procyberian/gcc
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Imported GNU Classpath 0.92

Browse source 
2006-08-14  Mark Wielaard  <mark@klomp.org>

       Imported GNU Classpath 0.92
       * HACKING: Add more importing hints. Update automake version
       requirement.

       * configure.ac (gconf-peer): New enable AC argument.
       Add --disable-gconf-peer and --enable-default-preferences-peer
       to classpath configure when gconf is disabled.
       * scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and
       gnu/java/awt/dnd/peer/gtk to bc. Classify
       gnu/java/security/Configuration.java as generated source file.

       * gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java,
       gnu/java/lang/management/VMClassLoadingMXBeanImpl.java,
       gnu/java/lang/management/VMRuntimeMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java,
       gnu/java/lang/management/VMThreadMXBeanImpl.java,
       gnu/java/lang/management/VMMemoryMXBeanImpl.java,
       gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub
       classes.
       * java/lang/management/VMManagementFactory.java: Likewise.
       * java/net/VMURLConnection.java: Likewise.
       * gnu/java/nio/VMChannel.java: Likewise.

       * java/lang/Thread.java (getState): Add stub implementation.
       * java/lang/Class.java (isEnum): Likewise.
       * java/lang/Class.h (isEnum): Likewise.

       * gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed.

       * javax/naming/spi/NamingManager.java: New override for StackWalker
       functionality.

       * configure, sources.am, Makefile.in, gcj/Makefile.in,
       include/Makefile.in, testsuite/Makefile.in: Regenerated.

From-SVN: r116139
This commit is contained in:
Mark Wielaard 2006-08-14 23:12:35 +00:00
parent abab460491
commit ac1ed908de
1294 changed files with 99479 additions and 35933 deletions
Download patch file Download diff file Expand all files Collapse all files

128
libjava/classpath/gnu/java/security/key/dss/DSSKey.java
View file

@ -38,74 +38,77 @@ exception statement from your version. */
package gnu.java.security.key.dss;
import gnu.classpath.SystemProperties;
import gnu.java.security.Registry;
import gnu.java.security.action.GetPropertyAction;
import gnu.java.security.util.FormatUtil;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.Key;
import java.security.interfaces.DSAKey;
import java.security.interfaces.DSAParams;
import java.security.spec.DSAParameterSpec;
/**
* <p>A base asbtract class for both public and private DSS (Digital Signature
* A base asbtract class for both public and private DSS (Digital Signature
* Standard) keys. It encapsulates the three DSS numbers: <code>p</code>,
* <code>q</code> and <code>g</code>.</p>
*
* <p>According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
* <code>q</code> and <code>g</code>.
* <p>
* According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>.
* The format used in this implementation is called <i>Raw</i>, and basically
* consists of the raw byte sequences of algorithm parameters. The exact order
* of the byte sequences and the implementation details are given in each of
* the relevant <code>getEncoded()</code> methods of each of the private and
* public keys.</p>
*
* of the byte sequences and the implementation details are given in each of the
* relevant <code>getEncoded()</code> methods of each of the private and
* public keys.
* <p>
* <b>IMPORTANT</b>: Under certain circumstances (e.g. in an X.509 certificate
* with inherited AlgorithmIdentifier's parameters of a SubjectPublicKeyInfo
* element) these three MPIs may be <code>null</code>.
*
* @see DSSPrivateKey#getEncoded
* @see DSSPublicKey#getEncoded
*/
public abstract class DSSKey implements Key, DSAKey
public abstract class DSSKey
implements Key, DSAKey
{
// Constants and variables
// -------------------------------------------------------------------------
/**
* A prime modulus, where <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code>
* for <code>512 &lt;= L &lt;= 1024</code> and <code>L</code> a multiple of
* A prime modulus, where
* <code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for
* <code>512 &lt;= L &lt;= 1024</code> and <code>L</code> a multiple of
* <code>64</code>.
*/
protected final BigInteger p;
/**
* A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup> &lt; q
* A prime divisor of <code>p - 1</code>, where
* <code>2<sup>159</sup> &lt; q
* &lt; 2<sup>160</sup></code>.
*/
protected final BigInteger q;
/**
* <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is any
* integer with <code>1 &lt; h &lt; p - 1</code> such that <code>h<sup>
* (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order <code>q mod p
* <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is
* any integer with <code>1 &lt; h &lt; p - 1</code> such that <code>h<sup>
* (p-1)</sup>/q mod p > 1</code> (<code>g</code>
* has order <code>q mod p
* </code>).
*/
protected final BigInteger g;
/**
* Identifier of the default encoding format to use when externalizing the
* key material.
* Identifier of the default encoding format to use when externalizing the key
* material.
*/
protected final int defaultFormat;
/** String representation of this key. Cached for speed. */
private transient String str;
// Constructor(s)
// -------------------------------------------------------------------------
/**
* Trivial protected constructor.
*
* @param defaultFormat the identifier of the encoding format to use by
* default when externalizing the key.
* default when externalizing the key.
* @param p the DSS parameter <code>p</code>.
* @param q the DSS parameter <code>q</code>.
* @param g the DSS parameter <code>g</code>.
@ -121,21 +124,11 @@ public abstract class DSSKey implements Key, DSAKey
this.g = g;
}
// Class methods
// -------------------------------------------------------------------------
// Instance methods
// -------------------------------------------------------------------------
// java.security.interfaces.DSAKey interface implementation ----------------
public DSAParams getParams()
{
return new DSAParameterSpec(p, q, g);
}
// java.security.Key interface implementation ------------------------------
public String getAlgorithm()
{
return Registry.DSS_KPG;
@ -152,27 +145,31 @@ public abstract class DSSKey implements Key, DSAKey
return FormatUtil.getEncodingShortName(defaultFormat);
}
// Other instance methods --------------------------------------------------
/**
* <p>Returns <code>true</code> if the designated object is an instance of
* Returns <code>true</code> if the designated object is an instance of
* {@link DSAKey} and has the same DSS (Digital Signature Standard) parameter
* values as this one.</p>
*
* values as this one.
* <p>
* Always returns <code>false</code> if the MPIs of this key are
* <i>inherited</i>. This may be the case when the key is re-constructed from
* an X.509 certificate with absent or NULL AlgorithmIdentifier's parameters
* field.
*
* @param obj the other non-null DSS key to compare to.
* @return <code>true</code> if the designated object is of the same type and
* value as this one.
* @return <code>true</code> if the designated object is of the same type
* and value as this one.
*/
public boolean equals(Object obj)
{
if (hasInheritedParameters())
return false;
if (obj == null)
{
return false;
}
if (!(obj instanceof DSAKey))
{
return false;
}
return false;
if (! (obj instanceof DSAKey))
return false;
DSAKey that = (DSAKey) obj;
return p.equals(that.getParams().getP())
&& q.equals(that.getParams().getQ())
@ -183,19 +180,32 @@ public abstract class DSSKey implements Key, DSAKey
{
if (str == null)
{
String ls = SystemProperties.getProperty("line.separator");
str = new StringBuilder().append(ls)
.append("defaultFormat=").append(defaultFormat).append(",").append(ls)
.append("p=0x").append(p.toString(16)).append(",").append(ls)
.append("q=0x").append(q.toString(16)).append(",").append(ls)
.append("g=0x").append(g.toString(16))
.toString();
String ls = (String) AccessController.doPrivileged(new GetPropertyAction("line.separator"));
StringBuilder sb = new StringBuilder(ls)
.append("defaultFormat=").append(defaultFormat).append(",")
.append(ls);
if (hasInheritedParameters())
sb.append("p=inherited,").append(ls)
.append("q=inherited,").append(ls)
.append("g=inherited");
else
sb.append("p=0x").append(p.toString(16)).append(",").append(ls)
.append("q=0x").append(q.toString(16)).append(",").append(ls)
.append("g=0x").append(g.toString(16));
str = sb.toString();
}
return str;
}
// abstract methods to be implemented by subclasses ------------------------
public abstract byte[] getEncoded(int format);
/**
* @return <code>true</code> if <code>p</code>, <code>q</code> and
* <code>g</code> are all <code>null</code>. Returns
* <code>false</code> otherwise.
*/
public boolean hasInheritedParameters()
{
return p == null && q == null && g == null;
}
}

