCB + final InputBuffer frameIn = new InputBuffer(input); + final int ack; + try + { + ack = (int) frameIn.getScalar(1); + if (ack == 0x00) + { // new session + N = frameIn.getMPI(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got N (modulus): " + Util.dump(N)); + g = frameIn.getMPI(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got g (generator): " + Util.dump(g)); + s = frameIn.getOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got s (salt): " + Util.dumpString(s)); + B = frameIn.getMPI(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got B (server ephermeral public key): " + + Util.dump(B)); + L = frameIn.getText(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got L (available options): \"" + L + "\""); + } + else if (ack == 0xFF) + { // session re-use + sn = frameIn.getOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sn (server nonce): " + Util.dumpString(sn)); + sCB = frameIn.getEOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sCB (server channel binding): " + + Util.dumpString(sCB)); + } + else + { // unexpected scalar + throw new SaslException("sendPublicKey(): Invalid scalar (" + ack + + ") in server's request"); + } + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("sendPublicKey()", x); + } + + if (ack == 0x00) + { // new session --------------------------------------- + o = createO(L.toLowerCase()); // do this first to initialise the SRP hash + + final byte[] pBytes; // use ASCII encoding to inter-operate w/ non-java + pBytes = password.getBytes(); + + // ---------------------------------------------------------------------- + final HashMap mapA = new HashMap(); + // mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.newDigest()); + mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm()); + mapA.put(SRP6KeyAgreement.USER_IDENTITY, U); + mapA.put(SRP6KeyAgreement.USER_PASSWORD, pBytes); + try + { + clientHandler.init(mapA); + clientHandler.processMessage(null); + } + catch (KeyAgreementException x) + { + throw new SaslException("sendPublicKey()", x); + } + + // ---------------------------------------------------------------------- + + // ------------------------------------------------------------------- + try + { + OutgoingMessage out = new OutgoingMessage(); + out.writeMPI(N); + out.writeMPI(g); + out.writeMPI(new BigInteger(1, s)); + out.writeMPI(B); + IncomingMessage in = new IncomingMessage(out.toByteArray()); + out = clientHandler.processMessage(in); + + in = new IncomingMessage(out.toByteArray()); + A = in.readMPI(); + K = clientHandler.getSharedSecret(); + } + catch (KeyAgreementException x) + { + throw new SaslException("sendPublicKey()", x); + } + // ------------------------------------------------------------------- + + if (DEBUG && debuglevel > 6) + debug(TRACE, "K: " + Util.dumpString(K)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding A (client ephemeral public key): " + + Util.dump(A)); + + try + { + M1 = srp.generateM1(N, g, U, s, A, B, K, authorizationID, L, cn, + channelBinding); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("sendPublicKey()", x); + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding o (client chosen options): \"" + o + "\""); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding cIV (client IV): \"" + Util.dumpString(cIV) + + "\""); + + final OutputBuffer frameOut = new OutputBuffer(); + try + { + frameOut.setMPI(A); + frameOut.setOS(M1); + frameOut.setText(o); + frameOut.setOS(cIV); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendPublicKey()", x); + } + final byte[] result = frameOut.encode(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendPublicKey()"); + if (DEBUG && debuglevel > 2) + debug(INFO, "New session, or session re-use rejected..."); + if (DEBUG && debuglevel > 2) + debug(INFO, "C: " + Util.dumpString(result)); + if (DEBUG && debuglevel > 2) + debug(INFO, " A = 0x" + A.toString(16)); + if (DEBUG && debuglevel > 2) + debug(INFO, " M1 = " + Util.dumpString(M1)); + if (DEBUG && debuglevel > 2) + debug(INFO, " o = " + o); + if (DEBUG && debuglevel > 2) + debug(INFO, "cIV = " + Util.dumpString(cIV)); + + return result; + } + else + { // session re-use accepted ------------------------------------- + setupSecurityServices(true); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendPublicKey()"); + if (DEBUG && debuglevel > 2) + debug(INFO, "Session re-use accepted..."); + return null; + } + } + + private byte[] receiveEvidence(byte[] input) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> receiveEvidence()"); + if (DEBUG && debuglevel > 6) + debug(TRACE, "S: " + Util.dumpString(input)); + + // Server send M2, sIV, sCB, sid, ttl + final InputBuffer frameIn = new InputBuffer(input); + try + { + M2 = frameIn.getOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got M2 (server evidence): " + Util.dumpString(M2)); + sIV = frameIn.getOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sIV (server IV): " + Util.dumpString(sIV)); + sid = frameIn.getEOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sid (session ID): " + new String(sid)); + ttl = (int) frameIn.getScalar(4); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got ttl (session time-to-live): " + ttl + "sec."); + sCB = frameIn.getEOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sCB (server channel binding): " + + Util.dumpString(sCB)); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("receiveEvidence()", x); + } + + final byte[] expected; + try + { + expected = srp.generateM2(A, M1, K, U, authorizationID, o, sid, ttl, + cIV, sIV, sCB); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("receiveEvidence()", x); + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Expected: " + Util.dumpString(expected)); + if (!Arrays.equals(M2, expected)) + { + throw new AuthenticationException("M2 mismatch"); + } + + setupSecurityServices(false); + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== receiveEvidence()"); + return null; + } + + private void getUsernameAndPassword() throws AuthenticationException + { + try + { + if ((!properties.containsKey(Registry.SASL_USERNAME)) + && (!properties.containsKey(Registry.SASL_PASSWORD))) + { + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + final PasswordCallback pwdCB = new PasswordCallback("password: ", + false); + handler.handle(new Callback[] { nameCB, pwdCB }); + U = nameCB.getName(); + password = new Password(pwdCB.getPassword()); + } + else + { + if (properties.containsKey(Registry.SASL_USERNAME)) + { + this.U = (String) properties.get(Registry.SASL_USERNAME); + } + else + { + final NameCallback nameCB; + final String defaultName = System.getProperty("user.name"); + if (defaultName == null) + { + nameCB = new NameCallback("username: "); + } + else + { + nameCB = new NameCallback("username: ", defaultName); + } + this.handler.handle(new Callback[] { nameCB }); + this.U = nameCB.getName(); + } + + if (properties.containsKey(Registry.SASL_PASSWORD)) + { + Object pw = properties.get(Registry.SASL_PASSWORD); + if (pw instanceof char[]) + password = new Password((char[]) pw); + else if (pw instanceof Password) + password = (Password) pw; + else if (pw instanceof String) + password = new Password(((String) pw).toCharArray()); + else + throw new IllegalArgumentException( + pw.getClass().getName() + + "is not a valid password class"); + } + else + { + final PasswordCallback pwdCB = new PasswordCallback( + "password: ", + false); + this.handler.handle(new Callback[] { pwdCB }); + password = new Password(pwdCB.getPassword()); + } + } + + if (U == null) + { + throw new AuthenticationException("null username supplied"); + } + if (password == null) + { + throw new AuthenticationException("null password supplied"); + } + } + catch (UnsupportedCallbackException x) + { + throw new AuthenticationException("getUsernameAndPassword()", x); + } + catch (IOException x) + { + throw new AuthenticationException("getUsernameAndPassword()", x); + } + } + + // We go through the list of available services and for each available one + // we decide whether or not we want it enabled, based on properties passed + // to us by the client. + private String createO(final String aol) throws AuthenticationException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> createO(\"" + aol + "\")"); + + boolean replaydetectionAvailable = false; + boolean integrityAvailable = false; + boolean confidentialityAvailable = false; + String option, mandatory = SRPRegistry.DEFAULT_MANDATORY; + int i; + + String mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME; + + final StringTokenizer st = new StringTokenizer(aol, ","); + while (st.hasMoreTokens()) + { + option = st.nextToken(); + if (option.startsWith(SRPRegistry.OPTION_SRP_DIGEST + "=")) + { + option = option.substring(option.indexOf('=') + 1); + if (DEBUG && debuglevel > 6) + debug(TRACE, "mda: <" + option + ">"); + for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) + { + if (SRPRegistry.SRP_ALGORITHMS[i].equals(option)) + { + mdName = option; + break; + } + } + } + else if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) + { + replaydetectionAvailable = true; + } + else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "=")) + { + option = option.substring(option.indexOf('=') + 1); + if (DEBUG && debuglevel > 6) + debug(TRACE, "ialg: <" + option + ">"); + for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) + { + if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) + { + chosenIntegrityAlgorithm = option; + integrityAvailable = true; + break; + } + } + } + else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) + { + option = option.substring(option.indexOf('=') + 1); + if (DEBUG && debuglevel > 6) + debug(TRACE, "calg: <" + option + ">"); + for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) + { + if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) + { + chosenConfidentialityAlgorithm = option; + confidentialityAvailable = true; + break; + } + } + } + else if (option.startsWith(SRPRegistry.OPTION_MANDATORY + "=")) + { + mandatory = option.substring(option.indexOf('=') + 1); + } + else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=")) + { + final String maxBufferSize = option.substring(option.indexOf('=') + 1); + try + { + rawSendSize = Integer.parseInt(maxBufferSize); + if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT + || rawSendSize < 1) + { + throw new AuthenticationException( + "Illegal value for 'maxbuffersize' option"); + } + } + catch (NumberFormatException x) + { + throw new AuthenticationException( + SRPRegistry.OPTION_MAX_BUFFER_SIZE + + "=" + + String.valueOf(maxBufferSize), + x); + } + } + } + + replayDetection = replaydetectionAvailable + && Boolean.valueOf( + (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION)).booleanValue(); + boolean integrity = integrityAvailable + && Boolean.valueOf( + (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION)).booleanValue(); + boolean confidentiality = confidentialityAvailable + && Boolean.valueOf( + (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY)).booleanValue(); + + // make sure we do the right thing + if (SRPRegistry.OPTION_REPLAY_DETECTION.equals(mandatory)) + { + replayDetection = true; + integrity = true; + } + else if (SRPRegistry.OPTION_INTEGRITY.equals(mandatory)) + { + integrity = true; + } + else if (SRPRegistry.OPTION_CONFIDENTIALITY.equals(mandatory)) + { + confidentiality = true; + } + if (replayDetection) + { + if (chosenIntegrityAlgorithm == null) + { + throw new AuthenticationException( + "Replay detection is required but no " + + "integrity protection algorithm was chosen"); + } + } + if (integrity) + { + if (chosenIntegrityAlgorithm == null) + { + throw new AuthenticationException( + "Integrity protection is required but no " + + "algorithm was chosen"); + } + } + if (confidentiality) + { + if (chosenConfidentialityAlgorithm == null) + { + throw new AuthenticationException( + "Confidentiality protection is required " + + "but no algorithm was chosen"); + } + } + + // 1. check if we'll be using confidentiality; if not set IV to 0-byte + if (chosenConfidentialityAlgorithm == null) + { + cIV = new byte[0]; + } + else + { + // 2. get the block size of the cipher + final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm); + if (cipher == null) + { + throw new AuthenticationException("createO()", + new NoSuchAlgorithmException()); + } + final int blockSize = cipher.defaultBlockSize(); + // 3. generate random iv + cIV = new byte[blockSize]; + getDefaultPRNG().nextBytes(cIV); + } + + srp = SRP.instance(mdName); + + // Now create the options list specifying which of the available options + // we have chosen. + + // For now we just select the defaults. Later we need to add support for + // properties (perhaps in a file) where a user can specify the list of + // algorithms they would prefer to use. + + final StringBuffer sb = new StringBuffer(); + sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append(mdName).append( + ","); + if (replayDetection) + { + sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(","); + } + if (integrity) + { + sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append( + chosenIntegrityAlgorithm).append( + ","); + } + if (confidentiality) + { + sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append( + chosenConfidentialityAlgorithm).append( + ","); + } + final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append( + "=").append( + Registry.SASL_BUFFER_MAX_LIMIT).toString(); + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== createO() --> " + result); + return result; + } + + private void setupSecurityServices(final boolean sessionReUse) + throws SaslException + { + complete = true; // signal end of authentication phase + if (!sessionReUse) + { + outCounter = inCounter = 0; + // instantiate cipher if confidentiality protection filter is active + if (chosenConfidentialityAlgorithm != null) + { + if (DEBUG && debuglevel > 2) + debug(INFO, "Activating confidentiality protection filter"); + inCipher = CALG.getInstance(chosenConfidentialityAlgorithm); + outCipher = CALG.getInstance(chosenConfidentialityAlgorithm); + } + // instantiate hmacs if integrity protection filter is active + if (chosenIntegrityAlgorithm != null) + { + if (DEBUG && debuglevel > 2) + debug(INFO, "Activating integrity protection filter"); + inMac = IALG.getInstance(chosenIntegrityAlgorithm); + outMac = IALG.getInstance(chosenIntegrityAlgorithm); + } + } + else + { // same session new Keys + K = srp.generateKn(K, cn, sn); + } + + final KDF kdf = KDF.getInstance(K); + + // initialise in/out ciphers if confidentiality protection is used + if (inCipher != null) + { + inCipher.init(kdf, sIV, Direction.REVERSED); + outCipher.init(kdf, cIV, Direction.FORWARD); + } + // initialise in/out macs if integrity protection is used + if (inMac != null) + { + inMac.init(kdf); + outMac.init(kdf); + } + + if (sid != null && sid.length != 0) + { // update the security context and save in map + if (DEBUG && debuglevel > 2) + debug(INFO, "Updating security context for UID = " + uid); + ClientStore.instance().cacheSession( + uid, + ttl, + new SecurityContext( + srp.getAlgorithm(), + sid, + K, + cIV, + sIV, + replayDetection, + inCounter, + outCounter, + inMac, outMac, + inCipher, + outCipher)); + } + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java new file mode 100644 index 0000000..262cbcb --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPRegistry.java @@ -0,0 +1,219 @@ +/* SRPRegistry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; + +/** + *

A list of key names designating the values exchanged between the server + * and client in an SRP communication authentication phase.

+ */ +public interface SRPRegistry +{ + + /** Indices of (N, g) parameter values for SRP (.conf) password database. */ + String N_2048_BITS = "1"; + + String N_1536_BITS = "2"; + + String N_1280_BITS = "3"; + + String N_1024_BITS = "4"; + + String N_768_BITS = "5"; + + String N_640_BITS = "6"; + + String N_512_BITS = "7"; + + /** Available hash algorithms for all SRP calculations. */ + String[] SRP_ALGORITHMS = { Registry.SHA160_HASH, // the default one + Registry.MD5_HASH, Registry.RIPEMD128_HASH, + Registry.RIPEMD160_HASH, + + Registry.SHA256_HASH, Registry.SHA384_HASH, + Registry.SHA512_HASH }; + + /** + * The name of the default message digest algorithm to use when no name is + * explicitely given. In this implementation it is the first among + * those supported; i.e. the algorithm at index position #0: SHA with + * 160-bit output. + */ + String SRP_DEFAULT_DIGEST_NAME = SRP_ALGORITHMS[0]; + + /** + * The property name of the message digest algorithm name to use in a given + * SRP incarnation. + */ + String SRP_DIGEST_NAME = "srp.digest.name"; + + /** The public shared modulus: n. */ + String SHARED_MODULUS = "srp.N"; + + /** The GF generator used: g. */ + String FIELD_GENERATOR = "srp.g"; + + /** The list of server's available security options. */ + String AVAILABLE_OPTIONS = "srp.L"; + + /** The client's chosen security options. */ + String CHOSEN_OPTIONS = "srp.o"; + + /** The client's username. */ + String USER_NAME = "srp.U"; + + /** The client's authorization ID. */ + String USER_ROLE = "srp.I"; + + /** The user's salt. */ + String USER_SALT = "srp.s"; + + /** The user's password verifier. */ + String PASSWORD_VERIFIER = "srp.v"; + + /** The client's public ephemeral exponent: A. */ + String CLIENT_PUBLIC_KEY = "srp.A"; + + /** The server's public ephemeral exponent: B. */ + String SERVER_PUBLIC_KEY = "srp.B"; + + /** The client's evidence: M1. */ + String CLIENT_EVIDENCE = "srp.M1"; + + /** The server's evidence: M2. */ + String SERVER_EVIDENCE = "srp.M2"; + + /** Name of underlying hash algorithm for use with all SRP calculations. */ + String SRP_HASH = "gnu.crypto.sasl.srp.hash"; + + /** Name of SRP mandatory service property. */ + String SRP_MANDATORY = "gnu.crypto.sasl.srp.mandatory"; + + /** Name of SRP replay detection property. */ + String SRP_REPLAY_DETECTION = "gnu.crypto.sasl.srp.replay.detection"; + + /** Name of SRP integrity protection property. */ + String SRP_INTEGRITY_PROTECTION = "gnu.crypto.sasl.srp.integrity"; + + /** Name of SRP confidentiality protection property. */ + String SRP_CONFIDENTIALITY = "gnu.crypto.sasl.srp.confidentiality"; + + /** Name of the main SRP password file pathname property. */ + String PASSWORD_FILE = "gnu.crypto.sasl.srp.password.file"; + + /** + * Name of the SRP password database property --a reference to + * {@link gnu.crypto.sasl.srp.PasswordFile} object. + */ + String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db"; + + /** Default fully qualified pathname of the SRP password file. */ + String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; + + /** Default value for replay detection security service. */ + boolean DEFAULT_REPLAY_DETECTION = true; + + /** Default value for integrity protection security service. */ + boolean DEFAULT_INTEGRITY = true; // implied by the previous option + + /** Default value for confidentiality protection security service. */ + boolean DEFAULT_CONFIDENTIALITY = false; + + // constants defining HMAC names + String HMAC_SHA1 = "hmac-sha1"; + + String HMAC_MD5 = "hmac-md5"; + + String HMAC_RIPEMD_160 = "hmac-ripemd-160"; + + /** Available HMAC algorithms for integrity protection. */ + String[] INTEGRITY_ALGORITHMS = { HMAC_SHA1, HMAC_MD5, HMAC_RIPEMD_160 }; + + // constants defining Cipher names + String AES = "aes"; + + String BLOWFISH = "blowfish"; + + /** Available Cipher algorithms for confidentiality protection. */ + String[] CONFIDENTIALITY_ALGORITHMS = { AES, BLOWFISH }; + + /** String for mandatory replay detection. */ + String OPTION_MANDATORY = "mandatory"; + + /** String for mda: the SRP digest algorithm name. */ + String OPTION_SRP_DIGEST = "mda"; + + /** String for mandatory replay detection. */ + String OPTION_REPLAY_DETECTION = "replay_detection"; + + /** String for mandatory integrity protection. */ + String OPTION_INTEGRITY = "integrity"; + + /** String for mandatory confidentiality protection. */ + String OPTION_CONFIDENTIALITY = "confidentiality"; + + /** String for mandatory replay detection. */ + String OPTION_MAX_BUFFER_SIZE = "maxbuffersize"; + + /** String for no mandatory security service. */ + String MANDATORY_NONE = "none"; + + /** Default mandatory security service required. */ + // String DEFAULT_MANDATORY = MANDATORY_NONE; + String DEFAULT_MANDATORY = OPTION_REPLAY_DETECTION; + + // String DEFAULT_MANDATORY = OPTION_INTEGRITY; + // String DEFAULT_MANDATORY = OPTION_CONFIDENTIALITY; + + /** Name of the UID field in the plain password file. */ + String MD_NAME_FIELD = "srp.md.name"; + + /** Name of the GID field in the plain password file. */ + String USER_VERIFIER_FIELD = "srp.user.verifier"; + + /** Name of the GECOS field in the plain password file. */ + String SALT_FIELD = "srp.salt"; + + /** Name of the SHELL field in the plain password file. */ + String CONFIG_NDX_FIELD = "srp.config.ndx"; + + /** Minimum bitlength of the SRP public modulus. */ + int MINIMUM_MODULUS_BITLENGTH = 512; +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java new file mode 100644 index 0000000..11902b82 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SRPServer.java @@ -0,0 +1,1156 @@ +/* SRPServer.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import gnu.java.security.Registry; +import gnu.java.security.util.PRNG; +import gnu.java.security.util.Util; + +import gnu.javax.crypto.assembly.Direction; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.key.IKeyAgreementParty; +import gnu.javax.crypto.key.KeyAgreementFactory; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.srp6.SRP6KeyAgreement; +import gnu.javax.crypto.sasl.IllegalMechanismStateException; +import gnu.javax.crypto.sasl.InputBuffer; +import gnu.javax.crypto.sasl.IntegrityException; +import gnu.javax.crypto.sasl.OutputBuffer; +import gnu.javax.crypto.sasl.ServerMechanism; + +import java.io.IOException; +import java.io.PrintWriter; +import java.io.ByteArrayOutputStream; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.util.Arrays; +import java.util.HashMap; +import java.util.StringTokenizer; + +import javax.security.sasl.AuthenticationException; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; + +/** + *

The SASL-SRP server-side mechanism.

+ * + * @version $Revision: 1.2 $ + */ +public class SRPServer extends ServerMechanism implements SaslServer +{ + + // Debugging methods and variables + // ------------------------------------------------------------------------- + + private static final String NAME = "SRPServer"; + + // private static final String ERROR = "ERROR"; + private static final String WARN = " WARN"; + + private static final String INFO = " INFO"; + + private static final String TRACE = "DEBUG"; + + private static final boolean DEBUG = true; + + private static final int debuglevel = 3; + + private static final PrintWriter err = new PrintWriter(System.out, true); + + private static void debug(final String level, final Object obj) + { + err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); + } + + // Constants and variables + // ------------------------------------------------------------------------- + + private String U = null; // client's username + + private BigInteger N, g, A, B; + + private byte[] s; // salt + + private byte[] cIV, sIV; // client+server IVs, when confidentiality is on + + private byte[] cn, sn; // client's and server's nonce + + private SRP srp; // SRP algorithm instance used by this server + + private byte[] sid; // session ID when re-used + + private int ttl = 360; // session time-to-live in seconds + + private byte[] cCB; // peer's channel binding' + + private String mandatory; // List of available options + + private String L = null; + + private String o; + + private String chosenIntegrityAlgorithm; + + private String chosenConfidentialityAlgorithm; + + private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT; + + private byte[] K; // shared session key + + private boolean replayDetection = true; // whether Replay Detection is on + + private int inCounter = 0; // messages sequence numbers + + private int outCounter = 0; + + private IALG inMac, outMac; // if !null, use for integrity + + private CALG inCipher, outCipher; // if !null, use for confidentiality + + private IKeyAgreementParty serverHandler = KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA); + + /** Our default source of randomness. */ + private PRNG prng = null; + + // Constructor(s) + // ------------------------------------------------------------------------- + + public SRPServer() + { + super(Registry.SASL_SRP_MECHANISM); + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + // abstract methods implementation ----------------------------------------- + + protected void initMechanism() throws SaslException + { + // TODO: + // we must have a means to map a given username to a preferred + // SRP hash algorithm; otherwise we end up using _always_ SHA. + // for the time being get it from the mechanism properties map + // and apply it for all users. + final String mda = (String) properties.get(SRPRegistry.SRP_HASH); + srp = SRP.instance(mda == null ? SRPRegistry.SRP_DEFAULT_DIGEST_NAME : mda); + } + + protected void resetMechanism() throws SaslException + { + s = null; + A = B = null; + K = null; + inMac = outMac = null; + inCipher = outCipher = null; + + sid = null; + } + + // javax.security.sasl.SaslServer interface implementation ----------------- + + public byte[] evaluateResponse(final byte[] response) throws SaslException + { + switch (state) + { + case 0: + if (response == null) + { + return null; + } + state++; + return sendProtocolElements(response); + case 1: + if (!complete) + { + state++; + return sendEvidence(response); + } + // else fall through + default: + throw new IllegalMechanismStateException("evaluateResponse()"); + } + } + + protected byte[] engineUnwrap(final byte[] incoming, final int offset, + final int len) throws SaslException + { + // if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineUnwrap()"); + // + // if (inMac == null && inCipher == null) { + // throw new IllegalStateException("connection is not protected"); + // } + // + // if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (before security): "+Util.dumpString(incoming, offset, len)); + // + // byte[] data = null; + // try { + // InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len); + // data = frameIn.getEOS(); + // if (inMac != null) { + // byte[] received_mac = frameIn.getOS(); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Got C (received MAC): "+Util.dumpString(received_mac)); + // inMac.update(data); + // if (replayDetection) { + // inCounter++; + // if (DEBUG && debuglevel > 6) debug(TRACE, "inCounter="+String.valueOf(inCounter)); + // inMac.update(new byte[] { + // (byte)(inCounter >>> 24), + // (byte)(inCounter >>> 16), + // (byte)(inCounter >>> 8), + // (byte) inCounter }); + // } + // final byte[] computed_mac = inMac.doFinal(); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Computed MAC: "+Util.dumpString(computed_mac)); + // if (!Arrays.equals(received_mac, computed_mac)) + // throw new IntegrityException("engineUnwrap()"); + // } + // if (inCipher != null) { + // data = inCipher.doFinal(data); + // } + // } catch (IOException x) { + // if (x instanceof SaslException) { + // throw (SaslException) x; + // } + // throw new SaslException("engineUnwrap()", x); + // } + // + // if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (after security): "+Util.dumpString(data)); + // if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineUnwrap()"); + // return data; + + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> engineUnwrap()"); + + if (inMac == null && inCipher == null) + { + throw new IllegalStateException("connection is not protected"); + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (before security): " + + Util.dumpString(incoming, offset, len)); + + // at this point one, or both, of confidentiality and integrity protection + // services are active. + + final byte[] result; + try + { + if (inMac != null) + { // integrity bytes are at the end of the stream + final int macBytesCount = inMac.length(); + final int payloadLength = len - macBytesCount; + final byte[] received_mac = new byte[macBytesCount]; + System.arraycopy(incoming, offset + payloadLength, received_mac, 0, + macBytesCount); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got C (received MAC): " + + Util.dumpString(received_mac)); + inMac.update(incoming, offset, payloadLength); + if (replayDetection) + { + inCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "inCounter=" + String.valueOf(inCounter)); + inMac.update(new byte[] { (byte) (inCounter >>> 24), + (byte) (inCounter >>> 16), + (byte) (inCounter >>> 8), + (byte) inCounter }); + } + + final byte[] computed_mac = inMac.doFinal(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac)); + if (!Arrays.equals(received_mac, computed_mac)) + { + throw new IntegrityException("engineUnwrap()"); + } + + // deal with the payload, which can be either plain or encrypted + if (inCipher != null) + { + result = inCipher.doFinal(incoming, offset, payloadLength); + } + else + { + result = new byte[payloadLength]; + System.arraycopy(incoming, offset, result, 0, result.length); + } + } + else + { // no integrity protection; just confidentiality + // if (inCipher != null) { + result = inCipher.doFinal(incoming, offset, len); + // } else { + // result = new byte[len]; + // System.arraycopy(incoming, offset, result, 0, len); + // } + } + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("engineUnwrap()", x); + } + if (DEBUG && debuglevel > 6) + debug(TRACE, "Incoming buffer (after security): " + + Util.dumpString(result)); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== engineUnwrap()"); + return result; + } + + protected byte[] engineWrap(final byte[] outgoing, final int offset, + final int len) throws SaslException + { + // if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineWrap()"); + // + // if (outMac == null && outCipher == null) { + // throw new IllegalStateException("connection is not protected"); + // } + // + // byte[] data = new byte[len]; + // System.arraycopy(outgoing, offset, data, 0, len); + // + // if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (hex): "+Util.dumpString(data)); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (str): \""+new String(data)+"\""); + // + // final byte[] result; + // try { + // OutputBuffer frameOut = new OutputBuffer(); + // // Process the data + // if (outCipher != null) { + // data = outCipher.doFinal(data); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding c (encrypted plaintext): "+Util.dumpString(data)); + // } else { + // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data)); + // } + // frameOut.setEOS(data); + // if (outMac != null) { + // outMac.update(data); + // if (replayDetection) { + // outCounter++; + // if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter)); + // outMac.update(new byte[] { + // (byte)(outCounter >>> 24), + // (byte)(outCounter >>> 16), + // (byte)(outCounter >>> 8), + // (byte) outCounter}); + // } + // byte[] C = outMac.doFinal(); + // frameOut.setOS(C); + // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C)); + // } + // result = frameOut.wrap(); + // + // } catch (IOException x) { + // if (x instanceof SaslException) { + // throw (SaslException) x; + // } + // throw new SaslException("engineWrap()", x); + // } + // + // if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineWrap()"); + // return result; + + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> engineWrap()"); + + if (outMac == null && outCipher == null) + { + throw new IllegalStateException("connection is not protected"); + } + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (before security) (hex): " + + Util.dumpString(outgoing, offset, len)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Outgoing buffer (before security) (str): \"" + + new String(outgoing, offset, len) + "\""); + + // at this point one, or both, of confidentiality and integrity protection + // services are active. + + byte[] result; + try + { + final ByteArrayOutputStream out = new ByteArrayOutputStream(); + if (outCipher != null) + { + result = outCipher.doFinal(outgoing, offset, len); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding c (encrypted plaintext): " + + Util.dumpString(result)); + + out.write(result); + + if (outMac != null) + { + outMac.update(result); + if (replayDetection) + { + outCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "outCounter=" + String.valueOf(outCounter)); + outMac.update(new byte[] { (byte) (outCounter >>> 24), + (byte) (outCounter >>> 16), + (byte) (outCounter >>> 8), + (byte) outCounter }); + } + final byte[] C = outMac.doFinal(); + out.write(C); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding C (integrity checksum): " + + Util.dumpString(C)); + } // else ciphertext only; do nothing + } + else + { // no confidentiality; just integrity [+ replay detection] + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding p (plaintext): " + + Util.dumpString(outgoing, offset, len)); + + out.write(outgoing, offset, len); + + // if (outMac != null) { + outMac.update(outgoing, offset, len); + if (replayDetection) + { + outCounter++; + if (DEBUG && debuglevel > 6) + debug(TRACE, "outCounter=" + String.valueOf(outCounter)); + outMac.update(new byte[] { (byte) (outCounter >>> 24), + (byte) (outCounter >>> 16), + (byte) (outCounter >>> 8), + (byte) outCounter }); + } + final byte[] C = outMac.doFinal(); + out.write(C); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding C (integrity checksum): " + + Util.dumpString(C)); + // } // else plaintext only; do nothing + } + + result = out.toByteArray(); + + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new SaslException("engineWrap()", x); + } + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== engineWrap()"); + return result; + } + + protected String getNegotiatedQOP() + { + if (inMac != null) + { + if (inCipher != null) + { + return Registry.QOP_AUTH_CONF; + } + else + { + return Registry.QOP_AUTH_INT; + } + } + return Registry.QOP_AUTH; + } + + protected String getNegotiatedStrength() + { + if (inMac != null) + { + if (inCipher != null) + { + return Registry.STRENGTH_HIGH; + } + else + { + return Registry.STRENGTH_MEDIUM; + } + } + return Registry.STRENGTH_LOW; + } + + protected String getNegotiatedRawSendSize() + { + return String.valueOf(rawSendSize); + } + + protected String getReuse() + { + return Registry.REUSE_TRUE; + } + + // other methods ----------------------------------------------------------- + + private byte[] sendProtocolElements(final byte[] input) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> sendProtocolElements()"); + if (DEBUG && debuglevel > 6) + debug(TRACE, "C: " + Util.dumpString(input)); + + // Client send U, I, sid, cn + final InputBuffer frameIn = new InputBuffer(input); + try + { + U = frameIn.getText(); // Extract username + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got U (username): \"" + U + "\""); + authorizationID = frameIn.getText(); // Extract authorisation ID + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got I (userid): \"" + authorizationID + "\""); + sid = frameIn.getEOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got sid (session ID): " + new String(sid)); + cn = frameIn.getOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got cn (client nonce): " + Util.dumpString(cn)); + cCB = frameIn.getEOS(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got cCB (client channel binding): " + + Util.dumpString(cCB)); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendProtocolElements()", x); + } + + // do/can we re-use? + if (ServerStore.instance().isAlive(sid)) + { + final SecurityContext ctx = ServerStore.instance().restoreSession(sid); + srp = SRP.instance(ctx.getMdName()); + K = ctx.getK(); + cIV = ctx.getClientIV(); + sIV = ctx.getServerIV(); + replayDetection = ctx.hasReplayDetection(); + inCounter = ctx.getInCounter(); + outCounter = ctx.getOutCounter(); + inMac = ctx.getInMac(); + outMac = ctx.getOutMac(); + inCipher = ctx.getInCipher(); + outCipher = ctx.getOutCipher(); + + if (sn == null || sn.length != 16) + { + sn = new byte[16]; + } + getDefaultPRNG().nextBytes(sn); + + setupSecurityServices(false); + + final OutputBuffer frameOut = new OutputBuffer(); + try + { + frameOut.setScalar(1, 0xFF); + frameOut.setOS(sn); + frameOut.setEOS(channelBinding); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendProtocolElements()", x); + } + final byte[] result = frameOut.encode(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendProtocolElements()"); + if (DEBUG && debuglevel > 2) + debug(INFO, "Old session..."); + if (DEBUG && debuglevel > 2) + debug(INFO, "S: " + Util.dumpString(result)); + if (DEBUG && debuglevel > 2) + debug(INFO, " sn = " + Util.dumpString(sn)); + if (DEBUG && debuglevel > 2) + debug(INFO, " sCB = " + Util.dumpString(channelBinding)); + return result; + } + else + { // new session + authenticator.activate(properties); + + // ------------------------------------------------------------------- + final HashMap mapB = new HashMap(); + // mapB.put(SRP6KeyAgreement.HASH_FUNCTION, srp.newDigest()); + mapB.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm()); + mapB.put(SRP6KeyAgreement.HOST_PASSWORD_DB, authenticator); + + try + { + serverHandler.init(mapB); + OutgoingMessage out = new OutgoingMessage(); + out.writeString(U); + IncomingMessage in = new IncomingMessage(out.toByteArray()); + out = serverHandler.processMessage(in); + + in = new IncomingMessage(out.toByteArray()); + N = in.readMPI(); + g = in.readMPI(); + s = in.readMPI().toByteArray(); + B = in.readMPI(); + } + catch (KeyAgreementException x) + { + throw new SaslException("sendProtocolElements()", x); + } + // ------------------------------------------------------------------- + + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding N (modulus): " + Util.dump(N)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding g (generator): " + Util.dump(g)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding s (client's salt): " + Util.dumpString(s)); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding B (server ephemeral public key): " + + Util.dump(B)); + + // The server creates an options list (L), which consists of a + // comma-separated list of option strings that specify the security + // service options the server supports. + L = createL(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding L (available options): \"" + L + "\""); + if (DEBUG && debuglevel > 6) + debug(TRACE, "Encoding sIV (server IV): " + Util.dumpString(sIV)); + + final OutputBuffer frameOut = new OutputBuffer(); + try + { + frameOut.setScalar(1, 0x00); + frameOut.setMPI(N); + frameOut.setMPI(g); + frameOut.setOS(s); + frameOut.setMPI(B); + frameOut.setText(L); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendProtocolElements()", x); + } + final byte[] result = frameOut.encode(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendProtocolElements()"); + if (DEBUG && debuglevel > 2) + debug(INFO, "New session..."); + if (DEBUG && debuglevel > 2) + debug(INFO, "S: " + Util.dumpString(result)); + if (DEBUG && debuglevel > 2) + debug(INFO, " N = 0x" + N.toString(16)); + if (DEBUG && debuglevel > 2) + debug(INFO, " g = 0x" + g.toString(16)); + if (DEBUG && debuglevel > 2) + debug(INFO, " s = " + Util.dumpString(s)); + if (DEBUG && debuglevel > 2) + debug(INFO, " B = 0x" + B.toString(16)); + if (DEBUG && debuglevel > 2) + debug(INFO, " L = " + L); + return result; + } + } + + private byte[] sendEvidence(final byte[] input) throws SaslException + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> sendEvidence()"); + if (DEBUG && debuglevel > 6) + debug(TRACE, "C: " + Util.dumpString(input)); + + // Client send A, M1, o, cIV + final InputBuffer frameIn = new InputBuffer(input); + final byte[] M1; + try + { + A = frameIn.getMPI(); // Extract client's ephemeral public key + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got A (client ephemeral public key): " + Util.dump(A)); + M1 = frameIn.getOS(); // Extract evidence + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got M1 (client evidence): " + Util.dumpString(M1)); + o = frameIn.getText(); // Extract client's options list + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got o (client chosen options): \"" + o + "\""); + cIV = frameIn.getOS(); // Extract client's IV + if (DEBUG && debuglevel > 6) + debug(TRACE, "Got cIV (client IV): " + Util.dumpString(cIV)); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendEvidence()", x); + } + + // Parse client's options and set security layer variables + parseO(o); + + // ---------------------------------------------------------------------- + try + { + final OutgoingMessage out = new OutgoingMessage(); + out.writeMPI(A); + final IncomingMessage in = new IncomingMessage(out.toByteArray()); + serverHandler.processMessage(in); + K = serverHandler.getSharedSecret(); + } + catch (KeyAgreementException x) + { + throw new SaslException("sendEvidence()", x); + } + // ---------------------------------------------------------------------- + + if (DEBUG && debuglevel > 6) + debug(TRACE, "K: " + Util.dumpString(K)); + + final byte[] expected; + try + { + expected = srp.generateM1(N, g, U, s, A, B, K, authorizationID, L, cn, + cCB); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("sendEvidence()", x); + } + + // Verify client evidence + if (!Arrays.equals(M1, expected)) + { + throw new AuthenticationException("M1 mismatch"); + } + + setupSecurityServices(true); + + final byte[] M2; + try + { + M2 = srp.generateM2(A, M1, K, U, authorizationID, o, sid, ttl, cIV, + sIV, channelBinding); + } + catch (UnsupportedEncodingException x) + { + throw new AuthenticationException("sendEvidence()", x); + } + + final OutputBuffer frameOut = new OutputBuffer(); + try + { + frameOut.setOS(M2); + frameOut.setOS(sIV); + frameOut.setEOS(sid); + frameOut.setScalar(4, ttl); + frameOut.setEOS(channelBinding); + } + catch (IOException x) + { + if (x instanceof SaslException) + { + throw (SaslException) x; + } + throw new AuthenticationException("sendEvidence()", x); + } + final byte[] result = frameOut.encode(); + if (DEBUG && debuglevel > 2) + debug(INFO, "S: " + Util.dumpString(result)); + if (DEBUG && debuglevel > 2) + debug(INFO, " M2 = " + Util.dumpString(M2)); + if (DEBUG && debuglevel > 2) + debug(INFO, " sIV = " + Util.dumpString(sIV)); + if (DEBUG && debuglevel > 2) + debug(INFO, " sid = " + new String(sid)); + if (DEBUG && debuglevel > 2) + debug(INFO, " ttl = " + ttl); + if (DEBUG && debuglevel > 2) + debug(INFO, " sCB = " + Util.dumpString(channelBinding)); + + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== sendEvidence()"); + return result; + } + + private String createL() + { + if (DEBUG && debuglevel > 8) + debug(TRACE, "==> createL()"); + + String s = (String) properties.get(SRPRegistry.SRP_MANDATORY); + if (s == null) + { + s = SRPRegistry.DEFAULT_MANDATORY; + } + if (!SRPRegistry.MANDATORY_NONE.equals(s) + && !SRPRegistry.OPTION_REPLAY_DETECTION.equals(s) + && !SRPRegistry.OPTION_INTEGRITY.equals(s) + && !SRPRegistry.OPTION_CONFIDENTIALITY.equals(s)) + { + if (DEBUG && debuglevel > 4) + debug(WARN, "Unrecognised mandatory option (" + s + + "). Using default..."); + s = SRPRegistry.DEFAULT_MANDATORY; + } + + mandatory = s; + + s = (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY); + final boolean confidentiality = (s == null ? SRPRegistry.DEFAULT_CONFIDENTIALITY + : Boolean.valueOf(s).booleanValue()); + + s = (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION); + boolean integrity = (s == null ? SRPRegistry.DEFAULT_INTEGRITY + : Boolean.valueOf(s).booleanValue()); + + s = (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION); + final boolean replayDetection = (s == null ? SRPRegistry.DEFAULT_REPLAY_DETECTION + : Boolean.valueOf(s).booleanValue()); + + final StringBuffer sb = new StringBuffer(); + sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append( + srp.getAlgorithm()).append( + ","); + + if (!SRPRegistry.MANDATORY_NONE.equals(mandatory)) + { + sb.append(SRPRegistry.OPTION_MANDATORY).append("=").append(mandatory).append( + ","); + } + if (replayDetection) + { + sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(","); + // if replay detection is on then force integrity protection + integrity = true; + } + + int i; + if (integrity) + { + for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) + { + sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append( + SRPRegistry.INTEGRITY_ALGORITHMS[i]).append( + ","); + } + } + + if (confidentiality) + { + IBlockCipher cipher; + for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) + { + cipher = CipherFactory.getInstance(SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]); + if (cipher != null) + { + sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append( + SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]).append( + ","); + } + } + } + + final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append( + "=").append( + Registry.SASL_BUFFER_MAX_LIMIT).toString(); + if (DEBUG && debuglevel > 8) + debug(TRACE, "<== createL()"); + return result; + } + + // Parse client's options and set security layer variables + private void parseO(final String o) throws AuthenticationException + { + this.replayDetection = false; + boolean integrity = false; + boolean confidentiality = false; + String option; + int i; + + final StringTokenizer st = new StringTokenizer(o.toLowerCase(), ","); + while (st.hasMoreTokens()) + { + option = st.nextToken(); + if (DEBUG && debuglevel > 6) + debug(TRACE, "option: <" + option + ">"); + if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) + { + replayDetection = true; + } + else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "=")) + { + if (integrity) + { + throw new AuthenticationException( + "Only one integrity algorithm may be chosen"); + } + else + { + option = option.substring(option.indexOf('=') + 1); + if (DEBUG && debuglevel > 6) + debug(TRACE, "algorithm: <" + option + ">"); + for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) + { + if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) + { + chosenIntegrityAlgorithm = option; + integrity = true; + break; + } + } + if (!integrity) + { + throw new AuthenticationException( + "Unknown integrity algorithm: " + + option); + } + } + } + else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) + { + if (confidentiality) + { + throw new AuthenticationException( + "Only one confidentiality algorithm may be chosen"); + } + else + { + option = option.substring(option.indexOf('=') + 1); + if (DEBUG && debuglevel > 6) + debug(TRACE, "algorithm: <" + option + ">"); + for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) + { + if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) + { + chosenConfidentialityAlgorithm = option; + confidentiality = true; + break; + } + } + if (!confidentiality) + { + throw new AuthenticationException( + "Unknown confidentiality algorithm: " + + option); + } + } + } + else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=")) + { + final String maxBufferSize = option.substring(option.indexOf('=') + 1); + try + { + rawSendSize = Integer.parseInt(maxBufferSize); + if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT + || rawSendSize < 1) + throw new AuthenticationException( + "Illegal value for 'maxbuffersize' option"); + } + catch (NumberFormatException x) + { + throw new AuthenticationException( + SRPRegistry.OPTION_MAX_BUFFER_SIZE + + "=" + + String.valueOf(maxBufferSize), + x); + } + } + } + + // check if client did the right thing + if (replayDetection) + { + if (!integrity) + { + throw new AuthenticationException( + "Missing integrity protection algorithm " + + "but replay detection is chosen"); + } + } + if (mandatory.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) + { + if (!replayDetection) + { + throw new AuthenticationException( + "Replay detection is mandatory but was not chosen"); + } + } + if (mandatory.equals(SRPRegistry.OPTION_INTEGRITY)) + { + if (!integrity) + { + throw new AuthenticationException( + "Integrity protection is mandatory but was not chosen"); + } + } + if (mandatory.equals(SRPRegistry.OPTION_CONFIDENTIALITY)) + { + if (!confidentiality) + { + throw new AuthenticationException( + "Confidentiality is mandatory but was not chosen"); + } + } + + int blockSize = 0; + if (chosenConfidentialityAlgorithm != null) + { + final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm); + if (cipher != null) + { + blockSize = cipher.defaultBlockSize(); + } + else + { // should not happen + throw new AuthenticationException("Confidentiality algorithm (" + + chosenConfidentialityAlgorithm + + ") not available"); + } + } + + sIV = new byte[blockSize]; + if (blockSize > 0) + getDefaultPRNG().nextBytes(sIV); + } + + private void setupSecurityServices(final boolean newSession) + throws SaslException + { + complete = true; // signal end of authentication phase + if (newSession) + { + outCounter = inCounter = 0; + // instantiate cipher if confidentiality protection filter is active + if (chosenConfidentialityAlgorithm != null) + { + if (DEBUG && debuglevel > 2) + debug(INFO, "Activating confidentiality protection filter"); + inCipher = CALG.getInstance(chosenConfidentialityAlgorithm); + outCipher = CALG.getInstance(chosenConfidentialityAlgorithm); + } + // instantiate hmacs if integrity protection filter is active + if (chosenIntegrityAlgorithm != null) + { + if (DEBUG && debuglevel > 2) + debug(INFO, "Activating integrity protection filter"); + inMac = IALG.getInstance(chosenIntegrityAlgorithm); + outMac = IALG.getInstance(chosenIntegrityAlgorithm); + } + + // generate a new sid if at least integrity is used + sid = (inMac != null ? ServerStore.getNewSessionID() : new byte[0]); + } + else + { // same session new keys + K = srp.generateKn(K, cn, sn); + } + + final KDF kdf = KDF.getInstance(K); + + // initialise in/out ciphers if confidentaility protection is used + if (inCipher != null) + { + outCipher.init(kdf, sIV, Direction.FORWARD); + inCipher.init(kdf, cIV, Direction.REVERSED); + } + // initialise in/out macs if integrity protection is used + if (inMac != null) + { + outMac.init(kdf); + inMac.init(kdf); + } + + if (sid != null && sid.length != 0) + { // update the security context and save in map + if (DEBUG && debuglevel > 2) + debug(INFO, "Updating security context for sid = " + new String(sid)); + ServerStore.instance().cacheSession( + ttl, + new SecurityContext( + srp.getAlgorithm(), + sid, + K, + cIV, + sIV, + replayDetection, + inCounter, + outCounter, + inMac, outMac, + inCipher, + outCipher)); + } + } + + private PRNG getDefaultPRNG() + { + if (prng == null) + prng = PRNG.getInstance(); + + return prng; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java new file mode 100644 index 0000000..feca25c --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/SecurityContext.java @@ -0,0 +1,164 @@ +/* SecurityContext.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +/** + *

A package-private placeholder for an SRP security context.

+ */ +class SecurityContext +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private String mdName; + + private byte[] sid; + + private byte[] K; + + private byte[] cIV; + + private byte[] sIV; + + private boolean replayDetection; + + private int inCounter; + + private int outCounter; + + private IALG inMac; + + private IALG outMac; + + private CALG inCipher; + + private CALG outCipher; + + // Constructor(s) + // ------------------------------------------------------------------------- + + SecurityContext(final String mdName, final byte[] sid, final byte[] K, + final byte[] cIV, final byte[] sIV, + final boolean replayDetection, final int inCounter, + final int outCounter, final IALG inMac, final IALG outMac, + final CALG inCipher, final CALG outCipher) + { + super(); + + this.mdName = mdName; + this.sid = sid; + this.K = K; + this.cIV = cIV; + this.sIV = sIV; + this.replayDetection = replayDetection; + this.inCounter = inCounter; + this.outCounter = outCounter; + this.inMac = inMac; + this.outMac = outMac; + this.inCipher = inCipher; + this.outCipher = outCipher; + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + String getMdName() + { + return mdName; + } + + byte[] getSID() + { + return sid; + } + + byte[] getK() + { + return K; + } + + byte[] getClientIV() + { + return cIV; + } + + byte[] getServerIV() + { + return sIV; + } + + boolean hasReplayDetection() + { + return replayDetection; + } + + int getInCounter() + { + return inCounter; + } + + int getOutCounter() + { + return outCounter; + } + + IALG getInMac() + { + return inMac; + } + + IALG getOutMac() + { + return outMac; + } + + CALG getInCipher() + { + return inCipher; + } + + CALG getOutCipher() + { + return outCipher; + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java new file mode 100644 index 0000000..99bf96a --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/ServerStore.java @@ -0,0 +1,196 @@ +/* ServerStore.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +import java.util.HashMap; + +/** + *

The server-side implementation of the SRP security context store.

+ */ +public class ServerStore +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** The underlying singleton. */ + private static ServerStore singleton = null; + + /** The map of sid --> Security Context record. */ + private static final HashMap sid2ssc = new HashMap(); + + /** The map of sid --> Session timing record. */ + private static final HashMap sid2ttl = new HashMap(); + + /** A synchronisation lock. */ + private static final Object lock = new Object(); + + /** A counter to generate legible SIDs. */ + private static int counter = 0; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** Private constructor to enforce Singleton pattern. */ + private ServerStore() + { + super(); + + // TODO: add a cleaning timer thread + } + + // Class methods + // ------------------------------------------------------------------------- + + /** + *

Returns the classloader Singleton.

+ * + * @return the classloader Singleton instance. + */ + static synchronized final ServerStore instance() + { + if (singleton == null) + { + singleton = new ServerStore(); + } + return singleton; + } + + /** + *

Returns a legible new session identifier.

+ * + * @return a new session identifier. + */ + static synchronized final byte[] getNewSessionID() + { + final String sid = String.valueOf(++counter); + return new StringBuffer("SID-").append( + "0000000000".substring( + 0, + 10 - sid.length())).append( + sid).toString().getBytes(); + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns a boolean flag indicating if the designated session is still + * alive or not.

+ * + * @param sid the identifier of the session to check. + * @return true if the designated session is still alive. + * false otherwise. + */ + boolean isAlive(final byte[] sid) + { + boolean result = false; + if (sid != null && sid.length != 0) + { + synchronized (lock) + { + final String key = new String(sid); + final StoreEntry ctx = (StoreEntry) sid2ttl.get(key); + if (ctx != null) + { + result = ctx.isAlive(); + if (!result) + { // invalidate it en-passant + sid2ssc.remove(key); + sid2ttl.remove(key); + } + } + } + } + return result; + } + + /** + *

Records a mapping between a session identifier and the Security Context + * of the designated SRP server mechanism instance.

+ * + * @param ttl the session's Time-To-Live indicator (in seconds). + * @param ctx the server's security context. + */ + void cacheSession(final int ttl, final SecurityContext ctx) + { + synchronized (lock) + { + final String key = new String(ctx.getSID()); + sid2ssc.put(key, ctx); + sid2ttl.put(key, new StoreEntry(ttl)); + } + } + + /** + *

Updates the mapping between the designated session identifier and the + * designated server's SASL Security Context. In the process, computes + * and return the underlying mechanism server's evidence that shall be + * returned to the client in a session re-use exchange.

+ * + * @param sid the identifier of the session to restore. + * @return an SRP server's security context. + */ + SecurityContext restoreSession(final byte[] sid) + { + final String key = new String(sid); + final SecurityContext result; + synchronized (lock) + { + result = (SecurityContext) sid2ssc.remove(key); + sid2ttl.remove(key); + } + return result; + } + + /** + *

Removes all information related to the designated session ID.

+ * + * @param sid the identifier of the seesion to invalidate. + */ + void invalidateSession(final byte[] sid) + { + final String key = new String(sid); + synchronized (lock) + { + sid2ssc.remove(key); + sid2ttl.remove(key); + } + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java b/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java new file mode 100644 index 0000000..c5041fa --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/sasl/srp/StoreEntry.java @@ -0,0 +1,89 @@ +/* StoreEntry.java -- + Copyright (C) 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.sasl.srp; + +/** + *

A simple timing-related object for use by SRP re-use code.

+ */ +class StoreEntry +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + private boolean perenial; + + private long timeToDie; + + // Constructor(s) + // ------------------------------------------------------------------------- + + StoreEntry(int ttl) + { + super(); + + if (ttl == 0) + { + perenial = true; + timeToDie = 0L; + } + else + { + perenial = false; + timeToDie = System.currentTimeMillis() + (ttl & 0xFFFFFFFFL) * 1000L; + } + } + + // Class methods + // ------------------------------------------------------------------------- + + // Instance methods + // ------------------------------------------------------------------------- + + /** + *

Returns true if the Time-To_live period has not elapsed.

+ * + * @return true if the Time-To-Live period (in seconds) has not + * elapsed yet; false otherwise. + */ + boolean isAlive() + { + return (perenial ? true : (System.currentTimeMillis() < timeToDie)); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/net/ssl/Base64.java b/libjava/classpath/gnu/javax/net/ssl/Base64.java new file mode 100644 index 0000000..52989da --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/Base64.java @@ -0,0 +1,311 @@ +/* Base64.java -- Base64 encoding and decoding. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + +-- +Base64 encoding derived from ISC's DHCP. Copyright notices from DHCP +follow. See http://www.isc.org/products/DHCP/. + +Copyright (c) 1996 by Internet Software Consortium. + +Permission to use, copy, modify, and distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM +DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL +INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING +FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-- +Portions Copyright (c) 1995 by International Business Machines, Inc. + +International Business Machines, Inc. (hereinafter called IBM) grants +permission under its copyrights to use, copy, modify, and distribute +this Software with or without fee, provided that the above copyright +notice and all paragraphs of this notice appear in all copies, and +that the name of IBM not be used in connection with the marketing of +any product incorporating the Software or modifications thereof, +without specific, written prior permission. + +To the extent it has a right to do so, IBM grants an immunity from +suit under its patents, if any, for the use, sale or manufacture of +products to the extent that such products are used for performing +Domain Name System dynamic updates in TCP/IP networks by means of the +Software. No immunity is granted for any product per se or for any +other function of any product. + +THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, +INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, +DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +SOFTWARE, EVEN IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH +DAMAGES. */ + + +package gnu.javax.net.ssl; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +public final class Base64 +{ + + // No constructor. + private Base64() { } + + // Class methods. + // ------------------------------------------------------------------------- + + /** Base-64 characters. */ + private static final String BASE_64 = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + + /** Base-64 padding character. */ + private static final char BASE_64_PAD = '='; + + /** + * Base64 encode a byte array, returning the returning string. + * + * @param buf The byte array to encode. + * @param tw The total length of any line, 0 for unlimited. + * @return buf encoded in Base64. + */ + public static String encode(byte[] buf, int tw) + { + int srcLength = buf.length; + byte[] input = new byte[3]; + int[] output = new int[4]; + StringBuffer out = new StringBuffer(); + int i = 0; + int chars = 0; + + while (srcLength > 2) + { + input[0] = buf[i++]; + input[1] = buf[i++]; + input[2] = buf[i++]; + srcLength -= 3; + + output[0] = (input[0] & 0xff) >>> 2; + output[1] = ((input[0] & 0x03) << 4) + ((input[1] & 0xff) >>> 4); + output[2] = ((input[1] & 0x0f) << 2) + ((input[2] & 0xff) >>> 6); + output[3] = input[2] & 0x3f; + + out.append(BASE_64.charAt(output[0])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + out.append(BASE_64.charAt(output[1])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + out.append(BASE_64.charAt(output[2])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + out.append(BASE_64.charAt(output[3])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + } + + if (srcLength != 0) + { + input[0] = input[1] = input[2] = 0; + for (int j = 0; j < srcLength; j++) + { + input[j] = buf[i+j]; + } + output[0] = (input[0] & 0xff) >>> 2; + output[1] = ((input[0] & 0x03) << 4) + ((input[1] & 0xff) >>> 4); + output[2] = ((input[1] & 0x0f) << 2) + ((input[2] & 0xff) >>> 6); + + out.append(BASE_64.charAt(output[0])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + out.append(BASE_64.charAt(output[1])); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + if (srcLength == 1) + { + out.append(BASE_64_PAD); + } + else + { + out.append(BASE_64.charAt(output[2])); + } + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + out.append(BASE_64_PAD); + if (tw > 0 && ++chars % tw == 0) + { + out.append("\n"); + } + } + if (tw > 0) + { + out.append("\n"); + } + + return out.toString(); + } + + /** + * Decode a Base-64 string into a byte array. + * + * @param b64 The Base-64 encoded string. + * @return The decoded bytes. + * @throws java.io.IOException If the argument is not a valid Base-64 + * encoding. + */ + public static byte[] decode(String b64) throws IOException + { + ByteArrayOutputStream result = new ByteArrayOutputStream(b64.length() / 3); + int state = 0, i; + byte temp = 0; + + for (i = 0; i < b64.length(); i++) + { + if (Character.isWhitespace(b64.charAt(i))) + { + continue; + } + if (b64.charAt(i) == BASE_64_PAD) + { + break; + } + + int pos = BASE_64.indexOf(b64.charAt(i)); + if (pos < 0) + { + throw new IOException("non-Base64 character " + b64.charAt(i)); + } + switch (state) + { + case 0: + temp = (byte) (pos - BASE_64.indexOf('A') << 2); + state = 1; + break; + + case 1: + temp |= (byte) (pos - BASE_64.indexOf('A') >>> 4); + result.write(temp); + temp = (byte) ((pos - BASE_64.indexOf('A') & 0x0f) << 4); + state = 2; + break; + + case 2: + temp |= (byte) ((pos - BASE_64.indexOf('A') & 0x7f) >>> 2); + result.write(temp); + temp = (byte) ((pos - BASE_64.indexOf('A') & 0x03) << 6); + state = 3; + break; + + case 3: + temp |= (byte) (pos - BASE_64.indexOf('A') & 0xff); + result.write(temp); + state = 0; + break; + + default: + throw new Error("this statement should be unreachable"); + } + } + + if (i < b64.length() && b64.charAt(i) == BASE_64_PAD) + { + switch (state) + { + case 0: + case 1: + throw new IOException("malformed Base64 sequence"); + + case 2: + for ( ; i < b64.length(); i++) + { + if (!Character.isWhitespace(b64.charAt(i))) + { + break; + } + } + // We must see a second pad character here. + if (b64.charAt(i) != BASE_64_PAD) + { + throw new IOException("malformed Base64 sequence"); + } + i++; + // Fall-through. + + case 3: + i++; + for ( ; i < b64.length(); i++) + { + // We should only see whitespace after this. + if (!Character.isWhitespace(b64.charAt(i))) + { + System.err.println(b64.charAt(i)); + throw new IOException("malformed Base64 sequence"); + } + } + } + } + else + { + if (state != 0) + { + throw new IOException("malformed Base64 sequence"); + } + } + + return result.toByteArray(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/EntropySource.java b/libjava/classpath/gnu/javax/net/ssl/EntropySource.java new file mode 100644 index 0000000..be840e5 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/EntropySource.java @@ -0,0 +1,62 @@ +/* EntropySource.java -- a source of random bits. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +/** + * A generic interface for adding random bytes to an entropy pool. + */ +public interface EntropySource +{ + + /** + * Returns the estimated quality of this source. This value should be + * between 0 and 100 (the running quality is computed as a percentage, + * 100 percent being perfect-quality). + * + * @return The quality. + */ + double quality(); + + /** + * Returns a new buffer with the next random bytes to add. + * + * @return The next random bytes. + */ + byte[] nextBytes(); +} diff --git a/libjava/classpath/gnu/javax/net/ssl/NullManagerParameters.java b/libjava/classpath/gnu/javax/net/ssl/NullManagerParameters.java new file mode 100644 index 0000000..0e93379 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/NullManagerParameters.java @@ -0,0 +1,56 @@ +/* NullManagerParameters.java -- parameters for empty managers. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +import javax.net.ssl.ManagerFactoryParameters; + +/** + * This empty class can be used to initialize {@link + * javax.net.ssl.KeyManagerFactory} and {@link + * javax.net.ssl.TrustManagerFactory} instances for the ``JessieX509'' + * algorithm, for cases when no keys or trusted certificates are + * desired or needed. + * + *

This is the default manager parameters object used in {@link + * javax.net.ssl.KeyManagerFactory} instances if no key stores are + * specified through security properties. + */ +public final class NullManagerParameters implements ManagerFactoryParameters +{ +} diff --git a/libjava/classpath/gnu/javax/net/ssl/PrivateCredentials.java b/libjava/classpath/gnu/javax/net/ssl/PrivateCredentials.java new file mode 100644 index 0000000..f602f98 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/PrivateCredentials.java @@ -0,0 +1,360 @@ +/* PrivateCredentials.java -- private key/certificate pairs. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; + +import java.math.BigInteger; + +import java.security.InvalidKeyException; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Security; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.RSAPrivateCrtKeySpec; + +import java.util.Collection; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; + +import javax.net.ssl.ManagerFactoryParameters; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; + +import gnu.javax.security.auth.callback.ConsoleCallbackHandler; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.pad.WrongPaddingException; + +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; + +/** + * An instance of a manager factory parameters for holding a single + * certificate/private key pair, encoded in PEM format. + */ +public class PrivateCredentials implements ManagerFactoryParameters +{ + + // Fields. + // ------------------------------------------------------------------------- + + public static final String BEGIN_DSA = "-----BEGIN DSA PRIVATE KEY"; + public static final String END_DSA = "-----END DSA PRIVATE KEY"; + public static final String BEGIN_RSA = "-----BEGIN RSA PRIVATE KEY"; + public static final String END_RSA = "-----END RSA PRIVATE KEY"; + + private List privateKeys; + private List certChains; + + // Constructor. + // ------------------------------------------------------------------------- + + public PrivateCredentials() + { + privateKeys = new LinkedList(); + certChains = new LinkedList(); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void add(InputStream certChain, InputStream privateKey) + throws CertificateException, InvalidKeyException, InvalidKeySpecException, + IOException, NoSuchAlgorithmException, WrongPaddingException + { + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + Collection certs = cf.generateCertificates(certChain); + X509Certificate[] chain = (X509Certificate[]) certs.toArray(new X509Certificate[0]); + + String alg = null; + String line = readLine(privateKey); + String finalLine = null; + if (line.startsWith(BEGIN_DSA)) + { + alg = "DSA"; + finalLine = END_DSA; + } + else if (line.startsWith(BEGIN_RSA)) + { + alg = "RSA"; + finalLine = END_RSA; + } + else + throw new IOException("Unknown private key type."); + + boolean encrypted = false; + String cipher = null; + String salt = null; + StringBuffer base64 = new StringBuffer(); + while (true) + { + line = readLine(privateKey); + if (line == null) + throw new EOFException("premature end-of-file"); + else if (line.startsWith("Proc-Type: 4,ENCRYPTED")) + encrypted = true; + else if (line.startsWith("DEK-Info: ")) + { + int i = line.indexOf(','); + if (i < 0) + cipher = line.substring(10).trim(); + else + { + cipher = line.substring(10, i).trim(); + salt = line.substring(i + 1).trim(); + } + } + else if (line.startsWith(finalLine)) + break; + else if (line.length() > 0) + { + base64.append(line); + base64.append(System.getProperty("line.separator")); + } + } + + byte[] enckey = Base64.decode(base64.toString()); + if (encrypted) + { + enckey = decryptKey(enckey, cipher, toByteArray(salt)); + } + + DERReader der = new DERReader(enckey); + if (der.read().getTag() != DER.SEQUENCE) + throw new IOException("malformed DER sequence"); + der.read(); // version + + KeyFactory kf = KeyFactory.getInstance(alg); + KeySpec spec = null; + if (alg.equals("DSA")) + { + BigInteger p = (BigInteger) der.read().getValue(); + BigInteger q = (BigInteger) der.read().getValue(); + BigInteger g = (BigInteger) der.read().getValue(); + der.read(); // y + BigInteger x = (BigInteger) der.read().getValue(); + spec = new DSAPrivateKeySpec(x, p, q, g); + } + else + { + spec = new RSAPrivateCrtKeySpec( + (BigInteger) der.read().getValue(), // modulus + (BigInteger) der.read().getValue(), // pub exponent + (BigInteger) der.read().getValue(), // priv expenent + (BigInteger) der.read().getValue(), // prime p + (BigInteger) der.read().getValue(), // prime q + (BigInteger) der.read().getValue(), // d mod (p-1) + (BigInteger) der.read().getValue(), // d mod (q-1) + (BigInteger) der.read().getValue()); // coefficient + } + privateKeys.add(kf.generatePrivate(spec)); + certChains.add(chain); + } + + public List getPrivateKeys() + { + if (isDestroyed()) + { + throw new IllegalStateException("this object is destroyed"); + } + return privateKeys; + } + + public List getCertChains() + { + return certChains; + } + + public void destroy() + { + privateKeys.clear(); + privateKeys = null; + } + + public boolean isDestroyed() + { + return (privateKeys == null); + } + + // Own methods. + // ------------------------------------------------------------------------- + + private String readLine(InputStream in) throws IOException + { + boolean eol_is_cr = System.getProperty("line.separator").equals("\r"); + StringBuffer str = new StringBuffer(); + while (true) + { + int i = in.read(); + if (i == -1) + { + if (str.length() > 0) + break; + else + return null; + } + else if (i == '\r') + { + if (eol_is_cr) + break; + } + else if (i == '\n') + break; + else + str.append((char) i); + } + return str.toString(); + } + + private byte[] decryptKey(byte[] ct, String cipher, byte[] salt) + throws IOException, InvalidKeyException, WrongPaddingException + { + byte[] pt = new byte[ct.length]; + IMode mode = null; + if (cipher.equals("DES-EDE3-CBC")) + { + mode = ModeFactory.getInstance("CBC", "TripleDES", 8); + HashMap attr = new HashMap(); + attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 24)); + attr.put(IMode.IV, salt); + attr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + mode.init(attr); + } + else if (cipher.equals("DES-CBC")) + { + mode = ModeFactory.getInstance("CBC", "DES", 8); + HashMap attr = new HashMap(); + attr.put(IMode.KEY_MATERIAL, deriveKey(salt, 8)); + attr.put(IMode.IV, salt); + attr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + mode.init(attr); + } + else + throw new IllegalArgumentException("unknown cipher: " + cipher); + + for (int i = 0; i < ct.length; i += 8) + mode.update(ct, i, pt, i); + + int pad = pt[pt.length-1]; + if (pad < 1 || pad > 8) + throw new WrongPaddingException(); + for (int i = pt.length - pad; i < pt.length; i++) + { + if (pt[i] != pad) + throw new WrongPaddingException(); + } + + byte[] result = new byte[pt.length - pad]; + System.arraycopy(pt, 0, result, 0, result.length); + return result; + } + + private byte[] deriveKey(byte[] salt, int keylen) + throws IOException + { + CallbackHandler passwordHandler = new ConsoleCallbackHandler(); + try + { + Class c = Class.forName(Security.getProperty("jessie.password.handler")); + passwordHandler = (CallbackHandler) c.newInstance(); + } + catch (Exception x) { } + + PasswordCallback passwdCallback = + new PasswordCallback("Enter PEM passphrase: ", false); + try + { + passwordHandler.handle(new Callback[] { passwdCallback }); + } + catch (UnsupportedCallbackException uce) + { + throw new IOException("specified handler cannot handle passwords"); + } + char[] passwd = passwdCallback.getPassword(); + + IMessageDigest md5 = HashFactory.getInstance("MD5"); + byte[] key = new byte[keylen]; + int count = 0; + while (count < keylen) + { + for (int i = 0; i < passwd.length; i++) + md5.update((byte) passwd[i]); + md5.update(salt, 0, salt.length); + byte[] digest = md5.digest(); + int len = Math.min(digest.length, keylen - count); + System.arraycopy(digest, 0, key, count, len); + count += len; + if (count >= keylen) + break; + md5.reset(); + md5.update(digest, 0, digest.length); + } + passwdCallback.clearPassword(); + return key; + } + + private byte[] toByteArray(String hex) + { + hex = hex.toLowerCase(); + byte[] buf = new byte[hex.length() / 2]; + int j = 0; + for (int i = 0; i < buf.length; i++) + { + buf[i] = (byte) ((Character.digit(hex.charAt(j++), 16) << 4) | + Character.digit(hex.charAt(j++), 16)); + } + return buf; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/SRPManagerParameters.java b/libjava/classpath/gnu/javax/net/ssl/SRPManagerParameters.java new file mode 100644 index 0000000..a2a745e --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/SRPManagerParameters.java @@ -0,0 +1,81 @@ +/* SRPManagerParameters.java -- Wrapper for SRP PasswordFile. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +import javax.net.ssl.ManagerFactoryParameters; +import gnu.javax.crypto.sasl.srp.PasswordFile; + +/** + * Instances of this class are used to initialize {@link + * javax.net.ssl.TrustManagerFactory} instances for the ``SRP'' algorithm. + */ +public class SRPManagerParameters implements ManagerFactoryParameters +{ + + // Field. + // ------------------------------------------------------------------------- + + private final PasswordFile file; + + // Constructor. + // ------------------------------------------------------------------------- + + /** + * Initializes these parameters with the specified SRP password file. + * + * @param file The SRP password file object. + * @throws NullPointerException if file is null. + */ + public SRPManagerParameters(PasswordFile file) + { + if (file == null) + { + throw new NullPointerException(); + } + this.file = file; + } + + // Instance method. + // ------------------------------------------------------------------------- + + public PasswordFile getPasswordFile() + { + return file; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/SRPTrustManager.java b/libjava/classpath/gnu/javax/net/ssl/SRPTrustManager.java new file mode 100644 index 0000000..664fa4c --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/SRPTrustManager.java @@ -0,0 +1,99 @@ +/* SRPTrustManager.java -- interface to SRP trust managers. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +import gnu.javax.crypto.sasl.srp.PasswordFile; + +import java.math.BigInteger; +import java.security.KeyPair; +import javax.net.ssl.TrustManager; + +/** + * A trust manager for secure remote password (SRP) key exchange cipher + * suites. This is a read-only interface to the {@link + * gnu.crypto.sasl.srp.PasswordFile} class, with convenience methods to + * generate session key pairs. + */ +public interface SRPTrustManager extends TrustManager +{ + + // Methods. + // ------------------------------------------------------------------------- + + /** + * Tests if the configured password file contains the specified user name. + * + * @param user The user name. + * @return True if the password file has an entry for user + */ + boolean contains(String user); + + /** + * Create and return a session SRP key pair for the given user name. + * + * @param user The user name to generate the key pair for. + * @return The session key pair, or null if there is no + * entry for user. + */ + KeyPair getKeyPair(String user); + + /** + * Returns the salt value for the given user. + * + * @param user The user name. + * @return The salt for user's entry, or null. + */ + byte[] getSalt(String user); + + /** + * Returns the password verifier for the given user. + * + * @param user The user name. + * @return user's password verifier, or null. + */ + BigInteger getVerifier(String user); + + /** + * Returns a reference to the SRP {@link PasswordFile} used by this + * {@link TrustManager}. + * + * @return a reference to the SRP password file in use. + */ + PasswordFile getPasswordFile(); +} diff --git a/libjava/classpath/gnu/javax/net/ssl/StaticTrustAnchors.java b/libjava/classpath/gnu/javax/net/ssl/StaticTrustAnchors.java new file mode 100644 index 0000000..0c2c3cc --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/StaticTrustAnchors.java @@ -0,0 +1,1942 @@ +/* StaticTrustAnchors.java -- static list of CA certificates. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +import java.util.LinkedList; + +import javax.net.ssl.ManagerFactoryParameters; + +/** + * This class implements a simple set of trust anchors suitable for + * initializing a TrustManagerFactory for the "JessieX509" algorithm. + * + *

