diff options
Diffstat (limited to 'libjava/classpath/gnu/java/security/jce/sig')
18 files changed, 2316 insertions, 0 deletions
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java new file mode 100644 index 000000000..ec993432c --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyFactory.java @@ -0,0 +1,221 @@ +/* DSSKeyFactory.java -- JCE DSA key factory Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairPKCS8Codec; +import gnu.java.security.key.dss.DSSKeyPairX509Codec; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.dss.DSSPublicKey; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +/** + * DSA key factory. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +public class DSSKeyFactory + extends KeyFactorySpi +{ + // implicit 0-arguments constructor + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DSAPublicKeySpec) + { + DSAPublicKeySpec spec = (DSAPublicKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + if (keySpec instanceof X509EncodedKeySpec) + { + X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PublicKey result; + try + { + result = new DSSKeyPairX509Codec().decodePublicKey(encoded); + return result; + } + catch (RuntimeException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof DSAPrivateKeySpec) + { + DSAPrivateKeySpec spec = (DSAPrivateKeySpec) keySpec; + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + if (keySpec instanceof PKCS8EncodedKeySpec) + { + PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PrivateKey result; + try + { + result = new DSSKeyPairPKCS8Codec().decodePrivateKey(encoded); + return result; + } + catch (RuntimeException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof DSAPublicKey) + { + if (keySpec.isAssignableFrom(DSAPublicKeySpec.class)) + { + DSAPublicKey dsaKey = (DSAPublicKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger y = dsaKey.getY(); + return new DSAPublicKeySpec(y, p, q, g); + } + if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + { + if (key instanceof DSSPublicKey) + { + DSSPublicKey dssKey = (DSSPublicKey) key; + byte[] encoded = dssKey.getEncoded(Registry.X509_ENCODING_ID); + return new X509EncodedKeySpec(encoded); + } + if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new X509EncodedKeySpec(encoded); + } + throw new InvalidKeySpecException( + "Wrong key type or unsupported (public) key specification"); + } + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + if (key instanceof DSAPrivateKey) + { + if (keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) + { + DSAPrivateKey dsaKey = (DSAPrivateKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger x = dsaKey.getX(); + return new DSAPrivateKeySpec(x, p, q, g); + } + if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + { + if (key instanceof DSSPrivateKey) + { + DSSPrivateKey dssKey = (DSSPrivateKey) key; + byte[] encoded = dssKey.getEncoded(Registry.PKCS8_ENCODING_ID); + return new PKCS8EncodedKeySpec(encoded); + } + if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new PKCS8EncodedKeySpec(encoded); + } + throw new InvalidKeySpecException( + "Wrong key type or unsupported (private) key specification"); + } + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + throw new InvalidKeySpecException("Wrong key type or unsupported key specification"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof DSSPublicKey) || (key instanceof DSSPrivateKey)) + return key; + + if (key instanceof DSAPublicKey) + { + DSAPublicKey dsaKey = (DSAPublicKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger y = dsaKey.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + if (key instanceof DSAPrivateKey) + { + DSAPrivateKey dsaKey = (DSAPrivateKey) key; + BigInteger p = dsaKey.getParams().getP(); + BigInteger q = dsaKey.getParams().getQ(); + BigInteger g = dsaKey.getParams().getG(); + BigInteger x = dsaKey.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + throw new InvalidKeyException("Wrong key type"); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java new file mode 100644 index 000000000..2d33e1621 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java @@ -0,0 +1,146 @@ +/* DSSKeyPairGeneratorSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairGenerator; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.SecureRandom; +import java.security.interfaces.DSAKeyPairGenerator; +import java.security.interfaces.DSAParams; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.util.HashMap; + +/** + * The implementation of a {@link java.security.KeyPairGenerator} adapter class + * to wrap GNU DSS keypair generator instances. + * <p> + * In case the client does not explicitly initialize the KeyPairGenerator (via a + * call to an <code>initialize()</code> method), the GNU provider uses a + * default <i>modulus</i> size (keysize) of 1024 bits. + */ +public class DSSKeyPairGeneratorSpi + extends KeyPairGeneratorAdapter + implements DSAKeyPairGenerator +{ + public DSSKeyPairGeneratorSpi() + { + super(Registry.DSS_KPG); + } + + public void initialize(int keysize, SecureRandom random) + { + this.initialize(keysize, false, random); + } + + public void initialize(AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + HashMap attributes = new HashMap(); + if (params != null) + { + if (! (params instanceof DSAParameterSpec)) + throw new InvalidAlgorithmParameterException( + "Parameters argument is not a non-null instance, or " + + "sub-instance, of java.security.spec.DSAParameterSpec"); + attributes.put(DSSKeyPairGenerator.DSS_PARAMETERS, params); + } + if (random != null) + attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + Integer.valueOf(Registry.ASN1_ENCODING_ID)); + try + { + adaptee.setup(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidAlgorithmParameterException(x.getMessage(), x); + } + } + + public void initialize(DSAParams params, SecureRandom random) + throws InvalidParameterException + { + if (params == null || !