diff options
50 files changed, 1879 insertions, 2922 deletions
@@ -1,3 +1,58 @@ +2006-06-11 Raif S. Naffah <raif@swiftdsl.com.au> + + PR Classpath/26065 + * gnu/javax/security/auth/login/GnuConfiguration.java: Condition all trace/ + debug code based on Configuration.DEBUG. + Use logger instead of STDOUT and ot STDERR. + * gnu/javax/security/auth/login/ConfigFileParser.java: Likewise. + * gnu/javax/crypto/sasl/SaslOutputStream.java: Likewise. + * gnu/javax/crypto/sasl/SaslInputStream.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPServer.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPClient.java: Likewise. + * gnu/javax/crypto/prng/CSPRNG.java: Likewise. + * gnu/javax/crypto/pad/TBC.java: Likewise. + * gnu/javax/crypto/pad/PKCS7.java: Likewise. + * gnu/javax/crypto/pad/PKCS1_V1_5.java: Likewise. + * gnu/javax/crypto/pad/BasePad.java: Likewise. + * gnu/javax/crypto/mac/OMAC.java: Likewise. + * gnu/javax/crypto/keyring/PasswordEncryptedEntry.java: Likewise. + * gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java: Likewise. + * gnu/javax/crypto/keyring/GnuPublicKeyring.java: Likewise. + * gnu/javax/crypto/keyring/GnuPrivateKeyring.java: Likewise. + * gnu/javax/crypto/keyring/EnvelopeEntry.java: Likewise. + * gnu/javax/crypto/keyring/Entry.java: Likewise. + * gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java: Likewise. + * gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java: Likewise. + * gnu/javax/crypto/jce/prng/UMacRandomSpi.java: Likewise. + * gnu/javax/crypto/jce/prng/ICMRandomSpi.java: Likewise. + * gnu/javax/crypto/jce/keyring/GnuKeyring.java: Likewise. + * gnu/javax/crypto/cipher/Twofish.java: Likewise. + * gnu/javax/crypto/cipher/Khazad.java: Likewise. + * gnu/javax/crypto/cipher/Rijndael.java: Likewise. + * gnu/javax/crypto/cipher/BaseCipher.java: Likewise. + * gnu/javax/crypto/cipher/Anubis.java: Likewise. + * gnu/java/security/Properties.java: Likewise. + * gnu/java/security/x509/X509CRLEntry.java: Likewise. + * gnu/java/security/x509/X509CRL.java: Likewise. + * gnu/java/security/x509/ext/Extension.java: Likewise. + * gnu/java/security/util/Prime2.java: Likewise. + * gnu/java/security/util/Base64.java: Likewise. + * gnu/java/security/sig/rsa/RSAPSSSignature.java: Likewise. + * gnu/java/security/sig/rsa/EMSA_PSS.java: Likewise. + * gnu/java/security/provider/PKIXCertPathValidatorImpl.java: Likewise. + * gnu/java/security/pkcs/SignerInfo.java: Likewise. + * gnu/java/security/pkcs/PKCS7SignedData.java: Likewise. + * gnu/java/security/key/rsa/RSAKeyPairX509Codec.java: Likewise. + * gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java: Likewise. + * gnu/java/security/key/rsa/RSAKeyPairGenerator.java: Likewise. + * gnu/java/security/key/rsa/GnuRSAPrivateKey.java: Likewise. + * gnu/java/security/key/dss/DSSPrivateKey.java: Likewise. + * gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java: Likewise. + * gnu/java/security/key/dss/DSSKeyPairGenerator.java: Likewise. + * gnu/java/security/jce/sig/SignatureAdapter.java: Likewise. + * gnu/java/security/jce/sig/EncodedKeyFactory.java: Likewise. + * gnu/java/security/hash/Whirlpool.java: Likewise. + 2006-06-11 Mark Wielaard <mark@klomp.org> * native/jni/gtk-peer/gnu_java_awt_peer_gtk_FreetypeGlyphVector.c diff --git a/gnu/java/security/Properties.java b/gnu/java/security/Properties.java index 860b7d928..4e8bc01ea 100644 --- a/gnu/java/security/Properties.java +++ b/gnu/java/security/Properties.java @@ -38,13 +38,15 @@ exception statement from your version. */ package gnu.java.security; +import gnu.classpath.Configuration; + import java.io.FileInputStream; import java.io.IOException; -import java.io.PrintWriter; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.HashMap; import java.util.PropertyPermission; +import java.util.logging.Logger; /** * <p>A global object containing build-specific properties that affect the @@ -52,25 +54,7 @@ import java.util.PropertyPermission; */ public final class Properties { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "Properties"; - - private static final boolean DEBUG = false; - - // private static final int debuglevel = 9; - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(final String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Properties.class.getName()); public static final String VERSION = "gnu.crypto.version"; public static final String PROPERTIES_FILE = "gnu.crypto.properties.file"; @@ -300,9 +284,8 @@ public final class Properties } catch (SecurityException se) { - if (DEBUG) - debug("Reading property " + PROPERTIES_FILE - + " not allowed. Ignored."); + if (Configuration.DEBUG) + log.fine("Reading property " + PROPERTIES_FILE + " not allowed. Ignored."); } if (propFile != null) { @@ -316,14 +299,14 @@ public final class Properties } catch (IOException ioe) { - if (DEBUG) - debug("IO error reading " + propFile + ": " + ioe.getMessage()); + if (Configuration.DEBUG) + log.fine("IO error reading " + propFile + ": " + ioe.getMessage()); } catch (SecurityException se) { - if (DEBUG) - debug("Security error reading " + propFile + ": " - + se.getMessage()); + if (Configuration.DEBUG) + log.fine("Security error reading " + propFile + ": " + + se.getMessage()); } } @@ -350,8 +333,8 @@ public final class Properties } catch (SecurityException x) { - if (DEBUG) - debug("SecurityManager forbids reading system properties. Ignored"); + if (Configuration.DEBUG) + log.fine("SecurityManager forbids reading system properties. Ignored"); } if (s != null) { @@ -360,14 +343,14 @@ public final class Properties // hide valid value set previously if (s.equals(TRUE) || s.equals(FALSE)) { - if (DEBUG) - debug("Setting " + name + " to '" + s + "'"); + if (Configuration.DEBUG) + log.fine("Setting " + name + " to '" + s + "'"); props.put(name, s); } else { - if (DEBUG) - debug("Invalid value for -D" + name + ": " + s + ". Ignored"); + if (Configuration.DEBUG) + log.fine("Invalid value for -D" + name + ": " + s + ". Ignored"); } } } diff --git a/gnu/java/security/hash/Whirlpool.java b/gnu/java/security/hash/Whirlpool.java index b10fa53cd..ee40d92b3 100644 --- a/gnu/java/security/hash/Whirlpool.java +++ b/gnu/java/security/hash/Whirlpool.java @@ -38,9 +38,12 @@ exception statement from your version. */ package gnu.java.security.hash; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; +import java.util.logging.Logger; + /** * Whirlpool, a new 512-bit hashing function operating on messages less than * 2 ** 256 bits in length. The function structure is designed according to the @@ -61,16 +64,7 @@ import gnu.java.security.util.Util; */ public final class Whirlpool extends BaseHash { - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - - private static final int debuglevel = 3; - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Whirlpool.class.getName()); private static final int BLOCK_SIZE = 64; // inner block size in bytes /** The digest of the 0-bit long message. */ @@ -183,95 +177,87 @@ public final class Whirlpool extends BaseHash ^ (T7[i++] & 0x00000000000000FFL); time = System.currentTimeMillis() - time; - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println("=========="); - System.out.println(); - System.out.println("Static data"); - System.out.println(); - - System.out.println(); - System.out.println("T0[]:"); + log.fine("Static data"); + log.fine("T0[]:"); + StringBuilder sb; for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T0[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T1[]:"); + log.fine("T1[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T1[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T2[]:"); + log.fine("T2[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T2[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T3[]:"); + log.fine("T3[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T3[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T4[]:"); + log.fine("\nT4[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T4[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T5[]:"); + log.fine("T5[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T6[]:"); + log.fine("T6[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T7[]:"); + log.fine("T7[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", "); - System.out.println(); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("rc[]:"); + log.fine("rc[]:"); for (i = 0; i < R; i++) - System.out.println("0x" + Util.toString(rc[i])); - - System.out.println(); + log.fine("0x" + Util.toString(rc[i])); - System.out.println(); - System.out.println("Total initialization time: " + time + " ms."); - System.out.println(); + log.fine("Total initialization time: " + time + " ms."); } } diff --git a/gnu/java/security/jce/sig/EncodedKeyFactory.java b/gnu/java/security/jce/sig/EncodedKeyFactory.java index 60152c279..bfee6cc76 100644 --- a/gnu/java/security/jce/sig/EncodedKeyFactory.java +++ b/gnu/java/security/jce/sig/EncodedKeyFactory.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.jce.sig; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.key.dss.DSSPrivateKey; import gnu.java.security.key.dss.DSSPublicKey; @@ -196,7 +197,8 @@ public class EncodedKeyFactory protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException { - log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGeneratePublic()", keySpec); PublicKey result = null; if (keySpec instanceof DSAPublicKeySpec) @@ -220,8 +222,9 @@ public class EncodedKeyFactory } catch (InvalidParameterException ignored) { - log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore", - ignored); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in DSSPublicKey.valueOf(). Ignore", + ignored); } if (! ok) // try RSA @@ -232,23 +235,25 @@ public class EncodedKeyFactory } catch (InvalidParameterException ignored) { - log.log(Level.FINE, - "Exception in GnuRSAPublicKey.valueOf(). Ignore", - ignored); + if (Configuration.DEBUG) + log.log(Level.FINE, + "Exception in GnuRSAPublicKey.valueOf(). Ignore", + ignored); } if (! ok) // try DH result = decodeDHPublicKey(input); } - - log.exiting(this.getClass().getName(), "engineGeneratePublic()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGeneratePublic()", result); return result; } protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException { - log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGeneratePrivate()", keySpec); PrivateKey result = null; if (keySpec instanceof DSAPrivateKeySpec) @@ -272,8 +277,9 @@ public class EncodedKeyFactory } catch (InvalidParameterException ignored) { - log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore", - ignored); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in DSSPrivateKey.valueOf(). Ignore", + ignored); } if (! ok) // try RSA @@ -284,16 +290,17 @@ public class EncodedKeyFactory } catch (InvalidParameterException ignored) { - log.log(Level.FINE, - "Exception in GnuRSAPrivateKey.valueOf(). Ignore", - ignored); + if (Configuration.DEBUG) + log.log(Level.FINE, + "Exception in GnuRSAPrivateKey.valueOf(). Ignore", + ignored); } if (! ok) // try DH result = decodeDHPrivateKey(input); } - - log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGeneratePrivate()", result); return result; } diff --git a/gnu/java/security/jce/sig/SignatureAdapter.java b/gnu/java/security/jce/sig/SignatureAdapter.java index 4dcbe78e5..724cc260e 100644 --- a/gnu/java/security/jce/sig/SignatureAdapter.java +++ b/gnu/java/security/jce/sig/SignatureAdapter.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.jce.sig; +import gnu.classpath.Configuration; import gnu.java.security.sig.BaseSignature; import gnu.java.security.sig.ISignature; import gnu.java.security.sig.ISignatureCodec; @@ -223,7 +224,8 @@ class SignatureAdapter extends SignatureSpi implements Cloneable public boolean engineVerify(byte[] sigBytes) throws SignatureException { - log.entering("SignatureAdapter", "engineVerify"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineVerify"); Object signature = codec.decodeSignature(sigBytes); boolean result = false; @@ -235,8 +237,8 @@ class SignatureAdapter extends SignatureSpi implements Cloneable { throw new SignatureException(String.valueOf(x)); } - - log.exiting("SignatureAdapter", "engineVerify", new Boolean(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineVerify", Boolean.valueOf(result)); return result; } diff --git a/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/gnu/java/security/key/dss/DSSKeyPairGenerator.java index 5aa746147..ca24f36c5 100644 --- a/gnu/java/security/key/dss/DSSKeyPairGenerator.java +++ b/gnu/java/security/key/dss/DSSKeyPairGenerator.java @@ -38,12 +38,12 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.Sha160; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.KeyPair; import java.security.PrivateKey; @@ -51,6 +51,7 @@ import java.security.PublicKey; import java.security.SecureRandom; import java.security.spec.DSAParameterSpec; import java.util.Map; +import java.util.logging.Logger; /** * <p>A key-pair generator for asymetric keys to use in conjunction with the DSS @@ -63,26 +64,7 @@ import java.util.Map; */ public class DSSKeyPairGenerator implements IKeyPairGenerator { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "dss"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(DSSKeyPairGenerator.class.getName()); /** The BigInteger constant 2. */ private static final BigInteger TWO = new BigInteger("2"); @@ -361,14 +343,14 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator p = params[FIPS186.DSA_PARAMS_P]; e = params[FIPS186.DSA_PARAMS_E]; g = params[FIPS186.DSA_PARAMS_G]; - if (DEBUG && debuglevel > 0) + if (Configuration.DEBUG) { - debug("seed: " + seed.toString(16)); - debug("counter: " + counter.intValue()); - debug("q: " + q.toString(16)); - debug("p: " + p.toString(16)); - debug("e: " + e.toString(16)); - debug("g: " + g.toString(16)); + log.fine("seed: " + seed.toString(16)); + log.fine("counter: " + counter.intValue()); + log.fine("q: " + q.toString(16)); + log.fine("p: " + p.toString(16)); + log.fine("e: " + e.toString(16)); + log.fine("g: " + g.toString(16)); } } diff --git a/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java index 3a115b963..166178fe4 100644 --- a/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java +++ b/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.der.DER; @@ -184,7 +185,8 @@ public class DSSKeyPairPKCS8Codec */ public PrivateKey decodePrivateKey(byte[] input) { - log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "decodePrivateKey"); if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -226,9 +228,11 @@ public class DSSKeyPairPKCS8Codec g = (BigInteger) val.getValue(); val = der.read(); - log.finest("val = " + val); + if (Configuration.DEBUG) + log.fine("val = " + val); byte[] xBytes = (byte[]) val.getValue(); - log.finest(Util.dumpString(xBytes, "xBytes: ")); + if (Configuration.DEBUG) + log.fine(Util.dumpString(xBytes, "xBytes: ")); DERReader der2 = new DERReader(xBytes); val = der2.read(); DerUtil.checkIsBigInteger(val, "Wrong X field"); @@ -240,8 +244,8 @@ public class DSSKeyPairPKCS8Codec y.initCause(e); throw y; } - - log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "decodePrivateKey"); return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); } } diff --git a/gnu/java/security/key/dss/DSSPrivateKey.java b/gnu/java/security/key/dss/DSSPrivateKey.java index fe59cb6d7..a9374557b 100644 --- a/gnu/java/security/key/dss/DSSPrivateKey.java +++ b/gnu/java/security/key/dss/DSSPrivateKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.Configuration; import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -53,11 +54,6 @@ import java.security.interfaces.DSAPrivateKey; */ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey { - // Constants and variables - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - /** * <p>A randomly or pseudorandomly generated integer with <code>0 < x < * q</code>.</p> @@ -210,7 +206,8 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey String ls = SystemProperties.getProperty("line.separator"); str = new StringBuilder(this.getClass().getName()).append("(") .append(super.toString()).append(",").append(ls) - .append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls) + .append("x=0x").append(Configuration.DEBUG ? x.toString(16) + : "**...*").append(ls) .append(")").toString(); } diff --git a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java index 920534487..bd39ee657 100644 --- a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java +++ b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.Configuration; import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -61,11 +62,6 @@ import java.security.interfaces.RSAPrivateKey; public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, RSAPrivateCrtKey { - // Constants and variables - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - /** The first prime divisor of the modulus. */ private final BigInteger p; @@ -307,12 +303,18 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, String ls = SystemProperties.getProperty("line.separator"); str = new StringBuilder(this.getClass().getName()).append("(") .append(super.toString()).append(",").append(ls) - .append("d=0x").append(DEBUG ? d.toString(16) : "**...*").append(ls) - .append("p=0x").append(DEBUG ? p.toString(16) : "**...*").append(ls) - .append("q=0x").append(DEBUG ? q.toString(16) : "**...*").append(ls) - .append("dP=0x").append(DEBUG ? dP.toString(16) : "**...*").append(ls) - .append("dQ=0x").append(DEBUG ? dQ.toString(16) : "**...*").append(ls) - .append("qInv=0x").append(DEBUG ? qInv.toString(16) : "**...*").append(ls) + .append("d=0x").append(Configuration.DEBUG ? d.toString(16) + : "**...*").append(ls) + .append("p=0x").append(Configuration.DEBUG ? p.toString(16) + : "**...*").append(ls) + .append("q=0x").append(Configuration.DEBUG ? q.toString(16) + : "**...*").append(ls) + .append("dP=0x").append(Configuration.DEBUG ? dP.toString(16) + : "**...*").append(ls) + .append("dQ=0x").append(Configuration.DEBUG ? dQ.toString(16) + : "**...*").append(ls) + .append("qInv=0x").append(Configuration.DEBUG ? qInv.toString(16) + : "**...*").append(ls) .append(")").toString(); } return str; diff --git a/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/gnu/java/security/key/rsa/RSAKeyPairGenerator.java index 39063381f..127b3eac4 100644 --- a/gnu/java/security/key/rsa/RSAKeyPairGenerator.java +++ b/gnu/java/security/key/rsa/RSAKeyPairGenerator.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; @@ -152,8 +153,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator */ public void setup(Map attributes) { - log.entering(this.getClass().getName(), "setup", attributes); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "setup", attributes); // do we have a SecureRandom, or should we use our own? rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); @@ -181,8 +182,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT : formatID.intValue(); - - log.exiting(this.getClass().getName(), "setup"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "setup"); } /** @@ -193,7 +194,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator */ public KeyPair generate() { - log.entering(this.getClass().getName(), "generate"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "generate"); BigInteger p, q, n, d; @@ -243,7 +245,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d); KeyPair result = new KeyPair(pubK, secK); - log.exiting(this.getClass().getName(), "generate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "generate", result); return result; } diff --git a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java index 0b9809032..14a0a063c 100644 --- a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java +++ b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java @@ -38,15 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidParameterException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.util.ArrayList; -import java.util.logging.Logger; - +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.der.DER; @@ -56,6 +48,15 @@ import gnu.java.security.der.DERWriter; import gnu.java.security.key.IKeyPairCodec; import gnu.java.security.util.DerUtil; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; +import java.util.logging.Logger; + /** * An implementation of an {@link IKeyPairCodec} that knows how to encode / * decode PKCS#8 ASN.1 external representation of RSA private keys. @@ -122,7 +123,8 @@ public class RSAKeyPairPKCS8Codec */ public byte[] encodePrivateKey(PrivateKey key) { - log.entering(this.getClass().getName(), "encodePrivateKey()", key); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "encodePrivateKey()", key); if (! (key instanceof GnuRSAPrivateKey)) throw new InvalidParameterException("Wrong key type"); @@ -190,8 +192,8 @@ public class RSAKeyPairPKCS8Codec y.initCause(x); throw y; } - - log.exiting(this.getClass().getName(), "encodePrivateKey()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "encodePrivateKey()", result); return result; } @@ -213,7 +215,8 @@ public class RSAKeyPairPKCS8Codec */ public PrivateKey decodePrivateKey(byte[] input) { - log.entering(this.getClass().getName(), "decodePrivateKey()", input); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "decodePrivateKey()", input); if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -287,7 +290,8 @@ public class RSAKeyPairPKCS8Codec PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, d, p, q, dP, dQ, qInv); - log.exiting(this.getClass().getName(), "decodePrivateKey()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "decodePrivateKey()", result); return result; } } diff --git a/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java index 882d9c7b2..87c5c3a6d 100644 --- a/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java +++ b/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.der.BitString; @@ -114,7 +115,8 @@ public class RSAKeyPairX509Codec */ public byte[] encodePublicKey(PublicKey key) { - log.entering(this.getClass().getName(), "encodePublicKey()", key); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "encodePublicKey()", key); if (! (key instanceof GnuRSAPublicKey)) throw new InvalidParameterException("key"); @@ -160,8 +162,8 @@ public class RSAKeyPairX509Codec y.initCause(x); throw y; } - - log.exiting(this.getClass().getName(), "encodePublicKey()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "encodePublicKey()", result); return result; } @@ -183,7 +185,8 @@ public class RSAKeyPairX509Codec */ public PublicKey decodePublicKey(byte[] input) { - log.entering(this.getClass().getName(), "decodePublicKey()", input); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "decodePublicKey()", input); if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -235,7 +238,8 @@ public class RSAKeyPairX509Codec } PublicKey result = new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e); - log.exiting(this.getClass().getName(), "decodePublicKey()", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "decodePublicKey()", result); return result; } diff --git a/gnu/java/security/pkcs/PKCS7SignedData.java b/gnu/java/security/pkcs/PKCS7SignedData.java index 0781f4ba9..de2b2f679 100644 --- a/gnu/java/security/pkcs/PKCS7SignedData.java +++ b/gnu/java/security/pkcs/PKCS7SignedData.java @@ -37,6 +37,7 @@ exception statement from your version. */ package gnu.java.security.pkcs; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.ber.BER; import gnu.java.security.ber.BEREncodingException; @@ -52,9 +53,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; - import java.math.BigInteger; - import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.Certificate; @@ -62,7 +61,6 @@ import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509CRL; - import java.util.ArrayList; import java.util.Collections; import java.util.HashSet; @@ -174,21 +172,22 @@ public class PKCS7SignedData if (!val.isConstructed()) throw new BEREncodingException("malformed SignedData"); - log.finest("SignedData: " + val); + if (Configuration.DEBUG) + log.fine("SignedData: " + val); val = ber.read(); if (val.getTag() != BER.INTEGER) throw new BEREncodingException("expecting Version"); version = (BigInteger) val.getValue(); - - log.finest(" Version: " + version); + if (Configuration.DEBUG) + log.fine(" Version: " + version); digestAlgorithms = new HashSet(); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed DigestAlgorithmIdentifiers"); - - log.finest(" DigestAlgorithmIdentifiers: " + val); + if (Configuration.DEBUG) + log.fine(" DigestAlgorithmIdentifiers: " + val); int count = 0; DERValue val2 = ber.read(); while (val2 != BER.END_OF_SEQUENCE && @@ -196,14 +195,14 @@ public class PKCS7SignedData { if (!val2.isConstructed()) throw new BEREncodingException("malformed AlgorithmIdentifier"); - - log.finest(" AlgorithmIdentifier: " + val2); + if (Configuration.DEBUG) + log.fine(" AlgorithmIdentifier: " + val2); count += val2.getEncodedLength(); val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed AlgorithmIdentifier"); - - log.finest(" digestAlgorithmIdentifiers OID: " + val2.getValue()); + if (Configuration.DEBUG) + log.fine(" digestAlgorithmIdentifiers OID: " + val2.getValue()); List algId = new ArrayList(2); algId.add(val2.getValue()); val2 = ber.read(); @@ -224,23 +223,27 @@ public class PKCS7SignedData else algId.add(null); - log.finest(" digestAlgorithmIdentifiers params: "); - log.finest(Util.dumpString((byte[]) algId.get(1), - " digestAlgorithmIdentifiers params: ")); + if (Configuration.DEBUG) + { + log.fine(" digestAlgorithmIdentifiers params: "); + log.fine(Util.dumpString((byte[]) algId.get(1), + " digestAlgorithmIdentifiers params: ")); + } digestAlgorithms.add(algId); } val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed ContentInfo"); - - log.finest(" ContentInfo: " + val); + if (Configuration.DEBUG) + log.fine(" ContentInfo: " + val); val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed ContentType"); contentType = (OID) val2.getValue(); - log.finest(" ContentType OID: " + contentType); + if (Configuration.DEBUG) + log.fine(" ContentType OID: " + contentType); if (BERValue.isIndefinite(val) || (val.getLength() > 0 && val.getLength() > val2.getEncodedLength())) { @@ -252,17 +255,18 @@ public class PKCS7SignedData val2 = ber.read(); } } - - log.finest(" Content: "); - log.finest(Util.dumpString(content, " Content: ")); - + if (Configuration.DEBUG) + { + log.fine(" Content: "); + log.fine(Util.dumpString(content, " Content: ")); + } val = ber.read(); if (val.getTag() == 0) { if (!val.isConstructed()) throw new BEREncodingException("malformed ExtendedCertificatesAndCertificates"); - - log.finest(" ExtendedCertificatesAndCertificates: " + val); + if (Configuration.DEBUG) + log.fine(" ExtendedCertificatesAndCertificates: " + val); count = 0; val2 = ber.read(); List certs = new LinkedList(); @@ -271,7 +275,8 @@ public class PKCS7SignedData { Certificate cert = x509.generateCertificate(new ByteArrayInputStream(val2.getEncoded())); - log.finest(" Certificate: " + cert); + if (Configuration.DEBUG) + log.fine(" Certificate: " + cert); certs.add(cert); count += val2.getEncodedLength(); ber.skip(val2.getLength()); @@ -286,8 +291,8 @@ public class PKCS7SignedData { if (!val.isConstructed()) throw new BEREncodingException("malformed CertificateRevocationLists"); - - log.finest(" CertificateRevocationLists: " + val); + if (Configuration.DEBUG) + log.fine(" CertificateRevocationLists: " + val); count = 0; val2 = ber.read(); List crls = new LinkedList(); @@ -295,7 +300,8 @@ public class PKCS7SignedData (val.getLength() > 0 && val.getLength() > count)) { CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded())); - log.finest(" CRL: " + crl); + if (Configuration.DEBUG) + log.fine(" CRL: " + crl); crls.add(crl); count += val2.getEncodedLength(); ber.skip(val2.getLength()); @@ -309,8 +315,8 @@ public class PKCS7SignedData signerInfos = new HashSet(); if (!val.isConstructed()) throw new BEREncodingException("malformed SignerInfos"); - - log.finest(" SignerInfos: " + val); + if (Configuration.DEBUG) + log.fine(" SignerInfos: " + val); // FIXME read this more carefully. // Since we are just reading a file (probably) we just read until we diff --git a/gnu/java/security/pkcs/SignerInfo.java b/gnu/java/security/pkcs/SignerInfo.java index 7b38bfefd..662bcc3b7 100644 --- a/gnu/java/security/pkcs/SignerInfo.java +++ b/gnu/java/security/pkcs/SignerInfo.java @@ -37,6 +37,7 @@ exception statement from your version. */ package gnu.java.security.pkcs; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.ber.BER; import gnu.java.security.ber.BEREncodingException; @@ -50,7 +51,6 @@ import gnu.java.security.util.Util; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStream; - import java.math.BigInteger; import java.util.ArrayList; import java.util.logging.Logger; @@ -101,7 +101,8 @@ public class SignerInfo public SignerInfo(BERReader ber) throws IOException { DERValue val = ber.read(); - log.finest("SignerInfo: " + val); + if (Configuration.DEBUG) + log.fine("SignerInfo: " + val); if (!val.isConstructed()) throw new BEREncodingException("malformed SignerInfo"); @@ -110,13 +111,13 @@ public class SignerInfo throw new BEREncodingException("malformed Version"); version = (BigInteger) val.getValue(); - log.finest(" Version: " + version); + log.fine(" Version: " + version); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed IssuerAndSerialNumber"); - - log.finest(" IssuerAndSerialNumber: " + val); + if (Configuration.DEBUG) + log.fine(" IssuerAndSerialNumber: " + val); val = ber.read(); if (!val.isConstructed()) @@ -124,20 +125,22 @@ public class SignerInfo issuer = new X500Principal(val.getEncoded()); ber.skip(val.getLength()); - log.finest(" Issuer: " + issuer); + if (Configuration.DEBUG) + log.fine(" Issuer: " + issuer); val = ber.read(); if (val.getTag() != BER.INTEGER) throw new BEREncodingException("malformed SerialNumber"); serialNumber = (BigInteger) val.getValue(); - log.finest(" SerialNumber: " + serialNumber); + if (Configuration.DEBUG) + log.fine(" SerialNumber: " + serialNumber); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed DigestAlgorithmIdentifier"); - - log.finest(" DigestAlgorithmIdentifier: " + val); + if (Configuration.DEBUG) + log.fine(" DigestAlgorithmIdentifier: " + val); int count = 0; DERValue val2 = ber.read(); @@ -145,7 +148,8 @@ public class SignerInfo throw new BEREncodingException("malformed AlgorithmIdentifier"); digestAlgorithmId = (OID) val2.getValue(); - log.finest(" digestAlgorithm OID: " + digestAlgorithmId); + if (Configuration.DEBUG) + log.fine(" digestAlgorithm OID: " + digestAlgorithmId); if (BERValue.isIndefinite(val)) { @@ -170,10 +174,12 @@ public class SignerInfo else digestAlgorithmParams = null; - log.finest(" digestAlgorithm params: "); - log.finest(Util.dumpString(digestAlgorithmParams, - " digestAlgorithm params: ")); - + if (Configuration.DEBUG) + { + log.fine(" digestAlgorithm params: "); + log.fine(Util.dumpString(digestAlgorithmParams, + " digestAlgorithm params: ")); + } val = ber.read(); if (val.getTag() == 0) { @@ -187,21 +193,24 @@ public class SignerInfo else authenticatedAttributes = null; - log.finest(" AuthenticatedAttributes: "); - log.finest(Util.dumpString(authenticatedAttributes, - " AuthenticatedAttributes: ")); - + if (Configuration.DEBUG) + { + log.fine(" AuthenticatedAttributes: "); + log.fine(Util.dumpString(authenticatedAttributes, + " AuthenticatedAttributes: ")); + } if (!val.isConstructed()) throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier"); - - log.finest(" DigestEncryptionAlgorithmIdentifier: " + val); + if (Configuration.DEBUG) + log.fine(" DigestEncryptionAlgorithmIdentifier: " + val); count = 0; val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed AlgorithmIdentifier"); digestEncryptionAlgorithmId = (OID) val2.getValue(); - log.finest(" digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId); + if (Configuration.DEBUG) + log.fine(" digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId); if (BERValue.isIndefinite(val)) { @@ -226,27 +235,33 @@ public class SignerInfo else digestEncryptionAlgorithmParams = null; - log.finest(" digestEncryptionAlgorithm params: "); - log.finest(Util.dumpString(digestEncryptionAlgorithmParams, - " digestEncryptionAlgorithm params: ")); - + if (Configuration.DEBUG) + { + log.fine(" digestEncryptionAlgorithm params: "); + log.fine(Util.dumpString(digestEncryptionAlgorithmParams, + " digestEncryptionAlgorithm params: ")); + } val = ber.read(); if (val.getTag() != BER.OCTET_STRING) throw new BEREncodingException("malformed EncryptedDigest"); encryptedDigest = (byte[]) val.getValue(); - log.finest(" EncryptedDigest: "); - log.finest(Util.dumpString(encryptedDigest, " EncryptedDigest: ")); - + if (Configuration.DEBUG) + { + log.fine(" EncryptedDigest: "); + log.fine(Util.dumpString(encryptedDigest, " EncryptedDigest: ")); + } if (ber.peek() == 1) unauthenticatedAttributes = ber.read().getEncoded(); else unauthenticatedAttributes = null; - log.finest(" UnauthenticatedAttributes: "); - log.finest(Util.dumpString(unauthenticatedAttributes, - " UnauthenticatedAttributes: ")); - + if (Configuration.DEBUG) + { + log.fine(" UnauthenticatedAttributes: "); + log.fine(Util.dumpString(unauthenticatedAttributes, + " UnauthenticatedAttributes: ")); + } if (ber.peek() == 0) ber.read(); } diff --git a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java index 448a609ec..3680f2fae 100644 --- a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java +++ b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.provider; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.key.dss.DSSPublicKey; @@ -81,6 +82,7 @@ import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Set; +import java.util.logging.Logger; /** * An implementation of the Public Key Infrastructure's X.509 @@ -94,17 +96,7 @@ import java.util.Set; */ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi { - - // Constants. - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - private static void debug (String msg) - { - System.err.print (">> PKIXCertPathValidatorImpl: "); - System.err.println (msg); - } - + private static final Logger log = Logger.getLogger(PKIXCertPathValidatorImpl.class.getName()); public static final String ANY_POLICY = "2.5.29.32.0"; // Constructor. @@ -603,7 +595,8 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi boolean explicitPolicy) throws CertPathValidatorException { - if (DEBUG) debug("updatePolicyTree depth == " + depth); + if (Configuration.DEBUG) + log.fine("updatePolicyTree depth == " + depth); Set nodes = new HashSet(); LinkedList stack = new LinkedList(); Iterator current = null; @@ -614,15 +607,18 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi while (current.hasNext()) { PolicyNodeImpl p = (PolicyNodeImpl) current.next(); - if (DEBUG) debug("visiting node == " + p); + if (Configuration.DEBUG) + log.fine("visiting node == " + p); if (p.getDepth() == depth - 1) { - if (DEBUG) debug("added node"); + if (Configuration.DEBUG) + log.fine("added node"); nodes.add(p); } else { - if (DEBUG) debug("skipped node"); + if (Configuration.DEBUG) + log.fine("skipped node"); stack.addLast(current); current = p.getChildren(); } @@ -646,16 +642,21 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi else cp = Collections.EMPTY_LIST; boolean match = false; - if (DEBUG) debug("nodes are == " + nodes); - if (DEBUG) debug("cert policies are == " + cp); + if (Configuration.DEBUG) + { + log.fine("nodes are == " + nodes); + log.fine("cert policies are == " + cp); + } for (Iterator it = nodes.iterator(); it.hasNext(); ) { PolicyNodeImpl parent = (PolicyNodeImpl) it.next(); - if (DEBUG) debug("adding policies to " + parent); + if (Configuration.DEBUG) + log.fine("adding policies to " + parent); for (Iterator it2 = cp.iterator(); it2.hasNext(); ) { OID policy = (OID) it2.next(); - if (DEBUG) debug("trying to add policy == " + policy); + if (Configuration.DEBUG) + log.fine("trying to add policy == " + policy); if (policy.toString().equals(ANY_POLICY) && params.isAnyPolicyInhibited()) continue; @@ -691,13 +692,15 @@ public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi private boolean checkExplicitPolicy (int depth, List explicitPolicies) { - if (DEBUG) debug ("checkExplicitPolicy depth=" + depth); + if (Configuration.DEBUG) + log.fine("checkExplicitPolicy depth=" + depth); for (Iterator it = explicitPolicies.iterator(); it.hasNext(); ) { int[] i = (int[]) it.next(); int caDepth = i[0]; int limit = i[1]; - if (DEBUG) debug (" caDepth=" + caDepth + " limit=" + limit); + if (Configuration.DEBUG) + log.fine(" caDepth=" + caDepth + " limit=" + limit); if (depth - caDepth >= limit) return true; } diff --git a/gnu/java/security/sig/rsa/EMSA_PSS.java b/gnu/java/security/sig/rsa/EMSA_PSS.java index c1c9760ed..0b93abab7 100644 --- a/gnu/java/security/sig/rsa/EMSA_PSS.java +++ b/gnu/java/security/sig/rsa/EMSA_PSS.java @@ -38,12 +38,13 @@ exception statement from your version. */ package gnu.java.security.sig.rsa; +import gnu.classpath.Configuration; import gnu.java.security.hash.HashFactory; import gnu.java.security.hash.IMessageDigest; import gnu.java.security.util.Util; -import java.io.PrintWriter; import java.util.Arrays; +import java.util.logging.Logger; /** * <p>An implementation of the EMSA-PSS encoding/decoding scheme.</p> @@ -70,26 +71,7 @@ import java.util.Arrays; */ public class EMSA_PSS implements Cloneable { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "emsa-pss"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(EMSA_PSS.class.getName()); /** The underlying hash function to use with this instance. */ private IMessageDigest hash; @@ -202,10 +184,10 @@ public class EMSA_PSS implements Cloneable System.arraycopy(salt, 0, DB, emLen - sLen - hLen - 1, sLen); // 9. Let dbMask = MGF(H, emLen - hLen - 1). byte[] dbMask = MGF(H, emLen - hLen - 1); - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - debug("dbMask (encode): " + Util.toString(dbMask)); - debug("DB (encode): " + Util.toString(DB)); + log.fine("dbMask (encode): " + Util.toString(dbMask)); + log.fine("DB (encode): " + Util.toString(DB)); } // 10. Let maskedDB = DB XOR dbMask. for (i = 0; i < DB.length; i++) @@ -244,12 +226,12 @@ public class EMSA_PSS implements Cloneable */ public boolean decode(byte[] mHash, byte[] EM, int emBits, int sLen) { - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - debug("mHash: " + Util.toString(mHash)); - debug("EM: " + Util.toString(EM)); - debug("emBits: " + String.valueOf(emBits)); - debug("sLen: " + String.valueOf(sLen)); + log.fine("mHash: " + Util.toString(mHash)); + log.fine("EM: " + Util.toString(EM)); + log.fine("emBits: " + String.valueOf(emBits)); + log.fine("sLen: " + String.valueOf(sLen)); } if (sLen < 0) { @@ -262,19 +244,15 @@ public class EMSA_PSS implements Cloneable // 2. Let mHash = Hash(M), an octet string of length hLen. if (hLen != mHash.length) { - if (DEBUG && debuglevel > 8) - { - debug("hLen != mHash.length; hLen: " + String.valueOf(hLen)); - } + if (Configuration.DEBUG) + log.fine("hLen != mHash.length; hLen: " + String.valueOf(hLen)); throw new IllegalArgumentException("wrong hash"); } // 3. If emBits < 8.hLen + 8.sLen + 9, output 'decoding error' and stop. if (emBits < (8 * hLen + 8 * sLen + 9)) { - if (DEBUG && debuglevel > 8) - { - debug("emBits < (8hLen + 8sLen + 9); sLen: " + String.valueOf(sLen)); - } + if (Configuration.DEBUG) + log.fine("emBits < (8hLen + 8sLen + 9); sLen: " + String.valueOf(sLen)); throw new IllegalArgumentException("decoding error"); } int emLen = (emBits + 7) / 8; @@ -282,10 +260,8 @@ public class EMSA_PSS implements Cloneable // output 'inconsistent' and stop. if ((EM[EM.length - 1] & 0xFF) != 0xBC) { - if (DEBUG && debuglevel > 8) - { - debug("EM does not end with 0xBC"); - } + if (Configuration.DEBUG) + log.fine("EM does not end with 0xBC"); return false; } // 5. Let maskedDB be the leftmost emLen ? hLen ? 1 octets of EM, and let @@ -294,10 +270,8 @@ public class EMSA_PSS implements Cloneable // maskedDB are not all equal to zero, output 'inconsistent' and stop. if ((EM[0] & (0xFF << (8 - (8 * emLen - emBits)))) != 0) { - if (DEBUG && debuglevel > 8) - { - debug("Leftmost 8emLen - emBits bits of EM are not 0s"); - } + if (Configuration.DEBUG) + log.fine("Leftmost 8emLen - emBits bits of EM are not 0s"); return false; } byte[] DB = new byte[emLen - hLen - 1]; @@ -314,10 +288,10 @@ public class EMSA_PSS implements Cloneable } // 9. Set the leftmost 8.emLen ? emBits bits of DB to zero. DB[0] &= (0xFF >>> (8 * emLen - emBits)); - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - debug("dbMask (decode): " + Util.toString(dbMask)); - debug("DB (decode): " + Util.toString(DB)); + log.fine("dbMask (decode): " + Util.toString(dbMask)); + log.fine("DB (decode): " + Util.toString(DB)); } // 10. If the emLen -hLen -sLen -2 leftmost octets of DB are not zero or // if the octet at position emLen -hLen -sLen -1 is not equal to 0x01, @@ -329,20 +303,16 @@ public class EMSA_PSS implements Cloneable { if (DB[i] != 0) { - if (DEBUG && debuglevel > 8) - { - debug("DB[" + String.valueOf(i) + "] != 0x00"); - } + if (Configuration.DEBUG) + log.fine("DB[" + String.valueOf(i) + "] != 0x00"); return false; } } if (DB[i] != 0x01) { // i == emLen -hLen -sLen -2 - if (DEBUG && debuglevel > 8) - { - debug("DB's byte at position (emLen -hLen -sLen -2); i.e. " - + String.valueOf(i) + " is not 0x01"); - } + if (Configuration.DEBUG) + log.fine("DB's byte at position (emLen -hLen -sLen -2); i.e. " + + String.valueOf(i) + " is not 0x01"); return false; } // 11. Let salt be the last sLen octets of DB. diff --git a/gnu/java/security/sig/rsa/RSAPSSSignature.java b/gnu/java/security/sig/rsa/RSAPSSSignature.java index 7ec62568a..3e9cad452 100644 --- a/gnu/java/security/sig/rsa/RSAPSSSignature.java +++ b/gnu/java/security/sig/rsa/RSAPSSSignature.java @@ -38,18 +38,19 @@ exception statement from your version. */ package gnu.java.security.sig.rsa; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.HashFactory; import gnu.java.security.hash.IMessageDigest; import gnu.java.security.sig.BaseSignature; import gnu.java.security.util.Util; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.PrivateKey; import java.security.PublicKey; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; +import java.util.logging.Logger; /** * <p>The RSA-PSS signature scheme is a public-key encryption scheme combining @@ -73,26 +74,7 @@ import java.security.interfaces.RSAPublicKey; */ public class RSAPSSSignature extends BaseSignature { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "rsa-pss"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 1; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(RSAPSSSignature.class.getName()); /** The underlying EMSA-PSS instance for this object. */ private EMSA_PSS pss; @@ -201,10 +183,8 @@ public class RSAPSSSignature extends BaseSignature byte[] salt = new byte[sLen]; this.nextRandomBytes(salt); byte[] EM = pss.encode(md.digest(), modBits - 1, salt); - if (DEBUG && debuglevel > 8) - { - debug("EM (sign): " + Util.toString(EM)); - } + if (Configuration.DEBUG) + log.fine("EM (sign): " + Util.toString(EM)); // 2. Convert the encoded message EM to an integer message representative // m (see Section 1.2.2): m = OS2IP(EM). BigInteger m = new BigInteger(1, EM); @@ -262,10 +242,8 @@ public class RSAPSSSignature extends BaseSignature int emBits = modBits - 1; int emLen = (emBits + 7) / 8; byte[] EM = m.toByteArray(); - if (DEBUG && debuglevel > 8) - { - debug("EM (verify): " + Util.toString(EM)); - } + if (Configuration.DEBUG) + log.fine("EM (verify): " + Util.toString(EM)); if (EM.length > emLen) { return false; diff --git a/gnu/java/security/util/Base64.java b/gnu/java/security/util/Base64.java index f9998c38f..6c4657b7c 100644 --- a/gnu/java/security/util/Base64.java +++ b/gnu/java/security/util/Base64.java @@ -38,8 +38,10 @@ exception statement from your version. */ package gnu.java.security.util; -import java.io.PrintWriter; +import gnu.classpath.Configuration; + import java.io.UnsupportedEncodingException; +import java.util.logging.Logger; /** * Most of this implementation is from Robert Harder's public domain Base64 @@ -47,26 +49,7 @@ import java.io.UnsupportedEncodingException; */ public class Base64 { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "Base64"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Base64.class.getName()); /** Maximum line length (76) of Base64 output. */ private static final int MAX_LINE_LENGTH = 76; @@ -383,12 +366,12 @@ public class Base64 } catch (Exception x) { - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - debug("" + src[sOffset] + ": " + (DECODABET[src[sOffset]])); - debug("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]])); - debug("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]])); - debug("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]])); + log.fine("" + src[sOffset ] + ": " + (DECODABET[src[sOffset ]])); + log.fine("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]])); + log.fine("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]])); + log.fine("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]])); } return -1; } diff --git a/gnu/java/security/util/Prime2.java b/gnu/java/security/util/Prime2.java index 6e46f5fca..49e4072f6 100644 --- a/gnu/java/security/util/Prime2.java +++ b/gnu/java/security/util/Prime2.java @@ -38,37 +38,20 @@ exception statement from your version. */ package gnu.java.security.util; -import java.io.PrintWriter; +import gnu.classpath.Configuration; + import java.lang.ref.WeakReference; import java.math.BigInteger; import java.util.Map; import java.util.WeakHashMap; +import java.util.logging.Logger; /** * <p>A collection of prime number related utilities used in this library.</p> */ public class Prime2 { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "prime"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Prime2.class.getName()); private static final int DEFAULT_CERTAINTY = 20; // XXX is this a good value? private static final BigInteger ZERO = BigInteger.ZERO; @@ -116,7 +99,7 @@ public class Prime2 } } time += System.currentTimeMillis(); - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { StringBuffer sb; for (int i = 0; i < (SMALL_PRIME_COUNT / 10); i++) @@ -126,13 +109,13 @@ public class Prime2 { sb.append(String.valueOf(SMALL_PRIME[i * 10 + j])).append(" "); } - debug(sb.toString()); + log.fine(sb.toString()); } } - if (DEBUG && debuglevel > 4) + if (Configuration.DEBUG) { - debug("Generating first " + String.valueOf(SMALL_PRIME_COUNT) - + " primes took: " + String.valueOf(time) + " ms."); + log.fine("Generating first " + String.valueOf(SMALL_PRIME_COUNT) + + " primes took: " + String.valueOf(time) + " ms."); } } @@ -169,17 +152,13 @@ public class Prime2 prime = SMALL_PRIME[i]; if (w.mod(prime).equals(ZERO)) { - if (DEBUG && debuglevel > 4) - { - debug(prime.toString(16) + " | " + w.toString(16) + "..."); - } + if (Configuration.DEBUG) + log.fine(prime.toString(16) + " | " + w.toString(16) + "..."); return true; } } - if (DEBUG && debuglevel > 4) - { - debug(w.toString(16) + " has no small prime divisors..."); - } + if (Configuration.DEBUG) + log.fine(w.toString(16) + " has no small prime divisors..."); return false; } @@ -361,8 +340,8 @@ public class Prime2 for (int i = 0; i < SMALL_PRIME_COUNT; i++) if (w.equals(SMALL_PRIME[i])) { - if (DEBUG && debuglevel > 4) - debug(w.toString(16) + " is a small prime"); + if (Configuration.DEBUG) + log.fine(w.toString(16) + " is a small prime"); return true; } @@ -370,16 +349,16 @@ public class Prime2 WeakReference obj = (WeakReference) knownPrimes.get(w); if (obj != null && w.equals(obj.get())) { - if (DEBUG && debuglevel > 4) - debug("found in known primes"); + if (Configuration.DEBUG) + log.fine("found in known primes"); return true; } // trial division with first 1000 primes if (hasSmallPrimeDivisor(w)) { - if (DEBUG && debuglevel > 4) - debug(w.toString(16) + " has a small prime divisor. Rejected..."); + if (Configuration.DEBUG) + log.fine(w.toString(16) + " has a small prime divisor. Rejected..."); return false; } @@ -411,7 +390,7 @@ public class Prime2 private static final void debugBI(String msg, BigInteger bn) { - if (DEBUG && debuglevel > 4) - debug("*** " + msg + ": 0x" + bn.toString(16)); + if (Configuration.DEBUG) + log.fine("*** " + msg + ": 0x" + bn.toString(16)); } } diff --git a/gnu/java/security/x509/X509CRL.java b/gnu/java/security/x509/X509CRL.java index 5b2d3b141..d8cbe988b 100644 --- a/gnu/java/security/x509/X509CRL.java +++ b/gnu/java/security/x509/X509CRL.