The important field of this class is the {@link #CA_CERTS} + * constant, which contains an array of commonly accepted CA + * certificates. + */ +public class StaticTrustAnchors implements ManagerFactoryParameters +{ + + // Fields. + // ------------------------------------------------------------------------- + + private X509Certificate[] certs; + + // Constructor. + // ------------------------------------------------------------------------- + + public StaticTrustAnchors(X509Certificate[] certs) + { + this.certs = (X509Certificate[]) certs.clone(); + } + + // Class method. + // ------------------------------------------------------------------------- + + public static X509Certificate generate(CertificateFactory factory, + String encoded) + { + try + { + ByteArrayInputStream in = + new ByteArrayInputStream(encoded.getBytes("UTF-8")); + return (X509Certificate) factory.generateCertificate(in); + } + catch (Exception x) + { + return null; + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public X509Certificate[] getCertificates() + { + return (X509Certificate[]) certs.clone(); + } + + // Constant. + // ------------------------------------------------------------------------- + + /** + * A list of known certificate authority certificates. This set of + * certificates is the same as the default CA certificates used by + * Mozilla. + */ + public static final StaticTrustAnchors CA_CERTS; + + // Static initializer. + // ------------------------------------------------------------------------- + + static + { + LinkedList certs = new LinkedList(); + CertificateFactory factory = null; + + try + { + factory = CertificateFactory.getInstance("X.509"); + } + catch (CertificateException ce) + { + throw new Error(ce.toString()); + } + + X509Certificate cert = generate(factory, + // ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDtTCCAp2gAwIBAgIRANAeQJAAAEZSAAAAAQAAAAQwDQYJKoZIhvcNAQEF\n" + + "BQAwgYkxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJEQzETMBEGA1UEBxMKV2Fz\n" + + "aGluZ3RvbjEXMBUGA1UEChMOQUJBLkVDT00sIElOQy4xGTAXBgNVBAMTEEFC\n" + + "QS5FQ09NIFJvb3QgQ0ExJDAiBgkqhkiG9w0BCQEWFWFkbWluQGRpZ3NpZ3Ry\n" + + "dXN0LmNvbTAeFw05OTA3MTIxNzMzNTNaFw0wOTA3MDkxNzMzNTNaMIGJMQsw\n" + + "CQYDVQQGEwJVUzELMAkGA1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24x\n" + + "FzAVBgNVBAoTDkFCQS5FQ09NLCBJTkMuMRkwFwYDVQQDExBBQkEuRUNPTSBS\n" + + "b290IENBMSQwIgYJKoZIhvcNAQkBFhVhZG1pbkBkaWdzaWd0cnVzdC5jb20w\n" + + "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx0xHgeVVDBwhMywVC\n" + + "AOINg0Y95JO6tgbTDVm9PsHOQ2cBiiGo77zM0KLMsFWWU4RmBQDaREmA2FQK\n" + + "pSWGlO1jVv9wbKOhGdJ4vmgqRF4vz8wYXke8OrFGPR7wuSw0X4x8TAgpnUBV\n" + + "6zx9g9618PeKgw6hTLQ6pbNfWiKX7BmbwQVo/ea3qZGULOR4SCQaJRk665Wc\n" + + "OQqKz0Ky8BzVX/tr7WhWezkscjiw7pOp03t3POtxA6k4ShZsiSrK2jMTecJV\n" + + "jO2cu/LLWxD4LmE1xilMKtAqY9FlWbT4zfn0AIS2V0KFnTKo+SpU+/94Qby9\n" + + "cSj0u5C8/5Y0BONFnqFGKECBAgMBAAGjFjAUMBIGA1UdEwEB/wQIMAYBAf8C\n" + + "AQgwDQYJKoZIhvcNAQEFBQADggEBAARvJYbk5pYntNlCwNDJALF/VD6Hsm0k\n" + + "qS8Kfv2kRLD4VAe9G52dyntQJHsRW0mjpr8SdNWJt7cvmGQlFLdh6X9ggGvT\n" + + "ZOirvRrWUfrAtF13Gn9kCF55xgVM8XrdTX3O5kh7VNJhkoHWG9YA8A6eKHeg\n" + + "TYjHInYZw8eeG6Z3ePhfm1bR8PIXrI6dWeYf/le22V7hXZ9F7GFoGUHhsiAm\n" + + "/lowdiT/QHI8eZ98IkirRs3bs4Ysj78FQdPB4xTjQRcm0HyncUwZ6EoPclgx\n" + + "fexgeqMiKL0ZJGA/O4dzwGvky663qyVDslUte6sGDnVdNOVdc22esnVApVnJ\n" + + "TzFxiNmIf1Q=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AOL_Time_Warner_Root_Certification_Authority_1.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMC\n" + + "VVMxHTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNB\n" + + "bWVyaWNhIE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIg\n" + + "Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAw\n" + + "MFoXDTM3MTEyMDE1MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRB\n" + + "T0wgVGltZSBXYXJuZXIgSW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUg\n" + + "SW5jLjE3MDUGA1UEAxMuQU9MIFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNh\n" + + "dGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC\n" + + "ggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U0pPlLYnKhHw/EEMbjIt8hFj4JHxI\n" + + "zyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItITuLCxFlpMGK2MKKMCxGZYTVt\n" + + "fu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAfRC+iYkGzuxgh28pxPIzs\n" + + "trkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqFzQ6axOAAsNUl6twr\n" + + "5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqhBC4aMqiaILGc\n" + + "LCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEAAaNjMGEw\n" + + "DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jYPXy+\n" + + "XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/\n" + + "BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNM\n" + + "eUWn9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7\n" + + "CegCgTXTCt8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77Bf\n" + + "WgDrvq2g+EQFZ7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oT\n" + + "LW4jYYehY0KswsuXn2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCz\n" + + "vhGbRWeDhhmH05i9CBoWH1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmw\n" + + "X7A5KGgOc90lmt4S\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AOL_Time_Warner_Root_Certification_Authority_2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMC\n" + + "VVMxHTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNB\n" + + "bWVyaWNhIE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIg\n" + + "Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAw\n" + + "MFoXDTM3MDkyODIzNDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRB\n" + + "T0wgVGltZSBXYXJuZXIgSW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUg\n" + + "SW5jLjE3MDUGA1UEAxMuQU9MIFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNh\n" + + "dGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC\n" + + "ggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ7ouZzU9AhqS2TcnZsdw8TQ2FTBVs\n" + + "RotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilbm2BPJoPRYxJWSXakFsKlnUWs\n" + + "i4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOYxFSMFkpBd4aVdQxHAWZg\n" + + "/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZYYCLqJV+FNwSbKTQ\n" + + "2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbqJS5Gr42whTg0\n" + + "ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fxI2rSAG2X\n" + + "+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETzkxml\n" + + "J85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh\n" + + "EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNo\n" + + "Kk/SBtc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJ\n" + + "Kg71ZDIMgtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1Ex\n" + + "MVCgyhwn2RAurda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMB\n" + + "Af8wHQYDVR0OBBYEFE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaA\n" + + "FE9pbQN+nZ8HGEO8txBO1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG\n" + + "9w0BAQUFAAOCAgEAO/Ouyuguh4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0\n" + + "cnAxa8cZmIDJgt43d15Ui47y6mdPyXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRF\n" + + "ASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q7C+qPBR7V8F+GBRn7iTGvboVsNIY\n" + + "vbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKTRuidDV29rs4prWPVVRaAMCf/\n" + + "drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/ClTluUI8JPu3B5wwn3la\n" + + "5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyBM5kYJRF3p+v9WAks\n" + + "mWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQmy8YJPamTQr5\n" + + "O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xOAU++CrYD\n" + + "062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT9Y41\n" + + "xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H\n" + + "hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOL\n" + + "Z8/5fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AddTrust_External_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJT\n" + + "RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4\n" + + "dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5h\n" + + "bCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzEL\n" + + "MAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1B\n" + + "ZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1\n" + + "c3QgRXh0ZXJuYWwgQ0EgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\n" + + "AQoCggEBALf3GjPm8gAELTngTlvtH7xsD821+iO2zt6bETOXpClMfZOfvUq8\n" + + "k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfwTz/oMp50\n" + + "ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504\n" + + "B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDez\n" + + "eWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5\n" + + "aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0WicCAwEAAaOB\n" + + "3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0PBAQD\n" + + "AgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6\n" + + "xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU\n" + + "cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdv\n" + + "cmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJ\n" + + "KoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl\n" + + "j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5R\n" + + "xNKWt9x+Tu5w/Rw56wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjT\n" + + "K3rMUUKhemPR5ruhxSvCNr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1\n" + + "n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHx\n" + + "REzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49O\n" + + "hgQ=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AddTrust_Low-Value_Services_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJT\n" + + "RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRU\n" + + "UCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3Qw\n" + + "HhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJT\n" + + "RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRU\n" + + "UCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3Qw\n" + + "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwze\n" + + "xODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY654eyNAbFvAWlA3yCyykQruGI\n" + + "gb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWroulpOj0O\n" + + "M3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1Lc\n" + + "sRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5\n" + + "mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG\n" + + "9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0OBBYEFJWxtPCU\n" + + "tr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTADAQH/\n" + + "MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQsw\n" + + "CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk\n" + + "ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAx\n" + + "IENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0\n" + + "MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph\n" + + "iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9\n" + + "tTEv2dB8Xfjea4MYeDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL\n" + + "/bscVjby/rK25Xa71SJlpz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlV\n" + + "g3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6\n" + + "tkD9xOQ14R0WHNC8K47Wcdk=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AddTrust_Public_Services_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJT\n" + + "RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRU\n" + + "UCBOZXR3b3JrMSAwHgYDVQQDExdBZGRUcnVzdCBQdWJsaWMgQ0EgUm9vdDAe\n" + + "Fw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJBgNVBAYTAlNF\n" + + "MRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ\n" + + "IE5ldHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIB\n" + + "IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+\n" + + "A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbunyNu9DnLoblv8n75XYcmYZ4c\n" + + "+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1id9NEHif2\n" + + "P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKX\n" + + "C1sIXzSGAa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8R\n" + + "s3iQhCBSWxHveNCD9tVIkNAwHM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9\n" + + "BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0GA1UdDgQWBBSBPjfYkrAf\n" + + "d59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zCB\n" + + "jgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkG\n" + + "A1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRU\n" + + "cnVzdCBUVFAgTmV0d29yazEgMB4GA1UEAxMXQWRkVHJ1c3QgUHVibGljIENB\n" + + "IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4JNojVhaTdt02KLmu\n" + + "G7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL\n" + + "+YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbj\n" + + "PGsye/Kf8Lb93/AoGEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bY\n" + + "GozH7ZxOmuASu7VqTITh4SINhwBk/ox9Yjllpu9CtoAlEmEBqCQTcAARJl/6\n" + + "NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9HEufOX1362Kqx\n" + + "My3ZdvJOOjMMK7MtkAY=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // AddTrust_Qualified_Certificates_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJT\n" + + "RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRU\n" + + "UCBOZXR3b3JrMSMwIQYDVQQDExpBZGRUcnVzdCBRdWFsaWZpZWQgQ0EgUm9v\n" + + "dDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcxCzAJBgNVBAYT\n" + + "AlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3Qg\n" + + "VFRQIE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBS\n" + + "b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoek\n" + + "n0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx64r1EW7tTw2R0hIYLUkVAcKk\n" + + "IhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3KP0q6p6z\n" + + "sLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1t\n" + + "UvznoD1oL/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R\n" + + "+Bg6Ot4l2ffTQO2kBhLEO+GRwVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvES\n" + + "a0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HUMIHRMB0GA1UdDgQWBBQ5\n" + + "lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUw\n" + + "AwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkw\n" + + "ZzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQL\n" + + "ExRBZGRUcnVzdCBUVFAgTmV0d29yazEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVh\n" + + "bGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBABmrder4i2Vh\n" + + "lRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG\n" + + "GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx9\n" + + "5dr6h+sNNVJn0J6XdgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKF\n" + + "Yqa0p9m9N5xotS1WfbC3P6CxB9bpT9zeRXEwMn8bLgn5v1Kh7sKAPgZcLlVA\n" + + "wRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDBiFrRHnGTHyQw\n" + + "dOUeqN48Jzd/g66ed8/wMLH/S5noxqE=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // America_Online_Root_Certification_Authority_1.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJV\n" + + "UzEcMBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1l\n" + + "cmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4X\n" + + "DTAyMDUyODA2MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMx\n" + + "HDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJp\n" + + "Y2EgT25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw\n" + + "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCa\n" + + "xlCyfqXfaE0bfA+2l2h9LaaLl+lkhsmj76CGv2BlnEtUiMJIxUo5vxTjWVXl\n" + + "GbR0yLQFOVwWpeKVBeASrlmLojNoWBym1BW32J/X3HGrfpq/m44zDyL9Hy7n\n" + + "BzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsWOqMFf6Dch9Wc/HKpoH145Lcx\n" + + "VR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb2xzTa5qGUwew76wGePiE\n" + + "mf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQkoO3rHl+Ee5fSfwMCu\n" + + "JKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\n" + + "HQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAUAK3Zo/Z5\n" + + "9m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUA\n" + + "A4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF\n" + + "Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOM\n" + + "IOAbLjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTI\n" + + "dGcL+oiroQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43g\n" + + "Kd8hdIaC2y+CMMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j\n" + + "8uB9Gr784N/Xx6dssPmuujz9dLQR6FgNgLzTqIA6me11zEZ7\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // America_Online_Root_Certification_Authority_2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJV\n" + + "UzEcMBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1l\n" + + "cmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4X\n" + + "DTAyMDUyODA2MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMx\n" + + "HDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJp\n" + + "Y2EgT25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw\n" + + "DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssN\n" + + "t79Hc9PwVU3dxgz6sWYFas14tNwC206B89enfHG8dWOgXeMHDEjsJcQDIPT/\n" + + "DjsS/5uN4cbVG7RtIuOx238hZK+GvFciKtZHgVdEglZTvYYUAQv8f3SkWq7x\n" + + "uhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2JxhP7JsowtS013wMPgwr38oE\n" + + "18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9BoInLRBYBbV4Bbkv2wxr\n" + + "kJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7eXz8d3eOyG6ChKiMD\n" + + "bi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8BPeraunzgWGcX\n" + + "uVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67Xnfn6KVu\n" + + "Y8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEqZ8A9\n" + + "W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ\n" + + "o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48\n" + + "ArO3+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124Hhn\n" + + "AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3Op\n" + + "aaEg5+31IqEjFNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNee\n" + + "MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypL\n" + + "M7PmG2tZTiLMubekJcmnxPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qf\n" + + "tIe3RUavg6WXSIylvfEWK5t2LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjR\n" + + "Ywu5W1LtGLBDQiKmsXeu3mnFzcccobGlHBD7GL4acN3Bkku+KVqdPzW+5X1R\n" + + "+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8CNyRnqjQ1xU3c6U1uPx+xURABsPr\n" + + "+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMeIjzCpjbdGe+n/BLzJsBZMYVM\n" + + "nNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMADjMSW7yV5TKQqLPGbIOt\n" + + "d+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2FAjgQ5ANh1NolNscI\n" + + "WC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUXOm/9riW99XJZ\n" + + "ZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPbAZO1XB4Y\n" + + "3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQlZvqz\n" + + "2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw\n" + + "RY8mkaKO/qk=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Baltimore_CyberTrust_Code_Signing_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDpjCCAo6gAwIBAgIEAgAAvzANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQG\n" + + "EwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0\n" + + "MS8wLQYDVQQDEyZCYWx0aW1vcmUgQ3liZXJUcnVzdCBDb2RlIFNpZ25pbmcg\n" + + "Um9vdDAeFw0wMDA1MTcxNDAxMDBaFw0yNTA1MTcyMzU5MDBaMGcxCzAJBgNV\n" + + "BAYTAklFMRIwEAYDVQQKEwlCYWx0aW1vcmUxEzARBgNVBAsTCkN5YmVyVHJ1\n" + + "c3QxLzAtBgNVBAMTJkJhbHRpbW9yZSBDeWJlclRydXN0IENvZGUgU2lnbmlu\n" + + "ZyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHGaGBKO\n" + + "etv5mvxBr9jy9AmOrT/+Zzc82skmULGxPsvoTnMA8rLc88VG+wnvGJbOp+Cc\n" + + "hF0gDnqgqjaL+ii2eC6z7OhH8wTwkCO06q/lU7gF90ddK4bxp6TGOzW20g1S\n" + + "Qdf0knXhogpQVoe+lwt7M4UQuSgY7jPqSBHXW5FHdiLU7s9d56hOHJ2Wkd2c\n" + + "vXQJqHJhqrAhOvE9LANWCdLB3MO1x1Q3q+YmorJGcXPKEYjuvOdk99ARGnNA\n" + + "WshJLA+375B/aIAEOAsbDzvU9aCzwo7hNLSAmW2edtSSKUCxldI3pGcSf+Bi\n" + + "u641xZk2gkS45ngYM2Fxk1stjZ94lYLrbQIDAQABo1owWDATBgNVHSUEDDAK\n" + + "BggrBgEFBQcDAzAdBgNVHQ4EFgQUyEE0XBUVBOVA8tGrmm8kknqHQlowEgYD\n" + + "VR0TAQH/BAgwBgEB/wIBAzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEF\n" + + "BQADggEBAFJ0qpVLIozHPZak/l36L7W86/AL6VY4HdFtDaG8aIvwxYClJDT9\n" + + "8pYYEYahNvU351RA1WQfw19wQmstOceeUgXO52py0o1yP0dQg6vHjSXJsOOn\n" + + "UxaVpmpT6hidj3ipd3ca+bSXR1mIJyi1yuEu1z4Oog24IkQD49FjsEE6ofWk\n" + + "Lfd2HgRUmXgyQNcrfE26ppyweW4Hvozs7tc4aVvBDFZon/7r0eHIiPnyzX++\n" + + "hbREZwBQPvQmA2Tqd33oXj4cN0fI1uqk8zY8l8I5cgWUGSXD1zdBD8Efh4r9\n" + + "qr7psWRX5NuSoc/hSeg7H5ETWsOP2SVYSYBHD8YDrqzjv7fAqio=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Baltimore_CyberTrust_Mobile_Commerce_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICfTCCAeagAwIBAgIEAgAAuDANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG\n" + + "EwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0\n" + + "MSkwJwYDVQQDEyBCYWx0aW1vcmUgQ3liZXJUcnVzdCBNb2JpbGUgUm9vdDAe\n" + + "Fw0wMDA1MTIxODIwMDBaFw0yMDA1MTIyMzU5MDBaMGExCzAJBgNVBAYTAklF\n" + + "MRIwEAYDVQQKEwlCYWx0aW1vcmUxEzARBgNVBAsTCkN5YmVyVHJ1c3QxKTAn\n" + + "BgNVBAMTIEJhbHRpbW9yZSBDeWJlclRydXN0IE1vYmlsZSBSb290MIGfMA0G\n" + + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjbbE4Vqz8tVYh3sCQXSZHgsZ9jx+g\n" + + "hY8vu9ThHB3yJB8osC+5pKVvoiIgZP6ERzx+K2xparjUwJaOjFINzW9B1L8E\n" + + "rqeBLy2YSNLBlKO1GV1dUWT0jkGwm8AtIqBexthaEmO8EUpeJhId4iYF5g9f\n" + + "Ih96X3aUrs9aKA6rRdoiMQIDAQABo0IwQDAdBgNVHQ4EFgQUyeKPwAImWrbA\n" + + "B+N/lAcY2y6lmnAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw\n" + + "DQYJKoZIhvcNAQEFBQADgYEAUwgLJgl4QnPU7Hp3Rw3jCzNx764zFE37+v0a\n" + + "t1H15JkcBnHXKRnX5hUgUVFGbU/eGEmY0Ph4u3HojQEG1ddkj5TfR/6ghWk2\n" + + "qS9CemhKEtaLC3BECqQE7yaIwTVxOF0bW0hC8OeUHHCVNKir9avieK318FL9\n" + + "m+pCDOjYVL5TZvU=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Baltimore_CyberTrust_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQG\n" + + "EwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0\n" + + "MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUx\n" + + "MjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNV\n" + + "BAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZ\n" + + "QmFsdGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQAD\n" + + "ggEPADCCAQoCggEBAKMEuyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+h\n" + + "Xe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gR\n" + + "QKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/CG9VwcPCP\n" + + "wBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1\n" + + "pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNT\n" + + "Px8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkC\n" + + "AwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1BE3wMBIGA1Ud\n" + + "EwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUA\n" + + "A4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkT\n" + + "I7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx\n" + + "jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/\n" + + "oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67\n" + + "G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H\n" + + "RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Digital_Signature_Trust_Co._Global_CA_1.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQG\n" + + "EwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREw\n" + + "DwYDVQQLEwhEU1RDQSBFMTAeFw05ODEyMTAxODEwMjNaFw0xODEyMTAxODQw\n" + + "MjNaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVy\n" + + "ZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEB\n" + + "AQUAA4GLADCBhwKBgQCgbIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlR\n" + + "EmlvMVW5SXIACH7TpWJENySZj9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+Lth\n" + + "zfNHwJmm8fOR6Hh8AMthyUQncWlVSn5JTe2io74CTADKAqjuAQIxZA9SLRN0\n" + + "dja1erQtcQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBoBgNVHR8E\n" + + "YTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwg\n" + + "U2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTExDTALBgNV\n" + + "BAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMTAxODEwMjNagQ8yMDE4MTIx\n" + + "MDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFGp5fpFpRhgTCgJ3\n" + + "pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i+DAMBgNV\n" + + "HRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3\n" + + "DQEBBQUAA4GBACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lN\n" + + "QseSJqBcNJo4cvj9axY+IO6CizEqkzaFI4iKPANo08kJD038bKTaKHKTDomA\n" + + "sH3+gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4RbyhkwS7hp86W0N6\n" + + "w4pl\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Digital_Signature_Trust_Co._Global_CA_2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIID2DCCAsACEQDQHkCLAAACfAAAAAIAAAABMA0GCSqGSIb3DQEBBQUAMIGp\n" + + "MQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBM\n" + + "YWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENv\n" + + "LjERMA8GA1UECxMIRFNUQ0EgWDExFjAUBgNVBAMTDURTVCBSb290Q0EgWDEx\n" + + "ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODEyMDEx\n" + + "ODE4NTVaFw0wODExMjgxODE4NTVaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UE\n" + + "CBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0Rp\n" + + "Z2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgWDEx\n" + + "FjAUBgNVBAMTDURTVCBSb290Q0EgWDExITAfBgkqhkiG9w0BCQEWEmNhQGRp\n" + + "Z3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + + "ANLGJrbnpT3BxGjVUG9TxW9JEwm4ryxIjRRqoxdfWvnTLnUv2Chi0ZMv/E3U\n" + + "q4flCMeZ55I/db3rJbQVwZsZPdJEjdd0IG03Ao9pk1uKxBmd9LIO/BZsubEF\n" + + "koPRhSxglD5FVaDZqwgh5mDoO3TymVBRaNADLbGAvqPYUrBEzUNKcI5YhZXh\n" + + "TizWLUFv1oTnyJhEykfbLCSlaSbPa7gnYsP0yXqSI+0TZ4KuRS5F5X5yP4Wd\n" + + "lGIQ5jyRoa13AOAV7POEgHJ6jm5gl8ckWRA0g1vhpaRptlc1HHhZxtMvOnNn\n" + + "7pTKBBMFYgZwI7P0fO5F2WQLW0mqpEPOJsREEmy43XkCAwEAATANBgkqhkiG\n" + + "9w0BAQUFAAOCAQEAojeyP2n714Z5VEkxlTMr89EJFEliYIalsBHiUMIdBlc+\n" + + "LegzZL6bqq1fG03UmZWii5rJYnK1aerZWKs17RWiQ9a2vAd5ZWRzfdd5ynvV\n" + + "WlHG4VMElo04z6MXrDlxawHDi1M8Y+nuecDkvpIyZHqzH5eUYr3qsiAVlfuX\n" + + "8ngvYzZAOONGDx3drJXK50uQe7FLqdTF65raqtWjlBRGjS0f8zrWkzr2Pnn8\n" + + "6Oawde3uPclwx12qgUtGJRzHbBXjlU4PqjI3lAoXJJIThFjSY28r9+ZbYgsT\n" + + "F7ANUkz+/m9c4pFuHf2kYtdo+o56T9II2pPc8JIRetDccpMMc5NihWjQ9A==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Digital_Signature_Trust_Co._Global_CA_3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQG\n" + + "EwJVUzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREw\n" + + "DwYDVQQLEwhEU1RDQSBFMjAeFw05ODEyMDkxOTE3MjZaFw0xODEyMDkxOTQ3\n" + + "MjZaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVy\n" + + "ZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEB\n" + + "AQUAA4GLADCBhwKBgQC/k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fB\n" + + "w18DW9Fvrn5C6mYjuGODVvsoLeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87e\n" + + "ZfCocfdPJmyMvMa1795JJ/9IKn3oTQPMx7JSxhcxEzu1TdvIxPbDDyQq2gyd\n" + + "55FbgM2UnQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBoBgNVHR8E\n" + + "YTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwg\n" + + "U2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTIxDTALBgNV\n" + + "BAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5ODEyMDkxOTE3MjZagQ8yMDE4MTIw\n" + + "OTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFB6CTShlgDzJQW6s\n" + + "NS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5WzAMBgNV\n" + + "HRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3\n" + + "DQEBBQUAA4GBAEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHR\n" + + "xdf0CiUPPXiBng+xZ8SQTGPdXqfiup/1902lMXucKS1M/mQ+7LZT/uqb7YLb\n" + + "dHVLB3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1mPnHfxsb1gYgAlih\n" + + "w6ID\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Digital_Signature_Trust_Co._Global_CA_4.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIID2DCCAsACEQDQHkCLAAB3bQAAAAEAAAAEMA0GCSqGSIb3DQEBBQUAMIGp\n" + + "MQswCQYDVQQGEwJ1czENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBM\n" + + "YWtlIENpdHkxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENv\n" + + "LjERMA8GA1UECxMIRFNUQ0EgWDIxFjAUBgNVBAMTDURTVCBSb290Q0EgWDIx\n" + + "ITAfBgkqhkiG9w0BCQEWEmNhQGRpZ3NpZ3RydXN0LmNvbTAeFw05ODExMzAy\n" + + "MjQ2MTZaFw0wODExMjcyMjQ2MTZaMIGpMQswCQYDVQQGEwJ1czENMAsGA1UE\n" + + "CBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxJDAiBgNVBAoTG0Rp\n" + + "Z2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgWDIx\n" + + "FjAUBgNVBAMTDURTVCBSb290Q0EgWDIxITAfBgkqhkiG9w0BCQEWEmNhQGRp\n" + + "Z3NpZ3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + + "ANx18IzAdZaawGIfJvfE4Zrq4FZzW5nNAUSoCLbVp9oaBBg5kkp4o4HC9Xd6\n" + + "ULRw/5qrxsfKboNPQpj7Jgva3G3WqZlVUmfpKAOS3OWwBZoPFflrWXJW8vo5\n" + + "/Kpo7g8fEIMv/J36F5bdguPmRX3AS4BEH+0s4IT9kVySVGkl5WJp3OXuAFK9\n" + + "MwutdQKFp2RQLcUZGTDAJtvJ0/0uma1ZtQtN1EGuhUhDWdy3qOKi3sOP17ih\n" + + "YqZoUFLkzzGnlIXan0YyF1bl8utmPRL/Q9uY73fPy4GNNLHGUEom0eQ+QVCv\n" + + "bK4iNC7Va26Dunm4dmVI2gkpZGMiuftHdoWMhkTLCdsCAwEAATANBgkqhkiG\n" + + "9w0BAQUFAAOCAQEAtTYOXeFhKFoRZcA/gwN5Tb4opgsHAlKFzfiR0BBstWog\n" + + "WxyQ2TA8xkieil5k+aFxd+8EJx8H6+Qm93N0yUQYGmbT4EOvkTvRyyzYdFQ6\n" + + "HE3K1GjNI3wdEJ5F6fYAbqbNGf9PLCmPV03Ed5K+4EwJ+11EhmYhqLkyolbV\n" + + "6YyDfFk/xPEL553snr2cGA4+wjl5KLcDDQjLxufZATdQEOzMYRZA1K8xdHv8\n" + + "PzGn0EdzMzkbzE5q10mDEQb+64JYMzJM8FasHpwvVpp7wUocpf1VNs78lk30\n" + + "sPDst2yC7S8xmUJMqbINuBVd8d+6ybVK1GSYsyapMMj9puyrliGtf8J4tg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Entrust.net_Global_Secure_Personal_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEgzCCA+ygAwIBAgIEOJ725DANBgkqhkiG9w0BAQQFADCBtDEUMBIGA1UE\n" + + "ChMLRW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9HQ0NB\n" + + "X0NQUyBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsT\n" + + "HChjKSAyMDAwIEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1\n" + + "c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAy\n" + + "MDcxNjE2NDBaFw0yMDAyMDcxNjQ2NDBaMIG0MRQwEgYDVQQKEwtFbnRydXN0\n" + + "Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0dDQ0FfQ1BTIGluY29y\n" + + "cC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDIwMDAg\n" + + "RW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xp\n" + + "ZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA\n" + + "A4GNADCBiQKBgQCTdLS25MVL1qFof2LV7PdRV7NySpj10InJrWPNTTVRaoTU\n" + + "rcloeW+46xHbh65cJFET8VQlhK8pK5/jgOLZy93GRUk0iJBeAZfv6lOm3fzB\n" + + "3ksqJeTpNfpVBQbliXrqpBFXO/x8PTbNZzVtpKklWb1m9fkn5JVn1j+SgF7y\n" + + "NH0rhQIDAQABo4IBnjCCAZowEQYJYIZIAYb4QgEBBAQDAgAHMIHdBgNVHR8E\n" + + "gdUwgdIwgc+ggcyggcmkgcYwgcMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUAw\n" + + "PgYDVQQLFDd3d3cuZW50cnVzdC5uZXQvR0NDQV9DUFMgaW5jb3JwLiBieSBy\n" + + "ZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0\n" + + "Lm5ldCBMaW1pdGVkMTMwMQYDVQQDEypFbnRydXN0Lm5ldCBDbGllbnQgQ2Vy\n" + + "dGlmaWNhdGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQw\n" + + "IoAPMjAwMDAyMDcxNjE2NDBagQ8yMDIwMDIwNzE2NDY0MFowCwYDVR0PBAQD\n" + + "AgEGMB8GA1UdIwQYMBaAFISLdP3FjcD/J20gN0V8/i3OutN9MB0GA1UdDgQW\n" + + "BBSEi3T9xY3A/ydtIDdFfP4tzrrTfTAMBgNVHRMEBTADAQH/MB0GCSqGSIb2\n" + + "fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQQFAAOBgQBObzWA\n" + + "O9GK9Q6nIMstZVXQkvTnhLUGJoMShAusO7JE7r3PQNsgDrpuFOow4DtifH+L\n" + + "a3xKp9U1PL6oXOpLu5OOgGarDyn9TS2/GpsKkMWr2tGzhtQvJFJcem3G8v7l\n" + + "TRowjJDyutdKPkN+1MhQGof4T4HHdguEOnKdzmVml64mXg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Entrust.net_Global_Secure_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIElTCCA/6gAwIBAgIEOJsRPDANBgkqhkiG9w0BAQQFADCBujEUMBIGA1UE\n" + + "ChMLRW50cnVzdC5uZXQxPzA9BgNVBAsUNnd3dy5lbnRydXN0Lm5ldC9TU0xf\n" + + "Q1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc\n" + + "KGMpIDIwMDAgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVz\n" + + "dC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe\n" + + "Fw0wMDAyMDQxNzIwMDBaFw0yMDAyMDQxNzUwMDBaMIG6MRQwEgYDVQQKEwtF\n" + + "bnRydXN0Lm5ldDE/MD0GA1UECxQ2d3d3LmVudHJ1c3QubmV0L1NTTF9DUFMg\n" + + "aW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykg\n" + + "MjAwMCBFbnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5l\n" + + "dCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0G\n" + + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHwV9OcfHO8GCGD9JYf9Mzly0XonUw\n" + + "tZZkJi9ow0SrqHXmAGc0V55lxyKbc+bT3QgON1WqJUaBbL3+qPZ1V1eMkGxK\n" + + "wz6LS0MKyRFWmponIpnPVZ5h2QLifLZ8OAfc439PmrkDQYC2dWcTC5/oVzbI\n" + + "XQA23mYU2m52H083jIITiQIDAQABo4IBpDCCAaAwEQYJYIZIAYb4QgEBBAQD\n" + + "AgAHMIHjBgNVHR8EgdswgdgwgdWggdKggc+kgcwwgckxFDASBgNVBAoTC0Vu\n" + + "dHJ1c3QubmV0MT8wPQYDVQQLFDZ3d3cuZW50cnVzdC5uZXQvU1NMX0NQUyBp\n" + + "bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAy\n" + + "MDAwIEVudHJ1c3QubmV0IExpbWl0ZWQxOjA4BgNVBAMTMUVudHJ1c3QubmV0\n" + + "IFNlY3VyZSBTZXJ2ZXIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxDTALBgNV\n" + + "BAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMDAyMDQxNzIwMDBagQ8yMDIwMDIw\n" + + "NDE3NTAwMFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFMtswGvjuz7L/CKc\n" + + "/vuLkpyw8m4iMB0GA1UdDgQWBBTLbMBr47s+y/winP77i5KcsPJuIjAMBgNV\n" + + "HRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkq\n" + + "hkiG9w0BAQQFAAOBgQBi24GRzsiad0Iv7L0no1MPUBvqTpLwqa+poLpIYcvv\n" + + "yQbvH9X07t9WLebKahlzqlO+krNQAraFJnJj2HVQYnUUt7NQGj/KEQALhUVp\n" + + "bbalrlHhStyCP2yMNLJ3a9kC9n8O6mUE8c1UyrrJzOCE98g+EZfTYAkYvAX/\n" + + "bIkz8OwVDw==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Entrust.net_Premium_2048_Secure_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UE\n" + + "ChMLRW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNf\n" + + "MjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsT\n" + + "HChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1\n" + + "c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEy\n" + + "MjQxNzUwNTFaFw0xOTEyMjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0\n" + + "Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29y\n" + + "cC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkg\n" + + "RW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2Vy\n" + + "dGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEF\n" + + "AAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4\n" + + "QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/EC\n" + + "DNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuXMlBvPci6Zgzj\n" + + "/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzWnLLP\n" + + "KQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZd\n" + + "enoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH\n" + + "4QIDAQABo3QwcjARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB\n" + + "0RGAvtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJ\n" + + "FrlwMB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0B\n" + + "AQUFAAOCAQEAWUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFh\n" + + "fGPjK50xA3B20qMooPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVU\n" + + "KcgF7bISKo30Axv/55IQh7A6tcOdBTcSo8f0FbnVpDkWm1M6I5HxqIKiaoho\n" + + "wXkCIryqptau37AUX7iH0N18f3v/rxzP5tsHrV7bhZ3QKw0z2wTR5klAEyt2\n" + + "+z7pnIkPFc4YsIV4IU9rTw76NmfNB/L/CNDi3tm/Kq+4h4YhPATKt5Rof888\n" + + "6ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVyvUxFnmG6v4SBkgPR0ml8xQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Entrust.net_Secure_Personal_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE\n" + + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50\n" + + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs\n" + + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp\n" + + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0\n" + + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa\n" + + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV\n" + + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw\n" + + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50\n" + + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50\n" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL\n" + + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv\n" + + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV\n" + + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173\n" + + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw\n" + + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50\n" + + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff\n" + + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE\n" + + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50\n" + + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD\n" + + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D\n" + + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx\n" + + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW\n" + + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG\n" + + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI\n" + + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ\n" + + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU\n" + + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE\n" + + "PHayXOw=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Entrust.net_Secure_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UE\n" + + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50\n" + + "cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl\n" + + "MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UE\n" + + "AxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1\n" + + "dGhvcml0eTAeFw05OTA1MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQsw\n" + + "CQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3\n" + + "dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlh\n" + + "Yi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTow\n" + + "OAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp\n" + + "b24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDNKIM0\n" + + "VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/I0dNxScZgSYMVHIN\n" + + "iC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3wkrYKZImZNHk\n" + + "mGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OCAdcwggHT\n" + + "MBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHboIHY\n" + + "pIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5\n" + + "BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChs\n" + + "aW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBM\n" + + "aW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENl\n" + + "cnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNo\n" + + "dHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAi\n" + + "gA8xOTk5MDUyNTE2MDk0MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMC\n" + + "AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYE\n" + + "FPAXYhNVPbP/CgBr+1CEl/PtYtAaMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9\n" + + "B0EABAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEFBQADgYEAkNwwAvpkdMKn\n" + + "CqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN95K+8cPV1ZVqBLssziY2Zcgx\n" + + "xufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd2cNgQ4xYDiKWL2KjLB+6\n" + + "rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Equifax_Secure_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQG\n" + + "EwJVUzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1\n" + + "cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4\n" + + "MDgyMjE2NDE1MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgx\n" + + "LTArBgNVBAsTJEVxdWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0\n" + + "eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2R\n" + + "FGiYCh7+2gRvE4RiIcPRfM6fBeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO\n" + + "/t0BCezhABRP/PvwDN1Dulsr4R+AcJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuv\n" + + "K9buY0V7xdlfUNLjUA86iOe/FP3gx7kCAwEAAaOCAQkwggEFMHAGA1UdHwRp\n" + + "MGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRXF1aWZheDEt\n" + + "MCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5\n" + + "MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgwODIyMTY0MTUxWjAL\n" + + "BgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gjIBBPM5iQn9Qw\n" + + "HQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQFMAMBAf8w\n" + + "GgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GB\n" + + "AFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y\n" + + "7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2u\n" + + "FHdh1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Equifax_Secure_Global_eBusiness_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJV\n" + + "UzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1\n" + + "aWZheCBTZWN1cmUgR2xvYmFsIGVCdXNpbmVzcyBDQS0xMB4XDTk5MDYyMTA0\n" + + "MDAwMFoXDTIwMDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMxHDAaBgNVBAoT\n" + + "E0VxdWlmYXggU2VjdXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJl\n" + + "IEdsb2JhbCBlQnVzaW5lc3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\n" + + "gYkCgYEAuucXkAJlsTRVPEnCUdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQy\n" + + "td4zjTov2/KaelpzmKNc6fuKcxtc58O/gGzNqfTWK8D3+ZmqY6KxRwIP1ORR\n" + + "OhI8bIpaVIRw28HFkM9yRcuoWcDNM50/o5brhTMhHD4ePmBudpxnhcXIw2EC\n" + + "AwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1UdEwEB/wQFMAMBAf8w\n" + + "HwYDVR0jBBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0OBBYEFL6o\n" + + "oHRyUGtEt8kj2Puo/7NXa2hsMA0GCSqGSIb3DQEBBAUAA4GBADDiAVGqx+pf\n" + + "2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okENI7SS+RkAZ70Br83gcfxa\n" + + "z2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv8qIYNMR1\n" + + "pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Equifax_Secure_eBusiness_CA_1.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJV\n" + + "UzEcMBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1\n" + + "aWZheCBTZWN1cmUgZUJ1c2luZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcN\n" + + "MjAwNjIxMDQwMDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTRXF1aWZh\n" + + "eCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2lu\n" + + "ZXNzIENBLTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fe\n" + + "k6lfWg0XTzQaDJj0ItlZ1MRoRvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5\n" + + "/VGcqiTZ9J2DKocKIdMSODRsjQBuWqDZQu4aIZX5UkxVWsUPOE9G+m34LjXW\n" + + "HXzr4vCwdYDIqROsvojvOm6rXyo4YgKwEnv+j6YDAgMBAAGjZjBkMBEGCWCG\n" + + "SAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFEp4\n" + + "MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRKeDJSEdtZFjZe38EUNkBq\n" + + "R3xMoTANBgkqhkiG9w0BAQQFAAOBgQB1W6ibAxHm6VZMzfmpTMANmvPMZWnm\n" + + "JXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5lSE/9dR+WB5Hh1Q+WKG1\n" + + "tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN/Bf+KpYr\n" + + "tWKmpj29f5JZzVoqgrI3eQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Equifax_Secure_eBusiness_CA_2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDIDCCAomgAwIBAgIEN3DPtTANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQG\n" + + "EwJVUzEXMBUGA1UEChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlm\n" + + "YXggU2VjdXJlIGVCdXNpbmVzcyBDQS0yMB4XDTk5MDYyMzEyMTQ0NVoXDTE5\n" + + "MDYyMzEyMTQ0NVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkVxdWlmYXgg\n" + + "U2VjdXJlMSYwJAYDVQQLEx1FcXVpZmF4IFNlY3VyZSBlQnVzaW5lc3MgQ0Et\n" + + "MjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Dk5kx5SBhsoNviyoynF\n" + + "7Y6yEb3+6+e0dMKP/wXn2Z0GvxLIPw7y1tEkshHe0XMJitSxLJgJDR5QRrKD\n" + + "pkWNYmi7hRsgcDKqQM2mll/EcTc/BPO3QSQ5BxoeLmFYoBIL5aXfxavqN3HM\n" + + "HMg3OrmXUqesxWoklE6ce8/AatbfIb0CAwEAAaOCAQkwggEFMHAGA1UdHwRp\n" + + "MGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORXF1aWZheCBT\n" + + "ZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0y\n" + + "MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTkwNjIzMTIxNDQ1WjAL\n" + + "BgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUUJ4L6q9euSBIplBqy/3YIHqngnYw\n" + + "HQYDVR0OBBYEFFCeC+qvXrkgSKZQasv92CB6p4J2MAwGA1UdEwQFMAMBAf8w\n" + + "GgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GB\n" + + "AAyGgq3oThr1jokn4jVYPSm0B482UJW/bsGe68SQsoWou7dC4A8HOd/7npCy\n" + + "0cE+U58DRLB+S/Rv5Hwf5+Kx5Lia78O9zt4LMjTZ3ijtM2vE1Nc9ElirfQkt\n" + + "y3D1E4qUoSek1nDFbZS1yX2doNLGCEnZZpum0/QL3MUmV+GRMOrN\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // GTE_CyberTrust_Global_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgw\n" + + "FgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRy\n" + + "dXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3Qg\n" + + "R2xvYmFsIFJvb3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1\n" + + "MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYD\n" + + "VQQLEx5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMT\n" + + "GkdURSBDeWJlclRydXN0IEdsb2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUA\n" + + "A4GNADCBiQKBgQCVD6C28FCc6HrHiM3dFw4usJTQGz0O9pTAipTHBsiQl8i4\n" + + "ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTSr41tiGeA5u2ylc9yMcqlHHK6XALn\n" + + "ZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X404Wqk2kmhXBIgD8SFcd5tB8F\n" + + "LztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3rGwnpXtlR22ciYaQqPEh3\n" + + "46B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l93PR2VX2bY1QY6fDq\n" + + "81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0PlZPvy5TYnh+d\n" + + "XIVtx6quTx8itc2VrbqnzPmrC3p/\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // GTE_CyberTrust_Root_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgw\n" + + "FgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRy\n" + + "dXN0IFJvb3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQsw\n" + + "CQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQD\n" + + "ExNHVEUgQ3liZXJUcnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n" + + "iQKBgQC45k+625h8cXyvRLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8K\n" + + "DPufpz+iCWaEVh43KRuH6X4MypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPw\n" + + "KfWVWgkWYXcKIiXUT0Wqx73llt/51KiOQswkwB6RJ0q1bQaAYznEol44AwID\n" + + "AQABMA0GCSqGSIb3DQEBBAUAA4GBABKzdcZfHeFhVYAA1IFLezEPI2PnPfMD\n" + + "+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWlIjeaY8JIILTbcuPI9tl8vrGv\n" + + "U9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9ApybW1EDp3zdHSo1TRJ6V6e\n" + + "6bR64eVaH4QwnNOfpSXY\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // GeoTrust_Global_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYT\n" + + "AlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVz\n" + + "dCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBC\n" + + "MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE\n" + + "AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\n" + + "MIIBCgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEH\n" + + "CIjaWC9mOSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlC\n" + + "GDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7\n" + + "csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAj\n" + + "Nvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdRe\n" + + "JivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQAB\n" + + "o1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9\n" + + "qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjANBgkq\n" + + "hkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Qzxpe\n" + + "R+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWV\n" + + "Yrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\n" + + "PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot\n" + + "2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeX\n" + + "xx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm\n" + + "Mw==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // GlobalSign_Root_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzEL\n" + + "MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNV\n" + + "BAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05\n" + + "ODA5MDExMjAwMDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkw\n" + + "FwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw\n" + + "GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA\n" + + "A4IBDwAwggEKAoIBAQDaDuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR\n" + + "4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc\n" + + "71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4\n" + + "bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgK\n" + + "OOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMW\n" + + "ea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DP\n" + + "AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIABjAdBgNVHQ4EFgQUYHtmGkUNl8qJ\n" + + "UC99BM00qP/8/UswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOC\n" + + "AQEArqqf/LfSyx9fOSkoGJ40yWxPbxrwZKJwSk8ThptgKJ7ogUmYfQq75bCd\n" + + "PTbbjwVR/wkxKh/diXeeDy5slQTthsu0AD+EAk2AaioteAuubyuig0SDH81Q\n" + + "gkwkr733pbTIWg/050deSY43lv6aiAU62cDbKYfmGZZHpzqmjIs8d/5GY6dT\n" + + "2iHRrH5Jokvmw2dZL7OKDrssvamqQnw1wdh/1acxOk5jQzmvCLBhNIzTmKlD\n" + + "NPYPhyk7ncJWWJh3w/cbrPad+D6qp1RF8PX51TFl/mtYnHGzHtdS6jIX/EBg\n" + + "Hcl5JLL2bP2oZg6C3ZjL2sJETy6ge/L3ayx2EYRGinij4w==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // RSA_Root_Certificate_1.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlD\n" + + "ZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu\n" + + "Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRp\n" + + "b24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNv\n" + + "bS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYy\n" + + "NjAwMjIzM1oXDTE5MDYyNjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0\n" + + "IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4x\n" + + "NTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24g\n" + + "QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8x\n" + + "IDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3\n" + + "DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfDcnWTq8+epvzzFlLWLU2f\n" + + "NUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs2Ejcv8ECIMYkpChM\n" + + "MFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqYJJgpp0lZpd34\n" + + "t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliEZwgs3x/b\n" + + "e0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJn0Wu\n" + + "PIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A\n" + + "PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // RSA_Security_1024_v3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICXDCCAcWgAwIBAgIQCgEBAQAAAnwAAAALAAAAAjANBgkqhkiG9w0BAQUF\n" + + "ADA6MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0Eg\n" + + "U2VjdXJpdHkgMTAyNCBWMzAeFw0wMTAyMjIyMTAxNDlaFw0yNjAyMjIyMDAx\n" + + "NDlaMDoxGTAXBgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJT\n" + + "QSBTZWN1cml0eSAxMDI0IFYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" + + "gQDV3f5mCc8kPD6ugU5OisRpgFtZO9+5TUzKtS3DJy08rwBCbbwoppbPf9dY\n" + + "rIMKo1W1exeQFYRMiu4mmdxY78c4pqqv0I5CyGLXq6yp+0p9v+r+Ek3d/yYt\n" + + "bzZUaMjShFbuklNhCbM/OZuoyZu9zp9+1BlqFikYvtc6adwlWzMaUQIDAQAB\n" + + "o2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSME\n" + + "GDAWgBTEwBykB5T9zU0B1FTapQxf3q4FWjAdBgNVHQ4EFgQUxMAcpAeU/c1N\n" + + "AdRU2qUMX96uBVowDQYJKoZIhvcNAQEFBQADgYEAPy1q4yZDlX2Jl2X7deRy\n" + + "HUZXxGFraZ8SmyzVWujAovBDleMf6XbN3Ou8k6BlCsdNT1+nr6JGFLkM88y9\n" + + "am63nd4lQtBU/55oc2PcJOsiv6hy8l4A4Q1OOkNumU4/iXgDmMrzVcydro7B\n" + + "qkWY+o8aoI2II/EVQQ2lRj6RP4vr93E=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // RSA_Security_2048_v3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUF\n" + + "ADA6MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0Eg\n" + + "U2VjdXJpdHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5\n" + + "MjNaMDoxGTAXBgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAbBgNVBAsTFFJT\n" + + "QSBTZWN1cml0eSAyMDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" + + "CgKCAQEAt49VcdKA3XtpeafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37\n" + + "RqtBaB4Y6lXIL5F4iSj7Jylg/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E\n" + + "0S1PRsNO3Ng3OTsor8udGuorryGlwSMiuLgbWhOHV4PR8CDn6E8jQrAApX2J\n" + + "6elhc5SYcSa8LWrg903w8bYqODGBDSnhAMFRD0xS+ARaqn1y07iHKrtjEAMq\n" + + "s6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2PcYJk5qjEoAAVZkZR73QpXzD\n" + + "uvsf9/UP+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpuAWgXIszACwIDAQABo2Mw\n" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAW\n" + + "gBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4EFgQUB8NRMKSq6UWuNST6\n" + + "/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYcHnmYv/3V\n" + + "EhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/Zb5g\n" + + "EydxiKRz44Rj0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+\n" + + "f00/FGj1EVDVwfSQpQgdMWD/YIwjVAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJq\n" + + "aHVOrSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEk\n" + + "llgVsRch6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kA\n" + + "pKnXwiJPZ9d37CAFYd4=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // TC_TrustCenter__Germany__Class_2_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDXDCCAsWgAwIBAgICA+owDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYT\n" + + "AkRFMRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYD\n" + + "VQQKEzFUQyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3\n" + + "b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAyIENB\n" + + "MSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAe\n" + + "Fw05ODAzMDkxMTU5NTlaFw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJE\n" + + "RTEQMA4GA1UECBMHSGFtYnVyZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UE\n" + + "ChMxVEMgVHJ1c3RDZW50ZXIgZm9yIFNlY3VyaXR5IGluIERhdGEgTmV0d29y\n" + + "a3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMiBDQTEp\n" + + "MCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVAdHJ1c3RjZW50ZXIuZGUwgZ8w\n" + + "DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANo46O0yAClxgwENv4wB3NrGrTmk\n" + + "qYov1YtcaF9QxmL1Zr3KkSLsqh1R1z2zUbKDTl3LSbDwTFXlay3HhQswHJJO\n" + + "gtTKAu33b77c4OMUuAVT8pr0VotanoWT0bSCVq5Nu6hLVxa8/vhYnvgpjbB7\n" + + "zXjJT6yLZwzxnPv8V5tXXE8NAgMBAAGjazBpMA8GA1UdEwEB/wQFMAMBAf8w\n" + + "DgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3LnRy\n" + + "dXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G\n" + + "CSqGSIb3DQEBBAUAA4GBAIRS+yjf/x91AbwBvgRWl2p0QiQxg/lGsQaKic+W\n" + + "LDO/jLVfenKhhQbOhvgFjuj5Jcrag4wGrOs2bYWRNAQ29ELw+HkuCkhcq8xR\n" + + "T3h2oNmsGb0q0WkEKJHKNhAngFdb0lz1wlurZIFjdFH0l7/NEij3TWZ/p/Ac\n" + + "ASZ4smZHcFFk\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // TC_TrustCenter__Germany__Class_3_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDXDCCAsWgAwIBAgICA+swDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYT\n" + + "AkRFMRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYD\n" + + "VQQKEzFUQyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3\n" + + "b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENB\n" + + "MSkwJwYJKoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAe\n" + + "Fw05ODAzMDkxMTU5NTlaFw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJE\n" + + "RTEQMA4GA1UECBMHSGFtYnVyZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UE\n" + + "ChMxVEMgVHJ1c3RDZW50ZXIgZm9yIFNlY3VyaXR5IGluIERhdGEgTmV0d29y\n" + + "a3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTEp\n" + + "MCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVAdHJ1c3RjZW50ZXIuZGUwgZ8w\n" + + "DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALa0wTUFLg2N7KBAahwOJ6ZQkmtQ\n" + + "GwfeLud2zODa/ISoXoxjaitN2U4CdhHBC/KNecoAtvGwDtf7pBc9r6tpepYn\n" + + "v68zoZoqWarEtTcI8hKlMbZD9TKWcSgoq40oht+77uMMfTDWw1Krj10nnGvA\n" + + "o+cFa1dJRLNu6mTP0o56UHd3AgMBAAGjazBpMA8GA1UdEwEB/wQFMAMBAf8w\n" + + "DgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3LnRy\n" + + "dXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G\n" + + "CSqGSIb3DQEBBAUAA4GBABY9xs3Bu4VxhUafPiCPUSiZ7C1FIWMjWwS7TJC4\n" + + "iJIETb19AaM/9uzO8d7+feXhPrvGq14L3T2WxMup1Pkm5gZOngylerpuw3yC\n" + + "GdHHsbHD2w2Om0B8NwvxXej9H5CIpQ5ON2QhqE6NtJ/x3kit1VYYUimLRzQS\n" + + "CdS7kjXvD9s0\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Personal_Basic_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du\n" + + "MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlm\n" + + "aWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBl\n" + + "cnNvbmFsIEJhc2ljIENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNp\n" + + "Y0B0aGF3dGUuY29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVow\n" + + "gcsxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNV\n" + + "BAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAm\n" + + "BgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xITAfBgNV\n" + + "BAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBDQTEoMCYGCSqGSIb3DQEJARYZ\n" + + "cGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n" + + "jQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53dXLdjUmbllegeNTK\n" + + "P1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdKwPQIcOk8RHtQ\n" + + "fmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7G1sY0b8j\n" + + "kyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOB\n" + + "gQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7\n" + + "c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95\n" + + "B21P9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Personal_Freemail_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du\n" + + "MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlm\n" + + "aWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBl\n" + + "cnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1m\n" + + "cmVlbWFpbEB0aGF3dGUuY29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIz\n" + + "NTk1OVowgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx\n" + + "EjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRp\n" + + "bmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24x\n" + + "JDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqG\n" + + "SIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTCBnzANBgkq\n" + + "hkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfYDFG26nKRsIRefS0N\n" + + "j3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5ErHzmj+hND3Ef\n" + + "QDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVquzgkCGqY\n" + + "x7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq\n" + + "hkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP\n" + + "MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgC\n" + + "neSa/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr\n" + + "5PjRzneigQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Personal_Premium_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du\n" + + "MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlm\n" + + "aWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBl\n" + + "cnNvbmFsIFByZW1pdW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXBy\n" + + "ZW1pdW1AdGhhd3RlLmNvbTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5\n" + + "NTlaMIHPMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIw\n" + + "EAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5n\n" + + "MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSMw\n" + + "IQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJlbWl1bSBDQTEqMCgGCSqGSIb3\n" + + "DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUuY29tMIGfMA0GCSqGSIb3\n" + + "DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0VsBd/eJxZRNkERbGw7\n" + + "7f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWIEt12TfIa/G8j\n" + + "Hnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYDZicRFTuq\n" + + "W/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3\n" + + "DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH\n" + + "b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVx\n" + + "eTBhKXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1\n" + + "KzGJ\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Premium_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du\n" + + "MR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2Vy\n" + + "dGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3Rl\n" + + "IFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl\n" + + "cnZlckB0aGF3dGUuY29tMB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1\n" + + "OVowgc4xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQ\n" + + "BgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENvbnN1bHRpbmcg\n" + + "Y2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24x\n" + + "ITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBDQTEoMCYGCSqGSIb3\n" + + "DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0B\n" + + "AQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkEVdbQ7xwblRZH7xhI\n" + + "NTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQug2SBhRz1JPL\n" + + "lyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMRuHM/qgeN\n" + + "9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B\n" + + "AQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI\n" + + "hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZ\n" + + "a4JMpAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcU\n" + + "Qg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du\n" + + "MR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2Vy\n" + + "dGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3Rl\n" + + "IFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0\n" + + "ZS5jb20wHhcNOTYwODAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkG\n" + + "A1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2Fw\n" + + "ZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE\n" + + "CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQ\n" + + "VGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRz\n" + + "QHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANOkUG7I\n" + + "/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91yekIYfUGbTBuFRkC\n" + + "6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCXL+eQbcAoQpnX\n" + + "TEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGjEzARMA8G\n" + + "A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG7oWD\n" + + "TSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e\n" + + "QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdni\n" + + "TCxZqdq5snUb9kLy78fyGPmJvKP/iiMucEc=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Thawte_Time_Stamping_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICoTCCAgqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBizELMAkGA1UEBhMC\n" + + "WkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmls\n" + + "bGUxDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmlj\n" + + "YXRpb24xHzAdBgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwHhcNOTcw\n" + + "MTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBizELMAkGA1UEBhMCWkExFTAT\n" + + "BgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzAN\n" + + "BgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24x\n" + + "HzAdBgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwgZ8wDQYJKoZIhvcN\n" + + "AQEBBQADgY0AMIGJAoGBANYrWHhhRYZT6jR7UZztsOYuGA7+4F+oJ9O0yeB8\n" + + "WU4WDnNUYMF/9p8u6TqFJBU820cEY8OexJQaWt9MevPZQx08EHp5JduQ/vBR\n" + + "5zDWQQD9nyjfeb6Uu522FOMjhdepQeBMpHmwKxqL8vg7ij5FrHGSALSQQZj7\n" + + "X+36ty6K+Ig3AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN\n" + + "AQEEBQADgYEAZ9viwuaHPUCDhjc1fR/OmsMMZiCouqoEiYbC9RAIDb/LogWK\n" + + "0E02PvTX72nGXuSwlG9KuefeW4i2e9vjJ+V2w/A1wcu1J5szedyQpgCed/r8\n" + + "zSeUQhac0xxo7L9c3eWpexAKMnRUEzGLhQOEkbdYATAUOK8oyvyxUBkZCayJ\n" + + "SdM=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // UTN-USER_First-Network_Applications.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEZDCCA0ygAwIBAgIQRL4Mi1AAJLQR0zYwS8AzdzANBgkqhkiG9w0BAQUF\n" + + "ADCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0\n" + + "IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEw\n" + + "HwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVU\n" + + "Ti1VU0VSRmlyc3QtTmV0d29yayBBcHBsaWNhdGlvbnMwHhcNOTkwNzA5MTg0\n" + + "ODM5WhcNMTkwNzA5MTg1NzQ5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgT\n" + + "AlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVT\n" + + "RVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVz\n" + + "dC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBBcHBsaWNh\n" + + "dGlvbnMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+5Gh5DZV\n" + + "hawGNFugmliy+LUPBXeDrjKxdpJo7CNKyXY/45y2N3kDuatpjQclthln5LAb\n" + + "GHNhSuh+zdMvZOOmfAz6F4CjDUeJT1FxL+78P/m4FoCHiZMlIJpDgmkkdihZ\n" + + "NaEdwH+DBmQWICzTSaSFtMBhf1EI+GgVkYDLpdXuOzr0hAReYFmnjDRy7rh4\n" + + "xdE7EkpvfmUnuaRVxblvQ6TFHSyZwFKkeEwVs0CYCGtDxgGwenv1axwiP8vv\n" + + "/6jQOkt2FZ7S0cYu49tXGzKiuG/ohqY/cKvlcJKrRB5AUPuco2LkbG6gyN7i\n" + + "gEL66S/ozjIEj3yNtxyjNTwV3Z7DrpelAgMBAAGjgZEwgY4wCwYDVR0PBAQD\n" + + "AgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFPqGydvguul49Uuo1hXf\n" + + "8NPhahQ8ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwudXNlcnRydXN0\n" + + "LmNvbS9VVE4tVVNFUkZpcnN0LU5ldHdvcmtBcHBsaWNhdGlvbnMuY3JsMA0G\n" + + "CSqGSIb3DQEBBQUAA4IBAQCk8yXM0dSRgyLQzDKrm5ZONJFUICU0YV8qAhXh\n" + + "i6r/fWRRzwr/vH3YIWp4yy9Rb/hCHTO967V7lMPDqaAt39EpHx3+jz+7qEUq\n" + + "f9FuVSTiuwL7MT++6LzsQCv4AdRWOOTKRIK1YSAhZ2X28AvnNPilwpyjXEAf\n" + + "hZOVBt5P1CeptqX8Fs1zMT+4ZSfP1FMa8Kxun08FDAOBp4QpxFq9ZFdyrTvP\n" + + "NximmMatBrTcCKME1SmklpoSZ0qMYEWd8SOasACcaLWYUNPvji6SZbFIPiG+\n" + + "FTAqDbUMo2s/rn9X9R+WfN9v3YIwLGUbQErNaLly7HF27FSOH4UMAWr6pjis\n" + + "H8SE\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // ValiCert_Class_1_VA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlD\n" + + "ZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu\n" + + "Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRp\n" + + "b24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNv\n" + + "bS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYy\n" + + "NTIyMjM0OFoXDTE5MDYyNTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0\n" + + "IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4x\n" + + "NTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRpb24g\n" + + "QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8x\n" + + "IDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3\n" + + "DQEBAQUAA4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9YLqdUHAZu9OqNSLwxlBfw\n" + + "8068srg1knaw0KWlAdcAAxIiGQj4/xEjm84H9b9pGib+TunRf50sQB1ZaG6m\n" + + "+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCmDuJWBQ8YTfwggtFzVXSN\n" + + "dnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0LBwGlN+V\n" + + "YH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLWI8so\n" + + "gTLDAHkY7FkXicnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPw\n" + + "nXS3qT6gpf+2SQMT2iLM7XGCK5nPOrf1LXLI\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // ValiCert_Class_2_VA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlD\n" + + "ZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu\n" + + "Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRp\n" + + "b24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNv\n" + + "bS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYy\n" + + "NjAwMTk1NFoXDTE5MDYyNjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0\n" + + "IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4x\n" + + "NTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g\n" + + "QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8x\n" + + "IDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3\n" + + "DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vYdA757tn2VUdZZUcOBVXc\n" + + "65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9WlmpZdRJEy0kTRxQ\n" + + "b7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QSv4dk+NoS/zcn\n" + + "wbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9vUJSZSWI4\n" + + "OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTuIYEZ\n" + + "oDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC\n" + + "W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // ValiCert_OCSP_Responder.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDSDCCArGgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBsjEkMCIGA1UEBxMb\n" + + "VmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQKEw5WYWxpQ2Vy\n" + + "dCwgSW5jLjEsMCoGA1UECxMjQ2xhc3MgMSBWYWxpZGF0aW9uIEF1dGhvcml0\n" + + "eSAtIE9DU1AxITAfBgNVBAMTGGh0dHA6Ly93d3cudmFsaWNlcnQubmV0LzEg\n" + + "MB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb20wHhcNMDAwMjEyMTE1\n" + + "MDA1WhcNMDUwMjEwMTE1MDA1WjCBsjEkMCIGA1UEBxMbVmFsaUNlcnQgVmFs\n" + + "aWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQKEw5WYWxpQ2VydCwgSW5jLjEsMCoG\n" + + "A1UECxMjQ2xhc3MgMSBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIE9DU1AxITAf\n" + + "BgNVBAMTGGh0dHA6Ly93d3cudmFsaWNlcnQubmV0LzEgMB4GCSqGSIb3DQEJ\n" + + "ARYRaW5mb0B2YWxpY2VydC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n" + + "AoGBAMeML6fDQIc7PdfEmlgUZArDCDliGs/S66nxaXSKyg5adsyiUk7Q88R6\n" + + "tfimHLujp6RTh1uNwAC71WYk53TGFsivyANi1TKHolKRRJSVqEdDbaVInPZM\n" + + "ddVPYufJ/3v0JIynvCh2tTKgJXO3Ry94+Eb5hxTwd/wKd+hP/Ywf+mLZAgMB\n" + + "AAGjbDBqMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkw\n" + + "CwYDVR0PBAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0\n" + + "cDovL29jc3AyLnZhbGljZXJ0Lm5ldDANBgkqhkiG9w0BAQUFAAOBgQAVxeC4\n" + + "NHISBiCoYpWT0byTupCr3E6Njo2YTOMy9Ss/s5f7qqKtQJetaL1crVMO0Kaz\n" + + "DawamY2qMB7PDnD/ArB3ZYPN2gdcUs1Zu6LI4rQWg4/UlXmTLei/RJMxkjDT\n" + + "NDTxEPshrC70w11kY3qZ4ZqrQh1IZqZ3N7hVPK3+ZbBi6Q==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_1_Public_Primary_Certification_Authority.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICPTCCAaYCEQDNun9W8N/kvFT+IqyzcqpVMA0GCSqGSIb3DQEBAgUAMF8x\n" + + "CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UE\n" + + "CxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv\n" + + "cml0eTAeFw05NjAxMjkwMDAwMDBaFw0yODA4MDEyMzU5NTlaMF8xCzAJBgNV\n" + + "BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh\n" + + "c3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCB\n" + + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Rm/baNWYS2ZSHH2Z965jeu3\n" + + "noaACpEO+jglr0aIguVzqKCbJF0NH8xlbgyw0FaEGIeaBpsQoXPftFg5a27B\n" + + "9hXVqKg/qhIGjTGsf7A01480Z4gJzRQR4k5FVmkfeAKA2txHkSm7NsljXMXg\n" + + "1y2He6G3MrB7MLoqLzGq7qNn2tsCAwEAATANBgkqhkiG9w0BAQIFAAOBgQBM\n" + + "P7iLxmjf7kMzDl3ppssHhE16M/+SG/Q2rdiVIjZoEWx8QszznC7EBz8UsA9P\n" + + "/5CSdvnivErpj82ggAr3xSnxgiJduLHdgSOjeyUVRjB5FvjqBUuUfx3CHMjj\n" + + "t/QQQDwTw18fU+hI5Ia0e6E1sHslurjTjqs/OJ0ANACY89FxlA==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcEx\n" + + "CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UE\n" + + "CxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv\n" + + "cml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAt\n" + + "IEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBU\n" + + "cnVzdCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVow\n" + + "gcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoG\n" + + "A1UECxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1\n" + + "dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5j\n" + + "LiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2ln\n" + + "biBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq\n" + + "0Lq+Fi24g9TK0g+8djHKlNgdk4xWArzZbxpvUjZudVYKVdPfQ4chEWWKfo+9\n" + + "Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIqWpDBucSmFc/IReumXY6c\n" + + "PvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQIDAQABMA0G\n" + + "CSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0Jh9Zr\n" + + "bWB85a7FkCMMXErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2ul\n" + + "uIncrKTdcu1OofdPvAbT6shkdHvClUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4i\n" + + "P/68DzFc6PLZ\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHK\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNV\n" + + "BAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5\n" + + "IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBD\n" + + "BgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlm\n" + + "aWNhdGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3\n" + + "MTYyMzU5NTlaMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24s\n" + + "IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNV\n" + + "BAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQg\n" + + "dXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFBy\n" + + "aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI\n" + + "hvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4nN493GwTFtl63SRR\n" + + "ZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO8ESlV8dAWB6j\n" + + "Rx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjVojYJrKsh\n" + + "JlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjbPG7P\n" + + "oBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2\n" + + "6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHh\n" + + "v2Vrn5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQ\n" + + "BfGfMY1aqtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/N\n" + + "y9Sn2WCVhDr4wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUf\n" + + "xJM8/XmPBNQ+T+r3ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFM\n" + + "DSZl4kSAHsef493oCtrspSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5\n" + + "SCJ5ShkPshw+IHTZasO+8ih4E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXV\n" + + "OBRgmaNL3gaWcSzy27YfpO8/7g==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_1_Public_Primary_OCSP_Responder.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDnjCCAwegAwIBAgIQK2jUo0aexTsoCas4XX8nIDANBgkqhkiG9w0BAQUF\n" + + "ADBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1\n" + + "BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBB\n" + + "dXRob3JpdHkwHhcNMDAwODA0MDAwMDAwWhcNMDQwODAzMjM1OTU5WjCBpzEX\n" + + "MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy\n" + + "dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczov\n" + + "L3d3dy52ZXJpc2lnbi5jb20vUlBBIChjKTAwMS4wLAYDVQQDEyVDbGFzcyAx\n" + + "IFB1YmxpYyBQcmltYXJ5IE9DU1AgUmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQC57V56Ondfzl86UvzNZPdxtW9qlsZZklWUXS9bLsER\n" + + "6iaKy6eBPPZaRN56Ey/9WlHZezcmSsAnPwQDalbBgyzhb1upVFAkSsYuekyh\n" + + "WzdUJCExH6F4GHansXDaItBq/gdiQMb39pt9DAa4S8co5GYjhFHvRreT2IEz\n" + + "y+U2rMboBQIDAQABo4IBEDCCAQwwIAYDVR0RBBkwF6QVMBMxETAPBgNVBAMT\n" + + "CE9DU1AgMS0xMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwudmVyaXNp\n" + + "Z24uY29tL3BjYTEuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMJMEIGCCsGAQUF\n" + + "BwEBBDYwNDAyBggrBgEFBQcwAaYmFiRodHRwOi8vb2NzcC52ZXJpc2lnbi5j\n" + + "b20vb2NzcC9zdGF0dXMwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcBATAqMCgG\n" + + "CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vUlBBMAkGA1Ud\n" + + "EwQCMAAwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GBAHCQ3bjkvlMX\n" + + "fH8C6dX3i5mTMWCNfuZgayTvYKzSzpHegG0JpNO4OOVEynJeDS3Bd5y9LAN4\n" + + "KY2kpXeH9fErJq3MB2w6VFoo4AnzTQoEytRYaQuns/XdAaXn3PAfusFdkI2z\n" + + "6k/BEVmXarIrE7HarZehs7GgIFvKMquNzxPwHynD\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_2_Public_Primary_Certification_Authority.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICPDCCAaUCEC0b/EoXjaOR6+f/9YtFvgswDQYJKoZIhvcNAQECBQAwXzEL\n" + + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQL\n" + + "Ey5DbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" + + "aXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UE\n" + + "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + + "cyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGf\n" + + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2WoujDWojg4BrzzmH9CETMwZM\n" + + "JaLtVRKXxaeAufqDwSCg+i8VDXyhYGt+eSz6Bg86rvYbb7HS/y8oUl+DfUvE\n" + + "erf4Zh+AVPy3wo5ZShRXRtGak75BkQO7FYCTXOvnzAhsPz6zSvz/S2wj1VCC\n" + + "JkQZjiPDceoZJEcEnnW/yKYAHwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBAIob\n" + + "K/o5wXTXXtgZZKJYSi034DNHD6zt96rbHuSLBlxgJ8pFUs4W7z8GZOeUaHxg\n" + + "MxURaa+dYo2jA1Rrpr7l7gUYYAS/QoD90KioHgE796Ncr6Pc5iaAIzy4RHT3\n" + + "Cq5Ji2F4zCS/iIqnDupzGUH9TQPwiNHleI2lKk/2lw0Xd8rY\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHB\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNV\n" + + "BAsTM0NsYXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRo\n" + + "b3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4g\n" + + "LSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24g\n" + + "VHJ1c3QgTmV0d29yazAeFw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTla\n" + + "MIHBMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6\n" + + "BgNVBAsTM0NsYXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBB\n" + + "dXRob3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIElu\n" + + "Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNp\n" + + "Z24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + + "p4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjMHiwSViy4AWkszJkf\n" + + "rbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjwDqL7MWzJ5m+Z\n" + + "Jwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cCAwEAATAN\n" + + "BgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9jinb3/\n" + + "7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX\n" + + "rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6x\n" + + "RnInjBJ7xUS0rg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcox\n" + + "CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UE\n" + + "CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkg\n" + + "VmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMG\n" + + "A1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp\n" + + "Y2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcx\n" + + "NjIzNTk1OVowgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwg\n" + + "SW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UE\n" + + "CxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1\n" + + "c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJp\n" + + "bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkqhkiG\n" + + "9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWUJ92lvuCwTY+zYVY8\n" + + "1nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDOJxOeBUebMXoT\n" + + "2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUYwZF7C9UT\n" + + "AJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9okoqQ\n" + + "HgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN\n" + + "qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVC\n" + + "YQ/ESrg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekh\n" + + "ktdmnLfexbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf\n" + + "0xwLRtxyID+u7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydE\n" + + "p85EXdQbkJgNHkKUsQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377B\n" + + "MnMiIYtYgXsVkXq642RIsH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab\n" + + "5iXiQkWquJCtvgiPqQtCGJTPcjnhsUPgKM+351psE2tJs//jGHyJizNdrDPX\n" + + "p/naOlXJWBD5qu9ats9LS98q\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_2_Public_Primary_OCSP_Responder.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDnjCCAwegAwIBAgIQCUYX5h3Y1BygDKBi6HmKpzANBgkqhkiG9w0BAQUF\n" + + "ADBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1\n" + + "BgNVBAsTLkNsYXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBB\n" + + "dXRob3JpdHkwHhcNMDAwODAxMDAwMDAwWhcNMDQwNzMxMjM1OTU5WjCBpzEX\n" + + "MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy\n" + + "dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczov\n" + + "L3d3dy52ZXJpc2lnbi5jb20vUlBBIChjKTAwMS4wLAYDVQQDEyVDbGFzcyAy\n" + + "IFB1YmxpYyBQcmltYXJ5IE9DU1AgUmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQDQymMxYX9ENHwFfQs9apDLeUt3Cj9LxyPlwGItfpx+\n" + + "PoiHkdCs6E1Jh6KWkIrdBKUCP4yb6Yn+YqDiWr3I3bR45qVCkwhnAcAgTddc\n" + + "9F3as+M3plIaLExlTYqH2aij8UlUuzxcgFFoxvtJ/wtVqxXd+5rBuR10DbKM\n" + + "RF2J/J/5gwIDAQABo4IBEDCCAQwwIAYDVR0RBBkwF6QVMBMxETAPBgNVBAMT\n" + + "CE9DU1AgMS0yMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwudmVyaXNp\n" + + "Z24uY29tL3BjYTIuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMJMEIGCCsGAQUF\n" + + "BwEBBDYwNDAyBggrBgEFBQcwAaYmFiRodHRwOi8vb2NzcC52ZXJpc2lnbi5j\n" + + "b20vb2NzcC9zdGF0dXMwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcBATAqMCgG\n" + + "CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vUlBBMAkGA1Ud\n" + + "EwQCMAAwCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GBAB99CW4kRnUE\n" + + "nPMmm+M5bhfvvL2iG9IChIar0ECXLMRDiDcZayKoA3FQnSDcNmAgmnMtc1Vs\n" + + "WJsswrQ0LHozQsqR2elDr88e4PXEeqs/cmMeqTfhWzuIsxOGgpBXy1f/9Fa+\n" + + "It3jl6jhvCJDwt1N2/aBnpIUnjkPE1TegtjAXjSN\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_3_Public_Primary_Certification_Authority.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzEL\n" + + "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQL\n" + + "Ey5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y\n" + + "aXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UE\n" + + "BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + + "cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGf\n" + + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69q\n" + + "RUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94f56TuZoAqiN91qyFomNFx3In\n" + + "zPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Olhec9vn2a\n" + + "/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBALtM\n" + + "EivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Dolbwdj2wsqFHMc9ikwFPw\n" + + "TtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzk\n" + + "uxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcEx\n" + + "CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UE\n" + + "CxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv\n" + + "cml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAt\n" + + "IEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBU\n" + + "cnVzdCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVow\n" + + "gcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoG\n" + + "A1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1\n" + + "dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5j\n" + + "LiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2ln\n" + + "biBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDM\n" + + "XtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4pO0M8RcPO/mn+SXX\n" + + "wc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg013gfqLptQ5GV\n" + + "j0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwIDAQABMA0G\n" + + "CSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSkU01U\n" + + "bSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i\n" + + "F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo\n" + + "1KpYoJ2daZH9\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHK\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNV\n" + + "BAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5\n" + + "IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBD\n" + + "BgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlm\n" + + "aWNhdGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3\n" + + "MTYyMzU5NTlaMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24s\n" + + "IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNV\n" + + "BAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQg\n" + + "dXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFBy\n" + + "aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI\n" + + "hvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2\n" + + "R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2tKmFZpGcmTNDo\n" + + "vFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUccLwg\n" + + "TS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+V\n" + + "k7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ\n" + + "Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJ\n" + + "OxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my\n" + + "/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f\n" + + "j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoA\n" + + "Wii/gt/4uhMdUIaC/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8S\n" + + "GhJouPtmmRQURVyu565pF4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbb\n" + + "o27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh\n" + + "/sVFuq1ruQp6Tk9LhO5L8X3dEQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_3_Public_Primary_OCSP_Responder.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDojCCAwugAwIBAgIQLpaev7ZibOx76XPM42zBhDANBgkqhkiG9w0BAQUF\n" + + "ADBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1\n" + + "BgNVBAsTLkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBB\n" + + "dXRob3JpdHkwHhcNMDAwODA0MDAwMDAwWhcNMDQwODAzMjM1OTU5WjCBpzEX\n" + + "MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy\n" + + "dXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczov\n" + + "L3d3dy52ZXJpc2lnbi5jb20vUlBBIChjKTAwMS4wLAYDVQQDEyVDbGFzcyAz\n" + + "IFB1YmxpYyBQcmltYXJ5IE9DU1AgUmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEB\n" + + "AQUAA4GNADCBiQKBgQDx5AgOg7t140jluNum8Lmr6Txix141W9ACVBHYydFW\n" + + "uXZLuat65s269gwE1n7WsAplrE454/H3LaMlOe+wi8++2wxdbnD0B81w9zrA\n" + + "PjUW7XiMQ8/CJi5H1oZ9nPG+1mcMIiWkymXmH3p4KC8/BdsEIb/hRWb+PLeC\n" + + "7Vq4FhW5VQIDAQABo4IBFDCCARAwIAYDVR0RBBkwF6QVMBMxETAPBgNVBAMT\n" + + "CE9DU1AgMS0zMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwudmVyaXNp\n" + + "Z24uY29tL3BjYTMuMS4xLmNybDATBgNVHSUEDDAKBggrBgEFBQcDCTBCBggr\n" + + "BgEFBQcBAQQ2MDQwMgYIKwYBBQUHMAGmJhYkaHR0cDovL29jc3AudmVyaXNp\n" + + "Z24uY29tL29jc3Avc3RhdHVzMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw\n" + + "KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL1JQQTAJ\n" + + "BgNVHRMEAjAAMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQAC9lNj\n" + + "wKke8tCLMzCPSJtMsFa0g3FKvtxQ2PW24AvbvXhP6c8JNNopSZ0Bc1qRkYJU\n" + + "LBMK03cjzzf8Y96n4/a3tWlFKEnDkdyqRxypiJksBSqNjYr6YuJatwAgXTnE\n" + + "KMLL/J6oia5bPY4S6jKy/OsU1wkVGsDNG9W1FU5B1ZbjTg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDAjCCAmsCEDKIjprS9esTR/h/xCA3JfgwDQYJKoZIhvcNAQEFBQAwgcEx\n" + + "CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UE\n" + + "CxMzQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv\n" + + "cml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAt\n" + + "IEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBU\n" + + "cnVzdCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVow\n" + + "gcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoG\n" + + "A1UECxMzQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1\n" + + "dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5j\n" + + "LiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2ln\n" + + "biBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6\n" + + "8OTP+cSuhVS5B1f5j8V/aBH4xBewRNzjMHPVKmIquNDMHO0oW369atyzkSTK\n" + + "QWI8/AIBvxwWMZQFl3Zuoq29YRdsTjCG8FE3KlDHqGKB3FtKqsGgtG7rL+VX\n" + + "xbErQHDbWk2hjh+9Ax/YA9SPTJlxvOKCzFjomDqG04Y48wApHwIDAQABMA0G\n" + + "CSqGSIb3DQEBBQUAA4GBAIWMEsGnuVAVess+rLhDityq3RS6iYF+ATwjcSGI\n" + + "L4LcY/oCRaxFWdcqWERbt5+BO5JoPeI3JPV7bI92NZYJqFmduc4jq3TWg/0y\n" + + "cyfYaT5DdPauxYma51N86Xv2S/PBZYPejYqcPIiNOVn8qj8ijaHBZlCBckzt\n" + + "ImRPT8qAkbYp\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHK\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNV\n" + + "BAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5\n" + + "IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBD\n" + + "BgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlm\n" + + "aWNhdGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3\n" + + "MTYyMzU5NTlaMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24s\n" + + "IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNV\n" + + "BAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQg\n" + + "dXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFBy\n" + + "aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI\n" + + "hvcNAQEBBQADggEPADCCAQoCggEBAK3LpRFpxlmr8Y+1GQ9Wzsy1HyDkniYl\n" + + "S+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaStBO3IFsJ+mGuqPKljYXC\n" + + "KtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0GbdU6LM8BDc\n" + + "VHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLmNxdL\n" + + "MEYH5IBtptiWLugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XY\n" + + "ufTsgsbSPZUd5cBPhMnZo0QoBmrXRazwa2rvTl/4EYIeOGM0ZlDUPpNz+jDD\n" + + "Zq3/ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAj/ola09b5KROJ1Wr\n" + + "IhVZPMq1CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXtt\n" + + "mhwwjIDLk5Mqg6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csK\n" + + "vE+MW8VLADsfKoKmfjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluP\n" + + "QSjA1egtTaRezarZ7c7c2NU8Qh0XwRJdRTjDOPP8hS6DRkiy1yBfkjaP53kP\n" + + "mF6Z6PDQpLv1U70qzlmwr25/bLvSHgCwIe34QWKCudiyxLtGUPMxxY8BqHTr\n" + + "9Xgn2uf3ZkPznoM+IKrDNWCRzg==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_RSA_Secure_Server_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzEL\n" + + "MAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMu\n" + + "MS4wLAYDVQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9y\n" + + "aXR5MB4XDTk0MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UE\n" + + "BhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD\n" + + "VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGb\n" + + "MA0GCSqGSIb3DQEBAQUAA4GJADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6O\n" + + "LDfO6zV4ZFQD5YRAUcm/jwjiioII0haGN1XpsSECrXZogZoFokvJSyVmIlZs\n" + + "iAeP94FZbYQHZXATcXY+m3dM41CJVphIuR2nKRoTLkoRWZweFdVJVCxzOmmC\n" + + "sZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZIhvcNAQECBQADfgBl3X7hsuyw\n" + + "4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3YQO2WxZpO8ZECAyIUwxr\n" + + "l0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc1/p3yjkWWW8O6tO1\n" + + "g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Secure_Server_OCSP_Responder.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDnzCCAwygAwIBAgIRAP9F1SddJPuzwjkkU1fhT94wDQYJKoZIhvcNAQEF\n" + + "BQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5\n" + + "LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24g\n" + + "QXV0aG9yaXR5MB4XDTAwMDgwNDAwMDAwMFoXDTA0MDgwMzIzNTk1OVowgZ4x\n" + + "FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU\n" + + "cnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6\n" + + "Ly93d3cudmVyaXNpZ24uY29tL1JQQSAoYykwMDElMCMGA1UEAxMcU2VjdXJl\n" + + "IFNlcnZlciBPQ1NQIFJlc3BvbmRlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\n" + + "gYkCgYEAuFGZZIUO7rMKaPC/Y3YdU/X8oXiMM+6f9L452psPTUepjyDoS0S9\n" + + "zs17kNEw6JDEJXuJKN699pMd/7n/krWpjeSuzOLDB4Nqo3IQASdiIqY1Jjkt\n" + + "ns9gDPxHpNfQQninHWzQy08VpykKtJVFxLHnWgnXOZXYHTWewr2zXcEMSx8C\n" + + "AwEAAaOCAR0wggEZMCAGA1UdEQQZMBekFTATMREwDwYDVQQDEwhPQ1NQIDEt\n" + + "NDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsLnZlcmlzaWduLmNvbS9S\n" + + "U0FTZWN1cmVTZXJ2ZXItcC5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwkwQgYI\n" + + "KwYBBQUHAQEENjA0MDIGCCsGAQUFBzABpiYWJGh0dHA6Ly9vY3NwLnZlcmlz\n" + + "aWduLmNvbS9vY3NwL3N0YXR1czBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBwEB\n" + + "MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9SUEEw\n" + + "CQYDVR0TBAIwADALBgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQEFBQADfgAAsxBT\n" + + "ZpxJky4xoAJC0lhXfmah/huKYRhQQCweK0Gl1tv/rAgcWgVtAlwqtpZPR9u+\n" + + "TtvOzLqGuBjOsRKRX2P380g+zPFNE+RtCZR4AJLLoyCdBgtqoEMHztEZbI8Y\n" + + "dZqfFzP9qSa44+LewqjEWop/mNYHBmvMVp6GcM7U7w==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Verisign_Time_Stamping_Authority_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDzTCCAzagAwIBAgIQU2GyYK7bcY6nlLMTM/QHCTANBgkqhkiG9w0BAQUF\n" + + "ADCBwTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTww\n" + + "OgYDVQQLEzNDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24g\n" + + "QXV0aG9yaXR5IC0gRzIxOjA4BgNVBAsTMShjKSAxOTk4IFZlcmlTaWduLCBJ\n" + + "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZlcmlT\n" + + "aWduIFRydXN0IE5ldHdvcmswHhcNMDAwOTI2MDAwMDAwWhcNMTAwOTI1MjM1\n" + + "OTU5WjCBpTEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl\n" + + "cmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBh\n" + + "dCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTAwMSwwKgYDVQQD\n" + + "EyNWZXJpU2lnbiBUaW1lIFN0YW1waW5nIEF1dGhvcml0eSBDQTCBnzANBgkq\n" + + "hkiG9w0BAQEFAAOBjQAwgYkCgYEA0hmdZ8IAIVlizrQJIkRpivglWtvtDbc2\n" + + "fk7gu5Q+kCWHwmFHKdm9VLhjzCx9abQzNvQ3B5rB3UBU/OB4naCTuQk9I1F/\n" + + "RMIUdNsKvsvJMDRAmD7Q1yUQgZS9B0+c1lQn3y6ov8uQjI11S7zi6ESHzeZB\n" + + "CiVu6PQkAsVSD27smHUCAwEAAaOB3zCB3DAPBgNVHRMECDAGAQH/AgEAMEUG\n" + + "A1UdIAQ+MDwwOgYMYIZIAYb4RQEHFwEDMCowKAYIKwYBBQUHAgEWHGh0dHBz\n" + + "Oi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0\n" + + "cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwCwYDVR0PBAQDAgEGMEIG\n" + + "CCsGAQUFBwEBBDYwNDAyBggrBgEFBQcwAaYmFiRodHRwOi8vb2NzcC52ZXJp\n" + + "c2lnbi5jb20vb2NzcC9zdGF0dXMwDQYJKoZIhvcNAQEFBQADgYEAgnBold+2\n" + + "DcIBcBlK0lRWHqzyRUyHuPU163hLBanInTsZIS5wNEqi9YngFXVF5yg3ADQn\n" + + "Keg3S/LvRJdrF1Eaw1adPBqK9kpGRjeM+sv1ZFo4aC4cw+9wzrhGBha/937n\n" + + "tag+RaypJXUie28/sJyU58dzq6wf7iWbwBbtt8pb8BQ=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Visa_International_Global_Root_2.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDgDCCAmigAwIBAgICAx4wDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMC\n" + + "VVMxDTALBgNVBAoTBFZJU0ExLzAtBgNVBAsTJlZpc2EgSW50ZXJuYXRpb25h\n" + + "bCBTZXJ2aWNlIEFzc29jaWF0aW9uMRIwEAYDVQQDEwlHUCBSb290IDIwHhcN\n" + + "MDAwODE2MjI1MTAwWhcNMjAwODE1MjM1OTAwWjBhMQswCQYDVQQGEwJVUzEN\n" + + "MAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNl\n" + + "cnZpY2UgQXNzb2NpYXRpb24xEjAQBgNVBAMTCUdQIFJvb3QgMjCCASIwDQYJ\n" + + "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkBcLWqxEDwq2omYXkZAPy/mzdZ\n" + + "DK9vZBv42pWUJGkzEXDK41Z0ohdXZFwgBuHW73G3O/erwWnQSaSxBNf0V2KJ\n" + + "XLB1LRckaeNCYOTudNargFbYiCjh+20i/SN8RnNPflRzHqgsVVh1t0zzWkWl\n" + + "Ahr62p3DRcMiXvOL8WAp0sdftAw6UYPvMPjU58fy+pmjIlC++QU3o63tmsPm\n" + + "7IgbthknGziLgE3sucfFicv8GjLtI/C1AVj59o/ghalMCXI5Etuz9c9OYmTa\n" + + "xhkVOmMd6RdVoUwiPDQyRvhlV7or7zaMavrZ2UT0qt2E1w0cslSsMoW0ZA3e\n" + + "QbuxNMYBhjJk1Z8CAwEAAaNCMEAwHQYDVR0OBBYEFJ59SzS/ca3CBfYDdYDO\n" + + "qU8axCRMMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG\n" + + "SIb3DQEBBQUAA4IBAQAhpXYUVfmtJ3CPPPTVbMjMCqujmAuKBiPFyWHbmQdp\n" + + "NSYx/scuhMKZYdQN6X0uEyt8joW2hcdLzzW2LEc9zikv2G+fiRxkk78IvXbQ\n" + + "kIqUs38oW26sTTMs7WXcFsziza6kPWKSBpUmv9+55CCmc2rBvveURNZNbyoL\n" + + "axhNdBA2aGpawWqn3TYpjLgwi08hPwAuVDAHOrqK5MOeyti12HvOdUVmB/Rt\n" + + "Ldh6yumJivIj2C/LbgA2T/vwLwHMD8AiZfSr4k5hLQOCfZEWtTDVFN5ex5D8\n" + + "ofyrEK9ca3CnB+8phuiyJccg/ybdd+95RBTEvd07xQObdyPsoOy7Wjm1zK0G\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // Visa_eCommerce_Root.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUF\n" + + "ADBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlz\n" + + "YSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMT\n" + + "E1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0\n" + + "MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UE\n" + + "CxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAa\n" + + "BgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA\n" + + "A4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh\n" + + "28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8bRaVK7362\n" + + "rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81\n" + + "q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtF\n" + + "Wsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0\n" + + "lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaLdXe6YJ2E5/4t\n" + + "AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G\n" + + "A1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOC\n" + + "AQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR\n" + + "zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKht\n" + + "cbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGI\n" + + "xHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu\n" + + "YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/\n" + + "hC3euiInlhBx6yLt398znM/jra6O1I7mT1GvFpLgXPYHDw==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // beTRUSTed_Root_CA-Baltimore_Implementation.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIFajCCBFKgAwIBAgIEPLU9RjANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQK\n" + + "EwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEG\n" + + "A1UEAxMqYmVUUlVTVGVkIFJvb3QgQ0EtQmFsdGltb3JlIEltcGxlbWVudGF0\n" + + "aW9uMB4XDTAyMDQxMTA3Mzg1MVoXDTIyMDQxMTA3Mzg1MVowZjESMBAGA1UE\n" + + "ChMJYmVUUlVTVGVkMRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAx\n" + + "BgNVBAMTKmJlVFJVU1RlZCBSb290IENBLUJhbHRpbW9yZSBJbXBsZW1lbnRh\n" + + "dGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALx+xDmcjOPW\n" + + "HIb/ymKt4H8wRXqOGrO4x/nRNv8i805qX4QQ+2aBw5R5MdKR4XeOGCrDFN5R\n" + + "9U+jK7wYFuK13XneIviCfsuBH/0nLI/6l2Qijvj/YaOcGx6Sj8CoCd8JEey3\n" + + "fTGaGuqDIQY8n7pc/5TqarjDa1U0Tz0yH92BFODEPM2dMPgwqZfT7syj0B9f\n" + + "HBOB1BirlNFjw55/NZKeX0Tq7PQiXLfoPX2k+YmpkbIq2eszh+6l/ePazIjm\n" + + "iSZuxyuC0F6dWdsU7JGDBcNeDsYq0ATdcT0gTlgn/FP7eHgZFLL8kFKJOGJg\n" + + "B7Sg7KxrUNb9uShr71ItOrL/8QFArDcCAwEAAaOCAh4wggIaMA8GA1UdEwEB\n" + + "/wQFMAMBAf8wggG1BgNVHSAEggGsMIIBqDCCAaQGDysGAQQBsT4AAAEJKIOR\n" + + "MTCCAY8wggFIBggrBgEFBQcCAjCCAToaggE2UmVsaWFuY2Ugb24gb3IgdXNl\n" + + "IG9mIHRoaXMgQ2VydGlmaWNhdGUgY3JlYXRlcyBhbiBhY2tub3dsZWRnbWVu\n" + + "dCBhbmQgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5k\n" + + "YXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgdGhlIENlcnRpZmlj\n" + + "YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IGFuZCB0aGUgUmVseWluZyBQYXJ0\n" + + "eSBBZ3JlZW1lbnQsIHdoaWNoIGNhbiBiZSBmb3VuZCBhdCB0aGUgYmVUUlVT\n" + + "VGVkIHdlYiBzaXRlLCBodHRwOi8vd3d3LmJldHJ1c3RlZC5jb20vcHJvZHVj\n" + + "dHNfc2VydmljZXMvaW5kZXguaHRtbDBBBggrBgEFBQcCARY1aHR0cDovL3d3\n" + + "dy5iZXRydXN0ZWQuY29tL3Byb2R1Y3RzX3NlcnZpY2VzL2luZGV4Lmh0bWww\n" + + "HQYDVR0OBBYEFEU9w6nR3D8kVpgccxiIav+DR+22MB8GA1UdIwQYMBaAFEU9\n" + + "w6nR3D8kVpgccxiIav+DR+22MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B\n" + + "AQUFAAOCAQEASZK8o+6svfoNyYt5hhwjdrCAWXf82n+0S9/DZEtqTg6t8n1Z\n" + + "dwWtColzsPq8y9yNAIiPpqCy6qxSJ7+hSHyXEHu67RMdmgduyzFiEuhjA6p9\n" + + "beP4G3YheBufS0OM00mG9htc9i5gFdPp43t1P9ACg9AYgkHNZTfqjjJ+vWuZ\n" + + "XTARyNtIVBw74acT02pIk/c9jH8F6M7ziCpjBLjqflh8AXtb4cV97yHgjQ5d\n" + + "UX2xZ/2jvTg2xvI4hocalmhgRvsoFEdV4aeADGvi6t9NfJBIoDa9CReJf8Py\n" + + "05yc493EG931t3GzUwWJBtDLSoDByFOQtTwxiBdQn8nEDovYqAJjDQ==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // beTRUSTed_Root_CA.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIFLDCCBBSgAwIBAgIEOU99hzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQG\n" + + "EwJXVzESMBAGA1UEChMJYmVUUlVTVGVkMRswGQYDVQQDExJiZVRSVVNUZWQg\n" + + "Um9vdCBDQXMxGjAYBgNVBAMTEWJlVFJVU1RlZCBSb290IENBMB4XDTAwMDYy\n" + + "MDE0MjEwNFoXDTEwMDYyMDEzMjEwNFowWjELMAkGA1UEBhMCV1cxEjAQBgNV\n" + + "BAoTCWJlVFJVU1RlZDEbMBkGA1UEAxMSYmVUUlVTVGVkIFJvb3QgQ0FzMRow\n" + + "GAYDVQQDExFiZVRSVVNUZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD\n" + + "ggEPADCCAQoCggEBANS0c3oTCjhVAb6JVuGUntS+WutKNHUbYSnE4a0IYCF4\n" + + "SP+00PpeQY1hRIfo7clY+vyTmt9P6j41ffgzeubx181vSUs9Ty1uDoM6GHh3\n" + + "o8/n9E1z2Jo7Gh2+lVPPIJfCzz4kUmwMjmVZxXH/YgmPqsWPzGCgc0rXOD8V\n" + + "cr+il7dw6K/ifhYGTPWqZCZyByWtNfwYsSbX2P8ZDoMbjNx4RWc0PfSvHI3k\n" + + "bWvtILNnmrRhyxdviTX/507AMhLn7uzf/5cwdO2NR47rtMNE5qdMf1ZD6Li8\n" + + "tr76g5fmu/vEtpO+GRg+jIG5c4gW9JZDnGdzF5DYCW5jrEq2I8QBoa2k5MUC\n" + + "AwEAAaOCAfgwggH0MA8GA1UdEwEB/wQFMAMBAf8wggFZBgNVHSAEggFQMIIB\n" + + "TDCCAUgGCisGAQQBsT4BAAAwggE4MIIBAQYIKwYBBQUHAgIwgfQagfFSZWxp\n" + + "YW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVz\n" + + "IGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0\n" + + "ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGFuZCBjZXJ0aWZpY2F0aW9u\n" + + "IHByYWN0aWNlIHN0YXRlbWVudCwgd2hpY2ggY2FuIGJlIGZvdW5kIGF0IGJl\n" + + "VFJVU1RlZCdzIHdlYiBzaXRlLCBodHRwczovL3d3dy5iZVRSVVNUZWQuY29t\n" + + "L3ZhdWx0L3Rlcm1zMDEGCCsGAQUFBwIBFiVodHRwczovL3d3dy5iZVRSVVNU\n" + + "ZWQuY29tL3ZhdWx0L3Rlcm1zMDQGA1UdHwQtMCswKaAnoCWkIzAhMRIwEAYD\n" + + "VQQKEwliZVRSVVNUZWQxCzAJBgNVBAYTAldXMB0GA1UdDgQWBBQquZtpLjub\n" + + "2M3eKjEENGvKBxirZzAfBgNVHSMEGDAWgBQquZtpLjub2M3eKjEENGvKBxir\n" + + "ZzAOBgNVHQ8BAf8EBAMCAf4wDQYJKoZIhvcNAQEFBQADggEBAHlh26Nebhax\n" + + "6nZR+csVm8tpvuaBa58oH2U+3RGFktToQb9+M70j5/Egv6S0phkBxoyNNXxl\n" + + "pE8JpNbYIxUFE6dDea/bow6be3ga8wSGWsb2jCBHOElQBp1yZzrwmAOtlmdE\n" + + "/D8QDYZN5AA7KXvOOzuZhmElQITcE2K3+spZ1gMe1lMBzW1MaFVA4e5rxyoA\n" + + "AEiCswoBw2AqDPeCNe5IhpbkdNQ96gFxugR1QKepfzk5mlWXKWWuGVUlBXJH\n" + + "0+gY3Ljpr0NzARJ0o+FcXxVdJPP55PS2Z2cS52QiivalQaYctmBjRYoQtLpG\n" + + "EK5BV2VsPyMQPyEQWbfkQN0mDCP2qq4=\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // beTRUSTed_Root_CA_-_Entrust_Implementation.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIGUTCCBTmgAwIBAgIEPLVPQDANBgkqhkiG9w0BAQUFADBmMRIwEAYDVQQK\n" + + "EwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290IENBczEzMDEG\n" + + "A1UEAxMqYmVUUlVTVGVkIFJvb3QgQ0EgLSBFbnRydXN0IEltcGxlbWVudGF0\n" + + "aW9uMB4XDTAyMDQxMTA4MjQyN1oXDTIyMDQxMTA4NTQyN1owZjESMBAGA1UE\n" + + "ChMJYmVUUlVTVGVkMRswGQYDVQQLExJiZVRSVVNUZWQgUm9vdCBDQXMxMzAx\n" + + "BgNVBAMTKmJlVFJVU1RlZCBSb290IENBIC0gRW50cnVzdCBJbXBsZW1lbnRh\n" + + "dGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr0RAOqEmq1\n" + + "Q+xVkrYwfTVXDNvzDSduTPdQqJtOK2/b9a0cS12zqcH+e0TrW6MFDR/FNCsw\n" + + "ACnxeECypP869AGIF37m1CbTukzqMvtDd5eHI8XbQ6P1KqNRXuE70mVpflUV\n" + + "m3rnafdE4Fe1FehmYA8NA/uCjqPoEXtsvsdjDheT389Lrm5zdeDzqrmkwAkb\n" + + "hepxKYhBMvnwKg5sCfJ0a2ZsUhMfGLzUPvfYbiCeyv78IZTuEyhL11xeDGbu\n" + + "6bsPwTSxfwh28z0mcMmLJR1iJAzqHHVOwBLkuhMdMCktVjMFu5dZfsZJT4nX\n" + + "LySotohAtWSSU1Yk5KKghbNekLQSM80CAwEAAaOCAwUwggMBMIIBtwYDVR0g\n" + + "BIIBrjCCAaowggGmBg8rBgEEAbE+AAACCSiDkTEwggGRMIIBSQYIKwYBBQUH\n" + + "AgIwggE7GoIBN1JlbGlhbmNlIG9uIG9yIHVzZSBvZiB0aGlzIENlcnRpZmlj\n" + + "YXRlIGNyZWF0ZXMgYW4gYWNrbm93bGVkZ21lbnQgYW5kIGFjY2VwdGFuY2Ug\n" + + "b2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29u\n" + + "ZGl0aW9ucyBvZiB1c2UsIHRoZSBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0\n" + + "YXRlbWVudCBhbmQgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50LCB3aGlj\n" + + "aCBjYW4gYmUgZm91bmQgYXQgdGhlIGJlVFJVU1RlZCB3ZWIgc2l0ZSwgaHR0\n" + + "cHM6Ly93d3cuYmV0cnVzdGVkLmNvbS9wcm9kdWN0c19zZXJ2aWNlcy9pbmRl\n" + + "eC5odG1sMEIGCCsGAQUFBwIBFjZodHRwczovL3d3dy5iZXRydXN0ZWQuY29t\n" + + "L3Byb2R1Y3RzX3NlcnZpY2VzL2luZGV4Lmh0bWwwEQYJYIZIAYb4QgEBBAQD\n" + + "AgAHMIGJBgNVHR8EgYEwfzB9oHugeaR3MHUxEjAQBgNVBAoTCWJlVFJVU1Rl\n" + + "ZDEbMBkGA1UECxMSYmVUUlVTVGVkIFJvb3QgQ0FzMTMwMQYDVQQDEypiZVRS\n" + + "VVNUZWQgUm9vdCBDQSAtIEVudHJ1c3QgSW1wbGVtZW50YXRpb24xDTALBgNV\n" + + "BAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMjA0MTEwODI0MjdagQ8yMDIyMDQx\n" + + "MTA4NTQyN1owCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFH1w5a44iwY/qhwa\n" + + "j/nPJDCqhIQWMB0GA1UdDgQWBBR9cOWuOIsGP6ocGo/5zyQwqoSEFjAMBgNV\n" + + "HRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6NC4wAwIEkDANBgkq\n" + + "hkiG9w0BAQUFAAOCAQEAKrgXzh8QlOu4mre5X+za95IkrNySO8cgjfKZ5V04\n" + + "ocI07cUTWVwFtStPYZuR+0H8/NU8TZh2BvWBfevdkObRVlTa4y0MnxEylCIB\n" + + "evZsLHRnBMylj44ss0O1lKLQfelifwa+JwGDnjr9iu6YQ0pr17WXOzq/T220\n" + + "Y/ozADQuLW2WyXvKmWO6vvT2MKAtmJbpVkQFqUSjYRDrgqFnXbxdJ3Wqiig2\n" + + "KjiS2d2kXgClzMx8KSreKJCrt+G2/30lC0DYqjSjLd4H61/OCt3Kfjp9JsFi\n" + + "aDrmLzfzgYYhxKlkqu9FNtEaZnz46TfW1mG+oq1I59/mdP7TbX3SJdysYlep\n" + + "9w==\n" + + "-----END CERTIFICATE-----\n"); + if (cert != null) certs.add(cert); + + cert = generate(factory, + // beTRUSTed_Root_CA_-_RSA_Implementation.crt + "-----BEGIN CERTIFICATE-----\n" + + "MIIFaDCCBFCgAwIBAgIQO1nHe81bV569N1KsdrSqGjANBgkqhkiG9w0BAQUF\n" + + "ADBiMRIwEAYDVQQKEwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBS\n" + + "b290IENBczEvMC0GA1UEAxMmYmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1w\n" + + "bGVtZW50YXRpb24wHhcNMDIwNDExMTExODEzWhcNMjIwNDEyMTEwNzI1WjBi\n" + + "MRIwEAYDVQQKEwliZVRSVVNUZWQxGzAZBgNVBAsTEmJlVFJVU1RlZCBSb290\n" + + "IENBczEvMC0GA1UEAxMmYmVUUlVTVGVkIFJvb3QgQ0EgLSBSU0EgSW1wbGVt\n" + + "ZW50YXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkujQw\n" + + "CY5X0LkGLG9uJIAiv11DpvpPrILnHGhwhRujbrWqeNluB0s/6d/16uhUoWGK\n" + + "Di9pdRi3DOUUjXFumLhV/AyV0Jtu4S2I1DpAa5LxmZZk3tv/ePTulh1HiXzU\n" + + "vrmIdyM6CeYEnm2qXtLIvZpOGd+J6lsOfsPktPDgaTuID0GQ+NRxQyTBjyZL\n" + + "O1bp/4xsN+lFrYWMU8NghpBKlsmzVLC7F/AcRdnUGxlkVgoZ98zh/4avflhe\n" + + "rHqQH8koOUV7orbHnB/ahdQhhlkwk75TMzf270HPM8ercmsl9fNTGwxMLvF1\n" + + "S++gh/f+ihXQbNXL+WhTuXAVE8L1LvtDNXUtAgMBAAGjggIYMIICFDAMBgNV\n" + + "HRMEBTADAQH/MIIBtQYDVR0gBIIBrDCCAagwggGkBg8rBgEEAbE+AAADCSiD\n" + + "kTEwggGPMEEGCCsGAQUFBwIBFjVodHRwOi8vd3d3LmJldHJ1c3RlZC5jb20v\n" + + "cHJvZHVjdHNfc2VydmljZXMvaW5kZXguaHRtbDCCAUgGCCsGAQUFBwICMIIB\n" + + "OhqCATZSZWxpYW5jZSBvbiBvciB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBj\n" + + "cmVhdGVzIGFuIGFja25vd2xlZGdtZW50IGFuZCBhY2NlcHRhbmNlIG9mIHRo\n" + + "ZSB0aGVuIGFwcGxpY2FibGUgc3RhbmRhcmQgdGVybXMgYW5kIGNvbmRpdGlv\n" + + "bnMgb2YgdXNlLCB0aGUgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l\n" + + "bnQgYW5kIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCwgd2hpY2ggY2Fu\n" + + "IGJlIGZvdW5kIGF0IHRoZSBiZVRSVVNUZWQgd2ViIHNpdGUsIGh0dHA6Ly93\n" + + "d3cuYmV0cnVzdGVkLmNvbS9wcm9kdWN0c19zZXJ2aWNlcy9pbmRleC5odG1s\n" + + "MAsGA1UdDwQEAwIBBjAfBgNVHSMEGDAWgBSp7BR++dlDzFMrFK3P9/BZiUHN\n" + + "GTAdBgNVHQ4EFgQUqewUfvnZQ8xTKxStz/fwWYlBzRkwDQYJKoZIhvcNAQEF\n" + + "BQADggEBANuXsHXqDMTBmMpWBcCorSZIry0g6IHHtt9DwSwddUvUQo3neqh0\n" + + "3GZCWYez9Wlt2ames30cMcH1VOJZJEnl7r05pmuKmET7m9cqg5c0Lcd9NUwt\n" + + "NLg+DcTsiCevnpL9UGGCqGAHFFPMZRPB9kdEadIxyKbdLrML3kqNWz2rDcI1\n" + + "UqJWN8wyiyiFQpyRQHpwKzg21eFzGh/l+n5f3NacOzDq28BbJ1zTcwfBwvNM\n" + + "m2+fG8oeqqg4MwlYsq78B+g23FW6L09A/nq9BqaBwZMifIYRCgZ3SK41ty8y\n" + + "mmFei74pnykkiFY5LKjSq5YDWtRIn7lAhAuYaPsBQ9Yb4gmxlxw=\n" + + "-----END CERTIFICATE-----\n"); + + CA_CERTS = new StaticTrustAnchors((X509Certificate[]) certs.toArray(new X509Certificate[0])); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Alert.java b/libjava/classpath/gnu/javax/net/ssl/provider/Alert.java new file mode 100644 index 0000000..c31e1be --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Alert.java @@ -0,0 +1,474 @@ +/* Alert.java -- SSL Alert message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +/** + * An alert message in the SSL protocol. Alerts are sent both as warnings + * which may allow execution to continue, or they may be fatal, which will + * halt this session. An alert object is composed of two enums -- the level, + * which indicates the seriousness of the alert, and the description, which + * indicates the reason for the alert. + * + * 

+ * struct {
+ *   AlertLevel level;
+ *   AlertDescription description;
+ * }
+ *
+ */ +final class Alert implements Constructed +{ + + // Fields. + // ------------------------------------------------------------------------- + + /** The alert level enumerated. */ + private final Level level; + + /** The alert description enumerated. */ + private final Description description; + + // Constructor. + // ------------------------------------------------------------------------- + + Alert(Level level, Description description) + { + this.level = level; + this.description = description; + } + + // Class method. + // ------------------------------------------------------------------------- + + static Alert read(InputStream in) throws IOException + { + Level level = Level.read(in); + Description desc = Description.read(in); + return new Alert(level, desc); + } + + static Alert forName(String name) + { + if (name == null) + { + return new Alert(Level.FATAL, Description.INTERNAL_ERROR); + } + Description desc = Description.INTERNAL_ERROR; + if (name.equals("close_notify")) + { + desc = Description.CLOSE_NOTIFY; + } + else if (name.equals("unexpected_message")) + { + desc = Description.UNEXPECTED_MESSAGE; + } + else if (name.equals("bad_record_mac")) + { + desc = Description.BAD_RECORD_MAC; + } + else if (name.equals("DECRYPTION_FAILED")) + { + desc = Description.DECRYPTION_FAILED; + } + else if (name.equals("record_overflow")) + { + desc = Description.RECORD_OVERFLOW; + } + else if (name.equals("decompression_failure")) + { + desc = Description.DECOMPRESSION_FAILURE; + } + else if (name.equals("handshake_failure")) + { + desc = Description.HANDSHAKE_FAILURE; + } + else if (name.equals("no_certificate")) + { + desc = Description.NO_CERTIFICATE; + } + else if (name.equals("bad_certificate")) + { + desc = Description.BAD_CERTIFICATE; + } + else if (name.equals("unsupported_certificate")) + { + desc = Description.UNSUPPORTED_CERTIFICATE; + } + else if (name.equals("certificate_revoked")) + { + desc = Description.CERTIFICATE_REVOKED; + } + else if (name.equals("certificate_expired")) + { + desc = Description.CERTIFICATE_EXPIRED; + } + else if (name.equals("certificate_unknown")) + { + desc = Description.CERTIFICATE_UNKNOWN; + } + else if (name.equals("illegal_parameter")) + { + desc = Description.ILLEGAL_PARAMETER; + } + else if (name.equals("unknown_ca")) + { + desc = Description.UNKNOWN_CA; + } + else if (name.equals("access_denied")) + { + desc = Description.ACCESS_DENIED; + } + else if (name.equals("decode_error")) + { + desc = Description.DECODE_ERROR; + } + else if (name.equals("decrypt_error")) + { + desc = Description.DECRYPT_ERROR; + } + else if (name.equals("export_restriction")) + { + desc = Description.EXPORT_RESTRICTION; + } + else if (name.equals("protocol_version")) + { + desc = Description.PROTOCOL_VERSION; + } + else if (name.equals("insufficient_security")) + { + desc = Description.INSUFFICIENT_SECURITY; + } + else if (name.equals("internal_error")) + { + desc = Description.INTERNAL_ERROR; + } + else if (name.equals("user_canceled")) + { + desc = Description.USER_CANCELED; + } + else if (name.equals("no_renegotiation")) + { + desc = Description.NO_RENEGOTIATION; + } + else if (name.equals("unsupported_extension")) + { + desc = Description.UNSUPPORTED_EXTENSION; + } + else if (name.equals("certificate_unobtainable")) + { + desc = Description.CERTIFICATE_UNOBTAINABLE; + } + else if (name.equals("unrecognized_name")) + { + desc = Description.UNRECOGNIZED_NAME; + } + else if (name.equals("bad_certificate_status_response")) + { + desc = Description.BAD_CERTIFICATE_STATUS_RESPONSE; + } + else if (name.equals("bad_certificate_hash_value")) + { + desc = Description.BAD_CERTIFICATE_HASH_VALUE; + } + else if (name.equals("unknown_srp_username")) + { + desc = Description.UNKNOWN_SRP_USERNAME; + } + else if (name.equals("missing_srp_username")) + { + desc = Description.MISSING_SRP_USERNAME; + } + return new Alert(Level.FATAL, desc); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + out.write((byte) level.getValue()); + out.write((byte) description.getValue()); + } + + byte[] getEncoded() + { + return new byte[] { (byte) level.getValue(), + (byte) description.getValue() }; + } + + Level getLevel() + { + return level; + } + + Description getDescription() + { + return description; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + return "struct {" + nl + + " level = " + level + ";" + nl + + " description = " + description + ";" + nl + + "} Alert;" + nl; + } + + // Inner classes. + // ------------------------------------------------------------------------- + + /** + * The level enumeration. + * + * 
+   * enum { warning(1), fatal(2), (255) } AlertLevel;
+   *
+ */ + static final class Level implements Enumerated + { + + // Constants and fields. + // ----------------------------------------------------------------------- + + static final Level WARNING = new Level(1), FATAL = new Level(2); + + private final int value; + + // Constructor. + // ----------------------------------------------------------------------- + + private Level(int value) + { + this.value = value; + } + + // Class method. + // ----------------------------------------------------------------------- + + static Level read(InputStream in) throws IOException + { + int i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of stream"); + } + switch (i & 0xFF) + { + case 1: return WARNING; + case 2: return FATAL; + default: return new Level(i); + } + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 1: return "warning"; + case 2: return "fatal"; + default: return "unknown(" + value + ")"; + } + } + } + + /** + * The description enumeration. + */ + static final class Description implements Enumerated + { + + // Constants and fields. + // ----------------------------------------------------------------------- + + static final Description + CLOSE_NOTIFY = new Description( 0), + UNEXPECTED_MESSAGE = new Description( 10), + BAD_RECORD_MAC = new Description( 20), + DECRYPTION_FAILED = new Description( 21), + RECORD_OVERFLOW = new Description( 22), + DECOMPRESSION_FAILURE = new Description( 30), + HANDSHAKE_FAILURE = new Description( 40), + NO_CERTIFICATE = new Description( 41), + BAD_CERTIFICATE = new Description( 42), + UNSUPPORTED_CERTIFICATE = new Description( 43), + CERTIFICATE_REVOKED = new Description( 44), + CERTIFICATE_EXPIRED = new Description( 45), + CERTIFICATE_UNKNOWN = new Description( 46), + ILLEGAL_PARAMETER = new Description( 47), + UNKNOWN_CA = new Description( 48), + ACCESS_DENIED = new Description( 49), + DECODE_ERROR = new Description( 50), + DECRYPT_ERROR = new Description( 51), + EXPORT_RESTRICTION = new Description( 60), + PROTOCOL_VERSION = new Description( 70), + INSUFFICIENT_SECURITY = new Description( 71), + INTERNAL_ERROR = new Description( 80), + USER_CANCELED = new Description( 90), + NO_RENEGOTIATION = new Description(100), + UNSUPPORTED_EXTENSION = new Description(110), + CERTIFICATE_UNOBTAINABLE = new Description(111), + UNRECOGNIZED_NAME = new Description(112), + BAD_CERTIFICATE_STATUS_RESPONSE = new Description(113), + BAD_CERTIFICATE_HASH_VALUE = new Description(114), + UNKNOWN_SRP_USERNAME = new Description(120), + MISSING_SRP_USERNAME = new Description(121); + + private final int value; + + // Constructor. + // ----------------------------------------------------------------------- + + private Description(int value) + { + this.value = value; + } + + // Class method. + // ----------------------------------------------------------------------- + + static Description read(InputStream in) throws IOException + { + int i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (i) + { + case 0: return CLOSE_NOTIFY; + case 10: return UNEXPECTED_MESSAGE; + case 20: return BAD_RECORD_MAC; + case 21: return DECRYPTION_FAILED; + case 22: return RECORD_OVERFLOW; + case 30: return DECOMPRESSION_FAILURE; + case 40: return HANDSHAKE_FAILURE; + case 41: return NO_CERTIFICATE; + case 42: return BAD_CERTIFICATE; + case 43: return UNSUPPORTED_CERTIFICATE; + case 44: return CERTIFICATE_REVOKED; + case 45: return CERTIFICATE_EXPIRED; + case 46: return CERTIFICATE_UNKNOWN; + case 47: return ILLEGAL_PARAMETER; + case 48: return UNKNOWN_CA; + case 49: return ACCESS_DENIED; + case 50: return DECODE_ERROR; + case 51: return DECRYPT_ERROR; + case 60: return EXPORT_RESTRICTION; + case 70: return PROTOCOL_VERSION; + case 71: return INSUFFICIENT_SECURITY; + case 80: return INTERNAL_ERROR; + case 90: return USER_CANCELED; + case 100: return NO_RENEGOTIATION; + case 120: return UNKNOWN_SRP_USERNAME; + case 121: return MISSING_SRP_USERNAME; + default: return new Description(i); + } + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 0: return "close_notify"; + case 10: return "unexpected_message"; + case 20: return "bad_record_mac"; + case 21: return "decryption_failed"; + case 22: return "record_overflow"; + case 30: return "decompression_failure"; + case 40: return "handshake_failure"; + case 42: return "bad_certificate"; + case 43: return "unsupported_certificate"; + case 44: return "certificate_revoked"; + case 45: return "certificate_expired"; + case 46: return "certificate_unknown"; + case 47: return "illegal_parameter"; + case 48: return "unknown_ca"; + case 49: return "access_denied"; + case 50: return "decode_error"; + case 51: return "decrypt_error"; + case 60: return "export_restriction"; + case 70: return "protocol_version"; + case 71: return "insufficient_security"; + case 80: return "internal_error"; + case 90: return "user_canceled"; + case 100: return "no_renegotiation"; + case 110: return "unsupported_extension"; + case 111: return "certificate_unobtainable"; + case 112: return "unrecognized_name"; + case 113: return "bad_certificate_status_response"; + case 114: return "bad_certificate_hash_value"; + case 120: return "unknown_srp_username"; + case 121: return "missing_srp_username"; + default: return "unknown(" + value + ")"; + } + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/AlertException.java b/libjava/classpath/gnu/javax/net/ssl/provider/AlertException.java new file mode 100644 index 0000000..666efe5 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/AlertException.java @@ -0,0 +1,76 @@ +/* AlertException.java -- exceptions generated by SSL alerts. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import javax.net.ssl.SSLException; + +class AlertException extends SSLException +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final Alert alert; + private final boolean isLocal; + + // Constructor. + // ------------------------------------------------------------------------- + + AlertException(Alert alert, boolean isLocal) + { + super(alert.getDescription().toString()); + this.alert = alert; + this.isLocal = isLocal; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String getMessage() + { + return alert.getDescription() + ": " + + (isLocal ? "locally generated; " : "remotely generated; ") + + alert.getLevel(); + } + + public Alert getAlert () + { + return alert; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Certificate.java b/libjava/classpath/gnu/javax/net/ssl/provider/Certificate.java new file mode 100644 index 0000000..b1d6b2a --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Certificate.java @@ -0,0 +1,194 @@ +/* Certificate.java -- SSL Certificate message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +import java.util.LinkedList; + +import javax.net.ssl.SSLProtocolException; + +final class Certificate implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final X509Certificate[] certs; + + // Constructors. + // ------------------------------------------------------------------------- + + Certificate(X509Certificate[] certs) + { + if (certs == null) + { + throw new NullPointerException(); + } + this.certs = certs; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static Certificate read(InputStream in, CertificateType type) + throws IOException + { + if (type == CertificateType.X509) + { + int len = (in.read() & 0xFF) << 16 | (in.read() & 0xFF) << 8 + | (in.read() & 0xFF); + byte[] buf = new byte[len]; + int count = 0; + while (count < len) + { + int l = in.read(buf, count, len - count); + if (l == -1) + { + throw new EOFException("unexpected end of stream"); + } + count += l; + } + try + { + LinkedList certs = new LinkedList(); + CertificateFactory fact = CertificateFactory.getInstance("X.509"); + ByteArrayInputStream bin = new ByteArrayInputStream(buf); + count = 0; + while (count < len) + { + int len2 = (bin.read() & 0xFF) << 16 | (bin.read() & 0xFF) << 8 + | (bin.read() & 0xFF); + certs.add(fact.generateCertificate(bin)); + count += len2 + 3; + } + return new Certificate((X509Certificate[]) + certs.toArray(new X509Certificate[certs.size()])); + } + catch (CertificateException ce) + { + SSLProtocolException sslpe = new SSLProtocolException(ce.getMessage()); + sslpe.initCause (ce); + throw sslpe; + } + } + else if (type == CertificateType.OPEN_PGP) + { + throw new UnsupportedOperationException("not yet implemented"); + } + else + throw new Error("unsupported certificate type "+type); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + try + { + for (int i = 0; i < certs.length; i++) + { + byte[] enc = certs[i].getEncoded(); + bout.write((enc.length >>> 16) & 0xFF); + bout.write((enc.length >>> 8) & 0xFF); + bout.write( enc.length & 0xFF); + bout.write(enc); + } + } + catch (CertificateEncodingException cee) + { + throw new Error("cannot encode certificates"); + } + catch (IOException ignored) + { + } + out.write(bout.size() >>> 16 & 0xFF); + out.write(bout.size() >>> 8 & 0xFF); + out.write(bout.size() & 0xFF); + bout.writeTo(out); + } + + X509Certificate[] getCertificates() + { + return certs; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" certificateList ="); + for (int i = 0; i < certs.length; i++) + { + BufferedReader r = + new BufferedReader(new StringReader(certs[i].toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + } + out.println("} Certificate;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/CertificateRequest.java b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateRequest.java new file mode 100644 index 0000000..0f78803 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateRequest.java @@ -0,0 +1,285 @@ +/* CertificateRequest.java -- SSL CertificateRequest message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; + +import java.lang.reflect.Constructor; +import java.lang.reflect.Method; + +import java.util.LinkedList; +import java.security.Principal; + +final class CertificateRequest implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final ClientType[] types; + private final Principal[] authorities; + + // Constructor. + // ------------------------------------------------------------------------- + + CertificateRequest(ClientType[] types, Principal[] authorities) + { + if (types == null) + { + throw new NullPointerException(); + } + this.types = types; + if (authorities == null) + { + throw new NullPointerException(); + } + this.authorities = authorities; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static CertificateRequest read(InputStream in) throws IOException + { + DataInputStream din = new DataInputStream(in); + ClientType[] types = new ClientType[din.readUnsignedByte()]; + for (int i = 0; i < types.length; i++) + { + types[i] = ClientType.read(din); + } + + LinkedList authorities = new LinkedList(); + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + ByteArrayInputStream bin = new ByteArrayInputStream(buf); + try + { + String x500name = Util.getSecurityProperty("jessie.x500.class"); + if (x500name == null) + { + x500name = "org.metastatic.jessie.pki.X500Name"; + } + Class x500class = null; + ClassLoader cl = ClassLoader.getSystemClassLoader(); + if (cl != null) + { + x500class = cl.loadClass(x500name); + } + else + { + x500class = Class.forName(x500name); + } + Constructor c = x500class.getConstructor(new Class[] { new byte[0].getClass() }); + while (bin.available() > 0) + { + buf = new byte[(bin.read() & 0xFF) << 8 | (bin.read() & 0xFF)]; + bin.read(buf); + authorities.add(c.newInstance(new Object[] { buf })); + } + } + catch (IOException ioe) + { + throw ioe; + } + catch (Exception ex) + { + throw new Error(ex.toString()); + } + return new CertificateRequest(types, + (Principal[]) authorities.toArray(new Principal[authorities.size()])); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + out.write(types.length); + for (int i = 0; i < types.length; i++) + { + out.write(types[i].getValue()); + } + + try + { + Class x500class = authorities[0].getClass(); + Method m = x500class.getMethod("getEncoded", null); + for (int i = 0; i < authorities.length; i++) + { + byte[] buf = (byte[]) m.invoke(authorities[i], null); + bout.write(buf.length >>> 8 & 0xFF); + bout.write(buf.length & 0xFF); + bout.write(buf, 0, buf.length); + } + } + catch (Exception ex) + { + throw new Error(ex.toString()); + } + out.write(bout.size() >>> 8 & 0xFF); + out.write(bout.size() & 0xFF); + bout.writeTo(out); + } + + ClientType[] getTypes() + { + return types; + } + + String[] getTypeStrings() + { + try + { + return (String[]) Util.transform(types, String.class, "toString", null); + } + catch (Exception x) + { + return null; + } + } + + Principal[] getAuthorities() + { + return authorities; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.print(" types = "); + for (int i = 0; i < types.length; i++) + { + out.print(types[i]); + if (i != types.length - 1) + out.print(", "); + } + out.println(";"); + out.println(" authorities ="); + for (int i = 0; i < authorities.length; i++) + { + out.print(" "); + out.print(authorities[i].getName()); + if (i != types.length - 1) + out.println(","); + } + out.println(";"); + out.println("} CertificateRequest;"); + return str.toString(); + } + + // Inner class. + // ------------------------------------------------------------------------- + + static final class ClientType implements Enumerated + { + + // Constants and fields. + // ----------------------------------------------------------------------- + + static final ClientType + RSA_SIGN = new ClientType(1), DSS_SIGN = new ClientType(2), + RSA_FIXED_DH = new ClientType(3), DSS_FIXED_DH = new ClientType(4); + + private final int value; + + // Constructor. + // ----------------------------------------------------------------------- + + private ClientType(int value) + { + this.value = value; + } + + // Class method. + // ----------------------------------------------------------------------- + + static ClientType read(InputStream in) throws IOException + { + int i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (i & 0xFF) + { + case 1: return RSA_SIGN; + case 2: return DSS_SIGN; + case 3: return RSA_FIXED_DH; + case 4: return DSS_FIXED_DH; + default: return new ClientType(i); + } + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 1: return "rsa_sign"; + case 2: return "dss_sign"; + case 3: return "rsa_fixed_dh"; + case 4: return "dss_fixed_dh"; + default: return "unknown(" + value + ")"; + } + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/CertificateType.java b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateType.java new file mode 100644 index 0000000..c570593 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateType.java @@ -0,0 +1,104 @@ +/* CertificateType.java -- the certificate type extension. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; + +final class CertificateType implements Enumerated +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + static final CertificateType X509 = new CertificateType(0); + static final CertificateType OPEN_PGP = new CertificateType(1); + + private final int value; + + // Constructor. + // ------------------------------------------------------------------------- + + private CertificateType(int value) + { + this.value = value; + } + + // Class method. + // ------------------------------------------------------------------------- + + static CertificateType read(InputStream in) throws IOException + { + int value = in.read(); + if (value == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (value & 0xFF) + { + case 0: return X509; + case 1: return OPEN_PGP; + default: return new CertificateType(value); + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 0: return "X.509"; + case 1: return "OpenPGP"; + default: return "unknown(" + value + ")"; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/CertificateVerify.java b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateVerify.java new file mode 100644 index 0000000..e0bf130 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/CertificateVerify.java @@ -0,0 +1,95 @@ +/* CertificateVerify.java -- SSL CertificateVerify message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; +import java.security.PublicKey; + +final class CertificateVerify extends Signature implements Handshake.Body +{ + + // Contstructor. + // ------------------------------------------------------------------------- + + CertificateVerify(Object sigValue, String sigAlg) + { + super(sigValue, sigAlg); + } + + // Class method. + // -------------------------------------------------------------------------- + + static Signature read(InputStream in, CipherSuite suite, PublicKey key) + throws IOException + { + Signature sig = Signature.read(in, suite, key); + return new CertificateVerify(sig.getSigValue(), sig.getSigAlg()); + } + + // Instance method. + // ------------------------------------------------------------------------- + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + BufferedReader r = new BufferedReader(new StringReader(super.toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + out.println("} CertificateVerify;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/CipherSuite.java b/libjava/classpath/gnu/javax/net/ssl/provider/CipherSuite.java new file mode 100644 index 0000000..de91681 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/CipherSuite.java @@ -0,0 +1,754 @@ +/* CipherSuite.java -- Supported cipher suites. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +import java.lang.reflect.Field; + +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Provider; +import java.security.Security; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Set; + +import javax.crypto.Cipher; +import javax.crypto.Mac; +import javax.crypto.NoSuchPaddingException; + +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; + +final class CipherSuite implements Constructed +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + private static final List tlsSuiteNames = new LinkedList(); + private static final HashMap namesToSuites = new HashMap(); + + // SSL CipherSuites. + static final CipherSuite SSL_NULL_WITH_NULL_NULL = + new CipherSuite("null", "null", "null", "null", 0, 0x00, 0x00, + "SSL_NULL_WITH_NULL_NULL", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_NULL_MD5 = + new CipherSuite("null", "RSA", "RSA", "SSLMAC-MD5", 0, 0x00, 0x01, + "SSL_RSA_WITH_NULL_MD5", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_NULL_SHA = + new CipherSuite("null", "RSA", "RSA", "SSLMAC-SHA", 0, 0x00, 0x02, + "SSL_RSA_WITH_NULL_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_EXPORT_WITH_RC4_40_MD5 = + new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-MD5", 5, 0x00, 0x03, + "SSL_RSA_EXPORT_WITH_RC4_40_MD5", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_RC4_128_MD5 = + new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-MD5", 16, 0x00, 0x04, + "SSL_RSA_WITH_RC4_128_MD5", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_RC4_128_SHA = + new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-SHA", 16, 0x00, 0x05, + "SSL_RSA_WITH_RC4_128_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "RSA", "RSA", "SSLMAC-SHA", 5, 0x00, 0x08, + "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "RSA", "RSA", "SSLMAC-SHA", 8, 0x00, 0x09, + "SSL_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "RSA", "RSA", "SSLMAC-SHA", 24, 0x00, 0x0A, + "SSL_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DH", "DSS", "SSLMAC-SHA", 5, 0x00, 0x0B, + "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_DSS_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DH", "DSS", "SSLMAC-SHA", 8, 0x00, 0x0C, + "SSL_DH_DSS_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DH", "DSS", "SSLMAC-SHA", 24, 0x00, 0x0D, + "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DH", "RSA", "SSLMAC-SHA", 5, 0x00, 0x0E, + "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DH", "RSA", "SSLMAC-SHA", 8, 0x00, 0x0F, + "SSL_DH_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DH", "RSA", "SSLMAC-SHA", 24, 0x00, 0x10, + "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DHE", "DSS", "SSLMAC-SHA", 5, 0x00, 0x11, + "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DHE", "DSS", "SSLMAC-SHA", 8, 0x00, 0x12, + "SSL_DHE_DSS_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DHE", "DSS", "SSLMAC-SHA", 24, 0x00, 0x13, + "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DHE", "RSA", "SSLMAC-SHA", 5, 0x00, 0x14, + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DHE", "RSA", "SSLMAC-SHA", 8, 0x00, 0x15, + "SSL_DHE_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DHE", "RSA", "SSLMAC-SHA", 24, 0x00, 0x16, + "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3); + + // AES CipherSuites. + static final CipherSuite SSL_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "RSA", "RSA", "SSLMAC-SHA", 16, 0x00, 0x2F, + "SSL_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_DSS_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DH", "DSS", "SSLMAC-SHA", 16, 0x00, 0x30, + "SSL_DH_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DH", "RSA", "SSLMAC-SHA", 16, 0x00, 0x31, + "SSL_DH_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DHE", "DSS", "SSLMAC-SHA", 16, 0x00, 0x32, + "SSL_DHE_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DHE", "RSA", "SSLMAC-SHA", 16, 0x00, 0x33, + "SSL_DHE_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "RSA", "RSA", "SSLMAC-SHA", 32, 0x00, 0x35, + "SSL_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_DSS_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DH", "DSS", "SSLMAC-SHA", 32, 0x00, 0x36, + "SSL_DH_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DH_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DH", "RSA", "SSLMAC-SHA", 32, 0x00, 0x37, + "SSL_DH_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DHE", "DSS", "SSLMAC-SHA", 32, 0x00, 0x38, + "SSL_DHE_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DHE", "RSA", "SSLMAC-SHA", 32, 0x00, 0x39, + "SSL_DHE_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3); + + // Ciphersuites from the OpenPGP extension draft. + static final CipherSuite SSL_DHE_DSS_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x70, + "SSL_DHE_DSS_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x71, + "SSL_DHE_DSS_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-RIPEMD-160", 24, 0x00, 0x72, + "SSL_DHE_DSS_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x73, + "SSL_DHE_DSS_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_DSS_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 32, 0x00, 0x74, + "SSL_DHE_DSS_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x75, + "SSL_DHE_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x76, + "SSL_DHE_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x77, + "SSL_DHE_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x78, + "SSL_DHE_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_DHE_RSA_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x79, + "SSL_DHE_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x7A, + "SSL_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7B, + "SSL_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x7C, + "SSL_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7D, + "SSL_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3); + static final CipherSuite SSL_RSA_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x7E, + "SSL_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3); + + static final CipherSuite TLS_NULL_WITH_NULL_NULL = + new CipherSuite("null", "null", "null", "null", 0, 0x00, 0x00, + "TLS_NULL_WITH_NULL_NULL", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_NULL_MD5 = + new CipherSuite("null", "RSA", "RSA", "HMAC-MD5", 0, 0x00, 0x01, + "TLS_RSA_WITH_NULL_MD5", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_NULL_SHA = + new CipherSuite("null", "RSA", "RSA", "HMAC-SHA", 0, 0x00, 0x02, + "TLS_RSA_WITH_NULL_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = + new CipherSuite("RC4", "RSA", "RSA", "HMAC-MD5", 5, 0x00, 0x03, + "TLS_RSA_EXPORT_WITH_RC4_40_MD5", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_RC4_128_MD5 = + new CipherSuite("RC4", "RSA", "RSA", "HMAC-MD5", 16, 0x00, 0x04, + "TLS_RSA_WITH_RC4_128_MD5", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_RC4_128_SHA = + new CipherSuite("RC4", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x05, + "TLS_RSA_WITH_RC4_128_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "RSA", "RSA", "HMAC-SHA", 5, 0x00, 0x08, + "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "RSA", "RSA", "HMAC-SHA", 8, 0x00, 0x09, + "TLS_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-SHA", 24, 0x00, 0x0A, + "TLS_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DH", "DSS", "HMAC-SHA", 5, 0x00, 0x0B, + "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DH", "DSS", "HMAC-SHA", 8, 0x00, 0x0C, + "TLS_DH_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DH", "DSS", "HMAC-SHA", 24, 0x00, 0x0D, + "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 5, 0x00, 0x0E, + "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 8, 0x00, 0x0F, + "TLS_DH_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DH", "RSA", "HMAC-SHA", 24, 0x00, 0x10, + "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 5, 0x00, 0x11, + "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 8, 0x00, 0x12, + "TLS_DHE_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-SHA", 24, 0x00, 0x13, + "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = + new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 5, 0x00, 0x14, + "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = + new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 8, 0x00, 0x15, + "TLS_DHE_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-SHA", 24, 0x00, 0x16, + "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + + // AES CipherSuites. + static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x2F, + "TLS_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 16, 0x00, 0x30, + "TLS_DH_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 16, 0x00, 0x31, + "TLS_DH_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x32, + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x33, + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 32, 0x00, 0x35, + "TLS_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 32, 0x00, 0x36, + "TLS_DH_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 32, 0x00, 0x37, + "TLS_DH_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 32, 0x00, 0x38, + "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 32, 0x00, 0x39, + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + + // Secure remote password (SRP) ciphersuites + static final CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "SRP", "anon", "HMAC-SHA", 24, 0x00, 0x50, + "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "SRP", "RSA", "HMAC-SHA", 24, 0x00, 0x51, + "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = + new CipherSuite("TripleDES", "SRP", "DSS", "HMAC-SHA", 24, 0x00, 0x52, + "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 16, 0x00, 0x53, + "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 16, 0x00, 0x54, + "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = + new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 16, 0x00, 0x55, + "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 32, 0x00, 0x56, + "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 32, 0x00, 0x57, + "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = + new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 32, 0x00, 0x58, + "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1); + + // Ciphersuites from the OpenPGP extension draft. + static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x70, + "TLS_DHE_DSS_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x71, + "TLS_DHE_DSS_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-RIPEMD-160", 24, 0x00, 0x72, + "TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x73, + "TLS_DHE_DSS_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 32, 0x00, 0x74, + "TLS_DHE_DSS_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x75, + "TLS_DHE_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x76, + "TLS_DHE_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x77, + "TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x78, + "TLS_DHE_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x79, + "TLS_DHE_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_SHA = + new CipherSuite("CAST5", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x7A, + "TLS_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_RMD = + new CipherSuite("CAST5", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7B, + "TLS_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_RMD = + new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x7C, + "TLS_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_AES_128_CBC_RMD = + new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7D, + "TLS_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1); + static final CipherSuite TLS_RSA_WITH_AES_256_CBC_RMD = + new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x7E, + "TLS_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1); + + private final String cipherName; + private final String kexName; + private final String sigName; + private final String macName; + private final boolean exportable; + private final boolean isStream; + private final int keyLength; + private final byte[] id; + private final String name; + private final ProtocolVersion version; + + // Constructors. + // ------------------------------------------------------------------------- + + private CipherSuite(String cipherName, String kexName, String sigName, + String macName, int keyLength, int id1, int id2, + String name, ProtocolVersion version) + { + this.cipherName = cipherName.intern(); + this.kexName = kexName.intern(); + this.sigName = sigName.intern(); + this.macName = macName.intern(); + this.exportable = keyLength <= 5; + this.isStream = cipherName.equals("null") || cipherName.equals("RC4"); + this.keyLength = keyLength; + this.id = new byte[] { (byte) id1, (byte) id2 }; + this.name = name.intern(); + this.version = version; + namesToSuites.put(name, this); + if (name.startsWith("TLS")) + { + tlsSuiteNames.add(name); + } + } + + private CipherSuite(byte[] id) + { + cipherName = null; + kexName = null; + sigName = null; + macName = null; + exportable = false; + isStream = false; + keyLength = 0; + this.id = id; + name = null; + version = null; + } + + // Class methods. + // ------------------------------------------------------------------------- + + /** + * Returns the cipher suite for the given name, or null if there is no + * such suite. + * + * @return The named cipher suite. + */ + static CipherSuite forName(String name) + { + return (CipherSuite) namesToSuites.get(name); + } + + static List availableSuiteNames() + { + return tlsSuiteNames; + } + + static CipherSuite read(InputStream in) throws IOException + { + DataInputStream din = new DataInputStream(in); + byte[] id = new byte[2]; + din.readFully(id); + return new CipherSuite(id); + } + + static IMode getCipher(String cbcCipherName) + { + IBlockCipher cipher = CipherFactory.getInstance(cbcCipherName); + if (cipher == null) + { + return null; + } + return ModeFactory.getInstance("CBC", cipher, cipher.defaultBlockSize()); + } + + static Cipher getJCECipher (final String name) + throws NoSuchAlgorithmException, NoSuchPaddingException + { + final String provider = Util.getSecurityProperty ("jessie.with.jce.provider"); + if (name.equals ("RC4")) + { + if (provider != null) + { + try + { + return Cipher.getInstance (name, provider); + } + catch (NoSuchProviderException nsae) + { + // Fall through. Try any available provider. + } + } + + return Cipher.getInstance (name); + } + else + { + // Oh, hey! Look! Something else Sun doesn't understand: SSLv3 padding + // is different than TLSv1 in subtle, but important, ways. But they + // sorta look the same, so why not make them equivalent? + // + // There should be a seperate padding "TLS1Padding". + if (provider != null) + { + try + { + return Cipher.getInstance (name + "/CBC/SSL3Padding", provider); + } + catch (NoSuchProviderException nspe) + { + // Fall through. Try any available provider. + } + } + return Cipher.getInstance (name + "/CBC/SSL3Padding"); + } + } + + static IMac getMac(String macName) + { + if (macName.startsWith("SSLMAC-")) + { + return new SSLHMac(macName.substring(7)); + } + else + { + return MacFactory.getInstance(macName); + } + } + + static Mac getJCEMac (final String name) + throws NoSuchAlgorithmException + { + final String provider = Util.getSecurityProperty ("jessie.with.jce.provider"); + if (provider != null) + { + try + { + return Mac.getInstance (name, provider); + } + catch (NoSuchProviderException nspe) + { + // Fall through. Try any available provider. + } + } + return Mac.getInstance (name); + } + + // Intance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + out.write(id); + } + + CipherSuite resolve(ProtocolVersion version) + { + if (version == ProtocolVersion.SSL_3) + { + if (id[0] == 0x00) switch (id[1]) + { + case 0x00: return SSL_NULL_WITH_NULL_NULL; + case 0x01: return SSL_RSA_WITH_NULL_MD5; + case 0x02: return SSL_RSA_WITH_NULL_SHA; + case 0x03: return SSL_RSA_EXPORT_WITH_RC4_40_MD5; + case 0x04: return SSL_RSA_WITH_RC4_128_MD5; + case 0x05: return SSL_RSA_WITH_RC4_128_SHA; + case 0x08: return SSL_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x09: return SSL_RSA_WITH_DES_CBC_SHA; + case 0x0A: return SSL_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x0B: return SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA; + case 0x0C: return SSL_DH_DSS_WITH_DES_CBC_SHA; + case 0x0D: return SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA; + case 0x0E: return SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x0F: return SSL_DH_RSA_WITH_DES_CBC_SHA; + case 0x10: return SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x11: return SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA; + case 0x12: return SSL_DHE_DSS_WITH_DES_CBC_SHA; + case 0x13: return SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA; + case 0x14: return SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x15: return SSL_DHE_RSA_WITH_DES_CBC_SHA; + case 0x16: return SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x2F: return SSL_RSA_WITH_AES_128_CBC_SHA; + case 0x30: return SSL_DH_DSS_WITH_AES_128_CBC_SHA; + case 0x31: return SSL_DH_RSA_WITH_AES_128_CBC_SHA; + case 0x32: return SSL_DHE_DSS_WITH_AES_128_CBC_SHA; + case 0x33: return SSL_DHE_RSA_WITH_AES_128_CBC_SHA; + case 0x35: return SSL_RSA_WITH_AES_256_CBC_SHA; + case 0x36: return SSL_DH_DSS_WITH_AES_256_CBC_SHA; + case 0x37: return SSL_DH_RSA_WITH_AES_256_CBC_SHA; + case 0x38: return SSL_DHE_DSS_WITH_AES_256_CBC_SHA; + case 0x39: return SSL_DHE_RSA_WITH_AES_256_CBC_SHA; + } + } + else if (version == ProtocolVersion.TLS_1 || + version == ProtocolVersion.TLS_1_1) + { + if (id[0] == 0x00) switch (id[1]) + { + case 0x00: return TLS_NULL_WITH_NULL_NULL; + case 0x01: return TLS_RSA_WITH_NULL_MD5; + case 0x02: return TLS_RSA_WITH_NULL_SHA; + case 0x03: return TLS_RSA_EXPORT_WITH_RC4_40_MD5; + case 0x04: return TLS_RSA_WITH_RC4_128_MD5; + case 0x05: return TLS_RSA_WITH_RC4_128_SHA; + case 0x08: return TLS_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x09: return TLS_RSA_WITH_DES_CBC_SHA; + case 0x0A: return TLS_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x0B: return TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA; + case 0x0C: return TLS_DH_DSS_WITH_DES_CBC_SHA; + case 0x0D: return TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA; + case 0x0E: return TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x0F: return TLS_DH_RSA_WITH_DES_CBC_SHA; + case 0x10: return TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x11: return TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA; + case 0x12: return TLS_DHE_DSS_WITH_DES_CBC_SHA; + case 0x13: return TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA; + case 0x14: return TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA; + case 0x15: return TLS_DHE_RSA_WITH_DES_CBC_SHA; + case 0x16: return TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x2F: return TLS_RSA_WITH_AES_128_CBC_SHA; + case 0x30: return TLS_DH_DSS_WITH_AES_128_CBC_SHA; + case 0x31: return TLS_DH_RSA_WITH_AES_128_CBC_SHA; + case 0x32: return TLS_DHE_DSS_WITH_AES_128_CBC_SHA; + case 0x33: return TLS_DHE_RSA_WITH_AES_128_CBC_SHA; + case 0x35: return TLS_RSA_WITH_AES_256_CBC_SHA; + case 0x36: return TLS_DH_DSS_WITH_AES_256_CBC_SHA; + case 0x37: return TLS_DH_RSA_WITH_AES_256_CBC_SHA; + case 0x38: return TLS_DHE_DSS_WITH_AES_256_CBC_SHA; + case 0x39: return TLS_DHE_RSA_WITH_AES_256_CBC_SHA; + case 0x50: return TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA; + case 0x51: return TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA; + case 0x52: return TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA; + case 0x53: return TLS_SRP_SHA_WITH_AES_128_CBC_SHA; + case 0x54: return TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA; + case 0x55: return TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA; + case 0x56: return TLS_SRP_SHA_WITH_AES_256_CBC_SHA; + case 0x57: return TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA; + case 0x58: return TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA; + case 0x70: return TLS_DHE_DSS_WITH_CAST_128_CBC_SHA; + case 0x71: return TLS_DHE_DSS_WITH_CAST_128_CBC_RMD; + case 0x72: return TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD; + case 0x73: return TLS_DHE_DSS_WITH_AES_128_CBC_RMD; + case 0x74: return TLS_DHE_DSS_WITH_AES_256_CBC_RMD; + case 0x75: return TLS_DHE_RSA_WITH_CAST_128_CBC_SHA; + case 0x76: return TLS_DHE_RSA_WITH_CAST_128_CBC_RMD; + case 0x77: return TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD; + case 0x78: return TLS_DHE_RSA_WITH_AES_128_CBC_RMD; + case 0x79: return TLS_DHE_RSA_WITH_AES_256_CBC_RMD; + case 0x7A: return TLS_RSA_WITH_CAST_128_CBC_SHA; + case 0x7B: return TLS_RSA_WITH_CAST_128_CBC_RMD; + case 0x7C: return TLS_RSA_WITH_3DES_EDE_CBC_RMD; + case 0x7D: return TLS_RSA_WITH_AES_128_CBC_RMD; + case 0x7E: return TLS_RSA_WITH_AES_256_CBC_RMD; + } + } + return this; + } + + String getCipher() + { + return cipherName; + } + + int getKeyLength() + { + return keyLength; + } + + String getKeyExchange() + { + return kexName; + } + + String getSignature() + { + return sigName; + } + + String getMac() + { + return macName; + } + + boolean isExportable() + { + return exportable; + } + + boolean isStreamCipher() + { + return isStream; + } + + String getAuthType() + { + if (kexName.equals("RSA")) + { + if (isExportable()) + { + return "RSA_EXPORT"; + } + return "RSA"; + } + return kexName + "_" + sigName; + } + + byte[] getId() + { + return id; + } + + ProtocolVersion getVersion() + { + return version; + } + + public boolean equals(Object o) + { + if (!(o instanceof CipherSuite)) + { + return false; + } + if (o == this) + return true; + byte[] id = ((CipherSuite) o).getId(); + return id[0] == this.id[0] && + id[1] == this.id[1]; + } + + public int hashCode() + { + if (version == null) + { + return 0xFFFF0000 | (id[0] & 0xFF) << 8 | (id[1] & 0xFF); + } + return version.getMajor() << 24 | version.getMinor() << 16 + | (id[0] & 0xFF) << 8 | (id[1] & 0xFF); + } + + public String toString() + { + if (name == null) + { + return "UNKNOWN { " + (id[0] & 0xFF) + ", " + (id[1] & 0xFF) + " }"; + } + return name; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ClientHello.java b/libjava/classpath/gnu/javax/net/ssl/provider/ClientHello.java new file mode 100644 index 0000000..259051d --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ClientHello.java @@ -0,0 +1,253 @@ +/* ClientHello.java -- SSL ClientHello message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; + +import javax.net.ssl.SSLProtocolException; + +final class ClientHello implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private ProtocolVersion version; + private Random random; + private byte[] sessionId; + private List suites; + private List comp; + private List extensions; + + // Constructor. + // ------------------------------------------------------------------------- + + ClientHello(ProtocolVersion version, Random random, + byte[] sessionId, List suites, List comp) + { + this(version, random, sessionId, suites, comp, null); + } + + ClientHello(ProtocolVersion version, Random random, + byte[] sessionId, List suites, List comp, List extensions) + { + this.version = version; + this.random = random; + this.sessionId = sessionId; + this.suites = suites; + this.comp = comp; + this.extensions = extensions; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static ClientHello read(InputStream in) throws IOException + { + ProtocolVersion vers = ProtocolVersion.read(in); + Random rand = Random.read(in); + byte[] id = new byte[in.read() & 0xFF]; + in.read(id); + int len = (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + ArrayList suites = new ArrayList(len / 2); + for (int i = 0; i < len; i += 2) + { + suites.add(CipherSuite.read(in).resolve(vers)); + } + len = in.read() & 0xFF; + ArrayList comp = new ArrayList(len); + for (int i = 0; i < len; i++) + { + comp.add(CompressionMethod.read(in)); + } + + List ext = null; + // Since parsing MAY need to continue into the extensions fields, or it + // may end here, the specified input stream MUST be a ByteArrayInputStream + // over all the data this hello contains. Otherwise this will mess up + // the data stream. + if (in.available() > 0) // then we have extensions. + { + ext = new LinkedList(); + len = (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + int count = 0; + while (count < len) + { + Extension e = Extension.read(in); + ext.add(e); + count += e.getValue().length + 4; + } + } + return new ClientHello(vers, rand, id, suites, comp, ext); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + version.write(out); + random.write(out); + out.write(sessionId.length); + out.write(sessionId); + out.write((suites.size() << 1) >>> 8 & 0xFF); + out.write((suites.size() << 1) & 0xFF); + for (Iterator i = suites.iterator(); i.hasNext(); ) + { + ((CipherSuite) i.next()).write(out); + } + out.write(comp.size()); + for (Iterator i = comp.iterator(); i.hasNext(); ) + { + out.write(((CompressionMethod) i.next()).getValue()); + } + if (extensions != null) + { + ByteArrayOutputStream out2 = new ByteArrayOutputStream(); + for (Iterator i = extensions.iterator(); i.hasNext(); ) + { + ((Extension) i.next()).write(out2); + } + out.write(out2.size() >>> 8 & 0xFF); + out.write(out2.size() & 0xFF); + out2.writeTo(out); + } + } + + ProtocolVersion getVersion() + { + return version; + } + + Random getRandom() + { + return random; + } + + byte[] getSessionId() + { + return sessionId; + } + + List getCipherSuites() + { + return suites; + } + + List getCompressionMethods() + { + return comp; + } + + List getExtensions() + { + return extensions; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" version = " + version + ";"); + BufferedReader r = new BufferedReader(new StringReader(random.toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + out.println(" sessionId = " + Util.toHexString(sessionId, ':') + ";"); + out.println(" cipherSuites = {"); + for (Iterator i = suites.iterator(); i.hasNext(); ) + { + out.print(" "); + out.println(i.next()); + } + out.println(" };"); + out.print(" compressionMethods = { "); + for (Iterator i = comp.iterator(); i.hasNext(); ) + { + out.print(i.next()); + if (i.hasNext()) + out.print(", "); + } + out.println(" };"); + if (extensions != null) + { + out.println(" extensions = {"); + for (Iterator i = extensions.iterator(); i.hasNext(); ) + { + r = new BufferedReader(new StringReader(i.next().toString())); + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + } + out.println(" };"); + } + out.println("} ClientHello;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ClientKeyExchange.java b/libjava/classpath/gnu/javax/net/ssl/provider/ClientKeyExchange.java new file mode 100644 index 0000000..828aa8d --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ClientKeyExchange.java @@ -0,0 +1,181 @@ +/* ClientKeyExchange.java -- SSL ClientKeyExchange message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.math.BigInteger; + +import java.security.PublicKey; +import java.security.interfaces.RSAKey; +import javax.crypto.interfaces.DHPublicKey; + +final class ClientKeyExchange implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final Object exObject; + + // Constructors. + // ------------------------------------------------------------------------- + + ClientKeyExchange(byte[] encryptedSecret) + { + exObject = encryptedSecret; + } + + ClientKeyExchange(BigInteger bigint) + { + exObject = bigint; + } + + // Class method. + // ------------------------------------------------------------------------- + + static ClientKeyExchange read(InputStream in, CipherSuite suite, + PublicKey key) + throws IOException + { + DataInputStream din = new DataInputStream(in); + if (suite.getKeyExchange().equals("RSA")) + { + int len = 0; + if (suite.getVersion() == ProtocolVersion.SSL_3) + { + len = (((RSAKey) key).getModulus().bitLength()+7) / 8; + } + else + { + len = din.readUnsignedShort(); + } + byte[] buf = new byte[len]; + din.readFully(buf); + return new ClientKeyExchange(buf); + } + else if (suite.getKeyExchange().equals("SRP")) + { + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + return new ClientKeyExchange(new BigInteger(1, buf)); + } + else if (key == null || !(key instanceof DHPublicKey)) // explicit. + { + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + return new ClientKeyExchange(new BigInteger(1, buf)); + } + else + { + return new ClientKeyExchange(new byte[0]); + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + throw new UnsupportedOperationException("use write(java.io.OutputStream,ProtocolVersion) instead"); + } + + public void write(OutputStream out, ProtocolVersion version) throws IOException + { + if (exObject instanceof byte[]) + { + byte[] b = (byte[]) exObject; + if (b.length > 0) + { + if (version != ProtocolVersion.SSL_3) + { + out.write(b.length >>> 8 & 0xFF); + out.write(b.length & 0xFF); + } + out.write(b); + } + } + else + { + byte[] bigint = ((BigInteger) exObject).toByteArray(); + if (bigint[0] == 0x00) + { + out.write(bigint.length - 1 >>> 8 & 0xFF); + out.write(bigint.length - 1 & 0xFF); + out.write(bigint, 1, bigint.length - 1); + } + else + { + out.write(bigint.length >>> 8 & 0xFF); + out.write(bigint.length & 0xFF); + out.write(bigint); + } + } + } + + Object getExchangeObject() + { + return exObject; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + if (exObject instanceof byte[] && ((byte[]) exObject).length > 0) + { + out.println(" encryptedPreMasterSecret ="); + out.print(Util.hexDump((byte[]) exObject, " ")); + } + else if (exObject instanceof BigInteger) + { + out.println(" clientPublic = " + ((BigInteger) exObject).toString(16) + ";"); + } + out.println("} ClientKeyExchange;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/CompressionMethod.java b/libjava/classpath/gnu/javax/net/ssl/provider/CompressionMethod.java new file mode 100644 index 0000000..c2fdf05 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/CompressionMethod.java @@ -0,0 +1,104 @@ +/* CompressionMethod.java -- the compression method enum. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; + +final class CompressionMethod implements Enumerated +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + static final CompressionMethod NULL = new CompressionMethod(0), + ZLIB = new CompressionMethod(1); + + private final int value; + + // Constructor. + // ------------------------------------------------------------------------- + + private CompressionMethod(int value) + { + this.value = value; + } + + // Class method. + // ------------------------------------------------------------------------- + + static CompressionMethod read(InputStream in) throws IOException + { + int value = in.read(); + if (value == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (value & 0xFF) + { + case 0: return NULL; + case 1: return ZLIB; + default: return new CompressionMethod(value); + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 0: return "null"; + case 1: return "zlib"; + default: return "unknown(" + value + ")"; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Constructed.java b/libjava/classpath/gnu/javax/net/ssl/provider/Constructed.java new file mode 100644 index 0000000..ee3f56a --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Constructed.java @@ -0,0 +1,57 @@ +/* Constructed.java -- constructed type. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; +import java.io.OutputStream; + +/** + * The base interface to SSL constructed types. + */ +interface Constructed +{ + + /** + * Writes this structure's encoded form to the given output stream. + * + * @param out The output stream. + * @throws IOException If an I/O error occurs. + */ + void write(OutputStream out) throws IOException; +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ContentType.java b/libjava/classpath/gnu/javax/net/ssl/provider/ContentType.java new file mode 100644 index 0000000..3368094 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ContentType.java @@ -0,0 +1,135 @@ +/* ContentType.java -- record layer content type. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; + +/** + * The content type enumeration, which marks packets in the record layer. + * + * 
enum { change_cipher_spec(20), alert(21), handshake(22),
+ *             application_data(23), (255) } ContentType;
+ * + * @author Casey Marshall (rsdio@metastatic.org) + */ +final class ContentType implements Enumerated +{ + + // Constants and fields. + // ------------------------------------------------------------------------ + + static final ContentType CLIENT_HELLO_V2 = new ContentType( 1); + static final ContentType CHANGE_CIPHER_SPEC = new ContentType(20); + static final ContentType ALERT = new ContentType(21); + static final ContentType HANDSHAKE = new ContentType(22); + static final ContentType APPLICATION_DATA = new ContentType(23); + + private int value; + + // Constructors. + // ------------------------------------------------------------------------ + + private ContentType(int value) + { + this.value = value; + } + + // Class methods. + // ------------------------------------------------------------------------ + + static final ContentType read(InputStream in) throws IOException + { + int value = in.read(); + if (value == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (value & 0xFF) + { + case 1: return CLIENT_HELLO_V2; + case 20: return CHANGE_CIPHER_SPEC; + case 21: return ALERT; + case 22: return HANDSHAKE; + case 23: return APPLICATION_DATA; + default: return new ContentType(value); + } + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public boolean equals(Object o) + { + if (o == null || !(o instanceof ContentType)) + { + return false; + } + return ((ContentType) o).value == value; + } + + public int hashCode() + { + return getValue(); + } + + public String toString() + { + switch (value) + { + case 1: return "v2_client_hello"; + case 20: return "change_cipher_spec"; + case 21: return "alert"; + case 22: return "handshake"; + case 23: return "application_data"; + default: return "unknown(" + value + ")"; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Context.java b/libjava/classpath/gnu/javax/net/ssl/provider/Context.java new file mode 100644 index 0000000..2bd7193 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Context.java @@ -0,0 +1,334 @@ +/* Context.java -- SSLContext implementation. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.File; +import java.io.InputStream; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyStoreException; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.SecureRandom; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.sql.SQLException; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContextSpi; +import javax.net.ssl.SSLSessionContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; + +import gnu.javax.net.ssl.NullManagerParameters; +import gnu.javax.net.ssl.SRPTrustManager; +import gnu.javax.net.ssl.StaticTrustAnchors; + +/** + * This is Jessie's implementation of a {@link javax.net.ssl.SSLContext} + * engine, and is available under the algorithm names ``SSLv3'', ``SSL'', + * ``TLSv1'', and ``TLS''. + */ +public final class Context extends SSLContextSpi +{ + + // Fields. + // ------------------------------------------------------------------------- + + private SessionContext clientSessions; + private SessionContext serverSessions; + private X509KeyManager keyManager; + private X509TrustManager trustManager; + private SRPTrustManager srpTrustManager; + private SecureRandom random; + + // Constructor. + // ------------------------------------------------------------------------- + + public Context() + { + String codec = Util.getSecurityProperty("jessie.clientSessionContext.codec"); + String codecClass = null; + if (codec == null) + { + codec = "null"; + } + if (codec.equalsIgnoreCase("xml")) + { + codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext"; + } + else if (codec.equalsIgnoreCase("jdbc")) + { + codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext"; + } + else if (codec.equalsIgnoreCase("null")) + { + codecClass = "gnu.javax.net.ssl.provider.SessionContext"; + } + else + { + throw new IllegalArgumentException("no such codec: " + codec); + } + try + { + ClassLoader cl = Context.class.getClassLoader(); + if (cl == null) + { + cl = ClassLoader.getSystemClassLoader(); + } + clientSessions = (SessionContext) cl.loadClass(codecClass).newInstance(); + } + catch (Exception ex) + { + ex.printStackTrace(); + throw new IllegalArgumentException(ex.toString()); + } + + codec = Util.getSecurityProperty("jessie.serverSessionContext.codec"); + if (codec == null) + { + codec = "null"; + } + if (codec.equalsIgnoreCase("xml")) + { + codecClass = "gnu.javax.net.ssl.provider.XMLSessionContext"; + } + else if (codec.equalsIgnoreCase("jdbc")) + { + codecClass = "gnu.javax.net.ssl.provider.JDBCSessionContext"; + } + else if (codec.equalsIgnoreCase("null")) + { + codecClass = "gnu.javax.net.ssl.provider.SessionContext"; + } + else + { + throw new IllegalArgumentException("no such codec: " + codec); + } + try + { + ClassLoader cl = Context.class.getClassLoader(); + if (cl == null) + { + cl = ClassLoader.getSystemClassLoader(); + } + serverSessions = (SessionContext) cl.loadClass(codecClass).newInstance(); + } + catch (Exception ex) + { + ex.printStackTrace(); + throw new IllegalArgumentException(ex.toString()); + } + } + + // Engine methods. + // ------------------------------------------------------------------------- + + protected SSLSessionContext engineGetClientSessionContext() + { + return clientSessions; + } + + protected SSLSessionContext engineGetServerSessionContext() + { + return serverSessions; + } + + protected javax.net.ssl.SSLServerSocketFactory engineGetServerSocketFactory() + { + if (keyManager == null || (trustManager == null && srpTrustManager == null) + || random == null) + { + throw new IllegalStateException(); + } + return new SSLServerSocketFactory(trustManager, srpTrustManager, keyManager, + random, serverSessions); + } + + protected javax.net.ssl.SSLSocketFactory engineGetSocketFactory() + { + if (keyManager == null || trustManager == null || random == null) + { + throw new IllegalStateException(); + } + return new SSLSocketFactory(trustManager, keyManager, random, clientSessions); + } + + protected void engineInit(KeyManager[] keyManagers, + TrustManager[] trustManagers, SecureRandom random) + throws KeyManagementException + { + keyManager = null; + trustManager = null; + srpTrustManager = null; + if (keyManagers != null) + { + for (int i = 0; i < keyManagers.length; i++) + { + if (keyManagers[i] instanceof X509KeyManager) + { + keyManager = (X509KeyManager) keyManagers[i]; + break; + } + } + } + if (keyManager == null) + { + keyManager = defaultKeyManager(); + } + if (trustManagers != null) + { + for (int i = 0; i < trustManagers.length; i++) + { + if (trustManagers[i] instanceof X509TrustManager) + { + if (trustManager == null) + { + trustManager = (X509TrustManager) trustManagers[i]; + } + } + else if (trustManagers[i] instanceof SRPTrustManager) + { + if (srpTrustManager == null) + { + srpTrustManager = (SRPTrustManager) trustManagers[i]; + } + } + } + } + if (trustManager == null && srpTrustManager == null) + { + trustManager = defaultTrustManager(); + } + if (random != null) + { + this.random = random; + } + else + { + this.random = defaultRandom(); + } + } + + // Own methods. + // ------------------------------------------------------------------------- + + private X509KeyManager defaultKeyManager() throws KeyManagementException + { + KeyManagerFactory fact = null; + try + { + fact = KeyManagerFactory.getInstance("JessieX509", "Jessie"); + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyManagementException(); + } + catch (NoSuchProviderException nspe) + { + throw new KeyManagementException(); + } + try + { + fact.init(null, null); + return (X509KeyManager) fact.getKeyManagers()[0]; + } + catch (NoSuchAlgorithmException nsae) { } + catch (KeyStoreException kse) { } + catch (UnrecoverableKeyException uke) { } + catch (IllegalStateException ise) { } + + try + { + fact.init(new NullManagerParameters()); + return (X509KeyManager) fact.getKeyManagers()[0]; + } + catch (Exception shouldNotHappen) + { + throw new Error(shouldNotHappen.toString()); + } + } + + private X509TrustManager defaultTrustManager() throws KeyManagementException + { + try + { + TrustManagerFactory fact = + TrustManagerFactory.getInstance("JessieX509", "Jessie"); + fact.init(StaticTrustAnchors.CA_CERTS); + return (X509TrustManager) fact.getTrustManagers()[0]; + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyManagementException(nsae.toString()); + } + catch (NoSuchProviderException nspe) + { + throw new KeyManagementException(nspe.toString()); + } + catch (InvalidAlgorithmParameterException kse) + { + throw new KeyManagementException(kse.toString()); + } + } + + private SecureRandom defaultRandom() throws KeyManagementException + { + String alg = Util.getSecurityProperty("jessie.secure.random"); + if (alg == null) + { + alg = "Fortuna"; + } + SecureRandom rand = null; + try + { + rand = SecureRandom.getInstance(alg); + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyManagementException(nsae.toString()); + } + + return rand; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/DiffieHellman.java b/libjava/classpath/gnu/javax/net/ssl/provider/DiffieHellman.java new file mode 100644 index 0000000..ad48c79 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/DiffieHellman.java @@ -0,0 +1,285 @@ +/* DiffieHellman.java -- Diffie-Hellman key exchange. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; +import gnu.javax.crypto.key.dh.GnuDHPrivateKey; + +/** + *

Simple implementation of two-party Diffie-Hellman key agreement.

+ * + *

The primes used in this class are from the following documents:

+ * + *
    + *
  • D. Harkins and D. Carrel, "The Internet Key Exchange (IKE)", RFC 2409.
    • + *
  • T. Kivinen and M. Kojo, "More Modular + * Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange + * (IKE)", RFC + * 3526.
    • + * + * + *

    The generator for all these primes is 2.