259
libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java
View file

@ -38,12 +38,12 @@ exception statement from your version. */
package gnu.java.security.key.dss;
import gnu.java.security.Configuration;
import gnu.java.security.Registry;
import gnu.java.security.hash.Sha160;
import gnu.java.security.key.IKeyPairGenerator;
import gnu.java.security.util.PRNG;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
@ -51,76 +51,57 @@ import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.DSAParameterSpec;
import java.util.Map;
import java.util.logging.Logger;
/**
* <p>A key-pair generator for asymetric keys to use in conjunction with the DSS
* (Digital Signature Standard).</p>
*
* References:<br>
* A key-pair generator for asymetric keys to use in conjunction with the DSS
* (Digital Signature Standard).
* <p>
* References:
* <p>
* <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
* Standard (DSS)</a>, Federal Information Processing Standards Publication 186.
* National Institute of Standards and Technology.
* Standard (DSS)</a>, Federal Information Processing Standards Publication
* 186. National Institute of Standards and Technology.
*/
public class DSSKeyPairGenerator implements IKeyPairGenerator
public class DSSKeyPairGenerator
implements IKeyPairGenerator
{
// Debugging methods and variables
// -------------------------------------------------------------------------
private static final String NAME = "dss";
private static final boolean DEBUG = false;
private static final int debuglevel = 5;
private static final PrintWriter err = new PrintWriter(System.out, true);
private static void debug(String s)
{
err.println(">>> " + NAME + ": " + s);
}
// Constants and variables
// -------------------------------------------------------------------------
private static final Logger log = Logger.getLogger(DSSKeyPairGenerator.class.getName());
/** The BigInteger constant 2. */
private static final BigInteger TWO = new BigInteger("2");
private static final BigInteger TWO = BigInteger.valueOf(2L);
/** Property name of the length (Integer) of the modulus (p) of a DSS key. */
public static final String MODULUS_LENGTH = "gnu.crypto.dss.L";
/**
* Property name of the Boolean indicating wether or not to use default pre-
* computed values of <code>p</code>, <code>q</code> and <code>g</code> for
* a given modulus length. The ultimate behaviour of this generator with
* computed values of <code>p</code>, <code>q</code> and <code>g</code>
* for a given modulus length. The ultimate behaviour of this generator with
* regard to using pre-computed parameter sets will depend on the value of
* this property and of the following one {@link #STRICT_DEFAULTS}:
*
* <ol>
* <li>If this property is {@link Boolean#FALSE} then this generator
* will accept being setup for generating parameters for any modulus length
* provided the modulus length is between <code>512</code> and
* <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In
* addition, a new paramter set will always be generated; i.e. no pre-
* computed values are used.</li>
*
* <li>If this property is {@link Boolean#TRUE} and the value of
* {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator
* will only accept being setup for generating parameters for modulus
* lengths of <code>512</code>, <code>768</code> and <code>1024</code>. Any
* other value, of the modulus length, even if between <code>512</code> and
* <code>1024</code>, and of the form <code>512 + 64 * n</code>, will cause
* an {@link IllegalArgumentException} to be thrown. When those modulus
* length (<code>512</code>, <code>768</code>, and <code>1024</code>) are
* specified, the paramter set is always the same.</li>
*
* <li>Finally, if this property is {@link Boolean#TRUE} and the value of
* {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator
* will behave as in point 1 above, except that it will use pre-computed
* values when possible; i.e. the modulus length is one of <code>512</code>,
* <code>768</code>, or <code>1024</code>.</li>
* <li>If this property is {@link Boolean#FALSE} then this generator will
* accept being setup for generating parameters for any modulus length
* provided the modulus length is between <code>512</code> and
* <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In
* addition, a new paramter set will always be generated; i.e. no pre-
* computed values are used.</li>
* <li>If this property is {@link Boolean#TRUE} and the value of
* {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator
* will only accept being setup for generating parameters for modulus lengths
* of <code>512</code>, <code>768</code> and <code>1024</code>. Any
* other value, of the modulus length, even if between <code>512</code> and
* <code>1024</code>, and of the form <code>512 + 64 * n</code>, will
* cause an {@link IllegalArgumentException} to be thrown. When those modulus
* length (<code>512</code>, <code>768</code>, and <code>1024</code>)
* are specified, the paramter set is always the same.</li>
* <li>Finally, if this property is {@link Boolean#TRUE} and the value of
* {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator will
* behave as in point 1 above, except that it will use pre-computed values
* when possible; i.e. the modulus length is one of <code>512</code>,
* <code>768</code>, or <code>1024</code>.</li>
* </ol>
*
* The default value of this property is {@link Boolean#TRUE}.
*/
public static final String USE_DEFAULTS = "gnu.crypto.dss.use.defaults";
@ -145,8 +126,8 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
/**
* Property name of an optional {@link DSAParameterSpec} instance to use for
* this generator's <code>p</code>, <code>q</code>, and <code>g</code> values.
* The default is to generate these values or use pre-computed ones,
* this generator's <code>p</code>, <code>q</code>, and <code>g</code>
* values. The default is to generate these values or use pre-computed ones,
* depending on the value of the <code>USE_DEFAULTS</code> attribute.
*/
public static final String DSS_PARAMETERS = "gnu.crypto.dss.params";
@ -165,55 +146,41 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID;
/** Initial SHS context. */
private static final int[] T_SHS = new int[] { 0x67452301, 0xEFCDAB89,
0x98BADCFE, 0x10325476,
0xC3D2E1F0 };
private static final int[] T_SHS = new int[] {
0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0
};
// from jdk1.3.1/docs/guide/security/CryptoSpec.html#AppB
public static final DSAParameterSpec KEY_PARAMS_512 = new DSAParameterSpec(
new BigInteger(
"fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae"
+ "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17",
16),
new BigInteger(
"962eddcc369cba8ebb260ee6b6a126d9346e38c5",
16),
new BigInteger(
"678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e"
+ "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4",
16));
new BigInteger(
"fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae"
+ "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16),
new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16),
new BigInteger(
"678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e"
+ "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16));
