diff options
author | Guilhem Lavaux <guilhem@kaffe.org> | 2006-02-18 18:33:27 +0000 |
---|---|---|
committer | Guilhem Lavaux <guilhem@kaffe.org> | 2006-02-18 18:33:27 +0000 |
commit | cc0db4315db5e0550da9a4a13f4b5e502e58a5c2 (patch) | |
tree | 25a49d0fc9588fae44f8e5edfc496f612a316931 /gnu/javax | |
parent | 5093bf804963cd90f1c6c6053c0417f78b945ca6 (diff) | |
download | classpath-cc0db4315db5e0550da9a4a13f4b5e502e58a5c2.tar.gz |
Merged with HEAD.
Diffstat (limited to 'gnu/javax')
-rw-r--r-- | gnu/javax/crypto/jce/GnuCrypto.java | 14 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java | 240 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java | 255 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/GnuDHKey.java | 30 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java | 22 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/GnuDHPrivateKey.java | 91 | ||||
-rw-r--r-- | gnu/javax/crypto/key/dh/GnuDHPublicKey.java | 91 | ||||
-rw-r--r-- | gnu/javax/crypto/sasl/srp/SRPServer.java | 2 |
8 files changed, 687 insertions, 58 deletions
diff --git a/gnu/javax/crypto/jce/GnuCrypto.java b/gnu/javax/crypto/jce/GnuCrypto.java index 9a8915cf4..b22aa8823 100644 --- a/gnu/javax/crypto/jce/GnuCrypto.java +++ b/gnu/javax/crypto/jce/GnuCrypto.java @@ -556,6 +556,20 @@ public final class GnuCrypto extends Provider put("KeyStore.GKR", gnu.javax.crypto.jce.keyring.GnuKeyring.class.getName()); put("Alg.Alias.KeyStore.GnuKeyring", "GKR"); + // KeyPairGenerator --------------------------------------------------- + put("KeyPairGenerator.DH", + gnu.javax.crypto.jce.sig.DHKeyPairGeneratorSpi.class.getName()); + put("KeyPairGenerator.DH KeySize", "512"); + put("KeyPairGenerator.DH ImplementedIn", "Software"); + + put("Alg.Alias.KeyPairGenerator.DiffieHellman", "DH"); + + // KeyFactory --------------------------------------------------------- + put("KeyFactory.DH", + gnu.javax.crypto.jce.sig.DHKeyFactory.class.getName()); + + put("Alg.Alias,KeyFactory.DiffieHellman", "DH"); + return null; } }); diff --git a/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java b/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java new file mode 100644 index 000000000..b1be1d251 --- /dev/null +++ b/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java @@ -0,0 +1,240 @@ +/* DHKeyPairPKCS8Codec.java -- PKCS#8 encoder/decoder for DH keys + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.util.Util; + +public class DHKeyPairPKCS8Codec + implements IKeyPairCodec +{ + private static final OID DH_ALG_OID = new OID(Registry.DH_OID_STRING); + + // implicit 0-arguments constructor + + private static void checkIsConstructed(DERValue v, String msg) + { + if (! v.isConstructed()) + throw new InvalidParameterException(msg); + } + + private static void checkIsBigInteger(DERValue v, String msg) + { + if (! (v.getValue() instanceof BigInteger)) + throw new InvalidParameterException(msg); + } + + public int getFormatID() + { + return PKCS8_FORMAT; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePublicKey(PublicKey key) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * Returns the DER-encoded form of the PKCS#8 ASN.1 <i>PrivateKeyInfo</i> + * representation of a DH private key. The ASN.1 specification is as follows: + * + * <pre> + * PrivateKeyInfo ::= SEQUENCE { + * version INTEGER, -- MUST be 0 + * privateKeyAlgorithm AlgorithmIdentifier, + * privateKey OCTET STRING + * } + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL + * } + * + * DhParams ::= SEQUENCE { + * p INTEGER, -- odd prime, p=jq +1 + * g INTEGER, -- generator, g + * q INTEGER -- factor of p-1 + * } + * </pre> + * + * @return the DER encoded form of the ASN.1 representation of the + * <i>PrivateKeyInfo</i> field in an X.509 certificate. + * @throw InvalidParameterException if an error occurs during the marshalling + * process. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + if (! (key instanceof GnuDHPrivateKey)) + throw new InvalidParameterException("Wrong key type"); + + DERValue derVersion = new DERValue(DER.INTEGER, BigInteger.ZERO); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DH_ALG_OID); + + GnuDHPrivateKey pk = (GnuDHPrivateKey) key; + BigInteger p = pk.getParams().getP(); + BigInteger g = pk.getParams().getG(); + BigInteger q = pk.getQ(); + BigInteger x = pk.getX(); + + ArrayList params = new ArrayList(3); + params.add(new DERValue(DER.INTEGER, p)); + params.add(new DERValue(DER.INTEGER, g)); + params.add(new DERValue(DER.INTEGER, q)); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, Util.trim(x)); + + ArrayList pki = new ArrayList(3); + pki.add(derVersion); + pki.add(derAlgorithmID); + pki.add(derPrivateKey); + DERValue derPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, pki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derPKI); + result = baos.toByteArray(); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PublicKey decodePublicKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for public keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DH + * {@link PrivateKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuDHPrivateKey} decoded from the + * <i>PrivateKeyInfo</i> material fed as <code>input</code>. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger version, p, q, g, x; + DERReader der = new DERReader(input); + try + { + DERValue derPKI = der.read(); + checkIsConstructed(derPKI, "Wrong PrivateKeyInfo field"); + + DERValue derVersion = der.read(); + if (! (derVersion.getValue() instanceof BigInteger)) + throw new InvalidParameterException("Wrong Version field"); + + version = (BigInteger) derVersion.getValue(); + if (version.compareTo(BigInteger.ZERO) != 0) + throw new InvalidParameterException("Unexpected Version: " + version); + + DERValue derAlgoritmID = der.read(); + checkIsConstructed(derAlgoritmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DH_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + checkIsConstructed(derParams, "Wrong DSS Parameters field"); + + DERValue val = der.read(); + checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + val = der.read(); + checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + + val = der.read(); + byte[] xBytes = (byte[]) val.getValue(); + x = new BigInteger(1, xBytes); + } + catch (IOException e) + { + InvalidParameterException y = new InvalidParameterException(); + y.initCause(e); + throw y; + } + + return new GnuDHPrivateKey(Registry.PKCS8_ENCODING_ID, q, p, g, x); + } +} diff --git a/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java b/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java new file mode 100644 index 000000000..bd93c23e8 --- /dev/null +++ b/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java @@ -0,0 +1,255 @@ +/* DHKeyPairX509Codec.java -- X.509 DER encoder/decoder for DH keys + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.key.dh; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; + +import gnu.java.security.OID; +import gnu.java.security.Registry; +import gnu.java.security.der.BitString; +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.key.IKeyPairCodec; + +public class DHKeyPairX509Codec + implements IKeyPairCodec +{ + private static final OID DH_ALG_OID = new OID(Registry.DH_OID_STRING); + + // implicit 0-arguments constructor + + private static void checkIsConstructed(DERValue v, String msg) + { + if (! v.isConstructed()) + throw new InvalidParameterException(msg); + } + + private static void checkIsBigInteger(DERValue v, String msg) + { + if (! (v.getValue() instanceof BigInteger)) + throw new InvalidParameterException(msg); + } + + public int getFormatID() + { + return X509_FORMAT; + } + + /** + * Returns the DER-encoded form of the X.509 ASN.1 <i>SubjectPublicKeyInfo</i> + * representation of a DH public key. The ASN.1 specification, as defined in + * RFC-3280, and RFC-2459, is as follows: + * + * <pre> + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING + * } + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL + * } + * + * DhParams ::= SEQUENCE { + * p INTEGER, -- odd prime, p=jq +1 + * g INTEGER, -- generator, g + * q INTEGER -- factor of p-1 + * } + * </pre> + * + * <p>The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the + * DER-encoded form of the DH public key as an INTEGER.