    + */ +final class DiffieHellman +{ + + // Class method. + // ------------------------------------------------------------------------- + + /** + * Get the system's Diffie-Hellman parameters, in which g is 2 + * and p is determined by the property + * "jessie.keypool.dh.group". The default value for p + * is 18, corresponding to {@link #GROUP_18}. + */ + static GnuDHPrivateKey getParams() + { + BigInteger p = DiffieHellman.GROUP_5; + String group = Util.getSecurityProperty("jessie.key.dh.group"); + if (group != null) + { + group = group.trim(); + if (group.equals("1")) + p = DiffieHellman.GROUP_1; + else if (group.equals("2")) + p = DiffieHellman.GROUP_2; + else if (group.equals("5")) + p = DiffieHellman.GROUP_5; + else if (group.equals("14")) + p = DiffieHellman.GROUP_14; + else if (group.equals("15")) + p = DiffieHellman.GROUP_15; + else if (group.equals("16")) + p = DiffieHellman.GROUP_16; + else if (group.equals("17")) + p = DiffieHellman.GROUP_17; + else if (group.equals("18")) + p = DiffieHellman.GROUP_18; + } + return new GnuDHPrivateKey(null, p, DH_G, null); + } + + // Constants. + // ------------------------------------------------------------------------- + + /** + * The generator for all Diffie Hellman groups below. + */ + static final BigInteger DH_G = BigInteger.valueOf(2L); + + /** + * p = 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } + */ + static final BigInteger GROUP_1 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16); + + /** + * p = 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 } + */ + static final BigInteger GROUP_2 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" + + "FFFFFFFFFFFFFFFF", 16); + + /** + * This prime p = 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }. + */ + static final BigInteger GROUP_5 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF", 16); + + /** + * p = 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }. + */ + static final BigInteger GROUP_14 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + + "15728E5A8AACAA68FFFFFFFFFFFFFFFF", 16); + + /** + * p = 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }. + */ + static final BigInteger GROUP_15 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF", 16); + + /** + * p = 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }. + */ + static final BigInteger GROUP_16 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + + "FFFFFFFFFFFFFFFF", 16); + + static final BigInteger GROUP_17 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + + "6DCC4024FFFFFFFFFFFFFFFF", 16); + + /** + * p = 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }. + * + *

    This value, while quite large, is estimated to provide the equivalent + * cryptographic strength of a symmetric key between 190 and 320 bits. + */ + static final BigInteger GROUP_18 = new BigInteger("00" + + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" + + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" + + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" + + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" + + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" + + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300" + + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A" + + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1" + + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47" + + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF", 16); + +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/DigestInputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/DigestInputStream.java new file mode 100644 index 0000000..dd138b4 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/DigestInputStream.java @@ -0,0 +1,103 @@ +/* DigestInputStream.java -- digesting input stream. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.FilterInputStream; +import java.io.InputStream; +import java.io.IOException; + +import gnu.java.security.hash.IMessageDigest; + +final class DigestInputStream extends FilterInputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + private IMessageDigest md5, sha; + private boolean digesting; + + // Constructor. + // ------------------------------------------------------------------------- + + DigestInputStream(InputStream in, IMessageDigest md5, IMessageDigest sha) + { + super(in); + if (md5 == null || sha == null) + throw new NullPointerException(); + this.md5 = md5; + this.sha = sha; + digesting = true; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + void setDigesting(boolean digesting) + { + this.digesting = digesting; + } + + public int read() throws IOException + { + int i = in.read(); + if (digesting && i != -1) + { + md5.update((byte) i); + sha.update((byte) i); + } + return i; + } + + public int read(byte[] buf) throws IOException + { + return read(buf, 0, buf.length); + } + + public int read(byte[] buf, int off, int len) throws IOException + { + int ret = in.read(buf, off, len); + if (digesting && ret != -1) + { + md5.update(buf, off, ret); + sha.update(buf, off, ret); + } + return ret; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/DigestOutputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/DigestOutputStream.java new file mode 100644 index 0000000..f154845 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/DigestOutputStream.java @@ -0,0 +1,107 @@ +/* DigestOutputStream.java -- digesting output stream. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.FilterOutputStream; +import java.io.IOException; +import java.io.OutputStream; + +import gnu.java.security.hash.IMessageDigest; + +final class DigestOutputStream extends FilterOutputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + private IMessageDigest md5, sha; + private boolean digesting; + + // Constructor. + // ------------------------------------------------------------------------- + + DigestOutputStream(OutputStream out, IMessageDigest md5, IMessageDigest sha) + { + super(out); + this.md5 = md5; + this.sha = sha; + digesting = true; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + void setDigesting(boolean digesting) + { + this.digesting = digesting; + } + + public void write(int b) throws IOException + { + if (digesting) + { + md5.update((byte) b); + sha.update((byte) b); + } + out.write(b); + } + + public void write(byte[] buf) throws IOException + { + write(buf, 0, buf.length); + } + + public void write(byte[] buf, int off, int len) throws IOException + { + if (buf == null) + { + throw new NullPointerException(); + } + if (off < 0 || len < 0 || off+len > buf.length) + { + throw new ArrayIndexOutOfBoundsException(); + } + if (digesting) + { + md5.update(buf, off, len); + sha.update(buf, off, len); + } + out.write(buf, off, len); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Enumerated.java b/libjava/classpath/gnu/javax/net/ssl/provider/Enumerated.java new file mode 100644 index 0000000..8875add --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Enumerated.java @@ -0,0 +1,79 @@ +/* Enumerated.java -- Interface to enumerated types. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +/** + * An enumerated type in the SSL protocols. Enumerated values take on + * one of a set of possible numeric values, which are not specifically + * ordered, and may be extensible to a maximum value. + * + * 

    enum { e1(v1), e2(v2), ... [[, (n) ]] }
    + * + *

    Enumerated types are encoded as big-endian multibyte integers, + * which take up the least possible number of bytes. Thus, an + * enumeration with up to 255 values will be encoded in a single byte, + * and so on. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +interface Enumerated +{ + + /** + * Returns the encoded value of this enumerated value, which is + * appropriate to send over-the-wire. + * + * @return The encoded value. + */ + byte[] getEncoded(); + + /** + * Returns the numeric value of this enumerated value. + * + * @return The numeric value. + */ + int getValue(); + + /** + * Returns a string representation of this enumerated value. + * + * @return The string. + */ + String toString(); +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Extension.java b/libjava/classpath/gnu/javax/net/ssl/provider/Extension.java new file mode 100644 index 0000000..1c79dd5 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Extension.java @@ -0,0 +1,214 @@ +/* Extension.java -- A TLS hello extension. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; + +final class Extension implements Constructed +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final Type type; + private final byte[] value; + + // Constructor. + // ------------------------------------------------------------------------- + + Extension(Type type, byte[] value) + { + if (type == null || value == null) + { + throw new NullPointerException(); + } + this.type = type; + this.value = value; + } + + // Class method. + // ------------------------------------------------------------------------- + + static Extension read(InputStream in) throws IOException + { + Type t = Type.read(in); + int len = (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + byte[] v = new byte[len]; + int count = 0; + while (count < len) + { + int l = in.read(v, count, len - count); + if (l == -1) + { + throw new EOFException("unexpected end of extension"); + } + count += l; + } + return new Extension(t, v); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + out.write(type.getEncoded()); + out.write(value.length >>> 8 & 0xFF); + out.write(value.length & 0xFF); + out.write(value); + } + + Type getType() + { + return type; + } + + byte[] getValue() + { + return value; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" type = " + type + ";"); + out.println(" value ="); + out.println(Util.hexDump(value, " ")); + out.println("} Extension;"); + return str.toString(); + } + + // Inner class. + // ------------------------------------------------------------------------- + + static final class Type implements Enumerated + { + + // Constants and fields. + // ----------------------------------------------------------------------- + + static final Type SERVER_NAME = new Type(0); + static final Type MAX_FRAGMENT_LENGTH = new Type(1); + static final Type CLIENT_CERTIFICATE_URL = new Type(2); + static final Type TRUSTED_CA_KEYS = new Type(3); + static final Type TRUNCATED_HMAC = new Type(4); + static final Type STATUS_REQUEST = new Type(5); + static final Type SRP = new Type(6); + static final Type CERT_TYPE = new Type(7); + + private final int value; + + // Constructor. + // ----------------------------------------------------------------------- + + private Type(int value) + { + this.value = value; + } + + // Class methods. + // ----------------------------------------------------------------------- + + static Type read(InputStream in) throws IOException + { + int i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of input stream"); + } + int value = (i & 0xFF) << 8; + i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of input stream"); + } + value |= i & 0xFF; + switch (value) + { + case 0: return SERVER_NAME; + case 1: return MAX_FRAGMENT_LENGTH; + case 2: return CLIENT_CERTIFICATE_URL; + case 3: return TRUSTED_CA_KEYS; + case 4: return TRUNCATED_HMAC; + case 5: return STATUS_REQUEST; + case 6: return SRP; + case 7: return CERT_TYPE; + default: return new Type(value); + } + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { + (byte) (value >>> 8 & 0xFF), (byte) (value & 0xFF) + }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 0: return "server_name"; + case 1: return "max_fragment_length"; + case 2: return "client_certificate_url"; + case 3: return "trusted_ca_keys"; + case 4: return "truncated_hmac"; + case 5: return "status_request"; + case 6: return "srp"; + case 7: return "cert_type"; + default: return "unknown(" + value + ")"; + } + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Extensions.java b/libjava/classpath/gnu/javax/net/ssl/provider/Extensions.java new file mode 100644 index 0000000..9ed9619 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Extensions.java @@ -0,0 +1,159 @@ +/* Extensions.java -- various static extension utilities. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.Collections; +import java.util.LinkedList; +import java.util.List; + +import javax.security.auth.x500.X500Principal; + +import gnu.java.security.x509.X500DistinguishedName; + +final class Extensions +{ + + // Constants. + // ------------------------------------------------------------------------- + + private static final Integer _512 = new Integer(512), + _1024 = new Integer(1024), _2048 = new Integer(2048), + _4096 = new Integer(4096); + + // Class methods only. + private Extensions() { } + + // Class methods. + // ------------------------------------------------------------------------- + + static List getServerName(Extension ex) + { + LinkedList l = new LinkedList(); + byte[] buf = ex.getValue(); + int pos = 0; + try + { + while (pos < buf.length) + { + if (buf[pos++] != 0) + break; + int len = (buf[pos++] & 0xFF) << 8; + len |= buf[pos++] & 0xFF; + l.add(new String(buf, pos, len, "UTF-8")); + pos += len; + } + } + catch (Exception x) + { + } + return Collections.unmodifiableList(l); + } + + static List getClientCertTypes(Extension ex) throws IOException + { + List l = new LinkedList(); + ByteArrayInputStream in = new ByteArrayInputStream(ex.getValue()); + final int len = in.read() & 0xFF; + for (int i = 0; i < len; i++) + { + l.add(CertificateType.read(in)); + } + return Collections.unmodifiableList(l); + } + + static CertificateType getServerCertType(Extension ex) throws IOException + { + return CertificateType.read(new ByteArrayInputStream(ex.getValue())); + } + + static Integer getMaxFragmentLength(Extension ex) + { + switch (ex.getValue()[0] & 0xFF) + { + case 1: return _512; + case 2: return _1024; + case 3: return _2048; + case 4: return _4096; + } + throw new IllegalArgumentException(); + } + + static Object[] getTrustedCA(Extension ex) + { + byte[] buf = ex.getValue(); + int type = buf[0] & 0xFF; + try + { + switch (type) + { + case 0: + return new Object[] { new Integer(type), null }; + case 1: + case 3: + return new Object[] { new Integer(type), + Util.trim(buf, 1, 20) }; + case 2: + return new Object[] { new Integer(type), + new X500Principal(Util.trim(buf, 1, 20)) }; + } + } + catch (Exception x) + { + } + throw new IllegalArgumentException(); + } + + static String getSRPUsername(Extension ex) + { + int len = ex.getValue()[0] & 0xFF; + if (len > ex.getValue().length - 1) + throw new IllegalArgumentException(); + try + { + return new String(ex.getValue(), 1, len, "UTF-8"); + } + catch (UnsupportedEncodingException uee) + { + throw new Error(uee.toString()); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Finished.java b/libjava/classpath/gnu/javax/net/ssl/provider/Finished.java new file mode 100644 index 0000000..8b9c220 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Finished.java @@ -0,0 +1,143 @@ +/* Finished.java -- SSL Finished message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +final class Finished implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + /** TLSv1.x verify data. */ + private final byte[] verifyData; + + /** SSLv3 message digest pair. */ + private final byte[] md5, sha; + + // Constructor. + // ------------------------------------------------------------------------- + + Finished(byte[] verifyData) + { + this.verifyData = verifyData; + md5 = sha = null; + } + + Finished(byte[] md5, byte[] sha) + { + this.md5 = md5; + this.sha = sha; + verifyData = null; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static Finished read(InputStream in, CipherSuite suite) + throws IOException + { + DataInputStream din = new DataInputStream(in); + if (suite.getVersion().equals(ProtocolVersion.SSL_3)) + { + byte[] md5 = new byte[16]; + byte[] sha = new byte[20]; + din.readFully(md5); + din.readFully(sha); + return new Finished(md5, sha); + } + else + { + byte[] buf = new byte[12]; + din.readFully(buf); + return new Finished(buf); + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + if (verifyData != null) + out.write(verifyData); + else + { + out.write(md5); + out.write(sha); + } + } + + byte[] getVerifyData() + { + return verifyData; + } + + byte[] getMD5Hash() + { + return md5; + } + + byte[] getSHAHash() + { + return sha; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + if (verifyData != null) + { + return "struct {" + nl + + " verifyData = " + Util.toHexString(verifyData, ':') + ";" + nl + + "} Finished;" + nl; + } + else + { + return "struct {" + nl + + " md5Hash = " + Util.toHexString(md5, ':') + ";" + nl + + " shaHash = " + Util.toHexString(sha, ':') + ";" + nl + + "} Finished;" + nl; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/GNUSecurityParameters.java b/libjava/classpath/gnu/javax/net/ssl/provider/GNUSecurityParameters.java new file mode 100644 index 0000000..a04c3fd --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/GNUSecurityParameters.java @@ -0,0 +1,490 @@ +/* GNUSecurityParameters.java -- SSL security parameters. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; + +import java.security.SecureRandom; +import java.security.Security; +import java.util.Arrays; +import java.util.zip.DataFormatException; +import java.util.zip.Deflater; +import java.util.zip.Inflater; + +import javax.net.ssl.SSLException; + +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mode.IMode; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +/** + * This class implements the {@link SecurityParameters} interface, using the + * GNU Crypto interface for ciphers and macs, and the JZlib package for + * record compression. + */ +class GNUSecurityParameters implements SecurityParameters +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final boolean DEBUG_RECORD_LAYER = false; + private static final PrintWriter debug = new PrintWriter (System.err, true); + + /** + * The CBC block cipher, if any. + */ + IMode inCipher, outCipher; + + /** + * The RC4 PRNG, if any. + */ + IRandom inRandom, outRandom; + + /** + * The MAC algorithm. + */ + IMac inMac, outMac; + + long inSequence, outSequence; + Session session; + ProtocolVersion version; + int fragmentLength; + private Inflater inflater; + private Deflater deflater; + + // Constructors. + // ------------------------------------------------------------------------- + + GNUSecurityParameters (Session session) + { + inSequence = 0; + outSequence = 0; + this.session = session; + fragmentLength = 16384; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void reset() + { + inSequence = 0L; + outSequence = 0L; + inCipher = null; + outCipher = null; + inMac = null; + outMac = null; + inRandom = null; + outRandom = null; + deflater = null; + inflater = null; + } + + public ProtocolVersion getVersion() + { + return version; + } + + public void setVersion(ProtocolVersion version) + { + this.version = version; + } + + public void setInCipher(Object inCipher) + { + if (inCipher instanceof IMode) + { + this.inCipher = (IMode) inCipher; + inRandom = null; + } + else + { + inRandom = (IRandom) inCipher; + this.inCipher = null; + } + } + + public void setOutCipher(Object outCipher) + { + if (outCipher instanceof IMode) + { + this.outCipher = (IMode) outCipher; + outRandom = null; + } + else + { + outRandom = (IRandom) outCipher; + this.outCipher = null; + } + } + + public void setInMac(Object inMac) + { + this.inMac = (IMac) inMac; + inSequence = 0L; + } + + public void setOutMac(Object outMac) + { + this.outMac = (IMac) outMac; + outSequence = 0L; + } + + public void setDeflating (boolean deflate) + { + if (deflate) + { + if (deflater == null) + deflater = new Deflater(); + } + else + deflater = null; + } + + public void setInflating (boolean inflate) + { + if (inflate) + { + if (inflater == null) + inflater = new Inflater(); + } + else + inflater = null; + } + + public int getFragmentLength() + { + return fragmentLength; + } + + public void setFragmentLength (int fragmentLength) + { + this.fragmentLength = fragmentLength; + } + + /** + * Decrypt, verify, and decompress a fragment, returning the transformed + * fragment. + * + * @param fragment The fragment to decrypt. + * @param version The protocol version of the fragment's record. + * @param type The content type of the record. + * @return The decrypted fragment. + * @throws MacException If the MAC could not be verified. + * @throws OverflowException If the inflated data is too large. + * @throws SSLException If decompressing fails. + */ + public synchronized byte[] decrypt (byte[] fragment, ProtocolVersion version, + ContentType type) + throws MacException, OverflowException, SSLException + { + boolean badPadding = false; + + // Decrypt the ciphertext, if it is encrypted. + if (inCipher != null) + { + int bs = inCipher.currentBlockSize (); + for (int i = 0; i < fragment.length; i += bs) + { + inCipher.update (fragment, i, fragment, i); + } + int padLen = fragment[fragment.length-1] & 0xFF; + int len = fragment.length - padLen - 1; + if (version == ProtocolVersion.SSL_3) + { + // SSLv3 requires that the padding length not exceed the + // cipher's block size. + if (padLen >= bs) + { + badPadding = true; + } + } + else + { + for (int i = len; i < fragment.length; i++) + { + // If the TLS padding is wrong, throw a MAC exception below. + if ((fragment[i] & 0xFF) != padLen) + { + badPadding = true; + } + } + } + fragment = Util.trim (fragment, len); + } + else if (inRandom != null) + { + transformRC4 (fragment, 0, fragment.length, fragment, 0, inRandom); + } + + // Check the MAC. + if (inMac != null) + { + inMac.update ((byte) (inSequence >>> 56)); + inMac.update ((byte) (inSequence >>> 48)); + inMac.update ((byte) (inSequence >>> 40)); + inMac.update ((byte) (inSequence >>> 32)); + inMac.update ((byte) (inSequence >>> 24)); + inMac.update ((byte) (inSequence >>> 16)); + inMac.update ((byte) (inSequence >>> 8)); + inMac.update ((byte) inSequence); + inMac.update ((byte) type.getValue()); + if (version != ProtocolVersion.SSL_3) + { + inMac.update ((byte) version.getMajor()); + inMac.update ((byte) version.getMinor()); + } + int macLen = inMac.macSize (); + int fragLen = fragment.length - macLen; + inMac.update ((byte) (fragLen >>> 8)); + inMac.update ((byte) fragLen); + inMac.update (fragment, 0, fragLen); + byte[] mac = inMac.digest (); + inMac.reset (); + for (int i = 0; i < macLen; i++) + { + if (fragment[i + fragLen] != mac[i]) + { + throw new MacException(); + } + } + if (badPadding) + { + throw new MacException(); + } + fragment = Util.trim (fragment, fragLen); + } + + if (inflater != null) + { + byte[] buf = new byte[1024]; + ByteArrayOutputStream bout = new ByteArrayOutputStream (fragment.length << 1); + inflater.setInput (fragment); + int len; + try + { + while ((len = inflater.inflate (buf)) > 0) + { + bout.write (buf, 0, len); + if (bout.size() > fragmentLength + 1024) + throw new OverflowException ("inflated data too large"); + } + } + catch (DataFormatException dfe) + { + throw new SSLException (String.valueOf (dfe)); + } + fragment = bout.toByteArray(); + inflater.reset(); + } + + inSequence++; + return fragment; + } + + /** + * Compress, MAC, encrypt, and write a record. The fragment of the + * record is taken from buf as len bytes starting at + * offset. len must be smaller than or equal to + * the configured fragment length. + * + * @param buf The fragment bytes. + * @param off The offset from whence to read. + * @param len The size of the fragment. + * @param type The content-type for this record. + * @param out The output stream to write the record to. + * @throws IOException If an I/O error occurs. + * @throws SSLException If compression fails. + * @throws OverflowException If compression inflates the data beyond + * the fragment length plus 1024 bytes. + */ + public synchronized byte[] encrypt (byte[] buf, int off, int len, + ContentType type) + throws SSLException, OverflowException + { + // If we are compressing, do it. + if (deflater != null) + { + byte[] buf2 = new byte[1024]; + ByteArrayOutputStream bout = new ByteArrayOutputStream (len >>> 1); + deflater.setInput (buf, off, len); + deflater.finish(); + len = 0; + while ((len = deflater.deflate (buf2)) > 0) + bout.write (buf2, 0, len); + // This should technically never happen for zlib. + if (bout.size() > fragmentLength + 1024) + throw new OverflowException ("deflated data too large"); + buf = bout.toByteArray(); + off = 0; + len = buf.length; + deflater.reset(); + } + + // If there is a MAC, compute it. + byte[] mac = new byte[0]; + if (outMac != null) + { + outMac.update((byte) (outSequence >>> 56)); + outMac.update((byte) (outSequence >>> 48)); + outMac.update((byte) (outSequence >>> 40)); + outMac.update((byte) (outSequence >>> 32)); + outMac.update((byte) (outSequence >>> 24)); + outMac.update((byte) (outSequence >>> 16)); + outMac.update((byte) (outSequence >>> 8)); + outMac.update((byte) outSequence); + outMac.update((byte) type.getValue()); + if (version != ProtocolVersion.SSL_3) + { + outMac.update((byte) version.getMajor()); + outMac.update((byte) version.getMinor()); + } + outMac.update((byte) (len >>> 8)); + outMac.update((byte) len); + outMac.update(buf, off, len); + mac = outMac.digest(); + outMac.reset(); + } + outSequence++; + + // Compute padding if needed. + byte[] pad = new byte[0]; + if (outCipher != null) + { + int padLen = outCipher.currentBlockSize() - + ((len + mac.length + 1) % outCipher.currentBlockSize()); + // Use a random amount of padding if the protocol is TLS. + if (version != ProtocolVersion.SSL_3 && session.random != null) + { + padLen += (Math.abs(session.random.nextInt ()) & 7) * + outCipher.currentBlockSize(); + while (padLen > 255) + { + padLen -= outCipher.currentBlockSize(); + } + } + pad = new byte[padLen+1]; + Arrays.fill (pad, (byte) padLen); + } + + // Write the record header. + final int fraglen = len + mac.length + pad.length; + + // Encrypt and write the fragment. + if (outCipher != null) + { + byte[] buf2 = new byte[fraglen]; + System.arraycopy (buf, off, buf2, 0, len); + System.arraycopy (mac, 0, buf2, len, mac.length); + System.arraycopy (pad, 0, buf2, len + mac.length, pad.length); + int bs = outCipher.currentBlockSize (); + for (int i = 0; i < fraglen; i += bs) + { + outCipher.update (buf2, i, buf2, i); + } + return buf2; + } + else if (outRandom != null) + { + byte[] buf2 = new byte[fraglen]; + transformRC4 (buf, off, len, buf2, 0, outRandom); + transformRC4 (mac, 0, mac.length, buf2, len, outRandom); + return buf2; + } + else + { + if (mac.length == 0) + { + return Util.trim (buf, off, len); + } + else + { + return Util.concat (Util.trim (buf, off, len), mac); + } + } + } + + // Own methods. + // ------------------------------------------------------------------------- + + /** + * Encrypt/decrypt a byte array with the RC4 stream cipher. + * + * @param in The input data. + * @param off The input offset. + * @param len The number of bytes to transform. + * @param out The output buffer. + * @param outOffset The offest into the output buffer. + * @param random The ARCFOUR PRNG. + */ + private static void transformRC4(byte[] in, int off, int len, + byte[] out, int outOffset, IRandom random) + { + if (random == null) + { + throw new IllegalStateException(); + } + if (in == null || out == null) + { + throw new NullPointerException(); + } + if (off < 0 || off + len > in.length || + outOffset < 0 || outOffset + len > out.length) + { + throw new ArrayIndexOutOfBoundsException(); + } + + try + { + for (int i = 0; i < len; i++) + { + out[outOffset+i] = (byte) (in[off+i] ^ random.nextByte()); + } + } + catch (LimitReachedException cannotHappen) + { + throw new Error(cannotHappen.toString()); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Handshake.java b/libjava/classpath/gnu/javax/net/ssl/provider/Handshake.java new file mode 100644 index 0000000..ef9e723 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Handshake.java @@ -0,0 +1,440 @@ +/* Handshake.java -- SSL handshake message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.security.PublicKey; + +import java.util.ArrayList; +import java.util.Collections; + +import javax.net.ssl.SSLProtocolException; + +final class Handshake implements Constructed +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final buffer BUF = new buffer(); + + private final Type type; + private final Body body; + + // Constructors. + // ------------------------------------------------------------------------- + + Handshake(Type type, Body body) + { + this.type = type; + this.body = body; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static Handshake read(byte[] buffer) throws IOException + { + return read(new ByteArrayInputStream(buffer)); + } + + static Handshake read(byte[] buffer, CipherSuite suite, PublicKey key) + throws IOException + { + return read(new ByteArrayInputStream(buffer), suite, key); + } + + static Handshake read(InputStream in) throws IOException + { + return read(in, null, null); + } + + static Handshake read(InputStream in, CipherSuite suite, PublicKey key) + throws IOException + { + return read(in, suite, key, null); + } + + static Handshake read(InputStream in, CertificateType certType) + throws IOException + { + return read(in, null, null, certType); + } + + static Handshake read(InputStream in, CipherSuite suite, PublicKey key, + CertificateType certType) + throws IOException + { + Type type = Type.read(in); + byte[] lenbuf = new byte[3]; + in.read(lenbuf); + int len = (lenbuf[0] & 0xFF) << 16 | (lenbuf[1] & 0xFF) << 8 + | (lenbuf[2] & 0xFF); + Body body = null; + if (type == Type.HELLO_REQUEST) + { + body = null; + } + else if (type == Type.CLIENT_HELLO) + { + // Most likely a V2 hello. If the first byte is 0x30, and if this + // is not a V2 client hello, then it is a V3 client hello with + // at least 1.5 million cipher specs, which is unlikely. + if (lenbuf[0] == 3 && (lenbuf[1] >= 0 && lenbuf[1] <= 2)) + { + ProtocolVersion vers = null; + switch (lenbuf[1]) + { + case 0: + vers = ProtocolVersion.SSL_3; + break; + case 1: + vers = ProtocolVersion.TLS_1; + break; + case 2: + vers = ProtocolVersion.TLS_1_1; + break; + } + int specLen = (lenbuf[2] & 0xFF) << 8 | (in.read() & 0xFF); + int idLen = (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + int chalLen = (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + + ArrayList suites = new ArrayList(specLen / 3); + for (int i = 0; i < specLen; i += 3) + { + if (in.read() == 0) + { + suites.add(CipherSuite.read(in).resolve(vers)); + } + else + { + in.read(); + in.read(); + } + } + byte[] id = new byte[idLen]; + in.read(id); + byte[] challenge = new byte[chalLen]; + in.read(challenge); + if (challenge.length > 32) + challenge = Util.trim(challenge, 32); + else if (challenge.length < 32) + { + byte[] b = new byte[32]; + System.arraycopy(challenge, 0, b, b.length - challenge.length, + challenge.length); + challenge = b; + } + int time = (challenge[0] & 0xFF) << 24 | (challenge[1] & 0xFF) << 16 + | (challenge[2] & 0xFF) << 8 | (challenge[3] & 0xFF); + Random rand = new Random(time, Util.trim(challenge, 4, 28)); + return new Handshake(Handshake.Type.CLIENT_HELLO, + new ClientHello(vers, rand, id, suites, + Collections.singletonList(CompressionMethod.NULL))); + } + // Since hello messages may contain extensions, we read the whole + // thing here. + byte[] buf = new byte[len]; + int count = 0; + while (count < len) + { + int l = in.read(buf, count, len - count); + if (l == -1) + { + throw new EOFException("unexpected end of input stream"); + } + count += l; + } + body = ClientHello.read(new ByteArrayInputStream(buf)); + } + else if (type == Type.SERVER_HELLO) + { + byte[] buf = new byte[len]; + int count = 0; + while (count < len) + { + int l = in.read(buf, count, len - count); + if (l == -1) + { + throw new EOFException("unexpected end of input stream"); + } + count += l; + } + body = ServerHello.read(new ByteArrayInputStream(buf)); + } + else if (type == Type.CERTIFICATE) + { + body = Certificate.read(in, certType); + } + else if (type == Type.SERVER_KEY_EXCHANGE) + { + body = ServerKeyExchange.read(in, suite, key); + } + else if (type == Type.CERTIFICATE_REQUEST) + { + body = CertificateRequest.read(in); + } + else if (type == Type.CERTIFICATE_VERIFY) + { + body = (CertificateVerify) CertificateVerify.read(in, suite, key); + } + else if (type == Type.CLIENT_KEY_EXCHANGE) + { + body = ClientKeyExchange.read(in, suite, key); + } + else if (type == Type.SERVER_HELLO_DONE) + { + body = null; + } + else if (type == Type.FINISHED) + { + body = Finished.read(in, suite); + } + else + { + throw new SSLProtocolException("unknown HandshakeType: " + + type.getValue()); + } + + return new Handshake(type, body); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) + { + throw new UnsupportedOperationException(); + } + + public int write(OutputStream out, ProtocolVersion version) + throws IOException + { + out.write(type.getValue()); + if (body == null) + { + out.write(0); + out.write(0); + out.write(0); + return 4; + } + else + { + ByteArrayOutputStream bout = BUF.getBuffer(); + bout.reset(); + if (body instanceof ServerKeyExchange) + { + ((ServerKeyExchange) body).write(bout, version); + } + else if (body instanceof ClientKeyExchange) + { + ((ClientKeyExchange) body).write(bout, version); + } + else if (body instanceof CertificateVerify) + { + ((CertificateVerify) body).write(bout, version); + } + else + { + body.write(bout); + } + out.write(bout.size() >>> 16 & 0xFF); + out.write(bout.size() >>> 8 & 0xFF); + out.write(bout.size() & 0xFF); + bout.writeTo(out); + return 4 + bout.size(); + } + } + + Type getType() + { + return type; + } + + Body getBody() + { + return body; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + String nl = System.getProperty("line.separator"); + StringBuffer buf = new StringBuffer(); + out.println("struct {"); + out.println(" type = " + type + ";"); + if (body != null) + { + BufferedReader r = new BufferedReader(new StringReader(body.toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + } + out.println("} Handshake;"); + return str.toString(); + } + + // Inner class. + // ------------------------------------------------------------------------- + + static interface Body extends Constructed + { + } + + static class Type implements Enumerated + { + + // Constants and fields. + // ----------------------------------------------------------------------- + + public static final Type + HELLO_REQUEST = new Type( 0), CLIENT_HELLO = new Type( 1), + SERVER_HELLO = new Type( 2), CERTIFICATE = new Type(11), + SERVER_KEY_EXCHANGE = new Type(12), CERTIFICATE_REQUEST = new Type(13), + SERVER_HELLO_DONE = new Type(14), CERTIFICATE_VERIFY = new Type(15), + CLIENT_KEY_EXCHANGE = new Type(16), FINISHED = new Type(20), + CERTIFICATE_URL = new Type(21), CERTIFICATE_STATUS = new Type(22); + + private final int value; + + // Constructor. + // ----------------------------------------------------------------------- + + private Type(int value) + { + this.value = value; + } + + // Class methods. + // ----------------------------------------------------------------------- + + public static Type read(InputStream in) throws IOException + { + int i = in.read(); + if (i == -1) + { + throw new EOFException("unexpected end of input stream"); + } + switch (i & 0xFF) + { + case 0: return HELLO_REQUEST; + case 1: return CLIENT_HELLO; + case 2: return SERVER_HELLO; + case 11: return CERTIFICATE; + case 12: return SERVER_KEY_EXCHANGE; + case 13: return CERTIFICATE_REQUEST; + case 14: return SERVER_HELLO_DONE; + case 15: return CERTIFICATE_VERIFY; + case 16: return CLIENT_KEY_EXCHANGE; + case 20: return FINISHED; + case 21: return CERTIFICATE_URL; + case 22: return CERTIFICATE_STATUS; + default: return new Type(i); + } + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getEncoded() + { + return new byte[] { (byte) value }; + } + + public int getValue() + { + return value; + } + + public String toString() + { + switch (value) + { + case 0: return "hello_request"; + case 1: return "client_hello"; + case 2: return "server_hello"; + case 11: return "certificate"; + case 12: return "server_key_exchange"; + case 13: return "certificate_request"; + case 14: return "server_hello_done"; + case 15: return "certificate_verify"; + case 16: return "client_key_exchange"; + case 20: return "finished"; + case 21: return "certificate_url"; + case 22: return "certificate_status"; + default: return "unknown(" + value + ")"; + } + } + } + + private static class buffer extends ThreadLocal + { + static final int SIZE = 2048; + + protected Object initialValue() + { + return new ByteArrayOutputStream(SIZE); + } + + ByteArrayOutputStream getBuffer() + { + return (ByteArrayOutputStream) get(); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JCESecurityParameters.java b/libjava/classpath/gnu/javax/net/ssl/provider/JCESecurityParameters.java new file mode 100644 index 0000000..6663c97 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JCESecurityParameters.java @@ -0,0 +1,307 @@ +/* JCESecurityParameters.java -- JCE-based security parameters. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayOutputStream; + +import java.util.Arrays; +import java.util.zip.DataFormatException; +import java.util.zip.Deflater; +import java.util.zip.Inflater; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.Mac; + +import javax.net.ssl.SSLException; + +class JCESecurityParameters implements SecurityParameters +{ + + // Fields. + // ------------------------------------------------------------------------- + + private Cipher inCipher, outCipher; + private Mac inMac, outMac; + private Inflater inflater; + private Deflater deflater; + private int fragmentLength; + private long inSequence, outSequence; + private ProtocolVersion version; + + // Constructors. + // ------------------------------------------------------------------------- + + JCESecurityParameters () + { + fragmentLength = 16384; + inSequence = 0L; + outSequence = 0L; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void reset() + { + inCipher = null; + outCipher = null; + inMac = null; + outMac = null; + deflater = null; + inflater = null; + } + + public void setInCipher (Object inCipher) + { + this.inCipher = (Cipher) inCipher; + } + + public void setOutCipher (Object outCipher) + { + this.outCipher = (Cipher) outCipher; + } + + public void setInMac (Object inMac) + { + this.inMac = (Mac) inMac; + inSequence = 0L; + } + + public void setOutMac (Object outMac) + { + this.outMac = (Mac) outMac; + outSequence = 0L; + } + + public void setDeflating (boolean deflate) + { + if (deflate) + { + if (deflater == null) + deflater = new Deflater(); + } + else + deflater = null; + } + + public void setInflating (boolean inflate) + { + if (inflate) + { + if (inflater == null) + inflater = new Inflater(); + } + else + inflater = null; + } + + public int getFragmentLength() + { + return fragmentLength; + } + + public void setFragmentLength (int fragmentLength) + { + this.fragmentLength = fragmentLength; + } + + public ProtocolVersion getVersion() + { + return version; + } + + public void setVersion (ProtocolVersion version) + { + this.version = version; + } + + public synchronized byte[] decrypt (byte[] fragment, ProtocolVersion version, + ContentType type) + throws MacException, OverflowException, SSLException + { + boolean badpad = false; + if (inCipher != null) + { + // We imagine that the JCE would be used in cases where hardware + // acceleration is available, since it isn't really that useful for + // pure Java crypto. We decrypt (and encrypt, below) in one go + // to minimize (potential) calls to native methods. + try + { + fragment = inCipher.doFinal (fragment); + } + catch (BadPaddingException bpe) + { + badpad = true; + } + catch (IllegalBlockSizeException ibse) + { + badpad = true; + } + } + + if (inMac != null) + { + int macLen = inMac.getMacLength(); + int fragLen = fragment.length - macLen; + byte[] mac = Util.trim (fragment, fragLen, macLen); + fragment = Util.trim (fragment, fragLen); + inMac.update ((byte) (inSequence >>> 56)); + inMac.update ((byte) (inSequence >>> 48)); + inMac.update ((byte) (inSequence >>> 40)); + inMac.update ((byte) (inSequence >>> 32)); + inMac.update ((byte) (inSequence >>> 24)); + inMac.update ((byte) (inSequence >>> 16)); + inMac.update ((byte) (inSequence >>> 8)); + inMac.update ((byte) inSequence); + inMac.update ((byte) type.getValue()); + if (version != ProtocolVersion.SSL_3) + { + inMac.update ((byte) version.getMajor()); + inMac.update ((byte) version.getMinor()); + } + inMac.update ((byte) (fragLen >>> 8)); + inMac.update ((byte) fragLen); + inMac.update (fragment); + if (!Arrays.equals (mac, inMac.doFinal()) || badpad) + throw new MacException(); + } + + if (inflater != null) + { + byte[] buf = new byte[1024]; + ByteArrayOutputStream bout = new ByteArrayOutputStream (fragment.length << 1); + inflater.setInput (fragment); + int len; + try + { + while ((len = inflater.inflate (buf)) > 0) + { + bout.write (buf, 0, len); + if (bout.size() > fragmentLength + 1024) + throw new OverflowException ("inflated data too large"); + } + } + catch (DataFormatException dfe) + { + throw new SSLException (String.valueOf (dfe)); + } + fragment = bout.toByteArray(); + inflater.reset(); + } + + inSequence++; + return fragment; + } + + public synchronized byte[] encrypt (byte[] fragment, int off, int len, + ContentType type) + throws OverflowException, SSLException + { + if (deflater != null) + { + byte[] buf = new byte[1024]; + ByteArrayOutputStream bout = new ByteArrayOutputStream (len >>> 1); + deflater.setInput (fragment, off, len); + deflater.finish(); + len = 0; + while ((len = deflater.deflate (buf)) > 0) + bout.write (buf, 0, len); + // This should technically never happen for zlib. + if (bout.size() > fragmentLength + 1024) + throw new OverflowException ("deflated data too large"); + fragment = bout.toByteArray(); + off = 0; + len = fragment.length; + deflater.reset(); + } + + if (outMac != null) + { + outMac.update ((byte) (inSequence >>> 56)); + outMac.update ((byte) (inSequence >>> 48)); + outMac.update ((byte) (inSequence >>> 40)); + outMac.update ((byte) (inSequence >>> 32)); + outMac.update ((byte) (inSequence >>> 24)); + outMac.update ((byte) (inSequence >>> 16)); + outMac.update ((byte) (inSequence >>> 8)); + outMac.update ((byte) inSequence); + outMac.update ((byte) type.getValue()); + if (version != ProtocolVersion.SSL_3) + { + outMac.update ((byte) version.getMajor()); + outMac.update ((byte) version.getMinor()); + } + outMac.update ((byte) (len >>> 8)); + outMac.update ((byte) len); + outMac.update (fragment, off, len); + fragment = Util.concat (fragment, outMac.doFinal()); + off = 0; + len = fragment.length; + } + + if (outCipher != null) + { + try + { + fragment = outCipher.doFinal (fragment, off, len); + } + catch (BadPaddingException shouldNeverHappen) + { + // This is nonsensical. Don't even pretend that we can handle this. + throw new RuntimeException ("bad padding thrown while encrypting"); + } + catch (IllegalBlockSizeException ibse) + { + // Ditto. + throw new RuntimeException ("illegal block size thrown while encrypting"); + } + off = 0; + len = fragment.length; + } + + outSequence++; + if (off == 0 && len == fragment.length) + return fragment; + else + return Util.trim (fragment, off, len); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JDBCSessionContext.java b/libjava/classpath/gnu/javax/net/ssl/provider/JDBCSessionContext.java new file mode 100644 index 0000000..2b9b140 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JDBCSessionContext.java @@ -0,0 +1,356 @@ +/* JDBCSessionContext.java -- database persistent sessions. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayOutputStream; +import java.io.InputStream; + +import java.security.SecureRandom; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; + +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.sql.Timestamp; +import java.sql.Types; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.Enumeration; +import java.util.TreeSet; +import java.util.Vector; + +import javax.net.ssl.SSLSession; + +/** + * The SQL table this class stores sessions in, called SESSIONS, + * looks like this: + * + * 

    + * TABLE SESSIONS (
+ *   ID             VARBINARY(32) PRIMARY KEY UNIQUE NOT NULL,
+ *   CREATED        TIMESTAMP NOT NULL,
+ *   LAST_ACCESSED  TIMESTAMP NOT NULL,
+ *   PROTOCOL       VARCHAR(7) NOT NULL,
+ *   SUITE          VARCHAR(255) NOT NULL,
+ *   PEER_HOST      TEXT NOT NULL,
+ *   PEER_CERT_TYPE VARCHAR(32),
+ *   PEER_CERTS     BLOB,
+ *   CERT_TYPE      VARCHAR(32),
+ *   CERTS          BLOB,
+ *   SECRET         VARBINARY(48) NOT NULL
+ * )
+ *
    + * + *

    Note that the master secret for sessions is not protected before + * being inserted into the database; it is up to the system to protect + * the stored data from unauthorized access. + */ +class JDBCSessionContext extends SessionContext +{ + + // Fields. + // ------------------------------------------------------------------------- + + protected Connection connection; + protected PreparedStatement selectById; + protected PreparedStatement insert; + protected PreparedStatement selectTimestamp; + protected PreparedStatement updateTimestamp; + protected PreparedStatement deleteSession; + + // Constructor. + // ------------------------------------------------------------------------- + + JDBCSessionContext() throws SQLException + { + String url = Util.getSecurityProperty("jessie.SessionContext.jdbc.url"); + String user = Util.getSecurityProperty("jessie.SessionContext.jdbc.user"); + String passwd = Util.getSecurityProperty("jessie.SessionContext.jdbc.password"); + if (url == null) + { + throw new IllegalArgumentException("no JDBC URL"); + } + if (user == null || passwd == null) + { + connection = DriverManager.getConnection(url); + } + else + { + connection = DriverManager.getConnection(url, user, passwd); + } + selectById = + connection.prepareStatement("SELECT * FROM SESSIONS WHERE ID = ?"); + insert = connection.prepareStatement("INSERT INTO SESSIONS VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); + selectTimestamp = + connection.prepareStatement("SELECT CREATED FROM SESSIONS WHERE ID = ?"); + updateTimestamp = + connection.prepareStatement("UPDATE SESSIONS SET LAST_ACCESSED = ? WHERE ID = ?"); + deleteSession = + connection.prepareStatement("DELETE FROM SESSIONS WHERE ID = ?"); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public synchronized Enumeration getIds() + { + Vector ids = new Vector(); + try + { + Statement stmt = connection.createStatement(); + ResultSet rs = stmt.executeQuery("SELECT ID FROM SESSIONS"); + while (rs.next()) + { + byte[] id = rs.getBytes("ID"); + ids.add(id); + } + } + catch (SQLException sqle) + { + } + return ids.elements(); + } + + public synchronized SSLSession getSession(byte[] sessionId) + { + Session session = (Session) super.getSession(sessionId); + if (session == null) + { + try + { + selectById.setBytes(1, sessionId); + ResultSet rs = selectById.executeQuery(); + if (rs.next()) + { + session = new Session(rs.getTimestamp("CREATED").getTime()); + session.enabledSuites = new ArrayList(SSLSocket.supportedSuites); + session.enabledProtocols = new TreeSet(SSLSocket.supportedProtocols); + session.random = new SecureRandom(); + session.context = this; + session.sessionId = new Session.ID(rs.getBytes("ID")); + session.setLastAccessedTime(rs.getTimestamp("LAST_ACCESSED").getTime()); + long elapsed = System.currentTimeMillis() - session.getLastAccessedTime(); + if ((int) (elapsed / 1000L) > timeout) + { + removeSession(session.sessionId); + return null; + } + session.peerHost = rs.getString("PEER_HOST"); + String protocol = rs.getString("PROTOCOL"); + if (protocol.equals("SSLv3")) + { + session.protocol = ProtocolVersion.SSL_3; + } + else if (protocol.equals("TLSv1")) + { + session.protocol = ProtocolVersion.TLS_1; + } + else if (protocol.equals("TLSv1.1")) + { + session.protocol = ProtocolVersion.TLS_1_1; + } + else + { + return null; + } + session.cipherSuite = CipherSuite.forName(rs.getString("SUITE")); + String type = rs.getString("PEER_CERT_TYPE"); + boolean wasNull = rs.wasNull(); + InputStream certs = null; + if (!wasNull) + { + certs = rs.getBinaryStream("PEER_CERTS"); + wasNull = rs.wasNull(); + } + if (!wasNull) + { + CertificateFactory cf = CertificateFactory.getInstance(type); + session.peerCerts = (Certificate[]) + cf.generateCertificates(certs).toArray(new Certificate[0]); + session.peerVerified = true; + } + type = rs.getString("CERT_TYPE"); + wasNull = rs.wasNull(); + if (!wasNull) + { + certs = rs.getBinaryStream("CERTS"); + wasNull = rs.wasNull(); + } + if (!wasNull) + { + CertificateFactory cf = CertificateFactory.getInstance(type); + session.localCerts = (Certificate[]) + cf.generateCertificates(certs).toArray(new Certificate[0]); + } + session.masterSecret = rs.getBytes("SECRET"); + if (cacheSize == 0 || sessions.size() < cacheSize) + { + sessions.put(session.sessionId, session); + } + } + } + catch (Exception ex) + { + } + } + return session; + } + + synchronized boolean addSession(Session.ID id, Session s) + { + if (containsSessionID(id)) + { + return false; + } + try + { + insert.setBytes(1, id.getId()); + insert.setTimestamp(2, new Timestamp(s.getCreationTime())); + insert.setTimestamp(3, new Timestamp(s.getLastAccessedTime())); + insert.setString(4, s.getProtocol()); + insert.setString(5, s.getCipherSuite()); + insert.setString(6, s.peerHost); + if (s.peerCerts != null && s.peerCerts.length > 0) + { + insert.setString(7, s.peerCerts[0].getType()); + insert.setBytes(8, certs(s.peerCerts)); + } + else + { + insert.setNull(7, Types.VARCHAR); + insert.setNull(8, Types.LONGVARBINARY); + } + if (s.localCerts != null && s.localCerts.length > 0) + { + insert.setString(9, s.localCerts[0].getType()); + insert.setBytes(10, certs(s.localCerts)); + } + else + { + insert.setNull(9, Types.VARCHAR); + insert.setNull(10, Types.LONGVARBINARY); + } + insert.setBytes(11, s.masterSecret); + insert.executeUpdate(); + super.addSession(id, s); + } + catch (SQLException sqle) + { + return false; + } + return true; + } + + synchronized boolean containsSessionID(Session.ID sessionId) + { + try + { + selectTimestamp.setBytes(1, sessionId.getId()); + ResultSet rs = selectTimestamp.executeQuery(); + if (!rs.next()) + { + return false; + } + Timestamp ts = rs.getTimestamp("CREATED"); + if (rs.wasNull()) + { + return false; + } + long elapsed = System.currentTimeMillis() - ts.getTime(); + if ((int) (elapsed / 1000) > timeout) + { + removeSession(sessionId); + return false; + } + return true; + } + catch (SQLException sqle) + { + return false; + } + } + + protected boolean removeSession(Session.ID sessionId) + { + super.removeSession(sessionId); + try + { + deleteSession.setBytes(1, sessionId.getId()); + return deleteSession.executeUpdate() > 0; + } + catch (SQLException sqle) + { + } + return false; + } + + synchronized void notifyAccess(Session session) + { + try + { + updateTimestamp.setTimestamp(1, new Timestamp(session.getLastAccessedTime())); + updateTimestamp.setBytes(2, session.getId()); + updateTimestamp.executeUpdate(); + } + catch (SQLException sqle) + { + } + } + + private byte[] certs(Certificate[] certs) + { + ByteArrayOutputStream out = new ByteArrayOutputStream(2048); + for (int i = 0; i < certs.length; i++) + { + try + { + out.write(certs[i].getEncoded()); + } + catch (Exception x) + { + } + } + return out.toByteArray(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Jessie.java b/libjava/classpath/gnu/javax/net/ssl/provider/Jessie.java new file mode 100644 index 0000000..14b671d --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Jessie.java @@ -0,0 +1,91 @@ +/* Jessie.java -- JESSIE's JSSE provider. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Provider; + +/** + * This is the security provider for Jessie. It implements the following + * algorithms: + * + * 

    + * {@link javax.net.ssl.SSLContext}.SSLv3
+ * {@link javax.net.ssl.SSLContext}.SSL
+ * {@link javax.net.ssl.SSLContext}.TLSv1
+ * {@link javax.net.ssl.SSLContext}.TLS
+ * {@link javax.net.ssl.KeyManagerFactory}.JessieX509
+ * {@link javax.net.ssl.TrustManagerFactory}.JessieX509
+ * {@link javax.net.ssl.TrustManagerFactory}.SRP
+ *
    + * + */ +public class Jessie extends Provider +{ + + public static final String VERSION = "1.0.0"; + public static final double VERSION_DOUBLE = 1.0; + + public Jessie() + { + super("Jessie", VERSION_DOUBLE, + "Implementing SSLv3, TLSv1 SSL Contexts; X.509 Key Manager Factories;" + + System.getProperty("line.separator") + + "X.509 and SRP Trust Manager Factories, continuously-seeded secure random." ); + + AccessController.doPrivileged(new PrivilegedAction() + { + public Object run() + { + put("SSLContext.SSLv3", Context.class.getName()); + put("Alg.Alias.SSLContext.SSL", "SSLv3"); + put("Alg.Alias.SSLContext.TLSv1", "SSLv3"); + put("Alg.Alias.SSLContext.TLS", "SSLv3"); + //put("Alg.Alias.SSLContext.TLSv1.1", "SSLv3"); + + put("KeyManagerFactory.JessieX509", X509KeyManagerFactory.class.getName()); + put("TrustManagerFactory.JessieX509", X509TrustManagerFactory.class.getName()); + put("TrustManagerFactory.SRP", SRPTrustManagerFactory.class.getName()); + + return null; + } + }); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPrivateKey.java b/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPrivateKey.java new file mode 100644 index 0000000..1997458 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPrivateKey.java @@ -0,0 +1,99 @@ +/* JessieDHPrivateKey.java -- simple DH private key. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.spec.DHParameterSpec; + +class JessieDHPrivateKey implements DHPrivateKey +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final DHParameterSpec params; + private final BigInteger x; + + // Constructor. + // ------------------------------------------------------------------------- + + JessieDHPrivateKey(DHParameterSpec params, BigInteger x) + { + this.params = params; + this.x = x; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String getAlgorithm() + { + return "Diffie-Hellman"; + } + + public String getFormat() + { + return "NONE"; + } + + public byte[] getEncoded() + { + return null; + } + + public DHParameterSpec getParams() + { + return params; + } + + public BigInteger getX() + { + return x; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + return "P: " + params.getP() + nl + + "G: " + params.getG() + nl + + "X: " + x; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPublicKey.java b/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPublicKey.java new file mode 100644 index 0000000..dc65872 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JessieDHPublicKey.java @@ -0,0 +1,99 @@ +/* JessieDHPublicKey.java -- simple DH public key. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; + +class JessieDHPublicKey implements DHPublicKey +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final DHParameterSpec params; + private final BigInteger y; + + // Constructor. + // ------------------------------------------------------------------------- + + JessieDHPublicKey(DHParameterSpec params, BigInteger y) + { + this.params = params; + this.y = y; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String getAlgorithm() + { + return "Diffie-Hellman"; + } + + public String getFormat() + { + return "NONE"; + } + + public byte[] getEncoded() + { + return null; + } + + public DHParameterSpec getParams() + { + return params; + } + + public BigInteger getY() + { + return y; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + return "P: " + params.getP() + nl + + "G: " + params.getG() + nl + + "Y: " + y; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java b/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java new file mode 100644 index 0000000..4ec71a7 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java @@ -0,0 +1,98 @@ +/* JessieRSAPrivateKey.java -- simple RSA private key. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; +import java.security.interfaces.RSAPrivateKey; + +class JessieRSAPrivateKey implements RSAPrivateKey +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final BigInteger modulus; + private final BigInteger exponent; + + // Constructor. + // ------------------------------------------------------------------------- + + JessieRSAPrivateKey(BigInteger modulus, BigInteger exponent) + { + this.modulus = modulus; + this.exponent = exponent; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String getAlgorithm() + { + return "RSA"; + } + + public String getFormat() + { + return "NONE"; + } + + public byte[] getEncoded() + { + return null; + } + + public BigInteger getModulus() + { + return modulus; + } + + public BigInteger getPrivateExponent() + { + return exponent; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + return "RSAPrivateKey {" + nl + + " modulus = " + modulus.toString(16) + ";" + nl + + " exponent = " + exponent.toString(16) + ";" + nl + + "};"; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPublicKey.java b/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPublicKey.java new file mode 100644 index 0000000..19921d9 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/JessieRSAPublicKey.java @@ -0,0 +1,98 @@ +/* JessieRSAPublicKey.java -- simple RSA public key. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; +import java.security.interfaces.RSAPublicKey; + +class JessieRSAPublicKey implements RSAPublicKey +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final BigInteger modulus; + private final BigInteger exponent; + + // Constructor. + // ------------------------------------------------------------------------- + + JessieRSAPublicKey(BigInteger modulus, BigInteger exponent) + { + this.modulus = modulus; + this.exponent = exponent; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String getAlgorithm() + { + return "RSA"; + } + + public String getFormat() + { + return "NONE"; + } + + public byte[] getEncoded() + { + return null; + } + + public BigInteger getModulus() + { + return modulus; + } + + public BigInteger getPublicExponent() + { + return exponent; + } + + public String toString() + { + String nl = System.getProperty("line.separator"); + return "RSAPublicKey {" + nl + + " modulus = " + modulus.toString(16) + ";" + nl + + " exponent = " + exponent.toString(16) + ";" + nl + + "};"; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java b/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java new file mode 100644 index 0000000..e342700 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/KeyPool.java @@ -0,0 +1,119 @@ +/* KeyPool.java -- A set of ephemeral key pairs. + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.Security; +import java.util.LinkedList; +import javax.crypto.spec.DHParameterSpec; + +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.Prime2; + +final class KeyPool +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final BigInteger ONE = BigInteger.ONE; + private static final BigInteger TWO = BigInteger.valueOf(2L); + private static final BigInteger E = BigInteger.valueOf(65537L); + private static final SecureRandom RANDOM = new SecureRandom (); + + // Constructor. + // ------------------------------------------------------------------------- + + private KeyPool() + { + } + + // Class methods. + // ------------------------------------------------------------------------- + + /** + * Generate an export-class (512 bit) RSA key pair. + * + * @return The new key pair. + */ + static KeyPair generateRSAKeyPair() + { + BigInteger p, q, n, d; + + // Simplified version of GNU Crypto's RSAKeyPairGenerator. + + int M = 256; + BigInteger lower = TWO.pow(255); + BigInteger upper = TWO.pow(256).subtract(ONE); + byte[] kb = new byte[32]; + while (true) + { + nextBytes(kb); + p = new BigInteger(1, kb).setBit(0); + if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0 && + Prime2.isProbablePrime(p) && p.gcd(E).equals(ONE)) + break; + } + + while (true) + { + nextBytes(kb); + q = new BigInteger(1, kb).setBit(0); + n = q.multiply(p); + if (n.bitLength() == 512 && Prime2.isProbablePrime(q) && + q.gcd(E).equals(ONE)) + break; + } + + d = E.modInverse(p.subtract(ONE).multiply(q.subtract(ONE))); + + return new KeyPair(new JessieRSAPublicKey(n, E), + new JessieRSAPrivateKey(n, d)); + } + + private static void nextBytes(byte[] buf) + { + RANDOM.nextBytes (buf); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/MacException.java b/libjava/classpath/gnu/javax/net/ssl/provider/MacException.java new file mode 100644 index 0000000..b8c479f --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/MacException.java @@ -0,0 +1,53 @@ +/* MacException.java -- signals a bad record MAC. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; + +class MacException extends IOException +{ + + // Constructor. + // ------------------------------------------------------------------------- + + MacException() + { + super(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/OverflowException.java b/libjava/classpath/gnu/javax/net/ssl/provider/OverflowException.java new file mode 100644 index 0000000..93bdcaec --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/OverflowException.java @@ -0,0 +1,57 @@ +/* OverflowException.java -- signals an input overflow. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; + +class OverflowException extends IOException +{ + + // Constructors. + // ------------------------------------------------------------------------- + + OverflowException() + { + } + + OverflowException(String msg) + { + super(msg); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ProtocolVersion.java b/libjava/classpath/gnu/javax/net/ssl/provider/ProtocolVersion.java new file mode 100644 index 0000000..5f5d1d9 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ProtocolVersion.java @@ -0,0 +1,180 @@ +/* ProtocolVersion.java -- An SSL version number. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; + +final class ProtocolVersion implements Comparable, Constructed +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + static final ProtocolVersion SSL_3 = new ProtocolVersion(3, 0); + static final ProtocolVersion TLS_1 = new ProtocolVersion(3, 1); + static final ProtocolVersion TLS_1_1 = new ProtocolVersion(3, 2); + + private final int major; + private final int minor; + + // Constructor. + // ------------------------------------------------------------------------- + + private ProtocolVersion(int major, int minor) + { + this.major = major; + this.minor = minor; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static ProtocolVersion read(InputStream in) throws IOException + { + int major = in.read() & 0xFF; + int minor = in.read() & 0xFF; + return getInstance(major, minor); + } + + static ProtocolVersion getInstance(int major, int minor) + { + if (major == 3) + { + switch (minor) + { + case 0: return SSL_3; + case 1: return TLS_1; + case 2: return TLS_1_1; + } + } + return new ProtocolVersion(major, minor); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + out.write(major); + out.write(minor); + } + + byte[] getEncoded() + { + return new byte[] { + (byte) major, (byte) minor + }; + } + + int getMajor() + { + return major; + } + + int getMinor() + { + return minor; + } + + public boolean equals(Object o) + { + if (o == null || !(o instanceof ProtocolVersion)) + { + return false; + } + return ((ProtocolVersion) o).major == this.major + && ((ProtocolVersion) o).minor == this.minor; + } + + public int hashCode() + { + return major << 8 | minor; + } + + public int compareTo(Object o) + { + if (o == null || !(o instanceof ProtocolVersion)) + { + return 1; + } + if (this.equals(o)) + { + return 0; + } + if (major > ((ProtocolVersion) o).major) + { + return 1; + } + else if (major < ((ProtocolVersion) o).major) + { + return -1; + } + if (minor > ((ProtocolVersion) o).minor) + { + return 1; + } + else if (minor < ((ProtocolVersion) o).minor) + { + return -1; + } + return 0; + } + + public String toString() + { + if (this == SSL_3) + { + return "SSLv3"; + } + else if (this == TLS_1) + { + return "TLSv1"; + } + else if (this == TLS_1_1) + { + return "TLSv1.1"; + } + else + { + return "Unsupported; major=" + major + " minor=" + minor; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Random.java b/libjava/classpath/gnu/javax/net/ssl/provider/Random.java new file mode 100644 index 0000000..c42592b --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Random.java @@ -0,0 +1,124 @@ +/* Random.java -- SSL Random structure. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; + +class Random implements Constructed +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final int gmtUnixTime; + private final byte[] randomBytes; + + // Constructors. + // ------------------------------------------------------------------------- + + Random(int gmtUnixTime, byte[] randomBytes) + { + this.gmtUnixTime = gmtUnixTime; + this.randomBytes = (byte[]) randomBytes.clone(); + } + + // Class methods. + // ------------------------------------------------------------------------- + + static Random read(InputStream in) throws IOException + { + int time = (in.read() & 0xFF) << 24 | (in.read() & 0xFF) << 16 + | (in.read() & 0xFF) << 8 | (in.read() & 0xFF); + byte[] buf = new byte[28]; + in.read(buf); + return new Random(time, buf); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + out.write((gmtUnixTime >>> 24) & 0xFF); + out.write((gmtUnixTime >>> 16) & 0xFF); + out.write((gmtUnixTime >>> 8) & 0xFF); + out.write(gmtUnixTime & 0xFF); + out.write(randomBytes); + } + + byte[] getEncoded() + { + ByteArrayOutputStream bout = new ByteArrayOutputStream(32); + try + { + write(bout); + } + catch (IOException cantHappen) + { + throw new Error(cantHappen.toString()); + } + return bout.toByteArray(); + } + + int getTime() + { + return gmtUnixTime; + } + + byte[] getRandomBytes() + { + return randomBytes; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" gmt_unix_time = " + gmtUnixTime + ";"); + out.println(" random_bytes = " + Util.toHexString(randomBytes, ':') + ";"); + out.println("} Random;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/RecordInput.java b/libjava/classpath/gnu/javax/net/ssl/provider/RecordInput.java new file mode 100644 index 0000000..d4ba5b5 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/RecordInput.java @@ -0,0 +1,232 @@ +/* RecordInput.java -- record layer input. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import gnu.classpath.SystemProperties; +import gnu.classpath.debug.Component; +import gnu.classpath.debug.SystemLogger; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.PrintWriter; + +import java.util.logging.Logger; + +import javax.net.ssl.SSLProtocolException; + +class RecordInput +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final boolean DEBUG_RECORD_LAYER = true; + private static final Logger logger = SystemLogger.SYSTEM; + + private byte[] fragment; + private int index; + private ContentType type; + + private final DataInputStream in; + private Session session; + + // Constructor. + // ------------------------------------------------------------------------- + + RecordInput (final InputStream in, final Session session) + { + this.in = new DataInputStream (in); + this.session = session; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + synchronized int available (ContentType type) throws IOException + { + if (fragment == null) + { + readRecord (); + } + if (type != this.type) + { + return 0; + } + return fragment.length - index; + } + + void setSession (Session session) + { + this.session = session; + } + + synchronized int read (byte[] buf, int off, int len, ContentType type) + throws IOException + { + if (off < 0 || len < 0 || off + len > buf.length) + { + throw new ArrayIndexOutOfBoundsException ("size=" + buf.length + + " off=" + off + " len=" + len); + } + if (fragment == null || index >= fragment.length) + { + readRecord (); + } + if (type != this.type) + { + return 0; + } + len = Math.min (len, fragment.length - index); + System.arraycopy (fragment, index, buf, off, len); + index += len; + return len; + } + + boolean pollClose () throws IOException + { + if (fragment == null || index >= fragment.length) + { + try + { + readRecord(); + } + catch (AlertException ae) + { + Alert alert = ae.getAlert(); + if (alert.getDescription() == Alert.Description.CLOSE_NOTIFY) + { + return true; + } + throw ae; + } + } + return false; + } + + private void readRecord() throws IOException + { + type = ContentType.read (in); + if ((type.getValue() & 0x80) != 0 || (type.getValue() & 0x40) != 0) + { + in.read(); + if ((type.getValue() & 0x40) != 0) + { + in.read(); + } + type = ContentType.read(in); + if (type != ContentType.CLIENT_HELLO_V2) + { + throw new SSLProtocolException("unsupported V2 message"); + } + type = ContentType.HANDSHAKE; + // Record this message, and re-present it as a normal handshake + // layer message. ClientHello will handle the real parsing. + ByteArrayOutputStream buffer = new ByteArrayOutputStream (256); + buffer.write(1); // The type we just read. + RecordingInputStream in2 = new RecordingInputStream (in, buffer); + ProtocolVersion version = ProtocolVersion.read (in2); + if (version.compareTo (ProtocolVersion.SSL_3) < 0) + { + throw new SSLProtocolException("unsupported client version"); + } + int len = (in2.read() & 0xFF) << 8 | (in2.read() & 0xFF); + len += (in2.read() & 0xFF) << 8 | (in2.read() & 0xFF); + len += (in2.read() & 0xFF) << 8 | (in2.read() & 0xFF); + int count = 0; + while (count < len) + { + int l = (int) in2.skip(len - count); + if (l > 0) + { + count += l; + } + } + fragment = buffer.toByteArray (); + index = 0; + + // We can't be encrypted/MACed/compressed here, since a V2 message + // will only be sent as the first message, and only by the client. + return; + } + ProtocolVersion v = ProtocolVersion.read (in); + int len = in.readUnsignedShort (); + if (len > session.params.getFragmentLength() + 2048) + { + throw new OverflowException(); + } + fragment = new byte [len]; + in.readFully (fragment); + + if (DEBUG_RECORD_LAYER) + { + logger.log (Component.SSL_RECORD_LAYER, + ">> READ RECORD <<{4}" + + "struct {{4}" + + " type = {0};{4}" + + " version = {1};{4}" + + " length = {2};{4}" + + "{3}{4}" + + "} TLSCiphertext;", new Object[] + { + type, v, new Integer (len), + Util.hexDump (fragment, " "), + SystemProperties.getProperty ("line.separator") + }); + } + + fragment = session.params.decrypt (fragment, v, type); + index = 0; + + if (session.random != null) + session.random.setSeed (fragment); + + if (type == ContentType.ALERT) + { + Alert alert = Alert.read (new ByteArrayInputStream (fragment)); + session.currentAlert = alert; + } + if (session.currentAlert != null) + { + throw new AlertException (session.currentAlert, false); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/RecordInputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/RecordInputStream.java new file mode 100644 index 0000000..14cf829 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/RecordInputStream.java @@ -0,0 +1,106 @@ +/* RecordInputStream.java -- record layer input stream interface. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; +import java.io.InputStream; + +class RecordInputStream extends InputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + /** + * The record input instance. + */ + private final RecordInput in; + + /** + * The content type this stream is reading. + */ + private final ContentType type; + + // Constructor. + // ------------------------------------------------------------------------- + + RecordInputStream (RecordInput in, ContentType type) + { + this.in = in; + this.type = type; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public int available () throws IOException + { + return in.available (type); + } + + public int read () throws IOException + { + byte[] b = new byte[1]; + int ret; + while ((ret = read (b)) != 1) + { + if (ret == -1) + { + return -1; + } + Thread.yield (); + } + return b[0] & 0xFF; + } + + public int read (byte[] buf) throws IOException + { + return read (buf, 0, buf.length); + } + + public int read (byte[] buf, int off, int len) throws IOException + { + return in.read (buf, off, len, type); + } + + public String toString () + { + return RecordInputStream.class.getName () + " [ type=" + type + " ]"; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/RecordOutputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/RecordOutputStream.java new file mode 100644 index 0000000..3bf228f --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/RecordOutputStream.java @@ -0,0 +1,189 @@ +/* RecordOutputStream.java -- record layer output. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import gnu.classpath.SystemProperties; +import gnu.classpath.debug.Component; +import gnu.classpath.debug.SystemLogger; + +import java.io.FilterOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; + +import java.util.logging.Logger; + +/** + * An output stream for writing data to the record layer. All data written + * to this stream (through any of the write methods) is immediately sent + * as a full record, so it is advisable to write large arrays to the stream + * instead of one byte at a time (alternatively, a {@link + * java.io.BufferedOutputStream} can be used). + */ +class RecordOutputStream extends FilterOutputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final boolean DEBUG_RECORD_LAYER = true; + private static final Logger logger = SystemLogger.SYSTEM; + + /** + * The content type of this output stream. + */ + private final ContentType type; + + /** + * The security parameters. + */ + private final SecurityParameters params; + + private final boolean emitEmpty; + + private static final byte[] ZERO = new byte[0]; + + // Constructor. + // ------------------------------------------------------------------------- + + RecordOutputStream (final OutputStream out, final ContentType type, + final SecurityParameters params) + { + super (out); + this.type = type; + this.params = params; + String empty = Util.getSecurityProperty ("jessie.emit.empty.records"); + if (empty == null) + { + // IE panics if it gets an empty record; so, leave this false + // for the default. + empty = "false"; + } + emitEmpty = Boolean.valueOf (empty).booleanValue () && + type == ContentType.APPLICATION_DATA; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write (int b) throws IOException + { + write (new byte[] { (byte) b }); + } + + public void write (byte[] buf) throws IOException + { + write (buf, 0, buf.length); + } + + public void write (byte[] buf, int off, int len) throws IOException + { + if (off < 0 || len < 0 || off + len > buf.length) + { + throw new ArrayIndexOutOfBoundsException ("size=" + buf.length + + " off=" + off + " len=" + len); + } + + int count = 0; + int len2 = 0; + do + { + if (emitEmpty) + { + byte[] fragment = params.encrypt (ZERO, 0, 0, type); + if (DEBUG_RECORD_LAYER) + { + logger.log (Component.SSL_RECORD_LAYER, + ">> WRITING RECORD <<{4}" + + "struct {{4}" + + " type = {0};{4}" + + " version = {1};{4}" + + " length = {2};{4}" + + "{3}{4}" + + "} TLSCiphertext;", new Object[] + { + type, params.getVersion (), new Integer (fragment.length), + Util.hexDump (fragment, " "), + SystemProperties.getProperty ("line.separator") + }); + } + out.write (type.getValue()); + params.getVersion().write (out); + out.write ((fragment.length >>> 8) & 0xFF); + out.write ( fragment.length & 0xFF); + out.write (fragment); + out.flush (); + } + len2 = Math.min (len - count, params.getFragmentLength()); + if (DEBUG_RECORD_LAYER) + { + logger.log (Component.SSL_RECORD_LAYER, + "writing chunk size={0}", new Integer (len2)); + } + synchronized (out) + { + byte[] fragment = params.encrypt (buf, off + count, len2, type); + if (DEBUG_RECORD_LAYER) + { + logger.log (Component.SSL_RECORD_LAYER, + ">> WRITING RECORD <<{4}" + + "struct {{4}" + + " type = {0};{4}" + + " version = {1};{4}" + + " length = {2};{4}" + + "{3}{4}" + + "} TLSCiphertext;", new Object[] + { + type, params.getVersion (), new Integer (fragment.length), + Util.hexDump (fragment, " "), + SystemProperties.getProperty ("line.separator") + }); + } + out.write (type.getValue()); + params.getVersion().write (out); + out.write ((fragment.length >>> 8) & 0xFF); + out.write ( fragment.length & 0xFF); + out.write (fragment); + out.flush (); + } + count += len2; + } + while (count < len); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/RecordingInputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/RecordingInputStream.java new file mode 100644 index 0000000..d81b652 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/RecordingInputStream.java @@ -0,0 +1,131 @@ +/* RecordingInputStream.java -- Input stream that records data. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayOutputStream; +import java.io.FilterInputStream; +import java.io.InputStream; +import java.io.IOException; + +/** + * A filter input stream that records every byte read from the underlying + * input stream. This class is useful for protocols that require portions + * of the communication to be saved, such as the handshake and key + * derivation in SSL. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +class RecordingInputStream extends FilterInputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + protected ByteArrayOutputStream sink; + + // Constructors. + // ------------------------------------------------------------------------- + + RecordingInputStream(InputStream in) + { + this(in, new ByteArrayOutputStream()); + } + + RecordingInputStream(InputStream in, ByteArrayOutputStream sink) + { + super(in); + this.sink = sink; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public synchronized int read() throws IOException + { + int i = in.read(); + sink.write(i); + return i; + } + + public synchronized int read(byte[] buf, int off, int len) throws IOException + { + int l = in.read(buf, off, len); + sink.write(buf, off, l); + return l; + } + + public synchronized int read(byte[] buf) throws IOException + { + return read(buf, 0, buf.length); + } + + public synchronized long skip(long len) throws IOException + { + long l = 0; + int i = 0; + byte[] buf = new byte[1024]; + while (l < len) + { + i = read(buf, 0, (int) Math.min((long) buf.length, len - l)); + if (i == -1) + break; + l += i; + } + return l; + } + + /** + * Returns all bytes recorded after this instance was created, or the last + * call to {@link resetSink()}. + * + * @return The recorded bytes. + */ + byte[] getBytes() + { + return sink.toByteArray(); + } + + /** + * Clears the recording buffer off all previously-recorded bytes. + */ + void resetSink() + { + sink.reset(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SRPTrustManagerFactory.java b/libjava/classpath/gnu/javax/net/ssl/provider/SRPTrustManagerFactory.java new file mode 100644 index 0000000..5822afe --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SRPTrustManagerFactory.java @@ -0,0 +1,225 @@ +/* SRPTrustManagerFactory.java -- trust manager for SRP. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; +import java.math.BigInteger; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyPair; +import java.security.KeyStore; +import java.security.Security; + +import java.util.HashMap; + +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactorySpi; + +import gnu.java.security.key.IKeyPairGenerator; +import gnu.javax.crypto.key.srp6.SRPKeyPairGenerator; +import gnu.javax.crypto.sasl.srp.PasswordFile; +import gnu.javax.crypto.sasl.srp.SRP; + +import gnu.javax.net.ssl.SRPManagerParameters; +import gnu.javax.net.ssl.SRPTrustManager; + +/** + * This is an implementation of a {@link javax.net.ssl.TrustManagerFactory} + * engine for the ``SRP'' algorithm. You must initialize instances of this + * algorithm with {@link SRPManagerParameters}. + */ +public class SRPTrustManagerFactory extends TrustManagerFactorySpi +{ + + // Field. + // ------------------------------------------------------------------------- + + private Manager current; + + // Constructor. + // ------------------------------------------------------------------------- + + public SRPTrustManagerFactory() + { + super(); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected TrustManager[] engineGetTrustManagers() + { + if (current == null) + throw new IllegalStateException("not initialized"); + return new TrustManager[] { current }; + } + + protected void engineInit(KeyStore ks) + { + throw new IllegalArgumentException("only accepts SRPManagerParameters"); + } + + protected void engineInit(ManagerFactoryParameters params) + throws InvalidAlgorithmParameterException + { + if (params == null) + { + try + { + String srpPasswd = Util.getSecurityProperty("jessie.srp.password.file"); + if (srpPasswd == null) + { + current = new Manager(new PasswordFile()); + return; + } + String srpPasswd2 = Util.getSecurityProperty("jessie.srp.password.file2"); + if (srpPasswd2 == null) + srpPasswd2 = srpPasswd + "2"; + String srpConfig = Util.getSecurityProperty("jessie.srp.config"); + if (srpConfig == null) + srpConfig = srpPasswd + ".conf"; + current = new Manager(new PasswordFile(srpPasswd, srpPasswd2, srpConfig)); + return; + } + catch (IOException ioe) + { + throw new InvalidAlgorithmParameterException("default initialization failed: " + + ioe.toString()); + } + } + if (params instanceof SRPManagerParameters) + { + current = new Manager(((SRPManagerParameters) params).getPasswordFile()); + return; + } + throw new InvalidAlgorithmParameterException(); + } + + // Inner class. + // ------------------------------------------------------------------------- + + private class Manager implements SRPTrustManager + { + + // Field. + // ----------------------------------------------------------------------- + + private final PasswordFile file; + + // Constructor. + // ----------------------------------------------------------------------- + + Manager(PasswordFile file) + { + this.file = file; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public boolean contains(String user) + { + try + { + return file.contains(user); + } + catch (IOException ioe) { } + return false; + } + + public KeyPair getKeyPair(String user) + { + try + { + if (file.contains(user)) + { + SRP srp = SRP.instance("SHA"); + String[] ent = file.lookup(user, "SHA"); + String[] cnf = file.lookupConfig(ent[2]); + BigInteger v, N, g; + v = new BigInteger(1, gnu.java.security.util.Util.fromBase64(ent[0])); + N = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[0])); + g = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[1])); + IKeyPairGenerator kpg = new SRPKeyPairGenerator(); + HashMap attr = new HashMap(); + attr.put(SRPKeyPairGenerator.SHARED_MODULUS, N); + attr.put(SRPKeyPairGenerator.GENERATOR, g); + attr.put(SRPKeyPairGenerator.USER_VERIFIER, v); + kpg.setup(attr); + return kpg.generate(); + } + } + catch (IOException ioe) { } + return null; + } + + public byte[] getSalt(String user) + { + try + { + if (file.contains(user)) + { + return gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[1]); + } + } + catch (IOException ioe) { } + return null; + } + + public BigInteger getVerifier(String user) + { + try + { + if (file.contains(user)) + { + return new BigInteger(1, + gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[0])); + } + } + catch (IOException ioe) { } + return null; + } + + public PasswordFile getPasswordFile() + { + return file; + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLHMac.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLHMac.java new file mode 100644 index 0000000..002b307 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLHMac.java @@ -0,0 +1,158 @@ +/* SSLHMac.java -- SSLv3's MAC algorithm. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.util.Arrays; +import java.util.Map; + +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.javax.crypto.mac.IMac; + +/** + * The MAC function in SSLv3. This mac is defined as: + * + * 
    + * hash(MAC_write_secret, pad_2 +
+ *      hash(MAC_write_secret + pad_1 + data));
    + * + *

    hash is e.g. MD5 or SHA-1, pad_1 is the value + * 0x36 48 times for MD5 and 40 times for SHA-1, and pad_2 is + * the value 0x5c repeated similarly. + */ +class SSLHMac implements IMac, Cloneable +{ + + // Fields. + // ------------------------------------------------------------------------- + + static final byte PAD1 = 0x36; + static final byte PAD2 = 0x5c; + + protected IMessageDigest md; + protected byte[] key; + protected final byte[] pad1, pad2; + + // Constructors. + // ------------------------------------------------------------------------- + + SSLHMac(String mdName) + { + super(); + this.md = HashFactory.getInstance(mdName); + if (mdName.equalsIgnoreCase("MD5")) + { + pad1 = new byte[48]; + pad2 = new byte[48]; + } + else + { + pad1 = new byte[40]; + pad2 = new byte[40]; + } + Arrays.fill(pad1, PAD1); + Arrays.fill(pad2, PAD2); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public Object clone() + { + try + { + return super.clone(); + } + catch (CloneNotSupportedException cnse) + { + throw new Error(); + } + } + + public String name() + { + return "SSLHMac-" + md.name(); + } + + public int macSize() + { + return md.hashSize(); + } + + public void init(Map attributes) + { + key = (byte[]) attributes.get(MAC_KEY_MATERIAL); + if (key == null) + throw new NullPointerException(); + reset(); + } + + public void reset() + { + md.reset(); + md.update(key, 0, key.length); + md.update(pad1, 0, pad1.length); + } + + public byte[] digest() + { + byte[] h1 = md.digest(); + md.update(key, 0, key.length); + md.update(pad2, 0, pad2.length); + md.update(h1, 0, h1.length); + byte[] result = md.digest(); + reset(); + return result; + } + + public void update(byte b) + { + md.update(b); + } + + public void update(byte[] buf, int off, int len) + { + md.update(buf, off, len); + } + + public boolean selfTest() + { + return true; // XXX + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLRSASignature.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLRSASignature.java new file mode 100644 index 0000000..2f8c6cf --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLRSASignature.java @@ -0,0 +1,235 @@ +/* SSLRSASignature.java -- SSL's RSA signature algorithm. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.math.BigInteger; + +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; + +import java.util.Arrays; +import java.util.Map; + +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.sig.ISignature; +import gnu.java.security.sig.rsa.RSA; + +/** + * The RSA signature algorithm as used in the SSL protocol. Note that this + * is different from the RSA signature used to verify certificates. + * + *

    This signature scheme works as follows:

    + * + * 

    digitally-signed struct {
+ *     opaque md5_hash[16];
+ *     opaque sha_hash[20];
+ * }

    + * + *

    Where a digitally-signed struct is RSA-encrypted with + * block type 0 or 1 according to PKCS #1, version 1.5.