public static final DSAParameterSpec KEY_PARAMS_768 = new DSAParameterSpec(
new BigInteger(
"e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419"
+ "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77"
+ "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf",
16),
new BigInteger(
"9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511",
16),
new BigInteger(
"30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4"
+ "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8"
+ "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252",
16));
new BigInteger(
"e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419"
+ "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77"
+ "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16),
new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16),
new BigInteger(
"30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4"
+ "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8"
+ "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16));
public static final DSAParameterSpec KEY_PARAMS_1024 = new DSAParameterSpec(
new BigInteger(
"fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669"
+ "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7"
+ "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb"
+ "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7",
16),
new BigInteger(
"9760508f15230bccb292b982a2eb840bf0581cf5",
16),
new BigInteger(
"f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267"
+ "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1"
+ "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b"
+ "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a",
16));
new BigInteger(
"fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669"
+ "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7"
+ "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb"
+ "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16),
new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16),
new BigInteger(
"f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267"
+ "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1"
+ "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b"
+ "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16));
private static final BigInteger TWO_POW_160 = TWO.pow(160);
@ -243,31 +210,18 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
/** Preferred encoding format of generated keys. */
private int preferredFormat;
// Constructor(s)
// -------------------------------------------------------------------------
// implicit 0-arguments constructor
// Class methods
// -------------------------------------------------------------------------
// Instance methods
// -------------------------------------------------------------------------
// gnu.crypto.key.IKeyPairGenerator interface implementation ---------------
public String name()
{
return Registry.DSS_KPG;
}
/**
* <p>Configures this instance.</p>
*
* Configures this instance.
*
* @param attributes the map of name/value pairs to use.
* @exception IllegalArgumentException if the designated MODULUS_LENGTH
* value is not greater than 512, less than 1024 and not of the form
* <code>512 + 64j</code>.
* @exception IllegalArgumentException if the designated MODULUS_LENGTH value
* is not greater than 512, less than 1024 and not of the form
* <code>512 + 64j</code>.
*/
public void setup(Map attributes)
{
@ -280,9 +234,7 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
// should we use the default pre-computed params?
Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS);
if (useDefaults == null)
{
useDefaults = Boolean.TRUE;
}
useDefaults = Boolean.TRUE;
Boolean strictDefaults = (Boolean) attributes.get(STRICT_DEFAULTS);
if (strictDefaults == null)
@ -334,16 +286,12 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
q = null;
g = null;
}
// do we have a SecureRandom, or should we use our own?
rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
// what is the preferred encoding format
Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
preferredFormat = formatID == null
? DEFAULT_ENCODING_FORMAT
: formatID.intValue();
preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
: formatID.intValue();
// set the seed-key
byte[] kb = new byte[20]; // we need 160 bits of randomness
nextRandomBytes(kb);
@ -361,76 +309,65 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator
p = params[FIPS186.DSA_PARAMS_P];
e = params[FIPS186.DSA_PARAMS_E];
g = params[FIPS186.DSA_PARAMS_G];
if (DEBUG && debuglevel > 0)
if (Configuration.DEBUG)
{
debug("seed: " + seed.toString(16));
debug("counter: " + counter.intValue());
debug("q: " + q.toString(16));
debug("p: " + p.toString(16));
debug("e: " + e.toString(16));
debug("g: " + g.toString(16));
log.fine("seed: " + seed.toString(16));
log.fine("counter: " + counter.intValue());
log.fine("q: " + q.toString(16));
log.fine("p: " + p.toString(16));
log.fine("e: " + e.toString(16));
log.fine("g: " + g.toString(16));
}
}
BigInteger x = nextX();
BigInteger y = g.modPow(x, p);
PublicKey pubK = new DSSPublicKey(preferredFormat, p, q, g, y);
PrivateKey secK = new DSSPrivateKey(preferredFormat, p, q, g, x);
return new KeyPair(pubK, secK);
}
// Other instance methods --------------------------------------------------
/**
* <p>This method applies the following algorithm described in 3.1 of
* FIPS-186:</p>
*
* This method applies the following algorithm described in 3.1 of FIPS-186:
* <ol>
* <li>XSEED = optional user input.</li>
* <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li>
* <li>x = G(t, XVAL) mod q.</li>
* <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li>
* <li>XSEED = optional user input.</li>
* <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li>
* <li>x = G(t, XVAL) mod q.</li>
* <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li>
* </ol>
*
* <p>Where <code>b</code> is the length of a secret b-bit seed-key (XKEY).</p>
*
* <p>Note that in this implementation, XSEED, the optional user input, is
* always zero.</p>
* <p>
* Where <code>b</code> is the length of a secret b-bit seed-key (XKEY).
* <p>
* Note that in this implementation, XSEED, the optional user input, is always
* zero.
*/
private synchronized BigInteger nextX()
{
byte[] xk = XKEY.toByteArray();
byte[] in = new byte[64]; // 512-bit block for SHS
System.arraycopy(xk, 0, in, 0, xk.length);
int[] H = Sha160.G(T_SHS[0], T_SHS[1], T_SHS[2], T_SHS[3], T_SHS[4], in, 0);
byte[] h = new byte[20];
for (int i = 0, j = 0; i < 5; i++)
{
h[j++] = (byte) (H[i] >>> 24);
h[j++] = (byte) (H[i] >>> 16);
h[j++] = (byte) (H[i] >>> 8);
h[j++] = (byte)(H[i] >>> 24);
h[j++] = (byte)(H[i] >>> 16);
h[j++] = (byte)(H[i] >>> 8);
h[j++] = (byte) H[i];
}
BigInteger result = new BigInteger(1, h).mod(q);
XKEY = XKEY.add(result).add(BigInteger.ONE).mod(TWO_POW_160);
return result;
}
/**
* <p>Fills the designated byte array with random data.</p>
*
* Fills the designated byte array with random data.
*
* @param buffer the byte array to fill with random data.
*/
private void nextRandomBytes(byte[] buffer)
{
if (rnd != null)
{
rnd.nextBytes(buffer);
}
rnd.nextBytes(buffer);
else
getDefaultPRNG().nextBytes(buffer);
}