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.x509; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.der.BitString; import gnu.java.security.der.DER; @@ -64,6 +65,7 @@ import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Set; +import java.util.logging.Logger; import javax.security.auth.x500.X500Principal; @@ -75,20 +77,7 @@ import javax.security.auth.x500.X500Principal; public class X509CRL extends java.security.cert.X509CRL implements GnuPKIExtension { - - // Constants and fields. - // ------------------------------------------------------------------------ - - private static final boolean DEBUG = false; - private static void debug(String msg) - { - if (DEBUG) - { - System.err.print(">> X509CRL: "); - System.err.println(msg); - } - } - + private static final Logger log = Logger.getLogger(X509CRL.class.getName()); private static final OID ID_DSA = new OID("1.2.840.10040.4.1"); private static final OID ID_DSA_WITH_SHA1 = new OID("1.2.840.10040.4.3"); private static final OID ID_RSA = new OID("1.2.840.113549.1.1.1"); @@ -350,7 +339,8 @@ public class X509CRL extends java.security.cert.X509CRL // CertificateList ::= SEQUENCE { DERReader der = new DERReader(in); DERValue val = der.read(); - debug("start CertificateList len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("start CertificateList len == " + val.getLength()); if (!val.isConstructed()) throw new IOException("malformed CertificateList"); encoded = val.getEncoded(); @@ -359,7 +349,8 @@ public class X509CRL extends java.security.cert.X509CRL val = der.read(); if (!val.isConstructed()) throw new IOException("malformed TBSCertList"); - debug("start tbsCertList len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("start tbsCertList len == " + val.getLength()); tbsCRLBytes = val.getEncoded(); // version Version OPTIONAL, @@ -372,19 +363,23 @@ public class X509CRL extends java.security.cert.X509CRL } else version = 1; - debug("read version == " + version); + if (Configuration.DEBUG) + log.fine("read version == " + version); // signature AlgorithmIdentifier, - debug("start AlgorithmIdentifier len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("start AlgorithmIdentifier len == " + val.getLength()); if (!val.isConstructed()) throw new IOException("malformed AlgorithmIdentifier"); DERValue algIdVal = der.read(); algId = (OID) algIdVal.getValue(); - debug("read object identifier == " + algId); + if (Configuration.DEBUG) + log.fine("read object identifier == " + algId); if (val.getLength() > algIdVal.getEncodedLength()) { val = der.read(); - debug("read parameters len == " + val.getEncodedLength()); + if (Configuration.DEBUG) + log.fine("read parameters len == " + val.getEncodedLength()); algParams = val.getEncoded(); if (val.isConstructed()) in.skip(val.getLength()); @@ -394,18 +389,21 @@ public class X509CRL extends java.security.cert.X509CRL val = der.read(); issuerDN = new X500DistinguishedName(val.getEncoded()); der.skip(val.getLength()); - debug("read issuer == " + issuerDN); + if (Configuration.DEBUG) + log.fine("read issuer == " + issuerDN); // thisUpdate Time, thisUpdate = (Date) der.read().getValue(); - debug("read thisUpdate == " + thisUpdate); + if (Configuration.DEBUG) + log.fine("read thisUpdate == " + thisUpdate); // nextUpdate Time OPTIONAL, val = der.read(); if (val.getValue() instanceof Date) { nextUpdate = (Date) val.getValue(); - debug("read nextUpdate == " + nextUpdate); + if (Configuration.DEBUG) + log.fine("read nextUpdate == " + nextUpdate); val = der.read(); } @@ -433,7 +431,8 @@ public class X509CRL extends java.security.cert.X509CRL DERValue exts = der.read(); if (!exts.isConstructed()) throw new IOException("malformed Extensions"); - debug("start Extensions len == " + exts.getLength()); + if (Configuration.DEBUG) + log.fine("start Extensions len == " + exts.getLength()); int len = 0; while (len < exts.getLength()) { @@ -444,32 +443,42 @@ public class X509CRL extends java.security.cert.X509CRL extensions.put(e.getOid(), e); der.skip(ext.getLength()); len += ext.getEncodedLength(); - debug("current count == " + len); + if (Configuration.DEBUG) + log.fine("current count == " + len); } val = der.read(); } - debug("read tag == " + val.getTag()); + if (Configuration.DEBUG) + log.fine("read tag == " + val.getTag()); if (!val.isConstructed()) throw new IOException("malformed AlgorithmIdentifier"); - debug("start AlgorithmIdentifier len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("start AlgorithmIdentifier len == " + val.getLength()); DERValue sigAlgVal = der.read(); - debug("read tag == " + sigAlgVal.getTag()); + if (Configuration.DEBUG) + log.fine("read tag == " + sigAlgVal.getTag()); if (sigAlgVal.getTag() != DER.OBJECT_IDENTIFIER) throw new IOException("malformed AlgorithmIdentifier"); sigAlg = (OID) sigAlgVal.getValue(); - debug("signature id == " + sigAlg); - debug("sigAlgVal length == " + sigAlgVal.getEncodedLength()); + if (Configuration.DEBUG) + { + log.fine("signature id == " + sigAlg); + log.fine("sigAlgVal length == " + sigAlgVal.getEncodedLength()); + } if (val.getLength() > sigAlgVal.getEncodedLength()) { val = der.read(); - debug("sig params tag = " + val.getTag() + " len == " + val.getEncodedLength()); + if (Configuration.DEBUG) + log.fine("sig params tag = " + val.getTag() + " len == " + + val.getEncodedLength()); sigAlgParams = (byte[]) val.getEncoded(); if (val.isConstructed()) in.skip(val.getLength()); } val = der.read(); - debug("read tag = " + val.getTag()); + if (Configuration.DEBUG) + log.fine("read tag = " + val.getTag()); rawSig = val.getEncoded(); signature = ((BitString) val.getValue()).toByteArray(); } diff --git a/gnu/java/security/x509/X509CRLEntry.java b/gnu/java/security/x509/X509CRLEntry.java index a3bcfdea8..f3f3a93d6 100644 --- a/gnu/java/security/x509/X509CRLEntry.java +++ b/gnu/java/security/x509/X509CRLEntry.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.x509; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.der.DERReader; import gnu.java.security.der.DERValue; @@ -53,6 +54,7 @@ import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Set; +import java.util.logging.Logger; /** * A single entry in a X.509 certificate revocation list. @@ -63,20 +65,7 @@ import java.util.Set; class X509CRLEntry extends java.security.cert.X509CRLEntry implements GnuPKIExtension { - - // Constants and fields. - // ------------------------------------------------------------------------ - - private static final boolean DEBUG = false; - private static void debug(String msg) - { - if (DEBUG) - { - System.err.print(">> X509CRLEntry: "); - System.err.println(msg); - } - } - + private static final Logger log = Logger.getLogger(X509CRLEntry.class.getName()); /** The DER encoded form of this CRL entry. */ private byte[] encoded; @@ -230,26 +219,29 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry { // RevokedCertificate ::= SEQUENCE { DERValue entry = der.read(); - debug("start CRL entry len == " + entry.getLength()); + if (Configuration.DEBUG) + log.fine("start CRL entry len == " + entry.getLength()); if (!entry.isConstructed()) throw new IOException("malformed revokedCertificate"); encoded = entry.getEncoded(); int len = 0; - - debug("encoded entry:\n" + Util.hexDump(encoded, ">>>> ")); + if (Configuration.DEBUG) + log.fine("encoded entry:\n" + Util.hexDump(encoded, ">>>> ")); // userCertificate CertificateSerialNumber, DERValue val = der.read(); serialNo = (BigInteger) val.getValue(); len += val.getEncodedLength(); - debug("userCertificate == " + serialNo + " current count == " + len); + if (Configuration.DEBUG) + log.fine("userCertificate == " + serialNo + " current count == " + len); // revocationDate Time, val = der.read(); revocationDate = (Date) val.getValue(); len += val.getEncodedLength(); - debug("revocationDate == " + revocationDate + " current count == " + len); - + if (Configuration.DEBUG) + log.fine("revocationDate == " + revocationDate + " current count == " + + len); // crlEntryExtensions Extensions OPTIONAL // -- if present MUST be v2 if (len < entry.getLength()) @@ -259,19 +251,22 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry DERValue exts = der.read(); if (!exts.isConstructed()) throw new IOException("malformed Extensions"); - debug("start Extensions len == " + exts.getLength()); + if (Configuration.DEBUG) + log.fine("start Extensions len == " + exts.getLength()); len = 0; while (len < exts.getLength()) { val = der.read(); if (!val.isConstructed()) throw new IOException("malformed Extension"); - debug("start Extension len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("start Extension len == " + val.getLength()); Extension e = new Extension(val.getEncoded()); extensions.put(e.getOid(), e); der.skip(val.getLength()); len += val.getEncodedLength(); - debug("current count == " + len); + if (Configuration.DEBUG) + log.fine("current count == " + len); } } } diff --git a/gnu/java/security/x509/ext/Extension.java b/gnu/java/security/x509/ext/Extension.java index 97097a2f3..4deafe23e 100644 --- a/gnu/java/security/x509/ext/Extension.java +++ b/gnu/java/security/x509/ext/Extension.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.x509.ext; +import gnu.classpath.Configuration; import gnu.java.security.OID; import gnu.java.security.der.DER; import gnu.java.security.der.DERReader; @@ -48,20 +49,11 @@ import java.io.IOException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import java.util.logging.Logger; public class Extension { - - // Fields. - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - private static void debug(String msg) - { - System.err.print(">> Extension: "); - System.err.println(msg); - } - + private static final Logger log = Logger.getLogger(Extension.class.getName()); /** * This extension's object identifier. */ @@ -97,7 +89,8 @@ public class Extension // Extension ::= SEQUENCE { DERValue val = der.read(); - if (DEBUG) debug("read val tag == " + val.getTag() + " len == " + val.getLength()); + if (Configuration.DEBUG) + log.fine("read val tag == " + val.getTag() + " len == " + val.getLength()); if (!val.isConstructed()) throw new IOException("malformed Extension"); @@ -106,7 +99,8 @@ public class Extension if (val.getTag() != DER.OBJECT_IDENTIFIER) throw new IOException("expecting OBJECT IDENTIFIER"); oid = (OID) val.getValue(); - if (DEBUG) debug("read oid == " + oid); + if (Configuration.DEBUG) + log.fine("read oid == " + oid); // critical BOOLEAN DEFAULT FALSE, val = der.read(); @@ -117,7 +111,8 @@ public class Extension } else critical = false; - if (DEBUG) debug("is critical == " + critical); + if (Configuration.DEBUG) + log.fine("is critical == " + critical); // extnValue OCTET STRING } if (val.getTag() != DER.OCTET_STRING) @@ -181,7 +176,8 @@ public class Extension value = new Value(encval); isSupported = false; } - if (DEBUG) debug("read value == " + value); + if (Configuration.DEBUG) + log.fine("read value == " + value); } public Extension (final OID oid, final Value value, final boolean critical) diff --git a/gnu/javax/crypto/cipher/Anubis.java b/gnu/javax/crypto/cipher/Anubis.java index ca4e8edfe..ed55d23c2 100644 --- a/gnu/javax/crypto/cipher/Anubis.java +++ b/gnu/javax/crypto/cipher/Anubis.java @@ -38,14 +38,15 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -//import java.io.PrintWriter; import java.security.InvalidKeyException; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; +import java.util.logging.Logger; /** * <p>Anubis is a 128-bit block cipher that accepts a variable-length key. The @@ -65,23 +66,7 @@ import java.util.Iterator; */ public final class Anubis extends BaseCipher { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - // private static final String NAME = "anubis"; - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - // private static final PrintWriter err = new PrintWriter(System.out, true); - // private static void debug(String s) { - // err.println(">>> "+NAME+": "+s); - // } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Anubis.class.getName()); private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes private static final int DEFAULT_KEY_SIZE = 16; // in bytes @@ -189,84 +174,62 @@ public final class Anubis extends BaseCipher time = System.currentTimeMillis() - time; - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println("=========="); - System.out.println(); - System.out.println("Static data"); - System.out.println(); - - System.out.println(); - System.out.println("T0[]:"); + log.fine("Static data"); + log.fine("T0[]:"); + StringBuilder sb; for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T0[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T0[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T1[]:"); + log.fine("T1[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T1[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T1[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T2[]:"); + log.fine("T2[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T2[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T2[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T3[]:"); + log.fine("T3[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T3[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T3[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T4[]:"); + log.fine("T4[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T4[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T4[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T5[]:"); + log.fine("T5[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (t = 0; t < 4; t++) - { - System.out.print("0x" + Util.toString(T5[i * 4 + t]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T5[i * 4 + t])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("rc[]:"); + log.fine("rc[]:"); for (i = 0; i < 18; i++) - { - System.out.println("0x" + Util.toString(rc[i])); - } - System.out.println(); - - System.out.println(); - System.out.println("Total initialization time: " + time + " ms."); - System.out.println(); + log.fine("0x" + Util.toString(rc[i])); + log.fine("Total initialization time: " + time + " ms."); } } @@ -315,12 +278,9 @@ public final class Anubis extends BaseCipher a1 = b1; a2 = b2; a3 = b3; - if (DEBUG && debuglevel > 6) - { - System.out.println("T" + r + "=" + Util.toString(a0) - + Util.toString(a1) + Util.toString(a2) - + Util.toString(a3)); - } + if (Configuration.DEBUG) + log.fine("T" + r + "=" + Util.toString(a0) + Util.toString(a1) + + Util.toString(a2) + Util.toString(a3)); } // last round function @@ -346,11 +306,8 @@ public final class Anubis extends BaseCipher out[j++] = (byte) (S[a2 & 0xFF] ^ (tt >>> 8)); out[j] = (byte) (S[a3 & 0xFF] ^ tt); - if (DEBUG && debuglevel > 6) - { - System.out.println("T=" + Util.toString(out, j - 15, 16)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("T=" + Util.toString(out, j - 15, 16) + "\n"); } // Instance methods @@ -517,29 +474,26 @@ public final class Anubis extends BaseCipher } } - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println(); - System.out.println("Key schedule"); - System.out.println(); - System.out.println("Ke[]:"); + log.fine("Key schedule"); + log.fine("Ke[]:"); + StringBuilder sb; for (r = 0; r < R + 1; r++) { - System.out.print("#" + r + ": "); + sb = new StringBuilder("#").append(r).append(": "); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(Ke[r][j]) + ", "); - System.out.println(); + sb.append("0x").append(Util.toString(Ke[r][j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("Kd[]:"); + log.fine("Kd[]:"); for (r = 0; r < R + 1; r++) { - System.out.print("#" + r + ": "); + sb = new StringBuilder("#").append(r).append(": "); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(Kd[r][j]) + ", "); - System.out.println(); + sb.append("0x").append(Util.toString(Kd[r][j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); } return new Object[] { Ke, Kd }; diff --git a/gnu/javax/crypto/cipher/BaseCipher.java b/gnu/javax/crypto/cipher/BaseCipher.java index f6d92994d..db72e0f3a 100644 --- a/gnu/javax/crypto/cipher/BaseCipher.java +++ b/gnu/javax/crypto/cipher/BaseCipher.java @@ -38,10 +38,14 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; +import gnu.classpath.Configuration; + import java.security.InvalidKeyException; import java.util.Arrays; import java.util.Iterator; import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; /** * <p>A basic abstract class to facilitate implementing symmetric key block @@ -49,10 +53,7 @@ import java.util.Map; */ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi { - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(BaseCipher.class.getName()); /** The canonical name prefix of the cipher. */ protected String name; @@ -263,7 +264,8 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi } catch (Exception x) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in testSymmetry() for " + name(), x); return false; } } @@ -295,7 +297,8 @@ public abstract class BaseCipher implements IBlockCipher, IBlockCipherSpi } catch (Exception x) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception in testKat() for " + name(), x); return false; } } diff --git a/gnu/javax/crypto/cipher/Khazad.java b/gnu/javax/crypto/cipher/Khazad.java index 3a95874da..385e2646b 100644 --- a/gnu/javax/crypto/cipher/Khazad.java +++ b/gnu/javax/crypto/cipher/Khazad.java @@ -38,14 +38,15 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -//import java.io.PrintWriter; import java.security.InvalidKeyException; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; +import java.util.logging.Logger; /** * <p>Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key. @@ -65,23 +66,7 @@ import java.util.Iterator; */ public final class Khazad extends BaseCipher { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - // private static final String NAME = "khazad"; - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - // private static final PrintWriter err = new PrintWriter(System.out, true); - // private static void debug(String s) { - // err.println(">>> "+NAME+": "+s); - // } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Khazad.class.getName()); private static final int DEFAULT_BLOCK_SIZE = 8; // in bytes private static final int DEFAULT_KEY_SIZE = 16; // in bytes @@ -194,86 +179,78 @@ public final class Khazad extends BaseCipher time = System.currentTimeMillis() - time; - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println("=========="); - System.out.println(); - System.out.println("Static data"); - System.out.println(); - - System.out.println(); - System.out.println("T0[]:"); + log.fine("Static data"); + log.fine("T0[]:"); + StringBuilder b; for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T0[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T1[]:"); + log.fine("T1[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T1[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T2[]:"); + log.fine("T2[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T2[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T3[]:"); + log.fine("T3[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T3[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T4[]:"); + log.fine("T4[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T4[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T5[]:"); + log.fine("T5[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T5[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T6[]:"); + log.fine("T6[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T6[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T6[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("T7[]:"); + log.fine("T7[]:"); for (i = 0; i < 64; i++) { + b = new StringBuilder(); for (j = 0; j < 4; j++) - System.out.print("0x" + Util.toString(T7[i * 4 + j]) + ", "); - System.out.println(); + b.append("0x").append(Util.toString(T7[i * 4 + j])).append(", "); + log.fine(b.toString()); } - System.out.println(); - System.out.println("rc[]:"); + log.fine("rc[]:"); for (i = 0; i < R + 1; i++) - System.out.print("0x" + Util.toString(rc[i][0]) - + Util.toString(rc[i][1])); - System.out.println(); - - System.out.println("Total initialization time: " + time + " ms."); - System.out.println(); + log.fine("0x" + Util.toString(rc[i][0]) + Util.toString(rc[i][1])); + log.fine("Total initialization time: " + time + " ms."); } } @@ -313,12 +290,8 @@ public final class Khazad extends BaseCipher ^ T6[(a0 >>> 8) & 0xFF] ^ T7[a0 & 0xFF] ^ k1; a0 = b0; a1 = b1; - - if (DEBUG && debuglevel > 6) - { - System.out.println("T" + r + "=" + Util.toString(a0) - + Util.toString(a1)); - } + if (Configuration.DEBUG) + log.fine("T" + r + "=" + Util.toString(a0) + Util.toString(a1)); } // sigma(K[R]) o gamma applied to previous output @@ -333,12 +306,8 @@ public final class Khazad extends BaseCipher out[j++] = (byte) (S[(a1 >>> 16) & 0xFF] ^ (k1 >>> 16)); out[j++] = (byte) (S[(a1 >>> 8) & 0xFF] ^ (k1 >>> 8)); out[j] = (byte) (S[a1 & 0xFF] ^ k1); - - if (DEBUG && debuglevel > 6) - { - System.out.println("T=" + Util.toString(out, j - 7, 8)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("T=" + Util.toString(out, j - 7, 8) + "\n"); } // Instance methods @@ -458,26 +427,17 @@ public final class Khazad extends BaseCipher ^ T7[S[kr0 & 0xFF] & 0xFF]; } } - - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println(); - System.out.println("Key schedule"); - System.out.println(); - System.out.println("Ke[]:"); + log.fine("Key schedule"); + log.fine("Ke[]:"); for (r = 0; r < R + 1; r++) - { - System.out.println("#" + r + ": 0x" + Util.toString(Ke[r][0]) - + Util.toString(Ke[r][1])); - } - System.out.println(); - System.out.println("Kd[]:"); + log.fine("#" + r + ": 0x" + + Util.toString(Ke[r][0]) + Util.toString(Ke[r][1])); + log.fine("Kd[]:"); for (r = 0; r < R + 1; r++) - { - System.out.println("#" + r + ": 0x" + Util.toString(Kd[r][0]) - + Util.toString(Kd[r][1])); - } - System.out.println(); + log.fine("#" + r + ": 0x" + + Util.toString(Kd[r][0]) + Util.toString(Kd[r][1])); } return new Object[] { Ke, Kd }; diff --git a/gnu/javax/crypto/cipher/Rijndael.java b/gnu/javax/crypto/cipher/Rijndael.java index bcd1872fc..d830cd66d 100644 --- a/gnu/javax/crypto/cipher/Rijndael.java +++ b/gnu/javax/crypto/cipher/Rijndael.java @@ -38,14 +38,15 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -//import java.io.PrintWriter; import java.security.InvalidKeyException; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; +import