</p> + * + * <pre> + * DHPublicKey ::= INTEGER -- public key, y = g^x mod p + * </pre> + * + * @param key the {@link PublicKey} instance to encode. MUST be an instance of + * {@link GnuDHPublicKey}. + * @return the DER-encoded form of the ASN.1 representation of the + * <i>SubjectPublicKeyInfo</i> in an X.509 certificate. + * @throw InvalidParameterException if <code>key</code> is not an instance + * of {@link GnuDHPublicKey} or if an exception occurs during the + * marshalling process. + */ + public byte[] encodePublicKey(PublicKey key) + { + if (! (key instanceof GnuDHPublicKey)) + throw new InvalidParameterException("Wrong key type"); + + DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DH_ALG_OID); + + GnuDHPublicKey dhKey = (GnuDHPublicKey) key; + BigInteger p = dhKey.getParams().getP(); + BigInteger g = dhKey.getParams().getG(); + BigInteger q = dhKey.getQ(); + BigInteger y = dhKey.getY(); + + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derG = new DERValue(DER.INTEGER, g); + DERValue derQ = new DERValue(DER.INTEGER, q); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derG); + params.add(derQ); + DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + + ArrayList algorithmID = new ArrayList(2); + algorithmID.add(derOID); + algorithmID.add(derParams); + DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + algorithmID); + + DERValue derDHPublicKey = new DERValue(DER.INTEGER, y); + byte[] yBytes = derDHPublicKey.getEncoded(); + DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes)); + + ArrayList spki = new ArrayList(2); + spki.add(derAlgorithmID); + spki.add(derSPK); + DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki); + + byte[] result; + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try + { + DERWriter.write(baos, derSPKI); + result = baos.toByteArray(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return result; + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public byte[] encodePrivateKey(PrivateKey key) + { + throw new InvalidParameterException("Wrong format for private keys"); + } + + /** + * @param input the byte array to unmarshall into a valid DH + * {@link PublicKey} instance. MUST NOT be null. + * @return a new instance of a {@link GnuDHPublicKey} decoded from the + * <i>SubjectPublicKeyInfo</i> material in an X.509 certificate. + * @throw InvalidParameterException if an exception occurs during the + * unmarshalling process. + */ + public PublicKey decodePublicKey(byte[] input) + { + if (input == null) + throw new InvalidParameterException("Input bytes MUST NOT be null"); + + BigInteger p, g, q, y; + DERReader der = new DERReader(input); + try + { + DERValue derSPKI = der.read(); + checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field"); + + DERValue derAlgorithmID = der.read(); + checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field"); + + DERValue derOID = der.read(); + if (! (derOID.getValue() instanceof OID)) + throw new InvalidParameterException("Wrong Algorithm field"); + + OID algOID = (OID) derOID.getValue(); + if (! algOID.equals(DH_ALG_OID)) + throw new InvalidParameterException("Unexpected OID: " + algOID); + + DERValue derParams = der.read(); + checkIsConstructed(derParams, "Wrong DH Parameters field"); + + DERValue val = der.read(); + checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + val = der.read(); + checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + + val = der.read(); + if (! (val.getValue() instanceof BitString)) + throw new InvalidParameterException("Wrong SubjectPublicKey field"); + + byte[] yBytes = ((BitString) val.getValue()).toByteArray(); + + DERReader dhPub = new DERReader(yBytes); + val = dhPub.read(); + checkIsBigInteger(val, "Wrong Y field"); + y = (BigInteger) val.getValue(); + } + catch (IOException x) + { + InvalidParameterException e = new InvalidParameterException(); + e.initCause(x); + throw e; + } + + return new GnuDHPublicKey(Registry.X509_ENCODING_ID, q, p, g, y); + } + + /** + * @throws InvalidParameterException ALWAYS. + */ + public PrivateKey decodePrivateKey(byte[] input) + { + throw new InvalidParameterException("Wrong format for private keys"); + } +} diff --git a/gnu/javax/crypto/key/dh/GnuDHKey.java b/gnu/javax/crypto/key/dh/GnuDHKey.java index e6806684e..da559462c 100644 --- a/gnu/javax/crypto/key/dh/GnuDHKey.java +++ b/gnu/javax/crypto/key/dh/GnuDHKey.java @@ -39,6 +39,8 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; import gnu.java.security.Registry; +import gnu.java.security.key.IKeyPairCodec; +import gnu.java.security.key.KeyPairCodecFactory; import java.math.BigInteger; import java.security.Key; @@ -79,20 +81,30 @@ public abstract class GnuDHKey implements Key, DHKey /** The generator g. */ protected BigInteger g; + /** + * Identifier of the default encoding format to use when externalizing the + * key material. + */ + protected final int defaultFormat; + // Constructor(s) // ------------------------------------------------------------------------- /** - * <p>Trivial protected constructor.</p> - * + * Trivial protected constructor. + * + * @param defaultFormat the identifier of the encoding format to use by + * default when externalizing the key. * @param q a prime divisor of p-1. * @param p the public prime. * @param g the generator of the group. */ - protected GnuDHKey(BigInteger q, BigInteger p, BigInteger g) + protected GnuDHKey(int defaultFormat, BigInteger q, BigInteger p, BigInteger g) { super(); + this.defaultFormat = defaultFormat <= 0 ? Registry.RAW_ENCODING_ID + : defaultFormat; this.q = q; this.p = p; this.g = g; @@ -125,9 +137,15 @@ public abstract class GnuDHKey implements Key, DHKey return Registry.DH_KPG; } + /** @deprecated see getEncoded(int). */ + public byte[] getEncoded() + { + return getEncoded(IKeyPairCodec.RAW_FORMAT); + } + public String getFormat() { - return null; + return KeyPairCodecFactory.getEncodingShortName(defaultFormat); } // Other instance methods -------------------------------------------------- @@ -160,4 +178,8 @@ public abstract class GnuDHKey implements Key, DHKey return p.equals(that.getParams().getP()) && g.equals(that.getParams().getG()); } + + // abstract methods to be implemented by subclasses ------------------------ + + public abstract byte[] getEncoded(int format); } diff --git a/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java b/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java index 0d493d3a6..7fc300fe7 100644 --- a/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java +++ b/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java @@ -103,6 +103,13 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator /** Property name of the size in bits (Integer) of the private exponent (x). */ public static final String EXPONENT_SIZE = "gnu.crypto.dh.m"; + /** + * Property name of the preferred encoding format to use when externalizing + * generated instance of key-pairs from this generator. The property is taken + * to be an {@link Integer} that encapsulates an encoding format identifier. + */ + public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.dh.encoding"; + /** Default value for the size in bits of the public prime (p). */ // private static final int DEFAULT_PRIME_SIZE = 1024; private static final int DEFAULT_PRIME_SIZE = 512; @@ -110,6 +117,9 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator /** Default value for the size in bits of the private exponent (x). */ private static final int DEFAULT_EXPONENT_SIZE = 160; + /** Default encoding format to use when none was specified. */ + private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; + /** The SHA instance to use. */ private Sha160 sha = new Sha160(); @@ -137,6 +147,9 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator /** Our default source of randomness. */ private PRNG prng = null; + /** Preferred encoding format of generated keys. */ + private int preferredFormat; + // Constructor(s) // ------------------------------------------------------------------------- @@ -191,6 +204,11 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator { throw new IllegalArgumentException("exponent size > modulus size"); } + + // what is the preferred encoding format + Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); + preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT + : formatID.intValue(); } public KeyPair generate() @@ -231,8 +249,8 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator } BigInteger y = g.modPow(x, p); - PrivateKey secK = new GnuDHPrivateKey(q, p, g, x); - PublicKey pubK = new