20
libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
View file

@ -38,6 +38,7 @@ exception statement from your version. */
package gnu.java.security.key.dss;
import gnu.java.security.Configuration;
import gnu.java.security.OID;
import gnu.java.security.Registry;
import gnu.java.security.der.DER;
@ -158,11 +159,10 @@ public class DSSKeyPairPKCS8Codec
}
catch (IOException e)
{
InvalidParameterException y = new InvalidParameterException();
InvalidParameterException y = new InvalidParameterException(e.getMessage());
y.initCause(e);
throw y;
}
return result;
}
@ -184,8 +184,8 @@ public class DSSKeyPairPKCS8Codec
*/
public PrivateKey decodePrivateKey(byte[] input)
{
log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey");
if (Configuration.DEBUG)
log.entering(this.getClass().getName(), "decodePrivateKey");
if (input == null)
throw new InvalidParameterException("Input bytes MUST NOT be null");
@ -226,9 +226,11 @@ public class DSSKeyPairPKCS8Codec
g = (BigInteger) val.getValue();
val = der.read();
log.finest("val = " + val);
if (Configuration.DEBUG)
log.fine("val = " + val);
byte[] xBytes = (byte[]) val.getValue();
log.finest(Util.dumpString(xBytes, "xBytes: "));
if (Configuration.DEBUG)
log.fine(Util.dumpString(xBytes, "xBytes: "));
DERReader der2 = new DERReader(xBytes);
val = der2.read();
DerUtil.checkIsBigInteger(val, "Wrong X field");
@ -236,12 +238,12 @@ public class DSSKeyPairPKCS8Codec
}
catch (IOException e)
{
InvalidParameterException y = new InvalidParameterException();
InvalidParameterException y = new InvalidParameterException(e.getMessage());
y.initCause(e);
throw y;
}
log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey");
if (Configuration.DEBUG)
log.exiting(this.getClass().getName(), "decodePrivateKey");
return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x);
}
}