(params instanceof DSAParameterSpec)) + throw new InvalidParameterException( + "Parameters argument is either null or is not an instance, or " + + "sub-instance, of java.security.spec.DSAParameterSpec"); + DSAParameterSpec spec = (DSAParameterSpec) params; + try + { + this.initialize((AlgorithmParameterSpec) spec, random); + } + catch (InvalidAlgorithmParameterException x) + { + InvalidParameterException y = new InvalidParameterException(x.getMessage()); + y.initCause(x); + throw y; + } + } + + public void initialize(int modlen, boolean genParams, SecureRandom random) + throws InvalidParameterException + { + HashMap attributes = new HashMap(); + attributes.put(DSSKeyPairGenerator.MODULUS_LENGTH, Integer.valueOf(modlen)); + if (random != null) + attributes.put(DSSKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(DSSKeyPairGenerator.USE_DEFAULTS, + Boolean.valueOf(! genParams)); + attributes.put(DSSKeyPairGenerator.STRICT_DEFAULTS, Boolean.TRUE); + attributes.put(DSSKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + Integer.valueOf(Registry.ASN1_ENCODING_ID)); + try + { + adaptee.setup(attributes); + } + catch (IllegalArgumentException x) + { + InvalidParameterException y = new InvalidParameterException(x.getMessage()); + y.initCause(x); + throw y; + } + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java new file mode 100644 index 000000000..fbf778dae --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSParameters.java @@ -0,0 +1,220 @@ +/* DSSParameters.java -- DSS parameters DAO + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.lang.CPStringBuilder; + +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.util.DerUtil; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.AlgorithmParametersSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.ArrayList; + +/** + * A JCE-specific Data Access Object (DAO) for DSS parameters. + */ +public class DSSParameters + extends AlgorithmParametersSpi +{ + /** + * A prime modulus, where <code>2<sup>L-1</sup> < p < 2<sup>L</sup></code> + * for <code>512 <= L <= 1024</code> and <code>L</code> a multiple of + * <code>64</code>. + */ + private BigInteger p; + + /** + * A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup> < q + * < 2<sup>160</sup></code>. + */ + private BigInteger q; + + /** + * <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is any + * integer with <code>1 < h < p - 1</code> such that <code>h<sup> + * (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order <code>q mod p + * </code>). + */ + private BigInteger g; + + // default 0-arguments constructor + + protected void engineInit(AlgorithmParameterSpec spec) + throws InvalidParameterSpecException + { + if (! (spec instanceof DSAParameterSpec)) + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + DSAParameterSpec dsaSpec = (DSAParameterSpec) spec; + p = dsaSpec.getP(); + q = dsaSpec.getQ(); + g = dsaSpec.getG(); + } + + /** + * Decodes the set of DSS parameters as per RFC-2459; i.e. the DER-encoded + * form of the following ASN.1 construct: + * + * <pre> + * DssParams ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER + * } + * </pre> + */ + protected void engineInit(byte[] params) throws IOException + { + DERReader der = new DERReader(params); + + DERValue derParams = der.read(); + DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + } + + protected void engineInit(byte[] params, String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + engineInit(params); + } + + protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (! paramSpec.isAssignableFrom(DSAParameterSpec.class)) + throw new InvalidParameterSpecException("Wrong AlgorithmParameterSpec type: " + + paramSpec.getName()); + return new DSAParameterSpec(p, q, g); + } + + /** + * Encodes the set of DSS parameters as per RFC-2459; i.e. as the DER-encoded + * form of the following ASN.1 construct: + * + * <pre> + * DssParams ::= SEQUENCE { + * p INTEGER, + * q INTEGER, + * g INTEGER + * } + * </pre> + */ + protected byte[] engineGetEncoded() throws IOException + { + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derQ = new DERValue(DER.INTEGER, q); + DERValue derG = new DERValue(DER.INTEGER, g); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derQ); + params.add(derG); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + DERWriter.write(baos, derParams); + byte[] result = baos.toByteArray(); + + return result; + } + + protected byte[] engineGetEncoded(String format) throws IOException + { + if (format != null) + { + format = format.trim(); + if (format.length() == 0) + throw new IOException("Format MUST NOT be an empty string"); + + if (! format.equalsIgnoreCase(Registry.ASN1_ENCODING_SHORT_NAME)) + throw new IOException("Unknown or unsupported