java.util.logging.Logger; /** * <p>Rijndael --pronounced Reindaal-- is the AES. It is a variable block-size @@ -63,23 +64,7 @@ import java.util.Iterator; */ public final class Rijndael extends BaseCipher { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - // private static final String NAME = "rijndael"; - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - // private static final PrintWriter err = new PrintWriter(System.out, true); - // private static void debug(String s) { - // err.println(">>> "+NAME+": "+s); - // } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Rijndael.class.getName()); private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes private static final int DEFAULT_KEY_SIZE = 16; // in bytes @@ -222,169 +207,134 @@ public final class Rijndael extends BaseCipher } time = System.currentTimeMillis() - time; - - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println("=========="); - System.out.println(); - System.out.println("Static Data"); - System.out.println(); - System.out.println("S[]:"); + log.fine("Static Data"); + log.fine("S[]:"); + StringBuilder sb; for (i = 0; i < 16; i++) { + sb = new StringBuilder(); for (j = 0; j < 16; j++) - { - System.out.print("0x" + Util.toString(S[i * 16 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(S[i * 16 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("Si[]:"); + log.fine("Si[]:"); for (i = 0; i < 16; i++) { + sb = new StringBuilder(); for (j = 0; j < 16; j++) - { - System.out.print("0x" + Util.toString(Si[i * 16 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(Si[i * 16 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T1[]:"); + log.fine("T1[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T1[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T2[]:"); + log.fine("T2[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T2[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T3[]:"); + log.fine("T3[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T3[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T4[]:"); + log.fine("T4[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T4[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T5[]:"); + log.fine("T5[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T5[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T6[]:"); + log.fine("T6[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T6[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T6[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T7[]:"); + log.fine("T7[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T7[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T7[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("T8[]:"); + log.fine("T8[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T8[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(T8[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("U1[]:"); + log.fine("U1[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(U1[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(U1[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("U2[]:"); + log.fine("U2[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(U2[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(U2[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("U3[]:"); + log.fine("U3[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(U3[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(U3[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("U4[]:"); + log.fine("U4[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.println("0x" + Util.toString(U4[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(U4[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("rcon[]:"); + log.fine("rcon[]:"); for (i = 0; i < 5; i++) { + sb = new StringBuilder(); for (j = 0; j < 6; j++) - { - System.out.print("0x" + Util.toString(rcon[i * 6 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(rcon[i * 6 + j])).append(", "); + log.fine(sb.toString()); } - - System.out.println(); - System.out.println("Total initialization time: " + time + " ms."); - System.out.println(); + log.fine("Total initialization time: " + time + " ms."); } } @@ -454,11 +404,8 @@ public final class Rijndael extends BaseCipher } System.arraycopy(a, 0, t, 0, BC); - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT" + r + "=" + Util.toString(t)); - } + if (Configuration.DEBUG) + log.fine("CT" + r + "=" + Util.toString(t)); } for (i = 0; i < BC; i++) @@ -469,12 +416,8 @@ public final class Rijndael extends BaseCipher out[outOffset++] = (byte) (S[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ (tt >>> 8)); out[outOffset++] = (byte) (S[t[(i + s3) % BC] & 0xFF] ^ tt); } - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT=" + Util.toString(out, outOffset - bs + 1, bs)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("CT=" + Util.toString(out, outOffset - bs, bs)); } private static void rijndaelDecrypt(byte[] in, int inOffset, byte[] out, @@ -510,11 +453,8 @@ public final class Rijndael extends BaseCipher } System.arraycopy(a, 0, t, 0, BC); - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT" + r + "=" + Util.toString(t)); - } + if (Configuration.DEBUG) + log.fine("PT" + r + "=" + Util.toString(t)); } for (i = 0; i < BC; i++) @@ -525,12 +465,8 @@ public final class Rijndael extends BaseCipher out[outOffset++] = (byte) (Si[(t[(i + s2) % BC] >>> 8) & 0xFF] ^ (tt >>> 8)); out[outOffset++] = (byte) (Si[t[(i + s3) % BC] & 0xFF] ^ tt); } - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT=" + Util.toString(out, outOffset - bs + 1, bs)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("PT=" + Util.toString(out, outOffset - bs, bs)); } private static void aesEncrypt(byte[] in, int i, byte[] out, int j, Object key) @@ -565,15 +501,10 @@ public final class Rijndael extends BaseCipher t1 = a1; t2 = a2; t3 = a3; - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT" + r + "=" + Util.toString(t0) - + Util.toString(t1) + Util.toString(t2) - + Util.toString(t3)); - } + if (Configuration.DEBUG) + log.fine("CT" + r + "=" + Util.toString(t0) + Util.toString(t1) + + Util.toString(t2) + Util.toString(t3)); } - // last round is special Ker = Ke[ROUNDS]; int tt = Ker[0]; @@ -596,12 +527,8 @@ public final class Rijndael extends BaseCipher out[j++] = (byte) (S[(t0 >>> 16) & 0xFF] ^ (tt >>> 16)); out[j++] = (byte) (S[(t1 >>> 8) & 0xFF] ^ (tt >>> 8)); out[j++] = (byte) (S[t2 & 0xFF] ^ tt); - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT=" + Util.toString(out, j - 15, 16)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("CT=" + Util.toString(out, j - 16, 16)); } private static void aesDecrypt(byte[] in, int i, byte[] out, int j, Object key) @@ -636,15 +563,10 @@ public final class Rijndael extends BaseCipher t1 = a1; t2 = a2; t3 = a3; - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT" + r + "=" + Util.toString(t0) - + Util.toString(t1) + Util.toString(t2) - + Util.toString(t3)); - } + if (Configuration.DEBUG) + log.fine("PT" + r + "=" + Util.toString(t0) + Util.toString(t1) + + Util.toString(t2) + Util.toString(t3)); } - // last round is special Kdr = Kd[ROUNDS]; int tt = Kdr[0]; @@ -667,12 +589,8 @@ public final class Rijndael extends BaseCipher out[j++] = (byte) (Si[(t2 >>> 16) & 0xFF] ^ (tt >>> 16)); out[j++] = (byte) (Si[(t1 >>> 8) & 0xFF] ^ (tt >>> 8)); out[j++] = (byte) (Si[t0 & 0xFF] ^ tt); - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT=" + Util.toString(out, j - 15, 16)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("PT=" + Util.toString(out, j - 16, 16)); } // Instance methods diff --git a/gnu/javax/crypto/cipher/Twofish.java b/gnu/javax/crypto/cipher/Twofish.java index f5565d4b4..d6747608c 100644 --- a/gnu/javax/crypto/cipher/Twofish.java +++ b/gnu/javax/crypto/cipher/Twofish.java @@ -38,14 +38,15 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -//import java.io.PrintWriter; import java.security.InvalidKeyException; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; +import java.util.logging.Logger; /** * <p>Twofish is a balanced 128-bit Feistel cipher, consisting of 16 rounds. In @@ -68,23 +69,7 @@ import java.util.Iterator; */ public final class Twofish extends BaseCipher { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - // private static final String NAME = "twofish"; - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - // private static final PrintWriter err = new PrintWriter(System.out, true); - // private static void debug(String s) { - // err.println(">>> "+NAME+": "+s); - // } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(Twofish.class.getName()); private static final int DEFAULT_BLOCK_SIZE = 16; // in bytes private static final int DEFAULT_KEY_SIZE = 16; // in bytes @@ -265,62 +250,43 @@ public final class Twofish extends BaseCipher time = System.currentTimeMillis() - time; - if (DEBUG && debuglevel > 8) + if (Configuration.DEBUG) { - System.out.println("=========="); - System.out.println(); - System.out.println("Static Data"); - System.out.println(); - System.out.println("MDS[0][]:"); + log.fine("Static Data"); + log.fine("MDS[0][]:"); + StringBuilder sb; for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(MDS[0][i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(MDS[0][i * 4 + j])).append(", "); + log.fine(sb.toString()); } - - System.out.println(); - System.out.println("MDS[1][]:"); + log.fine("MDS[1][]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(MDS[1][i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(MDS[1][i * 4 + j])).append(", "); + log.fine(sb.toString()); } - - System.out.println(); - System.out.println("MDS[2][]:"); + log.fine("MDS[2][]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(MDS[2][i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(MDS[2][i * 4 + j])).append(", "); + log.fine(sb.toString()); } - - System.out.println(); - System.out.println("MDS[3][]:"); + log.fine("MDS[3][]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(MDS[3][i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(MDS[3][i * 4 + j])).append(", "); + log.fine(sb.toString()); } - - System.out.println(); - System.out.println("Total initialization time: " + time + " ms."); - System.out.println(); + log.fine("Total initialization time: " + time + " ms."); } } @@ -630,64 +596,49 @@ public final class Twofish extends BaseCipher ^ b3(k0)]; } } - - if (DEBUG && debuglevel > 7) + if (Configuration.DEBUG) { - System.out.println("S-box[]:"); + StringBuilder sb; + log.fine("S-box[]:"); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(sBox[i * 4 + j]) + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(sBox[i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); + log.fine(""); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(sBox[256 + i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(sBox[256 + i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); + log.fine(""); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(sBox[512 + i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(sBox[512 + i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); + log.fine(""); for (i = 0; i < 64; i++) { + sb = new StringBuilder(); for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(sBox[768 + i * 4 + j]) - + ", "); - } - System.out.println(); + sb.append("0x").append(Util.toString(sBox[768 + i * 4 + j])).append(", "); + log.fine(sb.toString()); } - System.out.println(); - System.out.println("User (odd, even) keys --> S-Box keys:"); + log.fine("User (odd, even) keys --> S-Box keys:"); for (i = 0; i < k64Cnt; i++) - { - System.out.println("0x" + Util.toString(k32o[i]) + " 0x" - + Util.toString(k32e[i]) + " --> 0x" - + Util.toString(sBoxKey[k64Cnt - 1 - i])); - } - System.out.println(); - System.out.println("Round keys:"); + log.fine("0x" + Util.toString(k32o[i]) + " 0x" + Util.toString(k32e[i]) + + " --> 0x" + Util.toString(sBoxKey[k64Cnt - 1 - i])); + log.fine("Round keys:"); for (i = 0; i < ROUND_SUBKEYS + 2 * ROUNDS; i += 2) - { - System.out.println("0x" + Util.toString(subKeys[i]) + " 0x" - + Util.toString(subKeys[i + 1])); - } - System.out.println(); + log.fine("0x" + Util.toString(subKeys[i]) + + " 0x" + Util.toString(subKeys[i + 1])); } return new Object[] { sBox, subKeys }; @@ -704,12 +655,8 @@ public final class Twofish extends BaseCipher Object[] sk = (Object[]) sessionKey; // extract S-box and session key int[] sBox = (int[]) sk[0]; int[] sKey = (int[]) sk[1]; - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT=" + Util.toString(in, inOffset, bs)); - } - + if (Configuration.DEBUG) + log.fine("PT=" + Util.toString(in, inOffset, bs)); int x0 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; int x1 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 @@ -723,12 +670,9 @@ public final class Twofish extends BaseCipher x1 ^= sKey[INPUT_WHITEN + 1]; x2 ^= sKey[INPUT_WHITEN + 2]; x3 ^= sKey[INPUT_WHITEN + 3]; - if (DEBUG && debuglevel > 6) - { - System.out.println("PTw=" + Util.toString(x0) + Util.toString(x1) - + Util.toString(x2) + Util.toString(x3)); - } - + if (Configuration.DEBUG) + log.fine("PTw=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); int t0, t1; int k = ROUND_SUBKEYS; for (int R = 0; R < ROUNDS; R += 2) @@ -739,36 +683,26 @@ public final class Twofish extends BaseCipher x2 = x2 >>> 1 | x2 << 31; x3 = x3 << 1 | x3 >>> 31; x3 ^= t0 + 2 * t1 + sKey[k++]; - if (DEBUG && debuglevel > 6) - { - System.out.println("CT" + (R) + "=" + Util.toString(x0) - + Util.toString(x1) + Util.toString(x2) - + Util.toString(x3)); - } - + if (Configuration.DEBUG) + log.fine("CT" + (R) + "=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); t0 = Fe32(sBox, x2, 0); t1 = Fe32(sBox, x3, 3); x0 ^= t0 + t1 + sKey[k++]; x0 = x0 >>> 1 | x0 << 31; x1 = x1 << 1 | x1 >>> 31; x1 ^= t0 + 2 * t1 + sKey[k++]; - if (DEBUG && debuglevel > 6) - { - System.out.println("CT" + (R + 1) + "=" + Util.toString(x0) - + Util.toString(x1) + Util.toString(x2) - + Util.toString(x3)); - } + if (Configuration.DEBUG) + log.fine("CT" + (R + 1) + "=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); } x2 ^= sKey[OUTPUT_WHITEN]; x3 ^= sKey[OUTPUT_WHITEN + 1]; x0 ^= sKey[OUTPUT_WHITEN + 2]; x1 ^= sKey[OUTPUT_WHITEN + 3]; - if (DEBUG && debuglevel > 6) - { - System.out.println("CTw=" + Util.toString(x0) + Util.toString(x1) - + Util.toString(x2) + Util.toString(x3)); - } - + if (Configuration.DEBUG) + log.fine("CTw=" + Util.toString(x0) + Util.toString(x1) + + Util.toString(x2) + Util.toString(x3)); out[outOffset++] = (byte) x2; out[outOffset++] = (byte) (x2 >>> 8); out[outOffset++] = (byte) (x2 >>> 16); @@ -785,12 +719,8 @@ public final class Twofish extends BaseCipher out[outOffset++] = (byte) (x1 >>> 8); out[outOffset++] = (byte) (x1 >>> 16); out[outOffset] = (byte) (x1 >>> 24); - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT=" + Util.toString(out, outOffset - 15, 16)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("CT=" + Util.toString(out, outOffset - 15, 16) + "\n"); } public void decrypt(byte[] in, int inOffset, byte[] out, int outOffset, @@ -804,12 +734,8 @@ public final class Twofish extends BaseCipher Object[] sk = (Object[]) sessionKey; // extract S-box and session key int[] sBox = (int[]) sk[0]; int[] sKey = (int[]) sk[1]; - - if (DEBUG && debuglevel > 6) - { - System.out.println("CT=" + Util.toString(in, inOffset, bs)); - } - + if (Configuration.DEBUG) + log.fine("CT=" + Util.toString(in, inOffset, bs)); int x2 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 | (in[inOffset++] & 0xFF) << 16 | (in[inOffset++] & 0xFF) << 24; int x3 = (in[inOffset++] & 0xFF) | (in[inOffset++] & 0xFF) << 8 @@ -823,12 +749,9 @@ public final class Twofish extends BaseCipher x3 ^= sKey[OUTPUT_WHITEN + 1]; x0 ^= sKey[OUTPUT_WHITEN + 2]; x1 ^= sKey[OUTPUT_WHITEN + 3]; - if (DEBUG && debuglevel > 6) - { - System.out.println("CTw=" + Util.toString(x2) + Util.toString(x3) - + Util.toString(x0) + Util.toString(x1)); - } - + if (Configuration.DEBUG) + log.fine("CTw=" + Util.toString(x2) + Util.toString(x3) + + Util.toString(x0) + Util.toString(x1)); int k = ROUND_SUBKEYS + 2 * ROUNDS - 1; int t0, t1; for (int R = 0; R < ROUNDS; R += 2) @@ -839,36 +762,26 @@ public final class Twofish extends BaseCipher x1 = x1 >>> 1 | x1 << 31; x0 = x0 << 1 | x0 >>> 31; x0 ^= t0 + t1 + sKey[k--]; - if (DEBUG && debuglevel > 6) - { - System.out.println("PT" + (ROUNDS - R) + "=" + Util.toString(x2) - + Util.toString(x3) + Util.toString(x0) - + Util.toString(x1)); - } - + if (Configuration.DEBUG) + log.fine("PT" + (ROUNDS - R) + "=" + Util.toString(x2) + + Util.toString(x3) + Util.toString(x0) + Util.toString(x1)); t0 = Fe32(sBox, x0, 0); t1 = Fe32(sBox, x1, 3); x3 ^= t0 + 2 * t1 + sKey[k--]; x3 = x3 >>> 1 | x3 << 31; x2 = x2 << 1 | x2 >>> 31; x2 ^= t0 + t1 + sKey[k--]; - if (DEBUG && debuglevel > 6) - { - System.out.println("PT" + (ROUNDS - R - 1) + "=" - + Util.toString(x2) + Util.toString(x3) - + Util.toString(x0) + Util.toString(x1)); - } + if (Configuration.DEBUG) + log.fine("PT" + (ROUNDS - R - 1) + "=" + Util.toString(x2) + + Util.toString(x3) + Util.toString(x0) + Util.toString(x1)); } x0 ^= sKey[INPUT_WHITEN]; x1 ^= sKey[INPUT_WHITEN + 1]; x2 ^= sKey[INPUT_WHITEN + 2]; x3 ^= sKey[INPUT_WHITEN + 3]; - if (DEBUG && debuglevel > 6) - { - System.out.println("PTw=" + Util.toString(x2) + Util.toString(x3) - + Util.toString(x0) + Util.toString(x1)); - } - + if (Configuration.DEBUG) + log.fine("PTw=" + Util.toString(x2) + Util.toString(x3) + + Util.toString(x0) + Util.toString(x1)); out[outOffset++] = (byte) x0; out[outOffset++] = (byte) (x0 >>> 8); out[outOffset++] = (byte) (x0 >>> 16); @@ -885,12 +798,8 @@ public final class Twofish extends BaseCipher out[outOffset++] = (byte) (x3 >>> 8); out[outOffset++] = (byte) (x3 >>> 16); out[outOffset] = (byte) (x3 >>> 24); - - if (DEBUG && debuglevel > 6) - { - System.out.println("PT=" + Util.toString(out, outOffset - 15, 16)); - System.out.println(); - } + if (Configuration.DEBUG) + log.fine("PT=" + Util.toString(out, outOffset - 15, 16) + "\n"); } public boolean selfTest() diff --git a/gnu/javax/crypto/jce/keyring/GnuKeyring.java b/gnu/javax/crypto/jce/keyring/GnuKeyring.java index 5eeb2a306..ba89912f3 100644 --- a/gnu/javax/crypto/jce/keyring/GnuKeyring.java +++ b/gnu/javax/crypto/jce/keyring/GnuKeyring.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.jce.keyring; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.javax.crypto.keyring.GnuPrivateKeyring; import gnu.javax.crypto.keyring.GnuPublicKeyring; @@ -90,7 +91,8 @@ public class GnuKeyring public Enumeration engineAliases() { - log.entering(this.getClass().getName(), "engineAliases"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineAliases"); ensureLoaded(); Enumeration result; if (privateKR == null) @@ -106,7 +108,8 @@ public class GnuKeyring alias = alias.trim(); if (alias.length() > 0) { - log.finest("Adding alias (from private keyring): " + alias); + if (Configuration.DEBUG) + log.fine("Adding alias (from private keyring): " + alias); aliases.add(alias); } } @@ -119,64 +122,69 @@ public class GnuKeyring alias = alias.trim(); if (alias.length() > 0) { - log.finest("Adding alias (from public keyring): " + alias); + if (Configuration.DEBUG) + log.fine("Adding alias (from public keyring): " + alias); aliases.add(alias); } } } - log.finest("Will enumerate: " + aliases); + if (Configuration.DEBUG) + log.fine("Will enumerate: " + aliases); result = Collections.enumeration(aliases); } - log.exiting(this.getClass().getName(), "engineAliases"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineAliases"); return result; } public boolean engineContainsAlias(String alias) { - log.entering(this.getClass().getName(), "engineContainsAlias", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineContainsAlias", alias); ensureLoaded(); boolean inPrivateKR = privateKR.containsAlias(alias); - log.finest("inPrivateKR=" + inPrivateKR); + if (Configuration.DEBUG) + log.fine("inPrivateKR=" + inPrivateKR); boolean inPublicKR = publicKR.containsAlias(alias); - log.finest("inPublicKR=" + inPublicKR); + if (Configuration.DEBUG) + log.fine("inPublicKR=" + inPublicKR); boolean result = inPrivateKR || inPublicKR; - - log.exiting(this.getClass().getName(), "engineContainsAlias", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineContainsAlias", + Boolean.valueOf(result)); return result; } public void engineDeleteEntry(String alias) { - log.entering(this.getClass().getName(), "engineDeleteEntry", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineDeleteEntry", alias); ensureLoaded(); if (privateKR.containsAlias(alias)) privateKR.remove(alias); else if (publicKR.containsAlias(alias)) publicKR.remove(alias); - else - log.finer("Unknwon alias: " + alias); - - log.exiting(this.getClass().getName(), "engineDeleteEntry"); + else if (Configuration.DEBUG) + log.fine("Unknwon alias: " + alias); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineDeleteEntry"); } public Certificate engineGetCertificate(String alias) { - log.entering(this.getClass().getName(), "engineGetCertificate", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGetCertificate", alias); ensureLoaded(); Certificate result = publicKR.getCertificate(alias); - - log.exiting(this.getClass().getName(), "engineGetCertificate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGetCertificate", result); return result; } public String engineGetCertificateAlias(Certificate cert) { - log.entering(this.getClass().getName(), "engineGetCertificateAlias", cert); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGetCertificateAlias", cert); ensureLoaded(); String result = null; for (Enumeration aliases = publicKR.aliases(); aliases.hasMoreElements();) @@ -189,16 +197,17 @@ public class GnuKeyring break; } } - - log.exiting(this.getClass().getName(), "engineGetCertificateAlias", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGetCertificateAlias", result); return result; } public void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException { - log.entering(this.getClass().getName(), "engineSetCertificateEntry", - new Object[] { alias, cert }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineSetCertificateEntry", + new Object[] { alias, cert }); ensureLoaded(); if (privateKR.containsAlias(alias)) throw new KeyStoreException("Alias [" + alias @@ -206,43 +215,46 @@ public class GnuKeyring + "Trusted Certificate Entry"); if (publicKR.containsCertificate(alias)) { - log.fine("Public keyring already contains Alias [" + alias - + "]. Will remove it"); + if (Configuration.DEBUG) + log.fine("Public keyring already contains Alias [" + alias + + "]. Will remove it"); publicKR.remove(alias); } - publicKR.putCertificate(alias, cert); - log.exiting(this.getClass().getName(), "engineSetCertificateEntry"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineSetCertificateEntry"); } public Certificate[] engineGetCertificateChain(String alias) { - log.entering(this.getClass().getName(), "engineGetCertificateChain", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGetCertificateChain", alias); ensureLoaded(); Certificate[] result = privateKR.getCertPath(alias); - - log.exiting(this.getClass().getName(), "engineGetCertificateChain", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGetCertificateChain", result); return result; } public Date engineGetCreationDate(String alias) { - log.entering(this.getClass().getName(), "engineGetCreationDate", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGetCreationDate", alias); ensureLoaded(); Date result = getCreationDate(alias, privateKR); if (result == null) result = getCreationDate(alias, publicKR); - log.exiting(this.getClass().getName(), "engineGetCreationDate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGetCreationDate", result); return