250
libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
View file

@ -47,91 +47,72 @@ import java.security.PrivateKey;
import java.security.PublicKey;
/**
* <p>An object that implements the {@link IKeyPairCodec} operations for the
* <i>Raw</i> format to use with DSS keypairs.</p>
* An object that implements the {@link IKeyPairCodec} operations for the
* <i>Raw</i> format to use with DSS keypairs.
*/
public class DSSKeyPairRawCodec implements IKeyPairCodec
public class DSSKeyPairRawCodec
implements IKeyPairCodec
{
// Constants and variables
// -------------------------------------------------------------------------
// Constructor(s)
// -------------------------------------------------------------------------
// implicit 0-arguments constructor
// Class methods
// -------------------------------------------------------------------------
// Instance methods
// -------------------------------------------------------------------------
// gnu.crypto.keys.IKeyPairCodec interface implementation ------------------
public int getFormatID()
{
return RAW_FORMAT;
}
/**
* <p>Returns the encoded form of the designated DSS (Digital Signature
* Standard) public key according to the <i>Raw</i> format supported by
* this library.</p>
*
* <p>The <i>Raw</i> format for a DSA public key, in this implementation, is
* a byte sequence consisting of the following:</p>
* Returns the encoded form of the designated DSS (Digital Signature Standard)
* public key according to the <i>Raw</i> format supported by this library.
* <p>
* The <i>Raw</i> format for a DSA public key, in this implementation, is a
* byte sequence consisting of the following:
* <ol>
* <li>4-byte magic consisting of the value of the literal
* {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},<li>
* <li>1-byte version consisting of the constant: 0x01,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>p</code> in internet order,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>p</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>q</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>q</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>g</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>g</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>y</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>y</code>,</li>
* <li>4-byte magic consisting of the value of the literal
* {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},
* <li>
* <li>1-byte version consisting of the constant: 0x01,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>p</code> in internet order,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>p</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>q</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>q</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>g</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>g</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>y</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>y</code>,
* </li>
* </ol>
*
*
* @param key the key to encode.
* @return the <i>Raw</i> format encoding of the designated key.
* @throws IllegalArgumentException if the designated key is not a DSS
* (Digital Signature Standard) one.
* (Digital Signature Standard) one.
* @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY
*/
public byte[] encodePublicKey(PublicKey key)
{
if (!(key instanceof DSSPublicKey))
{
throw new IllegalArgumentException("key");
}
if (! (key instanceof DSSPublicKey))
throw new IllegalArgumentException("key");
DSSPublicKey dssKey = (DSSPublicKey) key;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
// magic
baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0]);
baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]);
baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]);
baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]);
// version
baos.write(0x01);
// p
byte[] buffer = dssKey.getParams().getP().toByteArray();
int length = buffer.length;
@ -140,7 +121,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// q
buffer = dssKey.getParams().getQ().toByteArray();
length = buffer.length;
@ -149,7 +129,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// g
buffer = dssKey.getParams().getG().toByteArray();
length = buffer.length;
@ -158,7 +137,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// y
buffer = dssKey.getY().toByteArray();
length = buffer.length;
@ -167,7 +145,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
return baos.toByteArray();
}
@ -178,112 +155,106 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
|| k[1] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]
|| k[2] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]
|| k[3] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3])
{
throw new IllegalArgumentException("magic");
}
throw new IllegalArgumentException("magic");
// version
if (k[4] != 0x01)
{
throw new IllegalArgumentException("version");
}
int i = 5;
throw new IllegalArgumentException("version");
int i = 5;
int l;
byte[] buffer;
// p
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger p = new BigInteger(1, buffer);
// q
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger q = new BigInteger(1, buffer);
// g
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger g = new BigInteger(1, buffer);
// y
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger y = new BigInteger(1, buffer);
return new DSSPublicKey(p, q, g, y);
}
/**
* <p>Returns the encoded form of the designated DSS (Digital Signature
* Standard) private key according to the <i>Raw</i> format supported by
* this library.</p>
*
* <p>The <i>Raw</i> format for a DSA private key, in this implementation, is
* a byte sequence consisting of the following:</p>
* Returns the encoded form of the designated DSS (Digital Signature Standard)
* private key according to the <i>Raw</i> format supported by this library.
* <p>
* The <i>Raw</i> format for a DSA private key, in this implementation, is a
* byte sequence consisting of the following:
* <ol>
* <li>4-byte magic consisting of the value of the literal
* {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},<li>
* <li>1-byte version consisting of the constant: 0x01,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>p</code> in internet order,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>p</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>q</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>q</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>g</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>g</code>,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>x</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter
* <code>x</code>,</li>
* <li>4-byte magic consisting of the value of the literal
* {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},
* <li>
* <li>1-byte version consisting of the constant: 0x01,</li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>p</code> in internet order,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>p</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>q</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>q</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>g</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>g</code>,
* </li>
* <li>4-byte count of following bytes representing the DSA parameter
* <code>x</code>,</li>
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
* the <code>toByteArray()</code> method on the DSA parameter <code>x</code>,
* </li>
* </ol>
*
*
* @param key the key to encode.
* @return the <i>Raw</i> format encoding of the designated key.
* @throws IllegalArgumentException if the designated key is not a DSS
* (Digital Signature Standard) one.
* (Digital Signature Standard) one.
*/
public byte[] encodePrivateKey(PrivateKey key)
{
if (!(key instanceof DSSPrivateKey))
{
throw new IllegalArgumentException("key");
}
if (! (key instanceof DSSPrivateKey))
throw new IllegalArgumentException("key");
DSSPrivateKey dssKey = (DSSPrivateKey) key;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
// magic
baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0]);
baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]);
baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]);
baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]);
// version
baos.write(0x01);
// p
byte[] buffer = dssKey.getParams().getP().toByteArray();
int length = buffer.length;
@ -292,7 +263,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// q
buffer = dssKey.getParams().getQ().toByteArray();
length = buffer.length;
@ -301,7 +271,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// g
buffer = dssKey.getParams().getG().toByteArray();
length = buffer.length;
@ -310,7 +279,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
// x
buffer = dssKey.getX().toByteArray();
length = buffer.length;
@ -319,7 +287,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
baos.write((length >>> 8) & 0xFF);
baos.write(length & 0xFF);
baos.write(buffer, 0, length);
return baos.toByteArray();
}
@ -330,52 +297,51 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec
|| k[1] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]
|| k[2] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]
|| k[3] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3])
{
throw new IllegalArgumentException("magic");
}
throw new IllegalArgumentException("magic");
// version
if (k[4] != 0x01)
{
throw new IllegalArgumentException("version");
}
int i = 5;
throw new IllegalArgumentException("version");
int i = 5;
int l;
byte[] buffer;
// p
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger p = new BigInteger(1, buffer);
// q
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger q = new BigInteger(1, buffer);
// g
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger g = new BigInteger(1, buffer);
// x
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
l = k[i++] << 24
| (k[i++] & 0xFF) << 16
| (k[i++] & 0xFF) << 8
| (k[i++] & 0xFF);
buffer = new byte[l];
System.arraycopy(k, i, buffer, 0, l);
i += l;
BigInteger x = new BigInteger(1, buffer);
return new DSSPrivateKey(p, q, g, x);
}
}