format: " + format); + } + return engineGetEncoded(); + } + + protected String engineToString() + { + CPStringBuilder sb = new CPStringBuilder("p="); + if (p == null) + sb.append("???"); + else + sb.append("0x").append(p.toString(16)); + + sb.append(", q="); + if (q == null) + sb.append("???"); + else + sb.append("0x").append(q.toString(16)); + + sb.append(", g="); + if (g == null) + sb.append("???"); + else + sb.append("0x").append(g.toString(16)); + + return sb.toString(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java b/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java new file mode 100644 index 000000000..09c138610 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSParametersGenerator.java @@ -0,0 +1,125 @@ +/* DSSParametersGenerator.java -- JCE Adapter for a generator of DSS parameters + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSKeyPairGenerator; +import gnu.java.security.key.dss.FIPS186; +import gnu.java.security.provider.Gnu; + +import java.math.BigInteger; +import java.security.AlgorithmParameterGeneratorSpi; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +/** + * A JCE Adapter for a generator of DSS parameters. + */ +public class DSSParametersGenerator + extends AlgorithmParameterGeneratorSpi +{ + private static final Provider GNU = new Gnu(); + + /** Size of the public modulus in bits. */ + private int modulusLength = -1; + + /** User specified source of randomness. */ + private SecureRandom rnd; + + /** Our concrete DSS parameters generator. */ + private FIPS186 fips; + + // default 0-arguments constructor + + protected void engineInit(int size, SecureRandom random) + { + if ((size % 64) != 0 || size < 512 || size > 1024) + throw new InvalidParameterException("Modulus size/length (in bits) MUST " + + "be a multiple of 64, greater than " + + "or equal to 512, and less than or " + + "equal to 1024"); + this.modulusLength = size; + this.rnd = random; + } + + protected void engineInit(AlgorithmParameterSpec spec, SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (! (spec instanceof DSAParameterSpec)) + throw new InvalidAlgorithmParameterException("Wrong AlgorithmParameterSpec type: " + + spec.getClass().getName()); + DSAParameterSpec dsaSpec = (DSAParameterSpec) spec; + BigInteger p = dsaSpec.getP(); + int size = p.bitLength(); + this.engineInit(size, random); + } + + protected AlgorithmParameters engineGenerateParameters() + { + if (modulusLength < 1) + modulusLength = DSSKeyPairGenerator.DEFAULT_MODULUS_LENGTH; + + fips = new FIPS186(modulusLength, rnd); + BigInteger[] params = fips.generateParameters(); + BigInteger p = params[3]; + BigInteger q = params[2]; + BigInteger g = params[5]; + DSAParameterSpec spec = new DSAParameterSpec(p, q, g); + AlgorithmParameters result = null; + try + { + result = AlgorithmParameters.getInstance(Registry.DSS_KPG, GNU); + result.init(spec); + } + catch (NoSuchAlgorithmException ignore) + { + } + catch (InvalidParameterSpecException ignore) + { + } + return result; + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java new file mode 100644 index 000000000..edee4e577 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java @@ -0,0 +1,56 @@ +/* DSSRawSignatureSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.dss.DSSSignatureRawCodec; + +/** + * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) + * adapter for the DSS (Digital Signature Standard) signature scheme, encoded + * and/or decoded in RAW format. + */ +public class DSSRawSignatureSpi + extends SignatureAdapter +{ + public DSSRawSignatureSpi() + { + super(Registry.DSS_SIG, new DSSSignatureRawCodec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java new file mode 100644 index 000000000..19ec088c5 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/EncodedKeyFactory.java @@ -0,0 +1,430 @@ +/* EncodedKeyFactory.java -- JCE Encoded key factory Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Configuration; +import gnu.java.security.Registry; +import gnu.java.security.key.dss.DSSPrivateKey; +import gnu.java.security.key.dss.DSSPublicKey; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; + +import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.security.spec.X509EncodedKeySpec; +import java.util.logging.Level; +import java.util.logging.Logger; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHPrivateKeySpec; +import javax.crypto.spec.DHPublicKeySpec; + +/** + * A factory for keys encoded in either the X.509 format (for public keys) or + * the PKCS#8 format (for private keys). + */ +public class EncodedKeyFactory + extends KeyFactorySpi +{ + private static final Logger log = Logger.getLogger(EncodedKeyFactory.class.getName()); + + private static Object invokeConstructor(String className, Object[] params) + throws InvalidKeySpecException + { + Class clazz = getConcreteClass(className); + try + { + Constructor ctor = getConcreteCtor(clazz); + Object result = ctor.newInstance(params); + return result; + } + catch (InstantiationException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + catch (IllegalAccessException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + catch (InvocationTargetException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + + private static Class getConcreteClass(String className) + throws InvalidKeySpecException + { + try + { + Class