result; } public Key engineGetKey(String alias, char[] password) throws UnrecoverableKeyException { - log.entering(this.getClass().getName(), "engineGetKey", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGetKey", alias); ensureLoaded(); Key result = null; if (password == null) @@ -253,8 +265,9 @@ public class GnuKeyring else if (privateKR.containsPrivateKey(alias)) result = privateKR.getPrivateKey(alias, password); - log.exiting(this.getClass().getName(), "engineGetKey", - result == null ? "null" : result.getClass().getName()); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGetKey", + result == null ? "null" : result.getClass().getName()); return result; } @@ -262,8 +275,9 @@ public class GnuKeyring Certificate[] chain) throws KeyStoreException { - log.entering(this.getClass().getName(), "engineSetKeyEntry", - new Object[] { alias, key.getClass().getName(), chain }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineSetKeyEntry", + new Object[] { alias, key.getClass().getName(), chain }); ensureLoaded(); if (publicKR.containsAlias(alias)) throw new KeyStoreException("Alias [" + alias @@ -282,48 +296,52 @@ public class GnuKeyring + key.getClass().getName()); privateKR.remove(alias); privateKR.putCertPath(alias, chain); - log.finest("About to put private key in keyring..."); + if (Configuration.DEBUG) + log.fine("About to put private key in keyring..."); privateKR.putPrivateKey(alias, key, password); } - log.exiting(this.getClass().getName(), "engineSetKeyEntry"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineSetKeyEntry"); } public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException { KeyStoreException x = new KeyStoreException("method not supported"); - log.throwing(this.getClass().getName(), "engineSetKeyEntry(3)", x); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "engineSetKeyEntry(3)", x); throw x; } public boolean engineIsCertificateEntry(String alias) { - log.entering(this.getClass().getName(), "engineIsCertificateEntry", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineIsCertificateEntry", alias); ensureLoaded(); boolean result = publicKR.containsCertificate(alias); - - log.exiting(this.getClass().getName(), "engineIsCertificateEntry", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineIsCertificateEntry", + Boolean.valueOf(result)); return result; } public boolean engineIsKeyEntry(String alias) { - log.entering(this.getClass().getName(), "engineIsKeyEntry", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineIsKeyEntry", alias); ensureLoaded(); boolean result = privateKR.containsPublicKey(alias) || privateKR.containsPrivateKey(alias); - - log.exiting(this.getClass().getName(), "engineIsKeyEntry", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineIsKeyEntry", + Boolean.valueOf(result)); return result; } public void engineLoad(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "engineLoad"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineLoad"); if (in != null) { if (! in.markSupported()) @@ -336,12 +354,14 @@ public class GnuKeyring createNewKeyrings(); loaded = true; - log.exiting(this.getClass().getName(), "engineLoad"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineLoad"); } public void engineStore(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "engineStore"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineStore"); ensureLoaded(); HashMap attr = new HashMap(); attr.put(IKeyring.KEYRING_DATA_OUT, out); @@ -349,17 +369,20 @@ public class GnuKeyring privateKR.store(attr); publicKR.store(attr); - log.exiting(this.getClass().getName(), "engineStore"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineStore"); } public int engineSize() { - log.entering(this.getClass().getName(), "engineSize"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineSize"); int result = 0; for (Enumeration e = engineAliases(); e.hasMoreElements(); result++) e.nextElement(); - log.exiting(this.getClass().getName(), "engineSize", Integer.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineSize", Integer.valueOf(result)); return result; } @@ -386,8 +409,8 @@ public class GnuKeyring private void loadPrivateKeyring(InputStream in, char[] password) throws MalformedKeyringException, IOException { - log.entering(this.getClass().getName(), "loadPrivateKeyring"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "loadPrivateKeyring"); in.mark(5); for (int i = 0; i < 4; i++) if (in.read() != Registry.GKR_MAGIC[i]) @@ -403,8 +426,8 @@ public class GnuKeyring attr.put(IKeyring.KEYRING_PASSWORD, password); privateKR = new GnuPrivateKeyring(); privateKR.load(attr); - - log.exiting(this.getClass().getName(), "loadPrivateKeyring"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "loadPrivateKeyring"); } /** @@ -418,8 +441,8 @@ public class GnuKeyring private void loadPublicKeyring(InputStream in, char[] password) throws MalformedKeyringException, IOException { - log.entering(this.getClass().getName(), "loadPublicKeyring"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "loadPublicKeyring"); in.mark(5); for (int i = 0; i < 4; i++) if (in.read() != Registry.GKR_MAGIC[i]) @@ -435,8 +458,8 @@ public class GnuKeyring attr.put(IKeyring.KEYRING_PASSWORD, password); publicKR = new GnuPublicKeyring(); publicKR.load(attr); - - log.exiting(this.getClass().getName(), "loadPublicKeyring"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "loadPublicKeyring"); } /** @@ -450,9 +473,9 @@ public class GnuKeyring */ private Date getCreationDate(String alias, IKeyring keyring) { - log.entering(this.getClass().getName(), "getCreationDate", - new Object[] { alias, keyring }); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getCreationDate", + new Object[] { alias, keyring }); Date result = null; if (keyring != null) for (Iterator it = keyring.get(alias).iterator(); it.hasNext();) @@ -464,19 +487,19 @@ public class GnuKeyring break; } } - - log.exiting(this.getClass().getName(), "getCreationDate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getCreationDate", result); return result; } /** Create empty keyrings. */ private void createNewKeyrings() { - log.entering(this.getClass().getName(), "createNewKeyrings"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "createNewKeyrings"); privateKR = new GnuPrivateKeyring("HMAC-SHA-1", 20, "AES", "OFB", 16); publicKR = new GnuPublicKeyring("HMAC-SHA-1", 20); - - log.exiting(this.getClass().getName(), "createNewKeyrings"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "createNewKeyrings"); } } diff --git a/gnu/javax/crypto/jce/prng/ICMRandomSpi.java b/gnu/javax/crypto/jce/prng/ICMRandomSpi.java index d04b782f9..9be46e055 100644 --- a/gnu/javax/crypto/jce/prng/ICMRandomSpi.java +++ b/gnu/javax/crypto/jce/prng/ICMRandomSpi.java @@ -38,16 +38,17 @@ exception statement from your version. */ package gnu.javax.crypto.jce.prng; +import gnu.classpath.Configuration; import gnu.java.security.Registry; +import gnu.java.security.prng.LimitReachedException; import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.prng.ICMGenerator; -import gnu.java.security.prng.LimitReachedException; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.SecureRandomSpi; import java.util.HashMap; import java.util.Random; +import java.util.logging.Logger; /** * <p>An <em>Adapter</em> class around {@link ICMGenerator} to allow using this @@ -55,26 +56,7 @@ import java.util.Random; */ public class ICMRandomSpi extends SecureRandomSpi { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "ICMRandomSpi"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 0; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(ICMRandomSpi.class.getName()); /** Class-wide prng to generate random material for the underlying prng.*/ private static final ICMGenerator prng; // blank final static @@ -106,8 +88,8 @@ public class ICMRandomSpi extends SecureRandomSpi private static void resetLocalPRNG() { - if (DEBUG && debuglevel > 8) - debug(">>> resetLocalPRNG()"); + if (Configuration.DEBUG) + log.entering(ICMRandomSpi.class.getName(), "resetLocalPRNG"); HashMap attributes = new HashMap(); attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER); byte[] key = new byte[128 / 8]; // AES default key size @@ -131,8 +113,8 @@ public class ICMRandomSpi extends SecureRandomSpi attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index)); prng.setup(attributes); - if (DEBUG && debuglevel > 8) - debug("<<< resetLocalPRNG()"); + if (Configuration.DEBUG) + log.exiting(ICMRandomSpi.class.getName(), "resetLocalPRNG"); } // Instance methods @@ -142,25 +124,25 @@ public class ICMRandomSpi extends SecureRandomSpi public byte[] engineGenerateSeed(int numBytes) { - if (DEBUG && debuglevel > 8) - debug(">>> engineGenerateSeed()"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineGenerateSeed"); if (numBytes < 1) { - if (DEBUG && debuglevel > 8) - debug("<<< engineGenerateSeed()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGenerateSeed"); return new byte[0]; } byte[] result = new byte[numBytes]; this.engineNextBytes(result); - if (DEBUG && debuglevel > 8) - debug("<<< engineGenerateSeed()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineGenerateSeed"); return result; } public void engineNextBytes(byte[] bytes) { - if (DEBUG && debuglevel > 8) - debug(">>> engineNextBytes()"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineNextBytes"); if (!adaptee.isInitialised()) { this.engineSetSeed(new byte[0]); @@ -175,23 +157,22 @@ public class ICMRandomSpi extends SecureRandomSpi } catch (LimitReachedException x) { // reseed the generator - if (DEBUG) + if (Configuration.DEBUG) { - debug(LIMIT_REACHED_MSG + String.valueOf(x)); - x.printStackTrace(err); - debug(RESEED); + log.fine(LIMIT_REACHED_MSG + String.valueOf(x)); + log.fine(RESEED); } resetLocalPRNG(); } } - if (DEBUG && debuglevel > 8) - debug("<<< engineNextBytes()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineNextBytes"); } public void engineSetSeed(byte[] seed) { - if (DEBUG && debuglevel > 8) - debug(">>> engineSetSeed()"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineSetSeed"); // compute the total number of random bytes required to setup adaptee int materialLength = 0; materialLength += 16; // key material size @@ -224,10 +205,10 @@ public class ICMRandomSpi extends SecureRandomSpi } catch (LimitReachedException x) { - if (DEBUG) + if (Configuration.DEBUG) { - debug(MSG + String.valueOf(x)); - debug(RETRY); + log.fine(MSG + String.valueOf(x)); + log.fine(RETRY); } } } @@ -254,7 +235,7 @@ public class ICMRandomSpi extends SecureRandomSpi attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index)); adaptee.init(attributes); - if (DEBUG && debuglevel > 8) - debug("<<< engineSetSeed()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineSetSeed"); } }
\ No newline at end of file diff --git a/gnu/javax/crypto/jce/prng/UMacRandomSpi.java b/gnu/javax/crypto/jce/prng/UMacRandomSpi.java index 7dad68b2f..5c60a21d8 100644 --- a/gnu/javax/crypto/jce/prng/UMacRandomSpi.java +++ b/gnu/javax/crypto/jce/prng/UMacRandomSpi.java @@ -38,15 +38,16 @@ exception statement from your version. */ package gnu.javax.crypto.jce.prng; +import gnu.classpath.Configuration; import gnu.java.security.Registry; -import gnu.javax.crypto.cipher.IBlockCipher; import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.prng.UMacGenerator; -import java.io.PrintWriter; import java.security.SecureRandomSpi; import java.util.HashMap; import java.util.Random; +import java.util.logging.Logger; /** * <p>An <em>Adapter</em> class around {@link UMacGenerator} to allow using this @@ -54,24 +55,7 @@ import java.util.Random; */ public class UMacRandomSpi extends SecureRandomSpi { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "UMacRandomSpi"; - - private static final boolean DEBUG = false; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(UMacRandomSpi.class.getName()); /** Class-wide prng to generate random material for the underlying prng.*/ private static final UMacGenerator prng; // blank final static @@ -181,10 +165,10 @@ public class UMacRandomSpi extends SecureRandomSpi } catch (LimitReachedException x) { - if (DEBUG) + if (Configuration.DEBUG) { - debug(MSG + String.valueOf(x)); - debug(RETRY); + log.fine(MSG + String.valueOf(x)); + log.fine(RETRY); } } } diff --git a/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java b/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java index 5626a2979..1cf1eb14d 100644 --- a/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java +++ b/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java @@ -38,18 +38,19 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.Sha160; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import java.util.Map; +import java.util.logging.Logger; import javax.crypto.spec.DHGenParameterSpec; import javax.crypto.spec.DHParameterSpec; @@ -66,26 +67,7 @@ import javax.crypto.spec.DHParameterSpec; */ public class GnuDHKeyPairGenerator implements IKeyPairGenerator { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "dh"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(GnuDHKeyPairGenerator.class.getName()); /** * Property name of an optional {@link SecureRandom} instance to use. The * default is to use a classloader singleton from {@link PRNG}. @@ -240,14 +222,14 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator p = params[RFC2631.DH_PARAMS_P]; j = params[RFC2631.DH_PARAMS_J]; g = params[RFC2631.DH_PARAMS_G]; - if (DEBUG && debuglevel > 0) + if (Configuration.DEBUG) { - debug("seed: 0x" + seed.toString(16)); - debug("counter: " + counter.intValue()); - debug("q: 0x" + q.toString(16)); - debug("p: 0x" + p.toString(16)); - debug("j: 0x" + j.toString(16)); - debug("g: 0x" + g.toString(16)); + log.fine("seed: 0x" + seed.toString(16)); + log.fine("counter: " + counter.intValue()); + log.fine("q: 0x" + q.toString(16)); + log.fine("p: 0x" + p.toString(16)); + log.fine("j: 0x" + j.toString(16)); + log.fine("g: 0x" + g.toString(16)); } } diff --git a/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java b/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java index 2957fc3c8..cf1a9cf75 100644 --- a/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java +++ b/gnu/javax/crypto/key/srp6/SRPKeyPairGenerator.java @@ -38,16 +38,17 @@ exception statement from your version. */ package gnu.javax.crypto.key.srp6; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; import gnu.java.security.util.Prime2; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.KeyPair; import java.security.SecureRandom; import java.util.Map; +import java.util.logging.Logger; /** * @@ -60,26 +61,7 @@ import java.util.Map; */ public class SRPKeyPairGenerator implements IKeyPairGenerator { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "srp"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(SRPKeyPairGenerator.class.getName()); private static final BigInteger ZERO = BigInteger.ZERO; private static final BigInteger ONE = BigInteger.ONE; @@ -235,11 +217,11 @@ public class SRPKeyPairGenerator implements IKeyPairGenerator BigInteger q = params[0]; N = params[1]; g = params[2]; - if (DEBUG && debuglevel > 0) + if (Configuration.DEBUG) { - debug("q: " + q.toString(16)); - debug("N: " + N.toString(16)); - debug("g: " + g.toString(16)); + log.fine("q: " + q.toString(16)); + log.fine("N: " + N.toString(16)); + log.fine("g: " + g.toString(16)); } } diff --git a/gnu/javax/crypto/keyring/Entry.java b/gnu/javax/crypto/keyring/Entry.java index 2f311271a..a2e7e5d21 100644 --- a/gnu/javax/crypto/keyring/Entry.java +++ b/gnu/javax/crypto/keyring/Entry.java @@ -38,6 +38,8 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; + import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; @@ -179,7 +181,8 @@ public abstract class Entry { throw new IOException("corrupt length"); } - log.finest("About to instantiate new payload byte array for " + this); + if (Configuration.DEBUG) + log.fine("About to instantiate new payload byte array for " + this); payload = new byte[len]; in.readFully(payload); } diff --git a/gnu/javax/crypto/keyring/EnvelopeEntry.java b/gnu/javax/crypto/keyring/EnvelopeEntry.java index 2a57a23da..5e6d38312 100644 --- a/gnu/javax/crypto/keyring/EnvelopeEntry.java +++ b/gnu/javax/crypto/keyring/EnvelopeEntry.java @@ -38,6 +38,8 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; + import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.DataOutputStream; @@ -94,17 +96,20 @@ public abstract class EnvelopeEntry extends Entry */ public void add(Entry entry) { - log.entering(this.getClass().getName(), "add", entry); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "add", entry); if (! containsEntry(entry)) { if (entry instanceof EnvelopeEntry) ((EnvelopeEntry) entry).setContainingEnvelope(this); entries.add(entry); - log.finest("Payload is " + (payload == null ? "" : "not ") + "null"); + if (Configuration.DEBUG) + log.fine("Payload is " + (payload == null ? "" : "not ") + "null"); makeAliasList(); } - log.exiting(this.getClass().getName(), "add"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "add"); } /** @@ -117,9 +122,11 @@ public abstract class EnvelopeEntry extends Entry */ public boolean containsAlias(String alias) { - log.entering(this.getClass().getName(), "containsAlias", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "containsAlias", alias); String aliases = getAliasList(); - log.finest("aliases = [" + aliases + "]"); + if (Configuration.DEBUG) + log.fine("aliases = [" + aliases + "]"); boolean result = false; if (aliases != null) { @@ -131,7 +138,9 @@ public abstract class EnvelopeEntry extends Entry break; } } - log.exiting(this.getClass().getName(), "containsAlias", Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "containsAlias", + Boolean.valueOf(result)); return result; } @@ -182,8 +191,8 @@ public abstract class EnvelopeEntry extends Entry */ public List get(String alias) { - log.entering(this.getClass().getName(), "get", alias); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "get", alias); List result = new LinkedList(); for (Iterator it = entries.iterator(); it.hasNext();) { @@ -199,13 +208,14 @@ public abstract class EnvelopeEntry extends Entry MaskableEnvelopeEntry mee = (MaskableEnvelopeEntry) ee; if (mee.isMasked()) { - log.finer("Processing masked entry: " + mee); + if (Configuration.DEBUG) + log.fine("Processing masked entry: " + mee); result.add(mee); continue; } } - - log.finer("Processing unmasked entry: " + ee); + if (Configuration.DEBUG) + log.fine("Processing unmasked entry: " + ee); result.addAll(ee.get(alias)); } else if (e instanceof PrimitiveEntry) @@ -215,8 +225,8 @@ public abstract class EnvelopeEntry extends Entry result.add(e); } } - - log.exiting(this.getClass().getName(), "get", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "get", result); return result; } @@ -247,7 +257,8 @@ public abstract class EnvelopeEntry extends Entry */ public boolean remove(Entry entry) { - log.entering(this.getClass().getName(), "remove", entry); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "remove", entry); boolean ret = false; for (Iterator it = entries.iterator(); it.hasNext();) { @@ -278,12 +289,15 @@ public abstract class EnvelopeEntry extends Entry } if (ret) { - log.finest("State before: " + this); + if (Configuration.DEBUG) + log.fine("State before: " + this); payload = null; makeAliasList(); - log.finest("State after: " + this); + if (Configuration.DEBUG) + log.fine("State after: " + this); } - log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(ret)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(ret)); return ret; } @@ -298,7 +312,8 @@ public abstract class EnvelopeEntry extends Entry */ public boolean remove(String alias) { - log.entering(this.getClass().getName(), "remove", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "remove", alias); boolean result = false; for (Iterator it = entries.iterator(); it.hasNext();) { @@ -320,12 +335,15 @@ public abstract class EnvelopeEntry extends Entry } if (result) { - log.finest("State before: " + this); + if (Configuration.DEBUG) + log.fine("State before: " + this); payload = null; makeAliasList(); - log.finest("State after: " + this); + if (Configuration.DEBUG) + log.fine("State after: " + this); } - log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(result)); return result; } @@ -410,7 +428,8 @@ public abstract class EnvelopeEntry extends Entry private void makeAliasList() { - log.entering(this.getClass().getName(), "makeAliasList"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "makeAliasList"); if (! entries.isEmpty()) { StringBuilder buf = new StringBuilder(); @@ -423,7 +442,7 @@ public abstract class EnvelopeEntry extends Entry aliasOrList = ((EnvelopeEntry) entry).getAliasList(); else if (entry instanceof PrimitiveEntry) aliasOrList = ((PrimitiveEntry) entry).getAlias(); - else + else if (Configuration.DEBUG) log.fine("Entry with no Alias. Ignored: " + entry); if (aliasOrList != null) @@ -439,10 +458,12 @@ public abstract class EnvelopeEntry extends Entry } String aliasList = buf.toString(); properties.put("alias-list", aliasList); - log.finer("alias-list=[" + aliasList + "]"); + if (Configuration.DEBUG) + log.fine("alias-list=[" + aliasList + "]"); if (containingEnvelope != null) containingEnvelope.makeAliasList(); } - log.exiting(this.getClass().getName(), "makeAliasList"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "makeAliasList"); } } diff --git a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java index bd5a96227..5b6829e7b 100644 --- a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import java.io.DataInputStream; @@ -105,7 +106,8 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public boolean containsPrivateKey(String alias) { - log.entering(this.getClass().getName(), "containsPrivateKey", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "containsPrivateKey", alias); boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -114,15 +116,17 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsPrivateKey", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "containsPrivateKey", + Boolean.valueOf(result)); return result; } public Key getPrivateKey(String alias, char[] password) throws UnrecoverableKeyException { - log.entering(this.getClass().getName(), "getPrivateKey", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getPrivateKey", alias); Key result = null; if (containsAlias(alias)) { @@ -130,15 +134,16 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring for (Iterator it = get(alias).iterator(); it.hasNext();) { Entry e = (Entry) it.next(); - log.finest("Entry: " + e); + if (Configuration.DEBUG) + log.finest("Entry: " + e); if (e instanceof PasswordAuthenticatedEntry) { e1 = (PasswordAuthenticatedEntry) e; break; } } - - log.finest("e1 = " + e1); + if (Configuration.DEBUG) + log.fine("e1 = " + e1); if (e1 != null) { try @@ -147,7 +152,8 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } catch (Exception e) { - log.throwing(this.getClass().getName(), "getPrivateKey", e); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "getPrivateKey", e); throw new UnrecoverableKeyException("authentication failed"); } @@ -186,23 +192,25 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } } } - log.exiting(this.getClass().getName(), "getPrivateKey", - result == null ? "null" : result.getClass().getName()); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getPrivateKey", + result == null ? "null" : result.getClass().getName()); return result; } public void putPrivateKey(String alias, Key key, char[] password) { - log.entering(this.getClass().getName(), "putPrivateKey", - new