92
libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
View file

@ -94,9 +94,15 @@ public class DSSKeyPairX509Codec
* g INTEGER
* }
* </pre>
*
* <p>The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
* DER-encoded form of the DSA public key as an INTEGER.</p>
* <p>
* Note that RFC-3280 (page 79) implies that some certificates MAY have an
* absent, or NULL, parameters field in their AlgorithmIdentifier element,
* implying that those parameters MUST be <i>inherited</i> from another
* certificate. This implementation, encodes a <i>NULL</i> element as the DER
* value of the parameters field when such is the case.
* <p>
* The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
* DER-encoded form of the DSA public key as an INTEGER.
*
* <pre>
* DSAPublicKey ::= INTEGER -- public key, Y
@ -118,20 +124,25 @@ public class DSSKeyPairX509Codec
DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID);
DSSPublicKey dssKey = (DSSPublicKey) key;
BigInteger p = dssKey.getParams().getP();
BigInteger q = dssKey.getParams().getQ();
BigInteger g = dssKey.getParams().getG();
BigInteger y = dssKey.getY();
DERValue derParams;
if (dssKey.hasInheritedParameters())
derParams = new DERValue(DER.NULL, null);
else
{
BigInteger p = dssKey.getParams().getP();
BigInteger q = dssKey.getParams().getQ();
BigInteger g = dssKey.getParams().getG();
DERValue derP = new DERValue(DER.INTEGER, p);
DERValue derQ = new DERValue(DER.INTEGER, q);
DERValue derG = new DERValue(DER.INTEGER, g);
DERValue derP = new DERValue(DER.INTEGER, p);
DERValue derQ = new DERValue(DER.INTEGER, q);
DERValue derG = new DERValue(DER.INTEGER, g);
ArrayList params = new ArrayList(3);
params.add(derP);
params.add(derQ);
params.add(derG);
DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
ArrayList params = new ArrayList(3);
params.add(derP);
params.add(derQ);
params.add(derG);
derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
}
ArrayList algorithmID = new ArrayList(2);
algorithmID.add(derOID);
@ -139,6 +150,7 @@ public class DSSKeyPairX509Codec
DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
algorithmID);
BigInteger y = dssKey.getY();
DERValue derDSAPublicKey = new DERValue(DER.INTEGER, y);
byte[] yBytes = derDSAPublicKey.getEncoded();
DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes));
@ -157,11 +169,10 @@ public class DSSKeyPairX509Codec
}
catch (IOException x)
{
InvalidParameterException e = new InvalidParameterException();
InvalidParameterException e = new InvalidParameterException(x.getMessage());
e.initCause(x);
throw e;
}
return result;
}
@ -186,7 +197,10 @@ public class DSSKeyPairX509Codec
if (input == null)
throw new InvalidParameterException("Input bytes MUST NOT be null");
BigInteger p, g, q, y;
BigInteger p = null;
BigInteger g = null;
BigInteger q = null;
BigInteger y;
DERReader der = new DERReader(input);
try
{
@ -204,20 +218,35 @@ public class DSSKeyPairX509Codec
if (! algOID.equals(DSA_ALG_OID))
throw new InvalidParameterException("Unexpected OID: " + algOID);
DERValue derParams = der.read();
DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field");
DERValue val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong P field");
p = (BigInteger) val.getValue();
val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong Q field");
q = (BigInteger) val.getValue();
val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong G field");
g = (BigInteger) val.getValue();
// RFC-3280, page 79 states: "If the subjectPublicKeyInfo field of the
// certificate contains an algorithm field with null parameters or
// parameters are omitted, compare the certificate subjectPublicKey
// algorithm to the working_public_key_algorithm. If the certificate
// subjectPublicKey algorithm and the working_public_key_algorithm are
// different, set the working_public_key_parameters to null."
// in other words, the parameters field of an AlgorithmIdentifier
// element MAY NOT be present at all, or if present MAY be NULL!
// the Mauve test ValidDSAParameterInheritenceTest5, in
// gnu.testlet.java.security.cert.pkix.pkits, is/was failing because
// of this.
if (val.getTag() == DER.NULL)
val = der.read();
else if (val.isConstructed())
{
val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong P field");
p = (BigInteger) val.getValue();
val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong Q field");
q = (BigInteger) val.getValue();
val = der.read();
DerUtil.checkIsBigInteger(val, "Wrong G field");
g = (BigInteger) val.getValue();
val = der.read();
}
val = der.read();
if (! (val.getValue() instanceof BitString))
throw new InvalidParameterException("Wrong SubjectPublicKey field");
@ -230,11 +259,10 @@ public class DSSKeyPairX509Codec
}
catch (IOException x)
{
InvalidParameterException e = new InvalidParameterException();
InvalidParameterException e = new InvalidParameterException(x.getMessage());
e.initCause(x);
throw e;
}
return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y);
}

78
libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
View file

@ -38,38 +38,34 @@ exception statement from your version. */
package gnu.java.security.key.dss;
import gnu.classpath.SystemProperties;
import gnu.java.security.Configuration;
import gnu.java.security.Registry;
import gnu.java.security.action.GetPropertyAction;
import gnu.java.security.key.IKeyPairCodec;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.PrivateKey;
import java.security.interfaces.DSAPrivateKey;
/**
* <p>An object that embodies a DSS (Digital Signature Standard) private key.</p>
*
* An object that embodies a DSS (Digital Signature Standard) private key.
*
* @see #getEncoded
*/
public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
public class DSSPrivateKey
extends DSSKey
implements PrivateKey, DSAPrivateKey
{
// Constants and variables
// -------------------------------------------------------------------------
private static final boolean DEBUG = false;
/**
* <p>A randomly or pseudorandomly generated integer with <code>0 &lt; x &lt;
* q</code>.</p>
* A randomly or pseudorandomly generated integer with <code>0 &lt; x &lt;
* q</code>.
*/
private final BigInteger x;
/** String representation of this key. Cached for speed. */
private transient String str;
// Constructor(s)
// -------------------------------------------------------------------------
/**
* Convenience constructor. Calls the constructor with 5 arguments passing
* {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
@ -104,13 +100,9 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
: preferredFormat,
p, q, g);
this.x = x;
}
// Class methods
// -------------------------------------------------------------------------
/**
* A class method that takes the output of the <code>encodePrivateKey()</code>
* method of a DSS keypair codec object (an instance implementing
@ -135,30 +127,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
catch (IllegalArgumentException ignored)
{
}
// try PKCS#8 codec
return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k);
}
// Instance methods
// -------------------------------------------------------------------------
// java.security.interfaces.DSAPrivateKey interface implementation ---------
public BigInteger getX()
{
return x;
}
// Other instance methods --------------------------------------------------
/**
* <p>Returns the encoded form of this private key according to the
* designated format.</p>
*
* Returns the encoded form of this private key according to the designated
* format.
*
* @param format the desired format identifier of the resulting encoding.
* @return the byte sequence encoding this key according to the designated
* format.
* format.
* @exception IllegalArgumentException if the format is not supported.
* @see DSSKeyPairRawCodec
*/
@ -181,24 +165,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
}
/**
* <p>Returns <code>true</code> if the designated object is an instance of
* Returns <code>true</code> if the designated object is an instance of
* {@link DSAPrivateKey} and has the same DSS (Digital Signature Standard)
* parameter values as this one.</p>
*
* parameter values as this one.
*
* @param obj the other non-null DSS key to compare to.
* @return <code>true</code> if the designated object is of the same type and
* value as this one.
* @return <code>true</code> if the designated object is of the same type
* and value as this one.
*/
public boolean equals(Object obj)
{
if (obj == null)
{
return false;
}
if (!(obj instanceof DSAPrivateKey))
{
return false;
}
return false;
if (! (obj instanceof DSAPrivateKey))
return false;
DSAPrivateKey that = (DSAPrivateKey) obj;
return super.equals(that) && x.equals(that.getX());
}
@ -207,13 +189,15 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
{
if (str == null)
{
String ls = SystemProperties.getProperty("line.separator");
String ls = (String) AccessController.doPrivileged
(new GetPropertyAction("line.separator"));
str = new StringBuilder(this.getClass().getName()).append("(")
.append(super.toString()).append(",").append(ls)
.append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls)
.append(")").toString();
.append(super.toString()).append(",").append(ls)
.append("x=0x").append(Configuration.DEBUG ? x.toString(16)
: "**...*").append(ls)
.append(")")
.toString();
}
return str;
}
}