result = Class.forName(className); + return result; + } + catch (ClassNotFoundException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + + private static Constructor getConcreteCtor(Class clazz) + throws InvalidKeySpecException + { + try + { + Constructor result = clazz.getConstructor(new Class[] {int.class, + BigInteger.class, + BigInteger.class, + BigInteger.class, + BigInteger.class}); + return result; + } + catch (NoSuchMethodException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + + private static Object invokeValueOf(String className, byte[] encoded) + throws InvalidKeySpecException + { + Class clazz = getConcreteClass(className); + try + { + Method valueOf = getValueOfMethod(clazz); + Object result = valueOf.invoke(null, new Object[] { encoded }); + return result; + } + catch (IllegalAccessException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + catch (InvocationTargetException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + + private static Method getValueOfMethod(Class clazz) + throws InvalidKeySpecException + { + try + { + Method result = clazz.getMethod("valueOf", new Class[] {byte[].class}); + return result; + } + catch (NoSuchMethodException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec); + PublicKey result = null; + if (keySpec instanceof DSAPublicKeySpec) + result = decodeDSSPublicKey((DSAPublicKeySpec) keySpec); + else if (keySpec instanceof RSAPublicKeySpec) + result = decodeRSAPublicKey((RSAPublicKeySpec) keySpec); + else if (keySpec instanceof DHPublicKeySpec) + result = decodeDHPublicKey((DHPublicKeySpec) keySpec); + else + { + if (! (keySpec instanceof X509EncodedKeySpec)) + throw new InvalidKeySpecException("Unsupported key specification"); + + byte[] input = ((X509EncodedKeySpec) keySpec).getEncoded(); + boolean ok = false; + // try DSS + try + { + result = DSSPublicKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore", + ignored); + } + if (! ok) // try RSA + try + { + result = GnuRSAPublicKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + if (Configuration.DEBUG) + log.log(Level.FINE, + "Exception in GnuRSAPublicKey.valueOf(). Ignore", + ignored); + } + if (! ok) // try DH + result = decodeDHPublicKey(input); + } + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGeneratePublic()", result); + return result; + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec); + PrivateKey result = null; + if (keySpec instanceof DSAPrivateKeySpec) + result = decodeDSSPrivateKey((DSAPrivateKeySpec) keySpec); + else if (keySpec instanceof RSAPrivateCrtKeySpec) + result = decodeRSAPrivateKey((RSAPrivateCrtKeySpec) keySpec); + else if (keySpec instanceof DHPrivateKeySpec) + result = decodeDHPrivateKey((DHPrivateKeySpec) keySpec); + else + { + if (! (keySpec instanceof PKCS8EncodedKeySpec)) + throw new InvalidKeySpecException("Unsupported key specification"); + + byte[] input = ((PKCS8EncodedKeySpec) keySpec).getEncoded(); + boolean ok = false; + // try DSS + try + { + result = DSSPrivateKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore", + ignored); + } + if (! ok) // try RSA + try + { + result = GnuRSAPrivateKey.valueOf(input); + ok = true; + } + catch (InvalidParameterException ignored) + { + if (Configuration.DEBUG) + log.log(Level.FINE, + "Exception in GnuRSAPrivateKey.valueOf(). Ignore", + ignored); + } + if (! ok) // try DH + result = decodeDHPrivateKey(input); + } + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result); + return result; + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof PublicKey + && Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat()) + && keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + return new X509EncodedKeySpec(key.getEncoded()); + + if (key instanceof PrivateKey + && Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat()) + && keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + return new PKCS8EncodedKeySpec(key.getEncoded()); + + throw new InvalidKeySpecException("Unsupported format or invalid key spec class"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + throw new InvalidKeyException("Key translation not supported"); + } + + /** + * @param spec an instance of {@link DSAPublicKeySpec} to decode. + * @return an instance of {@link DSSPublicKey} constructed from the + * information in the designated key-specification. + */ + private DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec) + { + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); + } + + /** + * @param spec an instance of {@link RSAPublicKeySpec} to decode. + * @return an instance of {@link GnuRSAPublicKey} constructed from the + * information in the designated key-specification. + */ + private GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec) + { + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + + /** + * @param spec an instance of {@link DHPublicKeySpec} to decode. + * @return an instance of a {@link DHPublicKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPublicKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec) + throws InvalidKeySpecException + { + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger y = spec.getY(); + Object[] params = new Object[] {Integer.valueOf(Registry.X509_ENCODING_ID), + null, p, g, y}; + Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPublicKey", + params); + return (DHPublicKey) obj; + } + + /** + * @param encoded the bytes to decode. + * @return an instance of a {@link DHPublicKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPublicKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPublicKey decodeDHPublicKey(byte[] encoded) + throws InvalidKeySpecException + { + Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPublicKey", + encoded); + return (DHPublicKey) obj; + } + + /** + * @param spec an instance of {@link DSAPrivateKeySpec} to decode. + * @return an instance of {@link DSSPrivateKey} constructed from the + * information in the designated key-specification. + */ + private PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec) + { + BigInteger p = spec.getP(); + BigInteger q = spec.getQ(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); + } + + /** + * @param spec an instance of {@link RSAPrivateCrtKeySpec} to decode. + * @return an instance of {@link GnuRSAPrivateKey} constructed from the + * information in the designated key-specification. + */ + private PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec) + { + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + BigInteger d = spec.getPrivateExponent(); + BigInteger p = spec.getPrimeP(); + BigInteger q = spec.getPrimeQ(); + BigInteger dP = spec.getPrimeExponentP(); + BigInteger dQ = spec.getPrimeExponentQ(); + BigInteger qInv = spec.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + + /** + * @param spec an instance of {@link DHPrivateKeySpec} to decode. + * @return an instance of a {@link DHPrivateKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPrivateKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec) + throws InvalidKeySpecException + { + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + BigInteger x = spec.getX(); + Object[] params = new Object[] {Integer.valueOf(Registry.PKCS8_ENCODING_ID), + null, p, g, x}; + Object obj = invokeConstructor("gnu.javax.crypto.key.dh.GnuDHPrivateKey", + params); + return (DHPrivateKey) obj; + } + + /** + * @param encoded the bytes to decode. + * @return an instance of a {@link DHPrivateKey} constructed from the + * information in the designated key-specification. + * @throws InvalidKeySpecException if no concrete implementation of the + * {@link DHPrivateKey} interface exists at run-time, or if an + * exception occurs during its instantiation. + */ + private DHPrivateKey decodeDHPrivateKey(byte[] encoded) + throws InvalidKeySpecException + { + Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPrivateKey", + encoded); + return (DHPrivateKey) obj; + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java new file mode 100644 index 000000000..9d3e5efdd --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java @@ -0,0 +1,95 @@ +/* KeyPairGeneratorAdapter.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.key.IKeyPairGenerator; +import gnu.java.security.key.KeyPairGeneratorFactory; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +/** + * The implementation of a generic {@link java.security.KeyPairGenerator} + * adapter class to wrap GNU keypair generator instances. + * <p> + * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for + * the {@link java.security.KeyPairGenerator} class, which is used to generate + * pairs of public and private keys. + * <p> + * All the abstract methods in the {@link java.security.KeyPairGeneratorSpi} + * class are implemented by this class and all its sub-classes. + * <p> + * In case the client does not explicitly initialize the KeyPairGenerator (via a + * call to an <code>initialize()</code> method), the GNU provider supplies + * (and document) default values to be used. For example, the GNU provider uses + * a default <i>modulus</i> size (keysize) of 1024 bits for the DSS (Digital + * Signature Standard) a.k.a <i>DSA</i>. + */ +public abstract class KeyPairGeneratorAdapter + extends KeyPairGenerator +{ + /** Our underlying keypair instance. */ + protected IKeyPairGenerator adaptee; + + /** + * Trivial protected constructor. + * + * @param kpgName the canonical name of the keypair generator algorithm. + */ + protected KeyPairGeneratorAdapter(String kpgName) + { + super(kpgName); + + this.adaptee = KeyPairGeneratorFactory.getInstance(kpgName); + } + + public abstract void initialize(int keysize, SecureRandom random); + + public abstract void initialize(AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException; + + public KeyPair generateKeyPair() + { + return adaptee.generate(); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java new file mode 100644 index 000000000..353be2185 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/MD2withRSA.java @@ -0,0 +1,56 @@ +/* MD2WithRSA.java -- RSA PKCS1 with MD2 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with MD2 hash and X.509 + * encoding format. + */ +public class MD2withRSA + extends SignatureAdapter +{ + public MD2withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD2_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java new file mode 100644 index 000000000..42c481b0a --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/MD5withRSA.java @@ -0,0 +1,56 @@ +/* MD5withRSA.java -- RSA PKCS1 with MD5 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with MD5 hash and X.509 + * encoding format. + */ +public class MD5withRSA + extends SignatureAdapter +{ + public MD5withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.MD5_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java new file mode 100644 index 000000000..3ba49edc2 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java @@ -0,0 +1,231 @@ +/* RSAKeyFactory.java -- RSA key-factory JCE Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.rsa.GnuRSAPrivateKey; +import gnu.java.security.key.rsa.GnuRSAPublicKey; +import gnu.java.security.key.rsa.RSAKeyPairPKCS8Codec; +import gnu.java.security.key.rsa.RSAKeyPairX509Codec; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPrivateKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.security.spec.X509EncodedKeySpec; + +public class RSAKeyFactory + extends KeyFactorySpi +{ + // implicit 0-arguments constructor + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof RSAPublicKeySpec) + { + RSAPublicKeySpec spec = (RSAPublicKeySpec) keySpec; + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + if (keySpec instanceof X509EncodedKeySpec) + { + X509EncodedKeySpec spec = (X509EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PublicKey result; + try + { + return new RSAKeyPairX509Codec().decodePublicKey(encoded); + } + catch (RuntimeException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof RSAPrivateCrtKeySpec) + { + RSAPrivateCrtKeySpec spec = (RSAPrivateCrtKeySpec) keySpec; + BigInteger n = spec.getModulus(); + BigInteger e = spec.getPublicExponent(); + BigInteger d = spec.getPrivateExponent(); + BigInteger p = spec.getPrimeP(); + BigInteger q = spec.getPrimeQ(); + BigInteger dP = spec.getPrimeExponentP(); + BigInteger dQ = spec.getPrimeExponentQ(); + BigInteger qInv = spec.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + if (keySpec instanceof PKCS8EncodedKeySpec) + { + PKCS8EncodedKeySpec spec = (PKCS8EncodedKeySpec) keySpec; + byte[] encoded = spec.getEncoded(); + PrivateKey result; + try + { + return new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded); + } + catch (RuntimeException x) + { + throw new InvalidKeySpecException(x.getMessage(), x); + } + } + throw new InvalidKeySpecException("Unsupported (private) key specification"); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if (key instanceof RSAPublicKey) + { + if (keySpec.isAssignableFrom(RSAPublicKeySpec.class)) + { + RSAPublicKey rsaKey = (RSAPublicKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + return new RSAPublicKeySpec(n, e); + } + if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) + { + if (key instanceof GnuRSAPublicKey) + { + GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key; + byte[] encoded = rsaKey.getEncoded(Registry.X509_ENCODING_ID); + return new X509EncodedKeySpec(encoded); + } + + if (Registry.X509_ENCODING_SORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new X509EncodedKeySpec(encoded); + } + throw new InvalidKeySpecException( + "Wrong key type or unsupported (public) key specification"); + } + throw new InvalidKeySpecException("Unsupported (public) key specification"); + } + if ((key instanceof RSAPrivateCrtKey) + && keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class)) + { + RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + BigInteger d = rsaKey.getPrivateExponent(); + BigInteger p = rsaKey.getPrimeP(); + BigInteger q = rsaKey.getPrimeQ(); + BigInteger dP = rsaKey.getPrimeExponentP(); + BigInteger dQ = rsaKey.getPrimeExponentQ(); + BigInteger qInv = rsaKey.getCrtCoefficient(); + return new RSAPrivateCrtKeySpec(n, e, d, p, q, dP, dQ, qInv); + } + if ((key instanceof RSAPrivateKey) + && keySpec.isAssignableFrom(RSAPrivateKeySpec.class)) + { + RSAPrivateKey rsaKey = (RSAPrivateKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger d = rsaKey.getPrivateExponent(); + return new RSAPrivateKeySpec(n, d); + } + if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) + { + if (key instanceof GnuRSAPrivateKey) + { + GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key; + byte[] encoded = rsaKey.getEncoded(Registry.PKCS8_ENCODING_ID); + return new PKCS8EncodedKeySpec(encoded); + } + if (Registry.PKCS8_ENCODING_SHORT_NAME.equalsIgnoreCase(key.getFormat())) + { + byte[] encoded = key.getEncoded(); + return new PKCS8EncodedKeySpec(encoded); + } + throw new InvalidKeySpecException( + "Wrong key type or unsupported (private) key specification"); + } + throw new InvalidKeySpecException( + "Wrong key type or unsupported key specification"); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof GnuRSAPublicKey) || (key instanceof GnuRSAPrivateKey)) + return key; + + if (key instanceof RSAPublicKey) + { + RSAPublicKey rsaKey = (RSAPublicKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + return new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); + } + if (key instanceof RSAPrivateCrtKey) + { + RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey) key; + BigInteger n = rsaKey.getModulus(); + BigInteger e = rsaKey.getPublicExponent(); + BigInteger d = rsaKey.getPrivateExponent(); + BigInteger p = rsaKey.getPrimeP(); + BigInteger q = rsaKey.getPrimeQ(); + BigInteger dP = rsaKey.getPrimeExponentP(); + BigInteger dQ = rsaKey.getPrimeExponentQ(); + BigInteger qInv = rsaKey.getCrtCoefficient(); + return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, + n, e, d, p, q, dP, dQ, qInv); + } + throw new