    + */ +final class SSLRSASignature implements ISignature +{ + + // Fields. + // ------------------------------------------------------------------------- + + private RSAPublicKey pubkey; + private RSAPrivateKey privkey; + private final IMessageDigest md5, sha; + private boolean initVerify = false, initSign = false; + + // Constructor. + // ------------------------------------------------------------------------- + + SSLRSASignature() + { + this(HashFactory.getInstance("MD5"), HashFactory.getInstance("SHA-1")); + } + + SSLRSASignature(IMessageDigest md5, IMessageDigest sha) + { + this.md5 = md5; + this.sha = sha; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String name() + { + return "RSA/SSL"; + } + + public void setupVerify(Map attrib) + { + PublicKey key = (PublicKey) attrib.get(VERIFIER_KEY); + if (key == null) + { + if (initSign) + { + return; // re-use. + } + throw new IllegalArgumentException("no key supplied"); + } + if (!(key instanceof RSAPublicKey)) + { + throw new IllegalArgumentException("not an RSA key"); + } + pubkey = (RSAPublicKey) key; + privkey = null; + initSign = false; + initVerify = true; + } + + public void setupSign(Map attrib) + { + PrivateKey key = (PrivateKey) attrib.get(SIGNER_KEY); + if (key == null) + { + if (initVerify) + { + return; // re-use. + } + throw new IllegalArgumentException("no key supplied"); + } + if (!(key instanceof RSAPrivateKey)) + { + throw new IllegalArgumentException("not an RSA key"); + } + privkey = (RSAPrivateKey) key; + pubkey = null; + initVerify = false; + initSign = true; + } + + public void update(byte b) + { + if (!initVerify && !initSign) + { + throw new IllegalStateException(); + } + md5.update(b); + sha.update(b); + } + + public void update(byte[] buf, int off, int len) + { + if (!initVerify && !initSign) + { + throw new IllegalStateException(); + } + md5.update(buf, off, len); + sha.update(buf, off, len); + } + + public Object sign() + { + if (!initSign) + { + throw new IllegalStateException(); + } + // Pad the hash results with RSA block type 1. + final int k = (privkey.getModulus().bitLength() + 7) >>> 3; + final byte[] d = Util.concat(md5.digest(), sha.digest()); + if (k - 11 < d.length) + { + throw new IllegalArgumentException("message too long"); + } + final byte[] eb = new byte[k]; + eb[0] = 0x00; + eb[1] = 0x01; + for (int i = 2; i < k - d.length - 1; i++) + { + eb[i] = (byte) 0xFF; + } + System.arraycopy(d, 0, eb, k - d.length, d.length); + BigInteger EB = new BigInteger(eb); + + // Private-key encrypt the padded hashes. + BigInteger EM = RSA.sign(privkey, EB); + return Util.trim(EM); + } + + public boolean verify(Object signature) + { + if (!initVerify) + { + throw new IllegalStateException(); + } + // Public-key decrypt the signature representative. + BigInteger EM = new BigInteger(1, (byte[]) signature); + BigInteger EB = RSA.verify(pubkey, EM); + + // Unpad the decrypted message. + int i = 0; + final byte[] eb = EB.toByteArray(); + if (eb[0] == 0x00) + { + for (i = 0; i < eb.length && eb[i] == 0x00; i++); + } + else if (eb[0] == 0x01) + { + for (i = 1; i < eb.length && eb[i] != 0x00; i++) + { + if (eb[i] != (byte) 0xFF) + { + throw new IllegalArgumentException("bad padding"); + } + } + i++; + } + else + { + throw new IllegalArgumentException("decryption failed"); + } + byte[] d1 = Util.trim(eb, i, eb.length - i); + byte[] d2 = Util.concat(md5.digest(), sha.digest()); + return Arrays.equals(d1, d2); + } + + public Object clone() + { + throw new UnsupportedOperationException(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLRandom.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLRandom.java new file mode 100644 index 0000000..0b28f10 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLRandom.java @@ -0,0 +1,165 @@ +/* SSLRandom.java -- SSLv3 pseudo-random function. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.util.Map; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +class SSLRandom implements IRandom +{ + + // Fields. + // ------------------------------------------------------------------------- + + static final String SECRET = "jessie.sslprng.secret"; + static final String SEED = "jessie.sslprng.seed"; + + private final IMessageDigest md5, sha; + private byte[] secret; + private byte[] buffer; + private byte pad; + private byte[] seed; + private int idx; + + // Constructor. + // ------------------------------------------------------------------------- + + SSLRandom() + { + md5 = HashFactory.getInstance("MD5"); + sha = HashFactory.getInstance("SHA-1"); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void init(Map attrib) + { + secret = (byte[]) attrib.get(SECRET); + seed = (byte[]) attrib.get(SEED); + + if (secret == null || seed == null) + throw new NullPointerException(); + + pad = (byte) 'A'; + try { buffer = nextBlock(); } + catch (LimitReachedException cantHappen) { } + } + + public String name() + { + return "SSLRandom"; + } + + public Object clone() + { + throw new UnsupportedOperationException(); + } + + public byte nextByte() throws LimitReachedException + { + if (buffer == null) + throw new IllegalStateException(); + if (idx >= buffer.length) + buffer = nextBlock(); + return buffer[idx++]; + } + + public void nextBytes(byte[] buf, int off, int len) + throws LimitReachedException + { + if (buffer == null) + throw new IllegalStateException(); + if (buf == null) + throw new NullPointerException(); + if (off < 0 || len < 0 || off+len > buf.length) + throw new IndexOutOfBoundsException(); + int count = 0; + while (count < len) + { + if (idx >= buffer.length) + buffer = nextBlock(); + int l = Math.min(buffer.length-idx, len-count); + System.arraycopy(buffer, idx, buf, off+count, l); + count += l; + idx += l; + } + } + + public boolean selfTest() + { + return true; // XXX + } + + // For future versions of GNU Crypto. No-ops. + public void addRandomByte (byte b) + { + } + + public void addRandomBytes(byte[] buffer) { + addRandomBytes(buffer, 0, buffer.length); + } + + public void addRandomBytes (byte[] b, int i, int j) + { + } + + // Own methods. + // ------------------------------------------------------------------------- + + private byte[] nextBlock() throws LimitReachedException + { + int count = pad - 'A' + 1; + if (count > 26) + throw new LimitReachedException(); + for (int i = 0; i < count; i++) + sha.update(pad); + sha.update(secret, 0, secret.length); + sha.update(seed, 0, seed.length); + byte[] b = sha.digest(); + md5.update(secret, 0, secret.length); + md5.update(b, 0, b.length); + idx = 0; + pad++; + return md5.digest(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocket.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocket.java new file mode 100644 index 0000000..ee96b8d --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocket.java @@ -0,0 +1,283 @@ +/* SSLServerSocket.java -- SSL server socket. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; + +import java.net.InetAddress; +import java.net.Socket; + +import java.security.SecureRandom; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.SortedSet; +import java.util.TreeSet; + +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; + +import gnu.javax.net.ssl.SRPTrustManager; + +class SSLServerSocket extends javax.net.ssl.SSLServerSocket +{ + + // Fields. + // ------------------------------------------------------------------------- + + private SessionContext sessions; + private SortedSet enabledProtocols = new TreeSet(SSLSocket.supportedProtocols); + private List enabledSuites = new ArrayList(SSLSocket.supportedSuites); + private boolean clientMode = false; + private boolean needClientAuth = false; + private boolean wantClientAuth = false; + private boolean createSessions = true; + private SRPTrustManager srpTrustManager; + private X509TrustManager trustManager; + private X509KeyManager keyManager; + private SecureRandom random; + + // Constructors. + // ------------------------------------------------------------------------- + + SSLServerSocket() throws IOException + { + super(); + } + + SSLServerSocket(int port) throws IOException + { + super(port); + } + + SSLServerSocket(int port, int backlog) throws IOException + { + super(port, backlog); + } + + SSLServerSocket(int port, int backlog, InetAddress address) + throws IOException + { + super(port, backlog, address); + } + + // SSL methods. + // ------------------------------------------------------------------------- + + public String[] getSupportedCipherSuites() + { + return (String[]) CipherSuite.availableSuiteNames().toArray(new String[0]); + } + + public String[] getEnabledCipherSuites() + { + synchronized (enabledSuites) + { + String[] s = new String[enabledSuites.size()]; + int i = 0; + for (Iterator it = enabledSuites.iterator(); it.hasNext(); ) + s[i++] = it.next().toString(); + return s; + } + } + + public void setEnabledCipherSuites(String[] suites) + { + if (suites == null || suites.length == 0) + throw new IllegalArgumentException(); + for (int i = 0; i < suites.length; i++) + if (CipherSuite.forName(suites[i]) == null) + throw new IllegalArgumentException("unsupported suite: " + + suites[i]); + synchronized (enabledSuites) + { + enabledSuites.clear(); + for (int i = 0; i < suites.length; i++) + { + CipherSuite suite = CipherSuite.forName(suites[i]); + if (!enabledSuites.contains(suite)) + enabledSuites.add(suite); + } + } + } + + public String[] getSupportedProtocols() + { + return new String[] { "SSLv3", "TLSv1", "TLSv1.1" }; + } + + public String[] getEnabledProtocols() + { + synchronized (enabledProtocols) + { + String[] s = new String[enabledProtocols.size()]; + int i = 0; + for (Iterator it = enabledProtocols.iterator(); it.hasNext(); ) + s[i++] = it.next().toString(); + return s; + } + } + + public void setEnabledProtocols(String[] protocols) + { + if (protocols == null || protocols.length == 0) + throw new IllegalArgumentException(); + for (int i = 0; i < protocols.length; i++) + { + if (!(protocols[i].equalsIgnoreCase("SSLv3") || + protocols[i].equalsIgnoreCase("TLSv1") || + protocols[i].equalsIgnoreCase("TLSv1.1"))) + { + throw new + IllegalArgumentException("unsupported protocol: " + + protocols[i]); + } + } + synchronized (enabledProtocols) + { + enabledProtocols.clear(); + for (int i = 0; i < protocols.length; i++) + { + if (protocols[i].equalsIgnoreCase("SSLv3")) + enabledProtocols.add(ProtocolVersion.SSL_3); + else if (protocols[i].equalsIgnoreCase("TLSv1")) + enabledProtocols.add(ProtocolVersion.TLS_1); + else + enabledProtocols.add(ProtocolVersion.TLS_1_1); + } + } + } + + public void setUseClientMode(boolean clientMode) + { + this.clientMode = clientMode; + } + + public boolean getUseClientMode() + { + return clientMode; + } + + public void setNeedClientAuth(boolean needClientAuth) + { + this.needClientAuth = needClientAuth; + } + + public boolean getNeedClientAuth() + { + return needClientAuth; + } + + public void setWantClientAuth(boolean wantClientAuth) + { + this.wantClientAuth = wantClientAuth; + } + + public boolean getWantClientAuth() + { + return wantClientAuth; + } + + // I misspelled this method in javax.net.SSLServerSocket, and that version + // made it into kaffe 1.1.4. + public void setEnabledSessionCreation(boolean createSessions) + { + setEnableSessionCreation(createSessions); + } + + public void setEnableSessionCreation(boolean createSessions) + { + this.createSessions = createSessions; + } + + public boolean getEnableSessionCreation() + { + return createSessions; + } + + // Socket methods. + // ------------------------------------------------------------------------- + + public Socket accept() throws IOException + { + SSLSocket socket = new SSLSocket(); + implAccept(socket); + socket.setUseClientMode(clientMode); + socket.setNeedClientAuth(needClientAuth); + socket.setWantClientAuth(wantClientAuth); + socket.setEnableSessionCreation(createSessions); + socket.setSessionContext(sessions); + socket.setEnabledCipherSuites(new ArrayList(enabledSuites)); + socket.setEnabledProtocols(new TreeSet(enabledProtocols)); + socket.setSRPTrustManager(srpTrustManager); + socket.setTrustManager(trustManager); + socket.setKeyManager(keyManager); + socket.setRandom(random); + return socket; + } + + // Package methods. + // ------------------------------------------------------------------------- + + void setSessionContext(SessionContext sessions) + { + this.sessions = sessions; + } + + void setKeyManager(X509KeyManager keyManager) + { + this.keyManager = keyManager; + } + + void setTrustManager(X509TrustManager trustManager) + { + this.trustManager = trustManager; + } + + void setSRPTrustManager(SRPTrustManager srpTrustManager) + { + this.srpTrustManager = srpTrustManager; + } + + void setRandom(SecureRandom random) + { + this.random = random; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocketFactory.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocketFactory.java new file mode 100644 index 0000000..72fb512 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLServerSocketFactory.java @@ -0,0 +1,136 @@ +/* SSLServerSocketFactory.java -- factory for SSL server sockets. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; + +import java.net.InetAddress; +import java.net.ServerSocket; + +import java.security.SecureRandom; + +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; + +import gnu.javax.net.ssl.SRPTrustManager; + +class SSLServerSocketFactory extends javax.net.ssl.SSLServerSocketFactory +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final SessionContext sessions; + private final X509KeyManager keyManager; + private final X509TrustManager trustManager; + private final SRPTrustManager srpTrustManager; + private final SecureRandom random; + + // Constructor. + // ------------------------------------------------------------------------- + + SSLServerSocketFactory(X509TrustManager trustManager, + SRPTrustManager srpTrustManager, + X509KeyManager keyManager, + SecureRandom random, + SessionContext sessions) + { + super(); + this.trustManager = trustManager; + this.srpTrustManager = srpTrustManager; + this.keyManager = keyManager; + this.random = random; + this.sessions = sessions; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String[] getDefaultCipherSuites() + { + return getSupportedCipherSuites(); + } + + public String[] getSupportedCipherSuites() + { + return (String[]) CipherSuite.availableSuiteNames().toArray(new String[0]); + } + + public ServerSocket createServerSocket() throws IOException + { + SSLServerSocket socket = new SSLServerSocket(); + setup(socket); + return socket; + } + + public ServerSocket createServerSocket(int port) throws IOException + { + SSLServerSocket socket = new SSLServerSocket(port); + setup(socket); + return socket; + } + + public ServerSocket createServerSocket(int port, int backlog) + throws IOException + { + SSLServerSocket socket = new SSLServerSocket(port, backlog); + setup(socket); + return socket; + } + + public ServerSocket createServerSocket(int port, int backlog, InetAddress addr) + throws IOException + { + SSLServerSocket socket = new SSLServerSocket(port, backlog, addr); + setup(socket); + return socket; + } + + // Own methods. + // ------------------------------------------------------------------------- + + private void setup(SSLServerSocket socket) + { + socket.setSessionContext(sessions); + socket.setKeyManager(keyManager); + socket.setTrustManager(trustManager); + socket.setSRPTrustManager(srpTrustManager); + socket.setRandom(random); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocket.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocket.java new file mode 100644 index 0000000..a564659 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocket.java @@ -0,0 +1,3530 @@ +/* SSLSocket.java -- the SSL socket class. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintStream; + +import java.math.BigInteger; + +import java.net.InetAddress; +import java.net.Socket; +import java.net.SocketAddress; +import java.net.SocketException; + +import java.nio.channels.SocketChannel; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.KeyPair; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Principal; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.SecureRandom; +import java.security.cert.X509Certificate; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; + +import java.util.Arrays; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.SortedSet; +import java.util.TreeSet; + +import java.util.logging.Logger; + +import javax.crypto.Cipher; +import javax.crypto.Mac; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +import javax.net.ssl.HandshakeCompletedEvent; +import javax.net.ssl.HandshakeCompletedListener; +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLHandshakeException; +import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLProtocolException; +import javax.net.ssl.SSLSession; +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; + +import gnu.classpath.debug.Component; +import gnu.classpath.debug.SystemLogger; + +import gnu.java.security.Registry; +import gnu.javax.security.auth.callback.DefaultCallbackHandler; +import gnu.java.security.hash.HashFactory; +import gnu.java.security.hash.IMessageDigest; +import gnu.javax.crypto.key.IKeyAgreementParty; +import gnu.javax.crypto.key.KeyAgreementFactory; +import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.OutgoingMessage; +import gnu.javax.crypto.key.IncomingMessage; +import gnu.javax.crypto.key.dh.DiffieHellmanKeyAgreement; +import gnu.javax.crypto.key.dh.ElGamalKeyAgreement; +import gnu.javax.crypto.key.dh.GnuDHPrivateKey; +import gnu.javax.crypto.key.dh.GnuDHPublicKey; +import gnu.javax.crypto.key.srp6.SRPPrivateKey; +import gnu.javax.crypto.key.srp6.SRPPublicKey; +import gnu.javax.crypto.key.srp6.SRP6KeyAgreement; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.prng.ARCFour; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider; +import gnu.javax.crypto.sasl.srp.SRPRegistry; +import gnu.java.security.sig.ISignature; +import gnu.java.security.sig.SignatureFactory; +import gnu.java.security.sig.dss.DSSSignature; +import gnu.java.security.sig.rsa.EME_PKCS1_V1_5; +import gnu.java.security.sig.rsa.RSA; + +import gnu.javax.net.ssl.SRPTrustManager; + +/** + * This is the core of the Jessie SSL implementation; it implements the {@link + * javax.net.ssl.SSLSocket} for normal and "wrapped" sockets, and handles all + * protocols implemented by this library. + */ +final class SSLSocket extends javax.net.ssl.SSLSocket +{ + + // This class is almost unbearably large and complex, but is laid out + // as follows: + // + // 1. Fields. + // 2. Constructors. + // 3. SSLSocket methods. These are the public methods defined in + // javax.net.ssl.SSLSocket. + // 4. Socket methods. These override the public methods of java.net.Socket, + // and delegate the method call to either the underlying socket if this is + // a wrapped socket, or to the superclass. + // 5. Package-private methods that various pieces of Jessie use. + // 6. Private methods. These compose the SSL handshake. + // + // Each part is preceeded by a form feed. + + // Constants and fields. + // ------------------------------------------------------------------------- + + // Debuggery. + private static final boolean DEBUG_HANDSHAKE_LAYER = true; + private static final boolean DEBUG_KEY_EXCHANGE = false; + private static final Logger logger = SystemLogger.SYSTEM; + + // Fields for using this class as a wrapped socket. + private Socket underlyingSocket; + private int underlyingPort; + private boolean autoClose; + + // Cryptography fields. + SessionContext sessionContext; + Session session; + LinkedList handshakeListeners; + private boolean clientMode, wantClientAuth, needClientAuth, createSessions; + private boolean handshakeDone; + + // I/O fields. + private String remoteHost; + private InputStream socketIn; + private OutputStream socketOut; + private InputStream applicationIn; + private OutputStream applicationOut; + private InputStream handshakeIn; + private OutputStream handshakeOut; +// private ThreadGroup recordLayer; + RecordInput recordInput; +// RecordOutput recordOutput; + private long handshakeTime; + + private SocketChannel channel; + + static SortedSet supportedProtocols = new TreeSet(); + static List supportedSuites = new ArrayList(30); + + // Static initializer. + // ------------------------------------------------------------------------- + + static + { + //supportedProtocols.add(ProtocolVersion.TLS_1_1); + supportedProtocols.add(ProtocolVersion.TLS_1); + supportedProtocols.add(ProtocolVersion.SSL_3); + + // These are in preference order. It's my preference order, but I'm not + // a total idiot. + supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_RC4_128_MD5); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_RC4_128_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_RSA_WITH_DES_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_DSS_WITH_DES_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_RSA_WITH_DES_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_DES_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_EXPORT_WITH_RC4_40_MD5); + supportedSuites.add(CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_NULL_MD5); + supportedSuites.add(CipherSuite.TLS_RSA_WITH_NULL_SHA); + } + + // Constructors. + // ------------------------------------------------------------------------- + + SSLSocket(Socket socket, String host, int port, boolean autoClose) + throws IOException + { + underlyingSocket = socket; + remoteHost = host; + underlyingPort = port; + this.autoClose = autoClose; + initialize(); + } + + SSLSocket (Socket socket, SocketChannel channel) throws IOException + { + underlyingSocket = socket; + this.channel = channel; + initialize (); + } + + SSLSocket() throws IOException + { + super(); + initialize(); + } + + SSLSocket(InetAddress addr, int port) throws IOException + { + super(addr, port); + initialize(); + remoteHost = addr.getHostName(); + if (remoteHost == null) + { + remoteHost = addr.getHostAddress(); + } + } + + SSLSocket(InetAddress addr, int port, InetAddress laddr, int lport) + throws IOException + { + super(addr, port, laddr, lport); + initialize(); + remoteHost = addr.getHostName(); + if (remoteHost == null) + remoteHost = addr.getHostAddress(); + } + + SSLSocket(String host, int port) throws IOException + { + super(host, port); + initialize(); + remoteHost = host; + } + + SSLSocket(String host, int port, InetAddress laddr, int lport) + throws IOException + { + super(host, port, laddr, lport); + initialize(); + remoteHost = host; + } + + private void initialize() + { + session = new Session(); + session.enabledSuites = new ArrayList(supportedSuites); + session.enabledProtocols = new TreeSet(supportedProtocols); + session.protocol = ProtocolVersion.TLS_1; + session.params.setVersion (ProtocolVersion.TLS_1); + handshakeListeners = new LinkedList(); + handshakeDone = false; + } + + // SSL methods. + // ------------------------------------------------------------------------- + + public void addHandshakeCompletedListener(HandshakeCompletedListener l) + { + synchronized (handshakeListeners) + { + if (l == null) + throw new NullPointerException(); + if (!handshakeListeners.contains(l)) + handshakeListeners.add(l); + } + } + + public void removeHandshakeCompletedListener(HandshakeCompletedListener l) + { + synchronized (handshakeListeners) + { + handshakeListeners.remove(l); + } + } + + public String[] getEnabledProtocols() + { + synchronized (session.enabledProtocols) + { + try + { + return (String[]) Util.transform(session.enabledProtocols.toArray(), + String.class, "toString", null); + } + catch (Exception x) + { + RuntimeException re = new RuntimeException (x.getMessage()); + re.initCause (x); + throw re; + } + } + } + + public void setEnabledProtocols(String[] protocols) + { + if (protocols == null || protocols.length == 0) + throw new IllegalArgumentException(); + for (int i = 0; i < protocols.length; i++) + { + if (!(protocols[i].equalsIgnoreCase("SSLv3") || + protocols[i].equalsIgnoreCase("TLSv1") || + protocols[i].equalsIgnoreCase("TLSv1.1"))) + { + throw new + IllegalArgumentException("unsupported protocol: " + + protocols[i]); + } + } + synchronized (session.enabledProtocols) + { + session.enabledProtocols.clear(); + for (int i = 0; i < protocols.length; i++) + { + if (protocols[i].equalsIgnoreCase("SSLv3")) + { + session.enabledProtocols.add(ProtocolVersion.SSL_3); + } + else if (protocols[i].equalsIgnoreCase("TLSv1")) + { + session.enabledProtocols.add(ProtocolVersion.TLS_1); + } + else + { + session.enabledProtocols.add(ProtocolVersion.TLS_1_1); + } + } + } + } + + public String[] getSupportedProtocols() + { + return new String[] { /* "TLSv1.1", */ "TLSv1", "SSLv3" }; + } + + public String[] getEnabledCipherSuites() + { + synchronized (session.enabledSuites) + { + try + { + return (String[]) Util.transform(session.enabledSuites.toArray(), + String.class, "toString", null); + } + catch (Exception x) + { + RuntimeException re = new RuntimeException (x.getMessage()); + re.initCause (x); + throw re; + } + } + } + + public void setEnabledCipherSuites(String[] suites) + { + if (suites == null || suites.length == 0) + throw new IllegalArgumentException(); + for (int i = 0; i < suites.length; i++) + if (CipherSuite.forName(suites[i]) == null) + throw new IllegalArgumentException("unsupported suite: " + + suites[i]); + synchronized (session.enabledSuites) + { + session.enabledSuites.clear(); + for (int i = 0; i < suites.length; i++) + { + CipherSuite suite = CipherSuite.forName(suites[i]); + if (!session.enabledSuites.contains(suite)) + { + session.enabledSuites.add(suite); + } + } + } + } + + public String[] getSupportedCipherSuites() + { + return (String[]) CipherSuite.availableSuiteNames().toArray(new String[52]); + } + + public SSLSession getSession() + { + return session; + } + + public boolean getEnableSessionCreation() + { + return createSessions; + } + + public void setEnableSessionCreation(boolean flag) + { + createSessions = flag; + } + + public boolean getNeedClientAuth() + { + return needClientAuth; + } + + public void setNeedClientAuth(boolean flag) + { + needClientAuth = flag; + } + + public boolean getWantClientAuth() + { + return wantClientAuth; + } + + public void setWantClientAuth(boolean flag) + { + wantClientAuth = flag; + } + + public boolean getUseClientMode() + { + return clientMode; + } + + public void setUseClientMode(boolean flag) + { + this.clientMode = flag; + } + + public synchronized void startHandshake() throws IOException + { + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "startHandshake called in {0}", + Thread.currentThread()); + handshakeTime = System.currentTimeMillis(); + } + if (handshakeDone) + { + if (clientMode) + { + handshakeDone = false; + doClientHandshake(); + } + else + { + Handshake req = new Handshake(Handshake.Type.HELLO_REQUEST, null); + req.write (handshakeOut, session.protocol); + handshakeOut.flush(); +// recordOutput.setHandshakeAvail(req.write(handshakeOut, session.protocol)); + } + return; + } + if (recordInput == null) + { + setupIO(); + } + if (clientMode) + { + doClientHandshake(); + } + else + { + doServerHandshake(); + } + } + + // Socket methods. + // ------------------------------------------------------------------------- + + public InetAddress getInetAddress() + { + if (underlyingSocket != null) + { + return underlyingSocket.getInetAddress(); + } + else + { + return super.getInetAddress(); + } + } + + public InetAddress getLocalAddress() + { + if (underlyingSocket != null) + { + return underlyingSocket.getLocalAddress(); + } + else + { + return super.getLocalAddress(); + } + } + + public int getPort() + { + if (underlyingSocket != null) + { + return underlyingSocket.getPort(); + } + else + { + return super.getPort(); + } + } + + public int getLocalPort() + { + if (underlyingSocket != null) + { + return underlyingSocket.getLocalPort(); + } + else + { + return super.getLocalPort(); + } + } + + public InputStream getInputStream() throws IOException + { + if (applicationIn == null) + { + setupIO(); + } + return applicationIn; + } + + public OutputStream getOutputStream() throws IOException + { + if (applicationOut == null) + { + setupIO(); + } + return applicationOut; + } + + public void setTcpNoDelay(boolean flag) throws SocketException + { + if (underlyingSocket != null) + { + underlyingSocket.setTcpNoDelay(flag); + } + else + { + super.setTcpNoDelay(flag); + } + } + + public boolean getTcpNoDelay() throws SocketException + { + if (underlyingSocket != null) + { + return underlyingSocket.getTcpNoDelay(); + } + else + { + return super.getTcpNoDelay(); + } + } + + public void setSoLinger(boolean flag, int linger) throws SocketException + { + if (underlyingSocket != null) + { + underlyingSocket.setSoLinger(flag, linger); + } + else + { + super.setSoLinger(flag, linger); + } + } + + public int getSoLinger() throws SocketException + { + if (underlyingSocket != null) + { + return underlyingSocket.getSoLinger(); + } + else + { + return super.getSoLinger(); + } + } + + public void sendUrgentData(int data) throws IOException + { + throw new UnsupportedOperationException("not implemented"); + } + + public void setSoTimeout(int timeout) throws SocketException + { + if (underlyingSocket != null) + { + underlyingSocket.setSoTimeout(timeout); + } + else + { + super.setSoTimeout(timeout); + } + } + + public int getSoTimeout() throws SocketException + { + if (underlyingSocket != null) + { + return underlyingSocket.getSoTimeout(); + } + else + { + return super.getSoTimeout(); + } + } + + public void setSendBufferSize(int size) throws SocketException + { + if (underlyingSocket != null) + { + underlyingSocket.setSendBufferSize(size); + } + else + { + super.setSendBufferSize(size); + } + } + + public int getSendBufferSize() throws SocketException + { + if (underlyingSocket != null) + { + return underlyingSocket.getSendBufferSize(); + } + else + { + return super.getSendBufferSize(); + } + } + + public void setReceiveBufferSize(int size) throws SocketException + { + if (underlyingSocket != null) + { + underlyingSocket.setReceiveBufferSize(size); + } + else + { + super.setReceiveBufferSize(size); + } + } + + public int getReceiveBufferSize() throws SocketException + { + if (underlyingSocket != null) + { + return underlyingSocket.getReceiveBufferSize(); + } + else + { + return super.getReceiveBufferSize(); + } + } + + public synchronized void close() throws IOException + { + if (recordInput == null) + { + if (underlyingSocket != null) + { + if (autoClose) + underlyingSocket.close(); + } + else + super.close(); + return; + } +// while (recordOutput.applicationDataPending()) Thread.yield(); + Alert close = new Alert (Alert.Level.WARNING, Alert.Description.CLOSE_NOTIFY); + sendAlert (close); + long wait = System.currentTimeMillis() + 60000L; + while (session.currentAlert == null && !recordInput.pollClose()) + { + + Thread.yield(); + if (wait <= System.currentTimeMillis()) + { + break; + } + } + boolean gotClose = session.currentAlert != null && + session.currentAlert.getDescription() == Alert.Description.CLOSE_NOTIFY; +// recordInput.setRunning(false); +// recordOutput.setRunning(false); +// recordLayer.interrupt(); + recordInput = null; +// recordOutput = null; +// recordLayer = null; + if (underlyingSocket != null) + { + if (autoClose) + underlyingSocket.close(); + } + else + super.close(); + if (!gotClose) + { + session.invalidate(); + throw new SSLException("did not receive close notify"); + } + } + + public String toString() + { + if (underlyingSocket != null) + { + return SSLSocket.class.getName() + " [ " + underlyingSocket + " ]"; + } + else + { + return SSLSocket.class.getName() + " [ " + super.toString() + " ]"; + } + } + + // Configuration insanity begins here. + + public void connect(SocketAddress saddr) throws IOException + { + if (underlyingSocket != null) + { + underlyingSocket.connect(saddr); + } + else + { + super.connect(saddr); + } + } + + public void connect(SocketAddress saddr, int timeout) throws IOException + { + if (underlyingSocket != null) + { + underlyingSocket.connect(saddr, timeout); + } + else + { + super.connect(saddr, timeout); + } + } + + public void bind(SocketAddress saddr) throws IOException + { + if (underlyingSocket != null) + { + underlyingSocket.bind(saddr); + } + else + { + super.bind(saddr); + } + } + + public SocketAddress getLocalSocketAddress() + { + if (underlyingSocket != null) + { + return underlyingSocket.getLocalSocketAddress(); + } + else + { + return super.getLocalSocketAddress(); + } + } + + public SocketChannel getChannel() + { + return channel; + } + + public boolean isBound() + { + if (underlyingSocket != null) + { + return underlyingSocket.isBound(); + } + else + { + return super.isBound(); + } + //throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean isClosed() + { + if (underlyingSocket != null) + { + return underlyingSocket.isClosed(); + } + else + { + return super.isClosed(); + } + //throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + //public SocketAddress getRemoteSocketAddress() + //{ + // if (underlyingSocket != null) + // { + // return underlyingSocket.getRemoteSocketAddress(); + // } + // else + // { + // return super.getRemoteSocketAddress(); + // } + //} + + public void setOOBInline(boolean flag) throws SocketException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.setOOBInline(flag); + // } + //else + // { + // super.setOOBInline(flag); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean getOOBInline() throws SocketException + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.getOOBInline(); + // } + //else + // { + // return super.getOOBInline(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public void setKeepAlive(boolean flag) throws SocketException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.setKeepAlive(flag); + // } + //else + // { + // super.setKeepAlive(flag); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean getKeepAlive() throws SocketException + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.getKeepAlive(); + // } + //else + // { + // return super.getKeepAlive(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public void setTrafficClass(int clazz) throws SocketException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.setTrafficClass(clazz); + // } + //else + // { + // super.setTrafficClass(clazz); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public int getTrafficClass() throws SocketException + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.getTrafficClass(); + // } + //else + // { + // return super.getTrafficClass(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public void setReuseAddress(boolean flag) throws SocketException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.setReuseAddress(flag); + // } + //else + // { + // super.setReuseAddress(flag); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean getReuseAddress() throws SocketException + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.getReuseAddress(); + // } + //else + // { + // return super.getReuseAddress(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public void shutdownInput() throws IOException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.shutdownInput(); + // } + //else + // { + // super.shutdownInput(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public void shutdownOutput() throws IOException + { + //if (underlyingSocket != null) + // { + // underlyingSocket.shutdownOutput(); + // } + //else + // { + // super.shutdownOutput(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean isConnected() + { + if (underlyingSocket != null) + { + return underlyingSocket.isConnected(); + } + else + { + return super.isConnected(); + } + //throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean isInputShutdown() + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.isInputShutdown(); + // } + //else + // { + // return super.isInputShutdown(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + public boolean isOutputShutdown() + { + //if (underlyingSocket != null) + // { + // return underlyingSocket.isOutputShutdown(); + // } + //else + // { + // return super.isOutputShutdown(); + // } + throw new UnsupportedOperationException("1.4 methods not enabled"); + } + + protected void finalize() + { + if (session.currentAlert == null) + { + try + { + close(); + } + catch (Exception ignore) { } + } + } + + // Package methods. + // ------------------------------------------------------------------------- + + void setSessionContext(SessionContext sessionContext) + { + this.sessionContext = sessionContext; + } + + void setEnabledCipherSuites(List suites) + { + session.enabledSuites = suites; + } + + void setEnabledProtocols(SortedSet protocols) + { + session.enabledProtocols = protocols; + } + + void setSRPTrustManager(SRPTrustManager srpTrustManager) + { + session.srpTrustManager = srpTrustManager; + } + + void setTrustManager(X509TrustManager trustManager) + { + session.trustManager = trustManager; + } + + void setKeyManager(X509KeyManager keyManager) + { + session.keyManager = keyManager; + } + + void setRandom(SecureRandom random) + { + session.random = random; + } + + void sendAlert (Alert alert) throws IOException + { + RecordOutputStream out = + new RecordOutputStream (socketOut, ContentType.ALERT, session.params); + out.write (alert.getEncoded ()); + } + + /** + * Gets the most-recently-received alert message. + * + * @return The alert message. + */ + Alert checkAlert() + { + return session.currentAlert; + } + + synchronized void checkHandshakeDone() throws IOException + { + if (!handshakeDone) + { + startHandshake(); + } + Alert alert = session.currentAlert; + if (alert != null && alert.getLevel() == Alert.Level.FATAL) + { + throw new AlertException(alert, false); + } + if (handshakeIn.available() > 0 && !clientMode) + { + handshakeDone = false; + startHandshake(); + } + } + + // Own methods. + // ------------------------------------------------------------------------- + + private static final byte[] SENDER_CLIENT = + new byte[] { 0x43, 0x4C, 0x4E, 0x54 }; + private static final byte[] SENDER_SERVER = + new byte[] { 0x53, 0x52, 0x56, 0x52 }; + + private void changeCipherSpec () throws IOException + { + RecordOutputStream out = + new RecordOutputStream (socketOut, ContentType.CHANGE_CIPHER_SPEC, session.params); + out.write (1); + } + + private void readChangeCipherSpec () throws IOException + { + RecordInputStream in = + new RecordInputStream (recordInput, ContentType.CHANGE_CIPHER_SPEC); + if (in.read() != 1) + { + throw new SSLProtocolException ("bad change cipher spec message"); + } + } + + /** + * Initializes the application data streams and starts the record layer + * threads. + */ + private synchronized void setupIO() throws IOException + { + if (recordInput != null) + { + return; + } + if (underlyingSocket != null) + { + socketIn = underlyingSocket.getInputStream(); + socketOut = underlyingSocket.getOutputStream(); + } + else + { + socketIn = super.getInputStream(); + socketOut = super.getOutputStream(); + } +// recordLayer = new ThreadGroup("record_layer"); +// recordInput = new RecordInput(in, session, recordLayer); +// recordOutput = new RecordOutput(out, session, recordLayer); +// recordInput.setRecordOutput(recordOutput); +// recordLayer.setDaemon(true); +// recordInput.start(); +// recordOutput.start(); + recordInput = new RecordInput (socketIn, session); + applicationIn = new SSLSocketInputStream( + new RecordInputStream (recordInput, ContentType.APPLICATION_DATA), this); + applicationOut = new SSLSocketOutputStream( + new RecordOutputStream (socketOut, ContentType.APPLICATION_DATA, session.params), this); + handshakeIn = new SSLSocketInputStream( + new RecordInputStream (recordInput, ContentType.HANDSHAKE), this, false); + handshakeOut = new BufferedOutputStream (new SSLSocketOutputStream( + new RecordOutputStream (socketOut, ContentType.HANDSHAKE, session.params), this, false), 8096); + } + + private void handshakeCompleted () + { + handshakeDone = true; + HandshakeCompletedEvent event = new HandshakeCompletedEvent (this, session); + for (Iterator it = handshakeListeners.iterator (); it.hasNext (); ) + { + try + { + ((HandshakeCompletedListener) it.next ()).handshakeCompleted (event); + } + catch (Throwable t) { } + } + if (createSessions) + { + synchronized (session) + { + sessionContext.addSession (session.sessionId, session); + session.access (); + } + } + + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "Handshake finished in {0}", + Thread.currentThread()); + handshakeTime = System.currentTimeMillis() - handshakeTime; + logger.log (Component.SSL_HANDSHAKE, "Elapsed time {0}s", + new Long (handshakeTime / 1000)); + } + } + + /* + * Perform the client handshake. The process looks like this: + * + * ClientHello --> + * ServerHello <-- + * Certificate* <-- + * ServerKeyExchange* <-- + * CertificateRequest* <-- + * ServerHelloDone* <-- + * Certificate* --> + * ClientKeyExchange --> + * CertificateVerify* --> + * [ChangeCipherSpec] --> + * Finished --> + * [ChangeCipherSpec] <-- + * Finished <-- + * + * With --> denoting output and <-- denoting input. * denotes optional + * messages. + * + * Alternatively, this may be an abbreviated handshake if we are resuming + * a session: + * + * ClientHello --> + * ServerHello <-- + * [ChangeCipherSpec] <-- + * Finished <-- + * [ChangeCipherSpec] --> + * Finished --> + */ + private void doClientHandshake() throws IOException + { + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "starting client handshake in {0}", + Thread.currentThread()); + } + + IMessageDigest md5 = HashFactory.getInstance(Registry.MD5_HASH); + IMessageDigest sha = HashFactory.getInstance(Registry.SHA160_HASH); + DigestInputStream din = new DigestInputStream(handshakeIn, md5, sha); + DigestOutputStream dout = new DigestOutputStream(handshakeOut, md5, sha); + Session continuedSession = null; + byte[] sessionId = new byte[0]; + List extensions = null; + String user = null; + CertificateType certType = CertificateType.X509; + + // Look through the available sessions to see if an appropriate one is + // available. + for (Enumeration e = sessionContext.getIds(); e.hasMoreElements(); ) + { + byte[] id = (byte[]) e.nextElement(); + continuedSession = (Session) sessionContext.getSession(id); + if (continuedSession == null) + { + continue; + } + if (!session.enabledProtocols.contains(continuedSession.protocol)) + { + continue; + } + if (continuedSession.getPeerHost().equals(remoteHost)) + { + sessionId = id; + break; + } + } + + // If a SRP suite is enabled, ask for a username so we can include it + // with our extensions list. + for (Iterator i = session.enabledSuites.iterator(); i.hasNext(); ) + { + CipherSuite s = (CipherSuite) i.next(); + if (s.getKeyExchange() == "SRP") + { + extensions = new LinkedList(); + user = askUserName(remoteHost); + byte[] b = user.getBytes("UTF-8"); + if (b.length > 255) + { + handshakeFailure(); + throw new SSLException("SRP username too long"); + } + extensions.add(new Extension(Extension.Type.SRP, + Util.concat(new byte[] { (byte) b.length }, b))); + + break; + } + } + + // If the jessie.fragment.length property is set, add the appropriate + // extension to the list. The fragment length is only actually set if + // the server responds with the same extension. + try + { + int flen = Integer.parseInt(Util.getSecurityProperty("jessie.fragment.length")); + byte[] ext = new byte[1]; + if (flen == 512) + ext[0] = 1; + else if (flen == 1024) + ext[0] = 2; + else if (flen == 2048) + ext[0] = 3; + else if (flen == 4096) + ext[0] = 4; + else + throw new NumberFormatException(); + if (extensions == null) + extensions = new LinkedList(); + extensions.add(new Extension(Extension.Type.MAX_FRAGMENT_LENGTH, ext)); + } + catch (NumberFormatException nfe) { } + + // FIXME: set certificate types. + + // Send the client hello. + ProtocolVersion version = session.protocol; + Random clientRandom = + new Random(Util.unixTime(), session.random.generateSeed(28)); + session.protocol = (ProtocolVersion) session.enabledProtocols.last(); + List comp = new ArrayList(2); + comp.add(CompressionMethod.ZLIB); + comp.add(CompressionMethod.NULL); + ClientHello clientHello = + new ClientHello(session.protocol, clientRandom, sessionId, + session.enabledSuites, comp, extensions); + Handshake msg = new Handshake(Handshake.Type.CLIENT_HELLO, clientHello); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write (dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version)); + dout.flush(); +// try +// { +// Thread.sleep(150); +// } +// catch (InterruptedException ie) +// { +// } + + // Receive the server hello. + msg = Handshake.read(din); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + if (msg.getType() != Handshake.Type.SERVER_HELLO) + { + throwUnexpectedMessage(); + } + ServerHello serverHello = (ServerHello) msg.getBody(); + Random serverRandom = serverHello.getRandom(); + version = serverHello.getVersion(); + + // If we don't directly support the server's protocol version, choose + // the highest one we support that is less than the server's version. + if (!session.enabledProtocols.contains(version)) + { + ProtocolVersion v1 = null, v2 = null; + for (Iterator it = session.enabledProtocols.iterator(); + it.hasNext(); ) + { + v1 = (ProtocolVersion) it.next(); + if (v1.compareTo(version) > 0) + break; + v2 = v1; + } + version = v1; + } + + // The server's version is either unsupported by us (unlikely) or the user + // has only enabled incompatible versions. + if (version == null) + { + Alert.Description desc = null; + if (serverHello.getVersion() == ProtocolVersion.SSL_3) + { + desc = Alert.Description.HANDSHAKE_FAILURE; + } + else + { + desc = Alert.Description.PROTOCOL_VERSION; + } + Alert alert = new Alert(Alert.Level.FATAL, desc); + sendAlert(alert); + session.currentAlert = alert; + fatal(); + throw new AlertException(alert, true); + } + + if (serverHello.getExtensions() != null) + { + for (Iterator it = serverHello.getExtensions().iterator(); + it.hasNext(); ) + { + Extension e = (Extension) it.next(); + if (e.getType() == Extension.Type.MAX_FRAGMENT_LENGTH) + { + int len = Extensions.getMaxFragmentLength(e).intValue(); + session.params.setFragmentLength(len); +// recordOutput.setFragmentLength(len); +// recordInput.setFragmentLength(len); + } + else if (e.getType() == Extension.Type.CERT_TYPE) + { + certType = Extensions.getServerCertType(e); + } + } + } + + CipherSuite suite = serverHello.getCipherSuite().resolve(version); + boolean newSession = true; + if (sessionId.length > 0 && + Arrays.equals(sessionId, serverHello.getSessionId())) + { + SecurityParameters params = session.params; + SecureRandom random = session.random; + session = (Session) continuedSession.clone(); + session.params = params; + session.random = random; + recordInput.setSession(session); +// recordOutput.setSession(session); + suite = session.cipherSuite; + newSession = false; + } + else + { + sessionContext.removeSession(new Session.ID(sessionId)); + } + if (newSession) + { + session.peerHost = remoteHost; + session.sessionId = new Session.ID(serverHello.getSessionId()); + session.cipherSuite = suite; + } + session.params.reset(); +// session.params.setInMac(null); +// session.params.setOutMac(null); +// session.params.setInRandom(null); +// session.params.setOutRandom(null); +// session.params.setInCipher(null); +// session.params.setOutCipher(null); + session.currentAlert = null; + session.valid = true; + session.protocol = version; + + // If the server responded with the same session id that we sent, we + // assume that the session will be continued, and skip the bulk of the + // handshake. + if (newSession) + { + PublicKey serverKey = null, serverKex = null; + KeyPair clientKeys = null, clientKex = null; + CertificateRequest certReq; + boolean sendKeyExchange = false; + BigInteger srp_x = null; + IKeyAgreementParty clientKA = null; + IncomingMessage in; // used for key agreement protocol exchange + OutgoingMessage out = null; + + if (suite.getKeyExchange() == "SRP") + { + String password = askPassword(user); + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, + "SRP: password read is ''{0}''", password); + } + byte[] userSrpPassword = password.getBytes("UTF-8"); + + // instantiate and setup client-side key agreement party + clientKA = KeyAgreementFactory.getPartyAInstance(Registry.SRP_TLS_KA); + Map clientAttributes = new HashMap(); + clientAttributes.put(SRP6KeyAgreement.HASH_FUNCTION, + Registry.SHA160_HASH); + clientAttributes.put(SRP6KeyAgreement.USER_IDENTITY, user); + clientAttributes.put(SRP6KeyAgreement.USER_PASSWORD, userSrpPassword); + try + { + clientKA.init(clientAttributes); + // initiate the exchange + out = clientKA.processMessage(null); + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + } + + if (suite.getSignature() != "anon") + { + msg = Handshake.read(din, certType); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + if (msg.getType() != Handshake.Type.CERTIFICATE) + { + throwUnexpectedMessage(); + } + Certificate serverCertificate = (Certificate) msg.getBody(); + X509Certificate[] peerCerts = serverCertificate.getCertificates(); + try + { + session.trustManager.checkServerTrusted(peerCerts, + suite.getAuthType()); + if (suite.getSignature() == "RSA" && + !(peerCerts[0].getPublicKey() instanceof RSAPublicKey)) + throw new InvalidKeyException("improper public key"); + if (suite.getKeyExchange() == "DH" && + !(peerCerts[0].getPublicKey() instanceof DHPublicKey)) + throw new InvalidKeyException("improper public key"); + if (suite.getKeyExchange() == "DHE") + { + if (suite.getSignature() == "RSA" && + !(peerCerts[0].getPublicKey() instanceof RSAPublicKey)) + throw new InvalidKeyException("improper public key"); + if (suite.getSignature() == "DSS" && + !(peerCerts[0].getPublicKey() instanceof DSAPublicKey)) + throw new InvalidKeyException("improper public key"); + } + session.peerCerts = peerCerts; + session.peerVerified = true; + } + catch (InvalidKeyException ike) + { + throwHandshakeFailure(); + } + catch (Exception x) + { + if (!checkCertificates(peerCerts)) + { + peerUnverified(peerCerts); + SSLPeerUnverifiedException e = + new SSLPeerUnverifiedException ("could not verify peer certificate: "+ + peerCerts[0].getSubjectDN()); + e.initCause (x); + throw e; + } + session.peerCerts = peerCerts; + session.peerVerified = true; + } + serverKey = peerCerts[0].getPublicKey(); + serverKex = serverKey; + } + + msg = Handshake.read(din, suite, serverKey); + + // Receive the server's key exchange. + if (msg.getType() == Handshake.Type.SERVER_KEY_EXCHANGE) + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + ServerKeyExchange skex = (ServerKeyExchange) msg.getBody(); + serverKex = skex.getPublicKey(); + if (suite.getSignature() != "anon") + { + ISignature sig = null; + if (suite.getSignature() == "RSA") + { + sig = new SSLRSASignature(); + } + else if (suite.getSignature() == "DSS") + { + sig = SignatureFactory.getInstance(Registry.DSS_SIG); + } + sig.setupVerify(Collections.singletonMap( + ISignature.VERIFIER_KEY, serverKey)); + byte[] buf = clientRandom.getEncoded(); + sig.update(buf, 0, buf.length); + buf = serverRandom.getEncoded(); + sig.update(buf, 0, buf.length); + if (suite.getKeyExchange() == "RSA") + { + updateSig(sig, ((RSAPublicKey) serverKex).getModulus()); + updateSig(sig, ((RSAPublicKey) serverKex).getPublicExponent()); + } + else if (suite.getKeyExchange() == "DHE") + { + updateSig(sig, ((DHPublicKey) serverKex).getParams().getP()); + updateSig(sig, ((DHPublicKey) serverKex).getParams().getG()); + updateSig(sig, ((DHPublicKey) serverKex).getY()); + } + else if (suite.getKeyExchange() == "SRP") + { + updateSig(sig, ((SRPPublicKey) serverKex).getN()); + updateSig(sig, ((SRPPublicKey) serverKex).getG()); + byte[] srpSalt = skex.getSRPSalt(); + sig.update((byte) srpSalt.length); + sig.update(srpSalt, 0, srpSalt.length); + updateSig(sig, ((SRPPublicKey) serverKex).getY()); + } + if (!sig.verify(skex.getSignature().getSigValue())) + { + throwHandshakeFailure(); + } + } + + if (suite.getKeyExchange() == "SRP") + { + // use server's key exchange data to continue + // agreement protocol by faking a received incoming + // message. again the following code can be broken + // into multiple blocks for more accurate exception + // handling + try + { + out = new OutgoingMessage(); + out.writeMPI(((SRPPublicKey) serverKex).getN()); + out.writeMPI(((SRPPublicKey) serverKex).getG()); + out.writeMPI(new BigInteger(1, skex.getSRPSalt())); + out.writeMPI(((SRPPublicKey) serverKex).getY()); + + in = new IncomingMessage(out.toByteArray()); + + out = clientKA.processMessage(in); + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "clientKA isComplete? {0}", + Boolean.valueOf (clientKA.isComplete())); + } + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + } + msg = Handshake.read(din, suite, serverKey); + } + + // See if the server wants us to send our certificates. + certReq = null; + if (msg.getType() == Handshake.Type.CERTIFICATE_REQUEST) + { + if (suite.getSignature() == "anon") + { + throwHandshakeFailure(); + } + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + certReq = (CertificateRequest) msg.getBody(); + msg = Handshake.read(din); + } + + // Read ServerHelloDone. + if (msg.getType() != Handshake.Type.SERVER_HELLO_DONE) + { + throwUnexpectedMessage(); + } + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + + // Send our certificate chain if the server asked for it. + if (certReq != null) + { + String alias = session.keyManager.chooseClientAlias( + certReq.getTypeStrings(), certReq.getAuthorities(), null); + if (alias == null && version == ProtocolVersion.SSL_3) + { + Alert alert = + new Alert(Alert.Level.WARNING, Alert.Description.NO_CERTIFICATE); + sendAlert(alert); + } + else + { + X509Certificate[] chain = + session.keyManager.getCertificateChain(alias); + PrivateKey key = session.keyManager.getPrivateKey(alias); + if (chain == null) + { + chain = new X509Certificate[0]; + } + Certificate cert = new Certificate(chain); + msg = new Handshake(Handshake.Type.CERTIFICATE, cert); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version));; + dout.flush(); + if (chain.length > 0) + { + session.localCerts = chain; + clientKeys = new KeyPair(chain[0].getPublicKey(), key); + } + } + } + + // Send our key exchange. + byte[] preMasterSecret = null; + ClientKeyExchange ckex = null; + if (suite.getKeyExchange() == "RSA") + { + ProtocolVersion v = + (ProtocolVersion) session.enabledProtocols.last(); + byte[] b = new byte[46]; + session.random.nextBytes (b); + preMasterSecret = Util.concat(v.getEncoded(), b); + EME_PKCS1_V1_5 pkcs1 = EME_PKCS1_V1_5.getInstance((RSAPublicKey) serverKex); + BigInteger bi = new BigInteger(1, + pkcs1.encode(preMasterSecret, session.random)); + bi = RSA.encrypt((RSAPublicKey) serverKex, bi); + ckex = new ClientKeyExchange(Util.trim(bi)); + } + else if (suite.getKeyExchange().startsWith("DH")) + { + if (clientKeys == null || + !(clientKeys.getPublic() instanceof DHPublicKey)) + { + GnuDHPrivateKey tmpKey = + new GnuDHPrivateKey(null, ((DHPublicKey) serverKex).getParams().getP(), + ((DHPublicKey) serverKex).getParams().getG(), null); + clientKA = KeyAgreementFactory.getPartyBInstance(Registry.DH_KA); + Map attr = new HashMap(); + attr.put(DiffieHellmanKeyAgreement.KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY, + tmpKey); + attr.put(DiffieHellmanKeyAgreement.SOURCE_OF_RANDOMNESS, + session.random); + try + { + clientKA.init(attr); + out = new OutgoingMessage(); + out.writeMPI(((DHPublicKey) serverKex).getY()); + in = new IncomingMessage(out.toByteArray()); + out = clientKA.processMessage(in); + in = new IncomingMessage(out.toByteArray()); + ckex = new ClientKeyExchange(in.readMPI()); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); + } + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + } + else + { + clientKA = KeyAgreementFactory.getPartyBInstance(Registry.ELGAMAL_KA); + Map attr = new HashMap(); + attr.put(ElGamalKeyAgreement.KA_ELGAMAL_RECIPIENT_PRIVATE_KEY, + clientKeys.getPrivate()); + try + { + // The key exchange is already complete here; our public + // value was sent with our certificate. + clientKA.init(attr); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + ckex = new ClientKeyExchange(new byte[0]); + } + } + else if (suite.getKeyExchange() == "SRP") + { + // at this point, out --the outgoing message-- already contains + // what we want. so... + BigInteger A = null; + try + { + in = new IncomingMessage(out.toByteArray()); + A = in.readMPI(); + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "client A:{0}", A); + } + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + ckex = new ClientKeyExchange(A); + } + msg = new Handshake(Handshake.Type.CLIENT_KEY_EXCHANGE, ckex); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write (dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version));; + + // Generate the master secret. + if (suite.getKeyExchange().startsWith("DH")) + { + try + { + preMasterSecret = clientKA.getSharedSecret(); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); + } + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + } + else if (suite.getKeyExchange() == "SRP") + { + try + { + preMasterSecret = clientKA.getSharedSecret(); + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + finally + { + clientKA = null; + } + } + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "preMasterSecret:\n{0}", + Util.toHexString (preMasterSecret, ':')); + logger.log (Component.SSL_KEY_EXCHANGE, "client.random:\n{0}", + Util.toHexString(clientRandom.getEncoded(), ':')); + logger.log (Component.SSL_KEY_EXCHANGE, "server.random:\n{0}", + Util.toHexString(serverRandom.getEncoded(), ':')); + } + IRandom genSecret = null; + if (version == ProtocolVersion.SSL_3) + { + genSecret = new SSLRandom(); + HashMap attr = new HashMap(); + attr.put(SSLRandom.SECRET, preMasterSecret); + attr.put(SSLRandom.SEED, + Util.concat(clientRandom.getEncoded(), serverRandom.getEncoded())); + genSecret.init(attr); + } + else + { + genSecret = new TLSRandom(); + HashMap attr = new HashMap(); + attr.put(TLSRandom.SECRET, preMasterSecret); + attr.put(TLSRandom.SEED, + Util.concat(("master secret").getBytes("UTF-8"), + Util.concat(clientRandom.getEncoded(), serverRandom.getEncoded()))); + genSecret.init(attr); + } + session.masterSecret = new byte[48]; + try + { + genSecret.nextBytes(session.masterSecret, 0, 48); + for (int i = 0; i < preMasterSecret.length; i++) + { + preMasterSecret[i] = 0; + } + } + catch (LimitReachedException shouldNotHappen) + { + internalError(); + RuntimeException re = new RuntimeException (shouldNotHappen.getMessage()); + re.initCause (shouldNotHappen); + throw re; + } + + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "masterSecret: {0}", + Util.toHexString(session.masterSecret, ':')); + } + + // Send our certificate verify message. + if (certReq != null && clientKeys != null) + { + IMessageDigest vMD5 = (IMessageDigest) md5.clone(); + IMessageDigest vSHA = (IMessageDigest) sha.clone(); + PrivateKey key = clientKeys.getPrivate(); + Object sig = null; + String sigAlg = null; + try + { + if (key instanceof DSAPrivateKey) + { + sig = DSSSignature.sign((DSAPrivateKey) key, vSHA.digest(), + session.random); + sigAlg = "DSS"; + } + else if (key instanceof RSAPrivateKey) + { + SSLRSASignature rsa = new SSLRSASignature(vMD5, vSHA); + rsa.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, key)); + sig = rsa.sign(); + sigAlg = "RSA"; + } + else + { + throw new InvalidKeyException("no appropriate key"); + } + } + catch (Exception x) + { + throwHandshakeFailure(); + } + CertificateVerify verify = new CertificateVerify(sig, sigAlg); + msg = new Handshake(Handshake.Type.CERTIFICATE_VERIFY, verify); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version));; + } + dout.flush(); + } + + byte[][] keys = null; + try + { + keys = generateKeys(serverRandom.getEncoded(), + clientRandom.getEncoded(), version); + } + catch (Exception x) + { + internalError(); + RuntimeException re = new RuntimeException (x.getMessage()); + re.initCause (x); + throw re; + } + + session.params.setVersion (version); + + // Initialize the algorithms with the derived keys. + Object readMac = null, writeMac = null; + Object readCipher = null, writeCipher = null; + try + { + if (session.params instanceof GNUSecurityParameters) + { + HashMap attr = new HashMap(); + writeMac = CipherSuite.getMac(suite.getMac()); + readMac = CipherSuite.getMac(suite.getMac()); + attr.put(IMac.MAC_KEY_MATERIAL, keys[0]); + ((IMac) writeMac).init(attr); + attr.put(IMac.MAC_KEY_MATERIAL, keys[1]); + ((IMac) readMac).init(attr); + if (suite.getCipher() == "RC4") + { + writeCipher = new ARCFour(); + readCipher = new ARCFour(); + attr.clear(); + attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[2]); + ((ARCFour) writeCipher).init(attr); + attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[3]); + ((ARCFour) readCipher).init(attr); + } + else if (!suite.isStreamCipher()) + { + writeCipher = CipherSuite.getCipher(suite.getCipher()); + readCipher = CipherSuite.getCipher(suite.getCipher()); + attr.clear(); + attr.put(IMode.KEY_MATERIAL, keys[2]); + attr.put(IMode.IV, keys[4]); + attr.put(IMode.STATE, new Integer(IMode.ENCRYPTION)); + ((IMode) writeCipher).init(attr); + attr.put(IMode.KEY_MATERIAL, keys[3]); + attr.put(IMode.IV, keys[5]); + attr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + ((IMode) readCipher).init(attr); + } + } + else // JCESecurityParameters + { + writeMac = CipherSuite.getJCEMac (suite.getMac()); + readMac = CipherSuite.getJCEMac (suite.getMac()); + writeCipher = CipherSuite.getJCECipher (suite.getCipher()); + readCipher = CipherSuite.getJCECipher (suite.getCipher()); + ((Mac) writeMac).init (new SecretKeySpec (keys[0], suite.getMac())); + ((Mac) readMac).init (new SecretKeySpec (keys[1], suite.getMac())); + if (!suite.isStreamCipher()) + { + ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, + new SecretKeySpec (keys[2], suite.getCipher()), + new IvParameterSpec (keys[4])); + ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, + new SecretKeySpec (keys[3], suite.getCipher()), + new IvParameterSpec (keys[5])); + } + else + { + ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, + new SecretKeySpec (keys[2], suite.getCipher())); + ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, + new SecretKeySpec (keys[3], suite.getCipher())); + } + } + } + // These should technically never happen, if our key generation is not + // broken. + catch (InvalidKeyException ike) + { + internalError(); + RuntimeException re = new RuntimeException (ike.getMessage()); + re.initCause(ike); + throw re; + } + catch (InvalidAlgorithmParameterException iape) + { + internalError(); + RuntimeException re = new RuntimeException (iape.getMessage()); + re.initCause (iape); + throw re; + } + // These indicate a configuration error with the JCA. + catch (NoSuchAlgorithmException nsae) + { + session.enabledSuites.remove (suite); + internalError(); + SSLException x = new SSLException ("suite " + suite + " not available in this configuration"); + x.initCause (nsae); + throw x; + } + catch (NoSuchPaddingException nspe) + { + session.enabledSuites.remove (suite); + internalError(); + SSLException x = new SSLException ("suite " + suite + " not available in this configuration"); + x.initCause (nspe); + throw x; + } + + Finished finis = null; + + if (newSession) + { + changeCipherSpec(); + session.params.setDeflating(serverHello.getCompressionMethod() == CompressionMethod.ZLIB); + session.params.setOutMac(writeMac); + session.params.setOutCipher(writeCipher); + finis = generateFinished(version, (IMessageDigest) md5.clone(), + (IMessageDigest) sha.clone(), true); + msg = new Handshake(Handshake.Type.FINISHED, finis); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); + dout.flush(); + } + + if (session.currentAlert != null && + session.currentAlert.getLevel() == Alert.Level.FATAL) + { + fatal(); + throw new AlertException(session.currentAlert, false); + } + + synchronized (session.params) + { + readChangeCipherSpec (); + session.params.setInflating(serverHello.getCompressionMethod() == CompressionMethod.ZLIB); + session.params.setInMac(readMac); + session.params.setInCipher(readCipher); + session.params.notifyAll(); + } + + Finished verify = generateFinished(version, (IMessageDigest) md5.clone(), + (IMessageDigest) sha.clone(), false); + + msg = Handshake.read(din, suite, null); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + if (msg.getType() != Handshake.Type.FINISHED) + { + throwUnexpectedMessage(); + } + finis = (Finished) msg.getBody(); + if (version == ProtocolVersion.SSL_3) + { + if (!Arrays.equals(finis.getMD5Hash(), verify.getMD5Hash()) || + !Arrays.equals(finis.getSHAHash(), verify.getSHAHash())) + { + throwHandshakeFailure(); + } + } + else + { + if (!Arrays.equals(finis.getVerifyData(), verify.getVerifyData())) + { + throwHandshakeFailure(); + } + } + + if (!newSession) + { + changeCipherSpec(); + session.params.setDeflating(serverHello.getCompressionMethod() == CompressionMethod.ZLIB); + session.params.setOutMac(writeMac); + session.params.setOutCipher(writeCipher); + finis = generateFinished(version, md5, sha, true); + msg = new Handshake(Handshake.Type.FINISHED, finis); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); + dout.flush(); + } + + handshakeCompleted(); + } + + /** + * Perform the server handshake. + */ + private void doServerHandshake() throws IOException + { + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "doing server handshake in {0}", + Thread.currentThread()); + } + + if (remoteHost == null) + { + remoteHost = getInetAddress().getHostName(); + } + if (remoteHost == null) + { + remoteHost = getInetAddress().getHostAddress(); + } + + IMessageDigest md5 = HashFactory.getInstance(Registry.MD5_HASH); + IMessageDigest sha = HashFactory.getInstance(Registry.SHA160_HASH); + DigestInputStream din = new DigestInputStream(handshakeIn, md5, sha); + DigestOutputStream dout = new DigestOutputStream(handshakeOut, md5, sha); + + // Read the client hello. + Handshake msg = Handshake.read(din); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + if (msg.getType() != Handshake.Type.CLIENT_HELLO) + { + throwUnexpectedMessage(); + } + ClientHello clientHello = (ClientHello) msg.getBody(); + Random clientRandom = clientHello.getRandom(); + ProtocolVersion version = clientHello.getVersion(); + ProtocolVersion server = + (ProtocolVersion) session.enabledProtocols.last(); + CompressionMethod comp; + if (clientHello.getCompressionMethods().contains(CompressionMethod.ZLIB)) + comp = CompressionMethod.ZLIB; + else + comp = CompressionMethod.NULL; + if (!session.enabledProtocols.contains(version) + && version.compareTo(server) < 0) + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.PROTOCOL_VERSION); + sendAlert(alert); + session.currentAlert = alert; + throw new AlertException(alert, true); + } + + // Look through the extensions sent by the client (if any), and react to + // them appropriately. + List extensions = null; + String remoteUser = null; + if (clientHello.getExtensions() != null) + { + for (Iterator it = clientHello.getExtensions().iterator(); it.hasNext();) + { + Extension ex = (Extension) it.next(); + if (ex.getType() == Extension.Type.SERVER_NAME) + { + if (extensions == null) + { + extensions = new LinkedList(); + } + extensions.add(ex); + } + else if (ex.getType() == Extension.Type.MAX_FRAGMENT_LENGTH) + { + int maxLen = Extensions.getMaxFragmentLength(ex).intValue(); +// recordInput.setFragmentLength(maxLen); +// recordOutput.setFragmentLength(maxLen); + session.params.setFragmentLength(maxLen); + if (extensions == null) + { + extensions = new LinkedList(); + } + extensions.add(ex); + } + else if (ex.getType() == Extension.Type.SRP) + { + if (extensions == null) + { + extensions = new LinkedList(); + } + byte[] b = ex.getValue(); + remoteUser = new String(ex.getValue(), 1, b[0] & 0xFF, "UTF-8"); + session.putValue("srp-username", remoteUser); + } + } + } + + CipherSuite suite = selectSuite(clientHello.getCipherSuites(), version); + if (suite == null) + { + return; + } + + // If the selected suite turns out to be SRP, set up the key exchange + // objects. + IKeyAgreementParty serverKA = null; + IncomingMessage in; + OutgoingMessage out = null; + if (suite.getKeyExchange() == "SRP") + { + // FIXME + // Uhm, I don't think this can happen, because if remoteUser is null + // we cannot choose an SRP ciphersuite... + if (remoteUser == null) + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.MISSING_SRP_USERNAME); + sendAlert(alert); + throw new AlertException(alert, true); + } + + SRPAuthInfoProvider srpDB = new SRPAuthInfoProvider(); + Map dbAttributes = new HashMap(); + dbAttributes.put(SRPRegistry.PASSWORD_DB, + session.srpTrustManager.getPasswordFile()); + srpDB.activate(dbAttributes); + + // FIXME + // We can also fake that the user exists, and generate a dummy (and + // invalid) master secret, and let the handshake fail at the Finished + // message. This is better than letting the connecting side know that + // the username they sent isn't valid. + // + // But how to implement this? + if (!srpDB.contains(remoteUser)) + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.UNKNOWN_SRP_USERNAME); + sendAlert(alert); + throw new AlertException(alert, true); + } + + serverKA = KeyAgreementFactory.getPartyBInstance(Registry.SRP_TLS_KA); + Map serverAttributes = new HashMap(); + serverAttributes.put(SRP6KeyAgreement.HASH_FUNCTION, + Registry.SHA160_HASH); + serverAttributes.put(SRP6KeyAgreement.HOST_PASSWORD_DB, srpDB); + + try + { + serverKA.init(serverAttributes); + out = new OutgoingMessage(); + out.writeString(remoteUser); + in = new IncomingMessage(out.toByteArray()); + out = serverKA.processMessage(in); + } + catch (KeyAgreementException x) + { + throwHandshakeFailure(); + } + } + + // Check if the session specified by the client's ID corresponds + // to a saved session, and if so, continue it. + boolean newSession = true; + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "saved sessions: {0}", sessionContext); + } + if (sessionContext.containsSessionID( + new Session.ID(clientHello.getSessionId()))) + { + Session old = session; + session = (Session) sessionContext.getSession(clientHello.getSessionId()); + if (!clientHello.getCipherSuites().contains(session.cipherSuite)) + { + throwHandshakeFailure(); + } + if (session.getPeerHost().equals(remoteHost) && + old.enabledProtocols.contains(session.protocol)) + { + session = (Session) session.clone(); + suite = session.cipherSuite; + newSession = false; + recordInput.setSession(session); + session.currentAlert = null; + session.params = old.params; + session.random = old.random; + } + else + { + if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "rejected section; hosts equal? {0}, same suites? {1}", + new Object[] { Boolean.valueOf (session.getPeerHost().equals(remoteHost)), + Boolean.valueOf (old.enabledProtocols.contains(session.protocol)) }); + } + session = old; + session.peerHost = remoteHost; + newSession = true; + } + } + else if (DEBUG_HANDSHAKE_LAYER) + { + logger.log (Component.SSL_HANDSHAKE, "rejected session; have session id? {0}, saved sessions: {1}", + new Object[] { Boolean.valueOf (sessionContext.containsSessionID(new Session.ID(clientHello.getSessionId()))), + sessionContext }); + } + if (newSession) + { + byte[] buf = new byte[32]; + Session.ID sid = null; + do + { + session.random.nextBytes(buf); + sid = new Session.ID(buf); + } + while (sessionContext.containsSessionID(sid)); + session.sessionId = sid; + } + session.valid = true; + session.peerHost = remoteHost; + session.cipherSuite = suite; + session.protocol = version; + session.params.setVersion (version); + + // Send the server hello. + Random serverRandom = new Random(Util.unixTime(), + session.random.generateSeed(28)); + ServerHello serverHello = new ServerHello(version, serverRandom, + session.getId(), suite, + comp, extensions); + msg = new Handshake(Handshake.Type.SERVER_HELLO, serverHello); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version)); + dout.flush(); + + if (newSession) + { + X509Certificate[] certs = null; + PrivateKey serverKey = null; + if (suite.getSignature() != "anon") + { + // Send our CA-issued certificate to the client. + String alias = session.keyManager.chooseServerAlias(suite.getAuthType(), + null, null); + certs = session.keyManager.getCertificateChain(alias); + serverKey = session.keyManager.getPrivateKey(alias); + if (certs == null || serverKey == null) + { + throwHandshakeFailure(); + } + session.localCerts = certs; + Certificate serverCert = new Certificate(certs); + msg = new Handshake(Handshake.Type.CERTIFICATE, serverCert); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version));; + dout.flush(); + } + + // If the certificate we sent does not contain enough information to + // do the key exchange (in the case of ephemeral Diffie-Hellman, + // export RSA, and SRP) we send a signed public key to be used for the + // key exchange. + KeyPair signPair = null; + if (certs != null) + { + signPair = new KeyPair(certs[0].getPublicKey(), serverKey); + } + KeyPair kexPair = signPair; + ServerKeyExchange skex = null; + + // Set up our key exchange, and/or prepare our ServerKeyExchange + // message. + if ((suite.getKeyExchange() == "RSA" && suite.isExportable() && + ((RSAPrivateKey) serverKey).getModulus().bitLength() > 512)) + { + kexPair = KeyPool.generateRSAKeyPair(); + RSAPublicKey pubkey = (RSAPublicKey) kexPair.getPublic(); + Signature s = null; + if (suite.getSignature() != "anon") + { + SSLRSASignature sig = new SSLRSASignature(); + sig.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, + signPair.getPrivate())); + byte[] buf = clientRandom.getEncoded(); + sig.update(buf, 0, buf.length); + buf = serverRandom.getEncoded(); + sig.update(buf, 0, buf.length); + updateSig(sig, pubkey.getModulus()); + updateSig(sig, pubkey.getPublicExponent()); + s = new Signature(sig.sign(), "RSA"); + } + skex = new ServerKeyExchange(pubkey, s); + } + else if (suite.getKeyExchange() == "DH") + { + serverKA = KeyAgreementFactory.getPartyBInstance(Registry.ELGAMAL_KA); + Map attr = new HashMap(); + attr.put(ElGamalKeyAgreement.KA_ELGAMAL_RECIPIENT_PRIVATE_KEY, + serverKey); + try + { + serverKA.init(attr); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + // We don't send a ServerKeyExchange for this suite. + } + else if (suite.getKeyExchange() == "DHE") + { + serverKA = KeyAgreementFactory.getPartyAInstance(Registry.DH_KA); + Map attr = new HashMap(); + GnuDHPrivateKey servParams = DiffieHellman.getParams(); + attr.put(DiffieHellmanKeyAgreement.KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY, + servParams); + attr.put(DiffieHellmanKeyAgreement.SOURCE_OF_RANDOMNESS, + session.random); + BigInteger serv_y = null; + try + { + serverKA.init(attr); + out = serverKA.processMessage(null); + in = new IncomingMessage(out.toByteArray()); + serv_y = in.readMPI(); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "DHE exception", kae); + } + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + GnuDHPublicKey pubkey = + new GnuDHPublicKey(null, servParams.getParams().getP(), + servParams.getParams().getG(), serv_y); + Signature s = null; + if (suite.getSignature() != "anon") + { + ISignature sig = null; + if (suite.getSignature() == "RSA") + { + sig = new SSLRSASignature(); + } + else + { + sig = SignatureFactory.getInstance(Registry.DSS_SIG); + } + sig.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, + signPair.getPrivate())); + byte[] buf = clientRandom.getEncoded(); + sig.update(buf, 0, buf.length); + buf = serverRandom.getEncoded(); + sig.update(buf, 0, buf.length); + updateSig(sig, pubkey.getParams().getP()); + updateSig(sig, pubkey.getParams().getG()); + updateSig(sig, pubkey.getY()); + s = new Signature(sig.sign(), suite.getSignature()); + } + skex = new ServerKeyExchange(pubkey, s); + } + else if (suite.getKeyExchange() == "SRP") + { + BigInteger N = null; + BigInteger g = null; + BigInteger salt = null; + BigInteger B = null; + try + { + in = new IncomingMessage(out.toByteArray()); + N = in.readMPI(); + g = in.readMPI(); + salt = in.readMPI(); + B = in.readMPI(); + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + Signature s = null; + final byte[] srpSalt = Util.trim(salt); + if (suite.getSignature() != "anon") + { + ISignature sig = null; + if (suite.getSignature() == "RSA") + { + sig = new SSLRSASignature(); + } + else + { + sig = SignatureFactory.getInstance(Registry.DSS_SIG); + } + sig.setupSign(Collections.singletonMap(ISignature.SIGNER_KEY, + signPair.getPrivate())); + byte[] buf = clientRandom.getEncoded(); + sig.update(buf, 0, buf.length); + buf = serverRandom.getEncoded(); + sig.update(buf, 0, buf.length); + updateSig(sig, N); + updateSig(sig, g); + sig.update((byte) srpSalt.length); + sig.update(srpSalt, 0, srpSalt.length); + updateSig(sig, B); + s = new Signature(sig.sign(), suite.getSignature()); + } + final SRPPublicKey pubkey = new SRPPublicKey(N, g, B); + skex = new ServerKeyExchange(pubkey, s, srpSalt); + } + if (skex != null) + { + msg = new Handshake(Handshake.Type.SERVER_KEY_EXCHANGE, skex); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); +// recordOutput.setHandshakeAvail(msg.write(dout, version));; + dout.flush(); + } + + // If we are configured to want or need client authentication, then + // ask for it. + if (wantClientAuth || needClientAuth) + { + Principal[] auths = null; + CertificateRequest.ClientType[] types = + new CertificateRequest.ClientType[] { + CertificateRequest.ClientType.RSA_SIGN, + CertificateRequest.ClientType.DSS_SIGN, + CertificateRequest.ClientType.RSA_FIXED_DH, + CertificateRequest.ClientType.DSS_FIXED_DH + }; + try + { + auths = (Principal[]) + Util.transform(session.trustManager.getAcceptedIssuers(), + Principal.class, "getSubjectDN", null); + } + catch (Exception x) + { + internalError(); + RuntimeException re = new RuntimeException (x.getMessage()); + re.initCause (x); + throw re; + } + CertificateRequest req = new CertificateRequest(types, auths); + msg = new Handshake(Handshake.Type.CERTIFICATE_REQUEST, req); + msg.write(dout, version); + dout.flush(); + } + + // Send our server hello done. + msg = new Handshake(Handshake.Type.SERVER_HELLO_DONE, null); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); + dout.flush(); + + if (suite.getKeyExchange() == "RSA") + { + msg = Handshake.read(din, suite, kexPair.getPublic()); + } + else + { + msg = Handshake.read(din, suite, null); + } + boolean clientCertOk = false; + boolean clientCanSign = false; + X509Certificate[] clientChain = null; + PublicKey clientKey = null; + + // Read the client's certificate, if sent. + if (msg.getType() == Handshake.Type.CERTIFICATE) + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + Certificate cliCert = (Certificate) msg.getBody(); + clientChain = cliCert.getCertificates(); + try + { + session.trustManager.checkClientTrusted(clientChain, + suite.getAuthType()); + session.peerCerts = clientChain; + session.peerVerified = true; + clientKey = clientChain[0].getPublicKey(); + } + catch (Exception x) + { + } + clientCanSign = ((clientKey instanceof DSAPublicKey) || + (clientKey instanceof RSAPublicKey)); + if (suite.getKeyExchange().startsWith("DH")) + { + msg = Handshake.read(din, suite, clientKey); + } + else + { + msg = Handshake.read(din, suite, kexPair.getPublic()); + } + } + + // If we require client authentication, and the client sent an + // unverifiable certificate or no certificate at all, drop the + // connection. + if (!session.peerVerified && needClientAuth) + { + throwHandshakeFailure(); + } + + // Read the client key exchange. + if (msg.getType() != Handshake.Type.CLIENT_KEY_EXCHANGE) + { + throwUnexpectedMessage(); + } + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + ClientKeyExchange ckex = (ClientKeyExchange) msg.getBody(); + byte[] preMasterSecret = null; + if (suite.getKeyExchange() == "RSA") + { + byte[] enc = (byte[]) ckex.getExchangeObject(); + BigInteger bi = new BigInteger(1, enc); + try + { + bi = RSA.decrypt(kexPair.getPrivate(), bi); + EME_PKCS1_V1_5 pkcs1 = EME_PKCS1_V1_5.getInstance( + (RSAPrivateKey) kexPair.getPrivate()); + preMasterSecret = pkcs1.decode(Util.concat(new byte[1], bi.toByteArray())); + //rsa.init(kexPair); + //preMasterSecret = rsa.decrypt(enc); + } + catch (Exception x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "RSA exception", x); + } + // Generate a fake pre-master secret if the RSA decryption + // fails. + byte[] b = new byte[46]; + session.random.nextBytes (b); + preMasterSecret = Util.concat(version.getEncoded(), b); + } + } + else if (suite.getKeyExchange().startsWith("DH")) + { + try + { + out = new OutgoingMessage(); + if (clientKey == null) + out.writeMPI((BigInteger) ckex.getExchangeObject()); + else + out.writeMPI(((DHPublicKey) clientKey).getY()); + in = new IncomingMessage(out.toByteArray()); + serverKA.processMessage(in); + preMasterSecret = serverKA.getSharedSecret(); + } + catch (KeyAgreementException kae) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "DH exception", kae); + } + internalError(); + RuntimeException re = new RuntimeException (kae.getMessage()); + re.initCause (kae); + throw re; + } + } + else if (suite.getKeyExchange() == "SRP") + { + BigInteger A = (BigInteger) ckex.getExchangeObject(); + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP: client A: {0}", A); + } + try + { + out = new OutgoingMessage(); + out.writeMPI(A); + in = new IncomingMessage(out.toByteArray()); + out = serverKA.processMessage(in); + preMasterSecret = serverKA.getSharedSecret(); + } + catch (KeyAgreementException x) + { + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "SRP exception", x); + } + throwHandshakeFailure(); + } + finally + { + serverKA = null; + } + } + + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "preMasterSecret:\n{0}", + Util.toHexString(preMasterSecret, ':')); + logger.log (Component.SSL_KEY_EXCHANGE, "client.random:\n{0}", + Util.toHexString(clientRandom.getEncoded(), ':')); + logger.log (Component.SSL_KEY_EXCHANGE, "server.random:\n{0}", + Util.toHexString(serverRandom.getEncoded(), ':')); + } + + // Generate the master secret. + IRandom genSecret = null; + if (version == ProtocolVersion.SSL_3) + { + genSecret = new SSLRandom(); + HashMap attr = new HashMap(); + attr.put(SSLRandom.SECRET, preMasterSecret); + attr.put(SSLRandom.SEED, Util.concat(clientRandom.getEncoded(), + serverRandom.getEncoded())); + genSecret.init(attr); + } + else + { + genSecret = new TLSRandom(); + HashMap attr = new HashMap(); + attr.put(TLSRandom.SECRET, preMasterSecret); + attr.put(TLSRandom.SEED, + Util.concat(("master secret").getBytes("UTF-8"), + Util.concat(clientRandom.getEncoded(), + serverRandom.getEncoded()))); + genSecret.init(attr); + } + session.masterSecret = new byte[48]; + try + { + genSecret.nextBytes(session.masterSecret, 0, 48); + for (int i = 0; i < preMasterSecret.length; i++) + { + preMasterSecret[i] = 0; + } + } + catch (LimitReachedException shouldNotHappen) + { + internalError(); + RuntimeException re = new RuntimeException(); + re.initCause (shouldNotHappen); + throw re; + } + + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "masterSecret: {0}", + Util.toHexString(session.masterSecret, ':')); + } + + // Read the client's certificate verify message, if needed. + if (clientCanSign && (wantClientAuth || needClientAuth)) + { + msg = Handshake.read(din); + if (msg.getType() != Handshake.Type.CERTIFICATE_VERIFY) + { + throwUnexpectedMessage(); + } + CertificateVerify verify = (CertificateVerify) msg.getBody(); + if (clientChain != null && clientChain.length > 0) + { + IMessageDigest cvMD5 = (IMessageDigest) md5.clone(); + IMessageDigest cvSHA = (IMessageDigest) sha.clone(); + clientKey = clientChain[0].getPublicKey(); + if (clientKey instanceof RSAPublicKey) + { + SSLRSASignature sig = new SSLRSASignature(cvMD5, cvSHA); + sig.setupVerify(Collections.singletonMap(ISignature.VERIFIER_KEY, clientKey)); + if (!sig.verify(verify.getSigValue())) + { + handshakeFailure(); + throw new SSLHandshakeException("client certificate verify failed"); + } + } + else if (clientKey instanceof DSAPublicKey) + { + try + { + if (!DSSSignature.verify((DSAPublicKey) clientKey, cvSHA.digest(), + (BigInteger[]) verify.getSigValue())) + { + throw new Exception("client's certificate could not be verified"); + } + } + catch (Exception x) + { + handshakeFailure(); + SSLHandshakeException e = new SSLHandshakeException (x.getMessage()); + e.initCause (x); + throw e; + } + } + } + } + } + + // Generate the session keys. + byte[][] keys = null; + try + { + keys = generateKeys(serverRandom.getEncoded(), + clientRandom.getEncoded(), version); + } + catch (Exception x) + { + internalError(); + RuntimeException re = new RuntimeException (x.getMessage()); + re.initCause (x); + throw re; + } + + // Initialize the algorithms with the derived keys. + Object readMac = null, writeMac = null; + Object readCipher = null, writeCipher = null; + try + { + if (session.params instanceof GNUSecurityParameters) + { + HashMap attr = new HashMap(); + writeMac = CipherSuite.getMac(suite.getMac()); + readMac = CipherSuite.getMac(suite.getMac()); + attr.put(IMac.MAC_KEY_MATERIAL, keys[1]); + ((IMac) writeMac).init(attr); + attr.put(IMac.MAC_KEY_MATERIAL, keys[0]); + ((IMac) readMac).init(attr); + if (suite.getCipher() == "RC4") + { + writeCipher = new ARCFour(); + readCipher = new ARCFour(); + attr.clear(); + attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[3]); + ((ARCFour) writeCipher).init(attr); + attr.put(ARCFour.ARCFOUR_KEY_MATERIAL, keys[2]); + ((ARCFour) readCipher).init(attr); + } + else if (!suite.isStreamCipher()) + { + writeCipher = CipherSuite.getCipher(suite.getCipher()); + readCipher = CipherSuite.getCipher(suite.getCipher()); + attr.clear(); + attr.put(IMode.KEY_MATERIAL, keys[3]); + attr.put(IMode.IV, keys[5]); + attr.put(IMode.STATE, new Integer(IMode.ENCRYPTION)); + ((IMode) writeCipher).init(attr); + attr.put(IMode.KEY_MATERIAL, keys[2]); + attr.put(IMode.IV, keys[4]); + attr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + ((IMode) readCipher).init(attr); + } + } + else // JCESecurityParameters + { + writeMac = CipherSuite.getJCEMac (suite.getMac()); + readMac = CipherSuite.getJCEMac (suite.getMac()); + writeCipher = CipherSuite.getJCECipher (suite.getCipher()); + readCipher = CipherSuite.getJCECipher (suite.getCipher()); + ((Mac) writeMac).init (new SecretKeySpec (keys[1], suite.getMac())); + ((Mac) readMac).init (new SecretKeySpec (keys[0], suite.getMac())); + if (!suite.isStreamCipher()) + { + ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, + new SecretKeySpec (keys[3], suite.getCipher()), + new IvParameterSpec (keys[5])); + ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, + new SecretKeySpec (keys[2], suite.getCipher()), + new IvParameterSpec (keys[4])); + } + else + { + ((Cipher) writeCipher).init (Cipher.ENCRYPT_MODE, + new SecretKeySpec (keys[3], suite.getCipher())); + ((Cipher) readCipher).init (Cipher.DECRYPT_MODE, + new SecretKeySpec (keys[2], suite.getCipher())); + } + } + } + // These should technically never happen, if our key generation is not + // broken. + catch (InvalidKeyException ike) + { + internalError(); + RuntimeException re = new RuntimeException (ike.getMessage()); + re.initCause (ike); + throw new RuntimeException (String.valueOf (ike)); + } + catch (InvalidAlgorithmParameterException iape) + { + internalError(); + RuntimeException re = new RuntimeException (iape.getMessage()); + re.initCause (iape); + throw re; + } + // These indicate a configuration error with the JCA. + catch (NoSuchAlgorithmException nsae) + { + session.enabledSuites.remove (suite); + internalError(); + SSLException e = new SSLException ("suite " + suite + " not available in this configuration"); + e.initCause (nsae); + throw e; + } + catch (NoSuchPaddingException nspe) + { + session.enabledSuites.remove (suite); + internalError(); + SSLException e = new SSLException ("suite " + suite + " not available in this configuration"); + e.initCause (nspe); + throw e; + } + + Finished finis = null; + // If we are continuing a session, we send our Finished message first. + if (!newSession) + { + changeCipherSpec(); + session.params.setDeflating(comp == CompressionMethod.ZLIB); + session.params.setOutMac(writeMac); + session.params.setOutCipher(writeCipher); + finis = generateFinished(version, (IMessageDigest) md5.clone(), + (IMessageDigest) sha.clone(), false); + msg = new Handshake(Handshake.Type.FINISHED, finis); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); + dout.flush(); + } + + if (session.currentAlert != null && + session.currentAlert.getLevel() == Alert.Level.FATAL) + { + fatal(); + throw new AlertException(session.currentAlert, false); + } + + // Wait until we receive a ChangeCipherSpec, then change the crypto + // algorithms for the incoming side. + synchronized (session.params) + { + readChangeCipherSpec (); + session.params.setInflating(comp == CompressionMethod.ZLIB); + session.params.setInMac(readMac); + session.params.setInCipher(readCipher); + session.params.notifyAll(); + } + + // Receive and verify the client's finished message. + Finished verify = generateFinished(version, (IMessageDigest) md5.clone(), + (IMessageDigest) sha.clone(), true); + msg = Handshake.read(din, suite, null); + if (msg.getType() != Handshake.Type.FINISHED) + { + throwUnexpectedMessage(); + } + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + finis = (Finished) msg.getBody(); + if (version == ProtocolVersion.SSL_3) + { + if (!Arrays.equals(finis.getMD5Hash(), verify.getMD5Hash()) || + !Arrays.equals(finis.getSHAHash(), verify.getSHAHash())) + { + throwHandshakeFailure(); + } + } + else + { + if (!Arrays.equals(finis.getVerifyData(), verify.getVerifyData())) + { + throwHandshakeFailure(); + } + } + + // Send our Finished message last for new sessions. + if (newSession) + { + changeCipherSpec(); + session.params.setDeflating(comp == CompressionMethod.ZLIB); + session.params.setOutMac(writeMac); + session.params.setOutCipher(writeCipher); + finis = generateFinished(version, md5, sha, false); + msg = new Handshake(Handshake.Type.FINISHED, finis); + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}", msg); + msg.write(dout, version); + dout.flush(); + } + + handshakeCompleted(); + } + + /** + * Generate the keys from the master secret. + * + * @param server The server's random value. + * @param client The client's random value. + * @param activeVersion The negotiated protocol version. + * @return The generated keys. + */ + private byte[][] generateKeys(byte[] server, byte[] client, + ProtocolVersion activeVersion) + throws LimitReachedException, IOException + { + CipherSuite suite = session.cipherSuite; + int macLen = (suite.getMac().indexOf("MD5") >= 0) ? 16 : 20; + int keyLen = suite.getKeyLength(); + int ivLen = 0; + if (suite.getCipher().indexOf("DES") >= 0) + { + ivLen = 8; + } + else if (suite.getCipher() == "AES") + { + ivLen = 16; + } + byte[][] keyMaterial = new byte[6][]; + keyMaterial[0] = new byte[macLen]; // client_write_MAC_secret + keyMaterial[1] = new byte[macLen]; // server_write_MAC_secret + keyMaterial[2] = new byte[keyLen]; // client_write_key + keyMaterial[3] = new byte[keyLen]; // server_write_key + keyMaterial[4] = new byte[ivLen]; // client_write_IV + keyMaterial[5] = new byte[ivLen]; // server_write_IV + IRandom prf = null; + if (activeVersion == ProtocolVersion.SSL_3) + { + prf = new SSLRandom(); + HashMap attr = new HashMap(); + attr.put(SSLRandom.SECRET, session.masterSecret); + attr.put(SSLRandom.SEED, Util.concat(server, client)); + prf.init(attr); + } + else + { + prf = new TLSRandom(); + HashMap attr = new HashMap(); + attr.put(TLSRandom.SECRET, session.masterSecret); + attr.put(TLSRandom.SEED, Util.concat("key expansion".getBytes("UTF-8"), + Util.concat(server, client))); + prf.init(attr); + } + for (int i = 0; i < keyMaterial.length; i++) + { + prf.nextBytes(keyMaterial[i], 0, keyMaterial[i].length); + } + + // Exportable ciphers transform their keys once more, and use a + // nonsecret IV for block ciphers. + if (suite.isExportable()) + { + int finalLen = suite.getCipher() == "DES" ? 8 : 16; + if (activeVersion == ProtocolVersion.SSL_3) + { + IMessageDigest md5 = HashFactory.getInstance(Registry.MD5_HASH); + md5.update(keyMaterial[2], 0, keyMaterial[2].length); + md5.update(client, 0, client.length); + md5.update(server, 0, server.length); + keyMaterial[2] = Util.trim(md5.digest(), finalLen); + md5.update(keyMaterial[3], 0, keyMaterial[3].length); + md5.update(server, 0, server.length); + md5.update(client, 0, client.length); + keyMaterial[3] = Util.trim(md5.digest(), finalLen); + if (!suite.isStreamCipher()) + { + md5.update(client, 0, client.length); + md5.update(server, 0, server.length); + keyMaterial[4] = Util.trim(md5.digest(), ivLen); + md5.update(server, 0, server.length); + md5.update(client, 0, client.length); + keyMaterial[5] = Util.trim(md5.digest(), ivLen); + } + } + else + { + HashMap attr = new HashMap(); + attr.put(TLSRandom.SECRET, keyMaterial[2]); + attr.put(TLSRandom.SEED, + Util.concat("client write key".getBytes("UTF-8"), + Util.concat(client, server))); + prf.init(attr); + keyMaterial[2] = new byte[finalLen]; + prf.nextBytes(keyMaterial[2], 0, finalLen); + attr.put(TLSRandom.SECRET, keyMaterial[3]); + attr.put(TLSRandom.SEED, + Util.concat("server write key".getBytes("UTF-8"), + Util.concat(client, server))); + prf.init(attr); + keyMaterial[3] = new byte[finalLen]; + prf.nextBytes(keyMaterial[3], 0, finalLen); + if (!suite.isStreamCipher()) + { + attr.put(TLSRandom.SECRET, new byte[0]); + attr.put(TLSRandom.SEED, Util.concat("IV block".getBytes("UTF-8"), + Util.concat(client, server))); + prf.init(attr); + prf.nextBytes(keyMaterial[4], 0, keyMaterial[4].length); + prf.nextBytes(keyMaterial[5], 0, keyMaterial[5].length); + } + } + } + + if (DEBUG_KEY_EXCHANGE) + { + logger.log (Component.SSL_KEY_EXCHANGE, "Generated keys:"); + for (int i = 0; i < keyMaterial.length; i++) + logger.log (Component.SSL_KEY_EXCHANGE, "[{0}] {1}", + new Object[] { new Integer (i), + Util.toHexString(keyMaterial[i], ':') }); + } + + return keyMaterial; + } + + /** + * Generate a "finished" message, based on the hashes of the handshake + * messages, the agreed version, and a label. + * + * @param version The agreed version. + * @param md5 The current state of the handshake MD5 hash. + * @param sha The current state of the handshake SHA hash. + * @param client Should be true if the message is generated by the client. + */ + private Finished generateFinished(ProtocolVersion version, IMessageDigest md5, + IMessageDigest sha, boolean client) + { + if (version == ProtocolVersion.SSL_3) + { + if (client) + { + md5.update(SENDER_CLIENT, 0, 4); + } + else + { + md5.update(SENDER_SERVER, 0, 4); + } + byte[] ms = session.masterSecret; + md5.update(ms, 0, ms.length); + for (int i = 0; i < 48; i++) + { + md5.update(SSLHMac.PAD1); + } + byte[] b = md5.digest(); + md5.update(ms, 0, ms.length); + for (int i = 0; i < 48; i++) + { + md5.update(SSLHMac.PAD2); + } + md5.update(b, 0, b.length); + + if (client) + { + sha.update(SENDER_CLIENT, 0, 4); + } + else + { + sha.update(SENDER_SERVER, 0, 4); + } + sha.update(ms, 0, ms.length); + for (int i = 0; i < 40; i++) + { + sha.update(SSLHMac.PAD1); + } + b = sha.digest(); + sha.update(ms, 0, ms.length); + for (int i = 0; i < 40; i++) + { + sha.update(SSLHMac.PAD2); + } + sha.update(b, 0, b.length); + return new Finished(md5.digest(), sha.digest()); + } + else + { + byte[] h1 = md5.digest(); + byte[] h2 = sha.digest(); + String label = client ? "client finished" : "server finished"; + byte[] seed = null; + try + { + seed = Util.concat(label.getBytes("UTF-8"), Util.concat(h1, h2)); + } + catch (java.io.UnsupportedEncodingException uee) + { + RuntimeException re = new RuntimeException (uee.getMessage()); + re.initCause (uee); + throw re; + } + IRandom prf = new TLSRandom(); + HashMap attr = new HashMap(); + attr.put(TLSRandom.SECRET, session.masterSecret); + attr.put(TLSRandom.SEED, seed); + prf.init(attr); + byte[] finishedValue = new byte[12]; + try + { + prf.nextBytes(finishedValue, 0, 12); + } + catch (LimitReachedException lre) + { + RuntimeException re = new RuntimeException (lre.getMessage()); + re.initCause (lre); + throw re; + } + return new Finished(finishedValue); + } + } + + /** + * Send a fatal unexpected_message alert. + */ + private Alert unexpectedMessage() throws IOException + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.UNEXPECTED_MESSAGE); + sendAlert(alert); + fatal(); + return alert; + } + + private void throwUnexpectedMessage() throws IOException + { + throw new AlertException(unexpectedMessage(), true); + } + + /** + * Send a fatal handshake_failure alert. + */ + private Alert handshakeFailure() throws IOException + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.HANDSHAKE_FAILURE); + sendAlert(alert); + fatal(); + return alert; + } + + private void throwHandshakeFailure() throws IOException + { + throw new AlertException(handshakeFailure(), true); + } + + /** + * Send an internal_error alert. + */ + private Alert internalError() throws IOException + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.INTERNAL_ERROR); + sendAlert(alert); + fatal(); + return alert; + } + + private void throwInternalError() throws IOException + { + throw new AlertException(internalError(), true); + } + + private Alert peerUnverified(X509Certificate[] chain) throws IOException + { + Alert alert = new Alert(Alert.Level.FATAL, + Alert.Description.HANDSHAKE_FAILURE); + sendAlert(alert); + fatal(); + return alert; + } + + private void throwPeerUnverified(X509Certificate[] chain) throws IOException + { + peerUnverified (chain); + throw new SSLPeerUnverifiedException("could not verify: "+ + chain[0].getSubjectDN()); + } + + /** + * Grab the first suite that is both in the client's requested suites + * and in our enabled suites, and for which we have the proper + * credentials. + * + * @param suites The client's requested suites. + * @param version The version being negotiated. + * @return The selected cipher suite. + * @throws SSLException If no appropriate suite can be selected. + */ + private CipherSuite selectSuite(List suites, ProtocolVersion version) + throws IOException + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "selectSuite req:{0} suites:{1}", + new Object[] { suites, session.enabledSuites }); + boolean srpSuiteNoUser = false; + for (Iterator i = suites.iterator(); i.hasNext(); ) + { + CipherSuite herSuite = (CipherSuite) i.next(); + for (Iterator j = session.enabledSuites.iterator(); j.hasNext(); ) + { + CipherSuite mySuite = (CipherSuite) j.next(); + if (!mySuite.equals(herSuite)) + { + continue; + } + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0} == {1}", + new Object[] { mySuite, herSuite }); + if (mySuite.getSignature() != "anon" && session.keyManager != null && + session.keyManager.chooseServerAlias(mySuite.getAuthType(), null, null) == null) + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "{0}: no certificate/private key", + mySuite); + continue; + } + if (mySuite.getKeyExchange() == "SRP") + { + if (session.getValue("srp-username") == null) + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "no SRP username"); + srpSuiteNoUser = true; + continue; + } + if (session.srpTrustManager == null) + { + if (DEBUG_HANDSHAKE_LAYER) + logger.log (Component.SSL_HANDSHAKE, "no SRP password file"); + continue; + } + } + return mySuite.resolve(version); + } + } + Alert alert = null; + if (srpSuiteNoUser) + { + alert = new Alert(Alert.Level.WARNING, + Alert.Description.MISSING_SRP_USERNAME); + sendAlert(alert); + return null; + } + else + alert = new Alert(Alert.Level.FATAL, + Alert.Description.INSUFFICIENT_SECURITY); + sendAlert(alert); + fatal(); + throw new AlertException(alert, true); + } + + /** + * Ask the user for their user name. + * + * @param remoteHost The remote host being connected to. + * @return The user name. + */ + private String askUserName(String remoteHost) + { + CallbackHandler handler = new DefaultCallbackHandler(); + try + { + Class c = Class.forName(Util.getSecurityProperty("jessie.srp.user.handler")); + handler = (CallbackHandler) c.newInstance(); + } + catch (Exception x) { } + TextInputCallback user = + new TextInputCallback("User name for " + remoteHost + ": ", + Util.getProperty("user.name")); + try + { + handler.handle(new Callback[] { user }); + } + catch (Exception x) { } + return user.getText(); + } + + /** + * Ask the user for a password. + * + * @param user The user name. + * @return The password. + */ + private String askPassword(String user) + { + CallbackHandler handler = new DefaultCallbackHandler(); + try + { + Class c = Class.forName(Util.getSecurityProperty("jessie.srp.password.handler")); + handler = (CallbackHandler) c.newInstance(); + } + catch (Exception x) { } + PasswordCallback passwd = new PasswordCallback(user + "'s password: ", false); + try + { + handler.handle(new Callback[] { passwd }); + } + catch (Exception x) { } + return new String(passwd.getPassword()); + } + + /** + * Ask the user (via a callback) if they will accept a certificate that + * could not be verified. + * + * @param chain The certificate chain in question. + * @return true if the user accepts the certificate chain. + */ + private boolean checkCertificates(X509Certificate[] chain) + { + CallbackHandler handler = new DefaultCallbackHandler(); + try + { + Class c = Class.forName(Util.getSecurityProperty("jessie.certificate.handler")); + handler = (CallbackHandler) c.newInstance(); + } + catch (Exception x) + { + } + String nl = Util.getProperty("line.separator"); + ConfirmationCallback confirm = new ConfirmationCallback( + "The server's certificate could not be verified. There is no proof" + nl + + "that this server is who it claims to be, or that their certificate" + nl + + "is valid. Do you wish to continue connecting?", + ConfirmationCallback.ERROR, ConfirmationCallback.YES_NO_OPTION, + ConfirmationCallback.NO); + try + { + handler.handle(new Callback[] { confirm }); + } + catch (Exception x) + { + return false; + } + return confirm.getSelectedIndex() == ConfirmationCallback.YES; + } + + /** + * Update a signature object with a BigInteger, trimming the leading + * "00" octet if present. + * + * @param sig The signature being updated. + * @param bi The integer to feed into the signature. + */ + private void updateSig(ISignature sig, BigInteger bi) + { + byte[] buf = Util.trim(bi); + sig.update((byte) (buf.length >>> 8)); + sig.update((byte) buf.length); + sig.update(buf, 0, buf.length); + } + + /** + * Teardown everything on fatal errors. + */ + private void fatal() throws IOException + { + if (session != null) + { + session.invalidate(); + } +// recordInput.setRunning(false); +// recordOutput.setRunning(false); + if (underlyingSocket != null) + { + underlyingSocket.close(); + } + else + { + super.close(); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketFactory.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketFactory.java new file mode 100644 index 0000000..24a8389 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketFactory.java @@ -0,0 +1,133 @@ +/* SSLSocketFactory.java -- factory for SSL sockets. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.IOException; +import java.net.InetAddress; +import java.net.Socket; +import java.net.UnknownHostException; +import java.security.SecureRandom; + +import javax.net.ssl.X509TrustManager; +import javax.net.ssl.X509KeyManager; + +class SSLSocketFactory extends javax.net.ssl.SSLSocketFactory +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final X509TrustManager trustManager; + private final X509KeyManager keyManager; + private final SecureRandom random; + private final SessionContext sessionContext; + + // Constructor. + // ------------------------------------------------------------------------- + + SSLSocketFactory(X509TrustManager trustManager, X509KeyManager keyManager, + SecureRandom random, SessionContext sessionContext) + { + this.trustManager = trustManager; + this.keyManager = keyManager; + this.random = random; + this.sessionContext = sessionContext; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String[] getDefaultCipherSuites() + { + return (String[]) CipherSuite.availableSuiteNames().toArray(new String[0]); + } + + public String[] getSupportedCipherSuites() + { + return getDefaultCipherSuites(); + } + + public Socket createSocket(Socket socket, String host, int port, boolean autoClose) + throws IOException + { + return setup(new SSLSocket(socket, host, port, autoClose)); + } + + public Socket createSocket() throws IOException + { + return setup(new SSLSocket()); + } + + public Socket createSocket(String host, int port) + throws IOException, UnknownHostException + { + return setup(new SSLSocket(host, port)); + } + + public Socket createSocket(String host, int port, InetAddress localAddr, int localPort) + throws IOException, UnknownHostException + { + return setup(new SSLSocket(host, port, localAddr, localPort)); + } + + public Socket createSocket(InetAddress address, int port) throws IOException + { + return setup(new SSLSocket(address, port)); + } + + public Socket createSocket(InetAddress address, int port, + InetAddress localAddr, int localPort) + throws IOException + { + return setup(new SSLSocket(address, port, localAddr, localPort)); + } + + // Own methods. + // ------------------------------------------------------------------------- + + private SSLSocket setup(SSLSocket s) + { + s.setTrustManager(trustManager); + s.setKeyManager(keyManager); + s.setRandom(random); + s.setSessionContext(sessionContext); + s.setUseClientMode(true); + return s; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketInputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketInputStream.java new file mode 100644 index 0000000..69202ca --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketInputStream.java @@ -0,0 +1,181 @@ +/* SSLSocketInputStream.java -- InputStream for SSL sockets. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.EOFException; +import java.io.FilterInputStream; +import java.io.InputStream; +import java.io.IOException; +import javax.net.ssl.SSLException; + +class SSLSocketInputStream extends FilterInputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final SSLSocket socket; + private final boolean checkHandshake; + + // Constructors. + // ------------------------------------------------------------------------- + + SSLSocketInputStream(InputStream in, SSLSocket socket) + { + this(in, socket, true); + } + + SSLSocketInputStream(InputStream in, SSLSocket socket, boolean checkHandshake) + { + super(in); + this.socket = socket; + this.checkHandshake = checkHandshake; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public int available() throws IOException + { + if (checkHandshake) + { + socket.checkHandshakeDone(); + } + int ret = 0; + try + { + ret = super.available(); + } + catch (AlertException ae) + { + Alert alert = ae.getAlert (); + if (alert.getDescription () == Alert.Description.CLOSE_NOTIFY) + { + return -1; + } + else + { + throw ae; + } + } + return ret; + } + + public int read() throws IOException + { + if (checkHandshake) + { + socket.checkHandshakeDone(); + } + int ret = 0; + try + { + ret = in.read(); + } + catch (AlertException ae) + { + Alert alert = ae.getAlert (); + if (alert.getDescription () == Alert.Description.CLOSE_NOTIFY) + { + return -1; + } + else + { + throw ae; + } + } + return ret; + } + + public int read(byte[] buf) throws IOException + { + return read(buf, 0, buf.length); + } + + public int read(byte[] buf, int off, int len) throws IOException + { + if (checkHandshake) + { + socket.checkHandshakeDone(); + } + if (buf == null) + { + throw new NullPointerException(); + } + if (off < 0 || len < 0 || off + len > buf.length) + { + throw new ArrayIndexOutOfBoundsException(); + } + int ret = 0; + try + { + ret = in.read(buf, off, len); + } + catch (AlertException ae) + { + Alert alert = ae.getAlert (); + if (alert.getDescription () == Alert.Description.CLOSE_NOTIFY) + { + return -1; + } + else + { + throw ae; + } + } + return ret; + } + + // Own methods. + // ------------------------------------------------------------------------- + + private boolean checkAlert() throws IOException + { + Alert alert = socket.checkAlert(); + if (alert == null) return false; + if (alert.getLevel().equals(Alert.Level.FATAL)) + throw new AlertException(alert, false); + if (alert.getDescription().equals(Alert.Description.CLOSE_NOTIFY)) + { + try { return (in.available() <= 0); } + catch (IOException ioe) { } + } + return false; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketOutputStream.java b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketOutputStream.java new file mode 100644 index 0000000..fe769a85 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SSLSocketOutputStream.java @@ -0,0 +1,115 @@ +/* SSLSocketOutputStream.java -- output stream for SSL sockets. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.FilterOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import javax.net.ssl.SSLException; + +class SSLSocketOutputStream extends FilterOutputStream +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final SSLSocket socket; + private final boolean checkHandshake; + + // Constructor. + // ------------------------------------------------------------------------- + + SSLSocketOutputStream(OutputStream out, SSLSocket socket) + { + this(out, socket, true); + } + + SSLSocketOutputStream(OutputStream out, SSLSocket socket, + boolean checkHandshake) + { + super(out); + this.socket = socket; + this.checkHandshake = checkHandshake; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(int b) throws IOException + { + if (checkHandshake) + { + socket.checkHandshakeDone(); + } + checkAlert(); + out.write(b); + checkAlert(); + } + + public void write(byte[] buf) throws IOException + { + write(buf, 0, buf.length); + } + + public void write(byte[] buf, int off, int len) throws IOException + { + if (checkHandshake) + { + socket.checkHandshakeDone(); + } + if (buf == null) + throw new NullPointerException(); + if (off < 0 || len < 0 || off + len > buf.length) + throw new ArrayIndexOutOfBoundsException(); + checkAlert(); + out.write(buf, off, len); + checkAlert(); + } + + // Own methods. + // ------------------------------------------------------------------------- + + private synchronized void checkAlert() throws SSLException + { + Alert alert = socket.checkAlert(); + if (alert == null) return; + if (alert.getLevel().equals(Alert.Level.FATAL)) + throw new AlertException(alert, false); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SecurityParameters.java b/libjava/classpath/gnu/javax/net/ssl/provider/SecurityParameters.java new file mode 100644 index 0000000..aa06680 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SecurityParameters.java @@ -0,0 +1,178 @@ +/* SecurityParameters.java -- SSL security parameters. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import javax.net.ssl.SSLException; + +/** + * The interface that all security parameters used by Jessie must implement. + * Security parameters handle all transforming of data, including encryption, + * authentication, and compression. + */ +interface SecurityParameters +{ + + // Methods. + // ------------------------------------------------------------------------- + + /** + * Decrypts, verifies, and inflates a fragment received. The fragment is + * just the data field of a text object, without the version, type, and + * length fields. An exception is thrown if any step fails. + * + * @param fragment The fragment being decrypted. + * @param version The version field of the received text. + * @param type The type field of the received text. + * @return The decrypted fragment. + * @throws MacException If the MAC could not be verified, or if the padding + * on the decrypted fragment is incorrect. + * @throws OverflowException If the processed text overflows the configured + * maximum fragment size. + * @throws SSLException If any other error occurs. + */ + byte[] decrypt (byte[] fragment, ProtocolVersion version, ContentType type) + throws MacException, OverflowException, SSLException; + + /** + * Deflates, authenticates, and encrypts a fragment to be sent. + * + * @param buf The fragment being encrypted. + * @param off The offset into the buffer to start at. + * @param len The number of bytes in this fragment. + * @param type The content type of this text. + * @return The encrypted fragment. + * @throws OverflowException If deflating increases the size of the fragment + * too much. + * @throws SSLException If any other error occurs. + */ + byte[] encrypt (byte[] buf, int off, int len, ContentType type) + throws OverflowException, SSLException; + + /** + * Set all crypto primitives to null, meaning that any calls + * to {@link #encrypt(byte[],int,int,org.metastatic.jessie.provider.ContentType)} or + * {@link #decrypt(byte[],org.metastatic.jessie.provider.ProtocolVersion,org.metastatic.jessie.provider.ContentType}) + * will perform the identity transformation. + */ + void reset(); + + /** + * Returns the version of texts being sent. + * + * @return The version. + */ + ProtocolVersion getVersion(); + + /** + * Sets the version of texts being sent. This affects the {@link + * #encrypt(byte[],int,int,org.metastatic.jessie.provider.ContentType)} + * method. + * + * @param version The version to set. + */ + void setVersion (ProtocolVersion version); + + /** + * Turns zlib deflating on or off. + * + * @param deflate Whether or not to deflate outgoing fragments. + */ + void setDeflating (boolean deflate); + + /** + * Turns zlib inflating on or off. + * + * @param inflate Whether or not to inflate incoming fragments. + */ + void setInflating (boolean inflate); + + /** + * Returns the maximum size that plaintext fragments may be. + * + * @return The fragment length. + */ + int getFragmentLength(); + + /** + * Sets the maximum size that plaintext fragments may be. + * + * @param fragmentLength The new fragment length. + */ + void setFragmentLength (int fragmentLength); + + /** + * Set the cipher used to decrypt incoming fragments. The parameter must be + * appropriate for the implementation. + * + * @param cipher The cipher. + * @throws ClassCastException If the argument is not appropriate for the + * implementation. + */ + void setInCipher (Object cipher); + + /** + * Set the cipher used to encrypt outgoing fragments. The parameter must be + * appropriate for the implementation. + * + * @param cipher The cipher. + * @throws ClassCastException If the argument is not appropriate for the + * implementation. + */ + void setOutCipher (Object cipher); + + /** + * Set the MAC used to verify incoming fragments. The parameter must be + * appropriate for the implementation. + * + * @param mac The MAC. + * @throws ClassCastException If the argument is not appropriate for the + * implementation. + */ + void setInMac (Object mac); + + /** + * Set the MAC used to authenticating outgoinging fragments. The parameter + * must be appropriate for the implementation. + * + * @param mac The MAC. + * @throws ClassCastException If the argument is not appropriate for the + * implementation. + */ + void setOutMac (Object mac); +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ServerHello.java b/libjava/classpath/gnu/javax/net/ssl/provider/ServerHello.java new file mode 100644 index 0000000..8b7853c --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ServerHello.java @@ -0,0 +1,216 @@ +/* ServerHello.java -- SSL ServerHello message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; + +import javax.net.ssl.SSLProtocolException; + +class ServerHello implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final ProtocolVersion version; + private final Random random; + private final byte[] sessionId; + private final CipherSuite suite; + private final CompressionMethod comp; + private final List extensions; + + // Constructor. + // ------------------------------------------------------------------------- + + ServerHello(ProtocolVersion version, Random random, + byte[] sessionId, CipherSuite suite, + CompressionMethod comp) + { + this(version, random, sessionId, suite, comp, null); + } + + ServerHello(ProtocolVersion version, Random random, + byte[] sessionId, CipherSuite suite, + CompressionMethod comp, List extensions) + { + this.version = version; + this.random = random; + this.sessionId = sessionId; + this.suite = suite; + this.comp = comp; + this.extensions = extensions; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static ServerHello read(InputStream in) throws IOException + { + ProtocolVersion vers = ProtocolVersion.read(in); + Random rand = Random.read(in); + byte[] id = new byte[in.read() & 0xFF]; + in.read(id); + CipherSuite suite = CipherSuite.read(in).resolve(vers); + CompressionMethod comp = CompressionMethod.read(in); + List ext = null; + if (in.available() > 0) + { + ext = new LinkedList(); + int len = (in.read() >>> 8 & 0xFF) | (in.read() & 0xFF); + int count = 0; + while (count < len) + { + Extension e = Extension.read(in); + ext.add(e); + count += e.getValue().length + 4; + } + } + return new ServerHello(vers, rand, id, suite, comp, ext); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + version.write(out); + random.write(out); + out.write(sessionId.length); + out.write(sessionId); + suite.write(out); + out.write(comp.getValue()); + if (extensions != null) + { + ByteArrayOutputStream out2 = new ByteArrayOutputStream(); + for (Iterator i = extensions.iterator(); i.hasNext(); ) + ((Extension) i.next()).write(out2); + out.write(out2.size() >>> 8 & 0xFF); + out.write(out2.size() & 0xFF); + out2.writeTo(out); + } + } + + ProtocolVersion getVersion() + { + return version; + } + + Random getRandom() + { + return random; + } + + byte[] getSessionId() + { + return (byte[]) sessionId.clone(); + } + + CipherSuite getCipherSuite() + { + return suite; + } + + CompressionMethod getCompressionMethod() + { + return comp; + } + + List getExtensions() + { + return extensions; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" version = " + version + ";"); + BufferedReader r = new BufferedReader(new StringReader(random.toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + out.println(" sessionId = " + Util.toHexString(sessionId, ':') + ";"); + out.println(" cipherSuite = " + suite + ";"); + out.println(" compressionMethod = " + comp + ";"); + if (extensions != null) + { + out.println(" extensions = {"); + for (Iterator i = extensions.iterator(); i.hasNext(); ) + { + r = new BufferedReader(new StringReader(i.next().toString())); + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + } + out.println(" };"); + } + out.println("} ServerHello;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/ServerKeyExchange.java b/libjava/classpath/gnu/javax/net/ssl/provider/ServerKeyExchange.java new file mode 100644 index 0000000..5830415 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/ServerKeyExchange.java @@ -0,0 +1,286 @@ +/* ServerKeyExchange.java -- SSL ServerKeyExchange message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringReader; +import java.io.StringWriter; + +import java.math.BigInteger; + +import java.security.PublicKey; +import java.security.interfaces.RSAPublicKey; + +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; + +import javax.net.ssl.SSLProtocolException; + +import gnu.javax.crypto.key.dh.GnuDHPublicKey; +import gnu.javax.crypto.key.srp6.SRPPublicKey; + +class ServerKeyExchange implements Handshake.Body +{ + + // Fields. + // ------------------------------------------------------------------------- + + private PublicKey publicKey; + private Signature signature; + private byte[] srpSalt; + + // Constructor. + // ------------------------------------------------------------------------- + + ServerKeyExchange(PublicKey publicKey, Signature signature) + { + this(publicKey, signature, null); + } + + ServerKeyExchange(PublicKey publicKey, Signature signature, byte[] srpSalt) + { + this.publicKey = publicKey; + this.signature = signature; + this.srpSalt = srpSalt; + } + + // Class methods. + // ------------------------------------------------------------------------- + + static ServerKeyExchange read(InputStream in, CipherSuite suite, + PublicKey serverKey) + throws IOException + { + DataInputStream din = new DataInputStream(in); + PublicKey key = null; + byte[] salt = null; + String kex = suite.getKeyExchange(); + if (kex.equals("DHE")) + { + BigInteger p, g, y; + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + p = new BigInteger(1, buf); + buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + g = new BigInteger(1, buf); + buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + y = new BigInteger(1, buf); + key = new GnuDHPublicKey(null, p, g, y); + } + else if (kex.equals("RSA")) + { + BigInteger n, e; + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + n = new BigInteger(1, buf); + buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + e = new BigInteger(1, buf); + key = new JessieRSAPublicKey(n, e); + } + else if (kex.equals("SRP")) + { + BigInteger N, g, B; + byte[] buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + N = new BigInteger(1, buf); + buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + g = new BigInteger(1, buf); + salt = new byte[din.readUnsignedByte()]; + din.readFully(salt); + buf = new byte[din.readUnsignedShort()]; + din.readFully(buf); + B = new BigInteger(1, buf); + try + { + key = new SRPPublicKey(N, g, B); + } + catch (IllegalArgumentException iae) + { + throw new SSLProtocolException(iae.getMessage()); + } + } + else + { + throw new SSLProtocolException("invalid kex algorithm"); + } + + Signature sig = null; + if (!suite.getSignature().equals("anon")) + { + sig = Signature.read(in, suite, serverKey); + } + return new ServerKeyExchange(key, sig, salt); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + write(out, ProtocolVersion.TLS_1); + } + + public void write(OutputStream out, ProtocolVersion version) + throws IOException + { + if (publicKey instanceof DHPublicKey) + { + writeBigint(out, ((DHPublicKey) publicKey).getParams().getP()); + writeBigint(out, ((DHPublicKey) publicKey).getParams().getG()); + writeBigint(out, ((DHPublicKey) publicKey).getY()); + } + else if (publicKey instanceof RSAPublicKey) + { + writeBigint(out, ((RSAPublicKey) publicKey).getModulus()); + writeBigint(out, ((RSAPublicKey) publicKey).getPublicExponent()); + } + else if (publicKey instanceof SRPPublicKey) + { + writeBigint(out, ((SRPPublicKey) publicKey).getN()); + writeBigint(out, ((SRPPublicKey) publicKey).getG()); + out.write(srpSalt.length); + out.write(srpSalt); + writeBigint(out, ((SRPPublicKey) publicKey).getY()); + } + if (signature != null) + { + signature.write(out, version); + } + } + + PublicKey getPublicKey() + { + return publicKey; + } + + Signature getSignature() + { + return signature; + } + + byte[] getSRPSalt() + { + return srpSalt; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + out.println(" publicKey = struct {"); + if (publicKey instanceof DHPublicKey) + { + out.println(" p = " + + ((DHPublicKey) publicKey).getParams().getP().toString(16) + + ";"); + out.println(" g = " + + ((DHPublicKey) publicKey).getParams().getG().toString(16) + + ";"); + out.println(" y = " + ((DHPublicKey) publicKey).getY().toString(16) + + ";"); + out.println(" } DHPublicKey;"); + } + else if (publicKey instanceof RSAPublicKey) + { + out.println(" modulus = " + + ((RSAPublicKey) publicKey).getModulus().toString(16) + + ";"); + out.println(" exponent = " + + ((RSAPublicKey) publicKey).getPublicExponent().toString(16) + + ";"); + out.println(" } RSAPublicKey;"); + } + else if (publicKey instanceof SRPPublicKey) + { + out.println(" N = "+((SRPPublicKey) publicKey).getN().toString(16)+";"); + out.println(" g = "+((SRPPublicKey) publicKey).getG().toString(16)+";"); + out.println(" salt = " + Util.toHexString(srpSalt, ':') + ";"); + out.println(" B = "+((SRPPublicKey) publicKey).getY().toString(16)+";"); + out.println(" } SRPPublicKey;"); + } + if (signature != null) + { + out.println(" signature ="); + BufferedReader r = new BufferedReader(new StringReader(signature.toString())); + String s; + try + { + while ((s = r.readLine()) != null) + { + out.print(" "); + out.println(s); + } + } + catch (IOException ignored) + { + } + } + out.println("} ServerKeyExchange;"); + return str.toString(); + } + + private void writeBigint(OutputStream out, BigInteger bigint) + throws IOException + { + byte[] b = bigint.toByteArray(); + if (b[0] == 0x00) + { + out.write((b.length - 1) >>> 8 & 0xFF); + out.write((b.length - 1) & 0xFF); + out.write(b, 1, b.length - 1); + } + else + { + out.write(b.length >>> 8 & 0xFF); + out.write(b.length & 0xFF); + out.write(b); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Session.java b/libjava/classpath/gnu/javax/net/ssl/provider/Session.java new file mode 100644 index 0000000..e13758b --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Session.java @@ -0,0 +1,381 @@ +/* Session.java -- SSL and TLS session data. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.SecureRandom; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; + +import java.util.Arrays; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Set; +import java.util.SortedSet; +import java.util.TreeSet; + +import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLPermission; +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSessionBindingEvent; +import javax.net.ssl.SSLSessionBindingListener; +import javax.net.ssl.SSLSessionContext; +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; +import javax.security.cert.X509Certificate; + +import gnu.javax.net.ssl.SRPTrustManager; + +/** + * A generic SSL session implementation for SSL and TLS. + */ +final class Session implements SSLSession +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + private static final SSLPermission GET_SESSION_CONTEXT_PERMISSION = + new SSLPermission("getSSLSessionContext"); + + private final long creationTime; + private Date lastAccessedTime; + ID sessionId; + Certificate[] localCerts; + Certificate[] peerCerts; + X509Certificate[] peerCertChain; + String peerHost; + boolean peerVerified; + SessionContext context; + HashMap values; + boolean valid; + List enabledSuites; + CipherSuite cipherSuite; + SortedSet enabledProtocols; + ProtocolVersion protocol; + byte[] masterSecret; + SRPTrustManager srpTrustManager; + X509TrustManager trustManager; + X509KeyManager keyManager; + SecureRandom random; + SecurityParameters params; + Alert currentAlert; + + // Constructor. + // ------------------------------------------------------------------------- + + Session() + { + this(System.currentTimeMillis()); + } + + Session(long creationTime) + { + peerVerified = false; + valid = true; + this.creationTime = creationTime; + lastAccessedTime = new Date(0L); + values = new HashMap(); + if (("true").equalsIgnoreCase (Util.getSecurityProperty ("jessie.with.jce"))) + params = new JCESecurityParameters(); + else + params = new GNUSecurityParameters (this); + } + + // Public instance methods. + // ------------------------------------------------------------------------- + + protected Object clone() + { + Session result = new Session(creationTime); + result.lastAccessedTime = lastAccessedTime; + result.sessionId = sessionId; + result.localCerts = (localCerts != null ? (Certificate[]) localCerts.clone() : null); + result.peerCerts = (peerCerts != null ? (Certificate[]) peerCerts.clone() : null); + result.peerHost = peerHost; + result.peerVerified = peerVerified; + result.context = context; + result.values = values; + result.enabledSuites = new ArrayList(enabledSuites); + result.cipherSuite = cipherSuite; + result.enabledProtocols = new TreeSet(enabledProtocols); + result.protocol = protocol; + result.masterSecret = masterSecret; + result.keyManager = keyManager; + result.srpTrustManager = srpTrustManager; + result.trustManager = trustManager; + result.random = random; + return result; + } + + public String getCipherSuite() + { + return cipherSuite.toString(); + } + + public long getCreationTime() + { + return creationTime; + } + + public byte[] getId() + { + return (sessionId != null ? sessionId.getId() : null); + } + + public long getLastAccessedTime() + { + return lastAccessedTime.getTime(); + } + + public Certificate[] getLocalCertificates() + { + return (Certificate[]) (localCerts != null ? localCerts.clone() : null); + } + + public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException + { + if (!peerVerified) + { + throw new SSLPeerUnverifiedException("peer not verified"); + } + return (Certificate[]) (peerCerts != null ? peerCerts.clone() : null); + } + + public X509Certificate[] getPeerCertificateChain() + throws SSLPeerUnverifiedException + { + if (!peerVerified) + { + throw new SSLPeerUnverifiedException("peer not verified"); + } + if (peerCerts == null) + { + return null; + } + if (peerCertChain != null) + { + return (X509Certificate[]) peerCertChain.clone(); + } + try + { + peerCertChain = new X509Certificate[peerCerts.length]; + for (int i = 0; i < peerCerts.length; i++) + { + peerCertChain[i] = X509Certificate.getInstance(peerCerts[i].getEncoded()); + } + return (X509Certificate[]) peerCertChain.clone(); + } + catch (javax.security.cert.CertificateException ce) + { + return null; + } + catch (CertificateException ce2) + { + return null; + } + } + + public String getPeerHost() + { + return peerHost; + } + + public String getProtocol() + { + return protocol.toString(); + } + + public SSLSessionContext getSessionContext() + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + { + sm.checkPermission(GET_SESSION_CONTEXT_PERMISSION); + } + return context; + } + + public String[] getValueNames() + { + Set names = values.keySet(); + return (String[]) names.toArray(new String[names.size()]); + } + + public Object getValue(String name) + { + return values.get(name); + } + + public void putValue(String name, Object value) + { + values.put(name, value); + if (value instanceof SSLSessionBindingListener) + { + ((SSLSessionBindingListener) value).valueBound( + new SSLSessionBindingEvent(this, name)); + } + } + + public void removeValue(String name) + { + Object value = values.remove(name); + if (value != null && (value instanceof SSLSessionBindingListener)) + { + ((SSLSessionBindingListener) value).valueUnbound( + new SSLSessionBindingEvent(this, name)); + } + } + + public void invalidate() + { + if (masterSecret != null) + { + for (int i = 0; i < masterSecret.length; i++) + { + masterSecret[i] = 0; + } + masterSecret = null; + } + valid = false; + } + + synchronized void access() + { + lastAccessedTime.setTime(System.currentTimeMillis()); + context.notifyAccess(this); + } + + void setLastAccessedTime(long lastAccessedTime) + { + this.lastAccessedTime.setTime(lastAccessedTime); + } + + // Inner classes. + // ------------------------------------------------------------------------- + + /** + * A byte array with appropriate equals(), + * hashCode(), and compareTo() semantics. + */ + static final class ID implements Comparable + { + + // Fields. + // ----------------------------------------------------------------------- + + /** The ID itself. */ + private final byte[] id; + + // Constructor. + // ----------------------------------------------------------------------- + + /** + * Creates a new ID. + * + * @param id The ID. The array is not cloned. + */ + ID(byte[] id) + { + if (id == null) + { + throw new IllegalArgumentException(); + } + this.id = id; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public byte[] getId() + { + return (byte[]) id.clone(); + } + + public boolean equals(Object other) + { + if (other == null || !(other instanceof ID)) + { + return false; + } + return Arrays.equals(id, ((ID) other).id); + } + + public int hashCode() + { + int code = 0; + for (int i = 0; i < id.length; i++) + { + code |= (id[i] & 0xFF) << ((i & 3) << 3); + } + return code; + } + + public int compareTo(Object other) + { + if (other == null || !(other instanceof ID)) + { + return 1; + } + byte[] id2 = ((ID) other).id; + if (id.length != id2.length) + { + return (id.length < id2.length) ? -1 : 1; + } + for (int i = 0; i < id.length; i++) + { + if (id[i] < id2[i]) + { + return -1; + } + else if (id[i] > id2[i]) + { + return 1; + } + } + return 0; + } + + public String toString() + { + return Util.toHexString(id, ':'); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SessionContext.java b/libjava/classpath/gnu/javax/net/ssl/provider/SessionContext.java new file mode 100644 index 0000000..9e26542 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SessionContext.java @@ -0,0 +1,250 @@ +/* SessionContext.java -- Implementation of a session context. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.Security; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Vector; + +import javax.net.ssl.SSLSession; +import javax.net.ssl.SSLSessionContext; + +/** + * A collection of SSL sessions. This implementation is a memory-only + * store; subclasses may implement persistent storage. + */ +class SessionContext implements SSLSessionContext +{ + + // Fields. + // ------------------------------------------------------------------------- + + /** The map of Session.ID objects to Sessions. */ + protected final HashMap sessions; + + /** The number of sessions to cache. */ + protected int cacheSize; + + /** The session timeout, in seconds. */ + protected int timeout; + + // Constructor. + // ------------------------------------------------------------------------- + + SessionContext() + { + sessions = new HashMap(); + cacheSize = 0; + try + { + timeout = Integer.parseInt(Util.getSecurityProperty("jessie.session.timeout")); + } + catch (Exception x) + { + // Default 24-hour timeout. + timeout = 86400; + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public synchronized Enumeration getIds() + { + Vector ids = new Vector(); + for(Iterator i = sessions.keySet().iterator(); i.hasNext(); ) + { + Session.ID id = (Session.ID) i.next(); + ids.add(id.getId()); + } + return ids.elements(); + } + + public synchronized SSLSession getSession(byte[] sessionId) + { + Session session = (Session) sessions.get(new Session.ID(sessionId)); + if (session == null) + return null; + long elapsed = System.currentTimeMillis() - session.getLastAccessedTime(); + if ((int) (elapsed / 1000) > timeout) + { + removeSession(session.sessionId); + session.invalidate(); + return null; + } + if (!session.valid) + { + removeSession(session.sessionId); + session.invalidate(); + return null; + } + return session; + } + + public int getSessionCacheSize() + { + return cacheSize; + } + + public void setSessionCacheSize(int cacheSize) + { + if (cacheSize < 0) + throw new IllegalArgumentException(); + this.cacheSize = cacheSize; + } + + public int getSessionTimeout() + { + return timeout; + } + + public void setSessionTimeout(int timeout) + { + if (timeout <= 0) + throw new IllegalArgumentException(); + this.timeout = timeout; + } + + public String toString() + { + return sessions.keySet().toString(); + } + + // Package methods. + // ------------------------------------------------------------------------- + + /** + * Adds a session to this context. This method: + * + *
      + *
    1. Will do nothing if the cache already contains the given ID.
      2. + *
    2. Will do nothing if the cache limit has been reached (and is + * not zero).
      3. + *
    3. Will remove any invalid sessions in the cache before trying to insert + * the new one.
      4. + *
    4. Will remove any expired sessions before trying to insert the new + * one.
      5. + *
    + * + * @param sessionId This session's ID. + * @param session The session to add. + * @return True if the session was added, false otherwise. + */ + synchronized boolean addSession(Session.ID sessionId, Session session) + { + if (sessions.containsKey(sessionId)) + return false; + if (cacheSize > 0 && sessions.size() > cacheSize) + { + boolean removed = false; + for (Iterator i = sessions.values().iterator(); i.hasNext(); ) + { + Session s = (Session) i.next(); + long elapsed = System.currentTimeMillis() - s.getCreationTime(); + if (!s.valid) + { + removeSession(session.sessionId); + removed = true; + } + else if ((int) (elapsed / 1000) > timeout) + { + removeSession(session.sessionId); + removed = true; + } + } + if (removed) + { + sessions.put(sessionId, session); + session.context = this; + session.sessionId = sessionId; + return true; + } + return false; + } + else + { + sessions.put(sessionId, session); + session.context = this; + session.sessionId = sessionId; + return true; + } + } + + /** + * Returns whether or not a session with the given ID is cached by this + * context. + */ + synchronized boolean containsSessionID(Session.ID sessionId) + { + Session s = (Session) sessions.get(sessionId); + if (s == null) + { + return false; + } + long elapsed = System.currentTimeMillis() - s.getCreationTime(); + if (!s.valid || (int) (elapsed / 1000) > timeout) + { + removeSession(sessionId); + return false; + } + return true; + } + + /** + * Removes a session from this context. + * + * @param sessionId The ID of the session to remove. + */ + synchronized boolean removeSession(Session.ID sessionId) + { + return sessions.remove(sessionId) != null; + } + + /** + * Notifies this context of an access event on a session. + * + * @param session The session that was accessed. + */ + void notifyAccess(Session session) + { + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Signature.java b/libjava/classpath/gnu/javax/net/ssl/provider/Signature.java new file mode 100644 index 0000000..c9be641 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Signature.java @@ -0,0 +1,158 @@ +/* Signature.java -- SSL signature message. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.DataInputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.io.PrintWriter; +import java.io.StringWriter; + +import java.math.BigInteger; + +import java.security.PublicKey; +import java.security.interfaces.RSAKey; + +import java.util.Arrays; + +import gnu.java.security.der.*; + +class Signature implements Constructed +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final Object sigValue; + private final String sigAlg; + + // Constructor. + // ------------------------------------------------------------------------- + + Signature(Object sigValue, String sigAlg) + { + this.sigValue = sigValue; + this.sigAlg = sigAlg; + } + + // Class method. + // ------------------------------------------------------------------------- + + static Signature read(InputStream in, CipherSuite suite, PublicKey key) + throws IOException + { + Object sigValue = null; + DataInputStream din = new DataInputStream(in); + int len = din.readUnsignedShort(); + sigValue = new byte[len]; + din.readFully((byte[]) sigValue); + if (suite.getSignature() == "DSS") + { + DERReader der = new DERReader(new ByteArrayInputStream((byte[]) sigValue)); + if (der.read().getTag() != DER.SEQUENCE) + { + throw new IOException("expecting DER SEQUENCE"); + } + BigInteger r = (BigInteger) der.read().getValue(); + BigInteger s = (BigInteger) der.read().getValue(); + sigValue = new BigInteger[] { r, s }; + } + return new Signature(sigValue, suite.getSignature()); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void write(OutputStream out) throws IOException + { + write(out, ProtocolVersion.TLS_1); + } + + public void write(OutputStream out, ProtocolVersion version) + throws IOException + { + byte[] result = null; + if (sigValue instanceof byte[]) + { + result = (byte[]) sigValue; + } + else + { + DERValue r = new DERValue(DER.INTEGER, ((BigInteger[]) sigValue)[0]); + DERValue s = new DERValue(DER.INTEGER, ((BigInteger[]) sigValue)[1]); + DERValue sig = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, + Arrays.asList(new Object[] { r, s })); + result = sig.getEncoded(); + } + out.write(result.length >>> 8 & 0xFF); + out.write(result.length & 0xFF); + out.write(result); + } + + Object getSigValue() + { + return sigValue; + } + + String getSigAlg() + { + return sigAlg; + } + + public String toString() + { + StringWriter str = new StringWriter(); + PrintWriter out = new PrintWriter(str); + out.println("struct {"); + if (sigAlg.equals("RSA")) + { + out.print(Util.hexDump((byte[]) sigValue, " ")); + } + else + { + out.println(" r = " + ((BigInteger[]) sigValue)[0].toString(16) + ";"); + out.println(" s = " + ((BigInteger[]) sigValue)[1].toString(16) + ";"); + } + out.println("} Signature;"); + return str.toString(); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/SynchronizedRandom.java b/libjava/classpath/gnu/javax/net/ssl/provider/SynchronizedRandom.java new file mode 100644 index 0000000..4e22f08 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/SynchronizedRandom.java @@ -0,0 +1,104 @@ +/* SynchronizedRandom.java -- Thread-safe IRandom wrapper. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.util.Map; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.LimitReachedException; + +class SynchronizedRandom implements IRandom +{ + + // Field. + // ------------------------------------------------------------------------- + + private final IRandom random; + + // Constructor. + // ------------------------------------------------------------------------- + + SynchronizedRandom(IRandom random) + { + this.random = random; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public String name() + { + return random.name(); + } + + public synchronized void init(Map attrib) + { + random.init(attrib); + } + + public synchronized byte nextByte() + throws IllegalStateException, LimitReachedException + { + return random.nextByte(); + } + + public synchronized void nextBytes(byte[] buf, int off, int len) + throws IllegalStateException, LimitReachedException + { + random.nextBytes(buf, off, len); + } + + public synchronized Object clone() + throws CloneNotSupportedException + { + return new SynchronizedRandom((IRandom) random.clone()); + } + + // For future versions of GNU Crypto. No-ops. + public void addRandomByte (byte b) + { + } + + public void addRandomBytes(byte[] buffer) { + addRandomBytes(buffer, 0, buffer.length); + } + + public void addRandomBytes (byte[] b, int i, int j) + { + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/TLSHMac.java b/libjava/classpath/gnu/javax/net/ssl/provider/TLSHMac.java new file mode 100644 index 0000000..18aa8f5 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/TLSHMac.java @@ -0,0 +1,138 @@ +/* TLSHMac.java -- HMAC used in TLS. + Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +import gnu.java.security.hash.IMessageDigest; +import gnu.javax.crypto.mac.HMac; + +/** + * The operation of this HMac is identical to normal HMacs, but this one + * allows keys with short lengths (including zero). + */ +class TLSHMac extends HMac +{ + + // Constants. + // ------------------------------------------------------------------------- + + private static final byte IPAD_BYTE = 0x36; + private static final byte OPAD_BYTE = 0x5C; + + // Constructor. + // ------------------------------------------------------------------------- + + TLSHMac(IMessageDigest hash) + { + super(hash); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void init(Map attributes) + throws InvalidKeyException, IllegalStateException + { + Integer ts = (Integer) attributes.get(TRUNCATED_SIZE); + truncatedSize = (ts == null ? macSize : ts.intValue()); + if (truncatedSize < (macSize / 2)) { + throw new IllegalArgumentException("Truncated size too small"); + } else if (truncatedSize < 10) { + throw new IllegalArgumentException("Truncated size less than 80 bits"); + } + + // we dont use/save the key outside this method + byte[] K = (byte[]) attributes.get(MAC_KEY_MATERIAL); + if (K == null) { // take it as an indication to re-use previous key if set + if (ipadHash == null) + { + throw new InvalidKeyException("Null key"); + } + // we already went through the motions; ie. up to step #4. re-use + underlyingHash = (IMessageDigest) ipadHash.clone(); + return; + } + + if (K.length > blockSize) + { + // (0) replace K with HASH(K) if K is larger than the hash's + // block size. Then pad with zeros until it is the correct + // size (the next `if'). + underlyingHash.update(K, 0, K.length); + K = underlyingHash.digest(); + } + if (K.length < blockSize) + { + // (1) append zeros to the end of K to create a B byte string + // (e.g., if K is of length 20 bytes and B=64, then K will be + // appended with 44 zero bytes 0x00) + int limit = (K.length > blockSize) ? blockSize : K.length; + byte[] newK = new byte[blockSize]; + System.arraycopy(K, 0, newK, 0, limit); + K = newK; + } + + underlyingHash.reset(); + opadHash = (IMessageDigest) underlyingHash.clone(); + if (ipad == null) + { + ipad = new byte[blockSize]; + } + // (2) XOR (bitwise exclusive-OR) the B byte string computed in step + // (1) with ipad + // (3) append the stream of data 'text' to the B byte string resulting + // from step (2) + // (4) apply H to the stream generated in step (3) + for (int i = 0; i < blockSize; i++) + { + ipad[i] = (byte)(K[i] ^ IPAD_BYTE); + } + for (int i = 0; i < blockSize; i++) + { + opadHash.update((byte)(K[i] ^ OPAD_BYTE)); + } + + underlyingHash.update(ipad, 0, blockSize); + ipadHash = (IMessageDigest) underlyingHash.clone(); + K = null; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/TLSRandom.java b/libjava/classpath/gnu/javax/net/ssl/provider/TLSRandom.java new file mode 100644 index 0000000..ded6329 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/TLSRandom.java @@ -0,0 +1,252 @@ +/* TLSRandom.java -- The TLS pseudo-random function. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Map; + +import gnu.java.security.hash.HashFactory; +import gnu.javax.crypto.mac.IMac; +import gnu.java.security.prng.IRandom; + +class TLSRandom implements IRandom +{ + + // Fields. + // ------------------------------------------------------------------------- + + /** + * Property name for the secret that will be used to initialize the HMACs. + */ + static final String SECRET = "jessie.tls.prng.secret"; + + /** + * Property name for the seed. + */ + static final String SEED = "jessie.tls.prng.seed"; + + private final IMac hmac_sha, hmac_md5; + private byte[] sha_a, md5_a; + private byte[] seed; + private final byte[] buffer; + private int idx; + private boolean init; + + // Constructors. + // ------------------------------------------------------------------------- + + TLSRandom() + { + hmac_sha = new TLSHMac(HashFactory.getInstance("SHA1")); + hmac_md5 = new TLSHMac(HashFactory.getInstance("MD5")); + buffer = new byte[80]; // 80 == LCM of 16 and 20. + idx = 0; + init = false; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public Object clone() + { + try + { + return super.clone(); + } + catch (CloneNotSupportedException shouldNotHappen) + { + throw new Error(); + } + } + + public void init(Map attributes) + { + HashMap sha_attr = new HashMap(); + HashMap md5_attr = new HashMap(); + byte[] secret = (byte[]) attributes.get(SECRET); + if (secret != null) + { + int l = (secret.length >>> 1) + (secret.length & 1); + byte[] s1 = Util.trim(secret, 0, l); + byte[] s2 = Util.trim(secret, secret.length - l, l); + md5_attr.put(IMac.MAC_KEY_MATERIAL, s1); + sha_attr.put(IMac.MAC_KEY_MATERIAL, s2); + try + { + hmac_md5.init(md5_attr); + hmac_sha.init(sha_attr); + } + catch (InvalidKeyException ike) + { + throw new Error(ike.toString()); + } + } + else if (!init) + { + throw new IllegalArgumentException("no secret supplied"); + } + // else re-use + + byte[] seeed = (byte[]) attributes.get(SEED); + if (seeed != null) + { + seed = (byte[]) seeed.clone(); + } + else if (!init) + { + throw new IllegalArgumentException("no seed supplied"); + } + // else re-use + + // A(0) is the seed, A(1) = HMAC_hash(secret, A(0)). + hmac_md5.update(seed, 0, seed.length); + md5_a = hmac_md5.digest(); + hmac_md5.reset(); + hmac_sha.update(seed, 0, seed.length); + sha_a = hmac_sha.digest(); + hmac_sha.reset(); + fillBuffer(); + init = true; + } + + public String name() + { + return "TLSRandom"; + } + + public byte nextByte() + { + if (!init) + throw new IllegalStateException(); + if (idx >= buffer.length) + fillBuffer(); + return buffer[idx++]; + } + + public void nextBytes(byte[] buf, int off, int len) + { + if (!init) + throw new IllegalStateException(); + if (buf == null) + throw new NullPointerException(); + if (off < 0 || off > buf.length || off + len > buf.length) + throw new ArrayIndexOutOfBoundsException(); + int count = 0; + if (idx >= buffer.length) + fillBuffer(); + while (count < len) + { + int l = Math.min(buffer.length-idx, len-count); + System.arraycopy(buffer, idx, buf, off+count, l); + idx += l; + count += l; + if (count < len && idx >= buffer.length) + fillBuffer(); + } + } + + // For future versions of GNU Crypto. No-ops. + public void addRandomByte (byte b) + { + } + + public void addRandomBytes(byte[] buffer) { + addRandomBytes(buffer, 0, buffer.length); + } + + public void addRandomBytes (byte[] b, int i, int j) + { + } + + // Own methods. + // ------------------------------------------------------------------------- + + /* + * The PRF is defined as: + * + * PRF(secret, label, seed) = P_MD5(S1, label + seed) XOR + * P_SHA-1(S2, label + seed); + * + * P_hash is defined as: + * + * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + + * HMAC_hash(secret, A(2) + seed) + + * HMAC_hash(secret, A(3) + seed) + ... + * + * And A() is defined as: + * + * A(0) = seed + * A(i) = HMAC_hash(secret, A(i-1)) + * + * For simplicity, we compute an 80-byte block on each call, which + * corresponds to five iterations of MD5, and four of SHA-1. + */ + private synchronized void fillBuffer() + { + int len = hmac_md5.macSize(); + for (int i = 0; i < buffer.length; i += len) + { + hmac_md5.update(md5_a, 0, md5_a.length); + hmac_md5.update(seed, 0, seed.length); + byte[] b = hmac_md5.digest(); + hmac_md5.reset(); + System.arraycopy(b, 0, buffer, i, len); + hmac_md5.update(md5_a, 0, md5_a.length); + md5_a = hmac_md5.digest(); + hmac_md5.reset(); + } + len = hmac_sha.macSize(); + for (int i = 0; i < buffer.length; i += len) + { + hmac_sha.update(sha_a, 0, sha_a.length); + hmac_sha.update(seed, 0, seed.length); + byte[] b = hmac_sha.digest(); + hmac_sha.reset(); + for (int j = 0; j < len; j++) + { + buffer[j + i] ^= b[j]; + } + hmac_sha.update(sha_a, 0, sha_a.length); + sha_a = hmac_sha.digest(); + hmac_sha.reset(); + } + idx = 0; + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/Util.java b/libjava/classpath/gnu/javax/net/ssl/provider/Util.java new file mode 100644 index 0000000..15790dd --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/Util.java @@ -0,0 +1,422 @@ +/* Util.java -- Miscellaneous utility methods. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.lang.reflect.Array; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.math.BigInteger; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Security; + +/** + * A collection of useful class methods. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +final class Util +{ + + // Constants. + // ------------------------------------------------------------------------- + + static final String HEX = "0123456789abcdef"; + + // Static methods only. + private Util() { } + + // Class methods. + // ------------------------------------------------------------------------- + + /** + * Convert a hexadecimal string into its byte representation. + * + * @param hex The hexadecimal string. + * @return The converted bytes. + */ + static byte[] toByteArray(String hex) + { + hex = hex.toLowerCase(); + byte[] buf = new byte[hex.length() / 2]; + int j = 0; + for (int i = 0; i < buf.length; i++) + { + buf[i] = (byte) ((Character.digit(hex.charAt(j++), 16) << 4) | + Character.digit(hex.charAt(j++), 16)); + } + return buf; + } + + /** + * Convert a byte array to a hexadecimal string, as though it were a + * big-endian arbitrarily-sized integer. + * + * @param buf The bytes to format. + * @param off The offset to start at. + * @param len The number of bytes to format. + * @return A hexadecimal representation of the specified bytes. + */ + static String toHexString(byte[] buf, int off, int len) + { + StringBuffer str = new StringBuffer(); + for (int i = 0; i < len; i++) + { + str.append(HEX.charAt(buf[i+off] >>> 4 & 0x0F)); + str.append(HEX.charAt(buf[i+off] & 0x0F)); + } + return str.toString(); + } + + /** + * See {@link #toHexString(byte[],int,int)}. + */ + static String toHexString(byte[] buf) + { + return Util.toHexString(buf, 0, buf.length); + } + + /** + * Convert a byte array to a hexadecimal string, separating octets + * with the given character. + * + * @param buf The bytes to format. + * @param off The offset to start at. + * @param len The number of bytes to format. + * @param sep The character to insert between octets. + * @return A hexadecimal representation of the specified bytes. + */ + static String toHexString(byte[] buf, int off, int len, char sep) + { + StringBuffer str = new StringBuffer(); + for (int i = 0; i < len; i++) + { + str.append(HEX.charAt(buf[i+off] >>> 4 & 0x0F)); + str.append(HEX.charAt(buf[i+off] & 0x0F)); + if (i < len - 1) + str.append(sep); + } + return str.toString(); + } + + /** + * See {@link #toHexString(byte[],int,int,char)}. + */ + static String toHexString(byte[] buf, char sep) + { + return Util.toHexString(buf, 0, buf.length, sep); + } + + /** + * Create a representation of the given byte array similar to the + * output of `hexdump -C', which is + * + * 

    OFFSET  SIXTEEN-BYTES-IN-HEX  PRINTABLE-BYTES
    + * + *

    The printable bytes show up as-is if they are printable and + * not a newline character, otherwise showing as '.'. + * + * @param buf The bytes to format. + * @param off The offset to start at. + * @param len The number of bytes to encode. + * @param prefix A string to prepend to every line. + * @return The formatted string. + */ + static String hexDump(byte[] buf, int off, int len, String prefix) + { + String nl = getProperty("line.separator"); + StringBuffer str = new StringBuffer(); + int i = 0; + while (i < len) + { + if (prefix != null) + str.append(prefix); + str.append(Util.formatInt(i+off, 16, 8)); + str.append(" "); + String s = Util.toHexString(buf, i+off, Math.min(16, len-i), ' '); + str.append(s); + for (int j = 56 - (56 - s.length()); j < 56; j++) + str.append(" "); + for (int j = 0; j < Math.min(16, len - i); j++) + { + if ((buf[i+off+j] & 0xFF) < 0x20 || (buf[i+off+j] & 0xFF) > 0x7E) + str.append('.'); + else + str.append((char) (buf[i+off+j] & 0xFF)); + } + str.append(nl); + i += 16; + } + return str.toString(); + } + + /** + * See {@link #hexDump(byte[],int,int,String)}. + */ + static String hexDump(byte[] buf, int off, int len) + { + return hexDump(buf, off, len, ""); + } + + /** + * See {@link #hexDump(byte[],int,int,String)}. + */ + static String hexDump(byte[] buf, String prefix) + { + return hexDump(buf, 0, buf.length, prefix); + } + + /** + * See {@link #hexDump(byte[],int,int,String)}. + */ + static String hexDump(byte[] buf) + { + return hexDump(buf, 0, buf.length); + } + + /** + * Format an integer into the specified radix, zero-filled. + * + * @param i The integer to format. + * @param radix The radix to encode to. + * @param len The target length of the string. The string is + * zero-padded to this length, but may be longer. + * @return The formatted integer. + */ + static String formatInt(int i, int radix, int len) + { + String s = Integer.toString(i, radix); + StringBuffer buf = new StringBuffer(); + for (int j = 0; j < len - s.length(); j++) + buf.append("0"); + buf.append(s); + return buf.toString(); + } + + /** + * Concatenate two byte arrays into one. + * + * @param b1 The first byte array. + * @param b2 The second byte array. + * @return The concatenation of b1 and b2. + */ + static byte[] concat(byte[] b1, byte[] b2) + { + byte[] b3 = new byte[b1.length+b2.length]; + System.arraycopy(b1, 0, b3, 0, b1.length); + System.arraycopy(b2, 0, b3, b1.length, b2.length); + return b3; + } + + /** + * See {@link #trim(byte[],int,int)}. + */ + static byte[] trim(byte[] buffer, int len) + { + return trim(buffer, 0, len); + } + + /** + * Returns a portion of a byte array, possibly zero-filled. + * + * @param buffer The byte array to trim. + * @param off The offset to begin reading at. + * @param len The number of bytes to return. This value can be larger + * than buffer.length - off, in which case the rest of the + * returned byte array will be filled with zeros. + * @throws IndexOutOfBoundsException If off or len is + * negative, or if off is larger than the byte array's + * length. + * @return The trimmed byte array. + */ + static byte[] trim(byte[] buffer, int off, int len) + { + if (off < 0 || len < 0 || off > buffer.length) + throw new IndexOutOfBoundsException("max=" + buffer.length + + " off=" + off + " len=" + len); + if (off == 0 && len == buffer.length) + return buffer; + byte[] b = new byte[len]; + System.arraycopy(buffer, off, b, 0, Math.min(len, buffer.length - off)); + return b; + } + + /** + * Returns the byte array representation of the given big integer with + * the leading zero byte (if any) trimmed off. + * + * @param bi The integer to trim. + * @return The byte representation of the big integer, with any leading + * zero removed. + */ + static byte[] trim(BigInteger bi) + { + byte[] buf = bi.toByteArray(); + if (buf[0] == 0x00 && !bi.equals(BigInteger.ZERO)) + { + return trim(buf, 1, buf.length - 1); + } + else + { + return buf; + } + } + + /** + * Returns the integer value of {@link + * java.lang.System#currentTimeMillis()} / 1000. + * + * @return The current time, in seconds. + */ + static int unixTime() + { + return (int) (System.currentTimeMillis() / 1000L); + } + + /** + * Transform an Object array into another by calling the given method + * on each object. The returned object array will have the runtime + * type of returnType. For example, the following will transform + * array of objects into their String representations, returning a String + * array. For example: + * + *

    + * String[] strings = (String[]) Util.transform(array, String.class, + * "toString", null); + *