72
libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
View file

@ -38,36 +38,33 @@ exception statement from your version. */
package gnu.java.security.key.dss;
import gnu.classpath.SystemProperties;
import gnu.java.security.Registry;
import gnu.java.security.action.GetPropertyAction;
import gnu.java.security.key.IKeyPairCodec;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
/**
* <p>An object that embodies a DSS (Digital Signature Standard) public key.</p>
* An object that embodies a DSS (Digital Signature Standard) public key.
*
* @see #getEncoded
*/
public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
public class DSSPublicKey
extends DSSKey
implements PublicKey, DSAPublicKey
{
// Constants and variables
// -------------------------------------------------------------------------
/**
* <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the private
* part of the DSA key.
* <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the
* private part of the DSA key.
*/
private final BigInteger y;
/** String representation of this key. Cached for speed. */
private transient String str;
// Constructor(s)
// -------------------------------------------------------------------------
/**
* Conveience constructor. Calls the constructor with 5 arguments passing
* {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
@ -85,8 +82,8 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
}
/**
* Constructs a new instance of <code>DSSPublicKey</code> given the designated
* arguments.
* Constructs a new instance of <code>DSSPublicKey</code> given the
* designated arguments.
*
* @param preferredFormat the identifier of the preferred encoding format to
* use when externalizing this key.
@ -102,13 +99,9 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID
: preferredFormat,
p, q, g);
this.y = y;
}
// Class methods
// -------------------------------------------------------------------------
/**
* A class method that takes the output of the <code>encodePublicKey()</code>
* method of a DSS keypair codec object (an instance implementing
@ -133,30 +126,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
catch (IllegalArgumentException ignored)
{
}
// try X.509 codec
return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k);
}
// Instance methods
// -------------------------------------------------------------------------
// java.security.interfaces.DSAPublicKey interface implementation ----------
public BigInteger getY()
{
return y;
}
// Other instance methods --------------------------------------------------
/**
* <p>Returns the encoded form of this public key according to the designated
* format.</p>
* Returns the encoded form of this public key according to the designated
* format.
*
* @param format the desired format identifier of the resulting encoding.
* @return the byte sequence encoding this key according to the designated
* format.
* format.
* @exception IllegalArgumentException if the format is not supported.
* @see DSSKeyPairRawCodec
*/
@ -179,24 +164,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
}
/**
* <p>Returns <code>true</code> if the designated object is an instance of
* Returns <code>true</code> if the designated object is an instance of
* {@link DSAPublicKey} and has the same DSS (Digital Signature Standard)
* parameter values as this one.</p>
* parameter values as this one.
*
* @param obj the other non-null DSS key to compare to.
* @return <code>true</code> if the designated object is of the same type and
* value as this one.
* @return <code>true</code> if the designated object is of the same type
* and value as this one.
*/
public boolean equals(Object obj)
{
if (obj == null)
{
return false;
}
if (!(obj instanceof DSAPublicKey))
{
return false;
}
return false;
if (! (obj instanceof DSAPublicKey))
return false;
DSAPublicKey that = (DSAPublicKey) obj;
return super.equals(that) && y.equals(that.getY());
}
@ -205,13 +188,14 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
{
if (str == null)
{
String ls = SystemProperties.getProperty("line.separator");
String ls = (String) AccessController.doPrivileged
(new GetPropertyAction("line.separator"));
str = new StringBuilder(this.getClass().getName()).append("(")
.append(super.toString()).append(",").append(ls)
.append("y=0x").append(y.toString(16)).append(ls)
.append(")").toString();
.append(super.toString()).append(",").append(ls)
.append("y=0x").append(y.toString(16)).append(ls)
.append(")")
.toString();
}
return str;
}
}