Object[] { alias, key.getClass().getName() }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "putPrivateKey", + new Object[] { alias, key.getClass().getName() }); if (! containsPrivateKey(alias)) { alias = fixAlias(alias); Properties p = new Properties(); p.put("alias", alias); PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p); - - log.finest("About to encrypt the key..."); + if (Configuration.DEBUG) + log.fine("About to encrypt the key..."); PasswordEncryptedEntry enc; enc = new PasswordEncryptedEntry(cipher, mode, keylen, new Properties()); enc.add(pke); @@ -212,12 +220,13 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } catch (IOException x) { - log.log(Level.FINER, "Exception while encrypting the key. " - + "Rethrow as IllegalArgumentException", x); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception while encrypting the key. " + + "Rethrow as IllegalArgumentException", x); throw new IllegalArgumentException(x.toString()); } - - log.finest("About to authenticate the encrypted key..."); + if (Configuration.DEBUG) + log.fine("About to authenticate the encrypted key..."); PasswordAuthenticatedEntry auth; auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties()); auth.add(enc); @@ -227,22 +236,25 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } catch (IOException x) { - log.log(Level.FINER, "Exception while authenticating the encrypted " - + "key. Rethrow as IllegalArgumentException", x); + if (Configuration.DEBUG) + log.log(Level.FINE, "Exception while authenticating the encrypted " + + "key. Rethrow as IllegalArgumentException", x); throw new IllegalArgumentException(x.toString()); } keyring.add(auth); } - else - log.finer("Keyring already contains alias: " + alias); + else if (Configuration.DEBUG) + log.fine("Keyring already contains alias: " + alias); - log.exiting(this.getClass().getName(), "putPrivateKey"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "putPrivateKey"); } public boolean containsPublicKey(String alias) { - log.entering(this.getClass().getName(), "containsPublicKey", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "containsPublicKey", alias); boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -251,14 +263,16 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsPublicKey", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "containsPublicKey", + Boolean.valueOf(result)); return result; } public PublicKey getPublicKey(String alias) { - log.entering(this.getClass().getName(), "getPublicKey", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getPublicKey", alias); PublicKey result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -270,30 +284,34 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring break; } } - log.exiting(this.getClass().getName(), "getPublicKey", - result == null ? "null" : result.getClass().getName()); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getPublicKey", + result == null ? "null" : result.getClass().getName()); return result; } public void putPublicKey(String alias, PublicKey key) { - log.entering(this.getClass().getName(), "putPublicKey", - new Object[] { alias, key.getClass().getName() }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "putPublicKey", + new Object[] { alias, key.getClass().getName() }); if (! containsPublicKey(alias)) { Properties p = new Properties(); p.put("alias", fixAlias(alias)); add(new PublicKeyEntry(key, new Date(), p)); } - else - log.finer("Keyring already contains alias: " + alias); + else if (Configuration.DEBUG) + log.fine("Keyring already contains alias: " + alias); - log.exiting(this.getClass().getName(), "putPublicKey"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "putPublicKey"); } public boolean containsCertPath(String alias) { - log.entering(this.getClass().getName(), "containsCertPath", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "containsCertPath", alias); boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -302,14 +320,16 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsCertPath", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "containsCertPath", + Boolean.valueOf(result)); return result; } public Certificate[] getCertPath(String alias) { - log.entering(this.getClass().getName(), "getCertPath", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getCertPath", alias); Certificate[] result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -321,29 +341,33 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring break; } } - log.exiting(this.getClass().getName(), "getCertPath", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getCertPath", result); return result; } public void putCertPath(String alias, Certificate[] path) { - log.entering(this.getClass().getName(), "putCertPath", - new Object[] { alias, path }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "putCertPath", + new Object[] { alias, path }); if (! containsCertPath(alias)) { Properties p = new Properties(); p.put("alias", fixAlias(alias)); add(new CertPathEntry(path, new Date(), p)); } - else - log.finer("Keyring already contains alias: " + alias); + else if (Configuration.DEBUG) + log.fine("Keyring already contains alias: " + alias); - log.exiting(this.getClass().getName(), "putCertPath"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "putCertPath"); } protected void load(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "load"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "load"); if (in.read() != USAGE) throw new MalformedKeyringException("incompatible keyring usage"); @@ -352,14 +376,17 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), password); - log.exiting(this.getClass().getName(), "load"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "store"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "store"); out.write(USAGE); keyring.encode(new DataOutputStream(out), password); - log.exiting(this.getClass().getName(), "store"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "store"); } } diff --git a/gnu/javax/crypto/keyring/GnuPublicKeyring.java b/gnu/javax/crypto/keyring/GnuPublicKeyring.java index 7e1182bc1..0828ca1a1 100644 --- a/gnu/javax/crypto/keyring/GnuPublicKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPublicKeyring.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import java.io.DataInputStream; @@ -77,7 +78,8 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring public boolean containsCertificate(String alias) { - log.entering(this.getClass().getName(), "containsCertificate", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "containsCertificate", alias); boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -86,14 +88,16 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsCertificate", - Boolean.valueOf(result)); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "containsCertificate", + Boolean.valueOf(result)); return result; } public Certificate getCertificate(String alias) { - log.entering(this.getClass().getName(), "getCertificate", alias); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getCertificate", alias); Certificate result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -105,29 +109,33 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring break; } } - log.exiting(this.getClass().getName(), "getCertificate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getCertificate", result); return result; } public void putCertificate(String alias, Certificate cert) { - log.entering(this.getClass().getName(), "putCertificate", - new Object[] { alias, cert }); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "putCertificate", + new Object[] { alias, cert }); if (! containsCertificate(alias)) { Properties p = new Properties(); p.put("alias", fixAlias(alias)); add(new CertificateEntry(cert, new Date(), p)); } - else - log.finer("Keyring already contains alias: " + alias); + else if (Configuration.DEBUG) + log.fine("Keyring already contains alias: " + alias); - log.exiting(this.getClass().getName(), "putCertificate"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "putCertificate"); } protected void load(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "load"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "load"); if (in.read() != USAGE) throw new MalformedKeyringException("incompatible keyring usage"); @@ -136,14 +144,17 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring DataInputStream dis = new DataInputStream(in); keyring = PasswordAuthenticatedEntry.decode(dis, password); - log.exiting(this.getClass().getName(), "load"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "store"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "store"); out.write(USAGE); keyring.encode(new DataOutputStream(out), password); - log.exiting(this.getClass().getName(), "store"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "store"); } } diff --git a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java index 96d4fc4db..e9713b369 100644 --- a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; @@ -146,10 +147,12 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry public void verify(char[] password) { - log.entering(this.getClass().getName(), "verify"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "verify"); if (isMasked() && payload != null) { - log.finest("payload to verify: " + Util.dumpString(payload)); + if (Configuration.DEBUG) + log.fine("payload to verify: " + Util.dumpString(payload)); long tt = - System.currentTimeMillis(); IMac m = null; try @@ -184,16 +187,20 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry } tt += System.currentTimeMillis(); - log.finer("Verified in " + tt + "ms."); + if (Configuration.DEBUG) + log.fine("Verified in " + tt + "ms."); } - else - log.finer("Skip verification; " + (isMasked() ? "null payload" : "unmasked")); - log.exiting(this.getClass().getName(), "verify"); + else if (Configuration.DEBUG) + log.fine("Skip verification; " + (isMasked() ? "null payload" : "unmasked")); + + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "verify"); } public void authenticate(char[] password) throws IOException { - log.entering(this.getClass().getName(), "authenticate"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "authenticate"); long tt = - System.currentTimeMillis(); long t1 = - System.currentTimeMillis(); @@ -203,7 +210,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry byte[] salt = new byte[8]; PRNG.getInstance().nextBytes(salt); t1 += System.currentTimeMillis(); - log.finer("-- Generated salt in " + t1 + "ms."); + if (Configuration.DEBUG) + log.fine("-- Generated salt in " + t1 + "ms."); properties.put("salt", Util.toString(salt)); IMac m = getMac(password); ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); @@ -212,21 +220,27 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry for (Iterator it = entries.iterator(); it.hasNext();) { Entry entry = (Entry) it.next(); - log.finer("-- About to authenticate one " + entry); + if (Configuration.DEBUG) + log.fine("-- About to authenticate one " + entry); t1 = - System.currentTimeMillis(); entry.encode(out2); t1 += System.currentTimeMillis(); - log.finer("-- Authenticated an Entry in " + t1 + "ms."); + if (Configuration.DEBUG) + log.fine("-- Authenticated an Entry in " + t1 + "ms."); } bout.write(m.digest()); payload = bout.toByteArray(); - log.finest("authenticated payload: " + Util.dumpString(payload)); + if (Configuration.DEBUG) + log.fine("authenticated payload: " + Util.dumpString(payload)); setMasked(true); tt += System.currentTimeMillis(); - log.finer("Authenticated in " + tt + "ms."); - log.exiting(this.getClass().getName(), "authenticate"); + if (Configuration.DEBUG) + { + log.fine("Authenticated in " + tt + "ms."); + log.exiting(this.getClass().getName(), "authenticate"); + } } public void encode(DataOutputStream out, char[] password) throws IOException @@ -249,7 +263,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry private IMac getMac(char[] password) throws MalformedKeyringException { - log.entering(this.getClass().getName(), "getMac"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "getMac"); String saltString = properties.get("salt"); if (saltString == null) throw new MalformedKeyringException("no salt"); @@ -303,7 +318,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry { throw new Error(shouldNotHappen.toString()); } - log.exiting(this.getClass().getName(), "getMac"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "getMac"); return mac; } } diff --git a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java index 24ab98266..71c18d855 100644 --- a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; @@ -132,7 +133,8 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements public void decrypt(char[] password) throws IllegalArgumentException, WrongPaddingException { - log.entering(this.getClass().getName(), "decrypt"); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "decrypt"); if (isMasked() && payload != null) { long tt = - System.currentTimeMillis(); @@ -162,23 +164,27 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements throw new IllegalArgumentException("decryption failed"); } tt += System.currentTimeMillis(); - log.finer("Decrypted in " + tt + "ms."); + log.fine("Decrypted in " + tt + "ms."); } - else - log.finer("Skip decryption; " + (isMasked() ? "null payload" : "unmasked")); - log.exiting(this.getClass().getName(), "decrypt"); + else if (Configuration.DEBUG) + log.fine("Skip decryption; " + (isMasked() ? "null payload" : "unmasked")); + + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "decrypt"); } public void encrypt(char[] password) throws IOException { - log.entering(this.getClass().getName(), "encrypt", String.valueOf(password)); + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "encrypt", String.valueOf(password)); long tt = - System.currentTimeMillis(); long t1 = - System.currentTimeMillis(); byte[] salt = new byte[8]; PRNG.getInstance().nextBytes(salt); t1 += System.currentTimeMillis(); - log.finer("-- Generated salt in " + t1 + "ms."); + if (Configuration.DEBUG) + log.fine("-- Generated salt in " + t1 + "ms."); properties.put("salt", Util.toString(salt)); IMode mode = getMode(password, IMode.ENCRYPTION); IPad pad = PadFactory.getInstance("PKCS7"); @@ -188,11 +194,13 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements for (Iterator it = entries.iterator(); it.hasNext();) { Entry entry = (Entry) it.next(); - log.finer("-- About to encode one " + entry); + if (Configuration.DEBUG) + log.fine("-- About to encode one " + entry); t1 = - System.currentTimeMillis(); entry.encode(out2); t1 += System.currentTimeMillis(); - log.finer("-- Encoded an Entry in " + t1 + "ms."); + if (Configuration.DEBUG) + log.fine("-- Encoded an Entry in " + t1 + "ms."); } byte[] plaintext = bout.toByteArray(); byte[] padding = pad.pad(plaintext, 0, plaintext.length); @@ -212,8 +220,11 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements setMasked(true); tt += System.currentTimeMillis(); - log.finer("Encrypted in " + tt + "ms."); - log.exiting(this.getClass().getName(), "encrypt"); + if (Configuration.DEBUG) + { + log.fine("Encrypted in " + tt + "ms."); + log.exiting(this.getClass().getName(), "encrypt"); + } } public void encode(DataOutputStream out, char[] password) throws IOException @@ -226,7 +237,8 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements { if (payload == null) { - log.fine("Null payload: " + this); + if (Configuration.DEBUG) + log.fine("Null payload: " + this); throw new IllegalStateException("not encrypted"); } } diff --git a/gnu/javax/crypto/mac/OMAC.java b/gnu/javax/crypto/mac/OMAC.java index 21156ac63..b7edb5cdd 100644 --- a/gnu/javax/crypto/mac/OMAC.java +++ b/gnu/javax/crypto/mac/OMAC.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.mac; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; import gnu.javax.crypto.cipher.CipherFactory; @@ -48,6 +49,7 @@ import java.security.InvalidKeyException; import java.util.Arrays; import java.util.HashMap; import java.util.Map; +import java.util.logging.Logger; /** * <p>The One-Key CBC MAC, OMAC. This message authentication code is based on @@ -62,18 +64,7 @@ import java.util.Map; */ public class OMAC implements IMac { - - // Constants and fields. - // ------------------------------------------------------------------------ - - private static final boolean DEBUG = false; - - private static void debug(String msg) - { - System.out.print(">>> OMAC: "); - System.out.println(msg); - } - + private static final Logger log = Logger.getLogger(OMAC.class.getName()); private static final byte C1 = (byte) 0x87; private static final byte C2 = 0x1b; @@ -157,12 +148,8 @@ public class OMAC implements IMac byte[] L = new byte[blockSize]; cipher.encryptBlock(L, 0, L, 0); - - if (DEBUG) - { - debug("L = " + Util.toString(L).toLowerCase()); - } - + if (Configuration.DEBUG) + log.fine("L = " + Util.toString(L).toLowerCase()); if (Lu != null) { Arrays.fill(Lu, (byte) 0); @@ -214,11 +201,8 @@ public class OMAC implements IMac + blockSize); } } - if (DEBUG) - { - debug("Lu = " + Util.toString(Lu).toLowerCase()); - } - + if (Configuration.DEBUG) + log.fine("Lu = " + Util.toString(Lu).toLowerCase()); msb = (Lu[0] & 0x80) != 0; for (int i = 0; i < blockSize; i++) { @@ -239,11 +223,8 @@ public class OMAC implements IMac Lu2[Lu2.length - 1] ^= C2; } } - if (DEBUG) - { - debug("Lu2 = " + Util.toString(Lu2).toLowerCase()); - } - + if (Configuration.DEBUG) + log.fine("Lu2 = " + Util.toString(Lu2).toLowerCase()); if (M != null) { Arrays.fill(M, (byte) 0); diff --git a/gnu/javax/crypto/pad/BasePad.java b/gnu/javax/crypto/pad/BasePad.java index 45e211a65..b54c77078 100644 --- a/gnu/javax/crypto/pad/BasePad.java +++ b/gnu/javax/crypto/pad/BasePad.java @@ -38,18 +38,19 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.classpath.Configuration; + +import java.util.logging.Level; +import java.util.logging.Logger; + /** - * <p>An abstract class to facilitate implementing padding algorithms.</p> + * An abstract class to facilitate implementing padding algorithms. */ public abstract class BasePad implements IPad { - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(BasePad.class.getName()); /** The canonical name prefix of the padding algorithm. */ protected String name; - /** The block size, in bytes, for this instance. */ protected int blockSize; @@ -139,7 +140,10 @@ public abstract class BasePad implements IPad padBytes = pad(buffer, offset, i); if (((i + padBytes.length) % blockSize) != 0) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "Length of padded text MUST be a multiple of " + blockSize, + new RuntimeException(name())); return false; } System.arraycopy(padBytes, 0, buffer, offset + i, padBytes.length); @@ -147,13 +151,17 @@ public abstract class BasePad implements IPad { if (padBytes.length != unpad(buffer, offset, i + padBytes.length)) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "IPad [" + name() + "] failed symmetric operation", + new RuntimeException(name())); return false; } } catch (WrongPaddingException x) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "test1BlockSize", x); return false; } } diff --git a/gnu/javax/crypto/pad/PKCS1_V1_5.java b/gnu/javax/crypto/pad/PKCS1_V1_5.java index 5f5a2cf47..874908493 100644 --- a/gnu/javax/crypto/pad/PKCS1_V1_5.java +++ b/gnu/javax/crypto/pad/PKCS1_V1_5.java @@ -38,12 +38,14 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.sig.rsa.EME_PKCS1_V1_5; import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Level; +import java.util.logging.Logger; /** * <p>A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding @@ -63,26 +65,7 @@ import java.io.PrintWriter; */ public class PKCS1_V1_5 extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = Registry.EME_PKCS1_V1_5_PAD; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(final String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(PKCS1_V1_5.class.getName()); private EME_PKCS1_V1_5 codec; // Constructor(s) @@ -117,10 +100,8 @@ public class PKCS1_V1_5 extends BasePad final byte[] EM = codec.encode(M); final byte[] result = new byte[blockSize - length]; System.arraycopy(EM, 0, result, 0, result.length); - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -130,10 +111,8 @@ public class PKCS1_V1_5 extends BasePad final byte[] EM = new byte[length]; System.arraycopy(in, offset, EM, 0, length); final int result = length - codec.decode(EM).length; - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + if (Configuration.DEBUG) + log.fine("padding length: " + String.valueOf(result)); return result; } @@ -156,7 +135,10 @@ public class PKCS1_V1_5 extends BasePad p = pad(M, 0, j); if (j + p.length != blockSize) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "Length of padded text MUST be a multiple of " + blockSize, + new RuntimeException(name())); return false; } @@ -166,13 +148,17 @@ public class PKCS1_V1_5 extends BasePad { if (p.length != unpad(EM, 0, blockSize)) { - new RuntimeException(name()).printStackTrace(System.err); + if (Configuration.DEBUG) + log.log(Level.SEVERE, + "Failed symmetric operation", + new RuntimeException(name())); return false; } } catch (WrongPaddingException x) { - x.printStackTrace(System.err); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "selfTest", x); return false; } } diff --git a/gnu/javax/crypto/pad/PKCS7.java b/gnu/javax/crypto/pad/PKCS7.java index a5a1631a9..d9084d13f 100644 --- a/gnu/javax/crypto/pad/PKCS7.java +++ b/gnu/javax/crypto/pad/PKCS7.java @@ -38,10 +38,11 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Logger; /** * <p>The implementation of the PKCS7 padding algorithm.</p> @@ -60,28 +61,7 @@ import java.io.PrintWriter; */ public final class PKCS7 extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "pkcs7"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(PKCS7.class.getName()); /** * Trivial package-private constructor for use by the <i>Factory</i> class.<p> @@ -119,11 +99,8 @@ public final class PKCS7 extends BasePad { result[i++] = (byte) padLength; } - - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -139,11 +116,8 @@ public final class PKCS7 extends BasePad throw new WrongPaddingException(); } } - - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + if (Configuration.DEBUG) + log.fine("padding length: " + result); return result; } }
\ No newline at end of file diff --git a/gnu/javax/crypto/pad/TBC.java b/gnu/javax/crypto/pad/TBC.java index c7e25cb23..64fea18fd 100644 --- a/gnu/javax/crypto/pad/TBC.java +++ b/gnu/javax/crypto/pad/TBC.java @@ -38,10 +38,11 @@ exception statement from your version. */ package gnu.javax.crypto.pad; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.Util; -import java.io.PrintWriter; +import java.util.logging.Logger; /** * <p>The implementation of the Trailing Bit Complement (TBC) padding algorithm.</p> @@ -59,28 +60,7 @@ import java.io.PrintWriter; */ public final class TBC extends BasePad { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "tbc"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 9; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(TBC.class.getName()); /** * Trivial package-private constructor for use by the <i>Factory</i> class.<p> @@ -123,10 +103,8 @@ public final class TBC extends BasePad } } // else it's already set to zeroes by virtue of initialisation - if (DEBUG && debuglevel > 8) - { - debug("padding: 0x" + Util.toString(result)); - } + if (Configuration.DEBUG) + log.fine("padding: 0x" + Util.toString(result)); return result; } @@ -146,11 +124,8 @@ public final class TBC extends BasePad { throw new WrongPaddingException(); } - - if (DEBUG && debuglevel > 8) - { - debug("padding length: " + String.valueOf(result)); - } + if (Configuration.DEBUG) + log.fine("padding length: " + result); return result; } }