    + * + *

    If any element of the given array is null, then that + * entry in the returned array will also be null. + * + * @param array The array to transform. It does not need to be of + * uniform type. + * @param returnType The desired return type of the returned array. + * This must by the component type, not the array type. + * @param method The name of the method to invoke from each object. + * @param args The arguments to pass to the method, or null + * if the method takes no arguments. + * @throws InvocationTargetException If an exception occurs while + * calling method of any object. + * @throws NoSuchMethodException If method is not the name of + * a valid method of any component of the array. + * @throws ClassCastException If the returned object from the method + * is not assignable to the return type. + * @throws IllegalArgumentException If args is not appropriate + * for method + * @throws IllegalAccessException If method is not accessible. + * @throws SecurityException If method is not accessible. + * @return An array containing the output of method called on + * each element of array with args. The return type + * of the array will be an array of returnType. + */ + static Object[] transform(Object[] array, Class returnType, + String method, Object[] args) + throws InvocationTargetException, NoSuchMethodException, + IllegalAccessException + { + if (args == null) + args = new Object[0]; + Object[] result = (Object[]) Array.newInstance(returnType, array.length); + Class[] argsClasses = new Class[args.length]; + for (int i = 0; i < args.length; i++) + { + argsClasses[i] = args[i].getClass(); + } + for (int i = 0; i < array.length; i++) + { + if (array[i] == null) + { + result[i] = null; + continue; + } + Class objClass = array[i].getClass(); + Method objMethod = objClass.getMethod(method, argsClasses); + Object o = objMethod.invoke(array[i], args); + if (!returnType.isAssignableFrom(o.getClass())) + throw new ClassCastException(); + result[i] = o; + } + return result; + } + + /** + * Get a system property as a privileged action. + * + * @param name The name of the property to get. + * @return The property named name, or null if the property is + * not set. + * @throws SecurityException If the Jessie code still does not have + * permission to read the property. + */ + static String getProperty(final String name) + { + return (String) AccessController.doPrivileged( + new PrivilegedAction() + { + public Object run() + { + return System.getProperty(name); + } + } + ); + } + + /** + * Get a security property as a privileged action. + * + * @param name The name of the property to get. + * @return The property named name, or null if the property is + * not set. + * @throws SecurityException If the Jessie code still does not have + * permission to read the property. + */ + static String getSecurityProperty(final String name) + { + return (String) AccessController.doPrivileged( + new PrivilegedAction() + { + public Object run() + { + return Security.getProperty(name); + } + } + ); + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java b/libjava/classpath/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java new file mode 100644 index 0000000..476655c --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java @@ -0,0 +1,359 @@ +/* X509KeyManagerFactory.java -- X.509 key manager factory. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.FileInputStream; +import java.io.IOException; +import java.net.Socket; + +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.Enumeration; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.Principal; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.List; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactorySpi; +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.X509KeyManager; + +import gnu.javax.net.ssl.NullManagerParameters; +import gnu.javax.net.ssl.PrivateCredentials; + +/** + * This class implements a {@link javax.net.ssl.KeyManagerFactory} engine + * for the ``JessieX509'' algorithm. + */ +public class X509KeyManagerFactory extends KeyManagerFactorySpi +{ + + // Fields. + // ------------------------------------------------------------------------- + + private Manager current; + + // Constructor. + // ------------------------------------------------------------------------- + + public X509KeyManagerFactory() + { + super(); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected KeyManager[] engineGetKeyManagers() + { + if (current == null) + { + throw new IllegalStateException(); + } + return new KeyManager[] { current }; + } + + protected void engineInit(ManagerFactoryParameters params) + throws InvalidAlgorithmParameterException + { + if (params instanceof NullManagerParameters) + { + current = new Manager(Collections.EMPTY_MAP, Collections.EMPTY_MAP); + } + else if (params instanceof PrivateCredentials) + { + List chains = ((PrivateCredentials) params).getCertChains(); + List keys = ((PrivateCredentials) params).getPrivateKeys(); + int i = 0; + HashMap certMap = new HashMap(); + HashMap keyMap = new HashMap(); + Iterator c = chains.iterator(); + Iterator k = keys.iterator(); + while (c.hasNext() && k.hasNext()) + { + certMap.put(String.valueOf(i), c.next()); + keyMap.put(String.valueOf(i), k.next()); + i++; + } + current = new Manager(keyMap, certMap); + } + else + { + throw new InvalidAlgorithmParameterException(); + } + } + + protected void engineInit(KeyStore store, char[] passwd) + throws KeyStoreException, NoSuchAlgorithmException, + UnrecoverableKeyException + { + if (store == null) + { + String s = Util.getProperty("javax.net.ssl.keyStoreType"); + if (s == null) + s = KeyStore.getDefaultType(); + store = KeyStore.getInstance(s); + s = Util.getProperty("javax.net.ssl.keyStore"); + if (s == null) + return; + String p = Util.getProperty("javax.net.ssl.keyStorePassword"); + try + { + store.load(new FileInputStream(s), p != null ? p.toCharArray() : null); + } + catch (IOException ioe) + { + throw new KeyStoreException(ioe.toString()); + } + catch (CertificateException ce) + { + throw new KeyStoreException(ce.toString()); + } + } + + HashMap p = new HashMap(); + HashMap c = new HashMap(); + Enumeration aliases = store.aliases(); + UnrecoverableKeyException exception = null; + while (aliases.hasMoreElements()) + { + String alias = (String) aliases.nextElement(); + if (!store.isKeyEntry(alias)) + { + continue; + } + X509Certificate[] chain = null; + Certificate[] chain2 = store.getCertificateChain (alias); + if (chain2 != null && chain2.length > 0 && + (chain2[0] instanceof X509Certificate)) + { + chain = toX509Chain(chain2); + } + else + { + continue; + } + PrivateKey key = null; + try + { + key = (PrivateKey) store.getKey(alias, passwd); + } + catch (UnrecoverableKeyException uke) + { + exception = uke; + continue; + } + if (key == null) + { + continue; + } + p.put(alias, key); + c.put(alias, chain); + } + if (p.isEmpty () && c.isEmpty ()) + { + if (exception != null) + { + throw exception; + } + throw new KeyStoreException ("no private credentials found"); + } + current = this.new Manager(p, c); + } + + private static X509Certificate[] toX509Chain(Certificate[] chain) + { + if (chain instanceof X509Certificate[]) + { + return (X509Certificate[]) chain; + } + X509Certificate[] _chain = new X509Certificate[chain.length]; + for (int i = 0; i < chain.length; i++) + _chain[i] = (X509Certificate) chain[i]; + return _chain; + } + + // Inner class. + // ------------------------------------------------------------------------- + + private class Manager implements X509KeyManager + { + // Fields. + // ----------------------------------------------------------------------- + + private final Map privateKeys; + private final Map certChains; + + // Constructor. + // ----------------------------------------------------------------------- + + Manager(Map privateKeys, Map certChains) + { + this.privateKeys = privateKeys; + this.certChains = certChains; + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public String chooseClientAlias(String[] keyTypes, Principal[] issuers, + Socket socket) + { + for (int i = 0; i < keyTypes.length; i++) + { + String[] s = getClientAliases(keyTypes[i], issuers); + if (s.length > 0) + return s[0]; + } + return null; + } + + public String[] getClientAliases(String keyType, Principal[] issuers) + { + return getAliases(keyType, issuers); + } + + public String chooseServerAlias(String keyType, Principal[] issuers, + Socket socket) + { + String[] s = getServerAliases(keyType, issuers); + if (s.length > 0) + return s[0]; + return null; + } + + public String[] getServerAliases(String keyType, Principal[] issuers) + { + return getAliases(keyType, issuers); + } + + private String[] getAliases(String keyType, Principal[] issuers) + { + LinkedList l = new LinkedList(); + for (Iterator i = privateKeys.keySet().iterator(); i.hasNext(); ) + { + String alias = (String) i.next(); + X509Certificate[] chain = getCertificateChain(alias); + if (chain.length == 0) + continue; + PrivateKey privKey = getPrivateKey(alias); + if (privKey == null) + continue; + PublicKey pubKey = chain[0].getPublicKey(); + if (keyType.equals("RSA") || keyType.equals("DHE_RSA") || + keyType.equals("SRP_RSA") || keyType.equals("rsa_sign")) + { + if (!(privKey instanceof RSAPrivateKey) || + !(pubKey instanceof RSAPublicKey)) + continue; + } + if (keyType.equals("DHE_DSS") || keyType.equals("dss_sign") || + keyType.equals("SRP_DSS")) + { + if (!(privKey instanceof DSAPrivateKey) || + !(pubKey instanceof DSAPublicKey)) + continue; + } + if (keyType.equals("DH_RSA") || keyType.equals("rsa_fixed_dh")) + { + if (!(privKey instanceof DHPrivateKey) || + !(pubKey instanceof DHPublicKey)) + continue; + if (!chain[0].getSigAlgName().equalsIgnoreCase("RSA")) + continue; + } + if (keyType.equals("DH_DSS") || keyType.equals("dss_fixed_dh")) + { + if (!(privKey instanceof DHPrivateKey) || + !(pubKey instanceof DHPublicKey)) + continue; + if (!chain[0].getSigAlgName().equalsIgnoreCase("DSA")) + continue; + } + if (issuers == null || issuers.length == 0) + { + l.add(alias); + continue; + } + for (int j = 0; j < issuers.length; j++) + if (chain[0].getIssuerDN().equals(issuers[j])) + { + l.add(alias); + break; + } + } + return (String[]) l.toArray(new String[l.size()]); + } + + public X509Certificate[] getCertificateChain(String alias) + { + X509Certificate[] c = (X509Certificate[]) certChains.get(alias); + return c != null ? (X509Certificate[]) c.clone() : null; + } + + public PrivateKey getPrivateKey(String alias) + { + return (PrivateKey) privateKeys.get(alias); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/X509TrustManagerFactory.java b/libjava/classpath/gnu/javax/net/ssl/provider/X509TrustManagerFactory.java new file mode 100644 index 0000000..4f049e9 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/X509TrustManagerFactory.java @@ -0,0 +1,298 @@ +/* X509TrustManagerFactory.java -- X.509 trust manager factory. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.FileInputStream; +import java.io.IOException; + +import java.util.Arrays; +import java.util.Enumeration; +import java.util.HashSet; +import java.util.LinkedList; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.SignatureException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +import javax.net.ssl.ManagerFactoryParameters; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactorySpi; +import javax.net.ssl.X509TrustManager; + +import gnu.javax.net.ssl.NullManagerParameters; +import gnu.javax.net.ssl.StaticTrustAnchors; + +/** + * This class implements a {@link javax.net.ssl.TrustManagerFactory} engine + * for the ``JessieX509'' algorithm. + */ +public class X509TrustManagerFactory extends TrustManagerFactorySpi +{ + + // Constants and fields. + // ------------------------------------------------------------------------- + + /** + * The location of the JSSE key store. + */ + private static final String JSSE_CERTS = Util.getProperty("java.home") + + Util.getProperty("file.separator") + "lib" + + Util.getProperty("file.separator") + "security" + + Util.getProperty("file.separator") + "jssecerts"; + + /** + * The location of the system key store, containing the CA certs. + */ + private static final String CA_CERTS = Util.getProperty("java.home") + + Util.getProperty("file.separator") + "lib" + + Util.getProperty("file.separator") + "security" + + Util.getProperty("file.separator") + "cacerts"; + + private Manager current; + + // Construtors. + // ------------------------------------------------------------------------- + + public X509TrustManagerFactory() + { + super(); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected TrustManager[] engineGetTrustManagers() + { + if (current == null) + { + throw new IllegalStateException("not initialized"); + } + return new TrustManager[] { current }; + } + + protected void engineInit(ManagerFactoryParameters params) + throws InvalidAlgorithmParameterException + { + if (params instanceof StaticTrustAnchors) + { + current = new Manager(((StaticTrustAnchors) params).getCertificates()); + } + else if (params instanceof NullManagerParameters) + { + current = new Manager(new X509Certificate[0]); + } + else + { + throw new InvalidAlgorithmParameterException(); + } + } + + protected void engineInit(KeyStore store) throws KeyStoreException + { + if (store == null) + { + String s = Util.getProperty("javax.net.ssl.trustStoreType"); + if (s == null) + s = KeyStore.getDefaultType(); + store = KeyStore.getInstance(s); + try + { + s = Util.getProperty("javax.net.ssl.trustStore"); + FileInputStream in = null; + if (s == null) + { + try + { + in = new FileInputStream(JSSE_CERTS); + } + catch (IOException e) + { + in = new FileInputStream(CA_CERTS); + } + } + else + { + in = new FileInputStream(s); + } + String p = Util.getProperty("javax.net.ssl.trustStorePassword"); + store.load(in, p != null ? p.toCharArray() : null); + } + catch (IOException ioe) + { + throw new KeyStoreException(ioe.toString()); + } + catch (CertificateException ce) + { + throw new KeyStoreException(ce.toString()); + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyStoreException(nsae.toString()); + } + } + + LinkedList l = new LinkedList(); + Enumeration aliases = store.aliases(); + while (aliases.hasMoreElements()) + { + String alias = (String) aliases.nextElement(); + if (!store.isCertificateEntry(alias)) + continue; + Certificate c = store.getCertificate(alias); + if (!(c instanceof X509Certificate)) + continue; + l.add(c); + } + current = this.new Manager((X509Certificate[]) + l.toArray(new X509Certificate[l.size()])); + } + + // Inner class. + // ------------------------------------------------------------------------- + + /** + * The actual manager implementation returned. + */ + private class Manager implements X509TrustManager + { + + // Fields. + // ----------------------------------------------------------------------- + + private final X509Certificate[] trusted; + + // Constructor. + // ----------------------------------------------------------------------- + + Manager(X509Certificate[] trusted) + { + this.trusted = trusted; + } + + // Instance methodns. + // ----------------------------------------------------------------------- + + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException + { + checkTrusted(chain, authType); + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException + { + checkTrusted(chain, authType); + } + + public X509Certificate[] getAcceptedIssuers() + { + if (trusted == null) + return new X509Certificate[0]; + return (X509Certificate[]) trusted.clone(); + } + + // Own methods. + // ----------------------------------------------------------------------- + + private void checkTrusted(X509Certificate[] chain, String authType) + throws CertificateException + { + // NOTE: this is not a full-featured path validation algorithm. + // + // Step 0: check if the target is valid now. + chain[0].checkValidity(); + + // Step 1: verify that the chain is complete and valid. + for (int i = 1; i < chain.length; i++) + { + chain[i].checkValidity(); + try + { + chain[i-1].verify(chain[i].getPublicKey()); + } + catch (NoSuchAlgorithmException nsae) + { + throw new CertificateException(nsae.toString()); + } + catch (NoSuchProviderException nspe) + { + throw new CertificateException(nspe.toString()); + } + catch (InvalidKeyException ike) + { + throw new CertificateException(ike.toString()); + } + catch (SignatureException se) + { + throw new CertificateException(se.toString()); + } + } + + // Step 2: verify that the root of the chain was issued by a trust anchor. + if (trusted == null || trusted.length == 0) + throw new CertificateException("no trust anchors"); + for (int i = 0; i < trusted.length; i++) + { + try + { + trusted[i].checkValidity(); + chain[chain.length-1].verify(trusted[i].getPublicKey()); + return; + } + catch (Exception e) + { + } + //catch (CertificateException ce) { } + //catch (NoSuchAlgorithmException nsae) { } + //catch (NoSuchProviderException nspe) { } + //catch (InvalidKeyException ike) { } + //catch (SignatureException se) { } + } + throw new CertificateException(); + } + } +} diff --git a/libjava/classpath/gnu/javax/net/ssl/provider/XMLSessionContext.java b/libjava/classpath/gnu/javax/net/ssl/provider/XMLSessionContext.java new file mode 100644 index 0000000..dcfa9d4 --- /dev/null +++ b/libjava/classpath/gnu/javax/net/ssl/provider/XMLSessionContext.java @@ -0,0 +1,619 @@ +/* XMLSessionContext.java -- XML-encoded persistent SSL sessions. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.io.ByteArrayInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.io.IOException; +import java.io.PrintStream; + +import java.security.SecureRandom; +import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateFactory; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; +import java.util.TreeSet; +import java.util.zip.GZIPInputStream; +import java.util.zip.GZIPOutputStream; + +import javax.xml.parsers.SAXParser; +import javax.xml.parsers.SAXParserFactory; + +import org.xml.sax.Attributes; +import org.xml.sax.SAXException; +import org.xml.sax.helpers.DefaultHandler; + +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mode.IMode; +import gnu.javax.crypto.mode.ModeFactory; +import gnu.javax.crypto.prng.IPBE; +import gnu.java.security.prng.IRandom; +import gnu.java.security.prng.PRNGFactory; + +import gnu.javax.net.ssl.Base64; + +/** + * An implementation of session contexts that stores session data on the + * filesystem in a simple XML-encoded file. + */ +class XMLSessionContext extends SessionContext +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final File file; + private final IRandom pbekdf; + private final boolean compress; + private final SecureRandom random; + private boolean encoding; + + // Constructor. + // ------------------------------------------------------------------------- + + XMLSessionContext() throws IOException, SAXException + { + file = new File(Util.getSecurityProperty("jessie.SessionContext.xml.file")); + String password = Util.getSecurityProperty("jessie.SessionContext.xml.password"); + compress = new Boolean(Util.getSecurityProperty("jessie.SessionContext.xml.compress")).booleanValue(); + if (password == null) + { + password = ""; + } + pbekdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA1"); + HashMap kdfattr = new HashMap(); + kdfattr.put(IPBE.PASSWORD, password.toCharArray()); + // Dummy salt. This is replaced by a real salt when encoding. + kdfattr.put(IPBE.SALT, new byte[8]); + kdfattr.put(IPBE.ITERATION_COUNT, new Integer(1000)); + pbekdf.init(kdfattr); + encoding = false; + if (file.exists()) + { + decode(); + } + encoding = true; + random = new SecureRandom (); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + synchronized boolean addSession(Session.ID sessionId, Session session) + { + boolean ret = super.addSession(sessionId, session); + if (ret && encoding) + { + try + { + encode(); + } + catch (IOException ioe) + { + } + } + return ret; + } + + synchronized void notifyAccess(Session session) + { + try + { + encode(); + } + catch (IOException ioe) + { + } + } + + synchronized boolean removeSession(Session.ID sessionId) + { + if (super.removeSession(sessionId)) + { + try + { + encode(); + } + catch (Exception x) + { + } + return true; + } + return false; + } + + private void decode() throws IOException, SAXException + { + SAXParser parser = null; + try + { + parser = SAXParserFactory.newInstance().newSAXParser(); + } + catch (Exception x) + { + throw new Error(x.toString()); + } + SAXHandler handler = new SAXHandler(this, pbekdf); + InputStream in = null; + if (compress) + in = new GZIPInputStream(new FileInputStream(file)); + else + in = new FileInputStream(file); + parser.parse(in, handler); + } + + private void encode() throws IOException + { + IMode cipher = ModeFactory.getInstance("CBC", "AES", 16); + HashMap cipherAttr = new HashMap(); + IMac mac = MacFactory.getInstance("HMAC-SHA1"); + HashMap macAttr = new HashMap(); + byte[] key = new byte[32]; + byte[] iv = new byte[16]; + byte[] mackey = new byte[20]; + byte[] salt = new byte[8]; + byte[] encryptedSecret = new byte[48]; + cipherAttr.put(IMode.KEY_MATERIAL, key); + cipherAttr.put(IMode.IV, iv); + cipherAttr.put(IMode.STATE, new Integer(IMode.ENCRYPTION)); + macAttr.put(IMac.MAC_KEY_MATERIAL, mackey); + PrintStream out = null; + if (compress) + { + out = new PrintStream(new GZIPOutputStream(new FileOutputStream(file))); + } + else + { + out = new PrintStream(new FileOutputStream(file)); + } + out.println(""); + out.println(""); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println(" "); + out.println("]>"); + out.println(); + out.print(""); + for (Iterator it = sessions.entrySet().iterator(); it.hasNext(); ) + { + Map.Entry entry = (Map.Entry) it.next(); + Session.ID id = (Session.ID) entry.getKey(); + Session session = (Session) entry.getValue(); + if (!session.valid) + { + continue; + } + out.print(""); + out.print(""); + Certificate[] certs = session.getPeerCertificates(); + if (certs != null && certs.length > 0) + { + out.print(""); + for (int i = 0; i < certs.length; i++) + { + out.println("-----BEGIN CERTIFICATE-----"); + try + { + out.print(Base64.encode(certs[i].getEncoded(), 70)); + } + catch (CertificateEncodingException cee) + { + throw new IOException(cee.toString()); + } + out.println("-----END CERTIFICATE-----"); + } + out.println(""); + } + out.println(""); + certs = session.getLocalCertificates(); + if (certs != null && certs.length > 0) + { + out.print(""); + for (int i = 0; i < certs.length; i++) + { + out.println("-----BEGIN CERTIFICATE-----"); + try + { + out.print(Base64.encode(certs[i].getEncoded(), 70)); + } + catch (CertificateEncodingException cee) + { + throw new IOException(cee.toString()); + } + out.println("-----END CERTIFICATE-----"); + } + out.println(""); + } + random.nextBytes (salt); + pbekdf.init(Collections.singletonMap(IPBE.SALT, salt)); + try + { + pbekdf.nextBytes(key, 0, key.length); + pbekdf.nextBytes(iv, 0, iv.length); + pbekdf.nextBytes(mackey, 0, mackey.length); + cipher.reset(); + cipher.init(cipherAttr); + mac.init(macAttr); + } + catch (Exception ex) + { + throw new Error(ex.toString()); + } + for (int i = 0; i < session.masterSecret.length; i += 16) + { + cipher.update(session.masterSecret, i, encryptedSecret, i); + } + mac.update(encryptedSecret, 0, encryptedSecret.length); + byte[] macValue = mac.digest(); + out.print(""); + out.print(Base64.encode(Util.concat(encryptedSecret, macValue), 70)); + out.println(""); + out.println(""); + } + out.println(""); + out.close(); + } + + // Inner class. + // ------------------------------------------------------------------------- + + private class SAXHandler extends DefaultHandler + { + + // Field. + // ----------------------------------------------------------------------- + + private SessionContext context; + private Session current; + private IRandom pbekdf; + private StringBuffer buf; + private String certType; + private int state; + private IMode cipher; + private HashMap cipherAttr; + private IMac mac; + private HashMap macAttr; + private byte[] key; + private byte[] iv; + private byte[] mackey; + + private static final int START = 0; + private static final int SESSIONS = 1; + private static final int SESSION = 2; + private static final int PEER = 3; + private static final int PEER_CERTS = 4; + private static final int CERTS = 5; + private static final int SECRET = 6; + + // Constructor. + // ----------------------------------------------------------------------- + + SAXHandler(SessionContext context, IRandom pbekdf) + { + this.context = context; + this.pbekdf = pbekdf; + buf = new StringBuffer(); + state = START; + cipher = ModeFactory.getInstance("CBC", "AES", 16); + cipherAttr = new HashMap(); + mac = MacFactory.getInstance("HMAC-SHA1"); + macAttr = new HashMap(); + key = new byte[32]; + iv = new byte[16]; + mackey = new byte[20]; + cipherAttr.put(IMode.KEY_MATERIAL, key); + cipherAttr.put(IMode.IV, iv); + cipherAttr.put(IMode.STATE, new Integer(IMode.DECRYPTION)); + macAttr.put(IMac.MAC_KEY_MATERIAL, mackey); + } + + // Instance methods. + // ----------------------------------------------------------------------- + + public void startElement(String u, String n, String qname, Attributes attr) + throws SAXException + { + qname = qname.toLowerCase(); + switch (state) + { + case START: + if (qname.equals("sessions")) + { + try + { + timeout = Integer.parseInt(attr.getValue("timeout")); + cacheSize = Integer.parseInt(attr.getValue("size")); + if (timeout <= 0 || cacheSize < 0) + throw new SAXException("timeout or cache size out of range"); + } + catch (NumberFormatException nfe) + { + throw new SAXException(nfe); + } + state = SESSIONS; + } + else + throw new SAXException("expecting sessions"); + break; + + case SESSIONS: + if (qname.equals("session")) + { + try + { + current = new Session(Long.parseLong(attr.getValue("created"))); + current.enabledSuites = new ArrayList(SSLSocket.supportedSuites); + current.enabledProtocols = new TreeSet(SSLSocket.supportedProtocols); + current.context = context; + current.sessionId = new Session.ID(Base64.decode(attr.getValue("id"))); + current.setLastAccessedTime(Long.parseLong(attr.getValue("timestamp"))); + } + catch (Exception ex) + { + throw new SAXException(ex); + } + String prot = attr.getValue("protocol"); + if (prot.equals("SSLv3")) + current.protocol = ProtocolVersion.SSL_3; + else if (prot.equals("TLSv1")) + current.protocol = ProtocolVersion.TLS_1; + else if (prot.equals("TLSv1.1")) + current.protocol = ProtocolVersion.TLS_1_1; + else + throw new SAXException("bad protocol: " + prot); + current.cipherSuite = CipherSuite.forName(attr.getValue("suite")); + state = SESSION; + } + else + throw new SAXException("expecting session"); + break; + + case SESSION: + if (qname.equals("peer")) + { + current.peerHost = attr.getValue("host"); + state = PEER; + } + else if (qname.equals("certificates")) + { + certType = attr.getValue("type"); + state = CERTS; + } + else if (qname.equals("secret")) + { + byte[] salt = null; + try + { + salt = Base64.decode(attr.getValue("salt")); + } + catch (IOException ioe) + { + throw new SAXException(ioe); + } + pbekdf.init(Collections.singletonMap(IPBE.SALT, salt)); + state = SECRET; + } + else + throw new SAXException("bad element: " + qname); + break; + + case PEER: + if (qname.equals("certificates")) + { + certType = attr.getValue("type"); + state = PEER_CERTS; + } + else + throw new SAXException("bad element: " + qname); + break; + + default: + throw new SAXException("bad element: " + qname); + } + } + + public void endElement(String uri, String name, String qname) + throws SAXException + { + qname = qname.toLowerCase(); + switch (state) + { + case SESSIONS: + if (qname.equals("sessions")) + state = START; + else + throw new SAXException("expecting sessions"); + break; + + case SESSION: + if (qname.equals("session")) + { + current.valid = true; + context.addSession(current.sessionId, current); + state = SESSIONS; + } + else + throw new SAXException("expecting session"); + break; + + case PEER: + if (qname.equals("peer")) + state = SESSION; + else + throw new SAXException("unexpected element: " + qname); + break; + + case PEER_CERTS: + if (qname.equals("certificates")) + { + try + { + CertificateFactory fact = CertificateFactory.getInstance(certType); + current.peerCerts = (Certificate[]) + fact.generateCertificates(new ByteArrayInputStream( + buf.toString().getBytes())).toArray(new Certificate[0]); + } + catch (Exception ex) + { + throw new SAXException(ex); + } + current.peerVerified = true; + state = PEER; + } + else + throw new SAXException("unexpected element: " + qname); + break; + + case CERTS: + if (qname.equals("certificates")) + { + try + { + CertificateFactory fact = CertificateFactory.getInstance(certType); + current.localCerts = (Certificate[]) + fact.generateCertificates(new ByteArrayInputStream( + buf.toString().getBytes())).toArray(new Certificate[0]); + } + catch (Exception ex) + { + throw new SAXException(ex); + } + state = SESSION; + } + else + throw new SAXException("unexpected element: " + qname); + break; + + case SECRET: + if (qname.equals("secret")) + { + byte[] encrypted = null; + try + { + encrypted = Base64.decode(buf.toString()); + if (encrypted.length != 68) + throw new IOException("encrypted secret not 68 bytes long"); + pbekdf.nextBytes(key, 0, key.length); + pbekdf.nextBytes(iv, 0, iv.length); + pbekdf.nextBytes(mackey, 0, mackey.length); + cipher.reset(); + cipher.init(cipherAttr); + mac.init(macAttr); + } + catch (Exception ex) + { + throw new SAXException(ex); + } + mac.update(encrypted, 0, 48); + byte[] macValue = mac.digest(); + for (int i = 0; i < macValue.length; i++) + { + if (macValue[i] != encrypted[48+i]) + throw new SAXException("MAC mismatch"); + } + current.masterSecret = new byte[48]; + for (int i = 0; i < current.masterSecret.length; i += 16) + { + cipher.update(encrypted, i, current.masterSecret, i); + } + state = SESSION; + } + else + throw new SAXException("unexpected element: " + qname); + break; + + default: + throw new SAXException("unexpected element: " + qname); + } + buf.setLength(0); + } + + public void characters(char[] ch, int off, int len) throws SAXException + { + if (state != CERTS && state != PEER_CERTS && state != SECRET) + { + throw new SAXException("illegal character data"); + } + buf.append(ch, off, len); + } + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/Password.java b/libjava/classpath/gnu/javax/security/auth/Password.java new file mode 100644 index 0000000..7284b7d --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/Password.java @@ -0,0 +1,285 @@ +/* Password.java -- opaque wrapper around a password. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth; + +import gnu.java.security.util.ExpirableObject; + +import javax.security.auth.DestroyFailedException; + +/** + * Immutible, though destroyable, password class. + * + *

    Extends {@link ExpirableObject}, implementing {@link doDestroy()} + * in which encapsulated {@link char[]}, and {@link byte[]} password fields + * are cleared (elements set to zero) in order to thwart memory heap + * snooping. + */ +public final class Password extends ExpirableObject +{ + + // Constants and variables + // ------------------------------------------------------------------------- + + /** + * Password stored in {@link char[]} format. + */ + private final char[] password; + + /** + * Password stored in {@link byte[]} format. + */ + private final byte[] bPassword; + + /** + * Indicates whether this Password object's {@link doDestroy()} method has + * been called. See also, {@link ExpirableObject#Destroy()}. + */ + private boolean mIsDestroyed = false; + + // Constructor(s) + // ------------------------------------------------------------------------- + + /** + * Create a new expirable Password object that will expire after the + * default timeout {@link ExpirableObject#DEFAULT_TIMEOUT}. + * + * @param password The character array password to associate with this + * Password object. + */ + public Password (char[] password) + { + this (password, 0, password.length, DEFAULT_TIMEOUT); + } + + /** + * Create a new expirable Password object that will expire after the + * timeout denoted by constructor parameter, delay. + * + * @param password The character array password to associate with this + * Password object. + * @param delay The number of miliseconds before this Password object + * will be automatically destroyed. + */ + public Password (char[] password, long delay) + { + this (password, 0, password.length, delay); + } + + /** + * Create a new expirable Password object that will expire after the + * default timeout {@link ExpirableObject#DEFAULT_TIMEOUT}. + * + * @param password The character array password to associate with this + * Password object. + * @param offset The password character array parameter element + * marking the beginning of the contained password string. + * @param length The number of characters, beginning at offset, + * to be copied into this object's {@link password} field. + */ + public Password (char[] password, int offset, int length) + { + this (password, offset, length, DEFAULT_TIMEOUT); + } + + /** + * Create a new expirable Password object that will expire after the + * timeout denoted by constructor parameter, delay. + * + * @param password The character array password to associate with this + * Password object. + * @param offset The password character array parameter element + * marking the beginning of the contained password string. + * @param length The number of characters, beginning at offset, + * to be copied into this object's {@link password} field. + * @param delay The number of miliseconds before this Password object + * will be automatically destroyed. + */ + public Password (char[] password, int offset, int length, long delay) + { + super (delay); + + if (offset < 0 || length < 0 || offset + length > password.length) + throw new ArrayIndexOutOfBoundsException ("off=" + offset + " length=" + + length + " array.length=" + + password.length); + + int i, j; + this.password = new char[length]; + bPassword = new byte[length]; + + for(i = 0, j = offset; i < length; i++, j++) + { + this.password[i] = (char) password[j]; + // XXX this should use character encodings, other than ASCII. + bPassword[i] = (byte) (password[j] & 0x7F); + } + } + + /** + * Create a new expirable Password object that will expire after the + * default timeout {@link ExpirableObject#DEFAULT_TIMEOUT}. + * + * @param password The byte array password to associate with this + * Password object. + */ + public Password (byte[] password) + { + this (password, 0, password.length, DEFAULT_TIMEOUT); + } + + /** + * Create a new expirable Password object that will expire after the + * timeout denoted by constructor parameter, delay. + * + * @param password The byte array password to associate with this + * Password object. + * @param delay The number of miliseconds before this Password object + * will be automatically destroyed. + */ + public Password (byte[] password, long delay) + { + this (password, 0, password.length, delay); + } + + /** + * Create a new expirable Password object that will expire after the + * default timeout {@link ExpirableObject#DEFAULT_TIMEOUT}. + * + * @param password The byte array password to associate with this + * Password object. + * @param offset The password byte array parameter element + * marking the beginning of the contained password string. + * @param length The number of bytes, beginning at offset, + * to be copied into this object's {@link password} field. + */ + public Password (byte[] password, int offset, int length) + { + this (password, offset, length, DEFAULT_TIMEOUT); + } + + /** + * Create a new expirable Password object that will expire after the + * timeout denoted by constructor parameter, delay. + * + * @param password The byte array password to associate with this + * Password object. + * @param offset The password byte array parameter element + * marking the beginning of the contained password string. + * @param length The number of bytes, beginning at offset, + * to be copied into this object's {@link bPassword} field. + * @param delay The number of miliseconds before this Password object + * will be automatically destroyed. + */ + public Password (byte[] password, int offset, int length, long delay) + { + super (delay); + + if (offset < 0 || length < 0 || offset + length > password.length) + throw new ArrayIndexOutOfBoundsException ("off=" + offset + " length=" + + length + " array.length=" + + password.length); + + int i, j; + this.password = new char[length]; + bPassword = new byte[length]; + + for (i = 0, j = offset; i < length; i++, j++) + { + this.password[i] = (char) password[j]; + bPassword[i] = password[j]; + } + } + + // Instance methods + // ------------------------------------------------------------------------- + + /** + * Returns a reference to the {@link char[]} password storage field, + * {@link password}. + */ + public synchronized char[] getPassword() + { + if (mIsDestroyed) + throw new IllegalStateException ("Attempted destroyed password access."); + + return password; + } + + /** + * Returns a reference to the {@link byte[]} password storage field, + * {@link bPassword}. + */ + public synchronized byte[] getBytes() + { + if (mIsDestroyed) + throw new IllegalStateException ("Attempted destroyed password access."); + + return bPassword; + } + + /** + * Sets password field char[], and byte[] array elements to zero. + * This method implements base class {@link ExpirableObject} abstract + * method, {@link ExpirableObject#doDestroy()}. See also, + * {@link ExpirableObject#destroy()}. + */ + protected synchronized void doDestroy() + { + if (isDestroyed()) + return; + else + { + for (int i = 0; i < password.length; i++) + password[i] = 0; + for (int i = 0; i < bPassword.length; i++) + bPassword[i] = 0; + mIsDestroyed = true; + } + } + + /** + * Returns true, or false relative to whether, or not this object's + * {@link doDestroy()} method has been called. See also, + * {@ExpirableObject#destroy()}. + */ + public synchronized boolean isDestroyed() + { + return (mIsDestroyed); + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/AWTCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/AWTCallbackHandler.java new file mode 100644 index 0000000..539c4a1 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/AWTCallbackHandler.java @@ -0,0 +1,452 @@ +/* AWTCallbackHandler.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import java.awt.BorderLayout; +import java.awt.Button; +import java.awt.Dialog; +import java.awt.FlowLayout; +import java.awt.Frame; +import java.awt.GridLayout; +import java.awt.Label; +import java.awt.List; +import java.awt.Panel; +import java.awt.TextArea; +import java.awt.TextField; + +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.WindowEvent; +import java.awt.event.WindowListener; + +import java.util.Locale; + +import javax.security.auth.callback.ChoiceCallback; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.LanguageCallback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; +import javax.security.auth.callback.TextOutputCallback; + +public class AWTCallbackHandler extends AbstractCallbackHandler + implements ActionListener, WindowListener +{ + + // Fields. + // ------------------------------------------------------------------------- + + protected String actionCommand; + + private static final String ACTION_CANCEL = "CANCEL"; + private static final String ACTION_NO = "NO"; + private static final String ACTION_NONE = "NONE"; + private static final String ACTION_OK = "OK"; + private static final String ACTION_YES = "YES"; + + // Constructor. + // ------------------------------------------------------------------------- + + public AWTCallbackHandler() + { + super ("AWT"); + actionCommand = ACTION_NONE; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected synchronized void handleChoice(ChoiceCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + String[] choices = c.getChoices(); + dialog.setTitle(c.getPrompt()); + Label label = new Label(c.getPrompt()); + List list = new List(Math.min(5, choices.length), + c.allowMultipleSelections()); + Panel buttons = new Panel(); + Button ok = new Button(messages.getString("callback.ok")); + ok.setActionCommand(ACTION_OK); + ok.addActionListener(this); + Button cancel = new Button(messages.getString("callback.cancel")); + cancel.setActionCommand(ACTION_CANCEL); + cancel.addActionListener(this); + for (int i = 0; i < choices.length; i++) + { + list.add(choices[i]); + } + if (c.getDefaultChoice() >= 0 && c.getDefaultChoice() < choices.length) + { + list.select(c.getDefaultChoice()); + } + dialog.setLayout(new BorderLayout()); + dialog.add(label, BorderLayout.NORTH); + dialog.add(list, BorderLayout.CENTER); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + buttons.add(cancel); + buttons.add(ok); + dialog.add(buttons, BorderLayout.SOUTH); + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + if (actionCommand.equals(ACTION_OK)) + { + if (c.allowMultipleSelections()) + { + c.setSelectedIndexes(list.getSelectedIndexes()); + } + else + { + c.setSelectedIndex(list.getSelectedIndex()); + } + } + dialog.dispose(); + ownerFrame.dispose(); + } + + protected synchronized void handleConfirmation(ConfirmationCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + switch (c.getMessageType()) + { + case ConfirmationCallback.ERROR: + dialog.setTitle(messages.getString("callback.error")); + break; + case ConfirmationCallback.INFORMATION: + dialog.setTitle(messages.getString("callback.information")); + break; + case ConfirmationCallback.WARNING: + dialog.setTitle(messages.getString("callback.warning")); + break; + default: + dialog.setTitle(""); + } + dialog.setLayout(new GridLayout(2, 1)); + dialog.add(new Label(c.getPrompt())); + Panel buttons = new Panel(); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + dialog.add(buttons); + String[] choices = null; + int[] values = null; + switch (c.getOptionType()) + { + case ConfirmationCallback.OK_CANCEL_OPTION: + choices = new String[] { + messages.getString("callback.cancel"), + messages.getString("callback.ok") + }; + values = new int[] { + ConfirmationCallback.CANCEL, ConfirmationCallback.OK + }; + break; + case ConfirmationCallback.YES_NO_CANCEL_OPTION: + choices = new String[] { + messages.getString("callback.cancel"), + messages.getString("callback.no"), + messages.getString("callback.yes") + }; + values = new int[] { + ConfirmationCallback.CANCEL, ConfirmationCallback.NO, + ConfirmationCallback.YES + }; + break; + case ConfirmationCallback.YES_NO_OPTION: + choices = new String[] { + messages.getString("callback.no"), + messages.getString("callback.yes") + }; + values = new int[] { + ConfirmationCallback.NO, ConfirmationCallback.YES + }; + break; + case ConfirmationCallback.UNSPECIFIED_OPTION: + choices = c.getOptions(); + values = new int[choices.length]; + for (int i = 0; i < values.length; i++) + values[i] = i; + break; + default: + throw new IllegalArgumentException(); + } + for (int i = 0; i < choices.length; i++) + { + Button b = new Button(choices[i]); + b.setActionCommand(choices[i]); + b.addActionListener(this); + buttons.add(b); + } + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + for (int i = 0; i < choices.length; i++) + { + if (actionCommand.equals(choices[i])) + { + c.setSelectedIndex(values[i]); + break; + } + } + dialog.dispose(); + ownerFrame.dispose(); + } + + protected synchronized void handleLanguage(LanguageCallback c) + { + Locale[] locales = Locale.getAvailableLocales(); + String[] languages = new String[locales.length]; + Locale def = Locale.getDefault(); + int defind = 0; + for (int i = 0; i < locales.length; i++) + { + StringBuffer lang = + new StringBuffer(locales[i].getDisplayLanguage(locales[i])); + String country = locales[i].getDisplayCountry(locales[i]); + String variant = locales[i].getDisplayVariant(locales[i]); + if (country.length() > 0 && variant.length() > 0) + { + lang.append(" ("); + lang.append(country); + lang.append(", "); + lang.append(variant); + lang.append(")"); + } + else if (country.length() > 0) + { + lang.append(" ("); + lang.append(country); + lang.append(")"); + } + else if (variant.length() > 0) + { + lang.append(" ("); + lang.append(variant); + lang.append(")"); + } + languages[i] = lang.toString(); + if (locales[i].equals(def)) + defind = i; + } + ChoiceCallback c2 = + new ChoiceCallback(messages.getString("callback.language"), languages, + defind, false); + handleChoice(c2); + c.setLocale(def); + if (c2.getSelectedIndexes() != null && c2.getSelectedIndexes().length > 0) + { + int index = c2.getSelectedIndexes()[0]; + if (index >= 0 && index < locales.length) + c.setLocale(locales[index]); + } + } + + protected synchronized void handleName(NameCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + dialog.setTitle(c.getPrompt()); + dialog.setLayout(new GridLayout(3, 1)); + Label label = new Label(c.getPrompt()); + TextField input = new TextField(); + if (c.getDefaultName() != null) + { + input.setText(c.getDefaultName()); + } + Panel buttons = new Panel(); + Button ok = new Button(messages.getString("callback.ok")); + ok.setActionCommand(ACTION_OK); + ok.addActionListener(this); + Button cancel = new Button(messages.getString("callback.cancel")); + cancel.setActionCommand(ACTION_CANCEL); + cancel.addActionListener(this); + dialog.add(label); + dialog.add(input); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + buttons.add(ok); + buttons.add(cancel); + dialog.add(buttons); + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + if (actionCommand.equals(ACTION_OK)) + { + c.setName(input.getText()); + } + dialog.dispose(); + ownerFrame.dispose(); + } + + protected synchronized void handlePassword(PasswordCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + dialog.setTitle(c.getPrompt()); + dialog.setLayout(new GridLayout(3, 1)); + Label label = new Label(c.getPrompt()); + TextField input = new TextField(); + if (!c.isEchoOn()) + { + input.setEchoChar('*'); + } + Panel buttons = new Panel(); + Button ok = new Button(messages.getString("callback.ok")); + ok.setActionCommand(ACTION_OK); + ok.addActionListener(this); + Button cancel = new Button(messages.getString("callback.cancel")); + cancel.setActionCommand(ACTION_CANCEL); + cancel.addActionListener(this); + dialog.add(label); + dialog.add(input); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + buttons.add(ok); + buttons.add(cancel); + dialog.add(buttons); + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + if (actionCommand.equals(ACTION_OK)) + { + c.setPassword(input.getText().toCharArray()); + } + dialog.dispose(); + ownerFrame.dispose(); + } + + protected synchronized void handleTextInput(TextInputCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + dialog.setTitle(c.getPrompt()); + dialog.setLayout(new BorderLayout()); + Label label = new Label(c.getPrompt()); + TextArea text = new TextArea(10, 40); + if (c.getDefaultText() != null) + { + text.setText(c.getDefaultText()); + } + Panel buttons = new Panel(); + Button ok = new Button(messages.getString("callback.ok")); + ok.setActionCommand(ACTION_OK); + ok.addActionListener(this); + Button cancel = new Button(messages.getString("callback.cancel")); + cancel.setActionCommand(ACTION_CANCEL); + cancel.addActionListener(this); + dialog.add(label, BorderLayout.NORTH); + dialog.add(text, BorderLayout.CENTER); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + buttons.add(ok); + buttons.add(cancel); + dialog.add(buttons, BorderLayout.SOUTH); + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + if (actionCommand.equals(ACTION_OK)) + { + c.setText(text.getText()); + } + dialog.dispose(); + ownerFrame.dispose(); + } + + protected synchronized void handleTextOutput(TextOutputCallback c) + { + Frame ownerFrame = new Frame(); + Dialog dialog = new Dialog(ownerFrame); + dialog.setLayout(new GridLayout(2, 1)); + switch (c.getMessageType() /*c.getStyle()*/) + { + case ConfirmationCallback.ERROR: + dialog.setTitle(messages.getString("callback.error")); + break; + case ConfirmationCallback.INFORMATION: + dialog.setTitle(messages.getString("callback.information")); + break; + case ConfirmationCallback.WARNING: + dialog.setTitle(messages.getString("callback.warning")); + break; + default: + dialog.setTitle(""); + } + Label label = new Label(c.getMessage()); + Panel buttons = new Panel(); + Button ok = new Button(messages.getString("callback.ok")); + buttons.setLayout(new FlowLayout(FlowLayout.RIGHT)); + buttons.add(ok); + ok.addActionListener(this); + dialog.add(label); + dialog.add(buttons); + dialog.pack(); + dialog.show(); + try { wait(); } + catch (InterruptedException ie) { } + dialog.dispose(); + ownerFrame.dispose(); + } + + // ActionListener interface implementation. + // ------------------------------------------------------------------------- + + public synchronized void actionPerformed(ActionEvent ae) + { + actionCommand = ae.getActionCommand(); + notifyAll(); + } + + // WindowListener interface implementation. + // ------------------------------------------------------------------------- + + public synchronized void windowClosing(WindowEvent we) + { + actionCommand = ACTION_NONE; + notifyAll(); + } + + public void windowOpened(WindowEvent we) { } + public void windowClosed(WindowEvent we) { } + public void windowIconified(WindowEvent we) { } + public void windowDeiconified(WindowEvent we) { } + public void windowActivated(WindowEvent we) { } + public void windowDeactivated(WindowEvent we) { } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/AbstractCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/AbstractCallbackHandler.java new file mode 100644 index 0000000..eeedf26 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/AbstractCallbackHandler.java @@ -0,0 +1,258 @@ +/* AbstractCallbackHandler.java -- + Copyright (C) 2005, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import gnu.java.security.Engine; + +import java.io.IOException; +import java.lang.reflect.InvocationTargetException; +import java.util.PropertyResourceBundle; +import java.util.ResourceBundle; + +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Provider; +import java.security.Security; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.ChoiceCallback; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.LanguageCallback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; +import javax.security.auth.callback.TextOutputCallback; +import javax.security.auth.callback.UnsupportedCallbackException; + +public abstract class AbstractCallbackHandler implements CallbackHandler +{ + + // Fields. + // ------------------------------------------------------------------------- + + private static final String SERVICE = "CallbackHandler"; + + protected final ResourceBundle messages; + + private final String name; + + // Constructors. + // ------------------------------------------------------------------------- + + protected AbstractCallbackHandler (final String name) + { + super(); + messages = PropertyResourceBundle.getBundle("gnu/javax/security/auth/callback/MessagesBundle"); + this.name = name; + } + + // Class methods. + // ------------------------------------------------------------------------- + + public static CallbackHandler getInstance(String type) + throws NoSuchAlgorithmException + { + Provider[] p = Security.getProviders(); + for (int i = 0; i < p.length; i++) + { + try + { + return getInstance(type, p[i]); + } + catch (NoSuchAlgorithmException ignored) + { + } + } + throw new NoSuchAlgorithmException(type); + } + + public static CallbackHandler getInstance(String type, String provider) + throws NoSuchAlgorithmException, NoSuchProviderException + { + Provider p = Security.getProvider(provider); + if (p == null) + { + throw new NoSuchProviderException(provider); + } + return getInstance(type, p); + } + + public static CallbackHandler getInstance(String type, Provider provider) + throws NoSuchAlgorithmException + { + try + { + return (CallbackHandler) Engine.getInstance(SERVICE, type, provider); + } + catch (InvocationTargetException ite) + { + Throwable cause = ite.getCause(); + if (cause instanceof NoSuchAlgorithmException) + throw (NoSuchAlgorithmException) cause; + NoSuchAlgorithmException nsae = new NoSuchAlgorithmException(type); + if (cause != null) + nsae.initCause (cause); + throw nsae; + } + catch (ClassCastException cce) + { + NoSuchAlgorithmException nsae = new NoSuchAlgorithmException(type); + nsae.initCause (cce); + throw nsae; + } + } + + // Instance methods. + // ------------------------------------------------------------------------- + + public void handle(Callback[] callbacks) + throws IOException, UnsupportedCallbackException + { + if (callbacks == null) + throw new NullPointerException(); + for (int i = 0; i < callbacks.length; i++) + { + if (callbacks[i] == null) + continue; + if (callbacks[i] instanceof ChoiceCallback) + handleChoice((ChoiceCallback) callbacks[i]); + else if (callbacks[i] instanceof ConfirmationCallback) + handleConfirmation((ConfirmationCallback) callbacks[i]); + else if (callbacks[i] instanceof LanguageCallback) + handleLanguage((LanguageCallback) callbacks[i]); + else if (callbacks[i] instanceof NameCallback) + handleName((NameCallback) callbacks[i]); + else if (callbacks[i] instanceof PasswordCallback) + handlePassword((PasswordCallback) callbacks[i]); + else if (callbacks[i] instanceof TextInputCallback) + handleTextInput((TextInputCallback) callbacks[i]); + else if (callbacks[i] instanceof TextOutputCallback) + handleTextOutput((TextOutputCallback) callbacks[i]); + else + handleOther(callbacks[i]); + } + } + + public final String getName () + { + return name; + } + + // Abstract methods. + // ------------------------------------------------------------------------- + + /** + * Handles a {@link ChoiceCallback}. + * + * @param callback The choice callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleChoice(ChoiceCallback callback) + throws IOException; + + /** + * Handles a {@link ConfirmationCallback}. + * + * @param callback The confirmation callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleConfirmation(ConfirmationCallback callback) + throws IOException; + + /** + * Handles a {@link LanguageCallback}. + * + * @param callback The language callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleLanguage(LanguageCallback callback) + throws IOException; + + /** + * Handles a {@link NameCallback}. + * + * @param callback The name callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleName(NameCallback callback) + throws IOException; + + /** + * Handles a {@link PasswordCallback}. + * + * @param callback The password callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handlePassword(PasswordCallback callback) + throws IOException; + + /** + * Handles a {@link TextInputCallback}. + * + * @param callback The text input callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleTextInput(TextInputCallback callback) + throws IOException; + + /** + * Handles a {@link TextOutputCallback}. + * + * @param callback The text output callback. + * @throws IOException If an I/O error occurs. + */ + protected abstract void handleTextOutput(TextOutputCallback callback) + throws IOException; + + /** + * Handles an unknown callback. The default implementation simply throws + * an {@link UnsupportedCallbackException}. + * + * @param callback The callback to handle. + * @throws IOException If an I/O error occurs. + * @throws UnsupportedCallbackException If the specified callback is not + * supported. + */ + protected void handleOther(Callback callback) + throws IOException, UnsupportedCallbackException + { + throw new UnsupportedCallbackException(callback); + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java new file mode 100644 index 0000000..4ce22cb --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java @@ -0,0 +1,289 @@ +/* ConsoleCallbackHandler.java -- + Copyright (C) 2005, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.io.IOException; +import java.io.PrintStream; + +import java.util.Iterator; +import java.util.Locale; +import java.util.StringTokenizer; +import java.util.TreeSet; + +import javax.security.auth.callback.ChoiceCallback; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.LanguageCallback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; +import javax.security.auth.callback.TextOutputCallback; + +/** + * An implementation of {@link CallbackHandler} that reads and writes + * information to and from System.in and System.out. + */ +public class ConsoleCallbackHandler extends AbstractCallbackHandler +{ + + // Fields. + // ------------------------------------------------------------------------- + + private final PrintStream out; + + // Constructors. + // ------------------------------------------------------------------------- + + public ConsoleCallbackHandler() + { + this (System.out); + } + + public ConsoleCallbackHandler (final PrintStream out) + { + super ("CONSOLE"); + this.out = out; + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected void handleChoice(ChoiceCallback c) throws IOException + { + BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); + out.println(c.getPrompt()); + out.print('('); + String[] choices = c.getChoices(); + for (int i = 0; i < choices.length; i++) + { + out.print(choices[i]); + if (i != choices.length - 1) + out.print(", "); + } + out.print(") "); + if (c.getDefaultChoice() >= 0 && c.getDefaultChoice() < choices.length) + { + out.print('['); + out.print(choices[c.getDefaultChoice()]); + out.print("] "); + } + String reply = in.readLine(); + if (reply == null || reply.length() == 0) + { + c.setSelectedIndex(c.getDefaultChoice()); + return; + } + if (!c.allowMultipleSelections()) + { + for (int i = 0; i < choices.length; i++) + { + if (reply.trim().equals(choices[i])) + { + c.setSelectedIndex(i); + return; + } + } + c.setSelectedIndex(c.getDefaultChoice()); + } + else + { + TreeSet indices = new TreeSet(); + StringTokenizer tok = new StringTokenizer(reply, ","); + String[] replies = new String[tok.countTokens()]; + int idx = 0; + while (tok.hasMoreTokens()) + { + replies[idx++] = tok.nextToken().trim(); + } + for (int i = 0; i < choices.length; i++) + for (int j = 0; j < replies.length; i++) + { + if (choices[i].equals(replies[j])) + { + indices.add(new Integer(i)); + } + } + if (indices.size() == 0) + c.setSelectedIndex(c.getDefaultChoice()); + else + { + int[] ii = new int[indices.size()]; + int i = 0; + for (Iterator it = indices.iterator(); it.hasNext(); ) + ii[i++] = ((Integer) it.next()).intValue(); + c.setSelectedIndexes(ii); + } + } + } + + protected void handleConfirmation(ConfirmationCallback c) throws IOException + { + BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); + if (c.getPrompt() != null) + out.println(c.getPrompt()); + String[] choices = null; + int[] values = null; + switch (c.getOptionType()) + { + case ConfirmationCallback.OK_CANCEL_OPTION: + out.print(messages.getString("callback.okCancel")); + choices = new String[] { + messages.getString("callback.ok"), + messages.getString("callback.cancel"), + messages.getString("callback.shortOk"), + messages.getString("callback.shortCancel") + }; + values = new int[] { + ConfirmationCallback.OK, ConfirmationCallback.CANCEL, + ConfirmationCallback.OK, ConfirmationCallback.CANCEL + }; + break; + case ConfirmationCallback.YES_NO_CANCEL_OPTION: + out.print(messages.getString("callback.yesNoCancel")); + choices = new String[] { + messages.getString("callback.yes"), + messages.getString("callback.no"), + messages.getString("callback.cancel"), + messages.getString("callback.shortYes"), + messages.getString("callback.shortNo"), + messages.getString("callback.shortCancel") + }; + values = new int[] { + ConfirmationCallback.YES, ConfirmationCallback.NO, + ConfirmationCallback.CANCEL, ConfirmationCallback.YES, + ConfirmationCallback.NO, ConfirmationCallback.CANCEL + }; + break; + case ConfirmationCallback.YES_NO_OPTION: + out.print(messages.getString("callback.yesNo")); + choices = new String[] { + messages.getString("callback.yes"), + messages.getString("callback.no"), + messages.getString("callback.shortYes"), + messages.getString("callback.shortNo") + }; + values = new int[] { + ConfirmationCallback.YES, ConfirmationCallback.NO, + ConfirmationCallback.YES, ConfirmationCallback.NO + }; + break; + case ConfirmationCallback.UNSPECIFIED_OPTION: + choices = c.getOptions(); + values = new int[choices.length]; + for (int i = 0; i < values.length; i++) + values[i] = i; + out.print('('); + for (int i = 0; i < choices.length; i++) + { + out.print(choices[i]); + if (i != choices.length - 1) + out.print(", "); + } + out.print(") ["); + out.print(choices[c.getDefaultOption()]); + out.print("] "); + break; + default: + throw new IllegalArgumentException(); + } + String reply = in.readLine(); + if (reply == null) + { + c.setSelectedIndex(c.getDefaultOption()); + return; + } + reply = reply.trim(); + for (int i = 0; i < choices.length; i++) + if (reply.equalsIgnoreCase(choices[i])) + { + c.setSelectedIndex(values[i]); + return; + } + c.setSelectedIndex(c.getDefaultOption()); + } + + protected void handleLanguage(LanguageCallback c) throws IOException + { + BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); + out.println(messages.getString("callback.language")); + String reply = null; + reply = in.readLine(); + if (reply == null) + { + c.setLocale(Locale.getDefault()); + } + else + { + c.setLocale(new Locale(reply.trim())); + } + } + + protected void handleName(NameCallback c) throws IOException + { + BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); + out.print(c.getPrompt()); + String name = in.readLine(); + if (name != null) + c.setName(name.trim()); + } + + protected void handlePassword(PasswordCallback c) throws IOException + { + out.print(c.getPrompt()); + BufferedReader in = + new BufferedReader(new InputStreamReader(System.in)); + String pass = in.readLine(); + c.setPassword(pass.toCharArray()); + } + + protected void handleTextInput(TextInputCallback c) throws IOException + { + BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); + out.print(c.getPrompt()); + String text = in.readLine(); + if (text != null) + c.setText(text); + } + + protected void handleTextOutput(TextOutputCallback c) + { + out.print(c.getMessage()); + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/DefaultCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/DefaultCallbackHandler.java new file mode 100644 index 0000000..fc48782 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/DefaultCallbackHandler.java @@ -0,0 +1,109 @@ +/* DefaultCallbackHandler.java -- + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import java.util.Locale; + +import javax.security.auth.callback.ChoiceCallback; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.LanguageCallback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; +import javax.security.auth.callback.TextOutputCallback; + +/** + * This trivial implementation of {@link CallbackHandler} sets its + * {@link Callback} arguments to default values, with no user interaction. + */ +public class DefaultCallbackHandler extends AbstractCallbackHandler +{ + + // Constructor. + // ------------------------------------------------------------------------- + + public DefaultCallbackHandler() + { + super("DEFAULT"); + } + + // Instance methods. + // ------------------------------------------------------------------------- + + protected void handleChoice(ChoiceCallback c) + { + c.setSelectedIndex(c.getDefaultChoice()); + } + + protected void handleConfirmation(ConfirmationCallback c) + { + if (c.getOptionType() == ConfirmationCallback.YES_NO_OPTION) + c.setSelectedIndex(ConfirmationCallback.NO); + else if (c.getOptionType() == ConfirmationCallback.YES_NO_CANCEL_OPTION) + c.setSelectedIndex(ConfirmationCallback.NO); + else if (c.getOptionType() == ConfirmationCallback.OK_CANCEL_OPTION) + c.setSelectedIndex(ConfirmationCallback.OK); + else + c.setSelectedIndex(c.getDefaultOption()); + } + + protected void handleLanguage(LanguageCallback c) + { + c.setLocale(Locale.getDefault()); + } + + protected void handleName(NameCallback c) + { + c.setName(System.getProperty("user.name")); + } + + protected void handlePassword(PasswordCallback c) + { + c.setPassword(new char[0]); + } + + protected void handleTextInput(TextInputCallback c) + { + c.setText(""); + } + + protected void handleTextOutput(TextOutputCallback c) + { + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/GnuCallbacks.java b/libjava/classpath/gnu/javax/security/auth/callback/GnuCallbacks.java new file mode 100644 index 0000000..9fd72f9 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/GnuCallbacks.java @@ -0,0 +1,64 @@ +/* GnuCallbacks.java -- Provider for callback implementations. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Provider; + +public final class GnuCallbacks extends Provider +{ + public GnuCallbacks() + { + super("GNU-CALLBACKS", 2.1, "Implementations of various callback handlers."); + + AccessController.doPrivileged(new PrivilegedAction() + { + public Object run() + { + put("CallbackHandler.Default", DefaultCallbackHandler.class.getName()); + put("CallbackHandler.Console", ConsoleCallbackHandler.class.getName()); + put("CallbackHandler.AWT", AWTCallbackHandler.class.getName()); + put("CallbackHandler.Swing", SwingCallbackHandler.class.getName()); + + return null; + } + }); + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/callback/SwingCallbackHandler.java b/libjava/classpath/gnu/javax/security/auth/callback/SwingCallbackHandler.java new file mode 100644 index 0000000..8e3e46e --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/callback/SwingCallbackHandler.java @@ -0,0 +1,587 @@ + /* SwingCallbackHandler.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.callback; + +import java.awt.Container; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.awt.Insets; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; + +import java.io.IOException; + +import java.util.Locale; + +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.ChoiceCallback; +import javax.security.auth.callback.ConfirmationCallback; +import javax.security.auth.callback.LanguageCallback; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.TextInputCallback; +import javax.security.auth.callback.TextOutputCallback; + +import javax.swing.JButton; +import javax.swing.JDialog; +import javax.swing.JLabel; +import javax.swing.JList; +import javax.swing.JPanel; +import javax.swing.JPasswordField; +import javax.swing.JScrollPane; +import javax.swing.JTextArea; +import javax.swing.JTextField; +import javax.swing.ListSelectionModel; + +public class SwingCallbackHandler extends AbstractCallbackHandler +{ + public SwingCallbackHandler () + { + super ("SWING"); + } + + protected void handleChoice (final ChoiceCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + dialog.setResizable (false); + Container content = dialog.getContentPane (); + GridBagLayout layout = new GridBagLayout (); + content.setLayout (layout); + JLabel prompt = new JLabel (callback.getPrompt (), JLabel.LEFT); + content.add (prompt, new GridBagConstraints (0, 0, 1, 1, 0, 0, + GridBagConstraints.WEST, + GridBagConstraints.NONE, + new Insets (5, 5, 5, 5), 5, 5)); + + String[] choices = callback.getChoices (); + final JList choicesList = new JList (choices); + JScrollPane choicesPane = new JScrollPane (choicesList, + JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED, + JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED); + final int defaultChoice = callback.getDefaultChoice (); + choicesList.setSelectedIndex (defaultChoice); + choicesList.setSelectionMode (callback.allowMultipleSelections () + ? ListSelectionModel.MULTIPLE_INTERVAL_SELECTION + : ListSelectionModel.SINGLE_SELECTION); + content.add (choicesPane, new GridBagConstraints (0, 1, 1, 1, 1.0, 1.0, + GridBagConstraints.CENTER, + GridBagConstraints.BOTH, + new Insets (0, 10, 0, 10), 5, 5)); + + JPanel confirmButtons = new JPanel (); + confirmButtons.setLayout (new FlowLayout (FlowLayout.RIGHT)); + JButton cancel = new JButton (messages.getString ("callback.cancel")); + JButton ok = new JButton (messages.getString ("callback.ok")); + confirmButtons.add (cancel); + confirmButtons.add (ok); + content.add (confirmButtons, new GridBagConstraints (0, 2, 1, 1, 0, 0, + GridBagConstraints.EAST, + GridBagConstraints.NONE, + new Insets (5, 5, 5, 5), + 0, 0)); + dialog.getRootPane ().setDefaultButton (ok); + + cancel.addActionListener (new ActionListener () + { + public void actionPerformed (final ActionEvent ae) + { + callback.setSelectedIndex (defaultChoice); + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }); + ok.addActionListener (new ActionListener () + { + public void actionPerformed (final ActionEvent ae) + { + if (callback.allowMultipleSelections ()) + { + int[] indices = choicesList.getSelectedIndices (); + if (indices != null && indices.length > 0) + callback.setSelectedIndexes (indices); + else + callback.setSelectedIndex (defaultChoice); + } + else + { + int selected = choicesList.getSelectedIndex (); + if (selected != -1) + callback.setSelectedIndex (selected); + else + callback.setSelectedIndex (defaultChoice); + } + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }); + + dialog.pack (); + dialog.setSize (new Dimension (400, 400)); + dialog.setVisible (true); + waitForInput (dialog, callback); + } + + protected void handleConfirmation (final ConfirmationCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + switch (callback.getMessageType ()) + { + case ConfirmationCallback.ERROR: + dialog.setTitle (messages.getString ("callback.error")); + break; + case ConfirmationCallback.WARNING: + dialog.setTitle (messages.getString ("callback.warning")); + break; + case ConfirmationCallback.INFORMATION: + dialog.setTitle (messages.getString ("callback.information")); + break; + } + Container content = dialog.getContentPane (); + content.setLayout (new GridBagLayout ()); + + String prompt = callback.getPrompt (); + if (prompt != null) + { + content.add (new JLabel (prompt), + new GridBagConstraints (0, 0, 1, 1, 0, 0, + GridBagConstraints.WEST, + GridBagConstraints.NONE, + new Insets (5, 5, 5, 25), 0, 0)); + } + + final String[] options = callback.getOptions (); + ActionListener listener = new ActionListener () + { + public void actionPerformed (ActionEvent ae) + { + String cmd = ae.getActionCommand (); + if (options != null) + { + for (int i = 0; i < options.length; i++) + { + if (cmd.equals (options[i])) + { + callback.setSelectedIndex (i); + break; + } + } + } + else + { + if (cmd.equals ("cancel")) + callback.setSelectedIndex (ConfirmationCallback.CANCEL); + else if (cmd.equals ("okay")) + callback.setSelectedIndex (ConfirmationCallback.OK); + else if (cmd.equals ("yes")) + callback.setSelectedIndex (ConfirmationCallback.YES); + else if (cmd.equals ("no")) + callback.setSelectedIndex (ConfirmationCallback.NO); + } + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }; + + JPanel buttons = new JPanel (); + buttons.setLayout (new FlowLayout (FlowLayout.RIGHT)); + switch (callback.getOptionType ()) + { + case ConfirmationCallback.YES_NO_CANCEL_OPTION: + { + JButton cancel = new JButton (messages.getString ("callback.cancel")); + buttons.add (cancel); + cancel.setActionCommand ("cancel"); + cancel.addActionListener (listener); + } + /* Fall-through. */ + case ConfirmationCallback.YES_NO_OPTION: + { + JButton yes = new JButton (messages.getString ("callback.yes")); + JButton no = new JButton (messages.getString ("callback.no")); + buttons.add (no); + buttons.add (yes); + yes.setActionCommand ("yes"); + yes.addActionListener (listener); + no.setActionCommand ("no"); + no.addActionListener (listener); + dialog.getRootPane ().setDefaultButton (yes); + } + break; + case ConfirmationCallback.OK_CANCEL_OPTION: + { + JButton okay = new JButton (messages.getString ("callback.ok")); + JButton cancel = new JButton (messages.getString ("callback.cancel")); + buttons.add (cancel); + buttons.add (okay); + okay.setActionCommand ("okay"); + okay.addActionListener (listener); + cancel.setActionCommand ("cancel"); + cancel.addActionListener (listener); + dialog.getRootPane ().setDefaultButton (okay); + } + break; + case ConfirmationCallback.UNSPECIFIED_OPTION: + for (int i = 0; i < options.length; i++) + { + JButton button = new JButton (options[i]); + buttons.add (button); + button.setActionCommand (options[i]); + button.addActionListener (listener); + if (i == options.length - 1) + dialog.getRootPane ().setDefaultButton (button); + } + } + content.add (buttons, + new GridBagConstraints (0, GridBagConstraints.RELATIVE, + 1, 1, 1, 1, + GridBagConstraints.SOUTHEAST, + GridBagConstraints.BOTH, + new Insets (5, 5, 5, 5), 0, 0)); + dialog.setResizable (false); + dialog.pack (); + dialog.setVisible (true); + waitForInput (dialog, callback); + } + + protected void handleLanguage (final LanguageCallback callback) + throws IOException + { + Locale locale = Locale.getDefault (); + Locale[] locales = Locale.getAvailableLocales (); + String[] localeNames = new String[locales.length+1]; + int defaultIndex = 0; + for (int i = 0; i < locales.length; i++) + { + localeNames[i+1] = locales[i].getDisplayLanguage (locales[i]); + String country = locales[i].getDisplayCountry (locales[i]); + if (country.length () > 0) + localeNames[i+1] += " (" + country + ")"; + if (locales[i].equals (locale)) + defaultIndex = i; + } + locales[0] = locale; + localeNames[0] = locale.getDisplayLanguage (locale); + String country = locale.getDisplayCountry (locale); + if (country.length () > 0) + localeNames[0] += " (" + country + ")"; + ChoiceCallback cb = new ChoiceCallback (messages.getString ("callback.language"), + localeNames, 0, + false); + handleChoice (cb); + int selected = cb.getSelectedIndexes ()[0]; + if (selected > 0) + callback.setLocale (locales[selected - 1]); + else + callback.setLocale (locale); + } + + protected void handleName (final NameCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + Container content = dialog.getContentPane (); + content.setLayout (new GridBagLayout ()); + + content.add (new JLabel (callback.getPrompt ()), + new GridBagConstraints (0, 0, 1, 1, 0, 0, + GridBagConstraints.NORTHEAST, + GridBagConstraints.VERTICAL, + new Insets (10, 10, 15, 5), 0, 0)); + + final JTextField name = new JTextField (); + name.setColumns (20); + String _name; + if ((_name = callback.getDefaultName ()) != null) + name.setText (_name); + content.add (name, new GridBagConstraints (1, 0, 1, 1, 1, 1, + GridBagConstraints.NORTHWEST, + GridBagConstraints.BOTH, + new Insets (10, 5, 15, 10), 0, 0)); + + ActionListener listener = new ActionListener () + { + public void actionPerformed (ActionEvent ae) + { + String cmd = ae.getActionCommand (); + if (cmd.equals ("okay")) + callback.setName (name.getText ()); + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }; + + JPanel buttons = new JPanel (); + buttons.setLayout (new FlowLayout (FlowLayout.RIGHT)); + JButton cancel = new JButton (messages.getString ("callback.cancel")); + JButton okay = new JButton (messages.getString ("callback.ok")); + cancel.setActionCommand ("cancel"); + cancel.addActionListener (listener); + buttons.add (cancel); + okay.setActionCommand ("okay"); + okay.addActionListener (listener); + buttons.add (okay); + content.add (buttons, new GridBagConstraints (0, 1, 2, 1, 0, 0, + GridBagConstraints.SOUTHEAST, + GridBagConstraints.NONE, + new Insets (0, 10, 10, 10), 0, 0)); + + dialog.setResizable (false); + dialog.pack (); + dialog.setVisible (true); + dialog.getRootPane ().setDefaultButton (okay); + waitForInput (dialog, callback); + } + + protected void handlePassword (final PasswordCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + Container content = dialog.getContentPane (); + content.setLayout (new GridBagLayout ()); + + content.add (new JLabel (callback.getPrompt ()), + new GridBagConstraints (0, 0, 1, 1, 0, 0, + GridBagConstraints.NORTHEAST, + GridBagConstraints.VERTICAL, + new Insets (10, 10, 15, 5), 0, 0)); + + final JPasswordField password = new JPasswordField (); + password.setColumns (20); + password.setEchoChar (callback.isEchoOn () ? '\u0000' : '\u2022'); + content.add (password, new GridBagConstraints (1, 0, 1, 1, 1, 1, + GridBagConstraints.NORTHWEST, + GridBagConstraints.BOTH, + new Insets (10, 5, 15, 10), 0, 0)); + + ActionListener listener = new ActionListener () + { + public void actionPerformed (ActionEvent ae) + { + String cmd = ae.getActionCommand (); + if (cmd.equals ("okay")) + callback.setPassword (password.getPassword ()); + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }; + + JPanel buttons = new JPanel (); + buttons.setLayout (new FlowLayout (FlowLayout.RIGHT)); + JButton cancel = new JButton (messages.getString ("callback.cancel")); + JButton okay = new JButton (messages.getString ("callback.ok")); + cancel.setActionCommand ("cancel"); + cancel.addActionListener (listener); + buttons.add (cancel); + okay.setActionCommand ("okay"); + okay.addActionListener (listener); + buttons.add (okay); + content.add (buttons, new GridBagConstraints (0, 1, 2, 1, 0, 0, + GridBagConstraints.SOUTHEAST, + GridBagConstraints.NONE, + new Insets (0, 10, 10, 10), 0, 0)); + + dialog.setResizable (false); + dialog.pack (); + dialog.setVisible (true); + dialog.getRootPane ().setDefaultButton (okay); + waitForInput (dialog, callback); + } + + protected void handleTextInput (final TextInputCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + Container content = dialog.getContentPane (); + content.setLayout (new GridBagLayout ()); + + content.add (new JLabel (callback.getPrompt ()), + new GridBagConstraints (0, 0, 1, 1, 0, 0, + GridBagConstraints.NORTHWEST, + GridBagConstraints.NONE, + new Insets (10, 10, 15, 5), 0, 0)); + + final JTextArea text = new JTextArea (24, 80); + text.setEditable (true); + String _text; + if ((_text = callback.getDefaultText ()) != null) + text.setText (_text); + text.setFont (new Font ("Monospaced", Font.PLAIN, 12)); + JScrollPane textPane = new JScrollPane (text, + JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED, + JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED); + content.add (textPane, + new GridBagConstraints (0, 1, 1, 1, 1, 1, + GridBagConstraints.CENTER, + GridBagConstraints.BOTH, + new Insets (5, 10, 5, 10), 0, 0)); + + ActionListener listener = new ActionListener () + { + public void actionPerformed (ActionEvent ae) + { + String cmd = ae.getActionCommand (); + if (cmd.equals ("okay")) + callback.setText (text.getText ()); + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }; + + JPanel buttons = new JPanel (); + buttons.setLayout (new FlowLayout (FlowLayout.RIGHT)); + JButton cancel = new JButton (messages.getString ("callback.cancel")); + JButton okay = new JButton (messages.getString ("callback.ok")); + cancel.setActionCommand ("cancel"); + cancel.addActionListener (listener); + buttons.add (cancel); + okay.setActionCommand ("okay"); + okay.addActionListener (listener); + buttons.add (okay); + content.add (buttons, new GridBagConstraints (0, 2, 1, 1, 0, 0, + GridBagConstraints.SOUTHEAST, + GridBagConstraints.NONE, + new Insets (0, 10, 10, 10), 0, 0)); + + dialog.setResizable (true); + dialog.pack (); + dialog.setVisible (true); + dialog.getRootPane ().setDefaultButton (okay); + waitForInput (dialog, callback); + } + + protected void handleTextOutput (final TextOutputCallback callback) + throws IOException + { + final JDialog dialog = new JDialog (); + switch (callback.getMessageType ()) + { + case TextOutputCallback.ERROR: + dialog.setTitle (messages.getString ("callback.error")); + break; + case TextOutputCallback.WARNING: + dialog.setTitle (messages.getString ("callback.warning")); + break; + case TextOutputCallback.INFORMATION: + dialog.setTitle (messages.getString ("callback.information")); + break; + } + Container content = dialog.getContentPane (); + content.setLayout (new GridBagLayout ()); + + final JTextArea text = new JTextArea (24, 80); + text.setEditable (false); + text.setText (callback.getMessage ()); + text.setFont (new Font ("Monospaced", Font.PLAIN, 12)); + JScrollPane textPane = new JScrollPane (text, + JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED, + JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED); + content.add (textPane, + new GridBagConstraints (0, 0, 1, 1, 1, 1, + GridBagConstraints.CENTER, + GridBagConstraints.BOTH, + new Insets (10, 10, 5, 10), 0, 0)); + + ActionListener listener = new ActionListener () + { + public void actionPerformed (ActionEvent ae) + { + dialog.setVisible (false); + synchronized (callback) + { + callback.notify (); + } + } + }; + + JButton okay = new JButton (messages.getString ("callback.ok")); + okay.setActionCommand ("okay"); + okay.addActionListener (listener); + content.add (okay, new GridBagConstraints (0, 1, 1, 1, 0, 0, + GridBagConstraints.SOUTHEAST, + GridBagConstraints.NONE, + new Insets (0, 10, 10, 10), 0, 0)); + + dialog.setResizable (true); + dialog.pack (); + dialog.setVisible (true); + dialog.getRootPane ().setDefaultButton (okay); + waitForInput (dialog, callback); + } + + private void waitForInput (JDialog dialog, Callback callback) + { + synchronized (callback) + { + while (dialog.isVisible ()) + { + try + { + callback.wait (1000); + } + catch (InterruptedException ignored) + { + } + } + } + dialog.dispose (); + } +} \ No newline at end of file diff --git a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java new file mode 100644 index 0000000..f6c39bb --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileParser.java @@ -0,0 +1,338 @@ +/* ConfigFileParser.java -- JAAS Login Configuration default syntax parser + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.login; + +import java.io.IOException; +import java.io.Reader; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.security.auth.login.AppConfigurationEntry; + +/** + * A parser that knows how to interpret JAAS Login Module Configuration files + * written in the default syntax which is interpreted as adhering to + * the following grammar: + * + * 

    + *   CONFIG              ::= APP_OR_OTHER_ENTRY+
+ *   APP_OR_OTHER_ENTRY  ::= APP_NAME_OR_OTHER JAAS_CONFIG_BLOCK
+ *   APP_NAME_OR_OTHER   ::= APP_NAME
+ *                         | 'other'
+ *   JAAS_CONFIG_BLOCK   ::= '{' (LOGIN_MODULE_ENTRY ';')+ '}' ';'
+ *   LOGIN_MODULE_ENTRY  ::= MODULE_CLASS FLAG MODULE_OPTION* ';'
+ *   FLAG                ::= 'required'
+ *                         | 'requisite'
+ *                         | 'sufficient'
+ *                         | 'optional'
+ *   MODULE_OPTION       ::= PARAM_NAME '=' PARAM_VALUE
+ *
+ *   APP_NAME     ::= JAVA_IDENTIFIER
+ *   MODULE_CLASS ::= JAVA_IDENTIFIER ('.' JAVA_IDENTIFIER)*
+ *   PARAM_NAME   ::= STRING
+ *   PARAM_VALUE  ::= '"' STRING '"' | ''' STRING ''' | STRING
+ *
    + * + *

    This parser handles UTF-8 entities when used as APP_NAME and PARAM_VALUE. + * It also checks for the use of Java identifiers used in MODULE_CLASS, thus + * minimizing the risks of having {@link java.lang.ClassCastException}s thrown + * at runtime due to syntactically invalid names.

    + * + *

    In the above context, a JAVA_IDENTIFIER is a sequence of tokens, + * separated by the character '.'. Each of these tokens obeys the following:

    + * + *
      + *
    1. its first character yields true when used as an input to + * the {@link java.lang.Character#isJavaIdentifierStart(char)}, and
      2. + *
    2. all remaining characters, yield true when used as an + * input to {@link java.lang.Character#isJavaIdentifierPart(char)}.
      3. + *
    + */ +public final class ConfigFileParser +{ + // Constants and fields + // -------------------------------------------------------------------------- + + private static final boolean DEBUG = false; + private static final void debug(String m) {if (DEBUG) System.err.println(m);}; + + private ConfigFileTokenizer cft; + private Map map = new HashMap(); + + // Constructor(s) + // -------------------------------------------------------------------------- + + // default 0-arguments constructor + + // Class methods + // -------------------------------------------------------------------------- + + // Instance methods + // -------------------------------------------------------------------------- + + /** + * Returns the parse result as a {@link Map} where the keys are application + * names, and the entries are {@link List}s of {@link AppConfigurationEntry} + * entries, one for each login module entry, in the order they were + * encountered, for that application name in the just parsed configuration + * file. + */ + public Map getLoginModulesMap() + { + return map; + } + + /** + * Parses the {@link Reader}'s contents assuming it is in the default + * syntax. + * + * @param r the {@link Reader} whose contents are assumed to be a JAAS Login + * Configuration Module file written in the default syntax. + * @throws IOException if an exception occurs while parsing the input. + */ + public void parse(Reader r) throws IOException + { + initParser(r); + + while (parseAppOrOtherEntry()) + ; // do nothing + } + + private void initParser(Reader r) throws IOException + { + map.clear(); + + cft = new ConfigFileTokenizer(r); + } + + /** + * @return true if an APP_OR_OTHER_ENTRY was correctly parsed. + * Returns false otherwise. + * @throws IOException if an exception occurs while parsing the input. + */ + private boolean parseAppOrOtherEntry() throws IOException + { + int c = cft.nextToken(); + if (c == ConfigFileTokenizer.TT_EOF) + return false; + + if (c != ConfigFileTokenizer.TT_WORD) + { + cft.pushBack(); + return false; + } + + String appName = cft.sval; + debug("DEBUG: APP_NAME_OR_OTHER = " + appName); + if (cft.nextToken() != '{') + abort("Missing '{' after APP_NAME_OR_OTHER"); + + List lmis = new ArrayList(); + while (parseACE(lmis)) + ; // do nothing + + c = cft.nextToken(); + if (c != '}') + abort("Was expecting '}' but found " + (char) c); + + c = cft.nextToken(); + if (c != ';') + abort("Was expecting ';' but found " + (char) c); + + List listOfACEs = (List) map.get(appName); + if (listOfACEs == null) + { + listOfACEs = new ArrayList(); + map.put(appName, listOfACEs); + } + listOfACEs.addAll(lmis); + return !appName.equalsIgnoreCase("other"); + } + + /** + * @return true if a LOGIN_MODULE_ENTRY was correctly parsed. + * Returns false otherwise. + * @throws IOException if an exception occurs while parsing the input. + */ + private boolean parseACE(List listOfACEs) throws IOException + { + int c = cft.nextToken(); + if (c != ConfigFileTokenizer.TT_WORD) + { + cft.pushBack(); + return false; + } + + String clazz = validateClassName(cft.sval); + debug("DEBUG: MODULE_CLASS = " + clazz); + + if (cft.nextToken() != ConfigFileTokenizer.TT_WORD) + abort("Was expecting FLAG but found none"); + + String flag = cft.sval; + debug("DEBUG: FLAG = " + flag); + AppConfigurationEntry.LoginModuleControlFlag f = null; + if (flag.equalsIgnoreCase("required")) + f = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED; + else if (flag.equalsIgnoreCase("requisite")) + f = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE; + else if (flag.equalsIgnoreCase("sufficient")) + f = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT; + else if (flag.equalsIgnoreCase("optional")) + f = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL; + else + abort("Unknown Flag: " + flag); + + Map options = new HashMap(); + String paramName, paramValue; + c = cft.nextToken(); + while (c != ';') + { + if (c != ConfigFileTokenizer.TT_WORD) + abort("Was expecting PARAM_NAME but got '" + ((char) c) + "'"); + + paramName = cft.sval; + debug("DEBUG: PARAM_NAME = " + paramName); + if (cft.nextToken() != '=') + abort("Missing '=' after PARAM_NAME"); + + c = cft.nextToken(); + if (c != '"' && c != '\'') + debug(" WARN: Was expecting a quoted string but got no quote " + + "character. Assume unquoted string"); + + paramValue = expandParamValue(cft.sval); + debug("DEBUG: PARAM_VALUE = " + paramValue); + options.put(paramName, paramValue); + + c = cft.nextToken(); + } + + AppConfigurationEntry ace = new AppConfigurationEntry(clazz, f, options); + debug("DEBUG: LOGIN_MODULE_ENTRY = " + ace); + listOfACEs.add(ace); + return true; + } + + private void abort(String m) throws IOException + { + debug("ERROR: " + m); + debug("DEBUG: Map (so far) = " + String.valueOf(map)); + throw new IOException(m); + } + + private String validateClassName(String cn) throws IOException + { + if (cn.startsWith(".") || cn.endsWith(".")) + abort("MODULE_CLASS MUST NOT start or end with a '.'"); + + String[] tokens = cn.split("."); + for (int i = 0; i < tokens.length; i++) + { + String t = tokens[i]; + if (Character.isJavaIdentifierStart(cn.toCharArray()[0])) + abort(""); + + // we dont check the rest of the characters for isJavaIdentifierPart() + // because that's what the tokenizer does. + } + + return cn; + } + + /** + * The documentation of the {@link javax.security.auth.login.Configuration} + * states that: "...If a String in the form, ${system.property}, occurs in + * the value, it will be expanded to the value of the system property.". + * This method ensures this is the case. If such a string can not be expanded + * then it is left AS IS, assuming the LoginModule knows what to do with it. + * + *

    IMPORTANT: This implementation DOES NOT handle embedded ${} + * constructs. + * + * @param s the raw parameter value, incl. eventually strings of the form + * ${system.property}. + * @return the input string with every occurence of + * ${system.property} replaced with the value of the + * corresponding System property at the time of this method invocation. If + * the string is not a known System property name, then the complete sequence + * (incl. the ${} characters are passed AS IS. + */ + private String expandParamValue(String s) + { + String result = s; + try + { + int searchNdx = 0; + while (searchNdx < result.length()) + { + int i = s.indexOf("${", searchNdx); + if (i == -1) + break; + + int j = s.indexOf("}", i + 2); + if (j == -1) + { + debug(" WARN: Found a ${ prefix with no } suffix. Ignore"); + break; + } + + String sysPropName = s.substring(i + 2, j); + debug("DEBUG: Found a reference to System property " + sysPropName); + String sysPropValue = System.getProperty(sysPropName); + debug("DEBUG: Resolved " + sysPropName + " to '" + sysPropValue + "'"); + if (sysPropValue != null) + { + result = s.substring(0, i) + sysPropValue + s.substring(j + 1); + searchNdx = i + sysPropValue.length(); + } + else + searchNdx = j + 1; + } + } + catch (Exception x) + { + debug(" WARN: Exception while expanding " + s + ". Ignore: " + x); + } + + return result; + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java new file mode 100644 index 0000000..2cfe916 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/login/ConfigFileTokenizer.java @@ -0,0 +1,243 @@ +/* ConfigFileTokenizer.java -- JAAS Login Configuration default syntax tokenizer + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.login; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.Reader; + +/** + * A UTF-8 friendly, JAAS Login Module Configuration file tokenizer written in + * the deault syntax. This class emulates, to a certain extent, the behavior of + * a {@link java.io.SrteamTokenizer} instance st, when set as + * follows: + * + * 

    + *  st.resetSyntax();
+ *  st.lowerCaseMode(false);
+ *  st.slashSlashComments(true);
+ *  st.slashStarComments(true);
+ *  st.eolIsSignificant(false);
+ *  st.wordChars('_', '_');
+ *  st.wordChars('$', '$');
+ *  st.wordChars('A', 'Z');
+ *  st.wordChars('a', 'z');
+ *  st.wordChars('0', '9');
+ *  st.wordChars('.', '.');
+ *  st.whitespaceChars(' ', ' ');
+ *  st.whitespaceChars('\t', '\t');
+ *  st.whitespaceChars('\f', '\f');
+ *  st.whitespaceChars('\r', '\r');
+ *  st.whitespaceChars('\n', '\n');
+ *  st.quoteChar('"');
+ *  st.quoteChar('\'');
+ *
    + * + *

    The most important (negative) difference with a + * {@link java.io.StreamTokenizer} is that this tokenizer does not properly + * handle C++ and Java // style comments in the middle of the line. It only + * ignores them if/when found at the start of the line.

    + */ +public class ConfigFileTokenizer +{ + // Constants and fields + // -------------------------------------------------------------------------- + + private static final boolean DEBUG = false; + private static final void debug(String m) {if (DEBUG) System.err.println(m);}; + + /** A constant indicating that the end of the stream has been read. */ + public static final int TT_EOF = -1; + /** A constant indicating that a word token has been read. */ + public static final int TT_WORD = -3; + /** A constant indicating that no tokens have been read yet. */ + private static final int TT_NONE = -4; + + public String sval; + public int ttype; + + private BufferedReader br; + boolean initialised; + private StringBuffer sb; + private int sbNdx; + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** Trivial constructor. */ + ConfigFileTokenizer(Reader r) + { + super(); + + br = r instanceof BufferedReader ? (BufferedReader) r : new BufferedReader(r); + initialised = false; + } + + // Class methods + // -------------------------------------------------------------------------- + + // Instance methods + // -------------------------------------------------------------------------- + + public int nextToken() throws IOException + { + if (!initialised) + init(); + + if (sbNdx >= sb.length()) + return TT_EOF; + + skipWhitespace(); + + if (sbNdx >= sb.length()) + return TT_EOF; + + int endNdx; + if (Character.isJavaIdentifierPart(sb.charAt(sbNdx))) + { + endNdx = sbNdx + 1; + while (Character.isJavaIdentifierPart(sb.charAt(endNdx)) + || sb.charAt(endNdx) == '.') + endNdx++; + + ttype = TT_WORD; + sval = sb.substring(sbNdx, endNdx); + sbNdx = endNdx; + return ttype; + } + + int c = sb.charAt(sbNdx); + if (c == '{' || c == '}' || c == ';' || c == '=') + { + ttype = c; + sbNdx++; + return ttype; + } + + if (c == '"' || c == '\'') + { + ttype = c; + String quote = sb.substring(sbNdx, sbNdx + 1); + int i = sbNdx + 1; + while (true) + { + // find a candidate + endNdx = sb.indexOf(quote, i); + if (endNdx == -1) + abort("Missing closing quote: " + quote); + + // found one; is it escaped? + if (sb.charAt(endNdx - 1) != '\\') + break; + + i++; + continue; + } + + endNdx++; + sval = sb.substring(sbNdx, endNdx); + sbNdx = endNdx; + return ttype; + } + + abort("Unknown character: " + sb.charAt(sbNdx)); + return Integer.MIN_VALUE; + } + + public void pushBack() + { + sbNdx -= ttype != TT_WORD ? 1 : sval.length(); + } + + private void init() throws IOException + { + sb = new StringBuffer(); + String line; + while ((line = br.readLine()) != null) + { + line = line.trim(); + if (line.length() == 0) + continue; + + if (line.startsWith("#") || line.startsWith("//")) + continue; + + sb.append(line).append(" "); + } + + sbNdx = 0; + sval = null; + ttype = TT_NONE; + + initialised = true; + } + + private void skipWhitespace() throws IOException + { + int endNdx; + while (sbNdx < sb.length()) + if (Character.isWhitespace(sb.charAt(sbNdx))) + { + sbNdx++; + while (sbNdx < sb.length() && Character.isWhitespace(sb.charAt(sbNdx))) + sbNdx++; + + continue; + } + else if (sb.charAt(sbNdx) == '/' && sb.charAt(sbNdx + 1) == '*') + { + endNdx = sb.indexOf("*/", sbNdx + 2); + if (endNdx == -1) + abort("Missing closing */ sequence"); + + sbNdx = endNdx + 2; + continue; + } + else + break; + } + + private void abort(String m) throws IOException + { + debug("DEBUG: " + m); + debug("DEBUG: sb = " + sb); + debug("DEBUG: sbNdx = " + sbNdx); + throw new IOException(m); + } +} diff --git a/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java b/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java new file mode 100644 index 0000000..f0b8594 --- /dev/null +++ b/libjava/classpath/gnu/javax/security/auth/login/GnuConfiguration.java @@ -0,0 +1,450 @@ +/* GnuConfiguration.java -- GNU Classpath implementation of JAAS Configuration + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.security.auth.login; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.net.MalformedURLException; +import java.net.URL; +import java.security.Security; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.security.auth.AuthPermission; +import javax.security.auth.login.AppConfigurationEntry; +import javax.security.auth.login.Configuration; + +/** + * An implementation of the {@link Configuration} class which interprets JAAS + * Login Configuration files written in the default syntax described in + * the publicly available documentation of that class. A more formal definition + * of this syntax is as follows: + * + * 
    + *   CONFIG              ::= APP_OR_OTHER_ENTRY+
+ *   APP_OR_OTHER_ENTRY  ::= APP_NAME_OR_OTHER JAAS_CONFIG_BLOCK
+ *   APP_NAME_OR_OTHER   ::= APP_NAME
+ *                         | 'other'
+ *   JAAS_CONFIG_BLOCK   ::= '{' (LOGIN_MODULE_ENTRY ';')+ '}' ';'
+ *   LOGIN_MODULE_ENTRY  ::= MODULE_CLASS FLAG MODULE_OPTION* ';'
+ *   FLAG                ::= 'required'
+ *                         | 'requisite'
+ *                         | 'sufficient'
+ *                         | 'optional'
+ *   MODULE_OPTION       ::= PARAM_NAME '=' PARAM_VALUE
+ *
+ *   APP_NAME     ::= JAVA_IDENTIFIER
+ *   MODULE_CLASS ::= JAVA_IDENTIFIER ('.' JAVA_IDENTIFIER)*
+ *   PARAM_NAME   ::= STRING
+ *   PARAM_VALUE  ::= '"' STRING '"' | ''' STRING ''' | STRING
+ *
    + * + *

    This implementation will specifically attempt to process one or more + * Login Configuration files in the following locations, and when found parse + * them and merge their contents. The locations, and the order in which they are + * investigated, follows:

    + * + *
      + *
    1. If the following Security properties: + * java.security.auth.login.config.url.N, where N + * is a digit, from 1 to an arbitrary number, are defined, then + * the value of each of those properties will be considered as a JAAS Login + * Configuration file written in the default syntax. This implementation will + * attempt parsing all such files. + * + *

      It is worth noting the following: + *

        + *
      • The GNU Classpath security file, named classpath.security, + * where all Security properties are encoded, is usually located in + * /usr/local/classpath/lib/security folder.
        • + * + *
      • The numbers used in the properties + * java.security.auth.login.config.url.N MUST be sequential, + * with no breaks in-between.
        • + *
      + *

      + * + *

      If at least one of the designated Configuration files was found, and + * was parsed correctly, then no other location will be inspected.

      2. + * + *
    2. If the System property named java.security.auth.login.config + * is not null or empty, its contents are then interpreted as a URL to a + * JAAS Login Configuration file written in the default syntax. + * + *

      If this System property is defined, and the file it refers to was + * parsed correctly, then no other location will be inspected.

      3. + * + *
    3. If a file named .java.login.config or java.login.config + * (in that order) is found in the location referenced by the value of the + * System property user.home, then that file is parsed as a JAAS Login + * Configuration written in the default syntax.
      4. + * + *
    4. If none of the above resulted in a correctly parsed JAAS Login + * Configuration file, then this implementation will install a Null + * Configuration which basically does not recognize any Application.
      5. + *
    + */ +public final class GnuConfiguration extends Configuration +{ + // Constants and fields + // -------------------------------------------------------------------------- + + private static final boolean DEBUG = true; + private static final void debug(String m) {if (DEBUG) System.err.println(m);}; + + /** + * The internal map of login modules keyed by application name. Each entry in + * this map is a {@link List} of {@link AppConfigurationEntry}s for that + * application name. + */ + private Map loginModulesMap; + /** Our reference to our default syntax parser. */ + private ConfigFileParser cp; + + // Constructor(s) + // -------------------------------------------------------------------------- + + /** Trivial 0-arguments Constructor. */ + public GnuConfiguration() + { + super(); + + loginModulesMap = new HashMap(); + cp = new ConfigFileParser(); + init(); + } + + // Class methods + // -------------------------------------------------------------------------- + + // Instance methods + // -------------------------------------------------------------------------- + + // Configuration abstract methods implementation ---------------------------- + + /* (non-Javadoc) + * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String) + */ + public AppConfigurationEntry[] getAppConfigurationEntry(String appName) + { + if (appName == null) + return null; + + appName = appName.trim(); + if (appName.length() == 0) + return null; + + List loginModules = (List) loginModulesMap.get(appName); + if (loginModules == null || loginModules.size() == 0) + return null; + + debug("DEBUG: " + appName + " -> " + loginModules.size() + " entry(ies)"); + return (AppConfigurationEntry[]) loginModules.toArray(new AppConfigurationEntry[0]); + } + + /** + * Refreshes and reloads this Configuration. + * + *

    This method causes this Configuration object to refresh / + * reload its contents following the locations and logic described above in + * the class documentation section.