108
libjava/classpath/gnu/java/security/key/dss/FIPS186.java
View file

@ -40,26 +40,21 @@ package gnu.java.security.key.dss;
import gnu.java.security.hash.Sha160;
import gnu.java.security.util.PRNG;
import gnu.java.security.util.Prime2;
import java.math.BigInteger;
import java.security.SecureRandom;
/**
* <p>An implementation of the DSA parameters generation as described in
* FIPS-186.</p>
*
* References:<br>
* An implementation of the DSA parameters generation as described in FIPS-186.
* <p>
* References:
* <p>
* <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
* Standard (DSS)</a>, Federal Information Processing Standards Publication 186.
* National Institute of Standards and Technology.
* Standard (DSS)</a>, Federal Information Processing Standards Publication
* 186. National Institute of Standards and Technology.
*/
public class FIPS186
{
// Constants and variables
// -------------------------------------------------------------------------
public static final int DSA_PARAMS_SEED = 0;
public static final int DSA_PARAMS_COUNTER = 1;
@ -73,7 +68,7 @@ public class FIPS186
public static final int DSA_PARAMS_G = 5;
/** The BigInteger constant 2. */
private static final BigInteger TWO = new BigInteger("2");
private static final BigInteger TWO = BigInteger.valueOf(2L);
private static final BigInteger TWO_POW_160 = TWO.pow(160);
@ -89,9 +84,6 @@ public class FIPS186
/** Our default source of randomness. */
private PRNG prng = null;
// Constructor(s)
// -------------------------------------------------------------------------
public FIPS186(int L, SecureRandom rnd)
{
super();
@ -100,38 +92,31 @@ public class FIPS186
this.rnd = rnd;
}
// Class methods
// -------------------------------------------------------------------------
// Instance methods
// -------------------------------------------------------------------------
/**
* This method generates the DSS <code>p</code>, <code>q</code>, and
* <code>g</code> parameters only when <code>L</code> (the modulus length)
* is not one of the following: <code>512</code>, <code>768</code> and
* <code>1024</code>. For those values of <code>L</code>, this implementation
* uses pre-computed values of <code>p</code>, <code>q</code>, and
* <code>g</code> given in the document <i>CryptoSpec</i> included in the
* security guide documentation of the standard JDK distribution.<p>
*
* <code>1024</code>. For those values of <code>L</code>, this
* implementation uses pre-computed values of <code>p</code>,
* <code>q</code>, and <code>g</code> given in the document <i>CryptoSpec</i>
* included in the security guide documentation of the standard JDK
* distribution.
* <p>
* The DSS requires two primes , <code>p</code> and <code>q</code>,
* satisfying the following three conditions:
*
* <ul>
* <li><code>2<sup>159</sup> &lt; q &lt; 2<sup>160</sup></code></li>
* <li><code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for a
* specified <code>L</code>, where <code>L = 512 + 64j</code> for some
* <code>0 &lt;= j &lt;= 8</code></li>
* <li>q divides p - 1.</li>
* <li><code>2<sup>159</sup> &lt; q &lt; 2<sup>160</sup></code></li>
* <li><code>2<sup>L-1</sup> &lt; p &lt; 2<sup>L</sup></code> for a
* specified <code>L</code>, where <code>L = 512 + 64j</code> for some
* <code>0 &lt;= j &lt;= 8</code></li>
* <li>q divides p - 1.</li>
* </ul>
*
* The algorithm used to find these primes is as described in FIPS-186,
* section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by
* using the {@link Sha160} and a user supplied <i>SEED</i>
* to construct a prime, <code>q</code>, in the range 2<sup>159</sup> &lt; q
* &lt; 2<sup>160</sup>. Once this is accomplished, the same <i>SEED</i>
* value is used to construct an <code>X</code> in the range <code>2<sup>L-1
* using the {@link Sha160} and a user supplied <i>SEED</i> to construct a
* prime, <code>q</code>, in the range 2<sup>159</sup> &lt; q &lt; 2<sup>160</sup>.
* Once this is accomplished, the same <i>SEED</i> value is used to construct
* an <code>X</code> in the range <code>2<sup>L-1
* </sup> &lt; X &lt; 2<sup>L</sup>. The prime, <code>p</code>, is then
* formed by rounding <code>X</code> to a number congruent to <code>1 mod
* 2q</code>. In this implementation we use the same <i>SEED</i> value given
@ -169,9 +154,8 @@ public class FIPS186
u = sha.digest();
}
for (int i = 0; i < a.length; i++)
{
a[i] ^= u[i];
}
a[i] ^= u[i];
U = new BigInteger(1, a);
// 3. Form q from U by setting the most significant bit (the
// 2**159 bit) and the least significant bit to 1. In terms of
@ -183,12 +167,9 @@ public class FIPS186
// probability of a non-prime number passing the test is at
// most 1/2**80.
// 5. If q is not prime, go to step 1.
if (Prime2.isProbablePrime(q))
{
break step1;
}
if (q.isProbablePrime(80))
break step1;
} // step1
// 6. Let counter = 0 and offset = 2.
counter = 0;
offset = 2;
@ -201,9 +182,9 @@ public class FIPS186
{
for (int k = 0; k <= n; k++)
{
a = SEED_PLUS_OFFSET.add(
BigInteger.valueOf(k & 0xFFFFFFFFL)).mod(
TWO_POW_160).toByteArray();
a = SEED_PLUS_OFFSET
.add(BigInteger.valueOf(k & 0xFFFFFFFFL))
.mod(TWO_POW_160).toByteArray();
sha.update(a, 0, a.length);
V[k] = new BigInteger(1, sha.digest());
}
@ -214,9 +195,8 @@ public class FIPS186
// Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L.
W = V[0];
for (int k = 1; k < n; k++)
{
W = W.add(V[k].multiply(TWO.pow(k * 160)));
}
W = W.add(V[k].multiply(TWO.pow(k * 160)));
W = W.add(V[n].mod(TWO.pow(b)).multiply(TWO.pow(n * 160)));
X = W.add(TWO.pow(L - 1));
// 9. Let c = X mod 2q and set p = X - (c - 1).
@ -228,22 +208,17 @@ public class FIPS186
{
// 11. Perform a robust primality test on p.
// 12. If p passes the test performed in step 11, go to step 15.
if (Prime2.isProbablePrime(p))
{
break algorithm;
}
if (p.isProbablePrime(80))
break algorithm;
}
// 13. Let counter = counter + 1 and offset = offset + n + 1.
counter++;
offset += n + 1;
// 14. If counter >= 4096 go to step 1, otherwise go to step 7.
if (counter >= 4096)
{
continue algorithm;
}
continue algorithm;
} // step7
} // algorithm
// compute g. from FIPS-186, Appendix 4:
// 1. Generate p and q as specified in Appendix 2.
// 2. Let e = (p - 1) / q
@ -258,28 +233,21 @@ public class FIPS186
// 4. Set g = h**e mod p
g = h.modPow(e, p);
// 5. If g = 1, go to step 3
if (!g.equals(BigInteger.ONE))
{
break;
}
if (! g.equals(BigInteger.ONE))
break;
}
return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g };
}
// helper methods ----------------------------------------------------------
/**
* Fills the designated byte array with random data.
*
*
* @param buffer the byte array to fill with random data.
*/
private void nextRandomBytes(byte[] buffer)
{
if (rnd != null)
{
rnd.nextBytes(buffer);
}
rnd.nextBytes(buffer);
else
getDefaultPRNG().nextBytes(buffer);
}