From b0fa81eea9a270f23d6ad67ca7a6d25c18d20da1 Mon Sep 17 00:00:00 2001 From: Tom Tromey Date: Sat, 16 Jul 2005 01:27:14 +0000 Subject: Major merge with Classpath. Removed many duplicate files. * HACKING: Updated.x * classpath: Imported new directory. * standard.omit: New file. * Makefile.in, aclocal.m4, configure: Rebuilt. * sources.am: New file. * configure.ac: Run Classpath configure script. Moved code around to support. Disable xlib AWT peers (temporarily). * Makefile.am (SUBDIRS): Added 'classpath' (JAVAC): Removed. (AM_CPPFLAGS): Added more -I options. (BOOTCLASSPATH): Simplified. Completely redid how sources are built. Include sources.am. * include/Makefile.am (tool_include__HEADERS): Removed jni.h. * include/jni.h: Removed (in Classpath). * scripts/classes.pl: Updated to look at built classes. * scripts/makemake.tcl: New file. * testsuite/libjava.jni/jni.exp (gcj_jni_compile_c_to_so): Added -I options. (gcj_jni_invocation_compile_c_to_binary): Likewise. From-SVN: r102082 --- libjava/java/security/SignedObject.java | 240 -------------------------------- 1 file changed, 240 deletions(-) delete mode 100644 libjava/java/security/SignedObject.java (limited to 'libjava/java/security/SignedObject.java') diff --git a/libjava/java/security/SignedObject.java b/libjava/java/security/SignedObject.java deleted file mode 100644 index d565b2e..0000000 --- a/libjava/java/security/SignedObject.java +++ /dev/null @@ -1,240 +0,0 @@ -/* SignedObject.java --- Signed Object Class - Copyright (C) 1999, 2003, Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package java.security; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.ObjectInput; -import java.io.ObjectInputStream; -import java.io.ObjectOutputStream; -import java.io.Serializable; - -/** - *

SignedObject is a class for the purpose of creating authentic - * runtime objects whose integrity cannot be compromised without being detected. - *

- * - *

More specifically, a SignedObject contains another - * {@link Serializable} object, the (to-be-)signed object and its signature.

- * - *

The signed object is a "deep copy" (in serialized form) of an - * original object. Once the copy is made, further manipulation of the original - * object has no side effect on the copy.

- * - *

The underlying signing algorithm is designated by the {@link Signature} - * object passed to the constructor and the verify() method. A - * typical usage for signing is the following:

- * - * 
- * Signature signingEngine = Signature.getInstance(algorithm, provider);
- * SignedObject so = new SignedObject(myobject, signingKey, signingEngine);
- *
- * - *

A typical usage for verification is the following (having received - * SignedObject so):

- * - * 
- * Signature verificationEngine = Signature.getInstance(algorithm, provider);
- * if (so.verify(publickey, verificationEngine))
- *   try
- *     {
- *       Object myobj = so.getObject();
- *     }
- *   catch (ClassNotFoundException ignored) {};
- *
- * - *

Several points are worth noting. First, there is no need to initialize the - * signing or verification engine, as it will be re-initialized inside the - * constructor and the verify() method. Secondly, for verification - * to succeed, the specified public key must be the public key corresponding to - * the private key used to generate the SignedObject.

- * - *

More importantly, for flexibility reasons, the constructor - * and verify() method allow for customized signature engines, - * which can implement signature algorithms that are not installed formally as - * part of a crypto provider. However, it is crucial that the programmer writing - * the verifier code be aware what {@link Signature} engine is being used, as - * its own implementation of the verify() method is invoked to - * verify a signature. In other words, a malicious {@link Signature} may choose - * to always return true on verification in an attempt to bypass a - * security check.

- * - *

The signature algorithm can be, among others, the NIST standard DSS, - * using DSA and SHA-1. The algorithm is specified using the same - * convention as that for signatures. The DSA algorithm using the - * SHA-1 message digest algorithm can be specified, for example, as - * "SHA/DSA" or "SHA-1/DSA" (they are equivalent). In - * the case of RSA, there are multiple choices for the message digest - * algorithm, so the signing algorithm could be specified as, for example, - * "MD2/RSA", "MD5/RSA" or "SHA-1/RSA". - * The algorithm name must be specified, as there is no default.

- * - *

The name of the Cryptography Package Provider is designated also by the - * {@link Signature} parameter to the constructor and the - * verify() method. If the provider is not specified, the default - * provider is used. Each installation can be configured to use a particular - * provider as default.

- * - *

Potential applications of SignedObject include:

- * - * - * - * @author Mark Benvenuto (ivymccough@worldnet.att.net) - * @since 1.2 - * @see Signature - */ -public final class SignedObject implements Serializable -{ - private static final long serialVersionUID = 720502720485447167L; - - /** @serial */ - private byte[] content; - /** @serial */ - private byte[] signature; - /** @serial */ - private String thealgorithm; - - /** - * Constructs a SignedObject from any {@link Serializable} - * object. The given object is signed with the given signing key, using the - * designated signature engine. - * - * @param object the object to be signed. - * @param signingKey the private key for signing. - * @param signingEngine the signature signing engine. - * @throws IOException if an error occurs during serialization. - * @throws InvalidKeyException if the key is invalid. - * @throws SignatureException if signing fails. - */ - public SignedObject(Serializable object, PrivateKey signingKey, - Signature signingEngine) - throws IOException, InvalidKeyException, SignatureException - { - thealgorithm = signingEngine.getAlgorithm(); - - ByteArrayOutputStream ostream = new ByteArrayOutputStream(); - ObjectOutputStream p = new ObjectOutputStream(ostream); - p.writeObject(object); - p.flush(); - p.close(); - - content = ostream.toByteArray(); - - signingEngine.initSign(signingKey); - signingEngine.update(content); - signature = signingEngine.sign(); - } - - /** - * Retrieves the encapsulated object. The encapsulated object is de-serialized - * before it is returned. - * - * @return the encapsulated object. - * @throws IOException if an error occurs during de-serialization. - * @throws ClassNotFoundException if an error occurs during de-serialization. - */ - public Object getObject() throws IOException, ClassNotFoundException - { - ByteArrayInputStream bais = new ByteArrayInputStream(content); - ObjectInput oi = new ObjectInputStream(bais); - Object obj = oi.readObject(); - oi.close(); - bais.close(); - - return obj; - } - - /** - * Retrieves the signature on the signed object, in the form of a byte array. - * - * @return a copy of the signature. - */ - public byte[] getSignature() - { - return (byte[]) signature.clone(); - - } - - /** - * Retrieves the name of the signature algorithm. - * - * @return the signature algorithm name. - */ - public String getAlgorithm() - { - return thealgorithm; - } - - /** - * Verifies that the signature in this SignedObject is the valid - * signature for the object stored inside, with the given verification key, - * using the designated verification engine. - * - * @param verificationKey the public key for verification. - * @param verificationEngine the signature verification engine. - * @return true if the signature is valid, false - * otherwise. - * @throws SignatureException if signature verification failed. - * @throws InvalidKeyException if the verification key is invalid. - */ - public boolean verify(PublicKey verificationKey, Signature verificationEngine) - throws InvalidKeyException, SignatureException - { - verificationEngine.initVerify(verificationKey); - verificationEngine.update(content); - return verificationEngine.verify(signature); - } - - /** Called to restore the state of the SignedObject from a stream. */ - private void readObject(ObjectInputStream s) - throws IOException, ClassNotFoundException - { - s.defaultReadObject(); - content = (byte[]) content.clone(); - signature = (byte[]) signature.clone(); - } -} -- cgit v1.1