    + * + * @throws SecurityException if the caller does not have an + * {@link AuthPermission} for the action named + * refreshLoginConfiguration. + * @see {@link AuthPermission} + */ + public void refresh() + { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new AuthPermission("refreshLoginConfiguration")); + + loginModulesMap.clear(); + init(); + } + + // helper methods ----------------------------------------------------------- + + /** + * Attempts to find and parse JAAS Login Configuration file(s) written in + * the default syntax. The locations searched are as descibed in the class + * documentation. + */ + private void init() + { + if (processSecurityProperties()) + debug(" INFO: Using login configuration defined by Security property(ies)"); + else if (processSystemProperty()) + debug(" INFO: Using login configuration defined by System property"); + else if (processUserHome()) + debug(" INFO: Using login configuration defined in ${user.home}"); + else + debug(" WARN: No login configuration file found"); + } + + /** + * Attempts to locate and parse one or more JAAS Login Configuration files + * defined as the values of the Security properties + * java.security.auth.login.config.url.N. + * + * @return true if it succeeds, and false + * otherwsie. + */ + private boolean processSecurityProperties() + { + boolean result = false; + int counter = 0; + String s; + while (true) + try + { + counter++; + s = Security.getProperty("java.security.auth.login.config.url." + + counter); + if (s == null) + break; + + s = s.trim(); + if (s.length() != 0) + { + debug("DEBUG: java.security.auth.login.config.url." + counter + + " = " + s); + parseConfig(getInputStreamFromURL(s)); + result = true; + } + } + catch (Throwable t) + { + debug(" WARN: Exception while handling Security property at #" + + counter + ". Continue: " + t); + } + return result; + } + + /** + * Attempts to open a designated string as a well-formed {@link URL}. If a + * {@link MalformedURLException} occurs, this method then tries to open that + * string as a {@link File} (with the same name). If it succeeds, an + * {@link InputStream} is constructed and returned. + * + * @param s + * the designated name of either a {@link URL} or a {@link File} + * assumed to contain a JAAS Login Configuration in the default + * syntax. + * @return an {@link InputStream} around the data source. + * @throws IOException + * if an exception occurs during the operation. + */ + private InputStream getInputStreamFromURL(String s) throws IOException + { + InputStream result = null; + try + { + URL url = new URL(s); + result = url.openStream(); + } + catch (MalformedURLException x) + { + debug(" WARN: Failed opening as URL: " + s + ". Will try as File"); + result = new FileInputStream(s); + } + return result; + } + + /** + * Attempts to locate and parse a JAAS Login Configuration file defined as the + * value of the System property java.security.auth.login.config. + * + * @return true if it succeeds, and false + * otherwsie. + */ + private boolean processSystemProperty() + { + boolean result = false; + try + { + String s = System.getProperty("java.security.auth.login.config"); + if (s != null) + { + s = s.trim(); + if (s.length() != 0) + { + debug("DEBUG: java.security.auth.login.config = " + s); + parseConfig(getInputStreamFromURL(s)); + result = true; + } + } + } + catch (Throwable t) + { + debug(" WARN: Exception while handling System property. Continue: " + t); + } + return result; + } + + /** + * Attempts to locate and parse a JAAS Login Configuration file named either + * as .java.login.config or java.login.config (without the + * leading dot) in the folder referenced by the System property + * user.home. + * + * @return true if it succeeds, and false + * otherwsie. + */ + private boolean processUserHome() + { + boolean result = false; + try + { + File userHome = getUserHome(); + if (userHome == null) + return result; + + File jaasFile; + jaasFile = getConfigFromUserHome(userHome, ".java.login.config"); + if (jaasFile == null) + jaasFile = getConfigFromUserHome(userHome, "java.login.config"); + + if (jaasFile == null) + { + debug(" WARN: Login Configuration file, in " + userHome + + ", does not exist or is inaccessible"); + return result; + } + + FileInputStream fis = new FileInputStream(jaasFile); + parseConfig(fis); + result = true; + } + catch (Throwable t) + { + debug(" WARN: Exception while handling ${user.home}: " + t); + } + return result; + } + + private void parseConfig(InputStream configStream) throws IOException + { + cp.parse(new InputStreamReader(configStream, "UTF-8")); + Map loginModulesMap = cp.getLoginModulesMap(); + mergeLoginModules(loginModulesMap); + } + + private void mergeLoginModules(Map otherLoginModules) + { + if (otherLoginModules == null || otherLoginModules.size() < 1) + return; + + for (Iterator it = otherLoginModules.keySet().iterator(); it.hasNext();) + { + String appName = (String) it.next(); + List thatListOfACEs = (List) otherLoginModules.get(appName); + if (thatListOfACEs == null || thatListOfACEs.size() < 1) + continue; + + List thisListsOfACEs = (List) loginModulesMap.get(appName); + if (thisListsOfACEs == null) + loginModulesMap.put(appName, thatListOfACEs); + else + thisListsOfACEs.addAll(thatListOfACEs); + } + } + + private File getUserHome() + { + String uh = System.getProperty("user.home"); + if (uh == null || uh.trim().length() == 0) + { + debug(" WARN: User home path is not set or is empty"); + return null; + } + + uh = uh.trim(); + File result = new File(uh); + if (!result.exists()) + { + debug(" WARN: User home '" + uh + "' does not exist"); + return null; + } + + if (!result.isDirectory()) + { + debug(" WARN: User home '" + uh + "' is not a directory"); + return null; + } + + if (!result.canRead()) + { + debug(" WARN: User home '" + uh + "' is not readable"); + return null; + } + + return result; + } + + private File getConfigFromUserHome(File userHome, String fileName) + { + File result = new File(userHome, fileName); + if (!result.exists()) + { + debug(" WARN: File '" + fileName + "' does not exist in user's home"); + return null; + } + + if (!result.isFile()) + { + debug(" WARN: File '" + fileName + "' in user's home is not a file"); + return null; + } + + if (!result.canRead()) + { + debug(" WARN: File '" + fileName + "' in user's home is not readable"); + return null; + } + + return result; + } +} diff --git a/libjava/classpath/gnu/regexp/CharIndexed.java b/libjava/classpath/gnu/regexp/CharIndexed.java index a0d7106..df1d893 100644 --- a/libjava/classpath/gnu/regexp/CharIndexed.java +++ b/libjava/classpath/gnu/regexp/CharIndexed.java @@ -1,5 +1,5 @@ /* gnu/regexp/CharIndexed.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2001, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -81,4 +81,16 @@ public interface CharIndexed { * position at a valid position in the input. */ boolean isValid(); + + /** + * Returns another CharIndexed containing length characters to the left + * of the given index. The given length is an expected maximum and + * the returned CharIndexed may not necessarily contain so many characters. + */ + CharIndexed lookBehind(int index, int length); + + /** + * Returns the effective length of this CharIndexed + */ + int length(); } diff --git a/libjava/classpath/gnu/regexp/CharIndexedCharArray.java b/libjava/classpath/gnu/regexp/CharIndexedCharArray.java index 63d858c..1388d47 100644 --- a/libjava/classpath/gnu/regexp/CharIndexedCharArray.java +++ b/libjava/classpath/gnu/regexp/CharIndexedCharArray.java @@ -1,5 +1,5 @@ /* gnu/regexp/CharIndexedCharArray.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2001, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -59,4 +59,13 @@ class CharIndexedCharArray implements CharIndexed, Serializable { public boolean move(int index) { return ((anchor += index) < s.length); } + + public CharIndexed lookBehind(int index, int length) { + if (length > (anchor + index)) length = anchor + index; + return new CharIndexedCharArray(s, anchor + index - length); + } + + public int length() { + return s.length - anchor; + } } diff --git a/libjava/classpath/gnu/regexp/CharIndexedInputStream.java b/libjava/classpath/gnu/regexp/CharIndexedInputStream.java index 145fe11..d5225a7 100644 --- a/libjava/classpath/gnu/regexp/CharIndexedInputStream.java +++ b/libjava/classpath/gnu/regexp/CharIndexedInputStream.java @@ -1,5 +1,5 @@ /* gnu/regexp/CharIndexedInputStream.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2001, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -145,5 +145,15 @@ class CharIndexedInputStream implements CharIndexed { public boolean isValid() { return (cached != OUT_OF_BOUNDS); } + + public CharIndexed lookBehind(int index, int length) { + throw new UnsupportedOperationException( + "difficult to look behind for an input stream"); + } + + public int length() { + throw new UnsupportedOperationException( + "difficult to tell the length for an input stream"); + } } diff --git a/libjava/classpath/gnu/regexp/CharIndexedString.java b/libjava/classpath/gnu/regexp/CharIndexedString.java index 05be07a..fe4fa8f 100644 --- a/libjava/classpath/gnu/regexp/CharIndexedString.java +++ b/libjava/classpath/gnu/regexp/CharIndexedString.java @@ -1,5 +1,5 @@ /* gnu/regexp/CharIndexedString.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2001, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -61,4 +61,13 @@ class CharIndexedString implements CharIndexed, Serializable { public boolean move(int index) { return ((anchor += index) < len); } + + public CharIndexed lookBehind(int index, int length) { + if (length > (anchor + index)) length = anchor + index; + return new CharIndexedString(s, anchor + index - length); + } + + public int length() { + return len - anchor; + } } diff --git a/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java b/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java index 1b88e39..9c9118d 100644 --- a/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java +++ b/libjava/classpath/gnu/regexp/CharIndexedStringBuffer.java @@ -1,5 +1,5 @@ /* gnu/regexp/CharIndexedStringBuffer.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2001, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -59,4 +59,13 @@ class CharIndexedStringBuffer implements CharIndexed, Serializable { public boolean move(int index) { return ((anchor += index) < s.length()); } + + public CharIndexed lookBehind(int index, int length) { + if (length > (anchor + index)) length = anchor + index; + return new CharIndexedStringBuffer(s, anchor + index - length); + } + + public int length() { + return s.length() - anchor; + } } diff --git a/libjava/classpath/gnu/regexp/RE.java b/libjava/classpath/gnu/regexp/RE.java index 9ac9b53..ef606a6 100644 --- a/libjava/classpath/gnu/regexp/RE.java +++ b/libjava/classpath/gnu/regexp/RE.java @@ -1,5 +1,5 @@ /* gnu/regexp/RE.java - Copyright (C) 1998-2001, 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -136,12 +136,13 @@ public class RE extends REToken { /** Minimum length, in characters, of any possible match. */ private int minimumLength; + private int maximumLength; /** * Compilation flag. Do not differentiate case. Subsequent * searches using this RE will be case insensitive. */ - public static final int REG_ICASE = 2; + public static final int REG_ICASE = 0x02; /** * Compilation flag. The match-any-character operator (dot) @@ -149,14 +150,14 @@ public class RE extends REToken { * bit RE_DOT_NEWLINE (see RESyntax for details). This is equivalent to * the "/s" operator in Perl. */ - public static final int REG_DOT_NEWLINE = 4; + public static final int REG_DOT_NEWLINE = 0x04; /** * Compilation flag. Use multiline mode. In this mode, the ^ and $ * anchors will match based on newlines within the input. This is * equivalent to the "/m" operator in Perl. */ - public static final int REG_MULTILINE = 8; + public static final int REG_MULTILINE = 0x08; /** * Execution flag. @@ -185,14 +186,14 @@ public class RE extends REToken { * // m4.toString(): "fool"
    *     */ - public static final int REG_NOTBOL = 16; + public static final int REG_NOTBOL = 0x10; /** * Execution flag. * The match-end operator ($) does not match at the end * of the input string. Useful for matching on substrings. */ - public static final int REG_NOTEOL = 32; + public static final int REG_NOTEOL = 0x20; /** * Execution flag. @@ -206,7 +207,7 @@ public class RE extends REToken { * the example under REG_NOTBOL. It also affects the use of the \< * and \b operators. */ - public static final int REG_ANCHORINDEX = 64; + public static final int REG_ANCHORINDEX = 0x40; /** * Execution flag. @@ -215,7 +216,24 @@ public class RE extends REToken { * the corresponding subexpressions. For example, you may want to * replace all matches of "one dollar" with "$1". */ - public static final int REG_NO_INTERPOLATE = 128; + public static final int REG_NO_INTERPOLATE = 0x80; + + /** + * Execution flag. + * Try to match the whole input string. An implicit match-end operator + * is added to this regexp. + */ + public static final int REG_TRY_ENTIRE_MATCH = 0x0100; + + /** + * Execution flag. + * The substitute and substituteAll methods will treat the + * character '\' in the replacement as an escape to a literal + * character. In this case "\n", "\$", "\\", "\x40" and "\012" + * will become "n", "$", "\", "x40" and "012" respectively. + * This flag has no effect if REG_NO_INTERPOLATE is set on. + */ + public static final int REG_REPLACE_USE_BACKSLASHESCAPE = 0x0200; /** Returns a string representing the version of the gnu.regexp package. */ public static final String version() { @@ -273,12 +291,13 @@ public class RE extends REToken { } // internal constructor used for alternation - private RE(REToken first, REToken last,int subs, int subIndex, int minLength) { + private RE(REToken first, REToken last,int subs, int subIndex, int minLength, int maxLength) { super(subIndex); firstToken = first; lastToken = last; numSubs = subs; minimumLength = minLength; + maximumLength = maxLength; addToken(new RETokenEndSub(subIndex)); } @@ -333,6 +352,11 @@ public class RE extends REToken { char ch; boolean quot = false; + // Saved syntax and flags. + RESyntax savedSyntax = null; + int savedCflags = 0; + boolean flagsSaved = false; + while (index < pLength) { // read the next character unit (including backslash escapes) index = getCharUnit(pattern,index,unit,quot); @@ -359,8 +383,9 @@ public class RE extends REToken { && !syntax.get(RESyntax.RE_LIMITED_OPS)) { // make everything up to here be a branch. create vector if nec. addToken(currentToken); - RE theBranch = new RE(firstToken, lastToken, numSubs, subIndex, minimumLength); + RE theBranch = new RE(firstToken, lastToken, numSubs, subIndex, minimumLength, maximumLength); minimumLength = 0; + maximumLength = 0; if (branches == null) { branches = new Vector(); } @@ -402,102 +427,12 @@ public class RE extends REToken { // [...] | [^...] else if ((unit.ch == '[') && !(unit.bk || quot)) { - Vector options = new Vector(); - boolean negative = false; - char lastChar = 0; - if (index == pLength) throw new REException(getLocalizedMessage("unmatched.bracket"),REException.REG_EBRACK,index); - - // Check for initial caret, negation - if ((ch = pattern[index]) == '^') { - negative = true; - if (++index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); - ch = pattern[index]; - } - - // Check for leading right bracket literal - if (ch == ']') { - lastChar = ch; - if (++index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); - } - - while ((ch = pattern[index++]) != ']') { - if ((ch == '-') && (lastChar != 0)) { - if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); - if ((ch = pattern[index]) == ']') { - options.addElement(new RETokenChar(subIndex,lastChar,insens)); - lastChar = '-'; - } else { - options.addElement(new RETokenRange(subIndex,lastChar,ch,insens)); - lastChar = 0; - index++; - } - } else if ((ch == '\\') && syntax.get(RESyntax.RE_BACKSLASH_ESCAPE_IN_LISTS)) { - if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); - int posixID = -1; - boolean negate = false; - char asciiEsc = 0; - if (("dswDSW".indexOf(pattern[index]) != -1) && syntax.get(RESyntax.RE_CHAR_CLASS_ESC_IN_LISTS)) { - switch (pattern[index]) { - case 'D': - negate = true; - case 'd': - posixID = RETokenPOSIX.DIGIT; - break; - case 'S': - negate = true; - case 's': - posixID = RETokenPOSIX.SPACE; - break; - case 'W': - negate = true; - case 'w': - posixID = RETokenPOSIX.ALNUM; - break; - } - } - else if ("nrt".indexOf(pattern[index]) != -1) { - switch (pattern[index]) { - case 'n': - asciiEsc = '\n'; - break; - case 't': - asciiEsc = '\t'; - break; - case 'r': - asciiEsc = '\r'; - break; - } - } - if (lastChar != 0) options.addElement(new RETokenChar(subIndex,lastChar,insens)); - - if (posixID != -1) { - options.addElement(new RETokenPOSIX(subIndex,posixID,insens,negate)); - } else if (asciiEsc != 0) { - lastChar = asciiEsc; - } else { - lastChar = pattern[index]; - } - ++index; - } else if ((ch == '[') && (syntax.get(RESyntax.RE_CHAR_CLASSES)) && (index < pLength) && (pattern[index] == ':')) { - StringBuffer posixSet = new StringBuffer(); - index = getPosixSet(pattern,index+1,posixSet); - int posixId = RETokenPOSIX.intValue(posixSet.toString()); - if (posixId != -1) - options.addElement(new RETokenPOSIX(subIndex,posixId,insens,false)); - } else { - if (lastChar != 0) options.addElement(new RETokenChar(subIndex,lastChar,insens)); - lastChar = ch; - } - if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); - } // while in list - // Out of list, index is one past ']' - - if (lastChar != 0) options.addElement(new RETokenChar(subIndex,lastChar,insens)); - // Create a new RETokenOneOf + ParseCharClassResult result = parseCharClass( + subIndex, pattern, index, pLength, cflags, syntax, 0); addToken(currentToken); - options.trimToSize(); - currentToken = new RETokenOneOf(subIndex,options,negative); + currentToken = result.token; + index = result.index; } // SUBEXPRESSIONS @@ -507,7 +442,10 @@ public class RE extends REToken { boolean pure = false; boolean comment = false; boolean lookAhead = false; + boolean lookBehind = false; + boolean independent = false; boolean negativelh = false; + boolean negativelb = false; if ((index+1 < pLength) && (pattern[index] == '?')) { switch (pattern[index+1]) { case '!': @@ -525,6 +463,114 @@ public class RE extends REToken { index += 2; } break; + case '<': + // We assume that if the syntax supports look-ahead, + // it also supports look-behind. + if (syntax.get(RESyntax.RE_LOOKAHEAD)) { + index++; + switch (pattern[index +1]) { + case '!': + pure = true; + negativelb = true; + lookBehind = true; + index += 2; + break; + case '=': + pure = true; + lookBehind = true; + index += 2; + } + } + break; + case '>': + // We assume that if the syntax supports look-ahead, + // it also supports independent group. + if (syntax.get(RESyntax.RE_LOOKAHEAD)) { + pure = true; + independent = true; + index += 2; + } + break; + case 'i': + case 'd': + case 'm': + case 's': + // case 'u': not supported + // case 'x': not supported + case '-': + if (!syntax.get(RESyntax.RE_EMBEDDED_FLAGS)) break; + // Set or reset syntax flags. + int flagIndex = index + 1; + int endFlag = -1; + RESyntax newSyntax = new RESyntax(syntax); + int newCflags = cflags; + boolean negate = false; + while (flagIndex < pLength && endFlag < 0) { + switch(pattern[flagIndex]) { + case 'i': + if (negate) + newCflags &= ~REG_ICASE; + else + newCflags |= REG_ICASE; + flagIndex++; + break; + case 'd': + if (negate) + newSyntax.setLineSeparator(RESyntax.DEFAULT_LINE_SEPARATOR); + else + newSyntax.setLineSeparator("\n"); + flagIndex++; + break; + case 'm': + if (negate) + newCflags &= ~REG_MULTILINE; + else + newCflags |= REG_MULTILINE; + flagIndex++; + break; + case 's': + if (negate) + newCflags &= ~REG_DOT_NEWLINE; + else + newCflags |= REG_DOT_NEWLINE; + flagIndex++; + break; + // case 'u': not supported + // case 'x': not supported + case '-': + negate = true; + flagIndex++; + break; + case ':': + case ')': + endFlag = pattern[flagIndex]; + break; + default: + throw new REException(getLocalizedMessage("repeat.no.token"), REException.REG_BADRPT, index); + } + } + if (endFlag == ')') { + syntax = newSyntax; + cflags = newCflags; + insens = ((cflags & REG_ICASE) > 0); + // This can be treated as though it were a comment. + comment = true; + index = flagIndex - 1; + break; + } + if (endFlag == ':') { + savedSyntax = syntax; + savedCflags = cflags; + flagsSaved = true; + syntax = newSyntax; + cflags = newCflags; + insens = ((cflags & REG_ICASE) > 0); + index = flagIndex -1; + // Fall through to the next case. + } + else { + throw new REException(getLocalizedMessage("unmatched.paren"), REException.REG_ESUBREG,index); + } case ':': if (syntax.get(RESyntax.RE_PURE_GROUPING)) { pure = true; @@ -607,15 +653,28 @@ public class RE extends REToken { numSubs++; } - int useIndex = (pure || lookAhead) ? 0 : nextSub + numSubs; + int useIndex = (pure || lookAhead || lookBehind || independent) ? + 0 : nextSub + numSubs; currentToken = new RE(String.valueOf(pattern,index,endIndex-index).toCharArray(),cflags,syntax,useIndex,nextSub + numSubs); numSubs += ((RE) currentToken).getNumSubs(); if (lookAhead) { currentToken = new RETokenLookAhead(currentToken,negativelh); } + else if (lookBehind) { + currentToken = new RETokenLookBehind(currentToken,negativelb); + } + else if (independent) { + currentToken = new RETokenIndependent(currentToken); + } index = nextIndex; + if (flagsSaved) { + syntax = savedSyntax; + cflags = savedCflags; + insens = ((cflags & REG_ICASE) > 0); + flagsSaved = false; + } } // not a comment } // subexpression @@ -715,14 +774,45 @@ public class RE extends REToken { else currentToken = setRepeated(currentToken,0,1,index); } + + // OCTAL CHARACTER + // \0377 + else if (unit.bk && (unit.ch == '0') && syntax.get(RESyntax.RE_OCTAL_CHAR)) { + CharExpression ce = getCharExpression(pattern, index - 2, pLength, syntax); + if (ce == null) + throw new REException("invalid octal character", REException.REG_ESCAPE, index); + index = index - 2 + ce.len; + addToken(currentToken); + currentToken = new RETokenChar(subIndex,ce.ch,insens); + } + // BACKREFERENCE OPERATOR - // \1 \2 ... \9 + // \1 \2 ... \9 and \10 \11 \12 ... // not available if RE_NO_BK_REFS is set + // Perl recognizes \10, \11, and so on only if enough number of + // parentheses have opened before it, otherwise they are treated + // as aliases of \010, \011, ... (octal characters). In case of + // Sun's JDK, octal character expression must always begin with \0. + // We will do as JDK does. But FIXME, take a look at "(a)(b)\29". + // JDK treats \2 as a back reference to the 2nd group because + // there are only two groups. But in our poor implementation, + // we cannot help but treat \29 as a back reference to the 29th group. else if (unit.bk && Character.isDigit(unit.ch) && !syntax.get(RESyntax.RE_NO_BK_REFS)) { addToken(currentToken); - currentToken = new RETokenBackRef(subIndex,Character.digit(unit.ch,10),insens); + int numBegin = index - 1; + int numEnd = pLength; + for (int i = index; i < pLength; i++) { + if (! Character.isDigit(pattern[i])) { + numEnd = i; + break; + } + } + int num = parseInt(pattern, numBegin, numEnd-numBegin, 10); + + currentToken = new RETokenBackRef(subIndex,num,insens); + index = numEnd; } // START OF STRING OPERATOR @@ -844,6 +934,32 @@ public class RE extends REToken { currentToken = new RETokenEnd(subIndex,null); } + // HEX CHARACTER, UNICODE CHARACTER + // \x1B, \u1234 + + else if ((unit.bk && (unit.ch == 'x') && syntax.get(RESyntax.RE_HEX_CHAR)) || + (unit.bk && (unit.ch == 'u') && syntax.get(RESyntax.RE_UNICODE_CHAR))) { + CharExpression ce = getCharExpression(pattern, index - 2, pLength, syntax); + if (ce == null) + throw new REException("invalid hex character", REException.REG_ESCAPE, index); + index = index - 2 + ce.len; + addToken(currentToken); + currentToken = new RETokenChar(subIndex,ce.ch,insens); + } + + // NAMED PROPERTY + // \p{prop}, \P{prop} + + else if ((unit.bk && (unit.ch == 'p') && syntax.get(RESyntax.RE_NAMED_PROPERTY)) || + (unit.bk && (unit.ch == 'P') && syntax.get(RESyntax.RE_NAMED_PROPERTY))) { + NamedProperty np = getNamedProperty(pattern, index - 2, pLength); + if (np == null) + throw new REException("invalid escape sequence", REException.REG_ESCAPE, index); + index = index - 2 + np.len; + addToken(currentToken); + currentToken = getRETokenNamedProperty(subIndex,np,insens,index); + } + // NON-SPECIAL CHARACTER (or escape to make literal) // c | \* for example @@ -857,9 +973,10 @@ public class RE extends REToken { addToken(currentToken); if (branches != null) { - branches.addElement(new RE(firstToken,lastToken,numSubs,subIndex,minimumLength)); + branches.addElement(new RE(firstToken,lastToken,numSubs,subIndex,minimumLength, maximumLength)); branches.trimToSize(); // compact the Vector minimumLength = 0; + maximumLength = 0; firstToken = lastToken = null; addToken(new RETokenOneOf(subIndex,branches,false)); } @@ -867,6 +984,199 @@ public class RE extends REToken { } + private static class ParseCharClassResult { + RETokenOneOf token; + int index; + boolean returnAtAndOperator = false; + } + + /** + * Parse [...] or [^...] and make an RETokenOneOf instance. + * @param subIndex subIndex to be given to the created RETokenOneOf instance. + * @param pattern Input array of characters to be parsed. + * @param index Index pointing to the character next to the beginning '['. + * @param pLength Limit of the input array. + * @param cflags Compilation flags used to parse the pattern. + * @param pflags Flags that affect the behavior of this method. + * @param syntax Syntax used to parse the pattern. + */ + private static ParseCharClassResult parseCharClass(int subIndex, + char[] pattern, int index, + int pLength, int cflags, RESyntax syntax, int pflags) + throws REException { + + boolean insens = ((cflags & REG_ICASE) > 0); + Vector options = new Vector(); + Vector addition = new Vector(); + boolean additionAndAppeared = false; + final int RETURN_AT_AND = 0x01; + boolean returnAtAndOperator = ((pflags & RETURN_AT_AND) != 0); + boolean negative = false; + char ch; + + char lastChar = 0; + boolean lastCharIsSet = false; + if (index == pLength) throw new REException(getLocalizedMessage("unmatched.bracket"),REException.REG_EBRACK,index); + + // Check for initial caret, negation + if ((ch = pattern[index]) == '^') { + negative = true; + if (++index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); + ch = pattern[index]; + } + + // Check for leading right bracket literal + if (ch == ']') { + lastChar = ch; lastCharIsSet = true; + if (++index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); + } + + while ((ch = pattern[index++]) != ']') { + if ((ch == '-') && (lastCharIsSet)) { + if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); + if ((ch = pattern[index]) == ']') { + options.addElement(new RETokenChar(subIndex,lastChar,insens)); + lastChar = '-'; + } else { + if ((ch == '\\') && syntax.get(RESyntax.RE_BACKSLASH_ESCAPE_IN_LISTS)) { + CharExpression ce = getCharExpression(pattern, index, pLength, syntax); + if (ce == null) + throw new REException("invalid escape sequence", REException.REG_ESCAPE, index); + ch = ce.ch; + index = index + ce.len - 1; + } + options.addElement(new RETokenRange(subIndex,lastChar,ch,insens)); + lastChar = 0; lastCharIsSet = false; + index++; + } + } else if ((ch == '\\') && syntax.get(RESyntax.RE_BACKSLASH_ESCAPE_IN_LISTS)) { + if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); + int posixID = -1; + boolean negate = false; + char asciiEsc = 0; + boolean asciiEscIsSet = false; + NamedProperty np = null; + if (("dswDSW".indexOf(pattern[index]) != -1) && syntax.get(RESyntax.RE_CHAR_CLASS_ESC_IN_LISTS)) { + switch (pattern[index]) { + case 'D': + negate = true; + case 'd': + posixID = RETokenPOSIX.DIGIT; + break; + case 'S': + negate = true; + case 's': + posixID = RETokenPOSIX.SPACE; + break; + case 'W': + negate = true; + case 'w': + posixID = RETokenPOSIX.ALNUM; + break; + } + } + if (("pP".indexOf(pattern[index]) != -1) && syntax.get(RESyntax.RE_NAMED_PROPERTY)) { + np = getNamedProperty(pattern, index - 1, pLength); + if (np == null) + throw new REException("invalid escape sequence", REException.REG_ESCAPE, index); + index = index - 1 + np.len - 1; + } + else { + CharExpression ce = getCharExpression(pattern, index - 1, pLength, syntax); + if (ce == null) + throw new REException("invalid escape sequence", REException.REG_ESCAPE, index); + asciiEsc = ce.ch; asciiEscIsSet = true; + index = index - 1 + ce.len - 1; + } + if (lastCharIsSet) options.addElement(new RETokenChar(subIndex,lastChar,insens)); + + if (posixID != -1) { + options.addElement(new RETokenPOSIX(subIndex,posixID,insens,negate)); + } else if (np != null) { + options.addElement(getRETokenNamedProperty(subIndex,np,insens,index)); + } else if (asciiEscIsSet) { + lastChar = asciiEsc; lastCharIsSet = true; + } else { + lastChar = pattern[index]; lastCharIsSet = true; + } + ++index; + } else if ((ch == '[') && (syntax.get(RESyntax.RE_CHAR_CLASSES)) && (index < pLength) && (pattern[index] == ':')) { + StringBuffer posixSet = new StringBuffer(); + index = getPosixSet(pattern,index+1,posixSet); + int posixId = RETokenPOSIX.intValue(posixSet.toString()); + if (posixId != -1) + options.addElement(new RETokenPOSIX(subIndex,posixId,insens,false)); + } else if ((ch == '[') && (syntax.get(RESyntax.RE_NESTED_CHARCLASS))) { + ParseCharClassResult result = parseCharClass( + subIndex, pattern, index, pLength, cflags, syntax, 0); + addition.addElement(result.token); + addition.addElement("|"); + index = result.index; + } else if ((ch == '&') && + (syntax.get(RESyntax.RE_NESTED_CHARCLASS)) && + (index < pLength) && (pattern[index] == '&')) { + if (returnAtAndOperator) { + ParseCharClassResult result = new ParseCharClassResult(); + options.trimToSize(); + if (additionAndAppeared) addition.addElement("&"); + if (addition.size() == 0) addition = null; + result.token = new RETokenOneOf(subIndex, + options, addition, negative); + result.index = index - 1; + result.returnAtAndOperator = true; + return result; + } + // The precedence of the operator "&&" is the lowest. + // So we postpone adding "&" until other elements + // are added. And we insert Boolean.FALSE at the + // beginning of the list of tokens following "&&". + // So, "&&[a-b][k-m]" will be stored in the Vecter + // addition in this order: + // Boolean.FALSE, [a-b], "|", [k-m], "|", "&" + if (additionAndAppeared) addition.addElement("&"); + addition.addElement(Boolean.FALSE); + additionAndAppeared = true; + + // The part on which "&&" operates may be either + // (1) explicitly enclosed by [] + // or + // (2) not enclosed by [] and terminated by the + // next "&&" or the end of the character list. + // Let the preceding else if block do the case (1). + // We must do something in case of (2). + if ((index + 1 < pLength) && (pattern[index + 1] != '[')) { + ParseCharClassResult result = parseCharClass( + subIndex, pattern, index+1, pLength, cflags, syntax, + RETURN_AT_AND); + addition.addElement(result.token); + addition.addElement("|"); + // If the method returned at the next "&&", it is OK. + // Otherwise we have eaten the mark of the end of this + // character list "]". In this case we must give back + // the end mark. + index = (result.returnAtAndOperator ? + result.index: result.index - 1); + } + } else { + if (lastCharIsSet) options.addElement(new RETokenChar(subIndex,lastChar,insens)); + lastChar = ch; lastCharIsSet = true; + } + if (index == pLength) throw new REException(getLocalizedMessage("class.no.end"),REException.REG_EBRACK,index); + } // while in list + // Out of list, index is one past ']' + + if (lastCharIsSet) options.addElement(new RETokenChar(subIndex,lastChar,insens)); + + ParseCharClassResult result = new ParseCharClassResult(); + // Create a new RETokenOneOf + options.trimToSize(); + if (additionAndAppeared) addition.addElement("&"); + if (addition.size() == 0) addition = null; + result.token = new RETokenOneOf(subIndex,options, addition, negative); + result.index = index; + return result; + } + private static int getCharUnit(char[] input, int index, CharUnit unit, boolean quot) throws REException { unit.ch = input[index++]; unit.bk = (unit.ch == '\\' @@ -878,6 +1188,176 @@ public class RE extends REToken { return index; } + private static int parseInt(char[] input, int pos, int len, int radix) { + int ret = 0; + for (int i = pos; i < pos + len; i++) { + ret = ret * radix + Character.digit(input[i], radix); + } + return ret; + } + + /** + * This class represents various expressions for a character. + * "a" : 'a' itself. + * "\0123" : Octal char 0123 + * "\x1b" : Hex char 0x1b + * "\u1234" : Unicode char \u1234 + */ + private static class CharExpression { + /** character represented by this expression */ + char ch; + /** String expression */ + String expr; + /** length of this expression */ + int len; + public String toString() { return expr; } + } + + private static CharExpression getCharExpression(char[] input, int pos, int lim, + RESyntax syntax) { + CharExpression ce = new CharExpression(); + char c = input[pos]; + if (c == '\\') { + if (pos + 1 >= lim) return null; + c = input[pos + 1]; + switch(c) { + case 't': + ce.ch = '\t'; + ce.len = 2; + break; + case 'n': + ce.ch = '\n'; + ce.len = 2; + break; + case 'r': + ce.ch = '\r'; + ce.len = 2; + break; + case 'x': + case 'u': + if ((c == 'x' && syntax.get(RESyntax.RE_HEX_CHAR)) || + (c == 'u' && syntax.get(RESyntax.RE_UNICODE_CHAR))) { + int l = 0; + int expectedLength = (c == 'x' ? 2 : 4); + for (int i = pos + 2; i < pos + 2 + expectedLength; i++) { + if (i >= lim) break; + if (!((input[i] >= '0' && input[i] <= '9') || + (input[i] >= 'A' && input[i] <= 'F') || + (input[i] >= 'a' && input[i] <= 'f'))) + break; + l++; + } + if (l != expectedLength) return null; + ce.ch = (char)(parseInt(input, pos + 2, l, 16)); + ce.len = l + 2; + } + else { + ce.ch = c; + ce.len = 2; + } + break; + case '0': + if (syntax.get(RESyntax.RE_OCTAL_CHAR)) { + int l = 0; + for (int i = pos + 2; i < pos + 2 + 3; i++) { + if (i >= lim) break; + if (input[i] < '0' || input[i] > '7') break; + l++; + } + if (l == 3 && input[pos + 2] > '3') l--; + if (l <= 0) return null; + ce.ch = (char)(parseInt(input, pos + 2, l, 8)); + ce.len = l + 2; + } + else { + ce.ch = c; + ce.len = 2; + } + break; + default: + ce.ch = c; + ce.len = 2; + break; + } + } + else { + ce.ch = input[pos]; + ce.len = 1; + } + ce.expr = new String(input, pos, ce.len); + return ce; + } + + /** + * This class represents a substring in a pattern string expressing + * a named property. + * "\pA" : Property named "A" + * "\p{prop}" : Property named "prop" + * "\PA" : Property named "A" (Negated) + * "\P{prop}" : Property named "prop" (Negated) + */ + private static class NamedProperty { + /** Property name */ + String name; + /** Negated or not */ + boolean negate; + /** length of this expression */ + int len; + } + + private static NamedProperty getNamedProperty(char[] input, int pos, int lim) { + NamedProperty np = new NamedProperty(); + char c = input[pos]; + if (c == '\\') { + if (++pos >= lim) return null; + c = input[pos++]; + switch(c) { + case 'p': + np.negate = false; + break; + case 'P': + np.negate = true; + break; + default: + return null; + } + c = input[pos++]; + if (c == '{') { + int p = -1; + for (int i = pos; i < lim; i++) { + if (input[i] == '}') { + p = i; + break; + } + } + if (p < 0) return null; + int len = p - pos; + np.name = new String(input, pos, len); + np.len = len + 4; + } + else { + np.name = new String(input, pos - 1, 1); + np.len = 3; + } + return np; + } + else return null; + } + + private static RETokenNamedProperty getRETokenNamedProperty( + int subIndex, NamedProperty np, boolean insens, int index) + throws REException { + try { + return new RETokenNamedProperty(subIndex, np.name, insens, np.negate); + } + catch (REException e) { + REException ree; + ree = new REException(e.getMessage(), REException.REG_ESCAPE, index); + ree.initCause(e); + throw ree; + } + } + /** * Checks if the regular expression matches the input in its entirety. * @@ -958,6 +1438,10 @@ public class RE extends REToken { return minimumLength; } + public int getMaximumLength() { + return maximumLength; + } + /** * Returns an array of all matches found in the input. * @@ -1025,7 +1509,9 @@ public class RE extends REToken { /* Implements abstract method REToken.match() */ boolean match(CharIndexed input, REMatch mymatch) { - if (firstToken == null) return next(input, mymatch); + if (firstToken == null) { + return next(input, mymatch); + } // Note the start of this subexpression mymatch.start[subIndex] = mymatch.index; @@ -1089,23 +1575,34 @@ public class RE extends REToken { } REMatch getMatchImpl(CharIndexed input, int anchor, int eflags, StringBuffer buffer) { + boolean tryEntireMatch = ((eflags & REG_TRY_ENTIRE_MATCH) != 0); + RE re = (tryEntireMatch ? (RE) this.clone() : this); + if (tryEntireMatch) { + re.chain(new RETokenEnd(0, null)); + } // Create a new REMatch to hold results REMatch mymatch = new REMatch(numSubs, anchor, eflags); do { // Optimization: check if anchor + minimumLength > length if (minimumLength == 0 || input.charAt(minimumLength-1) != CharIndexed.OUT_OF_BOUNDS) { - if (match(input, mymatch)) { - // Find longest match of them all to observe leftmost longest - REMatch longest = mymatch; + if (re.match(input, mymatch)) { + REMatch best = mymatch; + // We assume that the match that coms first is the best. + // And the following "The longer, the better" rule has + // been commented out. The longest is not neccesarily + // the best. For example, "a" out of "aaa" is the best + // match for /a+?/. + /* + // Find best match of them all to observe leftmost longest while ((mymatch = mymatch.next) != null) { - if (mymatch.index > longest.index) { - longest = mymatch; + if (mymatch.index > best.index) { + best = mymatch; } } - - longest.end[0] = longest.index; - longest.finish(input); - return longest; + */ + best.end[0] = best.index; + best.finish(input); + return best; } } mymatch.clear(++anchor); @@ -1216,8 +1713,7 @@ public class RE extends REToken { StringBuffer buffer = new StringBuffer(); REMatch m = getMatchImpl(input,index,eflags,buffer); if (m==null) return buffer.toString(); - buffer.append( ((eflags & REG_NO_INTERPOLATE) > 0) ? - replace : m.substituteInto(replace) ); + buffer.append(getReplacement(replace, m, eflags)); if (input.move(m.end[0])) { do { buffer.append(input.charAt(0)); @@ -1278,8 +1774,7 @@ public class RE extends REToken { StringBuffer buffer = new StringBuffer(); REMatch m; while ((m = getMatchImpl(input,index,eflags,buffer)) != null) { - buffer.append( ((eflags & REG_NO_INTERPOLATE) > 0) ? - replace : m.substituteInto(replace) ); + buffer.append(getReplacement(replace, m, eflags)); index = m.getEndIndex(); if (m.end[0] == 0) { char ch = input.charAt(0); @@ -1294,11 +1789,50 @@ public class RE extends REToken { } return buffer.toString(); } + + public static String getReplacement(String replace, REMatch m, int eflags) { + if ((eflags & REG_NO_INTERPOLATE) > 0) + return replace; + else { + if ((eflags & REG_REPLACE_USE_BACKSLASHESCAPE) > 0) { + StringBuffer sb = new StringBuffer(); + int l = replace.length(); + for (int i = 0; i < l; i++) { + char c = replace.charAt(i); + switch(c) { + case '\\': + i++; + // Let StringIndexOutOfBoundsException be thrown. + sb.append(replace.charAt(i)); + break; + case '$': + int i1 = i + 1; + while (i1 < replace.length() && + Character.isDigit(replace.charAt(i1))) i1++; + sb.append(m.substituteInto(replace.substring(i, i1))); + i = i1 - 1; + break; + default: + sb.append(c); + } + } + return sb.toString(); + } + else + return m.substituteInto(replace); + } + } /* Helper function for constructor */ private void addToken(REToken next) { if (next == null) return; minimumLength += next.getMinimumLength(); + int nmax = next.getMaximumLength(); + if (nmax < Integer.MAX_VALUE && maximumLength < Integer.MAX_VALUE) + maximumLength += nmax; + else + maximumLength = Integer.MAX_VALUE; + if (firstToken == null) { lastToken = firstToken = next; } else { diff --git a/libjava/classpath/gnu/regexp/REMatch.java b/libjava/classpath/gnu/regexp/REMatch.java index cf25bb3..91a3c02 100644 --- a/libjava/classpath/gnu/regexp/REMatch.java +++ b/libjava/classpath/gnu/regexp/REMatch.java @@ -1,5 +1,5 @@ /* gnu/regexp/REMatch.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -67,6 +67,10 @@ public final class REMatch implements Serializable, Cloneable { int[] start; // start positions (relative to offset) for each (sub)exp. int[] end; // end positions for the same REMatch next; // other possibility (to avoid having to use arrays) + boolean empty; // empty string matched. This flag is used only within + // RETokenRepeated. + int matchFlags; // flags passed to match methods + static final int MF_FIND_ALL = 0x01; public Object clone() { try { @@ -177,7 +181,9 @@ public final class REMatch implements Serializable, Cloneable { * @param sub Index of the subexpression. */ public String toString(int sub) { - if ((sub >= start.length) || (start[sub] == -1)) return ""; + if ((sub >= start.length) || sub < 0) + throw new IndexOutOfBoundsException("No group " + sub); + if (start[sub] == -1) return null; return (matchedText.substring(start[sub],end[sub])); } @@ -242,6 +248,8 @@ public final class REMatch implements Serializable, Cloneable { * $0 through $9. $0 matches * the full substring matched; $n matches * subexpression number n. + * $10, $11, ... may match the 10th, 11th, ... subexpressions + * if such subexpressions exist. * * @param input A string consisting of literals and $n tokens. */ @@ -252,6 +260,16 @@ public final class REMatch implements Serializable, Cloneable { for (pos = 0; pos < input.length()-1; pos++) { if ((input.charAt(pos) == '$') && (Character.isDigit(input.charAt(pos+1)))) { int val = Character.digit(input.charAt(++pos),10); + int pos1 = pos + 1; + while (pos1 < input.length() && + Character.isDigit(input.charAt(pos1))) { + int val1 = val*10 + Character.digit(input.charAt(pos1),10); + if (val1 >= start.length) break; + pos1++; + val = val1; + } + pos = pos1 - 1; + if (val < start.length) { output.append(toString(val)); } @@ -260,4 +278,42 @@ public final class REMatch implements Serializable, Cloneable { if (pos < input.length()) output.append(input.charAt(pos)); return output.toString(); } + + static class REMatchList { + REMatch head; + REMatch tail; + REMatchList() { + head = tail = null; + } + /* Not used now. But we may need this some day? + void addHead(REMatch newone) { + if (head == null) { + head = newone; + tail = newone; + while (tail.next != null) { + tail = tail.next; + } + } + else { + REMatch tmp = newone; + while (tmp.next != null) tmp = tmp.next; + tmp.next = head; + head = newone; + } + } + */ + void addTail(REMatch newone) { + if (head == null) { + head = newone; + tail = newone; + } + else { + tail.next = newone; + } + while (tail.next != null) { + tail = tail.next; + } + } + } + } diff --git a/libjava/classpath/gnu/regexp/RESyntax.java b/libjava/classpath/gnu/regexp/RESyntax.java index 7272b03..81fd999 100644 --- a/libjava/classpath/gnu/regexp/RESyntax.java +++ b/libjava/classpath/gnu/regexp/RESyntax.java @@ -1,5 +1,5 @@ /* gnu/regexp/RESyntax.java - Copyright (C) 1998-2002, 2004 Free Software Foundation, Inc. + Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -202,7 +202,37 @@ public final class RESyntax implements Serializable { */ public static final int RE_POSSESSIVE_OPS = 25; - private static final int BIT_TOTAL = 26; + /** + * Syntax bit. Allow embedded flags, (?is-x), as in Perl5. + */ + public static final int RE_EMBEDDED_FLAGS = 26; + + /** + * Syntax bit. Allow octal char (\0377), as in Perl5. + */ + public static final int RE_OCTAL_CHAR = 27; + + /** + * Syntax bit. Allow hex char (\x1b), as in Perl5. + */ + public static final int RE_HEX_CHAR = 28; + + /** + * Syntax bit. Allow Unicode char (\u1234), as in Java 1.4. + */ + public static final int RE_UNICODE_CHAR = 29; + + /** + * Syntax bit. Allow named property (\p{P}, \P{p}), as in Perl5. + */ + public static final int RE_NAMED_PROPERTY = 30; + + /** + * Syntax bit. Allow nested characterclass ([a-z&&[^p-r]]), as in Java 1.4. + */ + public static final int RE_NESTED_CHARCLASS = 31; + + private static final int BIT_TOTAL = 32; /** * Predefined syntax. @@ -422,6 +452,10 @@ public final class RESyntax implements Serializable { .set(RE_STRING_ANCHORS) // \A,\Z .set(RE_CHAR_CLASS_ESC_IN_LISTS)// \d,\D,\w,\W,\s,\S within [] .set(RE_COMMENTS) // (?#) + .set(RE_EMBEDDED_FLAGS) // (?imsx-imsx) + .set(RE_OCTAL_CHAR) // \0377 + .set(RE_HEX_CHAR) // \x1b + .set(RE_NAMED_PROPERTY) // \p{prop}, \P{prop} .makeFinal(); RE_SYNTAX_PERL5_S = new RESyntax(RE_SYNTAX_PERL5) @@ -431,6 +465,8 @@ public final class RESyntax implements Serializable { RE_SYNTAX_JAVA_1_4 = new RESyntax(RE_SYNTAX_PERL5) // XXX .set(RE_POSSESSIVE_OPS) // *+,?+,++,{}+ + .set(RE_UNICODE_CHAR) // \u1234 + .set(RE_NESTED_CHARCLASS) // [a-z&&[^p-r]] .makeFinal(); } diff --git a/libjava/classpath/gnu/regexp/REToken.java b/libjava/classpath/gnu/regexp/REToken.java index 4eae9ec..5f4659b 100644 --- a/libjava/classpath/gnu/regexp/REToken.java +++ b/libjava/classpath/gnu/regexp/REToken.java @@ -38,12 +38,21 @@ exception statement from your version. */ package gnu.regexp; import java.io.Serializable; -abstract class REToken implements Serializable { +abstract class REToken implements Serializable, Cloneable { protected REToken next = null; protected REToken uncle = null; protected int subIndex; + public Object clone() { + try { + REToken copy = (REToken) super.clone(); + return copy; + } catch (CloneNotSupportedException e) { + throw new Error(); // doesn't happen + } + } + protected REToken(int subIndex) { this.subIndex = subIndex; } @@ -52,6 +61,10 @@ abstract class REToken implements Serializable { return 0; } + int getMaximumLength() { + return Integer.MAX_VALUE; + } + void setUncle(REToken anUncle) { uncle = anUncle; } diff --git a/libjava/classpath/gnu/regexp/RETokenAny.java b/libjava/classpath/gnu/regexp/RETokenAny.java index ac032dc..2b0967a 100644 --- a/libjava/classpath/gnu/regexp/RETokenAny.java +++ b/libjava/classpath/gnu/regexp/RETokenAny.java @@ -55,6 +55,10 @@ final class RETokenAny extends REToken { return 1; } + int getMaximumLength() { + return 1; + } + boolean match(CharIndexed input, REMatch mymatch) { char ch = input.charAt(mymatch.index); if ((ch == CharIndexed.OUT_OF_BOUNDS) diff --git a/libjava/classpath/gnu/regexp/RETokenBackRef.java b/libjava/classpath/gnu/regexp/RETokenBackRef.java index 674822a..060a6cf 100644 --- a/libjava/classpath/gnu/regexp/RETokenBackRef.java +++ b/libjava/classpath/gnu/regexp/RETokenBackRef.java @@ -51,13 +51,25 @@ final class RETokenBackRef extends REToken { // should implement getMinimumLength() -- any ideas? boolean match(CharIndexed input, REMatch mymatch) { + if (num >= mymatch.start.length) return false; + if (num >= mymatch.end.length) return false; int b,e; b = mymatch.start[num]; e = mymatch.end[num]; if ((b==-1)||(e==-1)) return false; // this shouldn't happen, but... for (int i=b; i"); + re.dumpAll(os); + os.append(')'); + } +} + diff --git a/libjava/classpath/gnu/regexp/RETokenLookAhead.java b/libjava/classpath/gnu/regexp/RETokenLookAhead.java index 33eaec9..b44dfa5 100644 --- a/libjava/classpath/gnu/regexp/RETokenLookAhead.java +++ b/libjava/classpath/gnu/regexp/RETokenLookAhead.java @@ -52,6 +52,10 @@ final class RETokenLookAhead extends REToken this.negative = negative; } + int getMaximumLength() { + return 0; + } + boolean match(CharIndexed input, REMatch mymatch) { REMatch trymatch = (REMatch)mymatch.clone(); diff --git a/libjava/classpath/gnu/regexp/RETokenLookBehind.java b/libjava/classpath/gnu/regexp/RETokenLookBehind.java new file mode 100644 index 0000000..a6c1b34 --- /dev/null +++ b/libjava/classpath/gnu/regexp/RETokenLookBehind.java @@ -0,0 +1,116 @@ +/* gnu/regexp/RETokenLookBehind.java + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.regexp; + +/** + * @author Ito Kazumitsu + */ +final class RETokenLookBehind extends REToken +{ + REToken re; + boolean negative; + + RETokenLookBehind(REToken re, boolean negative) throws REException { + super(0); + this.re = re; + this.negative = negative; + } + + int getMaximumLength() { + return 0; + } + + boolean match(CharIndexed input, REMatch mymatch) + { + int max = re.getMaximumLength(); + CharIndexed behind = input.lookBehind(mymatch.index, max); + REMatch trymatch = (REMatch)mymatch.clone(); + REMatch trymatch1 = (REMatch)mymatch.clone(); + REMatch newMatch = null; + int curIndex = trymatch.index + behind.length() - input.length(); + trymatch.index = 0; + RETokenMatchHereOnly stopper = new RETokenMatchHereOnly(curIndex); + REToken re1 = (REToken) re.clone(); + re1.chain(stopper); + if (re1.match(behind, trymatch)) { + if (negative) return false; + if (next(input, trymatch1)) + newMatch = trymatch1; + } + + if (newMatch != null) { + if (negative) return false; + //else + mymatch.assignFrom(newMatch); + return true; + } + else { // no match + if (negative) + return next(input, mymatch); + //else + return false; + } + } + + void dump(StringBuffer os) { + os.append("(?<"); + os.append(negative ? '!' : '='); + re.dumpAll(os); + os.append(')'); + } + + private static class RETokenMatchHereOnly extends REToken { + + int getMaximumLength() { return 0; } + + private int index; + + RETokenMatchHereOnly(int index) { + super(0); + this.index = index; + } + + boolean match(CharIndexed input, REMatch mymatch) { + return index == mymatch.index; + } + + void dump(StringBuffer os) {} + + } +} + diff --git a/libjava/classpath/gnu/regexp/RETokenNamedProperty.java b/libjava/classpath/gnu/regexp/RETokenNamedProperty.java new file mode 100644 index 0000000..13c1e41 --- /dev/null +++ b/libjava/classpath/gnu/regexp/RETokenNamedProperty.java @@ -0,0 +1,301 @@ +/* gnu/regexp/RETokenNamedProperty.java + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.regexp; + +final class RETokenNamedProperty extends REToken { + String name; + boolean insens; + boolean negate; + Handler handler; + + // Grouped properties + static final byte[] LETTER = new byte[] + { Character.LOWERCASE_LETTER, + Character.UPPERCASE_LETTER, + Character.TITLECASE_LETTER, + Character.MODIFIER_LETTER, + Character.OTHER_LETTER }; + + static final byte[] MARK = new byte[] + { Character.NON_SPACING_MARK, + Character.COMBINING_SPACING_MARK, + Character.ENCLOSING_MARK }; + + static final byte[] SEPARATOR = new byte[] + { Character.SPACE_SEPARATOR, + Character.LINE_SEPARATOR, + Character.PARAGRAPH_SEPARATOR }; + + static final byte[] SYMBOL = new byte[] + { Character.MATH_SYMBOL, + Character.CURRENCY_SYMBOL, + Character.MODIFIER_SYMBOL, + Character.OTHER_SYMBOL }; + + static final byte[] NUMBER = new byte[] + { Character.DECIMAL_DIGIT_NUMBER, + Character.LETTER_NUMBER, + Character.OTHER_NUMBER }; + + static final byte[] PUNCTUATION = new byte[] + { Character.DASH_PUNCTUATION, + Character.START_PUNCTUATION, + Character.END_PUNCTUATION, + Character.CONNECTOR_PUNCTUATION, + Character.OTHER_PUNCTUATION, + Character.INITIAL_QUOTE_PUNCTUATION, + Character.FINAL_QUOTE_PUNCTUATION}; + + static final byte[] OTHER = new byte[] + { Character.CONTROL, + Character.FORMAT, + Character.PRIVATE_USE, + Character.SURROGATE, + Character.UNASSIGNED }; + + RETokenNamedProperty(int subIndex, String name, boolean insens, boolean negate) throws REException { + super(subIndex); + this.name = name; + this.insens = insens; + this.negate = negate; + handler = getHandler(name); + } + + int getMinimumLength() { + return 1; + } + + int getMaximumLength() { + return 1; + } + + boolean match(CharIndexed input, REMatch mymatch) { + char ch = input.charAt(mymatch.index); + if (ch == CharIndexed.OUT_OF_BOUNDS) + return false; + + boolean retval = handler.includes(ch); + if (insens) { + retval = retval || + handler.includes(Character.toUpperCase(ch)) || + handler.includes(Character.toLowerCase(ch)); + } + + if (negate) retval = !retval; + if (retval) { + ++mymatch.index; + return next(input, mymatch); + } + else return false; + } + + void dump(StringBuffer os) { + os.append("\\") + .append(negate ? "P" : "p") + .append("{" + name + "}"); + } + + private abstract static class Handler { + public abstract boolean includes(char c); + } + + private Handler getHandler(String name) throws REException { + if (name.equals("Lower") || + name.equals("Upper") || + // name.equals("ASCII") || + name.equals("Alpha") || + name.equals("Digit") || + name.equals("Alnum") || + name.equals("Punct") || + name.equals("Graph") || + name.equals("Print") || + name.equals("Blank") || + name.equals("Cntrl") || + name.equals("XDigit") || + name.equals("Space") ) { + return new POSIXHandler(name); + } + if (name.startsWith("In")) { + try { + name = name.substring(2); + Character.UnicodeBlock block = Character.UnicodeBlock.forName(name); + return new UnicodeBlockHandler(block); + } + catch (IllegalArgumentException e) { + throw new REException("Invalid Unicode block name: " + name, REException.REG_ESCAPE, 0); + } + } + if (name.startsWith("Is")) { + name = name.substring(2); + } + + // "grouped properties" + if (name.equals("L")) + return new UnicodeCategoriesHandler(LETTER); + if (name.equals("M")) + return new UnicodeCategoriesHandler(MARK); + if (name.equals("Z")) + return new UnicodeCategoriesHandler(SEPARATOR); + if (name.equals("S")) + return new UnicodeCategoriesHandler(SYMBOL); + if (name.equals("N")) + return new UnicodeCategoriesHandler(NUMBER); + if (name.equals("P")) + return new UnicodeCategoriesHandler(PUNCTUATION); + if (name.equals("C")) + return new UnicodeCategoriesHandler(OTHER); + + if (name.equals("Mc")) + return new UnicodeCategoryHandler(Character.COMBINING_SPACING_MARK); + if (name.equals("Pc")) + return new UnicodeCategoryHandler(Character.CONNECTOR_PUNCTUATION); + if (name.equals("Cc")) + return new UnicodeCategoryHandler(Character.CONTROL); + if (name.equals("Sc")) + return new UnicodeCategoryHandler(Character.CURRENCY_SYMBOL); + if (name.equals("Pd")) + return new UnicodeCategoryHandler(Character.DASH_PUNCTUATION); + if (name.equals("Nd")) + return new UnicodeCategoryHandler(Character.DECIMAL_DIGIT_NUMBER); + if (name.equals("Me")) + return new UnicodeCategoryHandler(Character.ENCLOSING_MARK); + if (name.equals("Pe")) + return new UnicodeCategoryHandler(Character.END_PUNCTUATION); + if (name.equals("Pf")) + return new UnicodeCategoryHandler(Character.FINAL_QUOTE_PUNCTUATION); + if (name.equals("Cf")) + return new UnicodeCategoryHandler(Character.FORMAT); + if (name.equals("Pi")) + return new UnicodeCategoryHandler(Character.INITIAL_QUOTE_PUNCTUATION); + if (name.equals("Nl")) + return new UnicodeCategoryHandler(Character.LETTER_NUMBER); + if (name.equals("Zl")) + return new UnicodeCategoryHandler(Character.LINE_SEPARATOR); + if (name.equals("Ll")) + return new UnicodeCategoryHandler(Character.LOWERCASE_LETTER); + if (name.equals("Sm")) + return new UnicodeCategoryHandler(Character.MATH_SYMBOL); + if (name.equals("Lm")) + return new UnicodeCategoryHandler(Character.MODIFIER_LETTER); + if (name.equals("Sk")) + return new UnicodeCategoryHandler(Character.MODIFIER_SYMBOL); + if (name.equals("Mn")) + return new UnicodeCategoryHandler(Character.NON_SPACING_MARK); + if (name.equals("Lo")) + return new UnicodeCategoryHandler(Character.OTHER_LETTER); + if (name.equals("No")) + return new UnicodeCategoryHandler(Character.OTHER_NUMBER); + if (name.equals("Po")) + return new UnicodeCategoryHandler(Character.OTHER_PUNCTUATION); + if (name.equals("So")) + return new UnicodeCategoryHandler(Character.OTHER_SYMBOL); + if (name.equals("Zp")) + return new UnicodeCategoryHandler(Character.PARAGRAPH_SEPARATOR); + if (name.equals("Co")) + return new UnicodeCategoryHandler(Character.PRIVATE_USE); + if (name.equals("Zs")) + return new UnicodeCategoryHandler(Character.SPACE_SEPARATOR); + if (name.equals("Ps")) + return new UnicodeCategoryHandler(Character.START_PUNCTUATION); + if (name.equals("Cs")) + return new UnicodeCategoryHandler(Character.SURROGATE); + if (name.equals("Lt")) + return new UnicodeCategoryHandler(Character.TITLECASE_LETTER); + if (name.equals("Cn")) + return new UnicodeCategoryHandler(Character.UNASSIGNED); + if (name.equals("Lu")) + return new UnicodeCategoryHandler(Character.UPPERCASE_LETTER); + throw new REException("unsupported name " + name, REException.REG_ESCAPE, 0); + } + + private static class POSIXHandler extends Handler { + private RETokenPOSIX retoken; + private REMatch mymatch = new REMatch(0,0,0); + private char[] chars = new char[1]; + private CharIndexedCharArray ca = new CharIndexedCharArray(chars, 0); + public POSIXHandler(String name) { + int posixId = RETokenPOSIX.intValue(name.toLowerCase()); + if (posixId != -1) + retoken = new RETokenPOSIX(0,posixId,false,false); + else + throw new RuntimeException("Unknown posix ID: " + name); + } + public boolean includes(char c) { + chars[0] = c; + mymatch.index = 0; + return retoken.match(ca, mymatch); + } + } + + private static class UnicodeCategoryHandler extends Handler { + public UnicodeCategoryHandler(byte category) { + this.category = (int)category; + } + private int category; + public boolean includes(char c) { + return Character.getType(c) == category; + } + } + + private static class UnicodeCategoriesHandler extends Handler { + public UnicodeCategoriesHandler(byte[] categories) { + this.categories = categories; + } + private byte[] categories; + public boolean includes(char c) { + int category = Character.getType(c); + for (int i = 0; i < categories.length; i++) + if (category == categories[i]) + return true; + return false; + } + } + + private static class UnicodeBlockHandler extends Handler { + public UnicodeBlockHandler(Character.UnicodeBlock block) { + this.block = block; + } + private Character.UnicodeBlock block; + public boolean includes(char c) { + Character.UnicodeBlock cblock = Character.UnicodeBlock.of(c); + return (cblock != null && cblock.equals(block)); + } + } + +} diff --git a/libjava/classpath/gnu/regexp/RETokenOneOf.java b/libjava/classpath/gnu/regexp/RETokenOneOf.java index 3f6e89e..260bc4b 100644 --- a/libjava/classpath/gnu/regexp/RETokenOneOf.java +++ b/libjava/classpath/gnu/regexp/RETokenOneOf.java @@ -1,5 +1,5 @@ /* gnu/regexp/RETokenOneOf.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -37,11 +37,35 @@ exception statement from your version. */ package gnu.regexp; import java.util.Vector; +import java.util.Stack; final class RETokenOneOf extends REToken { private Vector options; private boolean negative; + private Vector addition; + // This Vector addition is used to store nested character classes. + // For example, if the original expression is + // [2-7a-c[f-k][m-z]&&[^p-v][st]] + // the basic part /2-7a-c/ is stored in the Vector options, and + // the additional part /[f-k][m-z]&&[^p-v][st]/ is stored in the + // Vector addition in the following order (Reverse Polish Notation): + // -- The matching result of the basic part is assumed here. + // [f-k] -- REToken + // "|" -- or + // [m-z] -- REToken + // "|" -- or + // false + // [^p-v] -- REToken + // "|" -- or + // [st] -- REToken + // "|" -- or + // "&" -- and + // + // As it is clear from the explanation above, the Vector addition is + // effective only when this REToken originates from a character class + // expression. + // This constructor is used for convenience when we know the set beforehand, // e.g. \d --> new RETokenOneOf("0123456789",false, ..) // \D --> new RETokenOneOf("0123456789",true, ..) @@ -60,7 +84,17 @@ final class RETokenOneOf extends REToken { this.negative = negative; } + RETokenOneOf(int subIndex, Vector options, Vector addition, boolean negative) { + super(subIndex); + this.options = options; + this.addition = addition; + this.negative = negative; + } + int getMinimumLength() { + // (negative || addition != null) occurs when this token originates from + // character class expression. + if (negative || addition != null) return 1; int min = Integer.MAX_VALUE; int x; for (int i=0; i < options.size(); i++) { @@ -70,54 +104,123 @@ final class RETokenOneOf extends REToken { return min; } + int getMaximumLength() { + // (negative || addition != null) occurs when this token originates from + // character class expression. + if (negative || addition != null) return 1; + int max = 0; + int x; + for (int i=0; i < options.size(); i++) { + if ((x = ((REToken) options.elementAt(i)).getMaximumLength()) > max) + max = x; + } + return max; + } + boolean match(CharIndexed input, REMatch mymatch) { - if (negative && (input.charAt(mymatch.index) == CharIndexed.OUT_OF_BOUNDS)) + REMatch tryMatch; + boolean tryOnly; + if (addition == null) { + tryMatch = mymatch; + tryOnly = false; + } + else { + tryMatch = (REMatch) mymatch.clone(); + tryOnly = true; + } + boolean b = negative ? + matchN(input, tryMatch, tryOnly) : + matchP(input, tryMatch, tryOnly); + if (addition == null) return b; + + Stack stack = new Stack(); + stack.push(new Boolean(b)); + for (int i=0; i < addition.size(); i++) { + Object obj = addition.elementAt(i); + if (obj instanceof REToken) { + b = ((REToken)obj).match(input, (REMatch)mymatch.clone()); + stack.push(new Boolean(b)); + } + else if (obj instanceof Boolean) { + stack.push(obj); + } + else if (obj.equals("|")) { + b = ((Boolean)stack.pop()).booleanValue(); + b = ((Boolean)stack.pop()).booleanValue() || b; + stack.push(new Boolean(b)); + } + else if (obj.equals("&")) { + b = ((Boolean)stack.pop()).booleanValue(); + b = ((Boolean)stack.pop()).booleanValue() && b; + stack.push(new Boolean(b)); + } + else { + throw new RuntimeException("Invalid object found"); + } + } + b = ((Boolean)stack.pop()).booleanValue(); + if (b) { + ++mymatch.index; + return next(input, mymatch); + } return false; + } - REMatch newMatch = null; - REMatch last = null; - REToken tk; - boolean isMatch; - for (int i=0; i < options.size(); i++) { + private boolean matchN(CharIndexed input, REMatch mymatch, boolean tryOnly) { + if (input.charAt(mymatch.index) == CharIndexed.OUT_OF_BOUNDS) + return false; + + REMatch newMatch = null; + REMatch last = null; + REToken tk; + for (int i=0; i < options.size(); i++) { tk = (REToken) options.elementAt(i); REMatch tryMatch = (REMatch) mymatch.clone(); if (tk.match(input, tryMatch)) { // match was successful - if (negative) return false; - - if (next(input, tryMatch)) { - // Add tryMatch to list of possibilities. - if (last == null) { - newMatch = tryMatch; - last = tryMatch; - } else { - last.next = tryMatch; - last = tryMatch; - } - } // next succeeds - } // is a match - } // try next option - - if (newMatch != null) { - if (negative) { return false; - } else { - // set contents of mymatch equal to newMatch + } // is a match + } // try next option - // try each one that matched - mymatch.assignFrom(newMatch); - return true; - } - } else { - if (negative) { - ++mymatch.index; - return next(input, mymatch); - } else { - return false; - } + if (tryOnly) return true; + ++mymatch.index; + return next(input, mymatch); } - // index+1 works for [^abc] lists, not for generic lookahead (--> index) - } + private boolean matchP(CharIndexed input, REMatch mymatch, boolean tryOnly) { + boolean stopMatchingIfSatisfied = + (mymatch.matchFlags & REMatch.MF_FIND_ALL) == 0; + REMatch.REMatchList newMatch = new REMatch.REMatchList(); + REToken tk; + for (int i=0; i < options.size(); i++) { + // In order that the backtracking can work, + // each option must be chained to the next token. + // But the chain method has some side effect, so + // we use clones. + tk = (REToken)((REToken) options.elementAt(i)).clone(); + if (! tryOnly) { + tk.chain(this.next); + tk.setUncle(this.uncle); + tk.subIndex = this.subIndex; + } + REMatch tryMatch = (REMatch) mymatch.clone(); + if (tk.match(input, tryMatch)) { // match was successful + if (tryOnly) return true; + newMatch.addTail(tryMatch); + if (stopMatchingIfSatisfied) break; + } // is a match + } // try next option + if (tryOnly) return false; + + if (newMatch.head != null) { + // set contents of mymatch equal to newMatch + + // try each one that matched + mymatch.assignFrom(newMatch.head); + return true; + } else { + return false; + } + } void dump(StringBuffer os) { os.append(negative ? "[^" : "(?:"); diff --git a/libjava/classpath/gnu/regexp/RETokenPOSIX.java b/libjava/classpath/gnu/regexp/RETokenPOSIX.java index bbb8066..4182c6f 100644 --- a/libjava/classpath/gnu/regexp/RETokenPOSIX.java +++ b/libjava/classpath/gnu/regexp/RETokenPOSIX.java @@ -81,6 +81,10 @@ final class RETokenPOSIX extends REToken { return 1; } + int getMaximumLength() { + return 1; + } + boolean match(CharIndexed input, REMatch mymatch) { char ch = input.charAt(mymatch.index); if (ch == CharIndexed.OUT_OF_BOUNDS) diff --git a/libjava/classpath/gnu/regexp/RETokenRange.java b/libjava/classpath/gnu/regexp/RETokenRange.java index dadaf2d..8a1ac86 100644 --- a/libjava/classpath/gnu/regexp/RETokenRange.java +++ b/libjava/classpath/gnu/regexp/RETokenRange.java @@ -43,19 +43,32 @@ final class RETokenRange extends REToken { RETokenRange(int subIndex, char lo, char hi, boolean ins) { super(subIndex); - this.lo = (insens = ins) ? Character.toLowerCase(lo) : lo; - this.hi = ins ? Character.toLowerCase(hi) : hi; + insens = ins; + this.lo = lo; + this.hi = hi; } int getMinimumLength() { return 1; } + int getMaximumLength() { + return 1; + } + boolean match(CharIndexed input, REMatch mymatch) { char c = input.charAt(mymatch.index); if (c == CharIndexed.OUT_OF_BOUNDS) return false; - if (insens) c = Character.toLowerCase(c); - if ((c >= lo) && (c <= hi)) { + boolean matches = (c >= lo) && (c <= hi); + if (! matches && insens) { + char c1 = Character.toLowerCase(c); + matches = (c1 >= lo) && (c1 <= hi); + if (!matches) { + c1 = Character.toUpperCase(c); + matches = (c1 >= lo) && (c1 <= hi); + } + } + if (matches) { ++mymatch.index; return next(input, mymatch); } diff --git a/libjava/classpath/gnu/regexp/RETokenRepeated.java b/libjava/classpath/gnu/regexp/RETokenRepeated.java index 6291a3c..2d019c5 100644 --- a/libjava/classpath/gnu/regexp/RETokenRepeated.java +++ b/libjava/classpath/gnu/regexp/RETokenRepeated.java @@ -1,5 +1,5 @@ /* gnu/regexp/RETokenRepeated.java - Copyright (C) 1998-2001, 2004 Free Software Foundation, Inc. + Copyright (C) 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,6 +39,7 @@ exception statement from your version. */ package gnu.regexp; import java.util.Vector; +import java.util.Arrays; final class RETokenRepeated extends REToken { private REToken token; @@ -82,6 +83,38 @@ final class RETokenRepeated extends REToken { return (min * token.getMinimumLength()); } + int getMaximumLength() { + if (max == Integer.MAX_VALUE) return Integer.MAX_VALUE; + int tmax = token.getMaximumLength(); + if (tmax == Integer.MAX_VALUE) return tmax; + return (max * tmax); + } + + private static REMatch findDoables(REToken tk, + CharIndexed input, REMatch mymatch) { + + REMatch.REMatchList doables = new REMatch.REMatchList(); + + // try next repeat at all possible positions + for (REMatch current = mymatch; + current != null; current = current.next) { + REMatch recurrent = (REMatch) current.clone(); + int origin = recurrent.index; + tk = (REToken) tk.clone(); + tk.next = tk.uncle = null; + recurrent.matchFlags |= REMatch.MF_FIND_ALL; + if (tk.match(input, recurrent)) { + for (REMatch m = recurrent; m != null; m = m.next) { + m.matchFlags &= ~REMatch.MF_FIND_ALL; + } + if (recurrent.index == origin) recurrent.empty = true; + // add all items in current to doables array + doables.addTail(recurrent); + } + } + return doables.head; + } + // We do need to save every possible point, but the number of clone() // invocations here is really a killer for performance on non-stingy // repeat operators. I'm open to suggestions... @@ -91,59 +124,167 @@ final class RETokenRepeated extends REToken { // the subexpression back-reference operator allow that? boolean match(CharIndexed input, REMatch mymatch) { - // number of times we've matched so far - int numRepeats = 0; - - // Possible positions for the next repeat to match at - REMatch newMatch = mymatch; - REMatch last = null; - REMatch current; - // Add the '0-repeats' index - // positions.elementAt(z) == position [] in input after <> matches - Vector positions = new Vector(); - positions.addElement(newMatch); - - // Declare variables used in loop - REMatch doables; - REMatch doablesLast; - REMatch recurrent; - int lastIndex = mymatch.index; - - do { - // Check for stingy match for each possibility. - if (stingy && (numRepeats >= min)) { - REMatch result = matchRest(input, newMatch); - if (result != null) { - mymatch.assignFrom(result); - return true; - } + boolean stopMatchingIfSatisfied = + (mymatch.matchFlags & REMatch.MF_FIND_ALL) == 0; + + REMatch newMatch = matchMinimum(input, mymatch); + if (newMatch == null) return false; + + // Array of positions we have already visited + int[] visited = initVisited(); + for (REMatch m = newMatch; m != null; m = m.next) { + visited = addVisited(m.index, visited); + } + + int max1 = decreaseMax(max, min); + + newMatch = _match(input, newMatch, max1, + stopMatchingIfSatisfied, visited); + if (newMatch != null) { + mymatch.assignFrom(newMatch); + return true; + } + return false; + } + + private static int decreaseMax(int m, int n) { + if (m == Integer.MAX_VALUE) return m; + return m - n; + } + + // Array visited is an array of character positions we have already + // visited. visited[0] is used to store the effective length of the + // array. + private static int[] initVisited() { + int[] visited = new int[32]; + visited[0] = 0; + return visited; + } + + private static boolean visitedContains(int n, int[] visited) { + // Experience tells that for a small array like this, + // simple linear search is faster than binary search. + for (int i = 1; i < visited[0]; i++) { + if (n == visited[i]) return true; + } + return false; + } + + private static int[] addVisited(int n, int[] visited) { + if (visitedContains(n, visited)) return visited; + if (visited[0] >= visited.length - 1) { + int[] newvisited = new int[visited.length + 32]; + System.arraycopy(visited, 0, newvisited, 0, visited.length); + visited = newvisited; + } + visited[0]++; + visited[visited[0]] = n; + return visited; + } + + private REMatch _match(CharIndexed input, REMatch mymatch, + int max1, boolean stopMatchingIfSatisfied, + int[] visited) { + + if (max1 == 0) { + return matchRest(input, mymatch); + } + max1 = decreaseMax(max1, 1); + + REMatch.REMatchList allResults = new REMatch.REMatchList(); + + // Depth-first search + + for (REMatch cur = mymatch; cur != null; cur = cur.next) { + + REMatch cur1 = (REMatch) cur.clone(); + + if (stingy) { + REMatch results = matchRest(input, cur1); + if (results != null) { + if (stopMatchingIfSatisfied) { + return results; + } + allResults.addTail(results); + } } - doables = null; - doablesLast = null; + DO_THIS: + do { - // try next repeat at all possible positions - for (current = newMatch; current != null; current = current.next) { - recurrent = (REMatch) current.clone(); - if (token.match(input, recurrent)) { - // add all items in current to doables array - if (doables == null) { - doables = recurrent; - doablesLast = recurrent; - } else { - // Order these from longest to shortest - // Start by assuming longest (more repeats) - doablesLast.next = recurrent; + boolean emptyMatchFound = false; + REMatch doables = findDoables(token, input, cur1); + if (doables == null) break DO_THIS; + if (doables.empty) emptyMatchFound = true; + + if (!emptyMatchFound) { + REMatch.REMatchList list = new REMatch.REMatchList(); + for (REMatch m = doables; m != null; m = m.next) { + REMatch m1 = (REMatch) m.clone(); + int n = m1.index; + if (! visitedContains(n, visited)) { + visited = addVisited(n, visited); + list.addTail(m1); } - // Find new doablesLast - while (doablesLast.next != null) { - doablesLast = doablesLast.next; + } + if (list.head == null) break DO_THIS; + doables = list.head; + } + + for (REMatch m = doables; m != null; m = m.next) { + if (! emptyMatchFound) { + REMatch m1 = _match(input, m, max1, + stopMatchingIfSatisfied, visited); + if (possessive) return m1; + if (m1 != null) { + if (stopMatchingIfSatisfied) { + return m1; + } + allResults.addTail(m1); + } + } + else { + REMatch m1 = matchRest(input, m); + if (m1 != null) { + if (stopMatchingIfSatisfied) { + return m1; + } + allResults.addTail(m1); } } } - // if none of the possibilities worked out, break out of do/while - if (doables == null) break; + + } while (false); // DO_THIS only once; + + // This point itself is a candidate. + if (!stingy) { + REMatch m2 = matchRest(input, cur1); + if (m2 != null) { + if (stopMatchingIfSatisfied) { + return m2; + } + allResults.addTail(m2); + } + } + } + + return allResults.head; + } + + private REMatch matchMinimum(CharIndexed input, final REMatch mymatch) { + // Possible positions for the next repeat to match at + REMatch newMatch = mymatch; + + // number of times we've matched so far + int numRepeats = 0; + + while (numRepeats < min) { + REMatch doables = findDoables(token, input, newMatch); + + // if none of the possibilities worked out, + // it means that minimum number of repeats could not be found. + if (doables == null) return null; // reassign where the next repeat can match newMatch = doables; @@ -151,91 +292,24 @@ final class RETokenRepeated extends REToken { // increment how many repeats we've successfully found ++numRepeats; - positions.addElement(newMatch); - - // doables.index == lastIndex means an empty string - // was the longest that matched this token. - // We break here, otherwise we will fall into an endless loop. - if (doables.index == lastIndex) { - if (numRepeats < min) numRepeats = min; - break; - } - lastIndex = doables.index; - } while (numRepeats < max); - - // If there aren't enough repeats, then fail - if (numRepeats < min) return false; - - // We're greedy, but ease off until a true match is found - int posIndex = positions.size(); - - // At this point we've either got too many or just the right amount. - // See if this numRepeats works with the rest of the regexp. - REMatch allResults = null; - REMatch allResultsLast = null; - - REMatch results = null; - int indexCount = posIndex - min; - if (indexCount <= 0) { - // This case occurs when we exited the previous do loop before - // numRepeats >= min because an empty string matched the token. - // In this case, an empty string can match as many times as - // desired. - indexCount = 1; - } - while (indexCount-- > 0) { - --posIndex; - newMatch = (REMatch) positions.elementAt(posIndex); - results = matchRest(input, newMatch); - if (results != null) { - if (allResults == null) { - allResults = results; - allResultsLast = results; - } else { - // Order these from longest to shortest - // Start by assuming longest (more repeats) - allResultsLast.next = results; - } - // Find new doablesLast - while (allResultsLast.next != null) { - allResultsLast = allResultsLast.next; - } - } - // else did not match rest of the tokens, try again on smaller sample - // or break out when performing possessive matching - if (possessive) break; + if (newMatch.empty) break; } - if (allResults != null) { - mymatch.assignFrom(allResults); // does this get all? - return true; - } - // If we fall out, no matches. - return false; + return newMatch; } private REMatch matchRest(CharIndexed input, final REMatch newMatch) { REMatch current, single; - REMatch doneIndex = null; - REMatch doneIndexLast = null; + REMatch.REMatchList doneIndex = new REMatch.REMatchList(); // Test all possible matches for this number of repeats for (current = newMatch; current != null; current = current.next) { // clone() separates a single match from the chain single = (REMatch) current.clone(); if (next(input, single)) { // chain results to doneIndex - if (doneIndex == null) { - doneIndex = single; - doneIndexLast = single; - } else { - doneIndexLast.next = single; - } - // Find new doneIndexLast - while (doneIndexLast.next != null) { - doneIndexLast = doneIndexLast.next; - } + doneIndex.addTail(single); } } - return doneIndex; + return doneIndex.head; } void dump(StringBuffer os) { diff --git a/libjava/classpath/gnu/regexp/RETokenStart.java b/libjava/classpath/gnu/regexp/RETokenStart.java index 8f71982..42e3c0b 100644 --- a/libjava/classpath/gnu/regexp/RETokenStart.java +++ b/libjava/classpath/gnu/regexp/RETokenStart.java @@ -44,6 +44,10 @@ class RETokenStart extends REToken { super(subIndex); this.newline = newline; } + + int getMaximumLength() { + return 0; + } boolean match(CharIndexed input, REMatch mymatch) { // charAt(index-n) may be unknown on a Reader/InputStream. FIXME diff --git a/libjava/classpath/gnu/regexp/RETokenWordBoundary.java b/libjava/classpath/gnu/regexp/RETokenWordBoundary.java index 6804151..f86214b 100644 --- a/libjava/classpath/gnu/regexp/RETokenWordBoundary.java +++ b/libjava/classpath/gnu/regexp/RETokenWordBoundary.java @@ -52,6 +52,11 @@ final class RETokenWordBoundary extends REToken { this.where = where; this.negated = negated; } + + int getMaximumLength() { + return 0; + } + boolean match(CharIndexed input, REMatch mymatch) { // Word boundary means input[index-1] was a word character diff --git a/libjava/classpath/gnu/xml/aelfred2/XmlParser.java b/libjava/classpath/gnu/xml/aelfred2/XmlParser.java index ab2ed16..37466ca 100644 --- a/libjava/classpath/gnu/xml/aelfred2/XmlParser.java +++ b/libjava/classpath/gnu/xml/aelfred2/XmlParser.java @@ -2182,6 +2182,7 @@ loop: { nest++; } + break; case ']': if (tryRead("]>")) { diff --git a/libjava/classpath/gnu/xml/dom/DomCharacterData.java b/libjava/classpath/gnu/xml/dom/DomCharacterData.java index e94dcc4..1eec5be 100644 --- a/libjava/classpath/gnu/xml/dom/DomCharacterData.java +++ b/libjava/classpath/gnu/xml/dom/DomCharacterData.java @@ -1,5 +1,5 @@ /* DomCharacterData.java -- - Copyright (C) 1999,2000,2001,2004 Free Software Foundation, Inc. + Copyright (C) 1999,2000,2001,2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -39,6 +39,8 @@ package gnu.xml.dom; import org.w3c.dom.CharacterData; import org.w3c.dom.DOMException; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; import org.w3c.dom.events.MutationEvent; @@ -55,6 +57,30 @@ public abstract class DomCharacterData implements CharacterData { + /** + * Empty node list representing the children of character data nodes. + */ + static class EmptyNodeList + implements NodeList + { + + public int getLength() + { + return 0; + } + + public Node item(int index) + { + return null; + } + + } + + /** + * Singleton empty node list for character data nodes. + */ + static final NodeList CHILD_NODES = new EmptyNodeList(); + private String text; // package private @@ -280,6 +306,15 @@ public abstract class DomCharacterData } /** + * Returns an empty node list. + * Character data nodes do not have children. + */ + public NodeList getChildNodes() + { + return CHILD_NODES; + } + + /** * The base URI for character data is null. * @since DOM Level 3 Core */ diff --git a/libjava/classpath/gnu/xml/dom/DomDocumentBuilder.java b/libjava/classpath/gnu/xml/dom/DomDocumentBuilder.java index 42444e8..343f48c 100644 --- a/libjava/classpath/gnu/xml/dom/DomDocumentBuilder.java +++ b/libjava/classpath/gnu/xml/dom/DomDocumentBuilder.java @@ -1,5 +1,5 @@ /* DomDocumentBuilder.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -37,9 +37,11 @@ exception statement from your version. */ package gnu.xml.dom; +import java.io.File; import java.io.InputStream; import java.io.IOException; import java.io.Reader; +import java.net.MalformedURLException; import java.net.URL; import javax.xml.parsers.DocumentBuilder; import org.w3c.dom.Document; @@ -157,8 +159,18 @@ class DomDocumentBuilder } else { - URL url = new URL(systemId); - input.setByteStream(url.openStream()); + try + { + URL url = new URL(systemId); + input.setByteStream(url.openStream()); + } + catch (MalformedURLException e) + { + // Maybe this is a relative file URL + File cwd = new File(System.getProperty("user.dir")); + URL url = new URL(cwd.toURL(), systemId); + input.setByteStream(url.openStream()); + } } } input.setPublicId(is.getPublicId()); diff --git a/libjava/classpath/gnu/xml/dom/DomDocumentBuilderFactory.java b/libjava/classpath/gnu/xml/dom/DomDocumentBuilderFactory.java index 814141c..0234785 100644 --- a/libjava/classpath/gnu/xml/dom/DomDocumentBuilderFactory.java +++ b/libjava/classpath/gnu/xml/dom/DomDocumentBuilderFactory.java @@ -37,6 +37,7 @@ exception statement from your version. */ package gnu.xml.dom; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.FactoryConfigurationError; @@ -59,6 +60,7 @@ public class DomDocumentBuilderFactory final DOMImplementation impl; final DOMImplementationLS ls; + private boolean secureProcessing; public DomDocumentBuilderFactory() { @@ -124,5 +126,26 @@ public class DomDocumentBuilderFactory // TODO } + public void setFeature(String name, boolean value) + throws ParserConfigurationException + { + if (name == null) + throw new NullPointerException(); + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + { + secureProcessing = true; + return; + } + throw new ParserConfigurationException(name); + } + + public boolean getFeature(String name) + throws ParserConfigurationException + { + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + return secureProcessing; + throw new ParserConfigurationException(name); + } + } diff --git a/libjava/classpath/gnu/xml/dom/JAXPFactory.java b/libjava/classpath/gnu/xml/dom/JAXPFactory.java index 8f481fad..ca14a8e 100644 --- a/libjava/classpath/gnu/xml/dom/JAXPFactory.java +++ b/libjava/classpath/gnu/xml/dom/JAXPFactory.java @@ -49,6 +49,7 @@ import org.xml.sax.XMLReader; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -70,6 +71,7 @@ public final class JAXPFactory private static final String FEATURE = "http://xml.org/sax/features/"; private SAXParserFactory pf; + private boolean secureProcessing; /** * Default constructor. @@ -138,6 +140,27 @@ public final class JAXPFactory throw new IllegalArgumentException(name); } + public void setFeature(String name, boolean value) + throws ParserConfigurationException + { + if (name == null) + throw new NullPointerException(); + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + { + secureProcessing = true; + return; + } + throw new ParserConfigurationException(name); + } + + public boolean getFeature(String name) + throws ParserConfigurationException + { + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + return secureProcessing; + throw new ParserConfigurationException(name); + } + static final class JAXPBuilder extends DocumentBuilder implements ErrorHandler diff --git a/libjava/classpath/gnu/xml/libxmlj/dom/GnomeDocumentBuilderFactory.java b/libjava/classpath/gnu/xml/libxmlj/dom/GnomeDocumentBuilderFactory.java index c4f0ce2..c8918aa 100644 --- a/libjava/classpath/gnu/xml/libxmlj/dom/GnomeDocumentBuilderFactory.java +++ b/libjava/classpath/gnu/xml/libxmlj/dom/GnomeDocumentBuilderFactory.java @@ -37,6 +37,7 @@ exception statement from your version. */ package gnu.xml.libxmlj.dom; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -47,9 +48,11 @@ import javax.xml.parsers.ParserConfigurationException; * @author Chris Burdess */ public class GnomeDocumentBuilderFactory -extends DocumentBuilderFactory + extends DocumentBuilderFactory { + private boolean secureProcessing; + public GnomeDocumentBuilderFactory () { setNamespaceAware (true); @@ -91,4 +94,25 @@ extends DocumentBuilderFactory // TODO } + public void setFeature(String name, boolean value) + throws ParserConfigurationException + { + if (name == null) + throw new NullPointerException(); + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + { + secureProcessing = true; + return; + } + throw new ParserConfigurationException(name); + } + + public boolean getFeature(String name) + throws ParserConfigurationException + { + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) + return secureProcessing; + throw new ParserConfigurationException(name); + } + } diff --git a/libjava/classpath/gnu/xml/stream/CRLFReader.java b/libjava/classpath/gnu/xml/stream/CRLFReader.java index 1d214ce..dad02b9 100644 --- a/libjava/classpath/gnu/xml/stream/CRLFReader.java +++ b/libjava/classpath/gnu/xml/stream/CRLFReader.java @@ -1,5 +1,5 @@ /* CRLFReader.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -153,13 +153,14 @@ class CRLFReader throws IOException { doReset = false; - int lm1 = len - 1; - for (int i = off; i < len; i++) + int end = off + len; + int em1 = end - 1; + for (int i = off; i < end; i++) { if (b[i] == '\r') // CR { int d; - if (i == lm1) + if (i == em1) { d = in.read(); doReset = true; diff --git a/libjava/classpath/gnu/xml/stream/EndEntityImpl.java b/libjava/classpath/gnu/xml/stream/EndEntityImpl.java deleted file mode 100644 index fd36ee2..0000000 --- a/libjava/classpath/gnu/xml/stream/EndEntityImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* EndEntityImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.xml.stream; - -import java.io.IOException; -import java.io.Writer; -import javax.xml.stream.Location; -import javax.xml.stream.XMLStreamException; -import javax.xml.stream.events.EndEntity; - -/** - * An end-entity event. - * - * @author Chris Burdess - */ -public class EndEntityImpl - extends XMLEventImpl - implements EndEntity -{ - - protected final String name; - - protected EndEntityImpl(Location location, String name) - { - super(location); - this.name = name; - } - - public int getEventType() - { - return END_ENTITY; - } - - public String getName() - { - return name; - } - - public void writeAsEncodedUnicode(Writer writer) - throws XMLStreamException - { - } - -} - diff --git a/libjava/classpath/gnu/xml/stream/EntityReferenceImpl.java b/libjava/classpath/gnu/xml/stream/EntityReferenceImpl.java index 4b40bfa..38e1f00 100644 --- a/libjava/classpath/gnu/xml/stream/EntityReferenceImpl.java +++ b/libjava/classpath/gnu/xml/stream/EntityReferenceImpl.java @@ -1,5 +1,5 @@ /* EntityReferenceImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -41,7 +41,7 @@ import java.io.IOException; import java.io.Writer; import javax.xml.stream.Location; import javax.xml.stream.XMLStreamException; -//import javax.xml.stream.events.EntityDeclaration; +import javax.xml.stream.events.EntityDeclaration; import javax.xml.stream.events.EntityReference; /** @@ -54,26 +54,16 @@ public class EntityReferenceImpl implements EntityReference { - //protected final EntityDeclaration decl; + protected final EntityDeclaration decl; protected final String name; - protected final String baseUri; - protected final String publicId; - protected final String systemId; - protected final String replacementText; protected EntityReferenceImpl(Location location, - //EntityDeclaration decl, - String name, - String baseUri, String publicId, - String systemId, String replacementText) + EntityDeclaration decl, + String name) { super(location); - //this.decl = decl; + this.decl = decl; this.name = name; - this.baseUri = baseUri; - this.publicId = publicId; - this.systemId = systemId; - this.replacementText = replacementText; } public int getEventType() @@ -81,36 +71,16 @@ public class EntityReferenceImpl return ENTITY_REFERENCE; } - /*public EntityDeclaration getDeclaration() + public EntityDeclaration getDeclaration() { return decl; - }*/ + } public String getName() { return name; } - public String getBaseUri() - { - return baseUri; - } - - public String getPublicId() - { - return publicId; - } - - public String getSystemId() - { - return systemId; - } - - public String getReplacementText() - { - return replacementText; - } - public void writeAsEncodedUnicode(Writer writer) throws XMLStreamException { diff --git a/libjava/classpath/gnu/xml/stream/FilteredEventReader.java b/libjava/classpath/gnu/xml/stream/FilteredEventReader.java index 3bf0f25..fd6fe8b 100644 --- a/libjava/classpath/gnu/xml/stream/FilteredEventReader.java +++ b/libjava/classpath/gnu/xml/stream/FilteredEventReader.java @@ -1,5 +1,5 @@ /* FilteredEventReader.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -56,24 +56,37 @@ class FilteredEventReader } public boolean hasNext() - throws XMLStreamException { // XXX ??? return super.hasNext(); } - public XMLEvent next() + public XMLEvent nextEvent() throws XMLStreamException { XMLEvent ret; do { - ret = super.next(); + ret = super.nextEvent(); } while (!filter.accept(ret)); return ret; } + public Object next() + { + try + { + return nextEvent(); + } + catch (XMLStreamException e) + { + RuntimeException e2 = new RuntimeException(); + e2.initCause(e); + throw e2; + } + } + public XMLEvent peek() throws XMLStreamException { diff --git a/libjava/classpath/gnu/xml/stream/LocationImpl.java b/libjava/classpath/gnu/xml/stream/LocationImpl.java deleted file mode 100644 index 1900aeb..0000000 --- a/libjava/classpath/gnu/xml/stream/LocationImpl.java +++ /dev/null @@ -1,89 +0,0 @@ -/* LocationImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.xml.stream; - -import javax.xml.stream.Location; - -/** - * Information about the location of an XML event within the underlying - * stream. - * - * @author Chris Burdess - */ -public class LocationImpl - implements Location -{ - - protected final int offset; - - protected final int col; - - protected final int line; - - protected final String systemId; - - protected LocationImpl(int offset, int col, int line, String systemId) - { - this.offset = offset; - this.col = col; - this.line = line; - this.systemId = systemId; - } - - public int getLineNumber() - { - return line; - } - - public int getColumnNumber() - { - return col; - } - - public int getCharacterOffset() - { - return offset; - } - - public String getLocationURI() - { - return systemId; - } - -} - diff --git a/libjava/classpath/gnu/xml/stream/SAXParser.java b/libjava/classpath/gnu/xml/stream/SAXParser.java index 54c8b36..fd768a4 100644 --- a/libjava/classpath/gnu/xml/stream/SAXParser.java +++ b/libjava/classpath/gnu/xml/stream/SAXParser.java @@ -1,5 +1,5 @@ /* SAXParser.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -92,8 +92,7 @@ import org.xml.sax.ext.Locator2; */ public class SAXParser extends javax.xml.parsers.SAXParser - implements XMLReader, Attributes2, Locator2, XMLReporter, - XMLParser.XMLResolver2 + implements XMLReader, Attributes2, Locator2, XMLReporter, XMLResolver { ContentHandler contentHandler; @@ -323,6 +322,7 @@ public class SAXParser supportDTD, baseAware, stringInterning, + true, this, this); else @@ -338,6 +338,7 @@ public class SAXParser supportDTD, baseAware, stringInterning, + true, this, this); } @@ -357,6 +358,7 @@ public class SAXParser supportDTD, baseAware, stringInterning, + true, this, this); } @@ -486,14 +488,14 @@ public class SAXParser contentHandler.processingInstruction(target, data); } break; - case XMLStreamConstants.START_ENTITY: + case XMLParser.START_ENTITY: if (lexicalHandler != null) { String name = reader.getText(); lexicalHandler.startEntity(name); } break; - case XMLStreamConstants.END_ENTITY: + case XMLParser.END_ENTITY: if (lexicalHandler != null) { String name = reader.getText(); @@ -649,24 +651,36 @@ public class SAXParser lexicalHandler.endDTD(); } } + reset(); + if (opened) + in.close(); } - catch (XMLStreamException e) + catch (Exception e) { - if (!startDocumentDone && contentHandler != null) - contentHandler.startDocument(); SAXParseException e2 = new SAXParseException(e.getMessage(), this); e2.initCause(e); - if (errorHandler != null) - errorHandler.fatalError(e2); - if (contentHandler != null) - contentHandler.endDocument(); - throw e2; - } - finally - { + try + { + if (!startDocumentDone && contentHandler != null) + contentHandler.startDocument(); + if (errorHandler != null) + errorHandler.fatalError(e2); + if (contentHandler != null) + contentHandler.endDocument(); + } + catch (SAXException sex) + { + // Ignored, we will rethrow the original exception. + } + reset(); if (opened) in.close(); - reset(); + if (e instanceof SAXException) + throw (SAXException) e; + if (e instanceof IOException) + throw (IOException) e; + else + throw e2; } } @@ -685,7 +699,7 @@ public class SAXParser int ac = reader.getAttributeCount(); for (int i = 0; i < ac; i++) { - QName aname = reader.getAttributeQName(i); + QName aname = reader.getAttributeName(i); if ("space".equals(aname.getLocalPart()) && XMLConstants.XML_NS_URI.equals(aname.getNamespaceURI())) { @@ -726,7 +740,7 @@ public class SAXParser int len = reader.getAttributeCount(); for (int i = 0; i < len; i++) { - QName q = reader.getAttributeQName(i); + QName q = reader.getAttributeName(i); String localName = q.getLocalPart(); String prefix = q.getPrefix(); String qn = ("".equals(prefix)) ? localName : prefix + ":" + localName; @@ -741,7 +755,7 @@ public class SAXParser int len = reader.getAttributeCount(); for (int i = 0; i < len; i++) { - QName q = reader.getAttributeQName(i); + QName q = reader.getAttributeName(i); String ln = q.getLocalPart(); String u = q.getNamespaceURI(); if (u == null && uri != null) @@ -761,12 +775,12 @@ public class SAXParser public String getLocalName(int index) { - return reader.getAttributeName(index); + return reader.getAttributeLocalName(index); } public String getQName(int index) { - QName q = reader.getAttributeQName(index); + QName q = reader.getAttributeName(index); String localName = q.getLocalPart(); String prefix = q.getPrefix(); return ("".equals(prefix)) ? localName : prefix + ":" + localName; @@ -864,13 +878,14 @@ public class SAXParser public String getPublicId() { - return null; + Location l = reader.getLocation(); + return l.getPublicId(); } public String getSystemId() { Location l = reader.getLocation(); - return l.getLocationURI(); + return l.getSystemId(); } public String getEncoding() @@ -885,13 +900,8 @@ public class SAXParser // -- XMLResolver -- - public InputStream resolve(String uri) - throws XMLStreamException - { - return resolve(null, uri); - } - - public InputStream resolve(String publicId, String systemId) + public Object resolveEntity(String publicId, String systemId, + String baseURI, String namespace) throws XMLStreamException { if (entityResolver != null) @@ -901,7 +911,16 @@ public class SAXParser InputSource input = entityResolver.resolveEntity(publicId, systemId); if (input != null) - return input.getByteStream(); + { + InputStream in = input.getByteStream(); + if (in == null) + { + String newSystemId = input.getSystemId(); + if (newSystemId != null && !newSystemId.equals(systemId)) + in = XMLParser.resolve(newSystemId); + } + return in; + } } catch (SAXException e) { diff --git a/libjava/classpath/gnu/xml/stream/StartEntityImpl.java b/libjava/classpath/gnu/xml/stream/StartEntityImpl.java deleted file mode 100644 index 6e4ca25..0000000 --- a/libjava/classpath/gnu/xml/stream/StartEntityImpl.java +++ /dev/null @@ -1,80 +0,0 @@ -/* StartEntityImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.xml.stream; - -import java.io.IOException; -import java.io.Writer; -import javax.xml.stream.Location; -import javax.xml.stream.XMLStreamException; -import javax.xml.stream.events.StartEntity; - -/** - * A start-entity event. - * - * @author Chris Burdess - */ -public class StartEntityImpl - extends XMLEventImpl - implements StartEntity -{ - - protected final String name; - - protected StartEntityImpl(Location location, String name) - { - super(location); - this.name = name; - } - - public int getEventType() - { - return START_ENTITY; - } - - public String getName() - { - return name; - } - - public void writeAsEncodedUnicode(Writer writer) - throws XMLStreamException - { - } - -} - diff --git a/libjava/classpath/gnu/xml/stream/UnicodeReader.java b/libjava/classpath/gnu/xml/stream/UnicodeReader.java index c38516c..9350cb2 100644 --- a/libjava/classpath/gnu/xml/stream/UnicodeReader.java +++ b/libjava/classpath/gnu/xml/stream/UnicodeReader.java @@ -45,7 +45,7 @@ import java.io.Reader; * * @author Chris Burdess */ -class UnicodeReader +public class UnicodeReader { final Reader in; @@ -152,6 +152,10 @@ class UnicodeReader in.close(); } + /** + * Returns the specified UTF-16 char array as an array of Unicode code + * points. + */ public static int[] toCodePointArray(String text) throws IOException { diff --git a/libjava/classpath/gnu/xml/stream/XIncludeFilter.java b/libjava/classpath/gnu/xml/stream/XIncludeFilter.java index e151ac6..7e70782 100644 --- a/libjava/classpath/gnu/xml/stream/XIncludeFilter.java +++ b/libjava/classpath/gnu/xml/stream/XIncludeFilter.java @@ -42,6 +42,7 @@ import java.io.InputStreamReader; import java.io.IOException; import java.io.Reader; import java.net.HttpURLConnection; +import java.net.MalformedURLException; import java.net.URL; import java.net.URLConnection; import java.util.HashSet; @@ -121,7 +122,17 @@ class XIncludeFilter boolean expandERefs) { super(reader); - this.systemId = XMLParser.absolutize(null, systemId); + try + { + this.systemId = XMLParser.absolutize(null, systemId); + } + catch (MalformedURLException e) + { + RuntimeException e2 = new RuntimeException("unsupported URL: " + + systemId); + e2.initCause(e); + throw e2; + } this.namespaceAware = namespaceAware; this.validating = validating; this.expandERefs = expandERefs; @@ -137,7 +148,7 @@ class XIncludeFilter return super.getAttributeCount(); } - public String getAttributeName(int index) + public String getAttributeLocalName(int index) { if (current != null) { @@ -147,7 +158,7 @@ class XIncludeFilter Node attr = attrs.item(index); return attr.getLocalName(); } - return super.getAttributeName(index); + return super.getAttributeLocalName(index); } public String getAttributeNamespace(int index) @@ -176,7 +187,7 @@ class XIncludeFilter return super.getAttributePrefix(index); } - public QName getAttributeQName(int index) + public QName getAttributeName(int index) { if (current != null) { @@ -189,7 +200,7 @@ class XIncludeFilter String prefix = attr.getPrefix(); return new QName(uri, localName, prefix); } - return super.getAttributeQName(index); + return super.getAttributeName(index); } public String getAttributeType(int index) diff --git a/libjava/classpath/gnu/xml/stream/XMLEventAllocatorImpl.java b/libjava/classpath/gnu/xml/stream/XMLEventAllocatorImpl.java index 4b21b6c..666bffa 100644 --- a/libjava/classpath/gnu/xml/stream/XMLEventAllocatorImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLEventAllocatorImpl.java @@ -1,5 +1,5 @@ /* XMLEventAllocatorImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -116,10 +116,9 @@ public class XMLEventAllocatorImpl namespaces); case XMLStreamConstants.ENTITY_REFERENCE: String name = reader.getLocalName(); - //EntityDeclaration decl = - // (EntityDeclaration) entityDeclarations.get(name); - //return new EntityReferenceImpl(location, decl, name); - return new EntityReferenceImpl(location, name, null, null, null, null); + EntityDeclaration decl = + (EntityDeclaration) entityDeclarations.get(name); + return new EntityReferenceImpl(location, decl, name); case XMLStreamConstants.PROCESSING_INSTRUCTION: return new ProcessingInstructionImpl(location, reader.getPITarget(), @@ -132,7 +131,7 @@ public class XMLEventAllocatorImpl return new CharactersImpl(location, text, whitespace, false, ignorableWhitespace); case XMLStreamConstants.START_DOCUMENT: - String systemId = location.getLocationURI(); + String systemId = location.getSystemId(); String encoding = reader.getCharacterEncodingScheme(); boolean encodingDeclared = encoding != null; if (encoding == null) @@ -164,7 +163,7 @@ public class XMLEventAllocatorImpl List attributes = new LinkedList(); for (int i = 0; i < len; i++) attributes.add(new AttributeImpl(location, - reader.getAttributeQName(i), + reader.getAttributeName(i), reader.getAttributeValue(i), QName.valueOf(reader.getAttributeType(i)), reader.isAttributeSpecified(i))); diff --git a/libjava/classpath/gnu/xml/stream/XMLEventFactoryImpl.java b/libjava/classpath/gnu/xml/stream/XMLEventFactoryImpl.java index a839b18..e1d7d6a 100644 --- a/libjava/classpath/gnu/xml/stream/XMLEventFactoryImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLEventFactoryImpl.java @@ -1,5 +1,5 @@ /* XMLEventFactoryImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -233,12 +233,9 @@ public class XMLEventFactoryImpl } public EntityReference createEntityReference(String name, - //EntityDeclaration declaration) - String replacementText) + EntityDeclaration declaration) { - //return new EntityReferenceImpl(location, declaration, name); - return new EntityReferenceImpl(location, name, null, null, null, - replacementText); + return new EntityReferenceImpl(location, declaration, name); } public Comment createComment(String text) diff --git a/libjava/classpath/gnu/xml/stream/XMLEventImpl.java b/libjava/classpath/gnu/xml/stream/XMLEventImpl.java index a8b522f..9f57d89 100644 --- a/libjava/classpath/gnu/xml/stream/XMLEventImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLEventImpl.java @@ -1,5 +1,5 @@ /* XMLEventImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -116,16 +116,6 @@ public abstract class XMLEventImpl return getEventType() == END_DOCUMENT; } - public boolean isStartEntity() - { - return getEventType() == START_ENTITY; - } - - public boolean isEndEntity() - { - return getEventType() == END_ENTITY; - } - public StartElement asStartElement() { return (StartElement) this; diff --git a/libjava/classpath/gnu/xml/stream/XMLEventReaderImpl.java b/libjava/classpath/gnu/xml/stream/XMLEventReaderImpl.java index 70481d7..bb64b1e 100644 --- a/libjava/classpath/gnu/xml/stream/XMLEventReaderImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLEventReaderImpl.java @@ -67,7 +67,7 @@ public class XMLEventReaderImpl this.systemId = systemId; } - public XMLEvent next() + public XMLEvent nextEvent() throws XMLStreamException { XMLEvent ret = peek(); @@ -75,10 +75,32 @@ public class XMLEventReaderImpl return ret; } + public Object next() + { + try + { + return nextEvent(); + } + catch (XMLStreamException e) + { + RuntimeException e2 = new RuntimeException(); + e2.initCause(e); + throw e2; + } + } + public boolean hasNext() - throws XMLStreamException { - return peekEvent != null || reader.hasNext(); + if (peekEvent != null) + return true; + try + { + return reader.hasNext(); + } + catch (XMLStreamException e) + { + return false; + } } public XMLEvent peek() @@ -121,5 +143,16 @@ public class XMLEventReaderImpl return reader.getProperty(name); } + public void close() + throws XMLStreamException + { + reader.close(); + } + + public void remove() + { + throw new UnsupportedOperationException(); + } + } diff --git a/libjava/classpath/gnu/xml/stream/XMLEventWriterImpl.java b/libjava/classpath/gnu/xml/stream/XMLEventWriterImpl.java index 4502415..72b7adc 100644 --- a/libjava/classpath/gnu/xml/stream/XMLEventWriterImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLEventWriterImpl.java @@ -155,7 +155,7 @@ public class XMLEventWriterImpl throws XMLStreamException { while (reader.hasNext()) - add(reader.next()); + add(reader.nextEvent()); } public String getPrefix(String uri) diff --git a/libjava/classpath/gnu/xml/stream/XMLInputFactoryImpl.java b/libjava/classpath/gnu/xml/stream/XMLInputFactoryImpl.java index 164774d..5f72e36 100644 --- a/libjava/classpath/gnu/xml/stream/XMLInputFactoryImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLInputFactoryImpl.java @@ -1,5 +1,5 @@ /* XMLInputFactoryImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. + Copyright (C) 2005,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -89,14 +89,15 @@ public class XMLInputFactoryImpl public XMLStreamReader createXMLStreamReader(Reader reader) throws XMLStreamException { - /* - return new XMLStreamReaderImpl(reader, null, null, - resolver, reporter, - validating, namespaceAware, - coalescing, replacingEntityReferences, - externalEntities, supportDTD); - */ - XMLParser ret = new XMLParser(reader, null, + return createXMLStreamReader(null, reader); + } + + public XMLStreamReader createXMLStreamReader(Source source) + throws XMLStreamException + { + String systemId = source.getSystemId(); + InputStream in = getInputStream(source); + XMLParser ret = new XMLParser(in, systemId, validating, namespaceAware, coalescing, @@ -105,24 +106,30 @@ public class XMLInputFactoryImpl supportDTD, baseAware, stringInterning, + false, reporter, resolver); if (xIncludeAware) - return new XIncludeFilter(ret, null, namespaceAware, validating, + return new XIncludeFilter(ret, systemId, namespaceAware, validating, replacingEntityReferences); return ret; } - public XMLStreamReader createXMLStreamReader(Source source) + public XMLStreamReader createXMLStreamReader(InputStream in) + throws XMLStreamException + { + return createXMLStreamReader(null, in); + } + + public XMLStreamReader createXMLStreamReader(InputStream in, String encoding) + throws XMLStreamException + { + return createXMLStreamReader(in); + } + + public XMLStreamReader createXMLStreamReader(String systemId, InputStream in) throws XMLStreamException { - String systemId = source.getSystemId(); - InputStream in = getInputStream(source); - /*return new XMLStreamReaderImpl(in, null, systemId, - resolver, reporter, - validating, namespaceAware, - coalescing, replacingEntityReferences, - externalEntities, supportDTD);*/ XMLParser ret = new XMLParser(in, systemId, validating, namespaceAware, @@ -132,23 +139,19 @@ public class XMLInputFactoryImpl supportDTD, baseAware, stringInterning, + false, reporter, resolver); if (xIncludeAware) - return new XIncludeFilter(ret, systemId, namespaceAware, validating, + return new XIncludeFilter(ret, null, namespaceAware, validating, replacingEntityReferences); return ret; } - - public XMLStreamReader createXMLStreamReader(InputStream in) + + public XMLStreamReader createXMLStreamReader(String systemId, Reader reader) throws XMLStreamException { - /*return new XMLStreamReaderImpl(in, null, null, - resolver, reporter, - validating, namespaceAware, - coalescing, replacingEntityReferences, - externalEntities, supportDTD);*/ - XMLParser ret = new XMLParser(in, null, + XMLParser ret = new XMLParser(reader, systemId, validating, namespaceAware, coalescing, @@ -157,6 +160,7 @@ public class XMLInputFactoryImpl supportDTD, baseAware, stringInterning, + false, reporter, resolver); if (xIncludeAware) @@ -164,12 +168,6 @@ public class XMLInputFactoryImpl replacingEntityReferences); return ret; } - - public XMLStreamReader createXMLStreamReader(InputStream in, String encoding) - throws XMLStreamException - { - return createXMLStreamReader(in); - } public XMLEventReader createXMLEventReader(Reader reader) throws XMLStreamException @@ -178,6 +176,13 @@ public class XMLInputFactoryImpl return new XMLEventReaderImpl(sr, allocator, null); } + public XMLEventReader createXMLEventReader(String systemId, Reader reader) + throws XMLStreamException + { + XMLStreamReader sr = createXMLStreamReader(systemId, reader); + return new XMLEventReaderImpl(sr, allocator, null); + } + public XMLEventReader createXMLEventReader(XMLStreamReader reader) throws XMLStreamException { @@ -205,6 +210,13 @@ public class XMLInputFactoryImpl return new XMLEventReaderImpl(sr, allocator, null); } + public XMLEventReader createXMLEventReader(String systemId, InputStream in) + throws XMLStreamException + { + XMLStreamReader sr = createXMLStreamReader(systemId, in); + return new XMLEventReaderImpl(sr, allocator, null); + } + public XMLStreamReader createFilteredReader(XMLStreamReader reader, StreamFilter filter) throws XMLStreamException diff --git a/libjava/classpath/gnu/xml/stream/XMLOutputFactoryImpl.java b/libjava/classpath/gnu/xml/stream/XMLOutputFactoryImpl.java index 05b6d6c..c8c651f 100644 --- a/libjava/classpath/gnu/xml/stream/XMLOutputFactoryImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLOutputFactoryImpl.java @@ -42,6 +42,8 @@ import java.io.OutputStreamWriter; import java.io.Writer; import java.io.UnsupportedEncodingException; +import javax.xml.transform.Result; +import javax.xml.transform.stream.StreamResult; import javax.xml.stream.XMLEventWriter; import javax.xml.stream.XMLOutputFactory; import javax.xml.stream.XMLStreamException; @@ -94,6 +96,22 @@ public class XMLOutputFactoryImpl } } + public XMLStreamWriter createXMLStreamWriter(Result result) + throws XMLStreamException + { + if (result instanceof StreamResult) + { + StreamResult sr = (StreamResult) result; + OutputStream out = sr.getOutputStream(); + if (out != null) + return createXMLStreamWriter(out); + Writer writer = sr.getWriter(); + if (writer != null) + return createXMLStreamWriter(writer); + } + throw new UnsupportedOperationException(); + } + public XMLEventWriter createXMLEventWriter(OutputStream stream) throws XMLStreamException { @@ -116,10 +134,26 @@ public class XMLOutputFactoryImpl return new XMLEventWriterImpl(writer); } + public XMLEventWriter createXMLEventWriter(Result result) + throws XMLStreamException + { + if (result instanceof StreamResult) + { + StreamResult sr = (StreamResult) result; + OutputStream out = sr.getOutputStream(); + if (out != null) + return createXMLEventWriter(out); + Writer writer = sr.getWriter(); + if (writer != null) + return createXMLEventWriter(writer); + } + throw new UnsupportedOperationException(); + } + public void setProperty(String name, Object value) throws IllegalArgumentException { - if (IS_PREFIX_DEFAULTING.equals(name)) + if (IS_REPAIRING_NAMESPACES.equals(name)) prefixDefaulting = ((Boolean) value).booleanValue(); else throw new IllegalArgumentException(name); @@ -128,14 +162,14 @@ public class XMLOutputFactoryImpl public Object getProperty(String name) throws IllegalArgumentException { - if (IS_PREFIX_DEFAULTING.equals(name)) + if (IS_REPAIRING_NAMESPACES.equals(name)) return new Boolean(prefixDefaulting); throw new IllegalArgumentException(name); } public boolean isPropertySupported(String name) { - if (IS_PREFIX_DEFAULTING.equals(name)) + if (IS_REPAIRING_NAMESPACES.equals(name)) return true; return false; } diff --git a/libjava/classpath/gnu/xml/stream/XMLParser.java b/libjava/classpath/gnu/xml/stream/XMLParser.java index 6f10b93..9bb4834 100644 --- a/libjava/classpath/gnu/xml/stream/XMLParser.java +++ b/libjava/classpath/gnu/xml/stream/XMLParser.java @@ -137,6 +137,10 @@ public class XMLParser final static int ATTRIBUTE_DEFAULT_REQUIRED = 33; final static int ATTRIBUTE_DEFAULT_FIXED = 34; + // -- additional event types -- + final static int START_ENTITY = 50; + final static int END_ENTITY = 51; + /** * The current input. */ @@ -318,6 +322,12 @@ public class XMLParser private final boolean baseAware; /** + * Whether to report extended event types (START_ENTITY and END_ENTITY) + * in addition to the standard event types. Used by the SAX parser. + */ + private final boolean extendedEventTypes; + + /** * The reporter to receive parsing warnings. */ final XMLReporter reporter; @@ -389,6 +399,7 @@ public class XMLParser boolean supportDTD, boolean baseAware, boolean stringInterning, + boolean extendedEventTypes, XMLReporter reporter, XMLResolver resolver) { @@ -400,6 +411,7 @@ public class XMLParser this.supportDTD = supportDTD; this.baseAware = baseAware; this.stringInterning = stringInterning; + this.extendedEventTypes = extendedEventTypes; this.reporter = reporter; this.resolver = resolver; if (validating) @@ -446,6 +458,7 @@ public class XMLParser boolean supportDTD, boolean baseAware, boolean stringInterning, + boolean extendedEventTypes, XMLReporter reporter, XMLResolver resolver) { @@ -457,6 +470,7 @@ public class XMLParser this.supportDTD = supportDTD; this.baseAware = baseAware; this.stringInterning = stringInterning; + this.extendedEventTypes = extendedEventTypes; this.reporter = reporter; this.resolver = resolver; if (validating) @@ -561,7 +575,7 @@ public class XMLParser return attrs.size(); } - public String getAttributeName(int index) + public String getAttributeLocalName(int index) { Attribute a = (Attribute) attrs.get(index); return a.localName; @@ -579,7 +593,7 @@ public class XMLParser return a.prefix; } - public QName getAttributeQName(int index) + public QName getAttributeName(int index) { Attribute a = (Attribute) attrs.get(index); String namespaceURI = getNamespaceURI(a.prefix); @@ -710,7 +724,7 @@ public class XMLParser public int getNamespaceCount() { - if (!namespaceAware) + if (!namespaceAware || namespaces.isEmpty()) return 0; switch (event) { @@ -984,10 +998,10 @@ public class XMLParser if (event == XMLStreamConstants.END_ELEMENT) { // Pop namespace context - if (namespaceAware) + if (namespaceAware && !namespaces.isEmpty()) namespaces.removeFirst(); // Pop base context - if (baseAware) + if (baseAware && !bases.isEmpty()) bases.removeFirst(); } if (!startEntityStack.isEmpty()) @@ -995,16 +1009,16 @@ public class XMLParser String entityName = (String) startEntityStack.removeFirst(); buf.setLength(0); buf.append(entityName); - event = XMLStreamConstants.START_ENTITY; - return event; + event = START_ENTITY; + return extendedEventTypes ? event : next(); } else if (!endEntityStack.isEmpty()) { String entityName = (String) endEntityStack.removeFirst(); buf.setLength(0); buf.append(entityName); - event = XMLStreamConstants.END_ENTITY; - return event; + event = END_ENTITY; + return extendedEventTypes ? event : next(); } try { @@ -1484,7 +1498,6 @@ public class XMLParser { if (!externalEntities) return; - InputStream in = null; String url = absolutize(input.systemId, ids.systemId); // Check for recursion for (Iterator i = inputStack.iterator(); i.hasNext(); ) @@ -1497,12 +1510,13 @@ public class XMLParser } if (name == null || "".equals(name)) report = false; - if (in == null && url != null && resolver != null) + InputStream in = null; + if (resolver != null) { - if (resolver instanceof XMLResolver2) - in = ((XMLResolver2) resolver).resolve(ids.publicId, url); - else - in = resolver.resolve(url); + Object obj = resolver.resolveEntity(ids.publicId, url, getXMLBase(), + null); + if (obj instanceof InputStream) + in = (InputStream) obj; } if (in == null) in = resolve(url); @@ -1535,12 +1549,13 @@ public class XMLParser * @param base the current base URL * @param href the (absolute or relative) URL to resolve */ - static String absolutize(String base, String href) + public static String absolutize(String base, String href) + throws MalformedURLException { if (href == null) return null; int ci = href.indexOf(':'); - if (ci > 1 && isLowercaseAscii(href.substring(0, ci))) + if (ci > 1 && isURLScheme(href.substring(0, ci))) { // href is absolute already return href; @@ -1565,40 +1580,23 @@ public class XMLParser if (!base.endsWith("/")) base += "/"; } - if (href.startsWith("/")) - { - if (base.startsWith("file:")) - return "file://" + href; - int i = base.indexOf("://"); - if (i != -1) - { - i = base.indexOf('/', i + 3); - if (i != -1) - base = base.substring(0, i); - } - } - else - { - while (href.startsWith("..")) - { - int i = base.lastIndexOf('/', base.length() - 2); - if (i != -1) - base = base.substring(0, i + 1); - href = href.substring(2); - if (href.startsWith("/")) - href = href.substring(1); - } - } - return base + href; + return new URL(new URL(base), href).toString(); } - private static boolean isLowercaseAscii(String text) + /** + * Indicates whether the specified characters match the scheme portion of + * a URL. + * @see RFC 1738 section 2.1 + */ + private static boolean isURLScheme(String text) { int len = text.length(); for (int i = 0; i < len; i++) { char c = text.charAt(i); - if (c < 97 || c > 122) + if (c == '+' || c == '.' || c == '-') + continue; + if (c < 65 || (c > 90 && c < 97) || c > 122) return false; } return true; @@ -1607,7 +1605,7 @@ public class XMLParser /** * Returns an input stream for the given URL. */ - private InputStream resolve(String url) + static InputStream resolve(String url) throws IOException { try @@ -1618,6 +1616,12 @@ public class XMLParser { return null; } + catch (IOException e) + { + IOException e2 = new IOException("error resolving " + url); + e2.initCause(e); + throw e2; + } } /** @@ -1891,7 +1895,10 @@ public class XMLParser throws IOException, XMLStreamException { requireWhitespace(); + boolean saved = expandPE; + expandPE = (inputStack.size() > 1); String name = readNmtoken(true); + expandPE = saved; requireWhitespace(); readContentspec(name); skipWhitespace(); @@ -2106,7 +2113,10 @@ public class XMLParser throws IOException, XMLStreamException { requireWhitespace(); + boolean saved = expandPE; + expandPE = (inputStack.size() > 1); String elementName = readNmtoken(true); + expandPE = saved; boolean white = tryWhitespace(); while (!tryRead('>')) { @@ -2419,11 +2429,11 @@ public class XMLParser } else { - if (!isNameStartCharacter(cp[0])) + if (!isNameStartCharacter(cp[0], input.xml11)) error("malformed reference in entity value", value); for (int i = 1; i < cp.length; i++) { - if (!isNameCharacter(cp[i])) + if (!isNameCharacter(cp[i], input.xml11)) error("malformed reference in entity value", value); } } @@ -2838,8 +2848,6 @@ public class XMLParser error("Duplicate default namespace declaration"); if (XMLConstants.XML_NS_URI.equals(attr.value)) error("can't bind XML namespace"); - if ("".equals(attr.value) && !input.xml11) - error("illegal use of 1.1-style prefix unbinding in 1.0 document"); ctx.put(XMLConstants.DEFAULT_NS_PREFIX, attr.value); return true; } @@ -3087,7 +3095,15 @@ public class XMLParser break; case 0x3c: // '<' reset(); - read(tmpBuf, 0, i); + // read i characters + int count = 0, remaining = i; + do + { + int r = read(tmpBuf, 0, remaining); + count += r; + remaining -= r; + } + while (count < i); i = len; if (coalescing && tryRead(TEST_CDATA)) readUntil(TEST_END_CDATA); // read CDATA section into buf @@ -3258,15 +3274,7 @@ public class XMLParser reset(); char[] ref = readCharacterRef(hex ? 16 : 10); for (int i = 0; i < ref.length; i++) - { - char x = ref[i]; - if ((flags & (LIT_ATTRIBUTE | LIT_PUBID)) != 0 && - (x == 0x0a || x == 0x0d)) - x = 0x20; // normalize - else if ((flags & LIT_ATTRIBUTE) != 0 && x == 0x09) - x = 0x20; // normalize - literalBuf.append(x); - } + literalBuf.append(ref[i]); entities = true; continue; } @@ -3469,13 +3477,13 @@ public class XMLParser int c = readCh(); if (isName) { - if (!isNameStartCharacter(c)) + if (!isNameStartCharacter(c, input.xml11)) error("not a name start character", "U+" + Integer.toHexString(c)); } else { - if (!isNameCharacter(c)) + if (!isNameCharacter(c, input.xml11)) error("not a name character", "U+" + Integer.toHexString(c)); } @@ -3510,7 +3518,7 @@ public class XMLParser reset(); return intern(buf.toString()); default: - if (!isNameCharacter(c)) + if (!isNameCharacter(c, input.xml11)) error("not a name character", "U+" + Integer.toHexString(c)); else @@ -3523,7 +3531,7 @@ public class XMLParser /** * Indicates whether the specified Unicode character is an XML 1.1 Char. */ - private boolean isXML11Char(int c) + public static boolean isXML11Char(int c) { return ((c >= 0x0001 && c <= 0xD7FF) || (c >= 0xE000 && c < 0xFFFD) || // NB exclude 0xfffd @@ -3534,7 +3542,7 @@ public class XMLParser * Indicates whether the specified Unicode character is an XML 1.1 * RestrictedChar. */ - private boolean isXML11RestrictedChar(int c) + public static boolean isXML11RestrictedChar(int c) { return ((c >= 0x0001 && c <= 0x0008) || (c >= 0x000B && c <= 0x000C) || @@ -3556,17 +3564,17 @@ public class XMLParser return false; if (isName) { - if (!isNameStartCharacter(cp[0])) + if (!isNameStartCharacter(cp[0], input.xml11)) return false; } else { - if (!isNameCharacter(cp[0])) + if (!isNameCharacter(cp[0], input.xml11)) return false; } for (int i = 1; i < cp.length; i++) { - if (!isNameCharacter(cp[i])) + if (!isNameCharacter(cp[i], input.xml11)) return false; } return true; @@ -3581,9 +3589,9 @@ public class XMLParser * Indicates whether the specified Unicode character is a Name start * character. */ - private boolean isNameStartCharacter(int c) + public static boolean isNameStartCharacter(int c, boolean xml11) { - if (input.xml11) + if (xml11) return ((c >= 0x0041 && c <= 0x005a) || (c >= 0x0061 && c <= 0x007a) || c == 0x3a | @@ -3608,9 +3616,9 @@ public class XMLParser * Indicates whether the specified Unicode character is a Name non-initial * character. */ - private boolean isNameCharacter(int c) + public static boolean isNameCharacter(int c, boolean xml11) { - if (input.xml11) + if (xml11) return ((c >= 0x0041 && c <= 0x005a) || (c >= 0x0061 && c <= 0x007a) || (c >= 0x0030 && c <= 0x0039) || @@ -4255,6 +4263,7 @@ public class XMLParser true, // supportDTD true, // baseAware true, // stringInterning + true, // extendedEventTypes null, null); XMLStreamReader reader = p; @@ -4286,7 +4295,7 @@ public class XMLParser "='"+reader.getNamespaceURI(i)+"'"); l = reader.getAttributeCount(); for (int i = 0; i < l; i++) - System.out.println("\tattribute "+reader.getAttributeQName(i)+ + System.out.println("\tattribute "+reader.getAttributeName(i)+ "='"+reader.getAttributeValue(i)+"'"); break; case XMLStreamConstants.END_ELEMENT: @@ -4314,10 +4323,10 @@ public class XMLParser System.out.println("PROCESSING_INSTRUCTION "+reader.getPITarget()+ " "+reader.getPIData()); break; - case XMLStreamConstants.START_ENTITY: + case START_ENTITY: System.out.println("START_ENTITY "+reader.getText()); break; - case XMLStreamConstants.END_ENTITY: + case END_ENTITY: System.out.println("END_ENTITY "+reader.getText()); break; default: @@ -4330,7 +4339,7 @@ public class XMLParser Location l = reader.getLocation(); System.out.println("At line "+l.getLineNumber()+ ", column "+l.getColumnNumber()+ - " of "+l.getLocationURI()); + " of "+l.getSystemId()); throw e; } } @@ -4939,19 +4948,6 @@ public class XMLParser } /** - * Compatibility interface that can be used to resolve based on a public - * ID, not just an URL. - */ - interface XMLResolver2 - extends XMLResolver - { - - InputStream resolve(String publicId, String systemId) - throws XMLStreamException; - - } - - /** * An XML input source. */ static class Input @@ -5019,7 +5015,12 @@ public class XMLParser return line; } - public String getLocationURI() + public String getPublicId() + { + return publicId; + } + + public String getSystemId() { return systemId; } diff --git a/libjava/classpath/gnu/xml/stream/XMLStreamReaderImpl.java b/libjava/classpath/gnu/xml/stream/XMLStreamReaderImpl.java deleted file mode 100644 index 568d800..0000000 --- a/libjava/classpath/gnu/xml/stream/XMLStreamReaderImpl.java +++ /dev/null @@ -1,1037 +0,0 @@ -/* XMLStreamReaderImpl.java -- - Copyright (C) 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.xml.stream; - -import java.io.InputStream; -import java.io.IOException; -import java.io.Reader; -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.Map; -import javax.xml.namespace.NamespaceContext; -import javax.xml.namespace.QName; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.parsers.SAXParser; -import javax.xml.parsers.SAXParserFactory; -import javax.xml.stream.Location; -import javax.xml.stream.XMLResolver; -import javax.xml.stream.XMLReporter; -import javax.xml.stream.XMLStreamConstants; -import javax.xml.stream.XMLStreamException; -import javax.xml.stream.XMLStreamReader; - -import javax.xml.stream.events.Attribute; -import javax.xml.stream.events.Characters; -import javax.xml.stream.events.Comment; -import javax.xml.stream.events.DTD; -import javax.xml.stream.events.EndDocument; -import javax.xml.stream.events.EndElement; -import javax.xml.stream.events.EndEntity; -import javax.xml.stream.events.EntityDeclaration; -import javax.xml.stream.events.EntityReference; -import javax.xml.stream.events.Namespace; -import javax.xml.stream.events.NotationDeclaration; -import javax.xml.stream.events.ProcessingInstruction; -import javax.xml.stream.events.StartDocument; -import javax.xml.stream.events.StartElement; -import javax.xml.stream.events.StartEntity; -import javax.xml.stream.events.XMLEvent; - -import org.xml.sax.Attributes; -import org.xml.sax.ContentHandler; -import org.xml.sax.DTDHandler; -import org.xml.sax.EntityResolver; -import org.xml.sax.ErrorHandler; -import org.xml.sax.InputSource; -import org.xml.sax.Locator; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; -import org.xml.sax.XMLReader; -import org.xml.sax.ext.Attributes2; -import org.xml.sax.ext.DeclHandler; -import org.xml.sax.ext.LexicalHandler; -import org.xml.sax.ext.Locator2; -import org.xml.sax.helpers.NamespaceSupport; - -/** - * An XML parser. - * - * This implementation uses SAX to create a series of events in memory, - * and then iterates over this series. This has the advantage of being simple - * and unifying the existing XML parsing code. However, it is quite - * memory-inefficient and obviously won't cope with streams of arbitrary - * length. - * - * A future task could be to write a real, progressive/incremental - * implementation of this class. In that case we should consider making that - * the default XML parser implementation and using a SAX wrapper to it to - * provide the GNU SAX implementation. - * - * @author Chris Burdess - */ -public class XMLStreamReaderImpl - implements XMLStreamReader, NamespaceContext -{ - - private LinkedList events; - private XMLEvent currentEvent; - private int eventType; - private NamespaceSupport namespaces; - - protected String publicId; - protected String systemId; - - protected XMLResolver resolver; - protected XMLReporter reporter; - protected boolean validating; - protected boolean namespaceAware; - protected boolean coalescing; - protected boolean replacingEntityReferences; - protected boolean externalEntities; - protected boolean supportDTD; - - protected XMLStreamReaderImpl(InputStream in, - String publicId, - String systemId, - XMLResolver resolver, - XMLReporter reporter, - boolean validating, - boolean namespaceAware, - boolean coalescing, - boolean replacingEntityReferences, - boolean externalEntities, - boolean supportDTD) - throws XMLStreamException - { - //this.in = in; - this.publicId = publicId; - this.systemId = systemId; - this.resolver = resolver; - this.reporter = reporter; - this.validating = validating; - this.namespaceAware = namespaceAware; - this.coalescing = coalescing; - this.replacingEntityReferences = replacingEntityReferences; - this.externalEntities = externalEntities; - this.supportDTD = supportDTD; - namespaces = new NamespaceSupport(); - events = new LinkedList(); - - // Configure the SAX parser and perform the parse - try - { - SAXParserFactory f = SAXParserFactory.newInstance(); - f.setNamespaceAware(namespaceAware); - f.setValidating(validating); - SAXParser p = f.newSAXParser(); - XMLReader r = p.getXMLReader(); - CallbackHandler ch = this.new CallbackHandler(r); - r.setFeature("http://xml.org/sax/features/external-general-entities", - externalEntities); - r.setFeature("http://xml.org/sax/features/namespaces", - namespaceAware); - r.setContentHandler(ch); - r.setDTDHandler(ch); - r.setEntityResolver(ch); - r.setErrorHandler(ch); - r.setProperty("http://xml.org/sax/properties/lexical-handler", - ch); - InputSource source = new InputSource(in); - source.setSystemId(systemId); - r.parse(source); - } - catch (SAXException e) - { - events.add(e); - } - catch (IOException e) - { - events.add(e); - } - catch (ParserConfigurationException e) - { - XMLStreamException e2 = new XMLStreamException(e); - e2.initCause(e); - throw e2; - } - } - - protected XMLStreamReaderImpl(Reader reader, - String publicId, - String systemId, - XMLResolver resolver, - XMLReporter reporter, - boolean validating, - boolean namespaceAware, - boolean coalescing, - boolean replacingEntityReferences, - boolean externalEntities, - boolean supportDTD) - throws XMLStreamException - { - //this.reader = reader; - this.publicId = publicId; - this.systemId = systemId; - this.resolver = resolver; - this.reporter = reporter; - this.validating = validating; - this.namespaceAware = namespaceAware; - this.coalescing = coalescing; - this.replacingEntityReferences = replacingEntityReferences; - this.externalEntities = externalEntities; - this.supportDTD = supportDTD; - namespaces = new NamespaceSupport(); - events = new LinkedList(); - - // Configure the SAX parser and perform the parse - try - { - SAXParserFactory f = SAXParserFactory.newInstance(); - f.setNamespaceAware(namespaceAware); - f.setValidating(validating); - SAXParser p = f.newSAXParser(); - XMLReader r = p.getXMLReader(); - CallbackHandler ch = this.new CallbackHandler(r); - r.setFeature("http://xml.org/sax/features/external-general-entities", - externalEntities); - r.setFeature("http://xml.org/sax/features/namespaces", - namespaceAware); - r.setContentHandler(ch); - r.setDTDHandler(ch); - r.setEntityResolver(ch); - r.setErrorHandler(ch); - r.setProperty("http://xml.org/sax/properties/lexical-handler", - ch); - InputSource source = new InputSource(reader); - source.setSystemId(systemId); - r.parse(source); - } - catch (SAXException e) - { - events.add(e); - } - catch (IOException e) - { - events.add(e); - } - catch (ParserConfigurationException e) - { - XMLStreamException e2 = new XMLStreamException(e); - e2.initCause(e); - throw e2; - } - } - - public Object getProperty(String name) - throws IllegalArgumentException - { - throw new IllegalArgumentException(name); - } - - public int next() - throws XMLStreamException - { - if (events.isEmpty()) - throw new XMLStreamException("EOF"); - Object event = events.removeFirst(); - if (event instanceof Exception) - { - Exception e = (Exception) event; - XMLStreamException e2 = new XMLStreamException(e); - e2.initCause(e); - throw e2; - } - currentEvent = (XMLEvent) event; - eventType = currentEvent.getEventType(); - return eventType; - } - - public void require(int type, String namespaceURI, String localName) - throws XMLStreamException - { - // TODO - throw new UnsupportedOperationException(); - } - - public String getElementText() - throws XMLStreamException - { - // TODO - throw new UnsupportedOperationException(); - } - - public int nextTag() - throws XMLStreamException - { - int ret; - do - { - ret = next(); - } - while (ret != XMLStreamConstants.START_ELEMENT && - ret != XMLStreamConstants.END_ELEMENT); - return ret; - } - - public boolean hasNext() - throws XMLStreamException - { - return !events.isEmpty(); - } - - public void close() - throws XMLStreamException - { - } - - public String getNamespaceURI(String prefix) - { - return namespaces.getURI(prefix); - } - - public String getPrefix(String namespaceURI) - { - return namespaces.getPrefix(namespaceURI); - } - - public Iterator getPrefixes(String namespaceURI) - { - LinkedList acc = new LinkedList(); - for (Enumeration e = namespaces.getPrefixes(namespaceURI); - e.hasMoreElements(); ) - acc.add(e.nextElement()); - return acc.iterator(); - } - - public boolean isStartElement() - { - return eventType == START_ELEMENT; - } - - public boolean isEndElement() - { - return eventType == END_ELEMENT; - } - - public boolean isCharacters() - { - return eventType == CHARACTERS || eventType == CDATA; - } - - public boolean isWhiteSpace() - { - return eventType == SPACE; - } - - public String getAttributeValue(String namespaceURI, String localName) - { - StartElement se = (StartElement) currentEvent; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - Attribute attr = (Attribute) i.next(); - QName name = attr.getName(); - if (namespaceURI != null && - !namespaceURI.equals(name.getNamespaceURI())) - continue; - if (!localName.equals(name.getLocalPart())) - continue; - return attr.getValue(); - } - return null; - } - - public int getAttributeCount() - { - StartElement se = (StartElement) currentEvent; - int count = 0; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - i.next(); - count++; - } - return count; - } - - public QName getAttributeQName(int index) - { - StartElement se = (StartElement) currentEvent; - int count = 0; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - Attribute attr = (Attribute) i.next(); - if (index == count) - return attr.getName(); - count++; - } - return null; - } - - public String getAttributeNamespace(int index) - { - QName name = getAttributeQName(index); - return (name == null) ? null : name.getNamespaceURI(); - } - - public String getAttributeName(int index) - { - QName name = getAttributeQName(index); - return (name == null) ? null : name.getLocalPart(); - } - - public String getAttributePrefix(int index) - { - QName name = getAttributeQName(index); - return (name == null) ? null : name.getPrefix(); - } - - public String getAttributeType(int index) - { - StartElement se = (StartElement) currentEvent; - int count = 0; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - Attribute attr = (Attribute) i.next(); - if (index == count) - { - QName type = attr.getDTDType(); - return (type == null) ? "CDATA" : type.toString(); - } - count++; - } - return null; - } - - public String getAttributeValue(int index) - { - StartElement se = (StartElement) currentEvent; - int count = 0; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - Attribute attr = (Attribute) i.next(); - if (index == count) - return attr.getValue(); - count++; - } - return null; - } - - public boolean isAttributeSpecified(int index) - { - StartElement se = (StartElement) currentEvent; - int count = 0; - for (Iterator i = se.getAttributes(); i.hasNext(); ) - { - Attribute attr = (Attribute) i.next(); - if (index == count) - return attr.isSpecified(); - count++; - } - return false; - } - - public int getNamespaceCount() - { - Iterator i = null; - switch (eventType) - { - case XMLStreamConstants.START_ELEMENT: - i = ((StartElement) currentEvent).getNamespaces(); - break; - case XMLStreamConstants.END_ELEMENT: - i = ((EndElement) currentEvent).getNamespaces(); - break; - default: - throw new IllegalStateException(); - } - int count = 0; - while (i.hasNext()) - { - i.next(); - count++; - } - return count; - } - - public String getNamespacePrefix(int index) - { - Iterator i = null; - switch (eventType) - { - case XMLStreamConstants.START_ELEMENT: - i = ((StartElement) currentEvent).getNamespaces(); - break; - case XMLStreamConstants.END_ELEMENT: - i = ((EndElement) currentEvent).getNamespaces(); - break; - default: - throw new IllegalStateException(); - } - int count = 0; - while (i.hasNext()) - { - Namespace ns = (Namespace) i.next(); - if (index == count) - return ns.getPrefix(); - count++; - } - return null; - } - - public String getNamespaceURI(int index) - { - Iterator i = null; - switch (eventType) - { - case XMLStreamConstants.START_ELEMENT: - i = ((StartElement) currentEvent).getNamespaces(); - break; - case XMLStreamConstants.END_ELEMENT: - i = ((EndElement) currentEvent).getNamespaces(); - break; - default: - throw new IllegalStateException(); - } - int count = 0; - while (i.hasNext()) - { - Namespace ns = (Namespace) i.next(); - if (index == count) - return ns.getNamespaceURI(); - count++; - } - return null; - } - - public NamespaceContext getNamespaceContext() - { - return this; - } - - public int getEventType() - { - return eventType; - } - - public String getText() - { - switch (eventType) - { - case XMLStreamConstants.CHARACTERS: - case XMLStreamConstants.CDATA: - case XMLStreamConstants.SPACE: - return ((Characters) currentEvent).getData(); - case XMLStreamConstants.COMMENT: - return ((Comment) currentEvent).getText(); - case XMLStreamConstants.ENTITY_REFERENCE: - return ((EntityReference) currentEvent).getReplacementText(); - case XMLStreamConstants.DTD: - return ((DTD) currentEvent).getDocumentTypeDeclaration(); - } - return null; - } - - public char[] getTextCharacters() - { - String text = getText(); - return (text == null) ? null : text.toCharArray(); - } - - public int getTextCharacters(int sourceStart, char[] target, - int targetStart, int length) - throws XMLStreamException - { - char[] source = getTextCharacters(); - int len = Math.min(source.length, length); - System.arraycopy(source, sourceStart, target, targetStart, len); - return len; - } - - public int getTextStart() - { - return 0; - } - - public int getTextLength() - { - String text = getText(); - return (text == null) ? 