InvalidKeyException("Unsupported key type"); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java new file mode 100644 index 000000000..ef53b8115 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java @@ -0,0 +1,96 @@ +/* RSAKeyPairGeneratorSpi.java -- JCE RSA KeyPairGenerator Adapter + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.key.rsa.RSAKeyPairGenerator; + +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.RSAKeyGenParameterSpec; +import java.util.HashMap; + +/** + * The implementation of a {@link java.security.KeyPairGenerator} adapter class + * to wrap GNU RSA keypair generator instances. + * <p> + * In case the client does not explicitly initialize the KeyPairGenerator (via a + * call to an <code>initialize()</code> method), the GNU provider uses a + * default <i>modulus</i> size (keysize) of 1024 bits. + */ +public class RSAKeyPairGeneratorSpi + extends KeyPairGeneratorAdapter +{ + public RSAKeyPairGeneratorSpi() + { + super(Registry.RSA_KPG); + } + + public void initialize(int keysize, SecureRandom random) + { + HashMap attributes = new HashMap(); + attributes.put(RSAKeyPairGenerator.MODULUS_LENGTH, Integer.valueOf(keysize)); + if (random != null) + attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + Integer.valueOf(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } + + public void initialize(AlgorithmParameterSpec params, SecureRandom random) + throws InvalidAlgorithmParameterException + { + HashMap attributes = new HashMap(); + if (params != null) + { + if (! (params instanceof RSAKeyGenParameterSpec)) + throw new InvalidAlgorithmParameterException("params"); + + attributes.put(RSAKeyPairGenerator.RSA_PARAMETERS, params); + } + if (random != null) + attributes.put(RSAKeyPairGenerator.SOURCE_OF_RANDOMNESS, random); + + attributes.put(RSAKeyPairGenerator.PREFERRED_ENCODING_FORMAT, + Integer.valueOf(Registry.ASN1_ENCODING_ID)); + adaptee.setup(attributes); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java new file mode 100644 index 000000000..496c9caa6 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java @@ -0,0 +1,56 @@ +/* RSAPSSRawSignatureSpi.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec; + +/** + * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) + * adapter for the RSA-PSS signature scheme, encoded and/or decoded in RAW + * format. + */ +public class RSAPSSRawSignatureSpi + extends SignatureAdapter +{ + public RSAPSSRawSignatureSpi() + { + super(Registry.RSA_PSS_SIG, new RSAPSSSignatureRawCodec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java b/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java new file mode 100644 index 000000000..c55139f46 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA160withDSS.java @@ -0,0 +1,54 @@ +/* SHA160withDSS.java -- JCE Adapter for DSS with SHA1 signatures + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.dss.DSSSignatureX509Codec; + +/** + * A JCE Adapter for providing X.509 formatted DSS with SHA1 signatures. + */ +public class SHA160withDSS + extends SignatureAdapter +{ + public SHA160withDSS() + { + super(Registry.DSS_SIG, new DSSSignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java new file mode 100644 index 000000000..d3b2054e0 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA160withRSA.java @@ -0,0 +1,56 @@ +/* SHA160withRSA.java -- RSA PKCS1 with SHA160 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA160 hash and X.509 + * encoding format. + */ +public class SHA160withRSA + extends SignatureAdapter +{ + public SHA160withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA160_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java new file mode 100644 index 000000000..d21888b59 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA256withRSA.java @@ -0,0 +1,56 @@ +/* SHA256withRSA.java -- RSA PKCS1 with SHA256 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA256 hash and X.509 + * encoding format. + */ +public class SHA256withRSA + extends SignatureAdapter +{ + public SHA256withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA256_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java new file mode 100644 index 000000000..5495ec1ca --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA384withRSA.java @@ -0,0 +1,56 @@ +/* SHA384withRSA.java -- RSA PKCS1 with SHA384 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA384 hash and X.509 + * encoding format. + */ +public class SHA384withRSA + extends SignatureAdapter +{ + public SHA384withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA384_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java b/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java new file mode 100644 index 000000000..f7632290a --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SHA512withRSA.java @@ -0,0 +1,56 @@ +/* SHA512withRSA.java -- RSA PKCS1 with SHA512 JCE signature Adapter + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Registry; +import gnu.java.security.sig.rsa.RSAPKCS1V1_5SignatureX509Codec; + +/** + * A JCE Adapter for the RSA PKCS1 (v1.5) signature with SHA512 hash and X.509 + * encoding format. + */ +public class SHA512withRSA + extends SignatureAdapter +{ + public SHA512withRSA() + { + super(Registry.RSA_PKCS1_V1_5_SIG + "-" + Registry.SHA512_HASH, + new RSAPKCS1V1_5SignatureX509Codec()); + } +} diff --git