\ No newline at end of file diff --git a/gnu/javax/crypto/prng/CSPRNG.java b/gnu/javax/crypto/prng/CSPRNG.java index 875ed9a0f..0e39f0f5a 100644 --- a/gnu/javax/crypto/prng/CSPRNG.java +++ b/gnu/javax/crypto/prng/CSPRNG.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.javax.crypto.prng; +import gnu.classpath.Configuration; import gnu.java.security.Properties; import gnu.java.security.Registry; import gnu.java.security.hash.HashFactory; @@ -68,6 +69,8 @@ import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.StringTokenizer; +import java.util.logging.Level; +import java.util.logging.Logger; /** * <p>An entropy pool-based pseudo-random number generator based on the PRNG @@ -84,18 +87,7 @@ import java.util.StringTokenizer; */ public class CSPRNG extends BasePRNG { - - // Constants and fields. - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - - private static void debug(String msg) - { - System.err.print(">>> CSPRNG: "); - System.err.println(msg); - } - + private static final Logger log = Logger.getLogger(CSPRNG.class.getName()); /** * Property name for the list of files to read for random values. The * mapped value is a list with the following values: @@ -480,34 +472,25 @@ public class CSPRNG extends BasePRNG public void setup(Map attrib) { List list = null; - - if (DEBUG) - { - debug(String.valueOf(attrib)); - } + if (Configuration.DEBUG) + log.fine("attrib=" + String.valueOf(attrib)); try { list = (List) attrib.get(FILE_SOURCES); - if (DEBUG) - { - debug(String.valueOf(list)); - } + if (Configuration.DEBUG) + log.fine("list=" + String.valueOf(list)); if (list != null) { files.clear(); for (Iterator it = list.iterator(); it.hasNext();) { List l = (List) it.next(); - if (DEBUG) - { - debug("l=" + l); - } + if (Configuration.DEBUG) + log.fine("l=" + l); if (l.size() != 4) { - if (DEBUG) - { - debug("file list too small: " + l.size()); - } + if (Configuration.DEBUG) + log.fine("file list too small: " + l.size()); throw new IllegalArgumentException("invalid file list"); } Double quality = (Double) l.get(0); @@ -520,37 +503,28 @@ public class CSPRNG extends BasePRNG } catch (ClassCastException cce) { - if (DEBUG) - { - debug("bad file list: " + cce.getMessage()); - cce.printStackTrace(); - } + if (Configuration.DEBUG) + log.log(Level.FINE, "bad file list", cce); throw new IllegalArgumentException("invalid file list"); } try { list = (List) attrib.get(URL_SOURCES); - if (DEBUG) - { - debug(String.valueOf(list)); - } + if (Configuration.DEBUG) + log.fine("list=" + String.valueOf(list)); if (list != null) { urls.clear(); for (Iterator it = list.iterator(); it.hasNext();) { List l = (List) it.next(); - if (DEBUG) - { - debug("l=" + l); - } + if (Configuration.DEBUG) + log.fine("l=" + l); if (l.size() != 4) { - if (DEBUG) - { - debug("URL list too small: " + l.size()); - } + if (Configuration.DEBUG) + log.fine("URL list too small: " + l.size()); throw new IllegalArgumentException("invalid URL list"); } Double quality = (Double) l.get(0); @@ -563,37 +537,28 @@ public class CSPRNG extends BasePRNG } catch (ClassCastException cce) { - if (DEBUG) - { - debug("bad URL list: " + cce.getMessage()); - cce.printStackTrace(); - } + if (Configuration.DEBUG) + log.log(Level.FINE, "bad URL list", cce); throw new IllegalArgumentException("invalid URL list"); } try { list = (List) attrib.get(PROGRAM_SOURCES); - if (DEBUG) - { - debug(String.valueOf(list)); - } + if (Configuration.DEBUG) + log.fine("list=" + String.valueOf(list)); if (list != null) { progs.clear(); for (Iterator it = list.iterator(); it.hasNext();) { List l = (List) it.next(); - if (DEBUG) - { - debug("l=" + l); - } + if (Configuration.DEBUG) + log.fine("l=" + l); if (l.size() != 4) { - if (DEBUG) - { - debug("program list too small: " + l.size()); - } + if (Configuration.DEBUG) + log.fine("program list too small: " + l.size()); throw new IllegalArgumentException("invalid program list"); } Double quality = (Double) l.get(0); @@ -606,31 +571,24 @@ public class CSPRNG extends BasePRNG } catch (ClassCastException cce) { - if (DEBUG) - { - debug("bad program list: " + cce.getMessage()); - cce.printStackTrace(); - } + if (Configuration.DEBUG) + log.log(Level.FINE, "bad program list", cce); throw new IllegalArgumentException("invalid program list"); } try { list = (List) attrib.get(OTHER_SOURCES); - if (DEBUG) - { - debug(String.valueOf(list)); - } + if (Configuration.DEBUG) + log.fine("list=" + String.valueOf(list)); if (list != null) { other.clear(); for (Iterator it = list.iterator(); it.hasNext();) { EntropySource src = (EntropySource) it.next(); - if (DEBUG) - { - debug("src=" + src); - } + if (Configuration.DEBUG) + log.fine("src=" + src); if (src == null) { throw new NullPointerException("null source in source list"); @@ -674,16 +632,12 @@ public class CSPRNG extends BasePRNG public void fillBlock() throws LimitReachedException { - if (DEBUG) - { - debug("fillBlock"); - } + if (Configuration.DEBUG) + log.fine("fillBlock"); if (getQuality() < 100.0) { - if (DEBUG) - { - debug("doing slow poll"); - } + if (Configuration.DEBUG) + log.fine("doing slow poll"); slowPoll(); } @@ -759,10 +713,10 @@ public class CSPRNG extends BasePRNG { throw new ArrayIndexOutOfBoundsException(); } - if (DEBUG) + if (Configuration.DEBUG) { - debug("adding random bytes:"); - debug(Util.toString(buf, off, len)); + log.fine("adding random bytes:"); + log.fine(Util.toString(buf, off, len)); } final int count = off + len; for (int i = off; i < count; i++) @@ -785,10 +739,8 @@ public class CSPRNG extends BasePRNG */ public synchronized void addRandomByte(byte b) { - if (DEBUG) - { - debug("adding byte " + Integer.toHexString(b)); - } + if (Configuration.DEBUG) + log.fine("adding byte " + Integer.toHexString(b)); pool[index++] ^= b; if (index >= pool.length) { @@ -802,18 +754,14 @@ public class CSPRNG extends BasePRNG synchronized void addQuality(double quality) { - if (DEBUG) - { - debug("adding quality " + quality); - } + if (Configuration.DEBUG) + log.fine("adding quality " + quality); if (this.quality < 100) { this.quality += quality; } - if (DEBUG) - { - debug("quality now " + this.quality); - } + if (Configuration.DEBUG) + log.fine("quality now " + this.quality); } synchronized double getQuality() @@ -923,11 +871,9 @@ public class CSPRNG extends BasePRNG private void slowPoll() throws LimitReachedException { - if (DEBUG) - { - debug("poller is alive? " - + (pollerThread == null ? false : pollerThread.isAlive())); - } + if (Configuration.DEBUG) + log.fine("poller is alive? " + + (pollerThread == null ? false : pollerThread.isAlive())); if (pollerThread == null || !pollerThread.isAlive()) { boolean interrupted = false; @@ -951,12 +897,9 @@ public class CSPRNG extends BasePRNG // and there in insufficient randomness, throw an exception. if (!interrupted && blocking && quality < 100.0) { - if (DEBUG) - { - debug("insufficient quality: " + quality); - } - throw new LimitReachedException( - "insufficient randomness was polled"); + if (Configuration.DEBUG) + log.fine("insufficient quality: " + quality); + throw new LimitReachedException("insufficient randomness was polled"); } } } @@ -1054,11 +997,11 @@ public class CSPRNG extends BasePRNG public void run() { running = true; - if (DEBUG) + if (Configuration.DEBUG) { - debug("files: " + files); - debug("URLs: " + urls); - debug("progs: " + progs); + log.fine("files: " + files); + log.fine("URLs: " + urls); + log.fine("progs: " + progs); } Iterator files_it = files.iterator(); Iterator urls_it = urls.iterator(); @@ -1080,10 +1023,8 @@ public class CSPRNG extends BasePRNG try { List l = (List) files_it.next(); - if (DEBUG) - { - debug(l.toString()); - } + if (Configuration.DEBUG) + log.fine(l.toString()); double qual = ((Double) l.get(0)).doubleValue(); int offset = ((Integer) l.get(1)).intValue(); int count = ((Integer) l.get(2)).intValue(); @@ -1100,18 +1041,13 @@ public class CSPRNG extends BasePRNG pool.addRandomBytes(buf, 0, len); pool.addQuality(qual * ((double) len / (double) count)); } - if (DEBUG) - { - debug("got " + len + " bytes from " + src); - } + if (Configuration.DEBUG) + log.fine("got " + len + " bytes from " + src); } catch (Exception x) { - if (DEBUG) - { - debug(x.toString()); - x.printStackTrace(); - } + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "run", x); } } @@ -1125,10 +1061,8 @@ public class CSPRNG extends BasePRNG try { List l = (List) urls_it.next(); - if (DEBUG) - { - debug(l.toString()); - } + if (Configuration.DEBUG) + log.fine(l.toString()); double qual = ((Double) l.get(0)).doubleValue(); int offset = ((Integer) l.get(1)).intValue(); int count = ((Integer) l.get(2)).intValue(); @@ -1145,18 +1079,13 @@ public class CSPRNG extends BasePRNG pool.addRandomBytes(buf, 0, len); pool.addQuality(qual * ((double) len / (double) count)); } - if (DEBUG) - { - debug("got " + len + " bytes from " + src); - } + if (Configuration.DEBUG) + log.fine("got " + len + " bytes from " + src); } catch (Exception x) { - if (DEBUG) - { - debug(x.toString()); - x.printStackTrace(); - } + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "run", x); } } @@ -1171,10 +1100,8 @@ public class CSPRNG extends BasePRNG try { List l = (List) prog_it.next(); - if (DEBUG) - { - debug(l.toString()); - } + if (Configuration.DEBUG) + log.finer(l.toString()); double qual = ((Double) l.get(0)).doubleValue(); int offset = ((Integer) l.get(1)).intValue(); int count = ((Integer) l.get(2)).intValue(); @@ -1195,18 +1122,13 @@ public class CSPRNG extends BasePRNG } proc.destroy(); proc.waitFor(); - if (DEBUG) - { - debug("got " + len + " bytes from " + src); - } + if (Configuration.DEBUG) + log.fine("got " + len + " bytes from " + src); } catch (Exception x) { - if (DEBUG) - { - debug(x.toString()); - x.printStackTrace(); - } + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "run", x); try { if (proc != null) @@ -1238,18 +1160,13 @@ public class CSPRNG extends BasePRNG } pool.addRandomBytes(buf, 0, buf.length); pool.addQuality(src.quality()); - if (DEBUG) - { - debug("got " + buf.length + " bytes from " + src); - } + if (Configuration.DEBUG) + log.fine("got " + buf.length + " bytes from " + src); } catch (Exception x) { - if (DEBUG) - { - debug(x.toString()); - x.printStackTrace(); - } + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "run", x); } } } diff --git a/gnu/javax/crypto/sasl/SaslInputStream.java b/gnu/javax/crypto/sasl/SaslInputStream.java index 57eb2b5c5..14de9e12f 100644 --- a/gnu/javax/crypto/sasl/SaslInputStream.java +++ b/gnu/javax/crypto/sasl/SaslInputStream.java @@ -38,12 +38,13 @@ exception statement from your version. */ package gnu.javax.crypto.sasl; +import gnu.classpath.Configuration; import gnu.java.security.util.Util; +import java.io.IOException; import java.io.InputStream; import java.io.InterruptedIOException; -import java.io.IOException; -import java.io.PrintWriter; +import java.util.logging.Logger; import javax.security.sasl.Sasl; import javax.security.sasl.SaslClient; @@ -55,41 +56,11 @@ import javax.security.sasl.SaslServer; */ public class SaslInputStream extends InputStream { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "SaslOutputStream"; - - private static final String ERROR = "ERROR"; - - private static final String WARN = " WARN"; - - // private static final String INFO = " INFO"; - private static final String TRACE = "DEBUG"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 3; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String level, Object obj) - { - err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(SaslInputStream.class.getName()); private SaslClient client; - private SaslServer server; - private int maxRawSendSize; - private InputStream source; - private byte[] internalBuf; // Constructor(s) @@ -168,7 +139,6 @@ public class SaslInputStream extends InputStream else { byte[] tmp = new byte[internalBuf.length - 1]; - // System.arraycopy(internalBuf, 0, tmp, 0, tmp.length); System.arraycopy(internalBuf, 1, tmp, 0, tmp.length); internalBuf = tmp; } @@ -241,32 +211,22 @@ public class SaslInputStream extends InputStream */ public int read(byte[] b, int off, int len) throws IOException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> read(b, " + String.valueOf(off) + ", " - + String.valueOf(len) + ")"); - - if (b == null) - { - throw new NullPointerException("b"); - } + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "read", + new Object[] { b, Integer.valueOf(off), Integer.valueOf(len) }); if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) || ((off + len) < 0)) - { - throw new IndexOutOfBoundsException("off=" + String.valueOf(off) - + ", len=" + String.valueOf(len) - + ", b.length=" - + String.valueOf(b.length)); - } + throw new IndexOutOfBoundsException("off=" + off + + ", len=" + len + + ", b.length=" + b.length); if (len == 0) { - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> 0"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "read", Integer.valueOf(0)); return 0; } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Available: " + String.valueOf(available())); - + if (Configuration.DEBUG) + log.finer("Available: " + available()); int result = 0; if (internalBuf == null || internalBuf.length < 1) try @@ -274,21 +234,24 @@ public class SaslInputStream extends InputStream internalBuf = readSaslBuffer(); if (internalBuf == null) { - if (DEBUG && debuglevel > 4) - debug(WARN, "Underlying stream empty. Returning -1"); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> -1"); + if (Configuration.DEBUG) + { + log.finer("Underlying stream empty. Returning -1"); + log.exiting(this.getClass().getName(), "read", + Integer.valueOf(-1)); + } return -1; } } catch (InterruptedIOException x) { - if (DEBUG && debuglevel > 6) - debug(TRACE, x); - if (DEBUG && debuglevel > 4) - debug(WARN, "Reading thread was interrupted. Returning -1"); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> -1"); + if (Configuration.DEBUG) + { + log.finer("Reading thread was interrupted. Returning -1"); + log.throwing(this.getClass().getName(), "read", x); + log.exiting(this.getClass().getName(), "read", + Integer.valueOf(-1)); + } return -1; } @@ -328,8 +291,8 @@ public class SaslInputStream extends InputStream data = readSaslBuffer(); if (data == null) { - if (DEBUG && debuglevel > 4) - debug(WARN, "Underlying stream exhausted. Breaking..."); + if (Configuration.DEBUG) + log.finer("Underlying stream exhausted. Breaking..."); break; } @@ -352,18 +315,16 @@ public class SaslInputStream extends InputStream } else { // nothing much we can do except return what we have - if (DEBUG && debuglevel > 4) - debug(WARN, - "Not enough bytes in source to read a buffer. Breaking..."); + if (Configuration.DEBUG) + log.finer("Not enough bytes in source to read a buffer. Breaking..."); break; } } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Remaining: " - + (internalBuf == null ? 0 : internalBuf.length)); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== read() --> " + String.valueOf(result)); + if (Configuration.DEBUG) + { + log.finer("Remaining: " + (internalBuf == null ? 0 : internalBuf.length)); + log.exiting(this.getClass().getName(), "read()", String.valueOf(result)); + } return result; } @@ -379,9 +340,8 @@ public class SaslInputStream extends InputStream */ private byte[] readSaslBuffer() throws IOException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> readSaslBuffer()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "readSaslBuffer()"); int realLength; // check if we read as many bytes as we're supposed to byte[] result = new byte[4]; try @@ -389,32 +349,27 @@ public class SaslInputStream extends InputStream realLength = source.read(result); if (realLength == -1) { - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== readSaslBuffer() --> null"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "readSaslBuffer"); return null; } } catch (IOException x) { - if (DEBUG && debuglevel > 0) - debug(ERROR, x); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } if (realLength != 4) - { - throw new IOException("Was expecting 4 but found " - + String.valueOf(realLength)); - } + throw new IOException("Was expecting 4 but found " + realLength); int bufferLength = result[0] << 24 | (result[1] & 0xFF) << 16 | (result[2] & 0xFF) << 8 | (result[3] & 0xFF); - if (DEBUG && debuglevel > 6) - debug(TRACE, "SASL buffer size: " + bufferLength); + if (Configuration.DEBUG) + log.finer("SASL buffer size: " + bufferLength); if (bufferLength > maxRawSendSize || bufferLength < 0) - { - throw new SaslEncodingException("SASL buffer (security layer) too long"); - } + throw new SaslEncodingException("SASL buffer (security layer) too long"); result = new byte[bufferLength]; try @@ -423,37 +378,34 @@ public class SaslInputStream extends InputStream } catch (IOException x) { - if (DEBUG && debuglevel > 0) - debug(ERROR, x); + if (Configuration.DEBUG) + log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } if (realLength != bufferLength) - throw new IOException("Was expecting " + String.valueOf(bufferLength) - + " but found " + String.valueOf(realLength)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (before security) (hex): " - + Util.dumpString(result)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (before security) (str): \"" - + new String(result) + "\""); - - if (client != null) + throw new IOException("Was expecting " + bufferLength + + " but found " + realLength); + if (Configuration.DEBUG) { - result = client.unwrap(result, 0, realLength); + log.finer("Incoming buffer (before security) (hex): " + + Util.dumpString(result)); + log.finer("Incoming buffer (before security) (str): \"" + + new String(result) + "\""); } + if (client != null) + result = client.unwrap(result, 0, realLength); else + result = server.unwrap(result, 0, realLength); + + if (Configuration.DEBUG) { - result = server.unwrap(result, 0, realLength); + log.finer("Incoming buffer (after security) (hex): " + + Util.dumpString(result)); + log.finer("Incoming buffer (after security) (str): \"" + + new String(result) + "\""); + log.exiting(this.getClass().getName(), "readSaslBuffer"); } - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (after security) (hex): " - + Util.dumpString(result)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (after security) (str): \"" - + new String(result) + "\""); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== readSaslBuffer()"); return result; } }
\ No newline at end of file diff --git a/gnu/javax/crypto/sasl/SaslOutputStream.java b/gnu/javax/crypto/sasl/SaslOutputStream.java index 699720137..9d2aa020d 100644 --- a/gnu/javax/crypto/sasl/SaslOutputStream.java +++ b/gnu/javax/crypto/sasl/SaslOutputStream.java @@ -38,11 +38,12 @@ exception statement from your version. */ package gnu.javax.crypto.sasl; +import gnu.classpath.Configuration; import gnu.java.security.util.Util; -import java.io.OutputStream; import java.io.IOException; -import java.io.PrintWriter; +import java.io.OutputStream; +import java.util.logging.Logger; import javax.security.sasl.Sasl; import javax.security.sasl.SaslClient; @@ -54,37 +55,10 @@ import javax.security.sasl.SaslServer; */ public class SaslOutputStream extends OutputStream { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "SaslOutputStream"; - - // private static final String ERROR = "ERROR"; - // private static final String WARN = " WARN"; - // private static final String INFO = " INFO"; - private static final String TRACE = "DEBUG"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 3; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String level, Object obj) - { - err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(SaslOutputStream.class.getName()); private SaslClient client; - private SaslServer server; - private int maxRawSendSize; - private OutputStream dest; // Constructor(s) @@ -148,52 +122,45 @@ public class SaslOutputStream extends OutputStream */ public void write(byte[] b, int off, int len) throws IOException { - if (b == null) - { - throw new NullPointerException("b"); - } + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "write"); if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) || ((off + len) < 0)) - { - throw new IndexOutOfBoundsException("off=" + String.valueOf(off) - + ", len=" + String.valueOf(len) - + ", b.length=" - + String.valueOf(b.length)); - } + throw new IndexOutOfBoundsException("off=" + off + + ", len=" + len + + ", b.length=" + b.length); if (len == 0) { + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "write"); return; } - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> write()"); - int chunckSize, length, chunck = 1; byte[] output = null, result; - if (DEBUG && debuglevel > 6) - debug(TRACE, "About to wrap " + String.valueOf(len) + " byte(s)..."); + if (Configuration.DEBUG) + log.finer("About to wrap " + len + " byte(s)..."); while (len > 0) { chunckSize = (len > maxRawSendSize ? maxRawSendSize : len); - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (before security) (hex): " - + Util.dumpString(b, off, chunckSize)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (before security) (str): \"" - + new String(b, off, chunckSize) + "\""); - + if (Configuration.DEBUG) + { + log.finer("Outgoing buffer (before security) (hex): " + + Util.dumpString(b, off, chunckSize)); + log.finer("Outgoing buffer (before security) (str): \"" + + new String(b, off, chunckSize) + "\""); + } if (client != null) output = client.wrap(b, off, chunckSize); else output = server.wrap(b, off, chunckSize); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (after security) (hex): " - + Util.dumpString(output)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (after security) (str): \"" - + new String(output) + "\""); - + if (Configuration.DEBUG) + { + log.finer("Outgoing buffer (after security) (hex): " + + Util.dumpString(output)); + log.finer("Outgoing buffer (after security) (str): \"" + + new String(output) + "\""); + } length = output.length; result = new byte[length + 4]; result[0] = (byte) (length >>> 24); @@ -206,13 +173,12 @@ public class SaslOutputStream extends OutputStream off += chunckSize; len -= chunckSize; - if (DEBUG && debuglevel > 6) - debug(TRACE, "Wrapped chunck #" + String.valueOf(chunck)); + if (Configuration.DEBUG) + log.finer("Wrapped chunck #" + chunck); chunck++; } - dest.flush(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== write()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "write"); } }