0 : text.length(); - } - - public String getEncoding() - { - // XXX SAX doesn't provide this - return null; - } - - public boolean hasText() - { - return eventType == CHARACTERS || eventType == DTD || - eventType == SPACE || eventType == ENTITY_REFERENCE || - eventType == COMMENT || eventType == DTD; - } - - public Location getLocation() - { - return currentEvent.getLocation(); - } - - public QName getName() - { - switch (eventType) - { - case XMLStreamConstants.START_ELEMENT: - return ((StartElement) currentEvent).getName(); - case XMLStreamConstants.END_ELEMENT: - return ((EndElement) currentEvent).getName(); - case XMLStreamConstants.ATTRIBUTE: - return ((Attribute) currentEvent).getName(); - } - return null; - } - - public String getLocalName() - { - QName name = getName(); - return (name == null) ? null : name.getLocalPart(); - } - - public boolean hasName() - { - return getName() != null; - } - - public String getNamespaceURI() - { - QName name = getName(); - return (name == null) ? null : name.getNamespaceURI(); - } - - public String getPrefix() - { - QName name = getName(); - return (name == null) ? null : name.getPrefix(); - } - - public String getVersion() - { - StartDocument sd = (StartDocument) currentEvent; - return sd.getVersion(); - } - - public boolean isStandalone() - { - StartDocument sd = (StartDocument) currentEvent; - return sd.isStandalone(); - } - - public boolean standaloneSet() - { - StartDocument sd = (StartDocument) currentEvent; - return sd.standaloneSet(); - } - - public String getCharacterEncodingScheme() - { - StartDocument sd = (StartDocument) currentEvent; - return sd.getCharacterEncodingScheme(); - } - - public String getPITarget() - { - ProcessingInstruction pi = (ProcessingInstruction) currentEvent; - return pi.getTarget(); - } - - public String getPIData() - { - ProcessingInstruction pi = (ProcessingInstruction) currentEvent; - return pi.getData(); - } - - /** - * This class is used to construct the event series from SAX callbacks. - */ - class CallbackHandler - implements ContentHandler, DTDHandler, LexicalHandler, - DeclHandler, EntityResolver, ErrorHandler - { - - XMLReader reader; - Locator locator; - Location location; - private boolean inCDATA; - private LinkedList namespaces = new LinkedList(); - private LinkedList notations; - private LinkedList entities; - - CallbackHandler(XMLReader reader) - { - this.reader = reader; - } - - public void setDocumentLocator(Locator locator) - { - this.locator = locator; - location = new LocationImpl(-1, - locator.getColumnNumber(), - locator.getLineNumber(), - locator.getSystemId()); - } - - public void startDocument() - throws SAXException - { - String version = (locator instanceof Locator2) ? - ((Locator2) locator).getXMLVersion() : null; - String encoding = (locator instanceof Locator2) ? - ((Locator2) locator).getEncoding() : null; - boolean standalone = - reader.getFeature("http://xml.org/sax/features/is-standalone"); - boolean standaloneDeclared = standalone; - boolean encodingDeclared = (encoding != null); - events.add(new StartDocumentImpl(location, - location.getLocationURI(), - encoding, - version, - standalone, - standaloneDeclared, - encodingDeclared)); - } - - public void endDocument() - throws SAXException - { - events.add(new EndDocumentImpl(location)); - } - - public void startPrefixMapping(String prefix, String uri) - throws SAXException - { - namespaces.add(new NamespaceImpl(location, prefix, uri)); - } - - public void endPrefixMapping(String prefix) - throws SAXException - { - } - - public void startElement(String namespaceURI, String localName, - String qName, Attributes atts) - throws SAXException - { - LinkedList ns = namespaces; - namespaces = new LinkedList(); - int ci = qName.indexOf(':'); - String prefix = null; - localName = qName; - if (ci != -1) - { - prefix = qName.substring(0, ci); - localName = qName.substring(ci + 1); - } - QName name = new QName(namespaceURI, localName, prefix); - LinkedList attrs = new LinkedList(); - StartElementImpl se = new StartElementImpl(location, name, - attrs, ns, null); - events.add(se); - // Add namespaces - //for (Iterator i = ns.iterator(); i.hasNext(); ) - // events.add(i.next()); - // Add attributes - int len = atts.getLength(); - for (int i = 0; i < len; i++) - { - String attURI = atts.getURI(i); - String attQName = atts.getQName(i); - String value = atts.getValue(i); - QName type = QName.valueOf(atts.getType(i)); - boolean specified = (atts instanceof Attributes2) && - ((Attributes2) atts).isSpecified(i); - ci = attQName.indexOf(':'); - String attPrefix = null; - String attLocalName = attQName; - if (ci != -1) - { - attPrefix = attQName.substring(0, ci); - attLocalName = attQName.substring(ci + 1); - } - if ("xmlns".equals(attPrefix) || "xmlns".equals(attQName)) - continue; - QName attrName = new QName(attURI, attLocalName, attPrefix); - AttributeImpl attr = new AttributeImpl(location, attrName, - value, type, specified); - attrs.add(attr); - //events.add(attr); - } - } - - public void endElement(String namespaceURI, String localName, - String qName) - throws SAXException - { - int ci = qName.indexOf(':'); - String prefix = null; - localName = qName; - if (ci != -1) - { - prefix = qName.substring(0, ci); - localName = qName.substring(ci + 1); - } - QName name = new QName(namespaceURI, localName, prefix); - events.add(new EndElementImpl(location, name, new LinkedList())); - // TODO namespaces out of scope - } - - public void characters(char[] ch, int start, int length) - throws SAXException - { - boolean whitespace = isWhitespace(ch, start, length); - events.add(new CharactersImpl(location, new String(ch, start, length), - whitespace, inCDATA, false)); - } - - public void ignorableWhitespace(char[] ch, int start, int length) - throws SAXException - { - boolean whitespace = isWhitespace(ch, start, length); - events.add(new CharactersImpl(location, new String(ch, start, length), - whitespace, inCDATA, true)); - } - - boolean isWhitespace(char[] ch, int start, int len) - { - int end = start + len; - for (int i = start; i < end; i++) - { - char c = ch[i]; - if (c != ' ' && c != '\t' && c != '\n' && c != '\r') - return false; - } - return true; - } - - public void processingInstruction(String target, String data) - throws SAXException - { - events.add(new ProcessingInstructionImpl(location, target, data)); - } - - public void skippedEntity(String name) - throws SAXException - { - } - - public void startDTD(String name, String publicId, String systemId) - throws SAXException - { - notations = new LinkedList(); - entities = new LinkedList(); - events.add(new DTDImpl(location, null, null, notations, entities)); - } - - public void endDTD() - throws SAXException - { - } - - public void startEntity(String name) - throws SAXException - { - events.add(new StartEntityImpl(location, name)); - } - - public void endEntity(String name) - throws SAXException - { - events.add(new EndEntityImpl(location, name)); - } - - public void startCDATA() - throws SAXException - { - inCDATA = true; - } - - public void endCDATA() - throws SAXException - { - inCDATA = false; - } - - public void comment(char[] ch, int start, int length) - throws SAXException - { - events.add(new CommentImpl(location, new String(ch, start, length))); - } - - public void notationDecl(String name, String publicId, String systemId) - throws SAXException - { - Object n = new NotationDeclarationImpl(location, name, publicId, - systemId); - notations.add(n); - //events.add(n); - } - - public void unparsedEntityDecl(String name, String publicId, - String systemId, String notationName) - throws SAXException - { - Object e = new EntityDeclarationImpl(location, publicId, systemId, - name, notationName, - null, null); - entities.add(e); - //events.add(e); - } - - public void elementDecl(String name, String model) - throws SAXException - { - } - - public void attributeDecl(String eName, String aName, String type, - String valueDefault, String value) - throws SAXException - { - } - - public void internalEntityDecl(String name, String value) - throws SAXException - { - Object e = new EntityDeclarationImpl(location, null, null, - name, null, value, null); - entities.add(e); - //events.add(e); - } - - public void externalEntityDecl(String name, String publicId, - String systemId) - throws SAXException - { - Object e = new EntityDeclarationImpl(location, publicId, systemId, - name, null, null, null); - entities.add(e); - //events.add(e); - } - - public void warning(SAXParseException e) - throws SAXException - { - if (reporter != null) - { - try - { - reporter.report(e.getMessage(), "warning", e, location); - } - catch (XMLStreamException e2) - { - SAXException e3 = new SAXException(e2.getMessage()); - e3.initCause(e2); - throw e3; - } - } - } - - public void error(SAXParseException e) - throws SAXException - { - if (reporter != null) - { - try - { - reporter.report(e.getMessage(), "error", e, location); - } - catch (XMLStreamException e2) - { - SAXException e3 = new SAXException(e2.getMessage()); - e3.initCause(e2); - throw e3; - } - } - } - - public void fatalError(SAXParseException e) - throws SAXException - { - if (reporter != null) - { - try - { - reporter.report(e.getMessage(), "fatal-error", e, location); - } - catch (XMLStreamException e2) - { - SAXException e3 = new SAXException(e2.getMessage()); - e3.initCause(e2); - throw e3; - } - } - } - - public InputSource resolveEntity(String publicId, String systemId) - throws SAXException, IOException - { - if (resolver != null) - { - try - { - InputStream in = resolver.resolve(systemId); - if (in != null) - { - InputSource ret = new InputSource(in); - ret.setPublicId(publicId); - ret.setSystemId(systemId); - return ret; - } - } - catch (XMLStreamException e) - { - SAXException e2 = new SAXException(e.getMessage()); - e2.initCause(e); - throw e2; - } - } - return null; - } - - } - -} - diff --git a/libjava/classpath/gnu/xml/stream/XMLStreamWriterImpl.java b/libjava/classpath/gnu/xml/stream/XMLStreamWriterImpl.java index 6157296..291016e 100644 --- a/libjava/classpath/gnu/xml/stream/XMLStreamWriterImpl.java +++ b/libjava/classpath/gnu/xml/stream/XMLStreamWriterImpl.java @@ -104,6 +104,9 @@ public class XMLStreamWriterImpl private NamespaceSupport namespaces; private int count = 0; + private boolean xml11; + private boolean hasXML11RestrictedChars; + /** * Constructor. * @see #writer @@ -145,6 +148,9 @@ public class XMLStreamWriterImpl { try { + if (!isName(localName)) + throw new IllegalArgumentException("illegal Name: " + localName); + endStartElement(); namespaces.pushContext(); @@ -167,6 +173,11 @@ public class XMLStreamWriterImpl { try { + if (namespaceURI != null && !isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + if (!isName(localName)) + throw new IllegalArgumentException("illegal Name: " + localName); + endStartElement(); namespaces.pushContext(); @@ -190,7 +201,7 @@ public class XMLStreamWriterImpl inStartElement = true; if (!isDeclared) { - writeNamespace(prefix, namespaceURI); + writeNamespaceImpl(prefix, namespaceURI); } elements.addLast(new String[] { prefix, localName }); @@ -229,6 +240,13 @@ public class XMLStreamWriterImpl { try { + if (namespaceURI != null && !isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + if (prefix != null && !isNCName(prefix)) + throw new IllegalArgumentException("illegal NCName: " + prefix); + if (!isNCName(localName)) + throw new IllegalArgumentException("illegal NCName: " + localName); + endStartElement(); namespaces.pushContext(); @@ -243,7 +261,7 @@ public class XMLStreamWriterImpl writer.write(localName); if (prefixDefaulting && !isCurrent) { - writeNamespace(prefix, namespaceURI); + writeNamespaceImpl(prefix, namespaceURI); } elements.addLast(new String[] { prefix, localName }); @@ -343,11 +361,19 @@ public class XMLStreamWriterImpl throw new IllegalStateException(); try { + if (!isName(localName)) + throw new IllegalArgumentException("illegal Name: " + localName); + if (!isChars(value)) + throw new IllegalArgumentException("illegal character: " + value); + writer.write(' '); writer.write(localName); writer.write('='); writer.write('"'); - writeEncoded(value, true); + if (hasXML11RestrictedChars) + writeEncodedWithRestrictedChars(value, true); + else + writeEncoded(value, true); writer.write('"'); } catch (IOException e) @@ -366,11 +392,20 @@ public class XMLStreamWriterImpl throw new IllegalStateException(); try { + if (namespaceURI != null && !isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + if (prefix != null && !isNCName(prefix)) + throw new IllegalArgumentException("illegal NCName: " + prefix); + if (!isNCName(localName)) + throw new IllegalArgumentException("illegal NCName: " + localName); + if (!isChars(value)) + throw new IllegalArgumentException("illegal character: " + value); + String currentPrefix = getPrefix(namespaceURI); if (currentPrefix == null) { if (prefixDefaulting) - writeNamespace(prefix, namespaceURI); + writeNamespaceImpl(prefix, namespaceURI); else throw new XMLStreamException("namespace " + namespaceURI + " is not bound"); @@ -388,7 +423,10 @@ public class XMLStreamWriterImpl writer.write(localName); writer.write('='); writer.write('"'); - writeEncoded(value, true); + if (hasXML11RestrictedChars) + writeEncodedWithRestrictedChars(value, true); + else + writeEncoded(value, true); writer.write('"'); } catch (IOException e) @@ -407,13 +445,20 @@ public class XMLStreamWriterImpl throw new IllegalStateException(); try { + if (namespaceURI != null && !isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + if (!isName(localName)) + throw new IllegalArgumentException("illegal Name: " + localName); + if (!isChars(value)) + throw new IllegalArgumentException("illegal character: " + value); + String prefix = getPrefix(namespaceURI); if (prefix == null) { if (prefixDefaulting) { prefix = XMLConstants.DEFAULT_NS_PREFIX; - writeNamespace(prefix, namespaceURI); + writeNamespaceImpl(prefix, namespaceURI); } else throw new XMLStreamException("namespace " + namespaceURI + @@ -428,7 +473,10 @@ public class XMLStreamWriterImpl writer.write(localName); writer.write('='); writer.write('"'); - writeEncoded(value, true); + if (hasXML11RestrictedChars) + writeEncodedWithRestrictedChars(value, true); + else + writeEncoded(value, true); writer.write('"'); } catch (IOException e) @@ -446,6 +494,25 @@ public class XMLStreamWriterImpl throw new IllegalStateException(); try { + if (!isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + if (!isNCName(prefix)) + throw new IllegalArgumentException("illegal NCName: " + prefix); + } + catch (IOException e) + { + XMLStreamException e2 = new XMLStreamException(e); + e2.initCause(e); + throw e2; + } + writeNamespaceImpl(prefix, namespaceURI); + } + + private void writeNamespaceImpl(String prefix, String namespaceURI) + throws XMLStreamException + { + try + { if (prefix == null) prefix = XMLConstants.DEFAULT_NS_PREFIX; @@ -474,21 +541,41 @@ public class XMLStreamWriterImpl public void writeDefaultNamespace(String namespaceURI) throws XMLStreamException { - writeNamespace(XMLConstants.DEFAULT_NS_PREFIX, namespaceURI); + if (!inStartElement) + throw new IllegalStateException(); + if (!isURI(namespaceURI)) + throw new IllegalArgumentException("illegal URI: " + namespaceURI); + writeNamespaceImpl(XMLConstants.DEFAULT_NS_PREFIX, namespaceURI); } public void writeComment(String data) throws XMLStreamException { + if (data == null) + return; try { + if (!isChars(data)) + throw new IllegalArgumentException("illegal XML character: " + data); + if (data.indexOf("--") != -1) + throw new IllegalArgumentException("illegal comment: " + data); + endStartElement(); - if (data != null && data.indexOf("--") != -1) - throw new IllegalArgumentException(data); - writer.write(""); } @@ -511,6 +598,11 @@ public class XMLStreamWriterImpl { try { + if (!isName(target) || "xml".equalsIgnoreCase(target)) + throw new IllegalArgumentException("illegal PITarget: " + target); + if (data != null && !isChars(data)) + throw new IllegalArgumentException("illegal XML character: " + data); + endStartElement(); writer.write('<'); @@ -519,7 +611,20 @@ public class XMLStreamWriterImpl if (data != null) { writer.write(' '); - writer.write(data); + if (hasXML11RestrictedChars) + { + int[] seq = UnicodeReader.toCodePointArray(data); + for (int i = 0; i < seq.length; i++) + { + int c = seq[i]; + if (XMLParser.isXML11RestrictedChar(c)) + writer.write("&#x" + Integer.toHexString(c) + ";"); + else + writer.write(Character.toChars(i)); + } + } + else + writer.write(data); } writer.write('?'); writer.write('>'); @@ -537,10 +642,12 @@ public class XMLStreamWriterImpl { try { - endStartElement(); - + if (!isChars(data) || hasXML11RestrictedChars) + throw new IllegalArgumentException("illegal XML character: " + data); if (data.indexOf("]]") != -1) - throw new IllegalArgumentException(data); + throw new IllegalArgumentException("illegal CDATA section: " + data); + + endStartElement(); writer.write("'); @@ -576,6 +687,9 @@ public class XMLStreamWriterImpl { try { + if (!isName(name)) + throw new IllegalArgumentException("illegal Name: " + name); + endStartElement(); writer.write('&'); @@ -607,6 +721,8 @@ public class XMLStreamWriterImpl { if (version == null) version = "1.0"; + else if ("1.1".equals(version)) + xml11 = true; encoding = this.encoding; // YES: the parameter must be ignored if (encoding == null) encoding = "UTF-8"; @@ -632,11 +748,18 @@ public class XMLStreamWriterImpl public void writeCharacters(String text) throws XMLStreamException { + if (text == null) + return; try { + if (!isChars(text)) + throw new IllegalArgumentException("illegal XML character: " + text); + endStartElement(); - if (text != null) + if (hasXML11RestrictedChars) + writeEncodedWithRestrictedChars(text, false); + else writeEncoded(text, false); } catch (IOException e) @@ -650,39 +773,7 @@ public class XMLStreamWriterImpl public void writeCharacters(char[] text, int start, int len) throws XMLStreamException { - try - { - endStartElement(); - - int end = start + len; - len = 0; - for (int i = start; i < end; i++) - { - char c = text[i]; - if (c == '<' || c == '>' || c == '&') - { - writer.write(text, start, len); - if (c == '<') - writer.write("<"); - else if (c == '>') - writer.write(">"); - else - writer.write("&"); - start = i + 1; - len = 0; - } - else - len++; - } - if (len > 0) - writer.write(text, start, len); - } - catch (IOException e) - { - XMLStreamException e2 = new XMLStreamException(e); - e2.initCause(e); - throw e2; - } + writeCharacters(new String(text, start, len)); } public String getPrefix(String uri) @@ -697,6 +788,19 @@ public class XMLStreamWriterImpl public void setPrefix(String prefix, String uri) throws XMLStreamException { + try + { + if (!isURI(uri)) + throw new IllegalArgumentException("illegal URI: " + uri); + if (!isNCName(prefix)) + throw new IllegalArgumentException("illegal NCName: " + prefix); + } + catch (IOException e) + { + XMLStreamException e2 = new XMLStreamException(e); + e2.initCause(e); + throw e2; + } if (!namespaces.declarePrefix(prefix, uri)) throw new XMLStreamException("illegal prefix " + prefix); } @@ -704,6 +808,8 @@ public class XMLStreamWriterImpl public void setDefaultNamespace(String uri) throws XMLStreamException { + if (!isURI(uri)) + throw new IllegalArgumentException("illegal URI: " + uri); if (!namespaces.declarePrefix(XMLConstants.DEFAULT_NS_PREFIX, uri)) throw new XMLStreamException("illegal default namespace prefix"); } @@ -769,6 +875,131 @@ public class XMLStreamWriterImpl if (len > 0) writer.write(chars, start, len); } + + /** + * Writes the specified text, in the knowledge that some of the + * characters are XML 1.1 restricted characters. + */ + private void writeEncodedWithRestrictedChars(String text, boolean inAttr) + throws IOException + { + int[] seq = UnicodeReader.toCodePointArray(text); + for (int i = 0; i < seq.length; i++) + { + int c = seq[i]; + switch (c) + { + case 0x3c: // '<' + writer.write("<"); + break; + case 0x3e: // '>' + writer.write(">"); + break; + case 0x26: // '&' + writer.write("&"); + break; + case 0x22: // '"' + if (inAttr) + writer.write("""); + else + writer.write(c); + break; + case 0x27: // '\'' + if (inAttr) + writer.write("'"); + else + writer.write(c); + break; + default: + if (XMLParser.isXML11RestrictedChar(c)) + writer.write("&#x" + Integer.toHexString(c) + ";"); + else + { + char[] chars = Character.toChars(c); + writer.write(chars, 0, chars.length); + } + } + } + } + + private boolean isName(String text) + throws IOException + { + if (text == null) + return false; + int[] seq = UnicodeReader.toCodePointArray(text); + if (seq.length < 1) + return false; + if (!XMLParser.isNameStartCharacter(seq[0], xml11)) + return false; + for (int i = 1; i < seq.length; i++) + { + if (!XMLParser.isNameCharacter(seq[i], xml11)) + return false; + } + return true; + } + + private boolean isNCName(String text) + throws IOException + { + if (text == null) + return false; + int[] seq = UnicodeReader.toCodePointArray(text); + if (seq.length < 1) + return false; + if (!XMLParser.isNameStartCharacter(seq[0], xml11) || seq[0] == 0x3a) + return false; + for (int i = 1; i < seq.length; i++) + { + if (!XMLParser.isNameCharacter(seq[i], xml11) || seq[i] == 0x3a) + return false; + } + return true; + } + + private boolean isChars(String text) + throws IOException + { + if (text == null) + return false; + int[] seq = UnicodeReader.toCodePointArray(text); + hasXML11RestrictedChars = false; + if (xml11) + { + for (int i = 0; i < seq.length; i++) + { + if (!XMLParser.isXML11Char(seq[i])) + return false; + if (XMLParser.isXML11RestrictedChar(seq[i])) + hasXML11RestrictedChars = true; + } + } + else + { + for (int i = 0; i < seq.length; i++) + { + if (!XMLParser.isChar(seq[i])) + return false; + } + } + return true; + } + + private boolean isURI(String text) + { + if (text == null) + return false; + char[] chars = text.toCharArray(); + if (chars.length < 1) + return false; + for (int i = 0; i < chars.length; i++) + { + if (chars[i] < 0x20 || chars[i] >= 0x7f) + return false; + } + return true; + } } diff --git a/libjava/classpath/gnu/xml/transform/AbstractNumberNode.java b/libjava/classpath/gnu/xml/transform/AbstractNumberNode.java index 91029d6..6d1202e 100644 --- a/libjava/classpath/gnu/xml/transform/AbstractNumberNode.java +++ b/libjava/classpath/gnu/xml/transform/AbstractNumberNode.java @@ -317,7 +317,7 @@ abstract class AbstractNumberNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("number"); buf.append('['); buf.append("format="); buf.append(format); diff --git a/libjava/classpath/gnu/xml/transform/ApplyImportsNode.java b/libjava/classpath/gnu/xml/transform/ApplyImportsNode.java index 60dec85..4b06eea 100644 --- a/libjava/classpath/gnu/xml/transform/ApplyImportsNode.java +++ b/libjava/classpath/gnu/xml/transform/ApplyImportsNode.java @@ -1,5 +1,5 @@ /* ApplyImportsNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -54,13 +54,9 @@ final class ApplyImportsNode { TemplateNode ret = new ApplyImportsNode(); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -71,15 +67,16 @@ final class ApplyImportsNode { TemplateNode t = stylesheet.getTemplate(mode, context, true); if (t != null) - { - t.apply(stylesheet, mode, context, pos, len, - parent, nextSibling); - } + t.apply(stylesheet, mode, context, pos, len, + parent, nextSibling); if (next != null) - { - next.apply(stylesheet, mode, context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, context, pos, len, + parent, nextSibling); + } + + public String toString() + { + return "apply-imports"; } } diff --git a/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java b/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java index ab26058..38b605a 100644 --- a/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java +++ b/libjava/classpath/gnu/xml/transform/ApplyTemplatesNode.java @@ -1,5 +1,5 @@ /* ApplyTemplatesNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -76,29 +76,21 @@ final class ApplyTemplatesNode TemplateNode clone(Stylesheet stylesheet) { - int len = sortKeys.size(); + int len = sortKeys != null ? sortKeys.size() : 0; List sortKeys2 = new ArrayList(len); for (int i = 0; i < len; i++) - { - sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet)); - } + sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet)); len = withParams.size(); List withParams2 = new ArrayList(len); for (int i = 0; i < len; i++) - { - withParams2.add(((WithParam) withParams.get(i)).clone(stylesheet)); - } + withParams2.add(((WithParam) withParams.get(i)).clone(stylesheet)); TemplateNode ret = new ApplyTemplatesNode(select.clone(stylesheet), mode, sortKeys2, withParams2, isDefault); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -147,9 +139,7 @@ final class ApplyTemplatesNode Collections.sort(nodes, new XSLComparator(sortKeys)); } else - { - Collections.sort(nodes, documentOrderComparator); - } + Collections.sort(nodes, documentOrderComparator); int l = nodes.size(); QName effectiveMode = isDefault ? mode : this.mode; for (int i = 0; i < l; i++) @@ -172,27 +162,21 @@ final class ApplyTemplatesNode } // apply-templates doesn't have processable children if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public boolean references(QName var) { if (select != null && select.references(var)) - { - return true; - } + return true; if (withParams != null) { for (Iterator i = withParams.iterator(); i.hasNext(); ) { if (((WithParam) i.next()).references(var)) - { - return true; - } + return true; } } if (sortKeys != null) @@ -200,9 +184,7 @@ final class ApplyTemplatesNode for (Iterator i = sortKeys.iterator(); i.hasNext(); ) { if (((SortKey) i.next()).references(var)) - { - return true; - } + return true; } } return super.references(var); @@ -210,7 +192,7 @@ final class ApplyTemplatesNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("apply-templates"); buf.append('['); boolean o = false; if (select != null) diff --git a/libjava/classpath/gnu/xml/transform/AttributeNode.java b/libjava/classpath/gnu/xml/transform/AttributeNode.java index bc5bc30..71e2ed0 100644 --- a/libjava/classpath/gnu/xml/transform/AttributeNode.java +++ b/libjava/classpath/gnu/xml/transform/AttributeNode.java @@ -231,7 +231,7 @@ final class AttributeNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("attribute"); buf.append('['); buf.append("name="); buf.append(name); diff --git a/libjava/classpath/gnu/xml/transform/CallTemplateNode.java b/libjava/classpath/gnu/xml/transform/CallTemplateNode.java index b678219..31b26cb 100644 --- a/libjava/classpath/gnu/xml/transform/CallTemplateNode.java +++ b/libjava/classpath/gnu/xml/transform/CallTemplateNode.java @@ -1,5 +1,5 @@ /* CallTemplateNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -69,18 +69,12 @@ final class CallTemplateNode int len = withParams.size(); List withParams2 = new ArrayList(len); for (int i = 0; i < len; i++) - { - withParams2.add(((WithParam) withParams.get(i)).clone(stylesheet)); - } + withParams2.add(((WithParam) withParams.get(i)).clone(stylesheet)); TemplateNode ret = new CallTemplateNode(name, withParams2); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -89,52 +83,52 @@ final class CallTemplateNode Node parent, Node nextSibling) throws TransformerException { - if (withParams != null) + TemplateNode t = stylesheet.getTemplate(mode, name); + if (t != null) { - // compute the parameter values - LinkedList values = new LinkedList(); - for (Iterator i = withParams.iterator(); i.hasNext(); ) + if (withParams != null) { - WithParam p = (WithParam) i.next(); - Object value = p.getValue(stylesheet, mode, context, pos, len); - Object[] pair = new Object[2]; - pair[0] = p.name; - pair[1] = value; - values.add(pair); - } - // push the parameter context - stylesheet.bindings.push(Bindings.WITH_PARAM); - // set the parameters - for (Iterator i = values.iterator(); i.hasNext(); ) - { - Object[] pair = (Object[]) i.next(); - QName name = (QName) pair[0]; - Object value = pair[1]; - stylesheet.bindings.set(name, value, Bindings.WITH_PARAM); - if (stylesheet.debug) + // compute the parameter values + LinkedList values = new LinkedList(); + for (Iterator i = withParams.iterator(); i.hasNext(); ) + { + WithParam p = (WithParam) i.next(); + if (t.hasParam(p.name)) // ignore parameters not specified + { + Object value = p.getValue(stylesheet, mode, context, + pos, len); + Object[] pair = new Object[2]; + pair[0] = p.name; + pair[1] = value; + values.add(pair); + } + } + // push the parameter context + stylesheet.bindings.push(Bindings.WITH_PARAM); + // set the parameters + for (Iterator i = values.iterator(); i.hasNext(); ) { - System.err.println("with-param: " + name + " = " + value); + Object[] pair = (Object[]) i.next(); + QName name = (QName) pair[0]; + Object value = pair[1]; + stylesheet.bindings.set(name, value, Bindings.WITH_PARAM); + if (stylesheet.debug) + System.err.println("with-param: " + name + " = " + value); } } - } - TemplateNode t = stylesheet.getTemplate(mode, name); - if (t != null) - { t.apply(stylesheet, mode, context, pos, len, parent, nextSibling); - } - if (withParams != null) - { - // pop the variable context - stylesheet.bindings.pop(Bindings.WITH_PARAM); + if (withParams != null) + { + // pop the variable context + stylesheet.bindings.pop(Bindings.WITH_PARAM); + } } // call-template doesn't have processable children if (next != null) - { next.apply(stylesheet, mode, context, pos, len, parent, nextSibling); - } } public boolean references(QName var) @@ -144,9 +138,7 @@ final class CallTemplateNode for (Iterator i = withParams.iterator(); i.hasNext(); ) { if (((WithParam) i.next()).references(var)) - { - return true; - } + return true; } } return super.references(var); @@ -154,7 +146,7 @@ final class CallTemplateNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("call-template"); buf.append('['); buf.append("name="); buf.append(name); diff --git a/libjava/classpath/gnu/xml/transform/ChooseNode.java b/libjava/classpath/gnu/xml/transform/ChooseNode.java index fb1f2c4..cf07fa5 100644 --- a/libjava/classpath/gnu/xml/transform/ChooseNode.java +++ b/libjava/classpath/gnu/xml/transform/ChooseNode.java @@ -1,5 +1,5 @@ /* ChooseNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -54,13 +54,9 @@ final class ChooseNode { TemplateNode ret = new ChooseNode(); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -70,22 +66,18 @@ final class ChooseNode throws TransformerException { if (children != null) - { - children.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + children.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("choose"); buf.append('['); buf.append(']'); return buf.toString(); diff --git a/libjava/classpath/gnu/xml/transform/CommentNode.java b/libjava/classpath/gnu/xml/transform/CommentNode.java index 1428a46..8131fb2 100644 --- a/libjava/classpath/gnu/xml/transform/CommentNode.java +++ b/libjava/classpath/gnu/xml/transform/CommentNode.java @@ -1,5 +1,5 @@ /* CommentNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -58,13 +58,9 @@ final class CommentNode { TemplateNode ret = new CommentNode(); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -90,27 +86,18 @@ final class CommentNode Comment comment = doc.createComment(value); // Insert into result tree if (nextSibling != null) - { - parent.insertBefore(comment, nextSibling); - } + parent.insertBefore(comment, nextSibling); else - { - parent.appendChild(comment); - } + parent.appendChild(comment); if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); - buf.append('['); - buf.append(']'); - return buf.toString(); + return "comment"; } } diff --git a/libjava/classpath/gnu/xml/transform/CopyNode.java b/libjava/classpath/gnu/xml/transform/CopyNode.java index 3e01944..64cfa51 100644 --- a/libjava/classpath/gnu/xml/transform/CopyNode.java +++ b/libjava/classpath/gnu/xml/transform/CopyNode.java @@ -1,5 +1,5 @@ /* CopyNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -65,13 +65,9 @@ final class CopyNode { TemplateNode ret = new CopyNode(uas); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -102,44 +98,32 @@ final class CopyNode { NamedNodeMap attrs = parent.getAttributes(); if (attrs != null) - { - attrs.setNamedItemNS(copy); - } + attrs.setNamedItemNS(copy); } } else { if (nextSibling != null) - { - parent.insertBefore(copy, nextSibling); - } + parent.insertBefore(copy, nextSibling); else - { - parent.appendChild(copy); - } + parent.appendChild(copy); } } if (uas != null) { StringTokenizer st = new StringTokenizer(uas, " "); while (st.hasMoreTokens()) - { - addAttributeSet(stylesheet, mode, context, pos, len, - copy, null, st.nextToken()); - } + addAttributeSet(stylesheet, mode, context, pos, len, + copy, null, st.nextToken()); } if (children != null) - { - children.apply(stylesheet, mode, - context, pos, len, - copy, null); - } + children.apply(stylesheet, mode, + context, pos, len, + copy, null); if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } void addAttributeSet(Stylesheet stylesheet, QName mode, @@ -151,32 +135,31 @@ final class CopyNode { AttributeSet as = (AttributeSet) i.next(); if (!as.name.equals(attributeSet)) - { - continue; - } + continue; if (as.uas != null) { StringTokenizer st = new StringTokenizer(as.uas, " "); while (st.hasMoreTokens()) - { - addAttributeSet(stylesheet, mode, context, pos, len, - parent, nextSibling, st.nextToken()); - } + addAttributeSet(stylesheet, mode, context, pos, len, + parent, nextSibling, st.nextToken()); } if (as.children != null) - { - as.children.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + as.children.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); - buf.append('['); - buf.append(']'); + StringBuffer buf = new StringBuffer("copy"); + if (uas != null) + { + buf.append('['); + buf.append("uas="); + buf.append(uas); + buf.append(']'); + } return buf.toString(); } diff --git a/libjava/classpath/gnu/xml/transform/CopyOfNode.java b/libjava/classpath/gnu/xml/transform/CopyOfNode.java index a43e3ba..ed4358c 100644 --- a/libjava/classpath/gnu/xml/transform/CopyOfNode.java +++ b/libjava/classpath/gnu/xml/transform/CopyOfNode.java @@ -1,5 +1,5 @@ /* CopyOfNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -70,13 +70,9 @@ final class CopyOfNode { TemplateNode ret = new CopyOfNode(select.clone(stylesheet)); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -102,9 +98,7 @@ final class CopyOfNode // Use document element src = ((Document) src).getDocumentElement(); if (src == null) - { - continue; - } + continue; nodeType = Node.ELEMENT_NODE; } else if (nodeType == Node.ATTRIBUTE_NODE) @@ -128,20 +122,14 @@ final class CopyOfNode { NamedNodeMap attrs = parent.getAttributes(); if (attrs != null) - { - attrs.setNamedItemNS(node); - } + attrs.setNamedItemNS(node); } else { if (nextSibling != null) - { - parent.insertBefore(node, nextSibling); - } + parent.insertBefore(node, nextSibling); else - { - parent.appendChild(node); - } + parent.appendChild(node); } } } @@ -152,36 +140,28 @@ final class CopyOfNode { Text textNode = doc.createTextNode(value); if (nextSibling != null) - { - parent.insertBefore(textNode, nextSibling); - } + parent.insertBefore(textNode, nextSibling); else - { - parent.appendChild(textNode); - } + parent.appendChild(textNode); } } // copy-of doesn't process children if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public boolean references(QName var) { if (select != null && select.references(var)) - { - return true; - } + return true; return super.references(var); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("copy-of"); buf.append('['); buf.append("select="); buf.append(select); diff --git a/libjava/classpath/gnu/xml/transform/DocumentFunction.java b/libjava/classpath/gnu/xml/transform/DocumentFunction.java index d8f6090..29f3d4a 100644 --- a/libjava/classpath/gnu/xml/transform/DocumentFunction.java +++ b/libjava/classpath/gnu/xml/transform/DocumentFunction.java @@ -126,9 +126,7 @@ final class DocumentFunction Object arg1 = values.get(0); Object arg2 = values.get(1); if (!(arg2 instanceof Collection)) - { - throw new RuntimeException("second argument is not a node-set"); - } + throw new RuntimeException("second argument is not a node-set"); Collection arg2ns = (Collection) arg2; String base2 = arg2ns.isEmpty() ? null : ((Node) arg2ns.iterator().next()).getBaseURI(); @@ -166,9 +164,7 @@ final class DocumentFunction Collection document(String uri, String base) { if ("".equals(uri) || uri == null) - { - uri = this.base.getBaseURI(); - } + uri = this.base.getBaseURI(); // Get fragment Expr fragment = null; @@ -197,10 +193,10 @@ final class DocumentFunction source = resolver.resolveDOM(null, base, uri); } Node node = source.getNode(); + // Strip whitespace + TransformerImpl.strip(stylesheet, node); if (fragment == null) - { - return Collections.singleton(node); - } + return Collections.singleton(node); else { Object ret = fragment.evaluate(node, 1, 1); @@ -216,9 +212,7 @@ final class DocumentFunction { String msg = "can't open " + uri; if (base != null) - { - msg += " with base " + base; - } + msg += " with base " + base; throw new RuntimeException(msg); } } @@ -227,16 +221,12 @@ final class DocumentFunction { Stylesheet s = stylesheet; if (context instanceof Stylesheet) - { - s = (Stylesheet) context; - } + s = (Stylesheet) context; DocumentFunction f = new DocumentFunction(s, base); int len = args.size(); List args2 = new ArrayList(len); for (int i = 0; i < len; i++) - { - args2.add(((Expr) args.get(i)).clone(context)); - } + args2.add(((Expr) args.get(i)).clone(context)); f.setArguments(args2); return f; } @@ -246,9 +236,7 @@ final class DocumentFunction for (Iterator i = args.iterator(); i.hasNext(); ) { if (((Expr) i.next()).references(var)) - { - return true; - } + return true; } return false; } diff --git a/libjava/classpath/gnu/xml/transform/ElementNode.java b/libjava/classpath/gnu/xml/transform/ElementNode.java index 092c56a..b6a5c36 100644 --- a/libjava/classpath/gnu/xml/transform/ElementNode.java +++ b/libjava/classpath/gnu/xml/transform/ElementNode.java @@ -1,5 +1,5 @@ /* ElementNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -238,7 +238,7 @@ final class ElementNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("element"); buf.append('['); buf.append("name="); if (namespace != null) diff --git a/libjava/classpath/gnu/xml/transform/ForEachNode.java b/libjava/classpath/gnu/xml/transform/ForEachNode.java index 8f9220f..c8f51a6 100644 --- a/libjava/classpath/gnu/xml/transform/ForEachNode.java +++ b/libjava/classpath/gnu/xml/transform/ForEachNode.java @@ -1,5 +1,5 @@ /* ForEachNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -70,19 +70,13 @@ final class ForEachNode int len = sortKeys.size(); List sortKeys2 = new ArrayList(len); for (int i = 0; i < len; i++) - { - sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet)); - } + sortKeys2.add(((Key) sortKeys.get(i)).clone(stylesheet)); TemplateNode ret = new ForEachNode(select.clone(stylesheet), sortKeys2); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -113,9 +107,7 @@ final class ForEachNode Collections.sort(list, new XSLComparator(sortKeys)); } else - { - Collections.sort(list, documentOrderComparator); - } + Collections.sort(list, documentOrderComparator); // Perform children for each node int l = list.size(); int p = 1; @@ -132,27 +124,21 @@ final class ForEachNode stylesheet.currentTemplate = saved; } if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public boolean references(QName var) { if (select != null && select.references(var)) - { - return true; - } + return true; if (sortKeys != null) { for (Iterator i = sortKeys.iterator(); i.hasNext(); ) { if (((SortKey) i.next()).references(var)) - { - return true; - } + return true; } } return super.references(var); @@ -160,7 +146,7 @@ final class ForEachNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("for-each"); buf.append('['); buf.append("select="); buf.append(select); diff --git a/libjava/classpath/gnu/xml/transform/IfNode.java b/libjava/classpath/gnu/xml/transform/IfNode.java index 17e2486..2a00d64 100644 --- a/libjava/classpath/gnu/xml/transform/IfNode.java +++ b/libjava/classpath/gnu/xml/transform/IfNode.java @@ -1,5 +1,5 @@ /* IfNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -62,19 +62,15 @@ final class IfNode { TemplateNode ret = new IfNode(test.clone(stylesheet)); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } void doApply(Stylesheet stylesheet, QName mode, - Node context, int pos, int len, - Node parent, Node nextSibling) + Node context, int pos, int len, + Node parent, Node nextSibling) throws TransformerException { Object ret = test.evaluate(context, pos, len); @@ -84,32 +80,26 @@ final class IfNode if (success) { if (children != null) - { - children.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + children.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public boolean references(QName var) { if (test != null && test.references(var)) - { - return true; - } + return true; return super.references(var); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("if"); buf.append('['); buf.append("test="); buf.append(test); diff --git a/libjava/classpath/gnu/xml/transform/LiteralNode.java b/libjava/classpath/gnu/xml/transform/LiteralNode.java index 453c22c..d4e283a 100644 --- a/libjava/classpath/gnu/xml/transform/LiteralNode.java +++ b/libjava/classpath/gnu/xml/transform/LiteralNode.java @@ -196,12 +196,7 @@ final class LiteralNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); - buf.append('['); - buf.append("source="); - buf.append(source); - buf.append(']'); - return buf.toString(); + return source.toString(); } } diff --git a/libjava/classpath/gnu/xml/transform/MessageNode.java b/libjava/classpath/gnu/xml/transform/MessageNode.java index e8e07c6..890d76f 100644 --- a/libjava/classpath/gnu/xml/transform/MessageNode.java +++ b/libjava/classpath/gnu/xml/transform/MessageNode.java @@ -92,5 +92,17 @@ final class MessageNode if (next != null && !terminate) next.apply(stylesheet, mode, context, pos, len, parent, nextSibling); } + + public String toString() + { + StringBuffer buf = new StringBuffer("message"); + if (terminate) + { + buf.append('['); + buf.append("terminate"); + buf.append(']'); + } + return buf.toString(); + } } diff --git a/libjava/classpath/gnu/xml/transform/OtherwiseNode.java b/libjava/classpath/gnu/xml/transform/OtherwiseNode.java index 570310f..9d8168c 100644 --- a/libjava/classpath/gnu/xml/transform/OtherwiseNode.java +++ b/libjava/classpath/gnu/xml/transform/OtherwiseNode.java @@ -1,5 +1,5 @@ /* OtherwiseNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -54,13 +54,9 @@ final class OtherwiseNode { TemplateNode ret = new OtherwiseNode(); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -70,25 +66,18 @@ final class OtherwiseNode throws TransformerException { if (children != null) - { - children.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + children.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); - buf.append('['); - buf.append(']'); - return buf.toString(); + return "otherwise"; } } diff --git a/libjava/classpath/gnu/xml/transform/ParameterNode.java b/libjava/classpath/gnu/xml/transform/ParameterNode.java index ef09ea5..8cd2677 100644 --- a/libjava/classpath/gnu/xml/transform/ParameterNode.java +++ b/libjava/classpath/gnu/xml/transform/ParameterNode.java @@ -1,5 +1,5 @@ /* ParameterNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -73,13 +73,9 @@ final class ParameterNode select.clone(stylesheet), type); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } @@ -96,18 +92,14 @@ final class ParameterNode { stylesheet.bindings.set(name, value, type); if (stylesheet.debug) - { - System.err.println(this + ": set to " + value); - } + System.err.println(this + ": set to " + value); } // variable and param don't process children as such // all subsequent instructions are processed with that variable context if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); // pop the variable context stylesheet.bindings.pop(type); } @@ -117,9 +109,7 @@ final class ParameterNode throws TransformerException { if (select != null) - { - return select.evaluate(context, pos, len); - } + return select.evaluate(context, pos, len); else if (children != null) { Document doc = (context instanceof Document) ? (Document) context : @@ -129,17 +119,13 @@ final class ParameterNode return Collections.singleton(fragment); } else - { - return null; - } + return null; } public boolean references(QName var) { if (select != null && select.references(var)) - { - return true; - } + return true; return super.references(var); } @@ -151,33 +137,18 @@ final class ParameterNode boolean r1 = references(pn.name); boolean r2 = pn.references(name); if (r1 && r2) - { - throw new IllegalArgumentException("circular definitions"); - } + throw new IllegalArgumentException("circular definitions"); if (r1) - { - return 1; - } + return 1; if (r2) - { - return -1; - } + return -1; } return 0; } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); - buf.append('['); - buf.append("name="); - buf.append(name); - if (select != null) - { - buf.append(",select="); - buf.append(select); - } - buf.append(",type="); + StringBuffer buf = new StringBuffer(); switch (type) { case Bindings.VARIABLE: @@ -190,6 +161,14 @@ final class ParameterNode buf.append("with-param"); break; } + buf.append('['); + buf.append("name="); + buf.append(name); + if (select != null) + { + buf.append(",select="); + buf.append(select); + } buf.append(']'); return buf.toString(); } diff --git a/libjava/classpath/gnu/xml/transform/ProcessingInstructionNode.java b/libjava/classpath/gnu/xml/transform/ProcessingInstructionNode.java index d75f693..bf61fc0 100644 --- a/libjava/classpath/gnu/xml/transform/ProcessingInstructionNode.java +++ b/libjava/classpath/gnu/xml/transform/ProcessingInstructionNode.java @@ -1,5 +1,5 @@ /* ProcessingInstructionNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -66,19 +66,15 @@ final class ProcessingInstructionNode { TemplateNode ret = new ProcessingInstructionNode(name); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } void doApply(Stylesheet stylesheet, QName mode, - Node context, int pos, int len, - Node parent, Node nextSibling) + Node context, int pos, int len, + Node parent, Node nextSibling) throws TransformerException { String data = null; @@ -98,24 +94,18 @@ final class ProcessingInstructionNode ProcessingInstruction pi = doc.createProcessingInstruction(name, data); // Insert into result tree if (nextSibling != null) - { - parent.insertBefore(pi, nextSibling); - } + parent.insertBefore(pi, nextSibling); else - { - parent.appendChild(pi); - } + parent.appendChild(pi); if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("processing-instruction"); buf.append('['); buf.append("name="); buf.append(name); diff --git a/libjava/classpath/gnu/xml/transform/Stylesheet.java b/libjava/classpath/gnu/xml/transform/Stylesheet.java index 51accaa..73b2296 100644 --- a/libjava/classpath/gnu/xml/transform/Stylesheet.java +++ b/libjava/classpath/gnu/xml/transform/Stylesheet.java @@ -408,7 +408,7 @@ class Stylesheet { if (debug) System.err.println("getTemplate: mode="+mode+" context="+context); - Set candidates = new TreeSet(); + Template selected = null; for (Iterator j = templates.iterator(); j.hasNext(); ) { Template t = (Template) j.next(); @@ -426,10 +426,21 @@ class Stylesheet } //System.err.println("\t"+context+" "+t+"="+isMatch); if (isMatch) - candidates.add(t); + { + // Conflict resolution + // @see http://www.w3.org/TR/xslt#conflict + if (selected == null) + selected = t; + else + { + if (t.precedence < selected.precedence || + t.priority < selected.priority) + continue; + selected = t; + } + } } - //System.err.println("\tcandidates="+candidates); - if (candidates.isEmpty()) + if (selected == null) { // Apply built-in template // Current template is unchanged @@ -451,32 +462,39 @@ class Stylesheet return null; } } - else - { - Template t = (Template) candidates.iterator().next(); - // Set current template - currentTemplate = t; - if (debug) - System.err.println("\ttemplate="+t+" context="+context); - return t.node; - } + // Set current template + currentTemplate = selected; + if (debug) + System.err.println("\ttemplate="+currentTemplate+" context="+context); + return currentTemplate.node; } TemplateNode getTemplate(QName mode, QName name) throws TransformerException { - Set candidates = new TreeSet(); + Template selected = null; for (Iterator j = templates.iterator(); j.hasNext(); ) { Template t = (Template) j.next(); boolean isMatch = t.matches(name); if (isMatch) - candidates.add(t); + { + // Conflict resolution + // @see http://www.w3.org/TR/xslt#conflict + if (selected == null) + selected = t; + else + { + if (t.precedence < selected.precedence || + t.priority < selected.priority) + continue; + selected = t; + } + } } - if (candidates.isEmpty()) + if (selected == null) return null; - Template t = (Template) candidates.iterator().next(); - return t.node; + return selected.node; } /** @@ -504,11 +522,9 @@ class Stylesheet String p = getAttribute(attrs, "priority"); String mm = getAttribute(attrs, "mode"); QName mode = (mm == null) ? null : getQName(mm); - double priority = (p == null) ? Template.DEFAULT_PRIORITY : - Double.parseDouble(p); Node children = node.getFirstChild(); return new Template(this, name, match, parse(children), - precedence, priority, mode); + precedence, p, mode); } /** @@ -799,7 +815,7 @@ class Stylesheet templates.add(new Template(this, null, new Root(), parse(rootClone), precedence, - Template.DEFAULT_PRIORITY, + null, null)); } else diff --git a/libjava/classpath/gnu/xml/transform/Template.java b/libjava/classpath/gnu/xml/transform/Template.java index e3c172f..1414dac 100644 --- a/libjava/classpath/gnu/xml/transform/Template.java +++ b/libjava/classpath/gnu/xml/transform/Template.java @@ -1,5 +1,5 @@ /* Template.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -66,51 +66,77 @@ class Template final double priority; final int precedence; final QName mode; + final boolean isAnyNode; // is the match simply "node()"? Template(Stylesheet stylesheet, QName name, Pattern match, TemplateNode node, - int precedence, double priority, QName mode) + int precedence, String priorityAttr, QName mode) { this.stylesheet = stylesheet; this.name = name; this.match = match; this.node = node; - // adjust priority if necessary - // see XSLT section 5.5 - Test test = getNodeTest(match); - if (test != null) + this.precedence = precedence; + this.mode = mode; + + double p = DEFAULT_PRIORITY; + boolean a = false; + if (priorityAttr != null) + p = Double.parseDouble(priorityAttr); + else { - if (test instanceof NameTest) + // adjust priority if necessary + // see XSLT section 5.5 + if (match instanceof Selector) { - NameTest nameTest = (NameTest) test; - if (nameTest.matchesAny() || - nameTest.matchesAnyLocalName()) - { - priority = -0.25d; - } - else + Selector selector = (Selector) match; + Test[] tests = selector.getTests(); + if (tests.length > 0) { - priority = 0.0d; - } - } - else - { - NodeTypeTest nodeTypeTest = (NodeTypeTest) test; - if (nodeTypeTest.getNodeType() == - Node.PROCESSING_INSTRUCTION_NODE && - nodeTypeTest.getData() != null) - { - priority = 0.0d; - } - else - { - priority = -0.5d; + Test test = tests[0]; + if (test instanceof NameTest) + { + NameTest nameTest = (NameTest) test; + if (nameTest.matchesAny()) + p = -0.25d; + else if (nameTest.matchesAnyLocalName()) + p = -0.20d; + else + p = 0.0d; + } + else + { + NodeTypeTest nodeTypeTest = (NodeTypeTest) test; + if (nodeTypeTest.getNodeType() == + Node.PROCESSING_INSTRUCTION_NODE && + nodeTypeTest.getData() != null) + p = 0.0d; + else + p = -0.5d; + a = (nodeTypeTest.getNodeType() == 0); + } + // Add a small difference for predicates + if (tests.length > 1) + p += ((double) tests.length - 1) * 0.001; } } } + this.priority = p; + this.isAnyNode = a; + } + + private Template(Stylesheet stylesheet, + QName name, Pattern match, TemplateNode node, + int precedence, double priority, QName mode, boolean isAnyNode) + { + this.stylesheet = stylesheet; + this.name = name; + this.match = match; + this.node = node; this.precedence = precedence; this.priority = priority; this.mode = mode; + this.isAnyNode = isAnyNode; } Template clone(Stylesheet stylesheet) @@ -124,7 +150,8 @@ class Template (node == null) ? null : node.clone(stylesheet), precedence, priority, - mode); + mode, + isAnyNode); } public int compareTo(Object other) @@ -134,29 +161,16 @@ class Template Template t = (Template) other; int d = t.precedence - precedence; if (d != 0) - { - return d; - } + return d; double d2 = t.priority - priority; if (d2 != 0.0d) - { - return (int) Math.round(d2 * 1000.0d); - } + return (int) Math.round(d2 * 1000.0d); } return 0; } Test getNodeTest(Expr expr) { - if (expr instanceof Selector) - { - Selector selector = (Selector) expr; - Test[] tests = selector.getTests(); - if (tests.length > 0) - { - return tests[0]; - } - } return null; } @@ -164,13 +178,11 @@ class Template { if ((mode == null && this.mode != null) || (mode != null && !mode.equals(this.mode))) - { - return false; - } + return false; if (match == null) - { - return false; - } + return false; + if (isAnyNode && node.getNodeType() == Node.DOCUMENT_NODE) + return false; // don't match document node return match.matches(node); } @@ -186,9 +198,7 @@ class Template ctx = ctx.parent) { if (ctx == stylesheet) - { - return true; - } + return true; } return false; } @@ -206,13 +216,12 @@ class Template Node parent, Node nextSibling) throws TransformerException { - System.err.println("...applying " + toString() + " to " + context); + if (stylesheet.debug) + System.err.println("...applying " + toString() + " to " + context); if (node != null) - { - node.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + node.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } public String toString() @@ -244,9 +253,7 @@ class Template { out.println(toString()); if (node != null) - { - node.list(1, out, true); - } + node.list(1, out, true); } } diff --git a/libjava/classpath/gnu/xml/transform/TemplateNode.java b/libjava/classpath/gnu/xml/transform/TemplateNode.java index 36b25cf..6ff727c 100644 --- a/libjava/classpath/gnu/xml/transform/TemplateNode.java +++ b/libjava/classpath/gnu/xml/transform/TemplateNode.java @@ -64,9 +64,7 @@ abstract class TemplateNode throws TransformerException { if (stylesheet.terminated) - { - return; - } + return; if (Thread.currentThread().isInterrupted()) { // Try to head off any infinite loops at the pass @@ -91,13 +89,9 @@ abstract class TemplateNode public boolean references(QName var) { if (children != null && children.references(var)) - { - return true; - } + return true; if (next != null && next.references(var)) - { - return true; - } + return true; return false; } @@ -107,18 +101,30 @@ abstract class TemplateNode void list(int depth, PrintStream out, boolean listNext) { for (int i = 0; i < depth; i++) - { - out.print(" "); - } + out.print(" "); out.println(toString()); if (children != null) - { - children.list(depth + 1, out, true); - } + children.list(depth + 1, out, true); if (listNext && next != null) + next.list(depth, out, listNext); + } + + /** + * Indicates whether the template for which this template node is the + * first node specifies the given parameter. + */ + boolean hasParam(QName name) + { + for (TemplateNode ctx = this; ctx != null; ctx = ctx.next) { - next.list(depth, out, listNext); + if (ctx instanceof ParameterNode) + { + ParameterNode param = (ParameterNode) ctx; + if (param.type == Bindings.PARAM && param.name.equals(name)) + return true; + } } + return false; } } diff --git a/libjava/classpath/gnu/xml/transform/TextNode.java b/libjava/classpath/gnu/xml/transform/TextNode.java index 1b581e5..39423b2 100644 --- a/libjava/classpath/gnu/xml/transform/TextNode.java +++ b/libjava/classpath/gnu/xml/transform/TextNode.java @@ -1,5 +1,5 @@ /* TextNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -65,19 +65,15 @@ final class TextNode { TemplateNode ret = new TextNode(disableOutputEscaping); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } void doApply(Stylesheet stylesheet, QName mode, - Node context, int pos, int len, - Node parent, Node nextSibling) + Node context, int pos, int len, + Node parent, Node nextSibling) throws TransformerException { String value = ""; @@ -96,24 +92,28 @@ final class TextNode } Text text = doc.createTextNode(value); if (disableOutputEscaping) - { - text.setUserData("disable-output-escaping", "yes", stylesheet); - } + text.setUserData("disable-output-escaping", "yes", stylesheet); // Insert into result tree if (nextSibling != null) - { - parent.insertBefore(text, nextSibling); - } + parent.insertBefore(text, nextSibling); else - { - parent.appendChild(text); - } + parent.appendChild(text); if (next != null) + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); + } + + public String toString() + { + StringBuffer buf = new StringBuffer("text"); + if (disableOutputEscaping) { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); + buf.append('['); + buf.append("disable-output-escaping"); + buf.append(']'); } + return buf.toString(); } } diff --git a/libjava/classpath/gnu/xml/transform/TransformerImpl.java b/libjava/classpath/gnu/xml/transform/TransformerImpl.java index b7ff668..2c57e97 100644 --- a/libjava/classpath/gnu/xml/transform/TransformerImpl.java +++ b/libjava/classpath/gnu/xml/transform/TransformerImpl.java @@ -162,7 +162,7 @@ class TransformerImpl } // Make a copy of the source node, and strip it context = context.cloneNode(true); - strip(context); + strip(stylesheet, context); // XSLT transformation try { @@ -321,7 +321,7 @@ class TransformerImpl if (indent) { parent.normalize(); - strip(parent); + strip(stylesheet, parent); Document resultDoc = (parent instanceof Document) ? (Document) parent : parent.getOwnerDocument(); @@ -393,7 +393,7 @@ class TransformerImpl /** * Strip whitespace from the source tree. */ - boolean strip(Node node) + static boolean strip(Stylesheet stylesheet, Node node) throws TransformerConfigurationException { short nt = node.getNodeType(); @@ -444,7 +444,7 @@ class TransformerImpl Node child = node.getFirstChild(); while (child != null) { - boolean remove = strip(child); + boolean remove = strip(stylesheet, child); Node next = child.getNextSibling(); if (remove) node.removeChild(child); @@ -691,7 +691,7 @@ class TransformerImpl for (Iterator i = children.iterator(); i.hasNext(); ) { ctx = (Node) i.next(); - reindent(doc, ctx, offset + 1); + reindent(doc, ctx, offset); } } else @@ -709,9 +709,9 @@ class TransformerImpl } buf = new StringBuffer(); buf.append('\n'); - ws = buf.toString(); for (int i = 0; i < offset; i++) buf.append(INDENT_WHITESPACE); + ws = buf.toString(); node.appendChild(doc.createTextNode(ws)); } } diff --git a/libjava/classpath/gnu/xml/transform/ValueOfNode.java b/libjava/classpath/gnu/xml/transform/ValueOfNode.java index 24c229e..68f31e0 100644 --- a/libjava/classpath/gnu/xml/transform/ValueOfNode.java +++ b/libjava/classpath/gnu/xml/transform/ValueOfNode.java @@ -126,7 +126,7 @@ final class ValueOfNode public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("value-of"); buf.append('['); buf.append("select="); buf.append(select); diff --git a/libjava/classpath/gnu/xml/transform/WhenNode.java b/libjava/classpath/gnu/xml/transform/WhenNode.java index 231f269..fe3f403 100644 --- a/libjava/classpath/gnu/xml/transform/WhenNode.java +++ b/libjava/classpath/gnu/xml/transform/WhenNode.java @@ -1,5 +1,5 @@ /* WhenNode.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -62,19 +62,15 @@ final class WhenNode { TemplateNode ret = new WhenNode(test.clone(stylesheet)); if (children != null) - { - ret.children = children.clone(stylesheet); - } + ret.children = children.clone(stylesheet); if (next != null) - { - ret.next = next.clone(stylesheet); - } + ret.next = next.clone(stylesheet); return ret; } void doApply(Stylesheet stylesheet, QName mode, - Node context, int pos, int len, - Node parent, Node nextSibling) + Node context, int pos, int len, + Node parent, Node nextSibling) throws TransformerException { Object ret = test.evaluate(context, pos, len); @@ -84,35 +80,29 @@ final class WhenNode if (success) { if (children != null) - { - children.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + children.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } else { if (next != null) - { - next.apply(stylesheet, mode, - context, pos, len, - parent, nextSibling); - } + next.apply(stylesheet, mode, + context, pos, len, + parent, nextSibling); } } public boolean references(QName var) { if (test != null && test.references(var)) - { - return true; - } + return true; return super.references(var); } public String toString() { - StringBuffer buf = new StringBuffer(getClass().getName()); + StringBuffer buf = new StringBuffer("when"); buf.append('['); buf.append("test="); buf.append(test); diff --git a/libjava/classpath/gnu/xml/util/XHTMLWriter.java b/libjava/classpath/gnu/xml/util/XHTMLWriter.java index 272c66c..02a0afc 100644 --- a/libjava/classpath/gnu/xml/util/XHTMLWriter.java +++ b/libjava/classpath/gnu/xml/util/XHTMLWriter.java @@ -55,6 +55,8 @@ import java.io.Writer; * data loss. * * @author David Brownell + * + * @deprecated Please use the javax.xml.stream APIs instead */ public class XHTMLWriter extends XMLWriter { diff --git a/libjava/classpath/gnu/xml/util/XMLWriter.java b/libjava/classpath/gnu/xml/util/XMLWriter.java index fd36b71..24b3892 100644 --- a/libjava/classpath/gnu/xml/util/XMLWriter.java +++ b/libjava/classpath/gnu/xml/util/XMLWriter.java @@ -102,6 +102,8 @@ import org.xml.sax.helpers.*; * @see gnu.xml.pipeline.TextConsumer * * @author David Brownell + * + * @deprecated Please use the javax.xml.stream APIs instead */ public class XMLWriter implements ContentHandler, LexicalHandler, DTDHandler, DeclHandler diff --git a/libjava/classpath/gnu/xml/validation/datatype/Annotation.java b/libjava/classpath/gnu/xml/validation/datatype/Annotation.java new file mode 100644 index 0000000..cba6954 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/Annotation.java @@ -0,0 +1,61 @@ +/* Annotation.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * A schema component annotation. + * + * @author Chris Burdess + */ +public class Annotation +{ + + public final String documentation; + + public Annotation(String documentation) + { + this.documentation = documentation; + } + + public String toString() + { + return documentation; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/AnySimpleType.java b/libjava/classpath/gnu/xml/validation/datatype/AnySimpleType.java new file mode 100644 index 0000000..63441c7 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/AnySimpleType.java @@ -0,0 +1,59 @@ +/* AnySimpleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; + +final class AnySimpleType + extends SimpleType +{ + + AnySimpleType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "anySimpleType"), + ANY, /* variety */ + (Set) null, /* facets */ + 0, /* fundametalFacets */ + (SimpleType) Type.ANY_TYPE, /* baseType */ + null); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/AnyType.java b/libjava/classpath/gnu/xml/validation/datatype/AnyType.java new file mode 100644 index 0000000..f26a075 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/AnyType.java @@ -0,0 +1,58 @@ +/* AnyType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; + +final class AnyType + extends SimpleType +{ + + AnyType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "anyType"), + ANY, /* variety */ + null, /* facets */ + 0, /* fundamentalFacets */ + null, /* baseType */ + null); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/AnyURIType.java b/libjava/classpath/gnu/xml/validation/datatype/AnyURIType.java new file mode 100644 index 0000000..56c0a06 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/AnyURIType.java @@ -0,0 +1,94 @@ +/* AnyURIType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.net.URI; +import java.net.URISyntaxException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema anyURI type. + * + * @author Chris Burdess + */ +final class AnyURIType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + AnyURIType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "anyURI"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + try + { + new URI(value); + } + catch (URISyntaxException e) + { + DatatypeException e2 = new DatatypeException(e.getIndex(), + e.getReason()); + e2.initCause(e); + throw e2; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/AtomicSimpleType.java b/libjava/classpath/gnu/xml/validation/datatype/AtomicSimpleType.java new file mode 100644 index 0000000..d685e5c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/AtomicSimpleType.java @@ -0,0 +1,78 @@ +/* AtomicSimpleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Set; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * An XML Schema atomic simple type. + * + * @author Chris Burdess + */ +public class AtomicSimpleType + extends SimpleType +{ + + public AtomicSimpleType(QName name, + Set facets, + int fundamentalFacets, + SimpleType baseType, + Annotation annotation) + { + super(name, ATOMIC, facets, fundamentalFacets, baseType, annotation); + } + + // Only for use by built-in types + AtomicSimpleType(QName name, SimpleType baseType) + { + super(name, ATOMIC, null, 0, baseType, null); + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (baseType != null) + baseType.checkValid(value, context); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/Base64BinaryType.java b/libjava/classpath/gnu/xml/validation/datatype/Base64BinaryType.java new file mode 100644 index 0000000..5a72a28 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/Base64BinaryType.java @@ -0,0 +1,131 @@ +/* Base64BinaryType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Collections; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema base64Binary type. + * + * @author Chris Burdess + */ +final class Base64BinaryType + extends AtomicSimpleType +{ + + static final String B64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + + "abcdefghijklmnopqrstuvwxyz0123456789+/"; + static final String B16 = "AEIMQUYcgkosw048"; + static final String B04 = "AQgw"; + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + Base64BinaryType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "base64Binary"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + // TODO value = collapseWhitespace(value); + int len = value.length(); + try + { + for (int i = len - 1; i >= 0; ) + { + char c4 = value.charAt(i--); + if (c4 == ' ') + c4 = value.charAt(i--); + char c3 = value.charAt(i--); + if (c3 == ' ') + c3 = value.charAt(i--); + char c2 = value.charAt(i--); + if (c2 == ' ') + c2 = value.charAt(i--); + char c1 = value.charAt(i--); + if (c1 == ' ') + c1 = value.charAt(i--); + + if (c4 == '=') + { + if (c3 == '=') + { + if (B04.indexOf(c2) != -1 && + B64.indexOf(c1) != -1) + continue; + } + else if (B16.indexOf(c3) != -1) + { + if (B64.indexOf(c2) != -1 && + B64.indexOf(c1) != -1) + continue; + } + } + else if (B64.indexOf(c4) != -1) + continue; + throw new DatatypeException(i, "illegal BASE64"); + } + } + catch (IndexOutOfBoundsException e) + { + throw new DatatypeException("illegal BASE64"); + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/BooleanType.java b/libjava/classpath/gnu/xml/validation/datatype/BooleanType.java new file mode 100644 index 0000000..5a2d9ec --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/BooleanType.java @@ -0,0 +1,91 @@ +/* BooleanType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Set; +import java.util.TreeSet; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema boolean type. + * + * @author Chris Burdess + */ +final class BooleanType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.WHITESPACE + }; + + static final Set VALUE_SPACE = + new TreeSet(Arrays.asList(new String[] {"true", "false", "1", "0"})); + + BooleanType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "boolean"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (!VALUE_SPACE.contains(value)) + throw new DatatypeException("invalid boolean value"); + } + + public Object createValue(String literal, ValidationContext context) { + return ("1".equals(literal) || "true".equals(literal)) ? Boolean.TRUE : + Boolean.FALSE; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/ByteType.java b/libjava/classpath/gnu/xml/validation/datatype/ByteType.java new file mode 100644 index 0000000..539dba2 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/ByteType.java @@ -0,0 +1,133 @@ +/* ByteType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema byte type. + * + * @author Chris Burdess + */ +final class ByteType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "127"; + static final String MIN_VALUE = "128"; + static final int LENGTH = MAX_VALUE.length(); + + ByteType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "byte"), + TypeLibrary.SHORT); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValue(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid byte value"); + int i = 0, off = 0; + boolean compare = false; + String compareTo = MAX_VALUE; + char c = value.charAt(0); + if (c == '+') + i++; + else if (c == '-') + { + compareTo = MIN_VALUE; + i++; + } + if (len - i > LENGTH) + throw new DatatypeException(0, "invalid byte value"); + else if (len - i == LENGTH) + compare = true; + for (; i < len; i++) + { + c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = compareTo.charAt(off); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid byte value"); + } + off++; + continue; + } + throw new DatatypeException(i, "invalid byte value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Byte(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/DateTimeType.java b/libjava/classpath/gnu/xml/validation/datatype/DateTimeType.java new file mode 100644 index 0000000..749ba81 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/DateTimeType.java @@ -0,0 +1,335 @@ +/* DateTimeType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.TimeZone; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema dateTime type. + * + * @author Chris Burdess + */ +final class DateTimeType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + DateTimeType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "dateTime"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValue(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + String year = value.substring(start, i); + if ("0000".equals(year) || year.length() < 4) + throw new DatatypeException(i, "invalid dateTime value"); + state = 1; + start = i + 1; + continue; + } + break; + case 1: // month + if (c == '-') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 2; + start = i + 1; + continue; + } + break; + case 2: // day + if (c == 'T') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 3; + start = i + 1; + continue; + } + break; + case 3: // hour + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 4; + start = i + 1; + continue; + } + break; + case 4: // minute + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 5; + start = i + 1; + continue; + } + break; + case 5: // second + if (c == '.') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 6; + start = i + 1; + continue; + } + else if (c == ' ') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 7; + start = i + 1; + continue; + } + break; + case 6: // second fraction + if (c == ' ') + { + state = 7; + start = i + 1; + continue; + } + break; + case 7: // timezone 1 + if (start == i) + { + if (c == '+' || c == '-') + continue; + else if (c == 'Z') + { + state = 9; + start = i + 1; + continue; + } + } + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid dateTime value"); + state = 8; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "invalid dateTime value"); + } + switch (state) + { + case 5: // second + if (len - start != 2) + throw new DatatypeException(len, "invalid dateTime value"); + break; + case 6: // second fraction + break; + case 8: // timezone 2 + if (len - start != 2) + throw new DatatypeException(len, "invalid dateTime value"); + break; + case 9: // post Z + break; + default: + throw new DatatypeException(len, "invalid dateTime value"); + } + } + + public Object createValue(String value, ValidationContext context) { + int len = value.length(); + int state = 0; + int start = 0; + Calendar cal = new GregorianCalendar(); + try + { + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + cal.set(Calendar.YEAR, + Integer.parseInt(value.substring(0, i))); + state = 1; + start = i + 1; + continue; + } + break; + case 1: // month + if (c == '-') + { + cal.set(Calendar.MONTH, + Integer.parseInt(value.substring(start, i))); + state = 2; + start = i + 1; + continue; + } + break; + case 2: // day + if (c == 'T') + { + cal.set(Calendar.DATE, + Integer.parseInt(value.substring(start, i))); + state = 3; + start = i + 1; + continue; + } + break; + case 3: // hour + if (c == ':') + { + cal.set(Calendar.HOUR, + Integer.parseInt(value.substring(start, i))); + state = 4; + start = i + 1; + continue; + } + break; + case 4: // minute + if (c == ':') + { + cal.set(Calendar.MINUTE, + Integer.parseInt(value.substring(start, i))); + state = 5; + start = i + 1; + continue; + } + break; + case 5: // second + if (c == ' ') + { + float second = Float.parseFloat(value.substring(start, i)); + // TODO adjust non-integer values + cal.set(Calendar.SECOND, (int) second); + state = 7; + start = i + 1; + continue; + } + break; + } + } + // end of input + if (len - start > 0 && state == 7) + { + // Timezone + String timezone = value.substring(len - start); + int i = timezone.indexOf(':'); + if (i == -1) + { + if ("Z".equals(timezone)) + timezone = "UTC"; + TimeZone tz = TimeZone.getTimeZone(timezone); + if (tz == null) + return null; + cal.set(Calendar.ZONE_OFFSET, tz.getRawOffset()); + } + else + { + String tzh = timezone.substring(0, i); + String tzm = timezone.substring(i + 1); + int offset = Integer.parseInt(tzh) * 360000; + if (offset < 0) + offset -= Integer.parseInt(tzm) * 60000; + else + offset += Integer.parseInt(tzm) * 60000; + cal.set(Calendar.ZONE_OFFSET, offset); + } + } + return cal.getTime(); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/DateType.java b/libjava/classpath/gnu/xml/validation/datatype/DateType.java new file mode 100644 index 0000000..6a4e1d7 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/DateType.java @@ -0,0 +1,222 @@ +/* DateType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.TimeZone; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema date type. + * + * @author Chris Burdess + */ +final class DateType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + DateType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "date"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + String year = value.substring(start, i); + if ("0000".equals(year) || year.length() < 4) + throw new DatatypeException(i, "invalid date value"); + state = 1; + start = i + 1; + continue; + } + break; + case 1: // month + if (c == '-') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid date value"); + state = 2; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "invalid date value"); + } + switch (state) + { + case 2: // day + if (len - start != 2) + throw new DatatypeException("invalid date value"); + break; + default: + throw new DatatypeException("invalid date value"); + } + } + + public Object createValue(String value, ValidationContext context) { + int len = value.length(); + int state = 0; + int start = 0; + Calendar cal = new GregorianCalendar(); + cal.set(Calendar.HOUR, 0); + cal.set(Calendar.MINUTE, 0); + cal.set(Calendar.SECOND, 0); + try + { + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + cal.set(Calendar.YEAR, + Integer.parseInt(value.substring(0, i))); + state = 1; + start = i + 1; + continue; + } + break; + case 1: // month + if (c == '-') + { + cal.set(Calendar.MONTH, + Integer.parseInt(value.substring(start, i))); + state = 2; + start = i + 1; + continue; + } + break; + case 2: // day + if (c == 'T') + { + cal.set(Calendar.DATE, + Integer.parseInt(value.substring(start, i))); + state = 7; + start = i + 1; + continue; + } + break; + } + } + // end of input + if (len - start > 0 && state == 7) + { + // Timezone + String timezone = value.substring(len - start); + int i = timezone.indexOf(':'); + if (i == -1) + { + if ("Z".equals(timezone)) + timezone = "UTC"; + TimeZone tz = TimeZone.getTimeZone(timezone); + if (tz == null) + return null; + cal.set(Calendar.ZONE_OFFSET, tz.getRawOffset()); + } + else + { + String tzh = timezone.substring(0, i); + String tzm = timezone.substring(i + 1); + int offset = Integer.parseInt(tzh) * 360000; + if (offset < 0) + offset -= Integer.parseInt(tzm) * 60000; + else + offset += Integer.parseInt(tzm) * 60000; + cal.set(Calendar.ZONE_OFFSET, offset); + } + } + return cal.getTime(); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/DecimalType.java b/libjava/classpath/gnu/xml/validation/datatype/DecimalType.java new file mode 100644 index 0000000..08fe330 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/DecimalType.java @@ -0,0 +1,121 @@ +/* DecimalType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigDecimal; +import java.util.Collections; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema decimal type. + * + * @author Chris Burdess + */ +final class DecimalType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + DecimalType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "decimal"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException("invalid decimal value"); + boolean seenDot = false; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + else if (c == '.') + { + if (seenDot) + throw new DatatypeException(i, "invalid decimal value"); + seenDot = true; + continue; + } + else if (c == '+' && i == 0) + continue; + else if (c == '-' && i == 0) + continue; + else + throw new DatatypeException(i, "invalid decimal value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigDecimal(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/DoubleType.java b/libjava/classpath/gnu/xml/validation/datatype/DoubleType.java new file mode 100644 index 0000000..e25d060 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/DoubleType.java @@ -0,0 +1,112 @@ +/* DoubleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Set; +import java.util.TreeSet; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema double type. + * + * @author Chris Burdess + */ +final class DoubleType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final Set SPECIAL = + new TreeSet(Arrays.asList(new String[] {"INF", "-INF", "NaN"})); + + DoubleType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "double"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (SPECIAL.contains(value)) + return; + try + { + Double.parseDouble(value); + } + catch (NumberFormatException e) + { + DatatypeException e2 = new DatatypeException("invalid double value"); + e2.initCause(e); + throw e2; + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Double(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/DurationType.java b/libjava/classpath/gnu/xml/validation/datatype/DurationType.java new file mode 100644 index 0000000..2cb92ba --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/DurationType.java @@ -0,0 +1,239 @@ +/* DurationType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema duration type. + * + * @author Chris Burdess + */ +final class DurationType + extends AtomicSimpleType +{ + + static class Duration + implements Comparable + { + int years; + int months; + int days; + int minutes; + float seconds; + + public int hashCode() + { + int hc = years; + hc = hc * 31 + months; + hc = hc * 31 + days; + hc = hc * 31 + minutes; + hc = hc * 31 + new Float(seconds).hashCode(); + return hc; + } + + public boolean equals(Object other) + { + if (other instanceof Duration) + { + Duration duration = (Duration) other; + return duration.years ==years && + duration.months == months && + duration.days == days && + duration.minutes == minutes && + duration.seconds == seconds; + } + return false; + } + + public int compareTo(Object other) + { + if (other instanceof Duration) + { + Duration duration = (Duration) other; + if (duration.years != years) + return years - duration.years; + if (duration.months != months) + return months - duration.months; + if (duration.days != days) + return days - duration.days; + if (duration.minutes != minutes) + return minutes = duration.minutes; + if (duration.seconds == seconds) + return 0; + return (seconds < duration.seconds) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + DurationType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "duration"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + char expect = 'P'; + boolean seenT = false; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && expect == 'P') + continue; + if (c == expect) + { + if (c == 'P') + expect = 'Y'; + else if (c == 'Y') + expect = 'M'; + else if (c == 'M' && !seenT) + expect = 'D'; + else if (c == 'D') + expect = 'T'; + else if (c == 'T') + { + expect = 'H'; + seenT = true; + } + else if (c == 'H') + expect = 'M'; + else if (c == 'M' && seenT) + expect = 'S'; + else if (c == 'S') + { + if (i + 1 != len) + throw new DatatypeException(i, "illegal duration value"); + } + continue; + } + if (c >= 0x30 && c <= 0x39 && expect != 'P' && expect != 'T') + continue; + throw new DatatypeException(i, "illegal duration value"); + } + } + + public Object createValue(String value, ValidationContext context) { + boolean negative = false; + int days = 0, months = 0, years = 0; + int minutes = 0; + float seconds = 0.0f; + int len = value.length(); + char expect = 'P'; + boolean seenT = false; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && expect == 'P') + { + negative = true; + continue; + } + if (c == expect) + { + if (c == 'P') + expect = 'Y'; + else if (c == 'Y') + { + expect = 'M'; + years = Integer.parseInt(value.substring(start, i)); + } + else if (c == 'M' && !seenT) + expect = 'D'; + else if (c == 'D') + expect = 'T'; + else if (c == 'T') + { + expect = 'H'; + seenT = true; + } + else if (c == 'H') + expect = 'M'; + else if (c == 'M' && seenT) + expect = 'S'; + else if (c == 'S') + { + if (i + 1 != len) + return null; + } + start = i + 1; + continue; + } + if (c >= 0x30 && c <= 0x39 && expect != 'P' && expect != 'T') + continue; + return null; + } + if (negative) + { + days = days * -1; + minutes = minutes * -1; + seconds = seconds * -1.0f; + } + Duration duration = new Duration(); + duration.days = days; + duration.minutes = minutes; + duration.seconds = seconds; + return duration; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/EntitiesType.java b/libjava/classpath/gnu/xml/validation/datatype/EntitiesType.java new file mode 100644 index 0000000..98554e1 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/EntitiesType.java @@ -0,0 +1,107 @@ +/* EntitiesType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema ENTITIES type. + * + * @author Chris Burdess + */ +final class EntitiesType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + EntitiesType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "ENTITIES"), + TypeLibrary.ENTITY); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + StringBuffer buf = new StringBuffer(); + int len = value.length(); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == ' ') + { + String token = buf.toString(); + if (token.length() > 0) + { + if (!context.isUnparsedEntity(token)) + throw new DatatypeException(i, "invalid ENTITIES value"); + } + buf.setLength(0); + } + else + buf.append(c); + } + String token = buf.toString(); + if (token.length() == 0 || !context.isUnparsedEntity(token)) + throw new DatatypeException("invalid ENTITIES value"); + } + + public boolean isContextDependent() + { + return true; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/EntityType.java b/libjava/classpath/gnu/xml/validation/datatype/EntityType.java new file mode 100644 index 0000000..f1443bc --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/EntityType.java @@ -0,0 +1,88 @@ +/* EntityType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema ENTITY type. + * + * @author Chris Burdess + */ +final class EntityType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + EntityType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "ENTITY"), + TypeLibrary.NCNAME); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (value.length() == 0 || !context.isUnparsedEntity(value)) + throw new DatatypeException("invalid ENTITY value"); + } + + public boolean isContextDependent() + { + return true; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/EnumerationFacet.java b/libjava/classpath/gnu/xml/validation/datatype/EnumerationFacet.java new file mode 100644 index 0000000..0ad3d3f --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/EnumerationFacet.java @@ -0,0 +1,69 @@ +/* EnumerationFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The enumeration facet. + * + * @author Chris Burdess + */ +public final class EnumerationFacet + extends Facet +{ + + public final String value; + + public EnumerationFacet(String value, Annotation annotation) + { + super(ENUMERATION, annotation); + this.value = value; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof EnumerationFacet && + ((EnumerationFacet) other).value.equals(value)); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/Facet.java b/libjava/classpath/gnu/xml/validation/datatype/Facet.java new file mode 100644 index 0000000..490abf8 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/Facet.java @@ -0,0 +1,78 @@ +/* Facet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * An XML Schema constraining facet. + * + * @author Chris Burdess + */ +public abstract class Facet +{ + + public static final int LENGTH = 1; + public static final int MIN_LENGTH = 2; + public static final int MAX_LENGTH = 3; + public static final int PATTERN = 4; + public static final int ENUMERATION = 5; + public static final int WHITESPACE = 6; + public static final int MAX_INCLUSIVE = 7; + public static final int MAX_EXCLUSIVE = 8; + public static final int MIN_EXCLUSIVE = 9; + public static final int MIN_INCLUSIVE = 10; + public static final int TOTAL_DIGITS = 11; + public static final int FRACTION_DIGITS = 12; + + /** + * The type of this facet. + */ + public final int type; + + /** + * Optional annotation. + */ + public Annotation annotation; + + protected Facet(int type, Annotation annotation) + { + this.type = type; + this.annotation = annotation; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/FloatType.java b/libjava/classpath/gnu/xml/validation/datatype/FloatType.java new file mode 100644 index 0000000..a81a56c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/FloatType.java @@ -0,0 +1,112 @@ +/* FloatType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Arrays; +import java.util.Collections; +import java.util.Set; +import java.util.TreeSet; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema float type. + * + * @author Chris Burdess + */ +final class FloatType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final Set SPECIAL = + new TreeSet(Arrays.asList(new String[] {"INF", "-INF", "NaN"})); + + FloatType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "float"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (SPECIAL.contains(value)) + return; + try + { + Float.parseFloat(value); + } + catch (NumberFormatException e) + { + DatatypeException e2 = new DatatypeException("invalid float value"); + e2.initCause(e); + throw e2; + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Float(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/FractionDigitsFacet.java b/libjava/classpath/gnu/xml/validation/datatype/FractionDigitsFacet.java new file mode 100644 index 0000000..efd9862 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/FractionDigitsFacet.java @@ -0,0 +1,72 @@ +/* FractionDigitsFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The fractionDigits facet. + * + * @author Chris Burdess + */ +public final class FractionDigitsFacet + extends Facet +{ + + public final int value; + + public final boolean fixed; + + public FractionDigitsFacet(int value, boolean fixed, Annotation annotation) + { + super(FRACTION_DIGITS, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof FractionDigitsFacet && + ((FractionDigitsFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/GDayType.java b/libjava/classpath/gnu/xml/validation/datatype/GDayType.java new file mode 100644 index 0000000..009af35 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/GDayType.java @@ -0,0 +1,175 @@ +/* GDayType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema gDay type. + * + * @author Chris Burdess + */ +final class GDayType + extends AtomicSimpleType +{ + + static class GDay + implements Comparable + { + + int day; + + public int hashCode() + { + return day; + } + + public boolean equals(Object other) + { + if (other instanceof GDay) + return ((GDay) other).day == day; + return false; + } + + public int compareTo(Object other) + { + if (other instanceof GDay) + { + GDay gd = (GDay) other; + if (gd.day == day) + return 0; + return (day < gd.day) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + GDayType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "gDay"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + switch (i) + { + case 0: + continue; + case 1: + state = 1; + start = i + 1; + continue; + default: + throw new DatatypeException(i, "invalid GDay value"); + } + } + break; + case 1: // month + if (c == '-') + { + if (i - start != 0) + throw new DatatypeException(i, "invalid GDay value"); + state = 2; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "invalid GDay value"); + } + switch (state) + { + case 2: // day + if (len - start != 2) + throw new DatatypeException("invalid GDay value"); + break; + default: + throw new DatatypeException("invalid GDay value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + GDay ret = new GDay(); + ret.day = Integer.parseInt(literal.substring(3)); + return ret; + } + catch (Exception e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/GMonthDayType.java b/libjava/classpath/gnu/xml/validation/datatype/GMonthDayType.java new file mode 100644 index 0000000..a39a1cc --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/GMonthDayType.java @@ -0,0 +1,184 @@ +/* GMonthDayType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema gMonthDay type. + * + * @author Chris Burdess + */ +final class GMonthDayType + extends AtomicSimpleType +{ + + static class GMonthDay + implements Comparable + { + + int month; + int day; + + public int hashCode() + { + return month * 31 + day; + } + + public boolean equals(Object other) + { + if (other instanceof GMonthDay) + { + GMonthDay gmd = (GMonthDay) other; + return gmd.month == month && gmd.day == day; + } + return false; + } + + public int compareTo(Object other) + { + if (other instanceof GMonthDay) + { + GMonthDay gmd = (GMonthDay) other; + if (gmd.month == month) + { + if (gmd.day == day) + return 0; + return (day < gmd.day) ? -1 : 1; + } + return (month < gmd.month) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + GMonthDayType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "gMonthDay"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + switch (i) + { + case 0: + continue; + case 1: + state = 1; + start = i + 1; + continue; + default: + throw new DatatypeException(i, "illegal GMonthDay type"); + } + } + break; + case 1: // month + if (c == '-') + { + if (i - start != 2) + throw new DatatypeException(i, "illegal GMonthDay type"); + state = 2; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "illegal GMonthDay type"); + } + switch (state) + { + case 2: // day + if (len - start != 2) + throw new DatatypeException("illegal GMonthDay type"); + break; + default: + throw new DatatypeException("illegal GMonthDay type"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + GMonthDay ret = new GMonthDay(); + ret.month = Integer.parseInt(literal.substring(2, 5)); + ret.day = Integer.parseInt(literal.substring(6)); + return ret; + } + catch (Exception e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/GMonthType.java b/libjava/classpath/gnu/xml/validation/datatype/GMonthType.java new file mode 100644 index 0000000..5a08af2 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/GMonthType.java @@ -0,0 +1,164 @@ +/* GMonthType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema gMonth type. + * + * @author Chris Burdess + */ +final class GMonthType + extends AtomicSimpleType +{ + + static class GMonth + implements Comparable + { + + int month; + + public int hashCode() + { + return month; + } + + public boolean equals(Object other) + { + if (other instanceof GMonth) + return ((GMonth) other).month == month; + return false; + } + + public int compareTo(Object other) + { + if (other instanceof GMonth) + { + GMonth gm = (GMonth) other; + if (gm.month == month) + return 0; + return (month < gm.month) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + GMonthType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "gMonth"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + switch (i) + { + case 0: + continue; + case 1: + state = 1; + start = i + 1; + continue; + default: + throw new DatatypeException(i, "illegal GMonth value"); + } + } + break; + } + throw new DatatypeException(i, "illegal GMonth value"); + } + switch (state) + { + case 1: // month + if (len - start != 2) + throw new DatatypeException("illegal GMonth value"); + break; + default: + throw new DatatypeException("illegal GMonth value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + GMonth ret = new GMonth(); + ret.month = Integer.parseInt(literal.substring(2)); + return ret; + } + catch (Exception e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/GYearMonthType.java b/libjava/classpath/gnu/xml/validation/datatype/GYearMonthType.java new file mode 100644 index 0000000..9ec38c0 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/GYearMonthType.java @@ -0,0 +1,177 @@ +/* GYearMonthType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema gYearMonth type. + * + * @author Chris Burdess + */ +final class GYearMonthType + extends AtomicSimpleType +{ + + static class GYearMonth + implements Comparable + { + + int year; + int month; + + public int hashCode() + { + return year * 31 + month; + } + + public boolean equals(Object other) + { + if (other instanceof GYearMonth) + { + GYearMonth gmy = (GYearMonth) other; + return gmy.year == year && gmy.month == month; + } + return false; + } + + public int compareTo(Object other) + { + if (other instanceof GYearMonth) + { + GYearMonth gmy = (GYearMonth) other; + if (gmy.year == year) + { + if (gmy.month == month) + return 0; + return (month < gmy.month) ? -1 : 1; + } + return (year < gmy.year) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + GYearMonthType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "gYearMonth"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 0: // year + if (c == '-') + { + String year = value.substring(start, i); + if (year.length() < 4 || Integer.parseInt(year) == 0) + throw new DatatypeException(i, "illegal GYear value"); + state = 1; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "illegal GYear value"); + } + switch (state) + { + case 1: // month + if (len - start != 2) + throw new DatatypeException("illegal GYear value"); + break; + default: + throw new DatatypeException("illegal GYear value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + int offset = 5; + if (literal.charAt(0) == '-') + offset++; + GYearMonth ret = new GYearMonth(); + ret.year = Integer.parseInt(literal.substring(0, offset)); + ret.month = Integer.parseInt(literal.substring(offset + 1)); + return ret; + } + catch (Exception e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/GYearType.java b/libjava/classpath/gnu/xml/validation/datatype/GYearType.java new file mode 100644 index 0000000..6dea89b --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/GYearType.java @@ -0,0 +1,152 @@ +/* GYearType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema gYear type. + * + * @author Chris Burdess + */ +final class GYearType + extends AtomicSimpleType +{ + + static class GYear + implements Comparable + { + + int year; + + public int hashCode() + { + return year; + } + + public boolean equals(Object other) + { + if (other instanceof GYear) + return ((GYear) other).year == year; + return false; + } + + public int compareTo(Object other) + { + if (other instanceof GYear) + { + GYear gy = (GYear) other; + if (gy.year == year) + return 0; + return (year < gy.year) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + GYearType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "gYear"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 0; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && i == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + throw new DatatypeException(i, "invalid GYear value"); + } + switch (state) + { + case 0: // year + String year = value.substring(start, len); + if (year.length() < 4 || Integer.parseInt(year) == 0) + throw new DatatypeException("invalid GYear value"); + break; + default: + throw new DatatypeException("invalid GYear value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + GYear ret = new GYear(); + ret.year = Integer.parseInt(literal); + return ret; + } + catch (Exception e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/HexBinaryType.java b/libjava/classpath/gnu/xml/validation/datatype/HexBinaryType.java new file mode 100644 index 0000000..686e09d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/HexBinaryType.java @@ -0,0 +1,92 @@ +/* HexBinaryType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Collections; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema hexBinary type. + * + * @author Chris Burdess + */ +final class HexBinaryType + extends AtomicSimpleType +{ + + static final String HEX = "0123456789ABCDEF"; + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + HexBinaryType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "hexBinary"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (HEX.indexOf(c) == -1) + throw new DatatypeException(i, "invalid hexBinary value"); + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/IDRefType.java b/libjava/classpath/gnu/xml/validation/datatype/IDRefType.java new file mode 100644 index 0000000..8ea9805 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/IDRefType.java @@ -0,0 +1,87 @@ +/* IDRefType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema IDREF type. + * + * @author Chris Burdess + */ +final class IDRefType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + IDRefType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "IDREF"), + TypeLibrary.NCNAME); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + // TODO + } + + public int getIdType() + { + return ID_TYPE_IDREF; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/IDRefsType.java b/libjava/classpath/gnu/xml/validation/datatype/IDRefsType.java new file mode 100644 index 0000000..57f7e56 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/IDRefsType.java @@ -0,0 +1,87 @@ +/* IDRefsType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema IDREFS type. + * + * @author Chris Burdess + */ +final class IDRefsType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + IDRefsType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "IDREFS"), + TypeLibrary.IDREF); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + // TODO + } + + public int getIdType() + { + return ID_TYPE_IDREFS; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/IDType.java b/libjava/classpath/gnu/xml/validation/datatype/IDType.java new file mode 100644 index 0000000..c55601a --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/IDType.java @@ -0,0 +1,87 @@ +/* IDType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema ID type. + * + * @author Chris Burdess + */ +final class IDType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + IDType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "ID"), + TypeLibrary.NCNAME); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + // TODO + } + + public int getIdType() + { + return ID_TYPE_ID; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/IntType.java b/libjava/classpath/gnu/xml/validation/datatype/IntType.java new file mode 100644 index 0000000..6bf7866 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/IntType.java @@ -0,0 +1,133 @@ +/* IntType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema int type. + * + * @author Chris Burdess + */ +final class IntType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "2147483647"; + static final String MIN_VALUE = "2147483648"; + static final int LENGTH = MAX_VALUE.length(); + + IntType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "int"), + TypeLibrary.LONG); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid int value"); + int i = 0, off = 0; + boolean compare = false; + String compareTo = MAX_VALUE; + char c = value.charAt(0); + if (c == '+') + i++; + else if (c == '-') + { + compareTo = MIN_VALUE; + i++; + } + if (len - i > LENGTH) + throw new DatatypeException("invalid int value"); + else if (len - i == LENGTH) + compare = true; + for (; i < len; i++) + { + c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = compareTo.charAt(off); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid int value"); + } + off++; + continue; + } + throw new DatatypeException(i, "invalid int value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Integer(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/IntegerType.java b/libjava/classpath/gnu/xml/validation/datatype/IntegerType.java new file mode 100644 index 0000000..2098a7d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/IntegerType.java @@ -0,0 +1,110 @@ +/* IntegerType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigInteger; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema integer type. + * + * @author Chris Burdess + */ +final class IntegerType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + IntegerType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "integer"), + TypeLibrary.DECIMAL); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid integer value"); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + else if (c == '+' && i == 0) + continue; + else if (c == '-' && i == 0) + continue; + throw new DatatypeException(i, "invalid integer value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigInteger(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/LanguageType.java b/libjava/classpath/gnu/xml/validation/datatype/LanguageType.java new file mode 100644 index 0000000..3df903c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/LanguageType.java @@ -0,0 +1,87 @@ +/* LanguageType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.regex.Pattern; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema language type. + * + * @author Chris Burdess + */ +final class LanguageType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + static final Pattern PATTERN = + Pattern.compile("[a-zA-Z]{1,8}(-[a-zA-Z0-9]{1,8})*"); + + LanguageType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "language"), + TypeLibrary.TOKEN); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (!PATTERN.matcher(value).matches()) + throw new DatatypeException("invalid language value"); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/LengthFacet.java b/libjava/classpath/gnu/xml/validation/datatype/LengthFacet.java new file mode 100644 index 0000000..cab4496 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/LengthFacet.java @@ -0,0 +1,72 @@ +/* LengthFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The length facet. + * + * @author Chris Burdess + */ +public final class LengthFacet + extends Facet +{ + + public final int value; + + public final boolean fixed; + + public LengthFacet(int value, boolean fixed, Annotation annotation) + { + super(LENGTH, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof LengthFacet && + ((LengthFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/ListSimpleType.java b/libjava/classpath/gnu/xml/validation/datatype/ListSimpleType.java new file mode 100644 index 0000000..1f0cb76 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/ListSimpleType.java @@ -0,0 +1,83 @@ +/* ListSimpleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Set; +import java.util.StringTokenizer; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * An XML Schema list simple type. + * + * @author Chris Burdess + */ +public class ListSimpleType + extends SimpleType +{ + + /** + * The type of the items in this list (atomic or union). + */ + public final SimpleType itemType; + + public ListSimpleType(QName name, Set facets, + int fundamentalFacets, SimpleType baseType, + Annotation annotation, SimpleType itemType) + { + super(name, LIST, facets, fundamentalFacets, baseType, annotation); + this.itemType = itemType; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + StringTokenizer st = new StringTokenizer(value, " "); + if (!st.hasMoreTokens()) + throw new DatatypeException("invalid list value"); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + itemType.checkValid(token, context); + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/LongType.java b/libjava/classpath/gnu/xml/validation/datatype/LongType.java new file mode 100644 index 0000000..eaf69df --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/LongType.java @@ -0,0 +1,133 @@ +/* LongType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema long type. + * + * @author Chris Burdess + */ +final class LongType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "9223372036854775807"; + static final String MIN_VALUE = "9223372036854775808"; + static final int LENGTH = MAX_VALUE.length(); + + LongType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "long"), + TypeLibrary.INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid long value"); + int i = 0, off = 0; + boolean compare = false; + String compareTo = MAX_VALUE; + char c = value.charAt(0); + if (c == '+') + i++; + else if (c == '-') + { + compareTo = MIN_VALUE; + i++; + } + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid long value"); + else if (len - i == LENGTH) + compare = true; + for (; i < len; i++) + { + c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = compareTo.charAt(off); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid long value"); + } + off++; + continue; + } + throw new DatatypeException(i, "invalid long value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Long(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MaxExclusiveFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MaxExclusiveFacet.java new file mode 100644 index 0000000..7aac1f7 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MaxExclusiveFacet.java @@ -0,0 +1,111 @@ +/* MaxExclusiveFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Date; + +/** + * The maxExclusive facet. + * + * @author Chris Burdess + */ +public final class MaxExclusiveFacet + extends Facet +{ + + public final Object value; // date or number + + public final boolean fixed; + + public MaxExclusiveFacet(Object value, boolean fixed, Annotation annotation) + { + super(MAX_EXCLUSIVE, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof MaxExclusiveFacet && + ((MaxExclusiveFacet) other).value.equals(value)); + } + + boolean matches(Object test) + { + if (value instanceof Date) + { + Date dvalue = (Date) value; + if (!(test instanceof Date)) + return false; + return ((Date) test).before(dvalue); + } + else if (value instanceof BigInteger) + { + BigInteger ivalue = (BigInteger) value; + if (!(test instanceof BigInteger)) + return false; + return ((BigInteger) test).compareTo(ivalue) < 0; + } + else if (value instanceof BigDecimal) + { + BigDecimal dvalue = (BigDecimal) value; + if (!(test instanceof BigDecimal)) + return false; + return ((BigDecimal) test).compareTo(dvalue) < 0; + } + else if (value instanceof Comparable) + { + if (!(test.getClass().equals(value.getClass()))) + return false; + return ((Comparable) test).compareTo(value) < 0; + } + Number nvalue = (Number) value; + if (!(test instanceof Number)) + return false; + return ((Number) test).doubleValue() < nvalue.doubleValue(); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MaxInclusiveFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MaxInclusiveFacet.java new file mode 100644 index 0000000..bb145ed --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MaxInclusiveFacet.java @@ -0,0 +1,112 @@ +/* MaxInclusiveFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Date; + +/** + * The maxInclusive facet. + * + * @author Chris Burdess + */ +public final class MaxInclusiveFacet + extends Facet +{ + + public final Object value; + + public final boolean fixed; + + public MaxInclusiveFacet(Object value, boolean fixed, Annotation annotation) + { + super(MAX_INCLUSIVE, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof MaxInclusiveFacet && + ((MaxInclusiveFacet) other).value.equals(value)); + } + + boolean matches(Object test) + { + if (value instanceof Date) + { + Date dvalue = (Date) value; + if (!(test instanceof Date)) + return false; + Date dtest = (Date) test; + return dtest.equals(dvalue) || dtest.before(dvalue); + } + else if (value instanceof BigInteger) + { + BigInteger ivalue = (BigInteger) value; + if (!(test instanceof BigInteger)) + return false; + return ((BigInteger) test).compareTo(ivalue) <= 0; + } + else if (value instanceof BigDecimal) + { + BigDecimal dvalue = (BigDecimal) value; + if (!(test instanceof BigDecimal)) + return false; + return ((BigDecimal) test).compareTo(dvalue) <= 0; + } + else if (value instanceof Comparable) + { + if (!(test.getClass().equals(value.getClass()))) + return false; + return ((Comparable) test).compareTo(value) <= 0; + } + Number nvalue = (Number) value; + if (!(test instanceof Number)) + return false; + return ((Number) test).doubleValue() <= nvalue.doubleValue(); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MaxLengthFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MaxLengthFacet.java new file mode 100644 index 0000000..d033263 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MaxLengthFacet.java @@ -0,0 +1,72 @@ +/* MaxLengthFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The maxLength facet. + * + * @author Chris Burdess + */ +public final class MaxLengthFacet + extends Facet +{ + + public final int value; + + public final boolean fixed; + + public MaxLengthFacet(int value, boolean fixed, Annotation annotation) + { + super(MAX_LENGTH, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof MaxLengthFacet && + ((MaxLengthFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MinExclusiveFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MinExclusiveFacet.java new file mode 100644 index 0000000..2289bb1 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MinExclusiveFacet.java @@ -0,0 +1,111 @@ +/* MinExclusiveFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Date; + +/** + * The minExclusive facet. + * + * @author Chris Burdess + */ +public final class MinExclusiveFacet + extends Facet +{ + + public final Object value; + + public final boolean fixed; + + public MinExclusiveFacet(Object value, boolean fixed, Annotation annotation) + { + super(MIN_EXCLUSIVE, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof MinExclusiveFacet && + ((MinExclusiveFacet) other).value.equals(value)); + } + + boolean matches(Object test) + { + if (value instanceof Date) + { + Date dvalue = (Date) value; + if (!(test instanceof Date)) + return false; + return ((Date) test).after(dvalue); + } + else if (value instanceof BigInteger) + { + BigInteger ivalue = (BigInteger) value; + if (!(test instanceof BigInteger)) + return false; + return ((BigInteger) test).compareTo(ivalue) > 0; + } + else if (value instanceof BigDecimal) + { + BigDecimal dvalue = (BigDecimal) value; + if (!(test instanceof BigDecimal)) + return false; + return ((BigDecimal) test).compareTo(dvalue) > 0; + } + else if (value instanceof Comparable) + { + if (!(test.getClass().equals(value.getClass()))) + return false; + return ((Comparable) test).compareTo(value) > 0; + } + Number nvalue = (Number) value; + if (!(test instanceof Number)) + return false; + return ((Number) test).doubleValue() > nvalue.doubleValue(); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MinInclusiveFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MinInclusiveFacet.java new file mode 100644 index 0000000..6c07c36 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MinInclusiveFacet.java @@ -0,0 +1,112 @@ +/* MinInclusiveFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Date; + +/** + * The minInclusive facet. + * + * @author Chris Burdess + */ +public final class MinInclusiveFacet + extends Facet +{ + + public final Object value; + + public final boolean fixed; + + public MinInclusiveFacet(Object value, boolean fixed, Annotation annotation) + { + super(MIN_INCLUSIVE, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof MinInclusiveFacet && + ((MinInclusiveFacet) other).value.equals(value)); + } + + boolean matches(Object test) + { + if (value instanceof Date) + { + Date dvalue = (Date) value; + if (!(test instanceof Date)) + return false; + Date dtest = (Date) test; + return dtest.equals(dvalue) || dtest.after(dvalue); + } + else if (value instanceof BigInteger) + { + BigInteger ivalue = (BigInteger) value; + if (!(test instanceof BigInteger)) + return false; + return ((BigInteger) test).compareTo(ivalue) >= 0; + } + else if (value instanceof BigDecimal) + { + BigDecimal dvalue = (BigDecimal) value; + if (!(test instanceof BigDecimal)) + return false; + return ((BigDecimal) test).compareTo(dvalue) >= 0; + } + else if (value instanceof Comparable) + { + if (!(test.getClass().equals(value.getClass()))) + return false; + return ((Comparable) test).compareTo(value) >= 0; + } + Number nvalue = (Number) value; + if (!(test instanceof Number)) + return false; + return ((Number) test).doubleValue() >= nvalue.doubleValue(); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/MinLengthFacet.java b/libjava/classpath/gnu/xml/validation/datatype/MinLengthFacet.java new file mode 100644 index 0000000..c7dee20 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/MinLengthFacet.java @@ -0,0 +1,72 @@ +/* MinLengthFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The minLength facet. + * + * @author Chris Burdess + */ +public final class MinLengthFacet + extends Facet +{ + + public final int value; + + public final boolean fixed; + + public MinLengthFacet(int value, boolean fixed, Annotation annotation) + { + super(MIN_LENGTH, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof MinLengthFacet && + ((MinLengthFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NCNameType.java b/libjava/classpath/gnu/xml/validation/datatype/NCNameType.java new file mode 100644 index 0000000..4188d88 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NCNameType.java @@ -0,0 +1,111 @@ +/* NCNameType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.io.IOException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; +import gnu.xml.stream.UnicodeReader; +import gnu.xml.stream.XMLParser; + +/** + * The XML Schema NCName type. + * + * @author Chris Burdess + */ +final class NCNameType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NCNameType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "NCName"), + TypeLibrary.NAME); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + try + { + int[] cp = UnicodeReader.toCodePointArray(value); + if (cp.length == 0) + throw new DatatypeException("invalid NCName value"); + // XXX XML 1.1 documents? + if (cp[0] == ':' || !XMLParser.isNameStartCharacter(cp[0], false)) + throw new DatatypeException(0, "invalid NCName value"); + boolean seenColon = false; + for (int i = 1; i < cp.length; i++) + { + if (cp[i] == ':') + { + if (seenColon || (i + 1 == cp.length)) + throw new DatatypeException(i, "invalid NCName value"); + seenColon = true; + } + else if (!XMLParser.isNameCharacter(cp[i], false)) + throw new DatatypeException(i, "invalid NCName value"); + } + } + catch (IOException e) + { + DatatypeException e2 = new DatatypeException("invalid NCName value"); + e2.initCause(e); + throw e2; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NMTokenType.java b/libjava/classpath/gnu/xml/validation/datatype/NMTokenType.java new file mode 100644 index 0000000..4498fec --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NMTokenType.java @@ -0,0 +1,102 @@ +/* NMTokenType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.io.IOException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; +import gnu.xml.stream.UnicodeReader; +import gnu.xml.stream.XMLParser; + +/** + * The XML Schema NMTOKEN type. + * + * @author Chris Burdess + */ +final class NMTokenType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NMTokenType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "NMTOKEN"), + TypeLibrary.TOKEN); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + try + { + int[] cp = UnicodeReader.toCodePointArray(value); + if (cp.length == 0) + throw new DatatypeException("invalid NMTOKEN value"); + for (int i = 0; i < cp.length; i++) + { + // XXX XML 1.1 documents? + if (!XMLParser.isNameCharacter(cp[i], false)) + throw new DatatypeException(i, "invalid NMTOKEN value"); + } + } + catch (IOException e) + { + DatatypeException e2 = new DatatypeException("invalid NMTOKEN value"); + e2.initCause(e); + throw e2; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NMTokensType.java b/libjava/classpath/gnu/xml/validation/datatype/NMTokensType.java new file mode 100644 index 0000000..62524ed --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NMTokensType.java @@ -0,0 +1,124 @@ +/* NMTokensType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.io.IOException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; +import gnu.xml.stream.UnicodeReader; +import gnu.xml.stream.XMLParser; + +/** + * The XML Schema NMTOKENS type. + * + * @author Chris Burdess + */ +final class NMTokensType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NMTokensType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "NMTOKENS"), + TypeLibrary.NMTOKEN); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + StringBuffer buf = new StringBuffer(); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == ' ') + { + String token = buf.toString(); + if (token.length() > 0) + checkNmtoken(token, i); + buf.setLength(0); + } + else + buf.append(c); + } + checkNmtoken(buf.toString(), len); + } + + private void checkNmtoken(String text, int i) + throws DatatypeException + { + try + { + int[] cp = UnicodeReader.toCodePointArray(text); + if (cp.length == 0) + throw new DatatypeException("invalid NMTOKEN value"); + for (int j = 0; j < cp.length; j++) + { + // XXX XML 1.1 documents? + if (!XMLParser.isNameCharacter(cp[j], false)) + throw new DatatypeException(i, "invalid NMTOKEN value"); + } + } + catch (IOException e) + { + DatatypeException e2 = new DatatypeException("invalid NMTOKEN value"); + e2.initCause(e); + throw e2; + } + } + + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NameType.java b/libjava/classpath/gnu/xml/validation/datatype/NameType.java new file mode 100644 index 0000000..a2fbb9d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NameType.java @@ -0,0 +1,104 @@ +/* NameType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.io.IOException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; +import gnu.xml.stream.UnicodeReader; +import gnu.xml.stream.XMLParser; + +/** + * The XML Schema Name type. + * + * @author Chris Burdess + */ +final class NameType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NameType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "Name"), + TypeLibrary.TOKEN); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + try + { + int[] cp = UnicodeReader.toCodePointArray(value); + if (cp.length == 0) + throw new DatatypeException("invalid Name value"); + // XXX XML 1.1 documents? + if (!XMLParser.isNameStartCharacter(cp[0], false)) + throw new DatatypeException(0, "invalid Name value"); + for (int i = 1; i < cp.length; i++) + { + if (!XMLParser.isNameCharacter(cp[i], false)) + throw new DatatypeException(i, "invalid Name value"); + } + } + catch (IOException e) + { + DatatypeException e2 = new DatatypeException("invalid Name value"); + e2.initCause(e); + throw e2; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NegativeIntegerType.java b/libjava/classpath/gnu/xml/validation/datatype/NegativeIntegerType.java new file mode 100644 index 0000000..fd436cb --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NegativeIntegerType.java @@ -0,0 +1,111 @@ +/* NegativeIntegerType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigInteger; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema negativeInteger type. + * + * @author Chris Burdess + */ +final class NegativeIntegerType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + NegativeIntegerType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "negativeInteger"), + TypeLibrary.NON_POSITIVE_INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValue(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid negative integer value"); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-') + { + if (i == 0) + continue; + } + else if (c >= 0x30 && c <= 0x39) + continue; + throw new DatatypeException(i, "invalid negative integer value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigInteger(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NonNegativeIntegerType.java b/libjava/classpath/gnu/xml/validation/datatype/NonNegativeIntegerType.java new file mode 100644 index 0000000..8577785 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NonNegativeIntegerType.java @@ -0,0 +1,121 @@ +/* NonNegativeIntegerType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigInteger; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema nonNegativeInteger type. + * + * @author Chris Burdess + */ +final class NonNegativeIntegerType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + NonNegativeIntegerType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "nonNegativeInteger"), + TypeLibrary.INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid non-negative integer value"); + boolean negative = false; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == 0x30) + continue; + else if (c >= 0x31 && c <= 0x39) + { + if (negative) + throw new DatatypeException(i, + "invalid non-negative integer value"); + continue; + } + else if (c == '+' && i == 0) + continue; + else if (c == '-' && i == 0) + { + negative = true; + continue; + } + throw new DatatypeException(i, "invalid non-negative integer value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigInteger(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NonPositiveIntegerType.java b/libjava/classpath/gnu/xml/validation/datatype/NonPositiveIntegerType.java new file mode 100644 index 0000000..0b43d52 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NonPositiveIntegerType.java @@ -0,0 +1,121 @@ +/* NonPositiveIntegerType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigInteger; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema nonPositiveInteger type. + * + * @author Chris Burdess + */ +final class NonPositiveIntegerType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + NonPositiveIntegerType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "nonPositiveInteger"), + TypeLibrary.INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid non-positive integer value"); + boolean positive = true; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == 0x30) + continue; + else if (c >= 0x31 && c <= 0x39) + { + if (positive) + throw new DatatypeException(i, + "invalid non-positive integer value"); + continue; + } + else if (c == '+' && i == 0) + continue; + else if (c == '-' && i == 0) + { + positive = false; + continue; + } + throw new DatatypeException(i, "invalid non-positive integer value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigInteger(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NormalizedStringType.java b/libjava/classpath/gnu/xml/validation/datatype/NormalizedStringType.java new file mode 100644 index 0000000..a74312d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NormalizedStringType.java @@ -0,0 +1,88 @@ +/* NormalizedStringType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema normalizedString type. + * + * @author Chris Burdess + */ +final class NormalizedStringType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NormalizedStringType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "normalizedString"), + TypeLibrary.STRING); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == 0x0a || c == 0x0d || c == 0x09) + throw new DatatypeException(i, "invalid normalized-string value"); + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/NotationType.java b/libjava/classpath/gnu/xml/validation/datatype/NotationType.java new file mode 100644 index 0000000..59c7f25 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/NotationType.java @@ -0,0 +1,90 @@ +/* NotationType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Collections; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema NOTATION type. + * + * @author Chris Burdess + */ +final class NotationType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + NotationType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "NOTATION"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + if (!context.isNotation(value)) + throw new DatatypeException("invalid NOTATION value"); + } + + public boolean isContextDependent() + { + return true; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/PatternFacet.java b/libjava/classpath/gnu/xml/validation/datatype/PatternFacet.java new file mode 100644 index 0000000..d594b26b --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/PatternFacet.java @@ -0,0 +1,71 @@ +/* PatternFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.regex.Pattern; + +/** + * The pattern facet. + * + * @author Chris Burdess + */ +public final class PatternFacet + extends Facet +{ + + public final Pattern value; + + public PatternFacet(Pattern value, Annotation annotation) + { + super(PATTERN, annotation); + this.value = value; + } + + public int hashCode() + { + return value.hashCode(); + } + + public boolean equals(Object other) + { + return (other instanceof PatternFacet && + ((PatternFacet) other).value.equals(value)); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/PositiveIntegerType.java b/libjava/classpath/gnu/xml/validation/datatype/PositiveIntegerType.java new file mode 100644 index 0000000..0c10df3 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/PositiveIntegerType.java @@ -0,0 +1,111 @@ +/* PositiveIntegerType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.math.BigInteger; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema positiveInteger type. + * + * @author Chris Burdess + */ +final class PositiveIntegerType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + PositiveIntegerType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "positiveInteger"), + TypeLibrary.NON_NEGATIVE_INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid positive integer value"); + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '+') + { + if (i == 0) + continue; + } + else if (c >= 0x30 && c <= 0x39) + continue; + throw new DatatypeException(i, "invalid positive integer value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new BigInteger(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/QNameType.java b/libjava/classpath/gnu/xml/validation/datatype/QNameType.java new file mode 100644 index 0000000..1eaa518 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/QNameType.java @@ -0,0 +1,122 @@ +/* QNameType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.io.IOException; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; +import gnu.xml.stream.UnicodeReader; +import gnu.xml.stream.XMLParser; + +/** + * The XML Schema QName type. + * + * @author Chris Burdess + */ +final class QNameType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + QNameType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "QName"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int ci = -1; + try + { + int[] cp = UnicodeReader.toCodePointArray(value); + if (cp.length == 0) + throw new DatatypeException("invalid NCName value"); + // XXX XML 1.1 documents? + if (cp[0] == ':' || !XMLParser.isNameStartCharacter(cp[0], false)) + throw new DatatypeException(0, "invalid NCName value"); + for (int i = 1; i < cp.length; i++) + { + if (cp[i] == ':') + { + if (ci != -1 || (i + 1 == cp.length)) + throw new DatatypeException(i, "invalid NCName value"); + ci = i; + } + else if (!XMLParser.isNameCharacter(cp[i], false)) + throw new DatatypeException(i, "invalid NCName value"); + } + } + catch (IOException e) + { + DatatypeException e2 = new DatatypeException("invalid NCName value"); + e2.initCause(e); + throw e2; + } + if (ci != -1) + { + String prefix = value.substring(0, ci); + if (context.resolveNamespacePrefix(prefix) == null) + throw new DatatypeException("invalid namespace prefix"); + } + } + + public boolean isContextDependent() + { + return true; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/ShortType.java b/libjava/classpath/gnu/xml/validation/datatype/ShortType.java new file mode 100644 index 0000000..3179c8d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/ShortType.java @@ -0,0 +1,133 @@ +/* ShortType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema short type. + * + * @author Chris Burdess + */ +final class ShortType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "32767"; + static final String MIN_VALUE = "32768"; + static final int LENGTH = MAX_VALUE.length(); + + ShortType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "short"), + TypeLibrary.INT); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid short value"); + int i = 0, off = 0; + boolean compare = false; + String compareTo = MAX_VALUE; + char c = value.charAt(0); + if (c == '+') + i++; + else if (c == '-') + { + compareTo = MIN_VALUE; + i++; + } + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid short value"); + else if (len - i == LENGTH) + compare = true; + for (; i < len; i++) + { + c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = compareTo.charAt(off); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid short value"); + } + off++; + continue; + } + throw new DatatypeException(i, "invalid short value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Short(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/SimpleType.java b/libjava/classpath/gnu/xml/validation/datatype/SimpleType.java new file mode 100644 index 0000000..6554f2f --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/SimpleType.java @@ -0,0 +1,257 @@ +/* SimpleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Iterator; +import java.util.Set; +import java.util.regex.Matcher; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.Datatype; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.DatatypeStreamingValidator; +import org.relaxng.datatype.ValidationContext; + +/** + * An XML Schema simple type. + * + * @author Chris Burdess + */ +public class SimpleType + extends Type + implements Datatype +{ + + /** + * The variety of the anySimpleType datatype. + */ + public static final int ANY = 0; + + /** + * The atomic variety. + */ + public static final int ATOMIC = 1; + + /** + * The list variety. + */ + public static final int LIST = 2; + + /** + * The union variety. + */ + public static final int UNION = 3; + + public static final int ID_TYPE_NULL = 0; + public static final int ID_TYPE_ID = 1; + public static final int ID_TYPE_IDREF = 2; + public static final int ID_TYPE_IDREFS = 3; + + /** + * The variety of this simple type. + */ + public final int variety; + + /** + * The facets of this simple type. + */ + public Set facets; + + /** + * The fundamental facets of this simple type. + */ + public int fundamentalFacets; + + /** + * If this datatype has been derived by restriction, then the component + * from which it was derived. + */ + public final SimpleType baseType; + + /** + * Optional annotation. + */ + public final Annotation annotation; + + public SimpleType(QName name, int variety, Set facets, + int fundamentalFacets, SimpleType baseType, + Annotation annotation) + { + super(name); + this.variety = variety; + this.facets = facets; + this.fundamentalFacets = fundamentalFacets; + this.baseType = baseType; + this.annotation = annotation; + } + + /** + * Indicates whether this type permits the specified value. + */ + public boolean isValid(String value, ValidationContext context) + { + try + { + checkValid(value, context); + return true; + } + catch (DatatypeException e) + { + return false; + } + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + if (facets != null && !facets.isEmpty()) + { + Object parsedValue = createValue(value, context); + for (Iterator i = facets.iterator(); i.hasNext(); ) + { + Facet facet = (Facet) i.next(); + switch (facet.type) + { + case Facet.LENGTH: + LengthFacet lf = (LengthFacet) facet; + if (value.length() != lf.value) + throw new DatatypeException("invalid length"); + break; + case Facet.MIN_LENGTH: + MinLengthFacet nlf = (MinLengthFacet) facet; + if (value.length() < nlf.value) + throw new DatatypeException("invalid minimum length"); + break; + case Facet.MAX_LENGTH: + MaxLengthFacet xlf = (MaxLengthFacet) facet; + if (value.length() > xlf.value) + throw new DatatypeException("invalid maximum length"); + break; + case Facet.PATTERN: + PatternFacet pf = (PatternFacet) facet; + Matcher matcher = pf.value.matcher(value); + if (!matcher.find()) + throw new DatatypeException("invalid match for pattern"); + break; + case Facet.ENUMERATION: + // TODO + break; + case Facet.WHITESPACE: + // TODO + break; + case Facet.MAX_INCLUSIVE: + MaxInclusiveFacet xif = (MaxInclusiveFacet) facet; + if (!xif.matches(parsedValue)) + throw new DatatypeException("beyond upper bound"); + break; + case Facet.MAX_EXCLUSIVE: + MaxExclusiveFacet xef = (MaxExclusiveFacet) facet; + if (!xef.matches(parsedValue)) + throw new DatatypeException("beyond upper bound"); + break; + case Facet.MIN_EXCLUSIVE: + MinExclusiveFacet nef = (MinExclusiveFacet) facet; + if (!nef.matches(parsedValue)) + throw new DatatypeException("beyond lower bound"); + break; + case Facet.MIN_INCLUSIVE: + MinInclusiveFacet nif = (MinInclusiveFacet) facet; + if (!nif.matches(parsedValue)) + throw new DatatypeException("beyond lower bound"); + break; + case Facet.TOTAL_DIGITS: + TotalDigitsFacet tdf = (TotalDigitsFacet) facet; + if (countDigits(value, true) > tdf.value) + throw new DatatypeException("too many digits"); + break; + case Facet.FRACTION_DIGITS: + FractionDigitsFacet fdf = (FractionDigitsFacet) facet; + if (countDigits(value, false) > fdf.value) + throw new DatatypeException("too many fraction digits"); + break; + } + } + } + } + + private static int countDigits(String value, boolean any) + { + int count = 0; + int len = value.length(); + boolean seenDecimal = false; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == 0x2e) + seenDecimal = true; + else if (c >= 0x30 && c <= 0x39 && (any || seenDecimal)) + count++; + } + return count; + } + + // TODO createStreamingValidator + public DatatypeStreamingValidator createStreamingValidator(ValidationContext context) + { + throw new UnsupportedOperationException(); + } + + public Object createValue(String literal, ValidationContext context) { + return literal; + } + + public boolean sameValue(Object value1, Object value2) { + return value1.equals(value2); + } + + public int valueHashCode(Object value) { + return value.hashCode(); + } + + public int getIdType() + { + return ID_TYPE_NULL; + } + + public boolean isContextDependent() + { + return false; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/StringType.java b/libjava/classpath/gnu/xml/validation/datatype/StringType.java new file mode 100644 index 0000000..a2235f2 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/StringType.java @@ -0,0 +1,77 @@ +/* StringType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Collections; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema string type. + * + * @author Chris Burdess + */ +final class StringType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + StringType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "string"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/TimeType.java b/libjava/classpath/gnu/xml/validation/datatype/TimeType.java new file mode 100644 index 0000000..0152e11 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TimeType.java @@ -0,0 +1,303 @@ +/* TimeType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.TimeZone; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema time type. + * + * @author Chris Burdess + */ +final class TimeType + extends AtomicSimpleType +{ + + static class Time + implements Comparable + { + int minutes; + float seconds; + + public int hashCode() + { + return minutes * 31 + new Float(seconds).hashCode(); + } + + public boolean equals(Object other) + { + if (other instanceof Time) + { + Time time = (Time) other; + return time.minutes == minutes && time.seconds == seconds; + } + return false; + } + + public int compareTo(Object other) + { + if (other instanceof Time) + { + Time time = (Time) other; + if (time.minutes != minutes) + return minutes - time.minutes; + if (time.seconds == seconds) + return 0; + return (seconds < time.seconds) ? -1 : 1; + } + return 0; + } + + } + + static final int[] CONSTRAINING_FACETS = { + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + TimeType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "time"), + TypeLibrary.ANY_SIMPLE_TYPE); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + int state = 3; + int start = 0; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == '-' && state == 0) + { + start++; + continue; + } + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 3: // hour + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid time value"); + state = 4; + start = i + 1; + continue; + } + break; + case 4: // minute + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid time value"); + state = 5; + start = i + 1; + continue; + } + break; + case 5: // second + if (c == '.') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid time value"); + state = 6; + start = i + 1; + continue; + } + else if (c == ' ') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid time value"); + state = 7; + start = i + 1; + continue; + } + break; + case 6: // second fraction + if (c == ' ') + { + state = 7; + start = i + 1; + continue; + } + break; + case 7: // timezone 1 + if (start == i) + { + if (c == '+' || c == '-') + continue; + else if (c == 'Z') + { + state = 9; + start = i + 1; + continue; + } + } + if (c == ':') + { + if (i - start != 2) + throw new DatatypeException(i, "invalid time value"); + state = 8; + start = i + 1; + continue; + } + break; + } + throw new DatatypeException(i, "invalid time value"); + } + switch (state) + { + case 5: // second + if (len - start != 2) + throw new DatatypeException(len, "invalid time value"); + break; + case 6: // second fraction + break; + case 8: // timezone 2 + if (len - start != 2) + throw new DatatypeException(len, "invalid time value"); + break; + case 9: // post Z + break; + default: + throw new DatatypeException(len, "invalid time value"); + } + } + + public Object createValue(String value, ValidationContext context) { + int len = value.length(); + int state = 3; + int start = 0; + Time time = new Time(); + try + { + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + continue; + switch (state) + { + case 3: // hour + if (c == ':') + { + time.minutes = + Integer.parseInt(value.substring(start, i)) * 60; + state = 4; + start = i + 1; + continue; + } + break; + case 4: // minute + if (c == ':') + { + time.minutes += + Integer.parseInt(value.substring(start, i)); + state = 5; + start = i + 1; + continue; + } + break; + case 5: // second + if (c == ' ') + { + time.seconds = + Float.parseFloat(value.substring(start, i)); + state = 7; + start = i + 1; + continue; + } + break; + } + } + // end of input + if (len - start > 0 && state == 7) + { + // Timezone + String timezone = value.substring(len - start); + int i = timezone.indexOf(':'); + if (i == -1) + { + if ("Z".equals(timezone)) + timezone = "UTC"; + TimeZone tz = TimeZone.getTimeZone(timezone); + if (tz == null) + return null; + time.minutes += tz.getRawOffset(); + } + else + { + String tzh = timezone.substring(0, i); + String tzm = timezone.substring(i + 1); + int offset = Integer.parseInt(tzh) * 60; + if (offset < 0) + offset -= Integer.parseInt(tzm); + else + offset += Integer.parseInt(tzm); + time.minutes += offset; + } + } + return time; + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/TokenType.java b/libjava/classpath/gnu/xml/validation/datatype/TokenType.java new file mode 100644 index 0000000..18e1e8a --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TokenType.java @@ -0,0 +1,96 @@ +/* TokenType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema token type. + * + * @author Chris Burdess + */ +final class TokenType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.LENGTH, + Facet.MIN_LENGTH, + Facet.MAX_LENGTH, + Facet.PATTERN, + Facet.ENUMERATION, + Facet.WHITESPACE + }; + + TokenType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "token"), + TypeLibrary.NORMALIZED_STRING); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid token value"); + if (value.charAt(0) == ' ' || value.charAt(len - 1) == ' ') + throw new DatatypeException(0, "invalid token value"); + char last = '\u0000'; + for (int i = 0; i < len; i++) + { + char c = value.charAt(i); + if (c == 0x0a || c == 0x0d || c == 0x09) + throw new DatatypeException(i, "invalid token value"); + if (c == ' ' && last == ' ') + throw new DatatypeException(i, "invalid token value"); + last = c; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/TotalDigitsFacet.java b/libjava/classpath/gnu/xml/validation/datatype/TotalDigitsFacet.java new file mode 100644 index 0000000..4debc63 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TotalDigitsFacet.java @@ -0,0 +1,72 @@ +/* TotalDigitsFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The totalDigits facet. + * + * @author Chris Burdess + */ +public final class TotalDigitsFacet + extends Facet +{ + + public final int value; + + public final boolean fixed; + + public TotalDigitsFacet(int value, boolean fixed, Annotation annotation) + { + super(TOTAL_DIGITS, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof TotalDigitsFacet && + ((TotalDigitsFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/Type.java b/libjava/classpath/gnu/xml/validation/datatype/Type.java new file mode 100644 index 0000000..e066276 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/Type.java @@ -0,0 +1,65 @@ +/* Type.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.HashMap; +import java.util.Map; +import javax.xml.namespace.QName; +/** + * Abstract base class for XML Schema datatypes. + * @see http://www.w3.org/TR/xmlschema-2/ + * + * @author Chris Burdess + */ +public abstract class Type +{ + + public static final Type ANY_TYPE = new AnyType(); + + /** + * The name of this type. + */ + public final QName name; + + public Type(QName name) + { + this.name = name; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/TypeBuilder.java b/libjava/classpath/gnu/xml/validation/datatype/TypeBuilder.java new file mode 100644 index 0000000..606fd0e --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TypeBuilder.java @@ -0,0 +1,279 @@ +/* TypeBuilder.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.LinkedHashSet; +import java.util.regex.Pattern; +import javax.xml.namespace.QName; +import org.relaxng.datatype.Datatype; +import org.relaxng.datatype.DatatypeBuilder; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * Datatype builder. + * + * @author Chris Burdess + */ +public class TypeBuilder + implements DatatypeBuilder +{ + + final SimpleType type; + + TypeBuilder(SimpleType type) + { + this.type = type; + // TODO fundamental facets + type.facets = new LinkedHashSet(); + } + + public void addParameter(String name, String value, ValidationContext context) + throws DatatypeException + { + // TODO fundamental facets + if ("length".equals(name)) + type.facets.add(parseLengthFacet(value)); + else if ("minLength".equals(name)) + type.facets.add(parseMinLengthFacet(value)); + else if ("maxLength".equals(name)) + type.facets.add(parseMaxLengthFacet(value)); + else if ("pattern".equals(name)) + type.facets.add(parsePatternFacet(value)); + else if ("enumeration".equals(name)) + type.facets.add(parseEnumerationFacet(value)); + else if ("whiteSpace".equals(name)) + type.facets.add(parseWhiteSpaceFacet(value)); + else if ("maxInclusive".equals(name)) + type.facets.add(parseMaxInclusiveFacet(value, context)); + else if ("maxExclusive".equals(name)) + type.facets.add(parseMaxExclusiveFacet(value, context)); + else if ("minExclusive".equals(name)) + type.facets.add(parseMinExclusiveFacet(value, context)); + else if ("minInclusive".equals(name)) + type.facets.add(parseMinInclusiveFacet(value, context)); + else if ("totalDigits".equals(name)) + type.facets.add(parseTotalDigitsFacet(value)); + else if ("fractionDigits".equals(name)) + type.facets.add(parseFractionDigitsFacet(value)); + } + + LengthFacet parseLengthFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new LengthFacet(Integer.parseInt(value), fixed, null); + } + + MinLengthFacet parseMinLengthFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MinLengthFacet(Integer.parseInt(value), fixed, null); + } + + MaxLengthFacet parseMaxLengthFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MaxLengthFacet(Integer.parseInt(value), fixed, null); + } + + PatternFacet parsePatternFacet(String value) + throws DatatypeException + { + return new PatternFacet(Pattern.compile(value), null); + } + + EnumerationFacet parseEnumerationFacet(String value) + throws DatatypeException + { + return new EnumerationFacet(value, null); + } + + WhiteSpaceFacet parseWhiteSpaceFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + if ("preserve".equals(value)) + return new WhiteSpaceFacet(WhiteSpaceFacet.PRESERVE, fixed, null); + if ("replace".equals(value)) + return new WhiteSpaceFacet(WhiteSpaceFacet.REPLACE, fixed, null); + if ("collapse".equals(value)) + return new WhiteSpaceFacet(WhiteSpaceFacet.COLLAPSE, fixed, null); + throw new DatatypeException("argument must be preserve, replace, or collapse"); + } + + MaxInclusiveFacet parseMaxInclusiveFacet(String value, + ValidationContext context) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MaxInclusiveFacet(type.createValue(value, context), fixed, null); + } + + MaxExclusiveFacet parseMaxExclusiveFacet(String value, + ValidationContext context) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MaxExclusiveFacet(type.createValue(value, context), fixed, null); + } + + MinExclusiveFacet parseMinExclusiveFacet(String value, + ValidationContext context) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MinExclusiveFacet(type.createValue(value, context), fixed, null); + } + + MinInclusiveFacet parseMinInclusiveFacet(String value, + ValidationContext context) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + return new MinInclusiveFacet(type.createValue(value, context), fixed, null); + } + + TotalDigitsFacet parseTotalDigitsFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + int val = Integer.parseInt(value); + if (val < 0) + throw new DatatypeException("value must be a positiveInteger"); + return new TotalDigitsFacet(val, fixed, null); + } + + FractionDigitsFacet parseFractionDigitsFacet(String value) + throws DatatypeException + { + int si = value.indexOf(' '); + boolean fixed = false; + if (si != -1) + { + if (!"FIXED".equalsIgnoreCase(value.substring(si + 1))) + throw new DatatypeException("second argument must be FIXED if present"); + fixed = true; + value = value.substring(0, si); + } + int val = Integer.parseInt(value); + if (val < 0) + throw new DatatypeException("value must be a positiveInteger"); + return new FractionDigitsFacet(val, fixed, null); + } + + public Datatype createDatatype() + { + return type; + } + +} diff --git a/libjava/classpath/gnu/xml/validation/datatype/TypeLibrary.java b/libjava/classpath/gnu/xml/validation/datatype/TypeLibrary.java new file mode 100644 index 0000000..f1daece --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TypeLibrary.java @@ -0,0 +1,173 @@ +/* TypeLibrary.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.HashMap; +import java.util.Map; +import org.relaxng.datatype.Datatype; +import org.relaxng.datatype.DatatypeBuilder; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.DatatypeLibrary; + +/** + * Datatype library for XML Schema datatypes. + * + * @author Chris Burdess + */ +public class TypeLibrary + implements DatatypeLibrary +{ + + public static final SimpleType ANY_SIMPLE_TYPE = new AnySimpleType(); + + public static final SimpleType STRING = new StringType(); + public static final SimpleType BOOLEAN = new BooleanType(); + public static final SimpleType DECIMAL = new DecimalType(); + public static final SimpleType FLOAT = new FloatType(); + public static final SimpleType DOUBLE = new DoubleType(); + public static final SimpleType DURATION = new DurationType(); + public static final SimpleType DATE_TIME = new DateTimeType(); + public static final SimpleType TIME = new TimeType(); + public static final SimpleType DATE = new DateType(); + public static final SimpleType G_YEAR_MONTH = new GYearMonthType(); + public static final SimpleType G_YEAR = new GYearType(); + public static final SimpleType G_MONTH_DAY = new GMonthDayType(); + public static final SimpleType G_DAY = new GDayType(); + public static final SimpleType G_MONTH = new GMonthType(); + public static final SimpleType HEX_BINARY = new HexBinaryType(); + public static final SimpleType BASE64_BINARY = new Base64BinaryType(); + public static final SimpleType ANY_URI = new AnyURIType(); + public static final SimpleType QNAME = new QNameType(); + public static final SimpleType NOTATION = new NotationType(); + + public static final SimpleType NORMALIZED_STRING = new NormalizedStringType(); + public static final SimpleType TOKEN = new TokenType(); + public static final SimpleType LANGUAGE = new LanguageType(); + public static final SimpleType NMTOKEN = new NMTokenType(); + public static final SimpleType NMTOKENS = new NMTokensType(); + public static final SimpleType NAME = new NameType(); + public static final SimpleType NCNAME = new NCNameType(); + public static final SimpleType ID = new IDType(); + public static final SimpleType IDREF = new IDRefType(); + public static final SimpleType IDREFS = new IDRefsType(); + public static final SimpleType ENTITY = new EntityType(); + public static final SimpleType ENTITIES = new EntitiesType(); + public static final SimpleType INTEGER = new IntegerType(); + public static final SimpleType NON_POSITIVE_INTEGER = new NonPositiveIntegerType(); + public static final SimpleType NEGATIVE_INTEGER = new NegativeIntegerType(); + public static final SimpleType LONG = new LongType(); + public static final SimpleType INT = new IntType(); + public static final SimpleType SHORT = new ShortType(); + public static final SimpleType BYTE = new ByteType(); + public static final SimpleType NON_NEGATIVE_INTEGER = new NonNegativeIntegerType(); + public static final SimpleType UNSIGNED_LONG = new UnsignedLongType(); + public static final SimpleType UNSIGNED_INT = new UnsignedIntType(); + public static final SimpleType UNSIGNED_SHORT = new UnsignedShortType(); + public static final SimpleType UNSIGNED_BYTE = new UnsignedByteType(); + public static final SimpleType POSITIVE_INTEGER = new PositiveIntegerType(); + + private static Map byName; + static + { + byName = new HashMap(); + byName.put("anySimpleType", ANY_SIMPLE_TYPE); + byName.put("string", STRING); + byName.put("boolean", BOOLEAN); + byName.put("decimal", DECIMAL); + byName.put("float", FLOAT); + byName.put("double", DOUBLE); + byName.put("duration", DURATION); + byName.put("dateTime", DATE_TIME); + byName.put("time", TIME); + byName.put("date", DATE); + byName.put("gYearMonth", G_YEAR_MONTH); + byName.put("gYear", G_YEAR); + byName.put("gMonthDay", G_MONTH_DAY); + byName.put("gDay", G_DAY); + byName.put("gMonth",G_MONTH); + byName.put("hexBinary", HEX_BINARY); + byName.put("base64Binary", BASE64_BINARY); + byName.put("anyURI", ANY_URI); + byName.put("QName", QNAME); + byName.put("NOTATION", NOTATION); + byName.put("normalizedString", NORMALIZED_STRING); + byName.put("token", TOKEN); + byName.put("language", LANGUAGE); + byName.put("NMTOKEN", NMTOKEN); + byName.put("NMTOKENS", NMTOKENS); + byName.put("Name", NAME); + byName.put("NCName", NCNAME); + byName.put("ID", ID); + byName.put("IDREF", IDREF); + byName.put("IDREFS", IDREFS); + byName.put("ENTITY", ENTITY); + byName.put("ENTITIES", ENTITIES); + byName.put("integer", INTEGER); + byName.put("nonPositiveInteger", NON_POSITIVE_INTEGER); + byName.put("negativeInteger", NEGATIVE_INTEGER); + byName.put("long", LONG); + byName.put("int", INT); + byName.put("short", SHORT); + byName.put("byte", BYTE); + byName.put("nonNegativeInteger", NON_NEGATIVE_INTEGER); + byName.put("unsignedLong", UNSIGNED_LONG); + byName.put("unsignedInt", UNSIGNED_INT); + byName.put("unsignedShort", UNSIGNED_SHORT); + byName.put("unsignedByte", UNSIGNED_BYTE); + byName.put("positiveInteger", POSITIVE_INTEGER); + } + + public DatatypeBuilder createDatatypeBuilder(String baseTypeLocalName) + throws DatatypeException + { + SimpleType type = (SimpleType) byName.get(baseTypeLocalName); + if (type == null) + throw new DatatypeException("Unknown type name: " + baseTypeLocalName); + return new TypeBuilder(type); + } + + public Datatype createDatatype(String typeLocalName) + throws DatatypeException + { + SimpleType type = (SimpleType) byName.get(typeLocalName); + if (type == null) + throw new DatatypeException("Unknown type name: " + typeLocalName); + return type; + } + +} diff --git a/libjava/classpath/gnu/xml/validation/datatype/TypeLibraryFactory.java b/libjava/classpath/gnu/xml/validation/datatype/TypeLibraryFactory.java new file mode 100644 index 0000000..21ee642 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/TypeLibraryFactory.java @@ -0,0 +1,60 @@ +/* TypeLibraryFactory.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import org.relaxng.datatype.DatatypeLibrary; +import org.relaxng.datatype.DatatypeLibraryFactory; + +/** + * Datatype library factory for XML Schema datatypes. + * + * @author Chris Burdess + */ +public class TypeLibraryFactory + implements DatatypeLibraryFactory +{ + + public DatatypeLibrary createDatatypeLibrary(String namespaceURI) + { + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(namespaceURI)) + return new TypeLibrary(); + return null; + } + +} diff --git a/libjava/classpath/gnu/xml/validation/datatype/UnionSimpleType.java b/libjava/classpath/gnu/xml/validation/datatype/UnionSimpleType.java new file mode 100644 index 0000000..d87c2aa --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/UnionSimpleType.java @@ -0,0 +1,83 @@ +/* UnionSimpleType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import java.util.Iterator; +import java.util.List; +import java.util.Set; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * An XML Schema union simple type. + * + * @author Chris Burdess + */ +public class UnionSimpleType + extends SimpleType +{ + + /** + * The member types in this union. + */ + public final List memberTypes; + + public UnionSimpleType(QName name, Set facets, + int fundamentalFacets, SimpleType baseType, + Annotation annotation, List memberTypes) + { + super(name, UNION, facets, fundamentalFacets, baseType, annotation); + this.memberTypes = memberTypes; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + for (Iterator i = memberTypes.iterator(); i.hasNext(); ) + { + SimpleType type = (SimpleType) i.next(); + if (type.isValid(value, context)) + return; + } + throw new DatatypeException("invalid union type value"); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/UnsignedByteType.java b/libjava/classpath/gnu/xml/validation/datatype/UnsignedByteType.java new file mode 100644 index 0000000..772c9cc --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/UnsignedByteType.java @@ -0,0 +1,121 @@ +/* UnsignedByteType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema unsignedByte type. + * + * @author Chris Burdess + */ +final class UnsignedByteType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "255"; + static final int LENGTH = MAX_VALUE.length(); + + UnsignedByteType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "unsignedByte"), + TypeLibrary.UNSIGNED_SHORT); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid unsigned byte value"); + boolean compare = false; + for (int i = 0; i < len; i++) + { + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid unsigned byte value"); + else if (len - i == LENGTH) + compare = true; + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = MAX_VALUE.charAt(i); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid unsigned byte value"); + } + continue; + } + throw new DatatypeException(i, "invalid unsigned byte value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Byte(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/UnsignedIntType.java b/libjava/classpath/gnu/xml/validation/datatype/UnsignedIntType.java new file mode 100644 index 0000000..a4e8a68 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/UnsignedIntType.java @@ -0,0 +1,121 @@ +/* UnsignedIntType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema unsignedInt type. + * + * @author Chris Burdess + */ +final class UnsignedIntType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "4294967295"; + static final int LENGTH = MAX_VALUE.length(); + + UnsignedIntType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "unsignedInt"), + TypeLibrary.UNSIGNED_LONG); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid unsigned int value"); + boolean compare = false; + for (int i = 0; i < len; i++) + { + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid unsigned int value"); + else if (len - i == LENGTH) + compare = true; + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = MAX_VALUE.charAt(i); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid unsigned int value"); + } + continue; + } + throw new DatatypeException(i, "invalid unsigned int value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Integer(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/UnsignedLongType.java b/libjava/classpath/gnu/xml/validation/datatype/UnsignedLongType.java new file mode 100644 index 0000000..5a36d8a --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/UnsignedLongType.java @@ -0,0 +1,121 @@ +/* UnsignedLongType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema unsignedLong type. + * + * @author Chris Burdess + */ +final class UnsignedLongType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "18446744073709551615"; + static final int LENGTH = MAX_VALUE.length(); + + UnsignedLongType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "unsignedLong"), + TypeLibrary.NON_NEGATIVE_INTEGER); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid unsigned long value"); + boolean compare = false; + for (int i = 0; i < len; i++) + { + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid unsigned long value"); + else if (len - i == LENGTH) + compare = true; + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = MAX_VALUE.charAt(i); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, "invalid unsigned long value"); + } + continue; + } + throw new DatatypeException(i, "invalid unsigned long value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Long(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/UnsignedShortType.java b/libjava/classpath/gnu/xml/validation/datatype/UnsignedShortType.java new file mode 100644 index 0000000..49f621b --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/UnsignedShortType.java @@ -0,0 +1,122 @@ +/* UnsignedShortType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.ValidationContext; + +/** + * The XML Schema unsignedShort type. + * + * @author Chris Burdess + */ +final class UnsignedShortType + extends AtomicSimpleType +{ + + static final int[] CONSTRAINING_FACETS = { + Facet.TOTAL_DIGITS, + Facet.FRACTION_DIGITS, + Facet.PATTERN, + Facet.WHITESPACE, + Facet.ENUMERATION, + Facet.MAX_INCLUSIVE, + Facet.MAX_EXCLUSIVE, + Facet.MIN_INCLUSIVE, + Facet.MIN_EXCLUSIVE + }; + + static final String MAX_VALUE = "65535"; + static final int LENGTH = MAX_VALUE.length(); + + UnsignedShortType() + { + super(new QName(XMLConstants.W3C_XML_SCHEMA_NS_URI, "unsignedShort"), + TypeLibrary.UNSIGNED_INT); + } + + public int[] getConstrainingFacets() + { + return CONSTRAINING_FACETS; + } + + public void checkValid(String value, ValidationContext context) + throws DatatypeException + { + super.checkValid(value, context); + int len = value.length(); + if (len == 0) + throw new DatatypeException(0, "invalid unsigned short value"); + boolean compare = false; + for (int i = 0; i < len; i++) + { + if (len - i > LENGTH) + throw new DatatypeException(i, "invalid unsigned short value"); + else if (len - i == LENGTH) + compare = true; + char c = value.charAt(i); + if (c >= 0x30 && c <= 0x39) + { + if (compare) + { + char d = MAX_VALUE.charAt(i); + if (Character.digit(c, 10) > Character.digit(d, 10)) + throw new DatatypeException(i, + "invalid unsigned short value"); + } + continue; + } + throw new DatatypeException(i, "invalid unsigned short value"); + } + } + + public Object createValue(String literal, ValidationContext context) { + try + { + return new Short(literal); + } + catch (NumberFormatException e) + { + return null; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/datatype/WhiteSpaceFacet.java b/libjava/classpath/gnu/xml/validation/datatype/WhiteSpaceFacet.java new file mode 100644 index 0000000..5920e1c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/datatype/WhiteSpaceFacet.java @@ -0,0 +1,75 @@ +/* WhiteSpaceFacet.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.datatype; + +/** + * The whiteSpace facet. + * + * @author Chris Burdess + */ +public final class WhiteSpaceFacet + extends Facet +{ + + public static final int PRESERVE = 0; + public static final int REPLACE = 1; + public static final int COLLAPSE = 2; + + public final int value; + public final boolean fixed; + + public WhiteSpaceFacet(int value, boolean fixed, Annotation annotation) + { + super(WHITESPACE, annotation); + this.value = value; + this.fixed = fixed; + } + + public int hashCode() + { + return value; + } + + public boolean equals(Object other) + { + return (other instanceof WhiteSpaceFacet && + ((WhiteSpaceFacet) other).value == value); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/AnyNameNameClass.java b/libjava/classpath/gnu/xml/validation/relaxng/AnyNameNameClass.java new file mode 100644 index 0000000..ecc016d --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/AnyNameNameClass.java @@ -0,0 +1,58 @@ +/* AnyNameNameClass.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG anyName element. + * + * @author Chris Burdess + */ +class AnyNameNameClass + extends NameClass +{ + + NameClass exceptNameClass; + + boolean matchesName(String uri, String localName) + { + return (exceptNameClass == null) ? true : + !exceptNameClass.matchesName(uri, localName); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/AttributePattern.java b/libjava/classpath/gnu/xml/validation/relaxng/AttributePattern.java new file mode 100644 index 0000000..48443d6 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/AttributePattern.java @@ -0,0 +1,53 @@ +/* AttributePattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG attribute element. + * + * @author Chris Burdess + */ +class AttributePattern + extends Pattern +{ + + NameClass nameClass; + Pattern pattern; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/ChoiceNameClass.java b/libjava/classpath/gnu/xml/validation/relaxng/ChoiceNameClass.java new file mode 100644 index 0000000..e196cd4 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/ChoiceNameClass.java @@ -0,0 +1,59 @@ +/* ChoiceNameClass.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG choice element (in the context of a name class). + * + * @author Chris Burdess + */ +class ChoiceNameClass + extends NameClass +{ + + NameClass name1; + NameClass name2; + + boolean matchesName(String uri, String localName) + { + return name1.matchesName(uri, localName) || + name2.matchesName(uri, localName); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/ChoicePattern.java b/libjava/classpath/gnu/xml/validation/relaxng/ChoicePattern.java new file mode 100644 index 0000000..54739b2 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/ChoicePattern.java @@ -0,0 +1,53 @@ +/* ChoicePattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG choice element. + * + * @author Chris Burdess + */ +class ChoicePattern + extends Pattern +{ + + Pattern pattern1; + Pattern pattern2; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/DataPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/DataPattern.java new file mode 100644 index 0000000..2315b2c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/DataPattern.java @@ -0,0 +1,60 @@ +/* DataPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.util.LinkedList; +import java.util.List; +import org.relaxng.datatype.Datatype; +import org.relaxng.datatype.DatatypeLibrary; + +/** + * A RELAX NG data element. + * + * @author Chris Burdess + */ +class DataPattern + extends Pattern +{ + + Datatype type; + DatatypeLibrary datatypeLibrary; + List params = new LinkedList(); + Pattern exceptPattern; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/Define.java b/libjava/classpath/gnu/xml/validation/relaxng/Define.java new file mode 100644 index 0000000..8801d58 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/Define.java @@ -0,0 +1,52 @@ +/* Define.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG define. + * + * @author Chris Burdess + */ +class Define +{ + + String name; + ElementPattern element; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/ElementPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/ElementPattern.java new file mode 100644 index 0000000..9ff3570 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/ElementPattern.java @@ -0,0 +1,53 @@ +/* ElementPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG element. + * + * @author Chris Burdess + */ +class ElementPattern + extends Pattern +{ + + NameClass nameClass; + Pattern pattern; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/EmptyPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/EmptyPattern.java new file mode 100644 index 0000000..ce568f8 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/EmptyPattern.java @@ -0,0 +1,52 @@ +/* EmptyPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG empty element. + * + * @author Chris Burdess + */ +class EmptyPattern + extends Pattern +{ + + static final EmptyPattern INSTANCE = new EmptyPattern(); + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/FullSyntaxBuilder.java b/libjava/classpath/gnu/xml/validation/relaxng/FullSyntaxBuilder.java new file mode 100644 index 0000000..2a68337 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/FullSyntaxBuilder.java @@ -0,0 +1,1651 @@ +/* FullSyntaxBuilder.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.io.InputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.net.URLEncoder; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.DatatypeLibrary; +import org.relaxng.datatype.helpers.DatatypeLibraryLoader; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.xml.sax.SAXException; + +import gnu.xml.stream.XMLParser; + +/** + * Parses a RELAX NG XML DOM tree, constructing a compiled internal + * representation. + * + * @author Chris Burdess + */ +class FullSyntaxBuilder +{ + + /** + * Complete vocabulary (elements and attributes) of the full syntax. + */ + static final Map VOCABULARY = new HashMap(); + static final Set STRIPPED_ATTRIBUTES = new HashSet(); + static final Set PATTERN_ELEMENTS = new HashSet(); + static + { + Set elementAttrs = Collections.singleton("name"); + Set dataAttrs = new HashSet(); + dataAttrs.add("type"); + dataAttrs.add("datatypeLibrary"); + Set valueAttrs = new HashSet(); + valueAttrs.add("type"); + valueAttrs.add("datatypeLibrary"); + valueAttrs.add("ns"); + Set externalAttrs = Collections.singleton("href"); + Set startAttrs = Collections.singleton("combine"); + Set defineAttrs = new HashSet(); + defineAttrs.add("name"); + defineAttrs.add("combine"); + Set nsAttrs = Collections.singleton("ns"); + + VOCABULARY.put("element", elementAttrs); + VOCABULARY.put("attribute", elementAttrs); + VOCABULARY.put("group", Collections.EMPTY_SET); + VOCABULARY.put("interleave", Collections.EMPTY_SET); + VOCABULARY.put("choice", Collections.EMPTY_SET); + VOCABULARY.put("optional", Collections.EMPTY_SET); + VOCABULARY.put("zeroOrMore", Collections.EMPTY_SET); + VOCABULARY.put("oneOrMore", Collections.EMPTY_SET); + VOCABULARY.put("list", Collections.EMPTY_SET); + VOCABULARY.put("mixed", Collections.EMPTY_SET); + VOCABULARY.put("ref", elementAttrs); + VOCABULARY.put("parentRef", elementAttrs); + VOCABULARY.put("empty", Collections.EMPTY_SET); + VOCABULARY.put("text", Collections.EMPTY_SET); + VOCABULARY.put("value", valueAttrs); + VOCABULARY.put("data", dataAttrs); + VOCABULARY.put("notAllowed", Collections.EMPTY_SET); + VOCABULARY.put("externalRef", externalAttrs); + VOCABULARY.put("grammar", Collections.EMPTY_SET); + VOCABULARY.put("param", elementAttrs); + VOCABULARY.put("except", Collections.EMPTY_SET); + VOCABULARY.put("div", Collections.EMPTY_SET); + VOCABULARY.put("include", externalAttrs); + VOCABULARY.put("start", startAttrs); + VOCABULARY.put("define", defineAttrs); + VOCABULARY.put("name", nsAttrs); + VOCABULARY.put("anyName", Collections.EMPTY_SET); + VOCABULARY.put("nsName", nsAttrs); + + STRIPPED_ATTRIBUTES.add("name"); + STRIPPED_ATTRIBUTES.add("type"); + STRIPPED_ATTRIBUTES.add("combine"); + + PATTERN_ELEMENTS.add("element"); + PATTERN_ELEMENTS.add("attribute"); + PATTERN_ELEMENTS.add("group"); + PATTERN_ELEMENTS.add("interleave"); + PATTERN_ELEMENTS.add("choice"); + PATTERN_ELEMENTS.add("optional"); + PATTERN_ELEMENTS.add("zeroOrMore"); + PATTERN_ELEMENTS.add("oneOrMore"); + PATTERN_ELEMENTS.add("list"); + PATTERN_ELEMENTS.add("mixed"); + PATTERN_ELEMENTS.add("ref"); + PATTERN_ELEMENTS.add("parentRef"); + PATTERN_ELEMENTS.add("empty"); + PATTERN_ELEMENTS.add("text"); + PATTERN_ELEMENTS.add("value"); + PATTERN_ELEMENTS.add("data"); + PATTERN_ELEMENTS.add("notAllowed"); + PATTERN_ELEMENTS.add("externalRef"); + PATTERN_ELEMENTS.add("grammar"); + } + + private Set urls; // recursion checking + private int refCount; // creation of ref names + private Map datatypeLibraries; + + /** + * Parse the specified document into a grammar. + */ + synchronized Grammar parse(Document doc) + throws IOException + { + urls = new HashSet(); + refCount = 1; + + doc.normalizeDocument(); // Normalize XML document + transform(doc); // Apply transformation rules to provide simple syntax + + // 4.18. grammar element + Element p = doc.getDocumentElement(); + Element grammar = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "grammar"); + Element start = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "start"); + doc.removeChild(p); + doc.appendChild(grammar); + grammar.appendChild(start); + start.appendChild(p); + transformGrammar(grammar, p); + Element define = getNextSiblingElement(start); + while (define != null) + { + Element next = getNextSiblingElement(define); + String name = define.getAttribute("new-name"); + if (name != null) + { + define.setAttribute("name", name); + define.removeAttribute("new-name"); + } + else + grammar.removeChild(define); // unreferenced + define = next; + } + + // 4.19. define and ref elements + Set allDefines = new HashSet(), reachableDefines = new HashSet(); + getDefines(allDefines, grammar, grammar, false); + getDefines(reachableDefines, grammar, start, true); + allDefines.removeAll(reachableDefines); + for (Iterator i = allDefines.iterator(); i.hasNext(); ) + { + // remove unreachable defines + Element d = (Element) i.next(); + Node parent = d.getParentNode(); + parent.removeChild(d); + } + // replace all elements that are not children of defines by refs to new + // defines + Set elements = new HashSet(); + getElements(elements, grammar, grammar); + for (Iterator i = elements.iterator(); i.hasNext(); ) + { + Element element = (Element) i.next(); + Node parent = element.getParentNode(); + if (!reachableDefines.contains(parent)) + { + define = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "define"); + Element ref = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "ref"); + String name = createRefName(); + define.setAttribute("name", name); + ref.setAttribute("name", name); + parent.insertBefore(ref, element); + define.appendChild(element); + grammar.appendChild(define); + reachableDefines.add(define); + } + } + // Get defines that don't have element children + for (Iterator i = reachableDefines.iterator(); i.hasNext(); ) + { + Element d = (Element) i.next(); + Element child = getFirstChildElement(d); + if (child != null && "element".equals(child.getLocalName())) + i.remove(); + } + // Expand refs that refer to these defines + expandRefs(reachableDefines, grammar); + // Remove any defines that don't have element children + for (Iterator i = reachableDefines.iterator(); i.hasNext(); ) + { + Element d = (Element) i.next(); + Node parent = d.getParentNode(); + parent.removeChild(d); + } + + transform2(p); // Apply second stage transformation rules + + Grammar ret = parseGrammar(grammar); + datatypeLibraries = null; // free datatype libraries cache + return ret; + } + + private void getDefines(Set defines, Element grammar, Element node, + boolean followRefs) + { + String elementName = node.getLocalName(); + if ("define".equals(elementName)) + defines.add(node); + else if ("ref".equals(elementName) && followRefs) + { + String rname = node.getAttribute("name"); + Element define = getFirstChildElement(grammar); + define = getNextSiblingElement(define); + while (define != null) + { + String dname = define.getAttribute("name"); + if (rname.equals(dname)) + { + getDefines(defines, grammar, node, followRefs); + break; + } + define = getNextSiblingElement(define); + } + } + for (Element child = getFirstChildElement(node); child != null; + child = getNextSiblingElement(child)) + getDefines(defines, grammar, child, followRefs); + } + + private void getElements(Set elements, Element grammar, Element node) + { + String elementName = node.getLocalName(); + if ("element".equals(elementName)) + elements.add(node); + for (Element child = getFirstChildElement(node); child != null; + child = getNextSiblingElement(child)) + getElements(elements, grammar, child); + } + + private void expandRefs(Set defines, Element node) + throws GrammarException + { + String elementName = node.getLocalName(); + if ("ref".equals(elementName)) + { + String rname = node.getAttribute("name"); + for (Iterator i = defines.iterator(); i.hasNext(); ) + { + Element define = (Element) i.next(); + String dname = define.getAttribute("name"); + if (rname.equals(dname)) + { + Element child = getFirstChildElement(define); + forbidRefs(child, rname); + Element refChild = (Element) child.cloneNode(true); + Node parent = node.getParentNode(); + parent.insertBefore(refChild, node); + parent.removeChild(node); + node = refChild; + break; + } + } + } + for (Element child = getFirstChildElement(node); child != null; + child = getNextSiblingElement(child)) + expandRefs(defines, child); + } + + private void forbidRefs(Element node, String name) + throws GrammarException + { + String elementName = node.getLocalName(); + if ("ref".equals(elementName)) + { + String rname = node.getAttribute("name"); + if (name.equals(rname)) + throw new GrammarException("cannot expand ref with name '" + name + + "' due to circularity"); + } + for (Element child = getFirstChildElement(node); child != null; + child = getNextSiblingElement(child)) + forbidRefs(child, name); + } + + private void transform(Node node) + throws IOException + { + Node parent = node.getParentNode(); + switch (node.getNodeType()) + { + case Node.ELEMENT_NODE: + // 4.1 Annotations + String elementNs = node.getNamespaceURI(); + String elementName = node.getLocalName(); + if (!XMLConstants.RELAXNG_NS_URI.equals(elementNs) || + !VOCABULARY.containsKey(elementName)) + parent.removeChild(node); + else + { + Set allowedAttrs = (Set) VOCABULARY.get(elementName); + NamedNodeMap attrs = node.getAttributes(); + int len = attrs.getLength(); + for (int i = len - 1; i >= 0; i--) + { + Node attr = attrs.item(i); + String attrNs = attr.getNamespaceURI(); + String attrName = attr.getLocalName(); + if (XMLConstants.XMLNS_ATTRIBUTE_NS_URI.equals(attrNs)) + continue; // ignore namespace nodes + if (!(XMLConstants.RELAXNG_NS_URI.equals(attrNs) || + attrNs == null) || + !allowedAttrs.contains(attrName)) + attrs.removeNamedItemNS(attrNs, attrName); + else + { + // 4.2 Whitespace + if (STRIPPED_ATTRIBUTES.contains(attrName)) + attr.setNodeValue(attr.getNodeValue().trim()); + // 4.3 datatypeLibrary attribute + else if ("datatypeLibrary".equals(attrName)) + { + String dl = attr.getNodeValue(); + attr.setNodeValue(escapeURL(dl)); + } + // 4.5. href attribute + else if ("href".equals(attrName)) + { + String href = attr.getNodeValue(); + href = XMLParser.absolutize(node.getBaseURI(), + escapeURL(href)); + attr.setNodeValue(href); + } + } + } + // 4.3 datatypeLibrary attribute + if ("data".equals(elementName) || "value".equals(elementName)) + { + Element element = (Element) node; + String dl = element.getAttribute("datatypeLibrary"); + if (dl == null) + { + Node p = parent; + while (dl == null && p != null && + p.getNodeType() == Node.ELEMENT_NODE) + { + dl = ((Element) p) + .getAttribute("datatypeLibrary"); + p = p.getParentNode(); + } + if (dl == null) + dl = ""; + element.setAttribute("datatypeLibrary", dl); + } + // 4.4. type attribute of value element + if ("value".equals(elementName)) + { + String type = element.getAttribute("type"); + if (type == null) + { + element.setAttribute("type", "token"); + element.setAttribute("datatypeLibrary", ""); + } + } + // 4.16. Constraints + // TODO validate type + } + // 4.6. externalRef element + else if ("externalRef".equals(elementName)) + { + Element externalRef = (Element) node; + String href = externalRef.getAttribute("href"); + // check for recursion + if (urls.contains(href)) + throw new GrammarException("recursive href"); + urls.add(href); + Element element = resolve(href); + String eNs = element.getNamespaceURI(); + String eName = element.getLocalName(); + if (!(XMLConstants.RELAXNG_NS_URI.equals(eNs) || + eNs == null) || + !PATTERN_ELEMENTS.contains(eName)) + throw new GrammarException("externally referenced element " + + "is not a pattern"); + transform(element); + urls.remove(href); + String ns = element.getAttribute("ns"); + if (ns != null) + element.setAttribute("ns", + externalRef.getAttribute("ns")); + element = (Element) externalRef.getOwnerDocument() + .importNode(element, true); + parent.replaceChild(element, externalRef); + return; + } + // 4.7 include element + else if ("include".equals(elementName)) + { + Element include = (Element) node; + String href = include.getAttribute("href"); + // check for recursion + if (urls.contains(href)) + throw new GrammarException("recursive href"); + urls.add(href); + Element element = resolve(href); + String eNs = element.getNamespaceURI(); + String eName = element.getLocalName(); + if (!(XMLConstants.RELAXNG_NS_URI.equals(eNs) || + eNs == null) || + !"grammar".equals(eName)) + throw new GrammarException("included element is not " + + "a grammar"); + + transform(element); + urls.remove(href); + // handle components + List includeComponents = getComponents(include); + List grammarComponents = getComponents(element); + for (Iterator i = includeComponents.iterator(); i.hasNext(); ) + { + Element comp = (Element) i.next(); + String compName = comp.getLocalName(); + if ("start".equals(compName)) + { + boolean found = false; + for (Iterator j = grammarComponents.iterator(); + j.hasNext(); ) + { + Element c2 = (Element) j.next(); + if ("start".equals(c2.getLocalName())) + { + c2.getParentNode().removeChild(c2); + found = true; + } + } + if (!found) + throw new GrammarException("no start component in " + + "included grammar"); + } + else if ("define".equals(compName)) + { + String name = comp.getAttribute("name"); + boolean found = false; + for (Iterator j = grammarComponents.iterator(); + j.hasNext(); ) + { + Element c2 = (Element) j.next(); + if ("define".equals(c2.getLocalName()) && + name.equals(c2.getAttribute("name"))) + { + c2.getParentNode().removeChild(c2); + found = true; + } + } + if (!found) + throw new GrammarException("no define component " + + "with name '" + name + + "' in included grammar"); + } + } + // transform to div element + Document doc = include.getOwnerDocument(); + Element includeDiv = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "div"); + Element grammarDiv = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "div"); + // XXX copy include non-href attributes (none defined?) + element = (Element) doc.importNode(element, true); + Node ctx = element.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + grammarDiv.appendChild(ctx); + ctx = next; + } + includeDiv.appendChild(grammarDiv); + ctx = include.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + includeDiv.appendChild(ctx); + ctx = next; + } + parent.replaceChild(includeDiv, include); + transform(includeDiv); + return; + } + // 4.8. name attribute of element and attribute elements + else if ("attribute".equals(elementName) || + "element".equals(elementName)) + { + Element element = (Element) node; + String name = element.getAttribute("name"); + if (name != null) + { + Document doc = element.getOwnerDocument(); + Element n = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, "name"); + n.appendChild(doc.createTextNode(name)); + Node first = element.getFirstChild(); + if (first != null) + element.insertBefore(n, first); + else + element.appendChild(n); + if ("attribute".equals(elementName)) + { + String ns = element.getAttribute("ns"); + if (ns != null) + { + n.setAttribute("ns", ns); + element.removeAttribute("ns"); + } + } + element.removeAttribute("name"); + } + // 4.12. Number of child elements + if ("attribute".equals(elementName)) + { + if (getComponents(node).size() == 1) + { + Document doc = node.getOwnerDocument(); + Element text = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "text"); + node.appendChild(text); + } + } + else // element + { + if (node.getChildNodes().getLength() > 2) + { + // transform to 2 child elements + Document doc = node.getOwnerDocument(); + Element child = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "group"); + Node ctx = getFirstChildElement(node); + ctx = getNextSiblingElement(ctx); // skip 1 + while (ctx != null) + { + Node next = getNextSiblingElement(ctx); + child.appendChild(ctx); + ctx = next; + } + node.appendChild(child); + } + } + } + // 4.11. div element + else if ("div".equals(elementName)) + { + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + parent.insertBefore(ctx, node); + transform(ctx); + ctx = next; + } + parent.removeChild(node); + return; + } + else if ("mixed".equals(elementName)) + { + // 4.12. Number of child elements + transformToOneChildElement(node, "group"); + // 4.13. mixed element + Document doc = node.getOwnerDocument(); + Node interleave = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "interleave"); + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + interleave.appendChild(ctx); + ctx = next; + } + Node text = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "text"); + interleave.appendChild(text); + parent.insertBefore(interleave, node); + parent.removeChild(node); + node = interleave; + } + else if ("optional".equals(elementName)) + { + // 4.12. Number of child elements + transformToOneChildElement(node, "group"); + // 4.14. optional element + Document doc = node.getOwnerDocument(); + Node choice = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "choice"); + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + choice.appendChild(ctx); + ctx = next; + } + Node empty = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "empty"); + choice.appendChild(empty); + parent.insertBefore(choice, node); + parent.removeChild(node); + node = choice; + } + else if ("zeroOrMore".equals(elementName)) + { + // 4.12. Number of child elements + transformToOneChildElement(node, "group"); + // 4.15. zeroOrMore element + Document doc = node.getOwnerDocument(); + Node choice = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "choice"); + Node oneOrMore = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "oneOrMore"); + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + oneOrMore.appendChild(ctx); + ctx = next; + } + Node empty = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "empty"); + choice.appendChild(oneOrMore); + choice.appendChild(empty); + parent.insertBefore(choice, node); + parent.removeChild(node); + node = choice; + } + else if ("list".equals(elementName) || + "oneOrMore".equals(elementName) || + "define".equals(elementName)) + { + // 4.12. Number of child elements + transformToOneChildElement(node, "group"); + } + else if ("except".equals(elementName)) + { + // 4.12. Number of child elements + transformToOneChildElement(node, "choice"); + // 4.16. Constraints + String parentName = parent.getLocalName(); + if ("anyName".equals(parentName)) + forbidDescendants(node, Collections.singleton("anyName")); + else if ("nsName".equals(parentName)) + { + Set names = new HashSet(); + names.add("nsName"); + names.add("anyName"); + forbidDescendants(node, names); + } + } + else if ("choice".equals(elementName) || + "group".equals(elementName) || + "interleave".equals(elementName)) + { + // 4.12. Number of child elements + Node ctx = getFirstChildElement(node); + Node next = getNextSiblingElement(ctx); + if (next == null) + { + // replace + parent.insertBefore(ctx, node); + parent.removeChild(node); + transform(ctx); + return; + } + else + { + // transform to 2 child elements + Node next2 = getNextSiblingElement(next); + if (next2 != null) + { + Document doc = node.getOwnerDocument(); + Node child = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + elementName); + child.appendChild(ctx); + child.appendChild(next); + node.insertBefore(next2, child); + transform(node); // recurse + } + } + } + // 4.17. combine attribute + else if ("grammar".equals(elementName)) + { + String combine = null; + List nodes = new LinkedList(); + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + if ("start".equals(ctx.getLocalName())) + { + String c = ((Element) ctx).getAttribute("combine"); + if (combine != null && !combine.equals(c)) + throw new GrammarException("multiple start elements "+ + "but no combine attribute"); + combine = c; + nodes.add(ctx); + } + ctx = next; + } + if (!nodes.isEmpty()) + combineNodes(node, combine, "start", nodes); + // defines + Map defines = new HashMap(); + Map defineCombines = new HashMap(); + ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + if ("define".equals(ctx.getLocalName())) + { + String name = ((Element) ctx).getAttribute("name"); + combine = (String) defineCombines.get(name); + String c = ((Element) ctx).getAttribute("combine"); + if (combine != null && !combine.equals(c)) + throw new GrammarException("multiple define " + + "elements with name '"+ + name + "' but no " + + "combine attribute"); + defineCombines.put(name, c); + nodes = (List) defines.get(name); + if (nodes == null) + { + nodes = new LinkedList(); + defines.put(name, nodes); + } + nodes.add(ctx); + } + ctx = next; + } + for (Iterator i = defines.keySet().iterator(); i.hasNext(); ) + { + String name = (String) i.next(); + combine = (String) defineCombines.get(name); + nodes = (List) defines.get(name); + if (!nodes.isEmpty()) + combineNodes(node, combine, "define", nodes); + } + } + // 4.9. ns attribute + if ("name".equals(elementName) || + "nsName".equals(elementName) || + "value".equals(elementName)) + { + Element element = (Element) node; + String ns = element.getAttribute("ns"); + if (ns == null) + { + Node ctx = parent; + while (ns == null && ctx != null && + ctx.getNodeType() == Node.ELEMENT_NODE) + { + ns = ((Element) ctx).getAttribute("ns"); + ctx = ctx.getParentNode(); + } + element.setAttribute("ns", (ns == null) ? "" : ns); + } + if ("name".equals(elementName)) + { + // 4.10. QNames + String name = element.getTextContent(); + int ci = name.indexOf(':'); + if (ci != -1) + { + String prefix = name.substring(0, ci); + element.setTextContent(name.substring(ci + 1)); + ns = element.lookupNamespaceURI(prefix); + element.setAttribute("ns", (ns == null) ? "" : ns); + } + // 4.16. Constraints + if (isDescendantOfFirstChildOfAttribute(element) && + "".equals(element.getAttribute("ns")) && + "xmlns".equals(element.getTextContent())) + throw new GrammarException("name cannot be xmlns"); + } + else if ("nsName".equals(elementName)) + { + // 4.16. Constraints + if (isDescendantOfFirstChildOfAttribute(element) && + "http://www.w3.org/2000/xmlns" + .equals(element.getAttribute("ns"))) + throw new GrammarException("nsName cannot be XMLNS URI"); + } + } + } + + break; + case Node.TEXT_NODE: + case Node.CDATA_SECTION_NODE: + // 4.2 Whitespace + String parentName = parent.getLocalName(); + if ("name".equals(parentName)) + node.setNodeValue(node.getNodeValue().trim()); + if (!"param".equals(parentName) && + !"value".equals(parentName) && + isWhitespace(node.getNodeValue())) + parent.removeChild(node); + break; + case Node.DOCUMENT_NODE: + break; + default: + parent.removeChild(node); + } + // Transform children + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + transform(ctx); + ctx = next; + } + } + + /** + * Transforms the schema to place all defines under the top-level grammar + * element and replace all other grammar elements by their start child. + */ + private void transformGrammar(Node grammar, Node node) + throws GrammarException + { + if (node.getNodeType() == Node.ELEMENT_NODE) + { + String elementName = node.getLocalName(); + if ("grammar".equals(elementName)) + { + handleRefs(grammar, node, node); + Node start = null; + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + String childName = ctx.getLocalName(); + if ("define".equals(childName)) + grammar.appendChild(ctx); + else if ("start".equals(childName)) + start = ctx; + ctx = next; + } + if (start == null) + throw new GrammarException("no start element for grammar"); + Node p = getFirstChildElement(start); + Node parent = node.getParentNode(); + parent.insertBefore(p, node); + parent.removeChild(node); + node = p; + } + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + transformGrammar(grammar, ctx); + ctx = next; + } + } + } + + /** + * Checks that all references in the specified grammar match a define in + * the grammar. + */ + private void handleRefs(Node grammar1, Node grammar2, Node node) + throws GrammarException + { + if (node.getNodeType() == Node.ELEMENT_NODE) + { + String elementName = node.getLocalName(); + if ("ref".equals(elementName) || "parentRef".equals(elementName)) + { + Node grammar = grammar2; + if ("parentRef".equals(elementName)) + grammar = grammar1; + + String name = ((Element) node).getAttribute("name"); + if (name != null) + throw new GrammarException("no name attribute on " + + elementName); + Node define = null; + for (Node ctx = grammar.getFirstChild(); + define == null && ctx != null; + ctx = ctx.getNextSibling()) + { + if ("define".equals(ctx.getLocalName())) + { + String dname = ((Element) ctx).getAttribute("name"); + if (name.equals(dname)) + define = ctx; + } + } + if (define == null) + throw new GrammarException("no define for '" + name + "'"); + name = ((Element) define).getAttribute("new-name"); + if (name == null) + { + name = createRefName(); + ((Element) define).setAttribute("new-name", name); + } + if ("parentRef".equals(elementName)) + { + Document doc = node.getOwnerDocument(); + Node ref = doc.createElementNS(XMLConstants.RELAXNG_NS_URI, + "ref"); + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + ref.appendChild(ctx); + ctx = next; + } + Node parent = node.getParentNode(); + parent.insertBefore(ref, node); + parent.removeChild(node); + node = ref; + } + ((Element) node).setAttribute("name", name); + } + else if ("grammar".equals(elementName)) + { + grammar1 = grammar2; + grammar2 = node; + } + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + handleRefs(grammar1, grammar2, ctx); + ctx = next; + } + } + } + + private String createRefName() + { + return "ref" + Integer.toString(refCount++); + } + + private void transform2(Node node) + throws GrammarException + { + Node parent = node.getParentNode(); + if (node.getNodeType() == Node.ELEMENT_NODE) + { + String elementName = node.getLocalName(); + // 4.20. notAllowed element + if ("notAllowed".equals(elementName)) + { + String parentName = parent.getLocalName(); + if ("attribute".equals(parentName) || + "list".equals(parentName) || + "group".equals(parentName) || + "interleave".equals(parentName) || + "oneOrMore".equals(parentName)) + { + Node pp = parent.getParentNode(); + pp.insertBefore(node, parent); + pp.removeChild(parent); + transform2(node); // apply recursively + return; + } + else if ("choice".equals(parentName)) + { + Node p1 = getFirstChildElement(parent); + Node p2 = getNextSiblingElement(p1); + if (p1 == null || p2 == null) + throw new GrammarException("choice does not have two " + + "children"); + String p1Name = p1.getLocalName(); + String p2Name = p2.getLocalName(); + Node pp = parent.getParentNode(); + if ("notAllowed".equals(p1Name) && + "notAllowed".equals(p2Name)) + { + pp.insertBefore(p1, parent); + pp.removeChild(parent); + transform2(p1); //apply recursively + return; + } + else if ("notAllowed".equals(p1Name)) + { + pp.insertBefore(p2, parent); + pp.removeChild(parent); + transform2(p2); + return; + } + else + { + pp.insertBefore(p1, parent); + pp.removeChild(parent); + transform2(p1); + return; + } + } + else if ("except".equals(parentName)) + { + Node pp = parent.getParentNode(); + pp.removeChild(parent); + return; + } + } + // 4.21. empty element + else if ("empty".equals(elementName)) + { + String parentName = parent.getLocalName(); + if ("group".equals(parentName) || + "interleave".equals(parentName)) + { + Node p1 = getFirstChildElement(parent); + Node p2 = getNextSiblingElement(p1); + if (p1 == null || p2 == null) + throw new GrammarException(parentName + " does not have " + + "two children"); + String p1Name = p1.getLocalName(); + String p2Name = p2.getLocalName(); + Node pp = parent.getParentNode(); + if ("empty".equals(p1Name) && + "empty".equals(p2Name)) + { + pp.insertBefore(p1, parent); + pp.removeChild(parent); + transform2(p1); + return; + } + else if ("empty".equals(p1Name)) + { + pp.insertBefore(p2, parent); + pp.removeChild(parent); + transform2(p2); + return; + } + else + { + pp.insertBefore(p1, parent); + pp.removeChild(parent); + transform2(p1); + return; + } + } + else if ("choice".equals(parentName)) + { + Node p1 = getFirstChildElement(parent); + Node p2 = getNextSiblingElement(p1); + if (p1 == null || p2 == null) + throw new GrammarException(parentName + " does not have " + + "two children"); + String p1Name = p1.getLocalName(); + String p2Name = p2.getLocalName(); + Node pp = parent.getParentNode(); + if ("empty".equals(p1Name) && + "empty".equals(p2Name)) + { + pp.insertBefore(p1, parent); + pp.removeChild(parent); + transform2(p1); + return; + } + } + else if ("oneOrMore".equals(parentName)) + { + Node pp = parent.getParentNode(); + pp.insertBefore(node, parent); + pp.removeChild(parent); + transform2(node); + return; + } + } + Node ctx = node.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + transform2(ctx); + ctx = next; + } + } + } + + private static boolean isWhitespace(String text) + { + int len = text.length(); + for (int i = 0; i < len; i++) + { + char c = text.charAt(i); + if (c != ' ' && c != '\t' && c != '\n' && c != '\r') + return false; + } + return true; + } + + private static String escapeURL(String url) + { + try + { + return URLEncoder.encode(url, "UTF-8"); + } + catch (UnsupportedEncodingException e) + { + RuntimeException e2 = new RuntimeException("UTF-8 is unsupported"); + e2.initCause(e); + throw e2; + } + } + + /** + * Resolve a URL to an element, as described in section 4.5. + */ + private static Element resolve(String url) + throws IOException + { + try + { + URL u = new URL(url); + InputStream in = u.openStream(); + DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); + f.setNamespaceAware(true); + f.setCoalescing(true); + f.setExpandEntityReferences(true); + f.setIgnoringComments(true); + f.setIgnoringElementContentWhitespace(true); + DocumentBuilder b = f.newDocumentBuilder(); + Document doc = b.parse(in, url); + in.close(); + String fragment = u.getRef(); + if (fragment != null) + return doc.getElementById(fragment); + return doc.getDocumentElement(); + } + catch (SAXException e) + { + IOException e2 = new IOException("error parsing included element"); + e2.initCause(e); + throw e2; + } + catch (ParserConfigurationException e) + { + IOException e2 = new IOException("error parsing included element"); + e2.initCause(e); + throw e2; + } + } + + /** + * Returns the "components" of an element, as described in section 4.7. + */ + private List getComponents(Node node) + { + List ret = new LinkedList(); + for (Node ctx = node.getFirstChild(); ctx != null; + ctx = ctx.getNextSibling()) + { + if (ctx.getNodeType() != Node.ELEMENT_NODE) + continue; + String ns = ctx.getNamespaceURI(); + if (ns != null && !ns.equals(XMLConstants.RELAXNG_NS_URI)) + continue; + String name = ctx.getLocalName(); + if ("div".equals(name)) + ret.addAll(getComponents(ctx)); + else if (VOCABULARY.containsKey(name)) + ret.add(ctx); + } + return ret; + } + + private static void transformToOneChildElement(Node node, String name) + { + if (node.getChildNodes().getLength() < 2) + return; + Document doc = node.getOwnerDocument(); + Element child = doc.createElementNS(XMLConstants.RELAXNG_NS_URI, name); + Node ctx = getFirstChildElement(node); + while (ctx != null) + { + Node next = getNextSiblingElement(ctx); + child.appendChild(ctx); + ctx = next; + } + node.appendChild(child); + } + + private static Element getFirstChildElement(Node node) + { + Node ctx = node.getFirstChild(); + while (ctx != null && ctx.getNodeType() != Node.ELEMENT_NODE) + ctx = ctx.getNextSibling(); + return (Element) ctx; + } + + private static Element getNextSiblingElement(Node node) + { + Node ctx = node.getNextSibling(); + while (ctx != null && ctx.getNodeType() != Node.ELEMENT_NODE) + ctx = ctx.getNextSibling(); + return (Element) ctx; + } + + private static void forbidDescendants(Node node, Set names) + throws GrammarException + { + for (Node ctx = node.getFirstChild(); ctx != null; + ctx = ctx.getNextSibling()) + { + String ns = ctx.getNamespaceURI(); + if (!XMLConstants.RELAXNG_NS_URI.equals(ns)) + continue; + String name = ctx.getLocalName(); + if (names.contains(name)) + throw new GrammarException("name not allowed: " + name); + forbidDescendants(ctx, names); + } + } + + private static boolean isDescendantOfFirstChildOfAttribute(Node node) + { + Node child = node; + Node parent = node.getParentNode(); + while (parent != null && !"attribute".equals(parent.getLocalName())) + { + child = parent; + parent = child.getParentNode(); + } + if (parent == null) + return false; + Node firstChild = getFirstChildElement(parent); + return firstChild == child; + } + + private static void combineNodes(Node node, String combine, String name, + List nodes) + { + Document doc = node.getOwnerDocument(); + Node child = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, name); + Node combineNode = + doc.createElementNS(XMLConstants.RELAXNG_NS_URI, combine); + child.appendChild(combineNode); + boolean inserted = false; + for (Iterator i = nodes.iterator(); i.hasNext(); ) + { + Node startNode = (Node) i.next(); + if (!inserted) + { + node.insertBefore(child, startNode); + inserted = true; + } + Node ctx = startNode.getFirstChild(); + while (ctx != null) + { + Node next = ctx.getNextSibling(); + combineNode.appendChild(ctx); + ctx = next; + } + node.removeChild(startNode); + } + } + + Grammar parseGrammar(Element node) + throws GrammarException + { + checkName(node, "grammar"); + Grammar grammar = new Grammar(); + Element start = getFirstChildElement(node); + grammar.start = parsePattern(getFirstChildElement(start)); + for (Element define = getNextSiblingElement(start); define != null; + define = getNextSiblingElement(define)) + grammar.defines.add(parseDefine(define)); + return grammar; + } + + Define parseDefine(Element node) + throws GrammarException + { + checkName(node, "define"); + Define define = new Define(); + define.name = node.getAttribute("name"); + define.element = parseElement(getFirstChildElement(node)); + return define; + } + + Pattern parseTop(Element node) + throws GrammarException + { + String name = node.getLocalName(); + if ("notAllowed".equals(name)) + return parseNotAllowed(node); + return parsePattern(node); + } + + Pattern parsePattern(Element node) + throws GrammarException + { + String name = node.getLocalName(); + if ("empty".equals(name)) + return parseEmpty(node); + return parseNonEmptyPattern(node); + } + + Pattern parseNonEmptyPattern(Element node) + throws GrammarException + { + String name = node.getLocalName(); + if ("text".equals(name)) + return parseText(node); + else if ("data".equals(name)) + return parseData(node); + else if ("value".equals(name)) + return parseValue(node); + else if ("list".equals(name)) + return parseList(node); + else if ("attribute".equals(name)) + return parseAttribute(node); + else if ("ref".equals(name)) + return parseRef(node); + else if ("oneOrMore".equals(name)) + return parseOneOrMore(node); + else if ("choice".equals(name)) + return parseChoice(node); + else if ("group".equals(name)) + return parseGroup(node); + else if ("interleave".equals(name)) + return parseInterleave(node); + throw new GrammarException("invalid pattern: " + name); + } + + ElementPattern parseElement(Element node) + throws GrammarException + { + checkName(node, "element"); + ElementPattern element = new ElementPattern(); + Element nameClass = getFirstChildElement(node); + element.nameClass = parseNameClass(nameClass); + element.pattern = parseTop(getNextSiblingElement(nameClass)); + return element; + } + + NotAllowedPattern parseNotAllowed(Element node) + throws GrammarException + { + checkName(node, "notAllowed"); + return NotAllowedPattern.INSTANCE; + } + + EmptyPattern parseEmpty(Element node) + throws GrammarException + { + checkName(node, "empty"); + return EmptyPattern.INSTANCE; + } + + TextPattern parseText(Element node) + throws GrammarException + { + checkName(node, "text"); + return TextPattern.INSTANCE; + } + + DataPattern parseData(Element node) + throws GrammarException + { + checkName(node, "data"); + DataPattern data = new DataPattern(); + DatatypeLibrary dl = + getDatatypeLibrary(node.getAttribute("datatypeLibrary")); + String type = node.getAttribute("type"); + try + { + data.type = dl.createDatatype(type); + data.datatypeLibrary = dl; + } + catch (DatatypeException e) + { + GrammarException e2 = new GrammarException(type); + e2.initCause(e); + throw e2; + } + Element ctx = getFirstChildElement(node); + while (ctx != null) + { + Element next = getNextSiblingElement(ctx); + String name = ctx.getLocalName(); + if ("param".equals(name)) + data.params.add(parseParam(ctx)); + else if ("except".equals(name) && next == null) + data.exceptPattern = parsePattern(getFirstChildElement(ctx)); + else + throw new GrammarException("invalid element: " + name); + ctx = next; + } + return data; + } + + Param parseParam(Element node) + throws GrammarException + { + checkName(node, "param"); + Param param = new Param(); + param.name = node.getAttribute("name"); + param.value = node.getTextContent(); + return param; + } + + ValuePattern parseValue(Element node) + throws GrammarException + { + checkName(node, "value"); + ValuePattern value = new ValuePattern(); + DatatypeLibrary dl = + getDatatypeLibrary(node.getAttribute("datatypeLibrary")); + String type = node.getAttribute("type"); + try + { + value.type = dl.createDatatype(type); + value.datatypeLibrary = dl; + } + catch (DatatypeException e) + { + GrammarException e2 = new GrammarException(type); + e2.initCause(e); + throw e2; + } + value.ns = node.getAttribute("ns"); + value.value = node.getTextContent(); + return value; + } + + ListPattern parseList(Element node) + throws GrammarException + { + checkName(node, "list"); + ListPattern list = new ListPattern(); + list.pattern = parsePattern(getFirstChildElement(node)); + return list; + } + + AttributePattern parseAttribute(Element node) + throws GrammarException + { + checkName(node, "attribute"); + AttributePattern attribute = new AttributePattern(); + Element nameClass = getFirstChildElement(node); + attribute.nameClass = parseNameClass(nameClass); + attribute.pattern = parsePattern(getNextSiblingElement(nameClass)); + return attribute; + } + + RefPattern parseRef(Element node) + throws GrammarException + { + checkName(node, "ref"); + RefPattern ref = new RefPattern(); + ref.name = node.getAttribute("name"); + return ref; + } + + OneOrMorePattern parseOneOrMore(Element node) + throws GrammarException + { + checkName(node, "oneOrMore"); + OneOrMorePattern oneOrMore = new OneOrMorePattern(); + oneOrMore.pattern = parseNonEmptyPattern(getFirstChildElement(node)); + return oneOrMore; + } + + ChoicePattern parseChoice(Element node) + throws GrammarException + { + checkName(node, "choice"); + ChoicePattern choice = new ChoicePattern(); + Element p1 = getFirstChildElement(node); + Element p2 = getNextSiblingElement(p1); + choice.pattern1 = parsePattern(p1); + choice.pattern2 = parseNonEmptyPattern(p2); + return choice; + } + + GroupPattern parseGroup(Element node) + throws GrammarException + { + checkName(node, "group"); + GroupPattern group = new GroupPattern(); + Element p1 = getFirstChildElement(node); + Element p2 = getNextSiblingElement(p1); + group.pattern1 = parseNonEmptyPattern(p1); + group.pattern2 = parseNonEmptyPattern(p2); + return group; + } + + InterleavePattern parseInterleave(Element node) + throws GrammarException + { + checkName(node, "interleave"); + InterleavePattern interleave = new InterleavePattern(); + Element p1 = getFirstChildElement(node); + Element p2 = getNextSiblingElement(p1); + interleave.pattern1 = parseNonEmptyPattern(p1); + interleave.pattern2 = parseNonEmptyPattern(p2); + return interleave; + } + + NameClass parseNameClass(Element node) + throws GrammarException + { + String name = node.getLocalName(); + if ("anyName".equals(name)) + return parseAnyName(node); + else if ("name".equals(name)) + return parseName(node); + else if ("nsName".equals(name)) + return parseNsName(node); + else if ("choice".equals(name)) + return parseChoiceNameClass(node); + throw new GrammarException("invalid name class: " + name); + } + + AnyNameNameClass parseAnyName(Element node) + throws GrammarException + { + checkName(node, "anyName"); + AnyNameNameClass anyName = new AnyNameNameClass(); + Element except = getFirstChildElement(node); + if (except != null) { + checkName(except, "except"); + anyName.exceptNameClass = parseNameClass(getFirstChildElement(except)); + } + return anyName; + } + + NameNameClass parseName(Element node) + throws GrammarException + { + checkName(node, "name"); + NameNameClass name = new NameNameClass(); + name.ns = node.getAttribute("ns"); + name.name = node.getTextContent(); + return name; + } + + NSNameNameClass parseNsName(Element node) + throws GrammarException + { + checkName(node, "nsName"); + NSNameNameClass nsName = new NSNameNameClass(); + nsName.ns = node.getAttribute("ns"); + Element except = getFirstChildElement(node); + if (except != null) { + checkName(except, "except"); + nsName.exceptNameClass = parseNameClass(getFirstChildElement(except)); + } + return nsName; + } + + ChoiceNameClass parseChoiceNameClass(Element node) + throws GrammarException + { + checkName(node, "choice"); + ChoiceNameClass choice = new ChoiceNameClass(); + Element c1 = getFirstChildElement(node); + Element c2 = getNextSiblingElement(c1); + choice.name1 = parseNameClass(c1); + choice.name2 = parseNameClass(c2); + return choice; + } + + void checkName(Element node, String name) + throws GrammarException + { + if (!name.equals(node.getLocalName())) + throw new GrammarException("expecting " + name); + } + + DatatypeLibrary getDatatypeLibrary(String uri) + throws GrammarException + { + if (datatypeLibraries == null) + datatypeLibraries = new HashMap(); + DatatypeLibrary library = (DatatypeLibrary) datatypeLibraries.get(uri); + if (library == null) + { + library = new DatatypeLibraryLoader().createDatatypeLibrary(uri); + if (library == null) + throw new GrammarException("Datatype library not supported: " + uri); + datatypeLibraries.put(uri, library); + } + return library; + } + +} diff --git a/libjava/classpath/gnu/xml/validation/relaxng/Grammar.java b/libjava/classpath/gnu/xml/validation/relaxng/Grammar.java new file mode 100644 index 0000000..76eff4f --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/Grammar.java @@ -0,0 +1,70 @@ +/* Grammar.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.util.LinkedList; +import java.util.List; +import javax.xml.validation.Schema; +import javax.xml.validation.Validator; +import javax.xml.validation.ValidatorHandler; + +/** + * A RELAX NG grammar. + * + * @author Chris Burdess + */ +class Grammar + extends Schema +{ + + Pattern start; + List defines = new LinkedList(); + + public Validator newValidator() + { + return new GrammarValidator(this); + } + + public ValidatorHandler newValidatorHandler() + { + // TODO + return null; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/GrammarException.java b/libjava/classpath/gnu/xml/validation/relaxng/GrammarException.java new file mode 100644 index 0000000..71d03de --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/GrammarException.java @@ -0,0 +1,56 @@ +/* GrammarException.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.io.IOException; + +/** + * Exception parsing a grammar. + * + * @author Chris Burdess + */ +class GrammarException + extends IOException +{ + + GrammarException(String message) + { + super(message); + } + +} diff --git a/libjava/classpath/gnu/xml/validation/relaxng/GrammarValidator.java b/libjava/classpath/gnu/xml/validation/relaxng/GrammarValidator.java new file mode 100644 index 0000000..d811aee --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/GrammarValidator.java @@ -0,0 +1,97 @@ +/* GrammarValidator.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.io.IOException; +import javax.xml.transform.Source; +import javax.xml.transform.Result; +import javax.xml.validation.Validator; +import org.w3c.dom.ls.LSResourceResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.SAXException; + +/** + * RELAX NG validator. + * + * @author Chris Burdess + */ +class GrammarValidator + extends Validator +{ + + final Grammar grammar; + ErrorHandler errorHandler; + LSResourceResolver resourceResolver; + + GrammarValidator(Grammar grammar) + { + this.grammar = grammar; + } + + public ErrorHandler getErrorHandler() + { + return errorHandler; + } + + public void setErrorHandler(ErrorHandler errorHandler) + { + this.errorHandler = errorHandler; + } + + public LSResourceResolver getResourceResolver() + { + return resourceResolver; + } + + public void setResourceResolver(LSResourceResolver resourceResolver) + { + this.resourceResolver = resourceResolver; + } + + public void reset() + { + // TODO + } + + public void validate(Source source, Result result) + throws SAXException, IOException + { + // TODO + } + +} diff --git a/libjava/classpath/gnu/xml/validation/relaxng/GroupPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/GroupPattern.java new file mode 100644 index 0000000..b01090e --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/GroupPattern.java @@ -0,0 +1,53 @@ +/* GroupPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG group element. + * + * @author Chris Burdess + */ +class GroupPattern + extends Pattern +{ + + Pattern pattern1; + Pattern pattern2; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/InterleavePattern.java b/libjava/classpath/gnu/xml/validation/relaxng/InterleavePattern.java new file mode 100644 index 0000000..aa7c28e --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/InterleavePattern.java @@ -0,0 +1,53 @@ +/* InterleavePattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG interleave element. + * + * @author Chris Burdess + */ +class InterleavePattern + extends Pattern +{ + + Pattern pattern1; + Pattern pattern2; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/ListPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/ListPattern.java new file mode 100644 index 0000000..4c0393a --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/ListPattern.java @@ -0,0 +1,52 @@ +/* ListPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG list element. + * + * @author Chris Burdess + */ +class ListPattern + extends Pattern +{ + + Pattern pattern; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/NSNameNameClass.java b/libjava/classpath/gnu/xml/validation/relaxng/NSNameNameClass.java new file mode 100644 index 0000000..f485e99 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/NSNameNameClass.java @@ -0,0 +1,61 @@ +/* NSNameNameClass.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG nsName element. + * + * @author Chris Burdess + */ +class NSNameNameClass + extends NameClass +{ + + String ns; + NameClass exceptNameClass; + + boolean matchesName(String uri, String localName) + { + if (!ns.equals(uri)) + return false; + return (exceptNameClass == null) ? true : + !exceptNameClass.matchesName(uri, localName); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/NameClass.java b/libjava/classpath/gnu/xml/validation/relaxng/NameClass.java new file mode 100644 index 0000000..2a3dc83 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/NameClass.java @@ -0,0 +1,50 @@ +/* NameClass.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG name class. + * + * @author Chris Burdess + */ +abstract class NameClass +{ + + abstract boolean matchesName(String uri, String localName); + +} diff --git a/libjava/classpath/gnu/xml/validation/relaxng/NameNameClass.java b/libjava/classpath/gnu/xml/validation/relaxng/NameNameClass.java new file mode 100644 index 0000000..d5a0c5f --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/NameNameClass.java @@ -0,0 +1,60 @@ +/* NameNameClass.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG name element. + * + * @author Chris Burdess + */ +class NameNameClass + extends NameClass +{ + + String ns; + String name; + + boolean matchesName(String uri, String localName) + { + if (!ns.equals(uri)) + return false; + return name.equals(localName); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/NotAllowedPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/NotAllowedPattern.java new file mode 100644 index 0000000..8263a45 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/NotAllowedPattern.java @@ -0,0 +1,53 @@ +/* NotAllowedPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG notAllowed element. + * + * @author Chris Burdess + */ +class NotAllowedPattern + extends Pattern +{ + + static final NotAllowedPattern INSTANCE = new NotAllowedPattern(); + +} + + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/OneOrMorePattern.java b/libjava/classpath/gnu/xml/validation/relaxng/OneOrMorePattern.java new file mode 100644 index 0000000..99864d7 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/OneOrMorePattern.java @@ -0,0 +1,52 @@ +/* OneOrMorePattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG oneOrMore element. + * + * @author Chris Burdess + */ +class OneOrMorePattern + extends Pattern +{ + + Pattern pattern; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/Param.java b/libjava/classpath/gnu/xml/validation/relaxng/Param.java new file mode 100644 index 0000000..246ad20 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/Param.java @@ -0,0 +1,52 @@ +/* Param.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG param element. + * + * @author Chris Burdess + */ +class Param +{ + + String name; + String value; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/Pattern.java b/libjava/classpath/gnu/xml/validation/relaxng/Pattern.java new file mode 100644 index 0000000..3bf9a99 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/Pattern.java @@ -0,0 +1,48 @@ +/* Pattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG pattern. + * + * @author Chris Burdess + */ +abstract class Pattern +{ +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/RELAXNGSchemaFactory.java b/libjava/classpath/gnu/xml/validation/relaxng/RELAXNGSchemaFactory.java new file mode 100644 index 0000000..e1eb758 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/RELAXNGSchemaFactory.java @@ -0,0 +1,151 @@ +/* RelaxNGSchemaFactory.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import java.io.IOException; +import java.net.URL; +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.ls.LSResourceResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * Schema factory for RELAX NG grammars. + * + * @author Chris Burdess + */ +public class RELAXNGSchemaFactory + extends SchemaFactory +{ + + LSResourceResolver resourceResolver; + + public LSResourceResolver getResourceResolver() + { + return resourceResolver; + } + + public void setResourceResolver(LSResourceResolver resourceResolver) + { + this.resourceResolver = resourceResolver; + } + + public boolean isSchemaLanguageSupported(String schemaLanguage) + { + return XMLConstants.RELAXNG_NS_URI.equals(schemaLanguage); + } + + public Schema newSchema() + throws SAXException + { + // TODO + throw new UnsupportedOperationException(); + } + + public Schema newSchema(Source[] schemata) + throws SAXException + { + if (schemata == null || schemata.length != 1) + throw new IllegalArgumentException("must specify one source"); + // TODO multiple schemata + // TODO compact syntax + try + { + Document doc = getDocument(schemata[0]); + FullSyntaxBuilder builder = new FullSyntaxBuilder(); + return builder.parse(doc); + } + catch (IOException e) + { + SAXException e2 = new SAXException(e.getMessage()); + e2.initCause(e); + throw e2; + } + } + + private static Document getDocument(Source source) + throws SAXException, IOException + { + if (source instanceof DOMSource) + { + Node node = ((DOMSource) source).getNode(); + if (node != null && node instanceof Document) + return (Document) node; + } + String url = source.getSystemId(); + try + { + InputSource input = new InputSource(url); + if (source instanceof StreamSource) + { + StreamSource streamSource = (StreamSource) source; + input.setByteStream(streamSource.getInputStream()); + input.setCharacterStream(streamSource.getReader()); + } + if (input.getByteStream() == null && + input.getCharacterStream() == null && + url != null) + input.setByteStream(new URL(url).openStream()); + DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); + f.setNamespaceAware(true); + f.setCoalescing(true); + f.setExpandEntityReferences(true); + f.setIgnoringComments(true); + f.setIgnoringElementContentWhitespace(true); + DocumentBuilder b = f.newDocumentBuilder(); + return b.parse(input); + } + catch (ParserConfigurationException e) + { + SAXException e2 = new SAXException(e.getMessage()); + e2.initCause(e); + throw e2; + } + } + +} diff --git a/libjava/classpath/gnu/xml/validation/relaxng/RefPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/RefPattern.java new file mode 100644 index 0000000..d7de095 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/RefPattern.java @@ -0,0 +1,52 @@ +/* RefPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG ref element. + * + * @author Chris Burdess + */ +class RefPattern + extends Pattern +{ + + String name; + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/TextPattern.java b/libjava/classpath/gnu/xml/validation/relaxng/TextPattern.java new file mode 100644 index 0000000..06af3c3 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/TextPattern.java @@ -0,0 +1,52 @@ +/* TextPattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +/** + * A RELAX NG text element. + * + * @author Chris Burdess + */ +class TextPattern + extends Pattern +{ + + static final TextPattern INSTANCE = new TextPattern(); + +} + diff --git a/libjava/classpath/gnu/xml/validation/relaxng/ValuePattern.java b/libjava/classpath/gnu/xml/validation/relaxng/ValuePattern.java new file mode 100644 index 0000000..81260b0 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/relaxng/ValuePattern.java @@ -0,0 +1,58 @@ +/* ValuePattern.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.relaxng; + +import org.relaxng.datatype.Datatype; +import org.relaxng.datatype.DatatypeLibrary; + +/** + * A RELAX NG value element. + * + * @author Chris Burdess + */ +class ValuePattern + extends Pattern +{ + + DatatypeLibrary datatypeLibrary; + Datatype type; + String ns; + String value; + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/AnyAttribute.java b/libjava/classpath/gnu/xml/validation/xmlschema/AnyAttribute.java new file mode 100644 index 0000000..df90dc6 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/AnyAttribute.java @@ -0,0 +1,67 @@ +/* AnyAttribute.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import gnu.xml.validation.datatype.Annotation; + +/** + * An attribute wildcard. + * + * @author Chris Burdess + */ +final class AnyAttribute +{ + + static final int STRICT = 0; + static final int LAX = 1; + static final int SKIP = 2; + + final String namespace; + + final int processContents; + + Annotation annotation; + + AnyAttribute(String namespace, int processContents) + { + this.namespace = namespace; + this.processContents = processContents; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/AttributeDeclaration.java b/libjava/classpath/gnu/xml/validation/xmlschema/AttributeDeclaration.java new file mode 100644 index 0000000..98b322b --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/AttributeDeclaration.java @@ -0,0 +1,99 @@ +/* AttributeDeclaration.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import gnu.xml.validation.datatype.Annotation; +import gnu.xml.validation.datatype.SimpleType; +import javax.xml.namespace.QName; + +/** + * An XML Schema attribute declaration schema component. + * + * @author Chris Burdess + */ +class AttributeDeclaration +{ + + static final int NONE = 0; + static final int DEFAULT = 1; + static final int FIXED = 2; + + /** + * The scope of this attribute declaration (global or local). + */ + final boolean scope; + + /** + * The constraint type. + * One of NONE, DEFAULT, FIXED. + */ + final int type; + + /** + * The value constraint. + */ + final String value; + + /** + * The name of the attribute to which this declaration refers. + */ + final QName name; + + /** + * The type definition corresponding to this attribute. + */ + final SimpleType datatype; + + /** + * The annotation associated with this attribute declaration, if any. + */ + final Annotation annotation; + + AttributeDeclaration(boolean scope, int type, String value, QName name, + SimpleType datatype, Annotation annotation) + { + this.scope = scope; + this.type = type; + this.value = value; + this.name = name; + this.datatype = datatype; + this.annotation = annotation; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/AttributeUse.java b/libjava/classpath/gnu/xml/validation/xmlschema/AttributeUse.java new file mode 100644 index 0000000..f8bb11b --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/AttributeUse.java @@ -0,0 +1,79 @@ +/* AttributeUse.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +/** + * An XML Schema attribute use schema component. + * + * @author Chris Burdess + */ +class AttributeUse +{ + + /** + * Whether the attribute is required. + */ + final boolean required; + + /** + * The constraint type. + * One of NONE, DEFAULT, FIXED. + */ + final int type; + + /** + * The value constraint. + */ + final String value; + + /** + * The name of the attribute to which this declaration refers. + */ + final AttributeDeclaration declaration; + + AttributeUse(boolean required, int type, String value, + AttributeDeclaration declaration) + { + this.required = required; + this.type = type; + this.value = value; + this.declaration = declaration; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/ComplexType.java b/libjava/classpath/gnu/xml/validation/xmlschema/ComplexType.java new file mode 100644 index 0000000..2c7acb1 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/ComplexType.java @@ -0,0 +1,102 @@ +/* ComplexType.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.util.LinkedHashSet; +import java.util.Set; +import javax.xml.namespace.QName; +import gnu.xml.validation.datatype.Type; + +/** + * A complex type definition. + * + * @author Chris Burdess + */ +class ComplexType + extends Type +{ + + /** + * Either a simple type definition or a complex type definition. + */ + QName baseType; + + /** + * Either EXTENSION or RESTRICTION. + */ + int derivationMethod; + + /** + * A subset of {EXTENSION, RESTRICTION}. + */ + final int finality; + + final boolean isAbstract; + + Set attributeUses; + + AnyAttribute attributeWildcard; + + /** + * One of EMPTY, SIMPLE, MIXED, or ELEMENT_ONLY. + */ + int contentType; + + /** + * A simple type definition or a Particle. + */ + Object contentModel; + + final int prohibitedSubstitutions; + + Set annotations; + + ComplexType(QName name, + boolean isAbstract, + int prohibitedSubstitutions, + int finality) + { + super(name); + this.isAbstract = isAbstract; + this.prohibitedSubstitutions = prohibitedSubstitutions; + this.finality = finality; + attributeUses = new LinkedHashSet(); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/ElementDeclaration.java b/libjava/classpath/gnu/xml/validation/xmlschema/ElementDeclaration.java new file mode 100644 index 0000000..d41f5e5 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/ElementDeclaration.java @@ -0,0 +1,125 @@ +/* ElementDeclaration.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import gnu.xml.validation.datatype.Annotation; +import gnu.xml.validation.datatype.Type; +import javax.xml.namespace.QName; + +/** + * An XML Schema element declaration schema component. + * + * @author Chris Burdess + */ +class ElementDeclaration +{ + + /** + * The name of the element to which this declaration refers. + */ + final QName name; + + /** + * The type definition corresponding to this element. + */ + Type datatype; + + /** + * The scope of this schema component. + * One of GLOBAL, LOCAL, or ABSENT. + */ + final int scope; + + /** + * If scope is LOCAL, the parent element definition. + */ + final ElementDeclaration parent; + + /** + * The constraint type. + * One of NONE, DEFAULT, FIXED. + */ + final int type; + + /** + * The value constraint. + */ + final String value; + + final boolean nillable; + + // TODO identity-constraint definitions + + final QName substitutionGroup; + + final int substitutionGroupExclusions; + + final int disallowedSubstitutions; + + final boolean isAbstract; + + /** + * The annotation associated with this attribute declaration, if any. + */ + Annotation annotation; + + ElementDeclaration(QName name, + Type datatype, + int scope, ElementDeclaration parent, + int type, String value, + boolean nillable, + QName substitutionGroup, + int substitutionGroupExclusions, + int disallowedSubstitutions, + boolean isAbstract) + { + this.name = name; + this.datatype = datatype; + this.scope = scope; + this.parent = parent; + this.type = type; + this.value = value; + this.nillable = nillable; + this.substitutionGroup = substitutionGroup; + this.substitutionGroupExclusions = substitutionGroupExclusions; + this.disallowedSubstitutions = disallowedSubstitutions; + this.isAbstract = isAbstract; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/Particle.java b/libjava/classpath/gnu/xml/validation/xmlschema/Particle.java new file mode 100644 index 0000000..995c4ff --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/Particle.java @@ -0,0 +1,61 @@ +/* Particle.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +/** + * Container for element content. + * + * @author Chris Burdess + */ +class Particle +{ + + final Integer minOccurs; + final Integer maxOccurs; + + final Object term; + + Particle(Integer minOccurs, Integer maxOccurs, Object term) + { + this.minOccurs = minOccurs; + this.maxOccurs = maxOccurs; + this.term = term; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/ValidationException.java b/libjava/classpath/gnu/xml/validation/xmlschema/ValidationException.java new file mode 100644 index 0000000..f2d6843 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/ValidationException.java @@ -0,0 +1,58 @@ +/* ValidationException.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import org.xml.sax.Locator; +import org.xml.sax.SAXParseException; + +/** + * An XML Schema validation rule violation. + * + * @author Chris Burdess + */ +class ValidationException + extends SAXParseException +{ + + ValidationException(String message, Locator locator) + { + super(message, locator); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchema.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchema.java new file mode 100644 index 0000000..647cbde --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchema.java @@ -0,0 +1,134 @@ +/* XMLSchema.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.util.LinkedHashMap; +import java.util.Map; +import javax.xml.validation.Schema; +import javax.xml.validation.Validator; +import javax.xml.validation.ValidatorHandler; + +/** + * An XML Schema schema. + * + * @author Chris Burdess + */ +final class XMLSchema + extends Schema +{ + + static final int FINAL_NONE = 0x00; + static final int FINAL_EXTENSION = 0x01; + static final int FINAL_RESTRICTION = 0x02; + static final int FINAL_LIST = 0x04; + static final int FINAL_UNION = 0x08; + static final int FINAL_ALL = 0x0f; + + static final int BLOCK_NONE = 0x00; + static final int BLOCK_EXTENSION = 0x01; + static final int BLOCK_RESTRICTION = 0x02; + static final int BLOCK_SUBSTITUTION = 0x04; + static final int BLOCK_ALL = 0x07; + + static final int GLOBAL = 0x00; + static final int LOCAL = 0x01; + static final int ABSENT = 0x02; + + static final int CONSTRAINT_NONE = 0x00; + static final int CONSTRAINT_DEFAULT = 0x01; + static final int CONSTRAINT_FIXED = 0x02; + + static final int CONTENT_EMPTY = 0x00; + static final int CONTENT_SIMPLE = 0x01; + static final int CONTENT_MIXED = 0x02; + static final int CONTENT_ELEMENT_ONLY = 0x03; + + final String targetNamespace; + final String version; + final int finalDefault; + final int blockDefault; + final boolean attributeFormQualified; + final boolean elementFormQualified; + + /** + * The element declarations in this schema. + */ + final Map elementDeclarations; + + /** + * The attribute declarations in this schema. + */ + final Map attributeDeclarations; + + /** + * The type declarations in this schema. + */ + final Map types; + + XMLSchema(String targetNamespace, String version, + int finalDefault, int blockDefault, + boolean attributeFormQualified, + boolean elementFormQualified) + { + this.targetNamespace = targetNamespace; + this.version = version; + this.finalDefault = finalDefault; + this.blockDefault = blockDefault; + this.attributeFormQualified = attributeFormQualified; + this.elementFormQualified = elementFormQualified; + elementDeclarations = new LinkedHashMap(); + attributeDeclarations = new LinkedHashMap(); + types = new LinkedHashMap(); + } + + public Validator newValidator() + { + // TODO + //return new XMLSchemaValidator(this); + return null; + } + + public ValidatorHandler newValidatorHandler() + { + // TODO + //return new XMLSchemaValidatorHandler(this); + return null; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaAttributeTypeInfo.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaAttributeTypeInfo.java new file mode 100644 index 0000000..758bc94 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaAttributeTypeInfo.java @@ -0,0 +1,100 @@ +/* XMLSchemaAttributeTypeInfo.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import org.w3c.dom.TypeInfo; +import gnu.xml.validation.datatype.SimpleType; + +/** + * Attribute type information provided by validation against an XML Schema. + * + * @author Chris Burdess + */ +final class XMLSchemaAttributeTypeInfo + extends XMLSchemaTypeInfo +{ + + final XMLSchema schema; + final AttributeDeclaration decl; + final SimpleType type; + boolean id; + final boolean specified; + + XMLSchemaAttributeTypeInfo(XMLSchema schema, AttributeDeclaration decl, + boolean specified) + { + this.schema = schema; + this.decl = decl; + this.specified = specified; + type = (decl == null) ? null : decl.datatype; + } + + public String getTypeName() + { + if (type == null) + { + return "CDATA"; + } + return type.name.getLocalPart(); + } + + public String getTypeNamespace() + { + if (type == null) + { + return ""; + } + return type.name.getNamespaceURI(); + } + + public boolean isDerivedFrom(String typeNamespace, String typeName, + int derivationMethod) + { + if (type == null) + { + return false; + } + else + { + return simpleTypeIsDerivedFrom(type, typeNamespace, typeName, + derivationMethod); + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaBuilder.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaBuilder.java new file mode 100644 index 0000000..ddf9140 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaBuilder.java @@ -0,0 +1,844 @@ +/* XMLSchemaBuilder.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.util.LinkedHashSet; +import java.util.List; +import java.util.Set; +import java.util.StringTokenizer; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.DatatypeLibrary; +import org.relaxng.datatype.helpers.DatatypeLibraryLoader; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import gnu.xml.validation.datatype.Annotation; +import gnu.xml.validation.datatype.AtomicSimpleType; +import gnu.xml.validation.datatype.ListSimpleType; +import gnu.xml.validation.datatype.SimpleType; +import gnu.xml.validation.datatype.Type; +import gnu.xml.validation.datatype.UnionSimpleType; + +/** + * Parses an XML Schema DOM tree, constructing a compiled internal + * representation. + * + * @author Chris Burdess + */ +class XMLSchemaBuilder +{ + + XMLSchema schema; + final DatatypeLibrary typeLibrary; + + XMLSchemaBuilder() + { + final String ns = XMLConstants.W3C_XML_SCHEMA_NS_URI; + typeLibrary = new DatatypeLibraryLoader().createDatatypeLibrary(ns); + } + + void parseSchema(Node node) + throws DatatypeException + { + String uri = node.getNamespaceURI(); + String name = node.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + node.getNodeType() == Node.ELEMENT_NODE) + { + if ("schema".equals(name)) + { + NamedNodeMap attrs = node.getAttributes(); + String targetNamespace = getAttribute(attrs, "targetNamespace"); + String version = getAttribute(attrs, "version"); + String fd = getAttribute(attrs, "finalDefault"); + int finalDefault = parseFullDerivationSet(fd); + String bd = getAttribute(attrs, "blockDefault"); + int blockDefault = parseBlockSet(bd); + String afd = getAttribute(attrs, "attributeFormDefault"); + boolean attributeFormQualified = "qualified".equals(afd); + String efd = getAttribute(attrs, "elementFormDefault"); + boolean elementFormQualified = "qualified".equals(efd); + schema = new XMLSchema(targetNamespace, version, + finalDefault, blockDefault, + attributeFormQualified, + elementFormQualified); + for (Node child = node.getFirstChild(); child != null; + child = child.getNextSibling()) + { + parseTopLevelElement(child); + } + return; + } + } + // TODO throw schema exception + } + + void parseTopLevelElement(Node node) + throws DatatypeException + { + String uri = node.getNamespaceURI(); + String name = node.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + node.getNodeType() == Node.ELEMENT_NODE) + { + if ("element".equals(name)) + { + ElementDeclaration ed = + (ElementDeclaration) parseElement(node, null); + schema.elementDeclarations.put(ed.name, ed); + // TODO + } + else if ("attribute".equals(name)) + { + AttributeDeclaration ad = + (AttributeDeclaration) parseAttribute(node, true); + schema.attributeDeclarations.put(ad.name, ad); + // TODO + } + else if ("type".equals(name)) + { + // TODO + } + else if ("group".equals(name)) + { + // TODO + } + else if ("attributeGroup".equals(name)) + { + // TODO + } + else if ("notation".equals(name)) + { + // TODO + } + else if ("identityConstraint".equals(name)) + { + // TODO + } + } + // TODO throw schema exception + } + + Object parseAttribute(Node node, boolean scope) + throws DatatypeException + { + NamedNodeMap attrs = node.getAttributes(); + String def = getAttribute(attrs, "default"); + String fixed = getAttribute(attrs, "fixed"); + int constraintType = AttributeDeclaration.NONE; + String constraintValue = null; + if (def != null) + { + constraintType = AttributeDeclaration.DEFAULT; + constraintValue = def; + } + else if (fixed != null) + { + constraintType = AttributeDeclaration.FIXED; + constraintValue = fixed; + } + // TODO form = (qualified | unqualified) + String attrName = getAttribute(attrs, "name"); + String attrNamespace = getAttribute(attrs, "targetNamespace"); + String ref = getAttribute(attrs, "ref"); + String use = getAttribute(attrs, "use"); + String type = getAttribute(attrs, "type"); + SimpleType datatype = (type == null) ? null : + parseSimpleType(asQName(type, node)); + Annotation annotation = null; + for (Node child = node.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + annotation = parseAnnotation(child); + } + else if ("simpleType".equals(name)) + { + datatype = parseSimpleType(child); + } + else + { + // TODO throw schema exception + } + } + } + if (scope) + { + return new AttributeDeclaration(scope, + constraintType, + constraintValue, + new QName(attrNamespace, attrName), + datatype, + annotation); + } + else + { + boolean required = "required".equals(use); + // TODO ref + AttributeDeclaration decl = (ref == null) ? + new AttributeDeclaration(scope, + AttributeDeclaration.NONE, + null, + new QName(attrNamespace, attrName), + datatype, + annotation) : + /*schema.getAttributeDeclaration(ref)*/ null; + return new AttributeUse(required, + constraintType, + constraintValue, + decl); + } + } + + int parseFullDerivationSet(String value) + { + int ret = XMLSchema.FINAL_NONE; + if ("#all".equals(value)) + { + ret = XMLSchema.FINAL_ALL; + } + else + { + StringTokenizer st = new StringTokenizer(value, " "); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + if ("extension".equals(token)) + { + ret |= XMLSchema.FINAL_EXTENSION; + } + else if ("restriction".equals(token)) + { + ret |= XMLSchema.FINAL_RESTRICTION; + } + else if ("list".equals(token)) + { + ret |= XMLSchema.FINAL_LIST; + } + else if ("union".equals(token)) + { + ret |= XMLSchema.FINAL_UNION; + } + } + } + return ret; + } + + int parseSimpleTypeDerivationSet(String value) + { + int ret = XMLSchema.FINAL_NONE; + if ("#all".equals(value)) + { + ret = XMLSchema.FINAL_LIST | + XMLSchema.FINAL_UNION | + XMLSchema.FINAL_RESTRICTION; + } + else + { + StringTokenizer st = new StringTokenizer(value, " "); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + if ("list".equals(token)) + { + ret |= XMLSchema.FINAL_LIST; + } + else if ("union".equals(token)) + { + ret |= XMLSchema.FINAL_UNION; + } + else if ("restriction".equals(token)) + { + ret |= XMLSchema.FINAL_RESTRICTION; + } + } + } + return ret; + } + + int parseComplexTypeDerivationSet(String value) + { + int ret = XMLSchema.FINAL_NONE; + if ("#all".equals(value)) + { + ret = XMLSchema.FINAL_EXTENSION | XMLSchema.FINAL_RESTRICTION; + } + else + { + StringTokenizer st = new StringTokenizer(value, " "); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + if ("extension".equals(token)) + { + ret |= XMLSchema.FINAL_EXTENSION; + } + else if ("restriction".equals(token)) + { + ret |= XMLSchema.FINAL_RESTRICTION; + } + } + } + return ret; + } + + int parseBlockSet(String value) + { + int ret = XMLSchema.BLOCK_NONE; + if ("#all".equals(value)) + { + ret = XMLSchema.BLOCK_ALL; + } + else + { + StringTokenizer st = new StringTokenizer(value, " "); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + if ("extension".equals(token)) + { + ret |= XMLSchema.BLOCK_EXTENSION; + } + else if ("restriction".equals(token)) + { + ret |= XMLSchema.BLOCK_RESTRICTION; + } + else if ("substitution".equals(token)) + { + ret |= XMLSchema.BLOCK_SUBSTITUTION; + } + } + } + return ret; + } + + int parseComplexTypeBlockSet(String value) + { + int ret = XMLSchema.BLOCK_NONE; + if ("#all".equals(value)) + { + ret = XMLSchema.BLOCK_EXTENSION | XMLSchema.BLOCK_RESTRICTION; + } + else + { + StringTokenizer st = new StringTokenizer(value, " "); + while (st.hasMoreTokens()) + { + String token = st.nextToken(); + if ("extension".equals(token)) + { + ret |= XMLSchema.BLOCK_EXTENSION; + } + else if ("restriction".equals(token)) + { + ret |= XMLSchema.BLOCK_RESTRICTION; + } + } + } + return ret; + } + + Object parseElement(Node node, ElementDeclaration parent) + throws DatatypeException + { + NamedNodeMap attrs = node.getAttributes(); + Integer minOccurs = null; + Integer maxOccurs = null; + Node parentNode = node.getParentNode(); + boolean notTopLevel = !"schema".equals(parentNode.getLocalName()); + if (notTopLevel) + { + String ref = getAttribute(attrs, "ref"); + if (ref != null) + { + minOccurs = getOccurrence(getAttribute(attrs, "minOccurs")); + maxOccurs = getOccurrence(getAttribute(attrs, "maxOccurs")); + // TODO resolve top-level element declaration + ElementDeclaration ad = null; + return new Particle(minOccurs, maxOccurs, ad); + } + } + String elementName = getAttribute(attrs, "name"); + String elementNamespace = getAttribute(attrs, "targetNamespace"); + String type = getAttribute(attrs, "type"); + Type datatype = (type != null) ? + parseSimpleType(asQName(type, node)) : null; + int scope = (parent == null) ? + XMLSchema.GLOBAL : + XMLSchema.LOCAL; + String def = getAttribute(attrs, "default"); + String fixed = getAttribute(attrs, "fixed"); + int constraintType = AttributeDeclaration.NONE; + String constraintValue = null; + if (def != null) + { + constraintType = AttributeDeclaration.DEFAULT; + constraintValue = def; + } + else if (fixed != null) + { + constraintType = AttributeDeclaration.FIXED; + constraintValue = fixed; + } + String sg = getAttribute(attrs, "substitutionGroup"); + QName substitutionGroup = QName.valueOf(sg); + String sgPrefix = substitutionGroup.getPrefix(); + if (sgPrefix != null && !"".equals(sgPrefix)) + { + String sgName = substitutionGroup.getLocalPart(); + String sgNamespace = node.lookupNamespaceURI(sgPrefix); + substitutionGroup = new QName(sgNamespace, sgName); + } + + String block = getAttribute(attrs, "block"); + int substitutionGroupExclusions = (block == null) ? + schema.blockDefault : + parseBlockSet(block); + String final_ = getAttribute(attrs, "final"); + int disallowedSubstitutions = (final_ == null) ? + schema.finalDefault : + parseFullDerivationSet(final_); + + boolean nillable = "true".equals(getAttribute(attrs, "nillable")); + boolean isAbstract = "true".equals(getAttribute(attrs, "abstract")); + + if (notTopLevel) + { + minOccurs = getOccurrence(getAttribute(attrs, "minOccurs")); + maxOccurs = getOccurrence(getAttribute(attrs, "maxOccurs")); + String form = getAttribute(attrs, "form"); + if (form != null) + { + if ("qualified".equals(form)) + { + elementNamespace = schema.targetNamespace; + } + } + else if (schema.elementFormQualified) + { + elementNamespace = schema.targetNamespace; + } + } + ElementDeclaration ed = + new ElementDeclaration(new QName(elementNamespace, elementName), + datatype, + scope, parent, + constraintType, constraintValue, + nillable, + substitutionGroup, + substitutionGroupExclusions, + disallowedSubstitutions, + isAbstract); + + for (Node child = node.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + ed.annotation = parseAnnotation(child); + } + else if ("simpleType".equals(name) && datatype == null) + { + ed.datatype = parseSimpleType(child); + } + else if ("complexType".equals(name) && datatype == null) + { + ed.datatype = parseComplexType(child, ed); + } + else + { + // throw schema exception + } + } + } + + if (notTopLevel) + { + return new Particle(minOccurs, maxOccurs, ed); + } + else + { + return ed; + } + } + + Integer getOccurrence(String value) + { + if (value == null) + { + return new Integer(1); + } + else if ("unbounded".equals(value)) + { + return null; + } + else + { + return new Integer(value); + } + } + + SimpleType parseSimpleType(QName typeName) + throws DatatypeException + { + SimpleType type = (SimpleType) schema.types.get(typeName); + if (!XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(typeName.getNamespaceURI())) + return null; + String localName = typeName.getLocalPart(); + return (SimpleType) typeLibrary.createDatatype(localName); + } + + SimpleType parseSimpleType(Node simpleType) + throws DatatypeException + { + NamedNodeMap attrs = simpleType.getAttributes(); + String typeFinal = getAttribute(attrs, "final"); + if (typeFinal == null) + { + Node schema = simpleType.getParentNode(); + while (schema != null && !"schema".equals(schema.getLocalName())) + { + schema = schema.getParentNode(); + } + if (schema != null) + { + NamedNodeMap schemaAttrs = schema.getAttributes(); + typeFinal = getAttribute(schemaAttrs, "finalDefault"); + } + } + int typeFinality = parseSimpleTypeDerivationSet(typeFinal); + QName typeName = asQName(getAttribute(attrs, "name"), simpleType); + int variety = 0; + Set facets = new LinkedHashSet(); + int fundamentalFacets = 0; // TODO + SimpleType baseType = null; // TODO + Annotation annotation = null; + // TODO use DatatypeBuilder + for (Node child = simpleType.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + annotation = parseAnnotation(child); + } + else if ("restriction".equals(name)) + { + // TODO + } + else if ("list".equals(name)) + { + variety = SimpleType.LIST; + // TODO + } + else if ("union".equals(name)) + { + variety = SimpleType.UNION; + // TODO + } + } + } + return new SimpleType(typeName, variety, facets, fundamentalFacets, + baseType, annotation); + } + + Type parseComplexType(Node complexType, ElementDeclaration parent) + throws DatatypeException + { + NamedNodeMap attrs = complexType.getAttributes(); + QName typeName = asQName(getAttribute(attrs, "name"), complexType); + boolean isAbstract = "true".equals(getAttribute(attrs, "abstract")); + String block = getAttribute(attrs, "block"); + int prohibitedSubstitutions = (block == null) ? + schema.blockDefault : + parseComplexTypeBlockSet(block); + String final_ = getAttribute(attrs, "final"); + int finality = (final_ == null) ? + schema.finalDefault : + parseComplexTypeDerivationSet(final_); + ComplexType type = new ComplexType(typeName, isAbstract, + prohibitedSubstitutions, finality); + boolean mixed = "true".equals(getAttribute(attrs, "mixed")); + for (Node child = complexType.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("simpleContent".equals(name)) + { + parseSimpleContent(child, type); + } + } + } + if (mixed) + { + type.contentType = XMLSchema.CONTENT_MIXED; + } + return type; + } + + void parseSimpleContent(Node simpleContent, ComplexType type) + throws DatatypeException + { + for (Node child = simpleContent.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + type.annotations.add(parseAnnotation(child)); + } + else if ("restriction".equals(name)) + { + type.derivationMethod = XMLSchema.FINAL_RESTRICTION; + parseRestriction(child, type); + } + else if ("extension".equals(name)) + { + type.derivationMethod = XMLSchema.FINAL_EXTENSION; + parseExtension(child, type); + } + } + } + } + + void parseRestriction(Node restriction, ComplexType type) + throws DatatypeException + { + NamedNodeMap attrs = restriction.getAttributes(); + String base = getAttribute(attrs, "base"); + QName baseType = asQName(base, restriction); + SimpleType simpleType = null; + for (Node child = restriction.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + type.annotations.add(parseAnnotation(child)); + } + else if ("simpleType".equals(name)) + { + type.contentType = XMLSchema.CONTENT_SIMPLE; + simpleType = parseSimpleType(child); + } + else if ("minExclusive".equals(name)) + { + } + else if ("minInclusive".equals(name)) + { + } + else if ("maxExclusive".equals(name)) + { + } + else if ("maxInclusive".equals(name)) + { + } + else if ("totalDigits".equals(name)) + { + } + else if ("fractionDigits".equals(name)) + { + } + else if ("length".equals(name)) + { + } + else if ("minLength".equals(name)) + { + } + else if ("maxLength".equals(name)) + { + } + else if ("enumeration".equals(name)) + { + } + else if ("whiteSpace".equals(name)) + { + } + else if ("pattern".equals(name)) + { + } + else if ("attribute".equals(name)) + { + AttributeUse use = + (AttributeUse) parseAttribute(child, false); + schema.attributeDeclarations.put(use.declaration.name, + use.declaration); + type.attributeUses.add(use); + } + else if ("attributeGroup".equals(name)) + { + NamedNodeMap agAttrs = child.getAttributes(); + String ref = getAttribute(agAttrs, "ref"); + QName ag = asQName(ref, child); + type.attributeUses.add(ag); + } + else if ("anyAttribute".equals(name)) + { + type.attributeWildcard = parseAnyAttribute(child); + } + } + } + } + + void parseExtension(Node extension, ComplexType type) + throws DatatypeException + { + NamedNodeMap attrs = extension.getAttributes(); + String base = getAttribute(attrs, "base"); + QName baseType = asQName(base, extension); + for (Node child = extension.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + type.annotations.add(parseAnnotation(child)); + } + else if ("attribute".equals(name)) + { + AttributeUse use = + (AttributeUse) parseAttribute(child, false); + schema.attributeDeclarations.put(use.declaration.name, + use.declaration); + type.attributeUses.add(use); + } + else if ("attributeGroup".equals(name)) + { + NamedNodeMap agAttrs = child.getAttributes(); + String ref = getAttribute(agAttrs, "ref"); + QName ag = asQName(ref, child); + type.attributeUses.add(ag); + } + else if ("anyAttribute".equals(name)) + { + type.attributeWildcard = parseAnyAttribute(child); + } + } + } + } + + AnyAttribute parseAnyAttribute(Node node) + { + NamedNodeMap attrs = node.getAttributes(); + String namespace = getAttribute(attrs, "namespace"); + String pc = getAttribute(attrs, "processContents"); + int processContents = AnyAttribute.STRICT; + if ("lax".equals(pc)) + { + processContents = AnyAttribute.LAX; + } + else if ("skip".equals(pc)) + { + processContents = AnyAttribute.SKIP; + } + AnyAttribute ret = new AnyAttribute(namespace, processContents); + for (Node child = node.getFirstChild(); child != null; + child = child.getNextSibling()) + { + String uri = child.getNamespaceURI(); + String name = child.getLocalName(); + if (XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri) && + child.getNodeType() == Node.ELEMENT_NODE) + { + if ("annotation".equals(name)) + { + ret.annotation = parseAnnotation(child); + } + } + } + return ret; + } + + Annotation parseAnnotation(Node node) + { + // TODO + return null; + } + + private static String getAttribute(NamedNodeMap attrs, String name) + { + Node attr = attrs.getNamedItem(name); + return (attr == null) ? null : attr.getNodeValue(); + } + + private static QName asQName(String text, Node resolver) + { + QName name = QName.valueOf(text); + String prefix = name.getPrefix(); + if (prefix != null && prefix.length() > 0) + { + String uri = resolver.lookupNamespaceURI(prefix); + name = new QName(uri, name.getLocalPart()); + } + return name; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaElementTypeInfo.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaElementTypeInfo.java new file mode 100644 index 0000000..98a5fb7 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaElementTypeInfo.java @@ -0,0 +1,93 @@ +/* XMLSchemaElementTypeInfo.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import org.w3c.dom.TypeInfo; +import gnu.xml.validation.datatype.SimpleType; +import gnu.xml.validation.datatype.Type; + +/** + * Element type information provided by validation against an XML Schema. + * + * @author Chris Burdess + */ +final class XMLSchemaElementTypeInfo + extends XMLSchemaTypeInfo +{ + + final XMLSchema schema; + final ElementDeclaration decl; + final Type type; + boolean nil; + + XMLSchemaElementTypeInfo(XMLSchema schema, ElementDeclaration decl, + Type type) + { + this.schema = schema; + this.decl = decl; + this.type = type; + } + + public String getTypeName() + { + return type.name.getLocalPart(); + } + + public String getTypeNamespace() + { + return type.name.getNamespaceURI(); + } + + public boolean isDerivedFrom(String typeNamespace, String typeName, + int derivationMethod) + { + if (type instanceof SimpleType) + { + SimpleType simpleType = (SimpleType) type; + return simpleTypeIsDerivedFrom(simpleType, typeNamespace, typeName, + derivationMethod); + } + else + { + // TODO + return false; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaSchemaFactory.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaSchemaFactory.java new file mode 100644 index 0000000..b37ae54 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaSchemaFactory.java @@ -0,0 +1,159 @@ +/* XMLSchemaSchemaFactory.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.io.IOException; +import java.net.URL; +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Source; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import org.relaxng.datatype.DatatypeException; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.ls.LSResourceResolver; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; + +/** + * Schema factory for W3C XML Schema schemata. + * + * @author Chris Burdess + */ +public class XMLSchemaSchemaFactory + extends SchemaFactory +{ + + LSResourceResolver resourceResolver; + + public LSResourceResolver getResourceResolver() + { + return resourceResolver; + } + + public void setResourceResolver(LSResourceResolver resourceResolver) + { + this.resourceResolver = resourceResolver; + } + + public boolean isSchemaLanguageSupported(String schemaLanguage) + { + return XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(schemaLanguage); + } + + public Schema newSchema() + throws SAXException + { + // TODO + throw new UnsupportedOperationException(); + } + + public Schema newSchema(Source[] schemata) + throws SAXException + { + if (schemata == null || schemata.length != 1) + throw new IllegalArgumentException("must specify one source"); + // TODO multiple sources + try + { + Document doc = getDocument(schemata[0]); + XMLSchemaBuilder builder = new XMLSchemaBuilder(); + builder.parseSchema(doc); + return builder.schema; + } + catch (IOException e) + { + SAXException e2 = new SAXException(e.getMessage()); + e2.initCause(e); + throw e2; + } + catch (DatatypeException e) + { + SAXException e2 = new SAXException(e.getMessage()); + e2.initCause(e); + throw e2; + } + } + + private static Document getDocument(Source source) + throws SAXException, IOException + { + if (source instanceof DOMSource) + { + Node node = ((DOMSource) source).getNode(); + if (node != null && node instanceof Document) + return (Document) node; + } + String url = source.getSystemId(); + try + { + InputSource input = new InputSource(url); + if (source instanceof StreamSource) + { + StreamSource streamSource = (StreamSource) source; + input.setByteStream(streamSource.getInputStream()); + input.setCharacterStream(streamSource.getReader()); + } + if (input.getByteStream() == null && + input.getCharacterStream() == null && + url != null) + input.setByteStream(new URL(url).openStream()); + DocumentBuilderFactory f = DocumentBuilderFactory.newInstance(); + f.setNamespaceAware(true); + f.setCoalescing(true); + f.setExpandEntityReferences(true); + f.setIgnoringComments(true); + f.setIgnoringElementContentWhitespace(true); + DocumentBuilder b = f.newDocumentBuilder(); + return b.parse(input); + } + catch (ParserConfigurationException e) + { + SAXException e2 = new SAXException(e.getMessage()); + e2.initCause(e); + throw e2; + } + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfo.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfo.java new file mode 100644 index 0000000..60cc25f --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfo.java @@ -0,0 +1,77 @@ +/* XMLSchemaTypeInfo.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import org.w3c.dom.TypeInfo; +import gnu.xml.validation.datatype.SimpleType; + +/** + * Abstract superclass providing simple type derivation. + * + * @author Chris Burdess + */ +abstract class XMLSchemaTypeInfo + implements TypeInfo +{ + + protected boolean simpleTypeIsDerivedFrom(SimpleType simpleType, + String typeNamespace, + String typeName, + int derivationMethod) + { + switch (derivationMethod) + { + case TypeInfo.DERIVATION_RESTRICTION: + SimpleType baseType = simpleType.baseType; + while (baseType != null) + { + if (baseType.name.getNamespaceURI().equals(typeNamespace) && + baseType.name.getLocalPart().equals(typeName)) + { + return true; + } + baseType = baseType.baseType; + } + break; + // TODO other methods + } + return false; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfoProvider.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfoProvider.java new file mode 100644 index 0000000..9b20c0c --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaTypeInfoProvider.java @@ -0,0 +1,82 @@ +/* XMLSchemaTypeInfoProvider.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import javax.xml.validation.TypeInfoProvider; +import org.w3c.dom.TypeInfo; + +/** + * TypeInfo provider for XML Schema validator handler. + * This simply delegates to the handler. It wouldn't be required if + * TypeInfoProvider were an interface instead of an abstract class. + * + * @author Chris Burdess + */ +final class XMLSchemaTypeInfoProvider + extends TypeInfoProvider +{ + + final XMLSchemaValidatorHandler handler; + + XMLSchemaTypeInfoProvider(XMLSchemaValidatorHandler handler) + { + this.handler = handler; + } + + public TypeInfo getElementTypeInfo() + { + return handler.getElementTypeInfo(); + } + + public TypeInfo getAttributeTypeInfo(int index) + { + return handler.getAttributeTypeInfo(index); + } + + public boolean isIdAttribute(int index) + { + return handler.isIdAttribute(index); + } + + public boolean isSpecified(int index) + { + return handler.isSpecified(index); + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidator.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidator.java new file mode 100644 index 0000000..056babf --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidator.java @@ -0,0 +1,98 @@ +/* XMLSchemaValidator.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.io.IOException; +import javax.xml.validation.Validator; +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import org.w3c.dom.ls.LSResourceResolver; +import org.xml.sax.ErrorHandler; +import org.xml.sax.SAXException; + +/** + * JAXP validator for an XML Schema. + * + * @author Chris Burdess + */ +final class XMLSchemaValidator + extends Validator +{ + + final XMLSchema schema; + + ErrorHandler errorHandler; + LSResourceResolver resourceResolver; + + XMLSchemaValidator(XMLSchema schema) + { + this.schema = schema; + } + + public void reset() + { + } + + public void validate(Source source, Result result) + throws SAXException, IOException + { + // TODO + } + + public ErrorHandler getErrorHandler() + { + return errorHandler; + } + + public void setErrorHandler(ErrorHandler errorHandler) + { + this.errorHandler = errorHandler; + } + + public LSResourceResolver getResourceResolver() + { + return resourceResolver; + } + + public void setResourceResolver(LSResourceResolver resourceResolver) + { + this.resourceResolver = resourceResolver; + } + +} + diff --git a/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidatorHandler.java b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidatorHandler.java new file mode 100644 index 0000000..9e6d8e9 --- /dev/null +++ b/libjava/classpath/gnu/xml/validation/xmlschema/XMLSchemaValidatorHandler.java @@ -0,0 +1,394 @@ +/* XMLSchemaValidatorHandler.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package gnu.xml.validation.xmlschema; + +import java.util.ArrayList; +import java.util.LinkedList; +import javax.xml.XMLConstants; +import javax.xml.namespace.QName; +import javax.xml.validation.TypeInfoProvider; +import javax.xml.validation.ValidatorHandler; +import org.relaxng.datatype.DatatypeException; +import org.relaxng.datatype.DatatypeLibrary; +import org.relaxng.datatype.helpers.DatatypeLibraryLoader; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.ls.LSResourceResolver; +import org.xml.sax.Attributes; +import org.xml.sax.ContentHandler; +import org.xml.sax.ErrorHandler; +import org.xml.sax.Locator; +import org.xml.sax.SAXException; +import org.xml.sax.ext.Attributes2Impl; +import org.xml.sax.helpers.NamespaceSupport; +import gnu.xml.validation.datatype.SimpleType; +import gnu.xml.validation.datatype.Type; + +/** + * Streaming validator. + * + * @author Chris Burdess + */ +final class XMLSchemaValidatorHandler + extends ValidatorHandler +{ + + final XMLSchema schema; + final TypeInfoProvider typeInfoProvider; + final NamespaceSupport namespaceSupport; + final DatatypeLibrary typeLibrary; + Locator loc; + ContentHandler contentHandler; + ErrorHandler errorHandler; + LSResourceResolver resourceResolver; + final LinkedList context; // element context + final ArrayList attributes; // attribute context; + + XMLSchemaValidatorHandler(XMLSchema schema) + { + this.schema = schema; + typeInfoProvider = new XMLSchemaTypeInfoProvider(this); + namespaceSupport = new NamespaceSupport(); + context = new LinkedList(); + attributes = new ArrayList(); + final String ns = XMLConstants.W3C_XML_SCHEMA_NS_URI; + typeLibrary = new DatatypeLibraryLoader().createDatatypeLibrary(ns); + } + + public ContentHandler getContentHandler() + { + return contentHandler; + } + + public void setContentHandler(ContentHandler contentHandler) + { + this.contentHandler = contentHandler; + } + + public ErrorHandler getErrorHandler() + { + return errorHandler; + } + + public void setErrorHandler(ErrorHandler errorHandler) + { + this.errorHandler = errorHandler; + } + + public LSResourceResolver getResourceResolver() + { + return resourceResolver; + } + + public void setResourceResolver(LSResourceResolver resourceResolver) + { + this.resourceResolver = resourceResolver; + } + + public TypeInfoProvider getTypeInfoProvider() + { + return typeInfoProvider; + } + + TypeInfo getElementTypeInfo() + { + return (XMLSchemaElementTypeInfo) context.getFirst(); + } + + TypeInfo getAttributeTypeInfo(int index) + { + return (XMLSchemaAttributeTypeInfo) attributes.get(index); + } + + boolean isIdAttribute(int index) + { + XMLSchemaAttributeTypeInfo typeInfo = + (XMLSchemaAttributeTypeInfo) attributes.get(index); + return typeInfo.id; + } + + boolean isSpecified(int index) + { + XMLSchemaAttributeTypeInfo typeInfo = + (XMLSchemaAttributeTypeInfo) attributes.get(index); + return typeInfo.specified; + } + + public void setDocumentLocator(Locator locator) + { + loc = locator; + if (contentHandler != null) + { + contentHandler.setDocumentLocator(locator); + } + } + + public void startDocument() + throws SAXException + { + namespaceSupport.reset(); + context.clear(); + attributes.clear(); + if (contentHandler != null) + { + contentHandler.startDocument(); + } + } + + public void endDocument() + throws SAXException + { + if (contentHandler != null) + { + contentHandler.endDocument(); + } + } + + public void startPrefixMapping(String prefix, String uri) + throws SAXException + { + namespaceSupport.declarePrefix(prefix, uri); + if (contentHandler != null) + { + contentHandler.startPrefixMapping(prefix, uri); + } + } + + public void endPrefixMapping(String prefix) + throws SAXException + { + if (contentHandler != null) + { + contentHandler.endPrefixMapping(prefix); + } + } + + public void startElement(String uri, String localName, String qName, + Attributes atts) + throws SAXException + { + namespaceSupport.pushContext(); + QName name = new QName(uri, localName); + ElementDeclaration decl = + (ElementDeclaration) schema.elementDeclarations.get(name); + // Validation Rule: Element Locally Valid (Element) + String xsiType = + atts.getValue(XMLConstants.W3C_XML_SCHEMA_INSTANCE_NS_URI, "type"); + xsiType = xsiType.trim(); // normalise + String xsiNil = + atts.getValue(XMLConstants.W3C_XML_SCHEMA_INSTANCE_NS_URI, "nil"); + Type type = decl.datatype; + if (xsiType.length() > 0) + { + try + { + Type specifiedType = resolveType(xsiType); + // TODO 4.3 + type = specifiedType; + } + catch (DatatypeException e) // 4.1, 4.2 + { + ValidationException e2 = + new ValidationException("Can't resolve type " + xsiType, + loc); + e2.initCause(e); + throw e2; + } + } + XMLSchemaElementTypeInfo typeInfo = + new XMLSchemaElementTypeInfo(schema, decl, type); + if (decl == null) // 1 + { + throw new ValidationException("No declaration for " + name, loc); + } + if (decl.isAbstract) // 2 + { + throw new ValidationException("Declaration for " + name + + " is abstract", loc); + } + if (xsiNil.length() > 0) + { + if (!decl.nillable) // 3.1 + { + throw new ValidationException("Declaration for " + name + + " is nillable but xsi:nil present", + loc); + } + else if ("true".equals(xsiNil)) // 3.2 + { + typeInfo.nil = true; + if (decl.type == XMLSchema.CONSTRAINT_FIXED) // 3.2.2 + { + throw new ValidationException("Declaration for " + name + + " is fixed but xsi:nil is true", + loc); + } + } + } + // TODO 5, 6, 7 + + // parent + if (!context.isEmpty()) + { + XMLSchemaElementTypeInfo parent = + (XMLSchemaElementTypeInfo) context.getFirst(); + if (parent.nil) // Element Locally Valid (Element) 3.2.1 + { + throw new ValidationException("Parent of " + qName + + " is declared xsi:nil", loc); + } + // TODO + } + context.addFirst(typeInfo); + // attributes + int len = atts.getLength(); + Attributes2Impl atts2 = new Attributes2Impl(); + int count = 0; + for (int i = 0; i < len; i++) + { + String attUri = atts.getURI(i); + String attLocalName = atts.getLocalName(i); + String attQName = atts.getQName(i); + String attValue = atts.getValue(i); + + if (XMLConstants.W3C_XML_SCHEMA_INSTANCE_NS_URI.equals(attUri)) + { + continue; // ? + } + + QName attName = new QName(attUri, attLocalName); + AttributeDeclaration attDecl = + (AttributeDeclaration) schema.attributeDeclarations.get(attName); + boolean declared = (attDecl != null); + + String attType = (attDecl != null) ? + attDecl.datatype.toString() : "CDATA"; + XMLSchemaAttributeTypeInfo attTypeInfo = + new XMLSchemaAttributeTypeInfo(schema, attDecl, true); + attributes.add(attTypeInfo); + + atts2.addAttribute(attUri, attLocalName, attQName, attType, attValue); + atts2.setDeclared(count, declared); + atts2.setSpecified(count, true); + count++; + } + // add defaulted attributes to atts2 + // TODO + // atts2.setSpecified(count, false); + if (contentHandler != null) + { + contentHandler.startElement(uri, localName, qName, atts2); + } + } + + public void endElement(String uri, String localName, String qName) + throws SAXException + { + // TODO check all required have been seen + context.removeFirst(); + attributes.clear(); + namespaceSupport.popContext(); + if (contentHandler != null) + { + contentHandler.endElement(uri, localName, qName); + } + } + + public void characters(char[] ch, int start, int length) + throws SAXException + { + XMLSchemaElementTypeInfo parent = + (XMLSchemaElementTypeInfo) context.getFirst(); + if (parent.nil) // Element Locally Valid (Element) 3.2.1 + { + throw new ValidationException(parent.decl.name.toString() + + " is declared xsi:nil", + loc); + } + // TODO + if (contentHandler != null) + { + contentHandler.characters(ch, start, length); + } + } + + public void ignorableWhitespace(char[] ch, int start, int length) + throws SAXException + { + if (contentHandler != null) + { + contentHandler.ignorableWhitespace(ch, start, length); + } + } + + public void processingInstruction(String target, String data) + throws SAXException + { + if (contentHandler != null) + { + contentHandler.processingInstruction(target, data); + } + } + + public void skippedEntity(String name) + throws SAXException + { + if (contentHandler != null) + { + contentHandler.skippedEntity(name); + } + } + + Type resolveType(String value) + throws DatatypeException + { + QName name = QName.valueOf(value); + String prefix = name.getPrefix(); + String localName = name.getLocalPart(); + if (prefix != null && prefix.length() > 0) + { + String uri = namespaceSupport.getURI(prefix); + if (!XMLConstants.W3C_XML_SCHEMA_NS_URI.equals(uri)) + return null; + } + if ("anyType".equals(localName)) + return Type.ANY_TYPE; + return (SimpleType) typeLibrary.createDatatype(localName); + } + +} + diff --git a/libjava/classpath/gnu/xml/xpath/LangFunction.java b/libjava/classpath/gnu/xml/xpath/LangFunction.java index 2c2506d..584787e 100644 --- a/libjava/classpath/gnu/xml/xpath/LangFunction.java +++ b/libjava/classpath/gnu/xml/xpath/LangFunction.java @@ -1,5 +1,5 @@ /* LangFunction.java -- - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004,2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -91,9 +91,15 @@ final class LangFunction String getLang(Node node) { - if (node.getNodeType() == Node.ELEMENT_NODE) + while (node != null) { - return ((Element) node).getAttribute("xml:lang"); + if (node.getNodeType() == Node.ELEMENT_NODE) + { + String lang = ((Element) node).getAttribute("xml:lang"); + if (lang != null) + return lang; + } + node = node.getParentNode(); } return null; } diff --git a/libjava/classpath/gnu/xml/xpath/NodeTypeTest.java b/libjava/classpath/gnu/xml/xpath/NodeTypeTest.java index 09e92d0..4fe1646 100644 --- a/libjava/classpath/gnu/xml/xpath/NodeTypeTest.java +++ b/libjava/classpath/gnu/xml/xpath/NodeTypeTest.java @@ -84,6 +84,7 @@ public final class NodeTypeTest case Node.TEXT_NODE: case Node.CDATA_SECTION_NODE: case Node.COMMENT_NODE: + case Node.DOCUMENT_NODE: if (type > 0) { if (nodeType != type) diff --git a/libjava/classpath/gnu/xml/xpath/Selector.java b/libjava/classpath/gnu/xml/xpath/Selector.java index 93408e4..c7abb33 100644 --- a/libjava/classpath/gnu/xml/xpath/Selector.java +++ b/libjava/classpath/gnu/xml/xpath/Selector.java @@ -90,7 +90,7 @@ public final class Selector if (len > 0) tests.toArray(this.tests); else - this.tests[0] = new NameTest(null, true, true); + this.tests[0] = new NodeTypeTest((short) 0); if (axis == NAMESPACE && this.tests[0] instanceof NameTest) { NameTest nt = (NameTest) this.tests[0]; @@ -108,6 +108,14 @@ public final class Selector public boolean matches(Node context) { + // If called directly, selector is the top level of the path + return matches(context, + getContextPosition(context), + getContextSize(context)); + } + + boolean matches(Node context, int pos, int len) + { short nodeType = context.getNodeType(); switch (axis) { @@ -125,19 +133,11 @@ public final class Selector default: return false; } - int tlen = tests.length; - if (tlen > 0) + for (int j = 0; j < tests.length && len > 0; j++) { - int pos = getContextPosition(context); - int len = getContextSize(context); - if (len == 0) - System.err.println("WARNING: context size is 0"); - for (int j = 0; j < tlen && len > 0; j++) - { - Test test = tests[j]; - if (!test.matches(context, pos, len)) - return false; - } + Test test = tests[j]; + if (!test.matches(context, pos, len)) + return false; } return true; } @@ -147,7 +147,10 @@ public final class Selector int pos = 1; for (ctx = ctx.getPreviousSibling(); ctx != null; ctx = ctx.getPreviousSibling()) - pos++; + { + if (tests[0].matches(ctx, 1, 1)) + pos++; + } return pos; } @@ -161,10 +164,16 @@ public final class Selector int count = 1; Node sib = ctx.getPreviousSibling(); for (; sib != null; sib = sib.getPreviousSibling()) - count++; + { + if (tests[0].matches(ctx, 1, 1)) + count++; + } sib = ctx.getNextSibling(); for (; sib != null; sib = sib.getNextSibling()) - count++; + { + if (tests[0].matches(ctx, 1, 1)) + count++; + } return count; } -- cgit v1.1