GnuDHPublicKey(q, p, g, y); + PrivateKey secK = new GnuDHPrivateKey(preferredFormat, q, p, g, x); + PublicKey pubK = new GnuDHPublicKey(preferredFormat, q, p, g, y); return new KeyPair(pubK, secK); } diff --git a/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java b/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java index 8b11f2c63..0e71623b9 100644 --- a/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java +++ b/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java @@ -42,6 +42,7 @@ import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; + import javax.crypto.interfaces.DHPrivateKey; /** @@ -66,9 +67,37 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey // Constructor(s) // ------------------------------------------------------------------------- + /** + * Convenience constructor. Calls the constructor with five arguments passing + * {@link Registry#RAW_ENCODING_ID} as the value of its first argument. + * + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param x the private value x. + */ public GnuDHPrivateKey(BigInteger q, BigInteger p, BigInteger g, BigInteger x) { - super(q, p, g); + this(Registry.RAW_ENCODING_ID, q, p, g, x); + } + + /** + * Constructs a new instance of <code>GnuDHPrivateKey</code> given the + * designated parameters. + * + * @param preferredFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param x the private value x. + */ + public GnuDHPrivateKey(int preferredFormat, + BigInteger q, BigInteger p, BigInteger g, BigInteger x) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID + : preferredFormat, + q, p, g); this.x = x; } @@ -91,35 +120,23 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey */ public static GnuDHPrivateKey valueOf(byte[] k) { - // check magic... - // we should parse here enough bytes to know which codec to use, and - // direct the byte array to the appropriate codec. since we only have one - // codec, we could have immediately tried it; nevertheless since testing - // one byte is cheaper than instatiating a codec that will fail we test - // the first byte before we carry on. + // try RAW codec if (k[0] == Registry.MAGIC_RAW_DH_PRIVATE_KEY[0]) - { - // it's likely to be in raw format. get a raw codec and hand it over - IKeyPairCodec codec = new DHKeyPairRawCodec(); - return (GnuDHPrivateKey) codec.decodePrivateKey(k); - } - else - { - throw new IllegalArgumentException("magic"); - } + try + { + return (GnuDHPrivateKey) new DHKeyPairRawCodec().decodePrivateKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try PKCS#8 codec + return (GnuDHPrivateKey) new DHKeyPairPKCS8Codec().decodePrivateKey(k); } // Instance methods // ------------------------------------------------------------------------- - // java.security.Key interface implementation ------------------------------ - - /** @deprecated see getEncoded(int). */ - public byte[] getEncoded() - { - return getEncoded(IKeyPairCodec.RAW_FORMAT); - } - // javax.crypto.interfaces.DHPrivateKey interface implementation ----------- public BigInteger getX() @@ -147,9 +164,33 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey case IKeyPairCodec.RAW_FORMAT: result = new DHKeyPairRawCodec().encodePrivateKey(this); break; + case IKeyPairCodec.PKCS8_FORMAT: + result = new DHKeyPairPKCS8Codec().encodePrivateKey(this); + break; default: - throw new IllegalArgumentException("format"); + throw new IllegalArgumentException("Unsupported encoding format: " + + format); } return result; } + + /** + * Returns <code>true</code> if the designated object is an instance of + * {@link DHPrivateKey} and has the same parameter values as this one. + * + * @param obj the other non-null DH key to compare to. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + return false; + + if (! (obj instanceof DHPrivateKey)) + return false; + + DHPrivateKey that = (DHPrivateKey) obj; + return super.equals(that) && x.equals(that.getX()); + } } diff --git a/gnu/javax/crypto/key/dh/GnuDHPublicKey.java b/gnu/javax/crypto/key/dh/GnuDHPublicKey.java index 5166914eb..56516c9d0 100644 --- a/gnu/javax/crypto/key/dh/GnuDHPublicKey.java +++ b/gnu/javax/crypto/key/dh/GnuDHPublicKey.java @@ -66,9 +66,37 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey // Constructor(s) // ------------------------------------------------------------------------- + /** + * Convenience constructor. Calls the constructor with five arguments passing + * {@link Registry#RAW_ENCODING_ID} as the value of its first argument. + * + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param y the public value y. + */ public GnuDHPublicKey(BigInteger q, BigInteger p, BigInteger g, BigInteger y) { - super(q, p, g); + this(Registry.RAW_ENCODING_ID, q, p, g, y); + } + + /** + * Constructs a new instance of <code>GnuDHPublicKey</code> given the + * designated parameters. + * + * @param preferredFormat the identifier of the encoding format to use by + * default when externalizing the key. + * @param q a prime divisor of p-1. + * @param p the public prime. + * @param g the generator of the group. + * @param y the public value y. + */ + public GnuDHPublicKey(int preferredFormat, + BigInteger q, BigInteger p, BigInteger g, BigInteger y) + { + super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID + : preferredFormat, + q, p, g); this.y = y; } @@ -91,35 +119,23 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey */ public static GnuDHPublicKey valueOf(byte[] k) { - // check magic... - // we should parse here enough bytes to know which codec to use, and - // direct the byte array to the appropriate codec. since we only have one - // codec, we could have immediately tried it; nevertheless since testing - // one byte is cheaper than instatiating a codec that will fail we test - // the first byte before we carry on. + // try RAW codec if (k[0] == Registry.MAGIC_RAW_DH_PUBLIC_KEY[0]) - { - // it's likely to be in raw format. get a raw codec and hand it over - IKeyPairCodec codec = new DHKeyPairRawCodec(); - return (GnuDHPublicKey) codec.decodePublicKey(k); - } - else - { - throw new IllegalArgumentException("magic"); - } + try + { + return (GnuDHPublicKey) new DHKeyPairRawCodec().decodePublicKey(k); + } + catch (IllegalArgumentException ignored) + { + } + + // try X.509 codec + return (GnuDHPublicKey) new DHKeyPairX509Codec().decodePublicKey(k); } // Instance methods // ------------------------------------------------------------------------- - // java.security.Key interface implementation ------------------------------ - - /** @deprecated see getEncoded(int). */ - public byte[] getEncoded() - { - return getEncoded(IKeyPairCodec.RAW_FORMAT); - } - // javax.crypto.interfaces.DHPublicKey interface implementation ------------ public BigInteger getY() @@ -137,7 +153,6 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey * @return the byte sequence encoding this key according to the designated * format. * @exception IllegalArgumentException if the format is not supported. - * @see gnu.crypto.key.dh.DHKeyPairRawCodec */ public byte[] getEncoded(int format) { @@ -147,9 +162,33 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey case IKeyPairCodec.RAW_FORMAT: result = new DHKeyPairRawCodec().encodePublicKey(this); break; + case IKeyPairCodec.X509_FORMAT: + result = new DHKeyPairX509Codec().encodePublicKey(this); + break; default: - throw new IllegalArgumentException("format"); + throw new IllegalArgumentException("Unsupported encoding format: " + + format); } return result; } + + /** + * Returns <code>true</code> if the designated object is an instance of + * {@link DHPublicKey} and has the same parameter values as this one. + * + * @param obj the other non-null DH key to compare to. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. + */ + public boolean equals(Object obj) + { + if (obj == null) + return false; + + if (! (obj instanceof DHPublicKey)) + return false; + + DHPublicKey that = (DHPublicKey) obj; + return super.equals(that) && y.equals(that.getY()); + } } diff --git a/gnu/javax/crypto/sasl/srp/SRPServer.java b/gnu/javax/crypto/sasl/srp/SRPServer.java index 25405f106..4cbdb5aa2 100644 --- a/gnu/javax/crypto/sasl/srp/SRPServer.java +++ b/gnu/javax/crypto/sasl/srp/SRPServer.java @@ -73,7 +73,7 @@ import javax.security.sasl.SaslServer; /** * <p>The SASL-SRP server-side mechanism.</p> * - * @version $Revision: 1.1.2.1 $ + * @version $Revision: 1.1.2.2 $ */ public class SRPServer extends ServerMechanism implements SaslServer { |