a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java new file mode 100644 index 000000000..0ed1e2f41 --- /dev/null +++ b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java @@ -0,0 +1,250 @@ +/* SignatureAdapter.java -- + Copyright 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.jce.sig; + +import gnu.java.security.Configuration; +import gnu.java.security.sig.BaseSignature; +import gnu.java.security.sig.ISignature; +import gnu.java.security.sig.ISignatureCodec; +import gnu.java.security.sig.SignatureFactory; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; +import java.util.logging.Logger; + +/** + * The implementation of a generic {@link java.security.Signature} adapter class + * to wrap GNU signature instances. + * <p> + * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>) for + * the {@link java.security.Signature} class, which provides the functionality + * of a digital signature algorithm. Digital signatures are used for + * authentication and integrity assurance of digital data. + * <p> + * All the abstract methods in the {@link SignatureSpi} class are implemented by + * this class and all its sub-classes. + * <p> + * All the implementations which subclass this object, and which are serviced by + * the GNU provider implement the {@link Cloneable} interface. + */ +class SignatureAdapter + extends SignatureSpi + implements Cloneable +{ + private static final Logger log = Logger.getLogger(SignatureAdapter.class.getName()); + + /** Our underlying signature instance. */ + private ISignature adaptee; + + /** Our underlying signature encoder/decoder engine. */ + private ISignatureCodec codec; + + /** + * Trivial protected constructor. + * + * @param sigName the canonical name of the signature scheme. + * @param codec the signature codec engine to use with this scheme. + */ + protected SignatureAdapter(String sigName, ISignatureCodec codec) + { + this(SignatureFactory.getInstance(sigName), codec); + } + + /** + * Private constructor for cloning purposes. + * + * @param adaptee a clone of the underlying signature scheme instance. + * @param codec the signature codec engine to use with this scheme. + */ + private SignatureAdapter(ISignature adaptee, ISignatureCodec codec) + { + super(); + + this.adaptee = adaptee; + this.codec = codec; + } + + public Object clone() + { + return new SignatureAdapter((ISignature) adaptee.clone(), codec); + } + + public void engineInitVerify(PublicKey publicKey) throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.VERIFIER_KEY, publicKey); + try + { + adaptee.setupVerify(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(x.getMessage(), x); + } + } + + public void engineInitSign(PrivateKey privateKey) throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.SIGNER_KEY, privateKey); + try + { + adaptee.setupSign(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(x.getMessage(), x); + } + } + + public void engineInitSign(PrivateKey privateKey, SecureRandom random) + throws InvalidKeyException + { + HashMap attributes = new HashMap(); + attributes.put(BaseSignature.SIGNER_KEY, privateKey); + attributes.put(BaseSignature.SOURCE_OF_RANDOMNESS, random); + try + { + adaptee.setupSign(attributes); + } + catch (IllegalArgumentException x) + { + throw new InvalidKeyException(x.getMessage(), x); + } + } + + public void engineUpdate(byte b) throws SignatureException + { + try + { + adaptee.update(b); + } + catch (IllegalStateException x) + { + throw new SignatureException(x.getMessage(), x); + } + } + + public void engineUpdate(byte[] b, int off, int len) + throws SignatureException + { + try + { + adaptee.update(b, off, len); + } + catch (IllegalStateException x) + { + throw new SignatureException(x.getMessage(), x); + } + } + + public byte[] engineSign() throws SignatureException + { + Object signature = null; + try + { + signature = adaptee.sign(); + } + catch (IllegalStateException x) + { + throw new SignatureException(x.getMessage(), x); + } + byte[] result = codec.encodeSignature(signature); + return result; + } + + public int engineSign(byte[] outbuf, int offset, int len) + throws SignatureException + { + byte[] signature = this.engineSign(); + int result = signature.length; + if (result > len) + throw new SignatureException("Not enough room to store signature"); + + System.arraycopy(signature, 0, outbuf, offset, result); + return result; + } + + public boolean engineVerify(byte[] sigBytes) throws SignatureException + { + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineVerify"); + Object signature = codec.decodeSignature(sigBytes); + boolean result = false; + try + { + result = adaptee.verify(signature); + } + catch (IllegalStateException x) + { + throw new SignatureException(x.getMessage(), x); + } + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineVerify", + Boolean.valueOf(result)); + return result; + } + + // Deprecated. Replaced by engineSetParameter. + public void engineSetParameter(String param, Object value) + throws InvalidParameterException + { + throw new InvalidParameterException("deprecated"); + } + + public void engineSetParameter(AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException + { + } + + // Deprecated + public Object engineGetParameter(String param) + throws InvalidParameterException + { + throw new InvalidParameterException("deprecated"); + } +} |