\ No newline at end of file diff --git a/gnu/javax/crypto/sasl/srp/SRPClient.java b/gnu/javax/crypto/sasl/srp/SRPClient.java index 1a1664ff7..0430342eb 100644 --- a/gnu/javax/crypto/sasl/srp/SRPClient.java +++ b/gnu/javax/crypto/sasl/srp/SRPClient.java @@ -38,147 +38,84 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.srp; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.MD5; import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; - +import gnu.javax.crypto.assembly.Direction; +import gnu.javax.crypto.cipher.CipherFactory; +import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.key.IKeyAgreementParty; import gnu.javax.crypto.key.IncomingMessage; -import gnu.javax.crypto.key.KeyAgreementFactory; import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.KeyAgreementFactory; import gnu.javax.crypto.key.OutgoingMessage; import gnu.javax.crypto.key.srp6.SRP6KeyAgreement; -import gnu.javax.crypto.assembly.Direction; -import gnu.javax.crypto.cipher.CipherFactory; -import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.sasl.ClientMechanism; import gnu.javax.crypto.sasl.IllegalMechanismStateException; import gnu.javax.crypto.sasl.InputBuffer; import gnu.javax.crypto.sasl.IntegrityException; import gnu.javax.crypto.sasl.OutputBuffer; - import gnu.javax.security.auth.Password; -import java.io.IOException; -import java.io.PrintWriter; import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.HashMap; import java.util.StringTokenizer; +import java.util.logging.Logger; +import javax.security.auth.DestroyFailedException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; -import javax.security.auth.DestroyFailedException; import javax.security.sasl.AuthenticationException; import javax.security.sasl.SaslClient; import javax.security.sasl.SaslException; /** - * <p>The SASL-SRP client-side mechanism.</p> + * The SASL-SRP client-side mechanism. */ public class SRPClient extends ClientMechanism implements SaslClient { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "SRPClient"; - - // private static final String ERROR = "ERROR"; - // private static final String WARN = " WARN"; - private static final String INFO = " INFO"; - - private static final String TRACE = "DEBUG"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 3; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(final String level, final Object obj) - { - err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); - } - - // Constants and variables - // ------------------------------------------------------------------------- - - // private static final HashMap uid2ctx = new HashMap(); - + private static final Logger log = Logger.getLogger(SRPClient.class.getName()); private String uid; // the unique key for this type of client - private String U; // the authentication identity - BigInteger N, g, A, B; - private Password password; // the authentication credentials - private byte[] s; // the user's salt - private byte[] cIV, sIV; // client+server IVs, when confidentiality is on - private byte[] M1, M2; // client+server evidences - private byte[] cn, sn; // client's and server's nonce - private SRP srp; // SRP algorithm instance used by this client - private byte[] sid; // session ID when re-used - private int ttl; // session time-to-live in seconds - private byte[] sCB; // the peer's channel binding data - private String L; // available options - private String o; - private String chosenIntegrityAlgorithm; - private String chosenConfidentialityAlgorithm; - private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT; - private byte[] K; // shared session key - private boolean replayDetection = true; // whether Replay Detection is on - private int inCounter = 0; // messages sequence numbers - private int outCounter = 0; - private IALG inMac, outMac; // if !null, use for integrity - private CALG inCipher, outCipher; // if !null, use for confidentiality - private IKeyAgreementParty clientHandler = KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA); - /** Our default source of randomness. */ private PRNG prng = null; - // Constructor(s) - // ------------------------------------------------------------------------- - public SRPClient() { super(Registry.SASL_SRP_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { // we shall keep track of the sid (and the security context of this @@ -195,9 +132,8 @@ public class SRPClient extends ClientMechanism implements SaslClient b = protocol.getBytes(); md.update(b, 0, b.length); if (channelBinding.length > 0) - { - md.update(channelBinding, 0, channelBinding.length); - } + md.update(channelBinding, 0, channelBinding.length); + uid = Util.toBase64(md.digest()); if (ClientStore.instance().isAlive(uid)) { @@ -253,8 +189,6 @@ public class SRPClient extends ClientMechanism implements SaslClient sn = null; } - // javax.security.sasl.SaslClient interface implementation ----------------- - public boolean hasInitialResponse() { return true; @@ -282,7 +216,7 @@ public class SRPClient extends ClientMechanism implements SaslClient } return result; case 2: // should only occur if session re-use was rejected - if (!complete) + if (! complete) { state++; return receiveEvidence(challenge); @@ -296,22 +230,15 @@ public class SRPClient extends ClientMechanism implements SaslClient protected byte[] engineUnwrap(final byte[] incoming, final int offset, final int len) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> engineUnwrap()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineUnwrap"); if (inMac == null && inCipher == null) - { - throw new IllegalStateException("connection is not protected"); - } - + throw new IllegalStateException("connection is not protected"); // at this point one, or both, of confidentiality and integrity protection // services are active. - final byte[] result; try { - // final InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len); - // result = frameIn.getEOS(); if (inMac != null) { // integrity bytes are at the end of the stream final int macBytesCount = inMac.length(); @@ -320,16 +247,14 @@ public class SRPClient extends ClientMechanism implements SaslClient final byte[] received_mac = new byte[macBytesCount]; System.arraycopy(incoming, offset + payloadLength, received_mac, 0, macBytesCount); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got C (received MAC): " - + Util.dumpString(received_mac)); - // inMac.update(result); + if (Configuration.DEBUG) + log.fine("Got C (received MAC): " + Util.dumpString(received_mac)); inMac.update(incoming, offset, payloadLength); if (replayDetection) { inCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "inCounter=" + String.valueOf(inCounter)); + if (Configuration.DEBUG) + log.fine("inCounter=" + inCounter); inMac.update(new byte[] { (byte) (inCounter >>> 24), (byte) (inCounter >>> 16), (byte) (inCounter >>> 8), @@ -337,170 +262,106 @@ public class SRPClient extends ClientMechanism implements SaslClient } final byte[] computed_mac = inMac.doFinal(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac)); + if (Configuration.DEBUG) + log.fine("Computed MAC: " + Util.dumpString(computed_mac)); if (!Arrays.equals(received_mac, computed_mac)) - { - throw new IntegrityException("engineUnwrap()"); - } - + throw new IntegrityException("engineUnwrap()"); // deal with the payload, which can be either plain or encrypted if (inCipher != null) - { - result = inCipher.doFinal(incoming, offset, payloadLength); - } + result = inCipher.doFinal(incoming, offset, payloadLength); else { result = new byte[len - macBytesCount]; System.arraycopy(incoming, offset, result, 0, result.length); } } - else - { // no integrity protection; just confidentiality - // if (inCipher != null) { - result = inCipher.doFinal(incoming, offset, len); - // } else { - // result = new byte[len]; - // System.arraycopy(incoming, offset, result, 0, len); - // } - } - // if (inCipher != null) { - // result = inCipher.doFinal(result); - // } + else // no integrity protection; just confidentiality + result = inCipher.doFinal(incoming, offset, len); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("engineUnwrap()", x); } - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== engineUnwrap()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineUnwrap"); return result; } protected byte[] engineWrap(final byte[] outgoing, final int offset, final int len) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> engineWrap()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineWrap"); if (outMac == null && outCipher == null) - { - throw new IllegalStateException("connection is not protected"); - } - + throw new IllegalStateException("connection is not protected"); // at this point one, or both, of confidentiality and integrity protection // services are active. - - // byte[] data = new byte[len]; - // System.arraycopy(outgoing, offset, data, 0, len); byte[] result; try { - // OutputBuffer frameOut = new OutputBuffer(); final ByteArrayOutputStream out = new ByteArrayOutputStream(); // Process the data if (outCipher != null) { - // data = outCipher.doFinal(data); result = outCipher.doFinal(outgoing, offset, len); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding c (encrypted plaintext): " - + Util.dumpString(result)); - - // frameOut.setEOS(data); + if (Configuration.DEBUG) + log.fine("Encoding c (encrypted plaintext): " + + Util.dumpString(result)); out.write(result); - if (outMac != null) { outMac.update(result); if (replayDetection) { outCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "outCounter=" + String.valueOf(outCounter)); - outMac.update(new byte[] { (byte) (outCounter >>> 24), - (byte) (outCounter >>> 16), - (byte) (outCounter >>> 8), - (byte) outCounter }); + if (Configuration.DEBUG) + log.fine("outCounter=" + outCounter); + outMac.update(new byte[] { (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); - // frameOut.setOS(C); out.write(C); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding C (integrity checksum): " - + Util.dumpString(C)); - } // else confidentiality only; do nothing + if (Configuration.DEBUG) + log.fine("Encoding C (integrity checksum): " + Util.dumpString(C)); + } + // else confidentiality only; do nothing } - else - { // no confidentiality; just integrity [+ replay detection] - // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding p (plaintext): " - + Util.dumpString(outgoing, offset, len)); - - // frameOut.setEOS(data); + else // no confidentiality; just integrity [+ replay detection] + { + if (Configuration.DEBUG) + log.fine("Encoding p (plaintext): " + + Util.dumpString(outgoing, offset, len)); out.write(outgoing, offset, len); - - // if (outMac != null) { - // outMac.update(data); outMac.update(outgoing, offset, len); if (replayDetection) { outCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "outCounter=" + String.valueOf(outCounter)); - outMac.update(new byte[] { (byte) (outCounter >>> 24), - (byte) (outCounter >>> 16), - (byte) (outCounter >>> 8), - (byte) outCounter }); + if (Configuration.DEBUG) + log.fine("outCounter=" + outCounter); + outMac.update(new byte[] { (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); - // frameOut.setOS(C); out.write(C); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding C (integrity checksum): " - + Util.dumpString(C)); - // } + if (Configuration.DEBUG) + log.fine("Encoding C (integrity checksum): " + Util.dumpString(C)); } - - // frameOut.setEOS(data); - // - // if (outMac != null) { - // outMac.update(data); - // if (replayDetection) { - // outCounter++; - // if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter)); - // outMac.update(new byte[] { - // (byte)(outCounter >>> 24), - // (byte)(outCounter >>> 16), - // (byte)(outCounter >>> 8), - // (byte) outCounter }); - // } - // byte[] C = outMac.doFinal(); - // frameOut.setOS(C); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C)); - // } - - // result = frameOut.wrap(); result = out.toByteArray(); - } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("engineWrap()", x); } - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== engineWrap()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineWrap"); return result; } @@ -509,13 +370,9 @@ public class SRPClient extends ClientMechanism implements SaslClient if (inMac != null) { if (inCipher != null) - { - return Registry.QOP_AUTH_CONF; - } - else - { - return Registry.QOP_AUTH_INT; - } + return Registry.QOP_AUTH_CONF; + + return Registry.QOP_AUTH_INT; } return Registry.QOP_AUTH; } @@ -525,13 +382,9 @@ public class SRPClient extends ClientMechanism implements SaslClient if (inMac != null) { if (inCipher != null) - { - return Registry.STRENGTH_HIGH; - } - else - { - return Registry.STRENGTH_MEDIUM; - } + return Registry.STRENGTH_HIGH; + + return Registry.STRENGTH_MEDIUM; } return Registry.STRENGTH_LOW; } @@ -550,19 +403,16 @@ public class SRPClient extends ClientMechanism implements SaslClient private byte[] sendIdentities() throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> sendIdentities()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "sendIdentities"); // If necessary, prompt the client for the username and password getUsernameAndPassword(); - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Password: \"" + new String(password.getPassword()) + "\""); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding U (username): \"" + U + "\""); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding I (userid): \"" + authorizationID + "\""); - + if (Configuration.DEBUG) + { + log.fine("Password: \"" + new String(password.getPassword()) + "\""); + log.fine("Encoding U (username): \"" + U + "\""); + log.fine("Encoding I (userid): \"" + authorizationID + "\""); + } // if session re-use generate new 16-byte nonce if (sid.length != 0) { @@ -570,9 +420,7 @@ public class SRPClient extends ClientMechanism implements SaslClient getDefaultPRNG().nextBytes(cn); } else - { - cn = new byte[0]; - } + cn = new byte[0]; final OutputBuffer frameOut = new OutputBuffer(); try @@ -586,36 +434,30 @@ public class SRPClient extends ClientMechanism implements SaslClient catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendIdentities()", x); } final byte[] result = frameOut.encode(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendIdentities()"); - if (DEBUG && debuglevel > 2) - debug(INFO, "C: " + Util.dumpString(result)); - if (DEBUG && debuglevel > 2) - debug(INFO, " U = " + U); - if (DEBUG && debuglevel > 2) - debug(INFO, " I = " + authorizationID); - if (DEBUG && debuglevel > 2) - debug(INFO, "sid = " + new String(sid)); - if (DEBUG && debuglevel > 2) - debug(INFO, " cn = " + Util.dumpString(cn)); - if (DEBUG && debuglevel > 2) - debug(INFO, "cCB = " + Util.dumpString(channelBinding)); + if (Configuration.DEBUG) + { + log.fine("C: " + Util.dumpString(result)); + log.fine(" U = " + U); + log.fine(" I = " + authorizationID); + log.fine("sid = " + new String(sid)); + log.fine(" cn = " + Util.dumpString(cn)); + log.fine("cCB = " + Util.dumpString(channelBinding)); + log.exiting(this.getClass().getName(), "sendIdentities"); + } return result; } private byte[] sendPublicKey(final byte[] input) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> sendPublicKey()"); - if (DEBUG && debuglevel > 6) - debug(TRACE, "S: " + Util.dumpString(input)); - + if (Configuration.DEBUG) + { + log.entering(this.getClass().getName(), "sendPublicKey"); + log.fine("S: " + Util.dumpString(input)); + } // Server sends [00], N, g, s, B, L // or [FF], sn, sCB final InputBuffer frameIn = new InputBuffer(input); @@ -626,57 +468,47 @@ public class SRPClient extends ClientMechanism implements SaslClient if (ack == 0x00) { // new session N = frameIn.getMPI(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got N (modulus): " + Util.dump(N)); + if (Configuration.DEBUG) + log.fine("Got N (modulus): " + Util.dump(N)); g = frameIn.getMPI(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got g (generator): " + Util.dump(g)); + if (Configuration.DEBUG) + log.fine("Got g (generator): " + Util.dump(g)); s = frameIn.getOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got s (salt): " + Util.dumpString(s)); + if (Configuration.DEBUG) + log.fine("Got s (salt): " + Util.dumpString(s)); B = frameIn.getMPI(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got B (server ephermeral public key): " - + Util.dump(B)); + if (Configuration.DEBUG) + log.fine("Got B (server ephermeral public key): " + Util.dump(B)); L = frameIn.getText(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got L (available options): \"" + L + "\""); + if (Configuration.DEBUG) + log.fine("Got L (available options): \"" + L + "\""); } else if (ack == 0xFF) { // session re-use sn = frameIn.getOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sn (server nonce): " + Util.dumpString(sn)); + if (Configuration.DEBUG) + log.fine("Got sn (server nonce): " + Util.dumpString(sn)); sCB = frameIn.getEOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sCB (server channel binding): " - + Util.dumpString(sCB)); - } - else - { // unexpected scalar - throw new SaslException("sendPublicKey(): Invalid scalar (" + ack - + ") in server's request"); + if (Configuration.DEBUG) + log.fine("Got sCB (server channel binding): " + Util.dumpString(sCB)); } + else // unexpected scalar + throw new SaslException("sendPublicKey(): Invalid scalar (" + ack + + ") in server's request"); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("sendPublicKey()", x); } - if (ack == 0x00) { // new session --------------------------------------- o = createO(L.toLowerCase()); // do this first to initialise the SRP hash - final byte[] pBytes; // use ASCII encoding to inter-operate w/ non-java pBytes = password.getBytes(); - // ---------------------------------------------------------------------- final HashMap mapA = new HashMap(); - // mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.newDigest()); mapA.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm()); mapA.put(SRP6KeyAgreement.USER_IDENTITY, U); mapA.put(SRP6KeyAgreement.USER_PASSWORD, pBytes); @@ -689,9 +521,6 @@ public class SRPClient extends ClientMechanism implements SaslClient { throw new SaslException("sendPublicKey()", x); } - - // ---------------------------------------------------------------------- - // ------------------------------------------------------------------- try { @@ -702,7 +531,6 @@ public class SRPClient extends ClientMechanism implements SaslClient out.writeMPI(B); IncomingMessage in = new IncomingMessage(out.toByteArray()); out = clientHandler.processMessage(in); - in = new IncomingMessage(out.toByteArray()); A = in.readMPI(); K = clientHandler.getSharedSecret(); @@ -712,13 +540,11 @@ public class SRPClient extends ClientMechanism implements SaslClient throw new SaslException("sendPublicKey()", x); } // ------------------------------------------------------------------- - - if (DEBUG && debuglevel > 6) - debug(TRACE, "K: " + Util.dumpString(K)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding A (client ephemeral public key): " - + Util.dump(A)); - + if (Configuration.DEBUG) + { + log.fine("K: " + Util.dumpString(K)); + log.fine("Encoding A (client ephemeral public key): " + Util.dump(A)); + } try { M1 = srp.generateM1(N, g, U, s, A, B, K, authorizationID, L, cn, @@ -728,13 +554,11 @@ public class SRPClient extends ClientMechanism implements SaslClient { throw new AuthenticationException("sendPublicKey()", x); } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding o (client chosen options): \"" + o + "\""); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding cIV (client IV): \"" + Util.dumpString(cIV) - + "\""); - + if (Configuration.DEBUG) + { + log.fine("Encoding o (client chosen options): \"" + o + "\""); + log.fine("Encoding cIV (client IV): \"" + Util.dumpString(cIV) + "\""); + } final OutputBuffer frameOut = new OutputBuffer(); try { @@ -746,74 +570,65 @@ public class SRPClient extends ClientMechanism implements SaslClient catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendPublicKey()", x); } final byte[] result = frameOut.encode(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendPublicKey()"); - if (DEBUG && debuglevel > 2) - debug(INFO, "New session, or session re-use rejected..."); - if (DEBUG && debuglevel > 2) - debug(INFO, "C: " + Util.dumpString(result)); - if (DEBUG && debuglevel > 2) - debug(INFO, " A = 0x" + A.toString(16)); - if (DEBUG && debuglevel > 2) - debug(INFO, " M1 = " + Util.dumpString(M1)); - if (DEBUG && debuglevel > 2) - debug(INFO, " o = " + o); - if (DEBUG && debuglevel > 2) - debug(INFO, "cIV = " + Util.dumpString(cIV)); - + if (Configuration.DEBUG) + { + log.fine("New session, or session re-use rejected..."); + log.fine("C: " + Util.dumpString(result)); + log.fine(" A = 0x" + A.toString(16)); + log.fine(" M1 = " + Util.dumpString(M1)); + log.fine(" o = " + o); + log.fine("cIV = " + Util.dumpString(cIV)); + log.exiting(this.getClass().getName(), "sendPublicKey"); + } return result; } - else - { // session re-use accepted ------------------------------------- + else // session re-use accepted ------------------------------------------- + { setupSecurityServices(true); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendPublicKey()"); - if (DEBUG && debuglevel > 2) - debug(INFO, "Session re-use accepted..."); + if (Configuration.DEBUG) + { + log.fine("Session re-use accepted..."); + log.exiting(this.getClass().getName(), "sendPublicKey"); + } return null; } } private byte[] receiveEvidence(byte[] input) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> receiveEvidence()"); - if (DEBUG && debuglevel > 6) - debug(TRACE, "S: " + Util.dumpString(input)); - + if (Configuration.DEBUG) + { + log.entering(this.getClass().getName(), "receiveEvidence"); + log.fine("S: " + Util.dumpString(input)); + } // Server send M2, sIV, sCB, sid, ttl final InputBuffer frameIn = new InputBuffer(input); try { M2 = frameIn.getOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got M2 (server evidence): " + Util.dumpString(M2)); + if (Configuration.DEBUG) + log.fine("Got M2 (server evidence): " + Util.dumpString(M2)); sIV = frameIn.getOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sIV (server IV): " + Util.dumpString(sIV)); + if (Configuration.DEBUG) + log.fine("Got sIV (server IV): " + Util.dumpString(sIV)); sid = frameIn.getEOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sid (session ID): " + new String(sid)); + if (Configuration.DEBUG) + log.fine("Got sid (session ID): " + new String(sid)); ttl = (int) frameIn.getScalar(4); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got ttl (session time-to-live): " + ttl + "sec."); + if (Configuration.DEBUG) + log.fine("Got ttl (session time-to-live): " + ttl + "sec."); sCB = frameIn.getEOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sCB (server channel binding): " - + Util.dumpString(sCB)); + if (Configuration.DEBUG) + log.fine("Got sCB (server channel binding): " + Util.dumpString(sCB)); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("receiveEvidence()", x); } @@ -827,18 +642,14 @@ public class SRPClient extends ClientMechanism implements SaslClient { throw new AuthenticationException("receiveEvidence()", x); } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Expected: " + Util.dumpString(expected)); + if (Configuration.DEBUG) + log.fine("Expected: " + Util.dumpString(expected)); if (!Arrays.equals(M2, expected)) - { - throw new AuthenticationException("M2 mismatch"); - } + throw new AuthenticationException("M2 mismatch"); setupSecurityServices(false); - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== receiveEvidence()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "receiveEvidence"); return null; } @@ -846,19 +657,15 @@ public class SRPClient extends ClientMechanism implements SaslClient { try { - if ((!properties.containsKey(Registry.SASL_USERNAME)) - && (!properties.containsKey(Registry.SASL_PASSWORD))) + if ((! properties.containsKey(Registry.SASL_USERNAME)) + && (! properties.containsKey(Registry.SASL_PASSWORD))) { final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); final PasswordCallback pwdCB = new PasswordCallback("password: ", false); handler.handle(new Callback[] { nameCB, pwdCB }); @@ -868,21 +675,15 @@ public class SRPClient extends ClientMechanism implements SaslClient else { if (properties.containsKey(Registry.SASL_USERNAME)) - { - this.U = (String) properties.get(Registry.SASL_USERNAME); - } + this.U = (String) properties.get(Registry.SASL_USERNAME); else { final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); this.handler.handle(new Callback[] { nameCB }); this.U = nameCB.getName(); } @@ -897,14 +698,12 @@ public class SRPClient extends ClientMechanism implements SaslClient else if (pw instanceof String) password = new Password(((String) pw).toCharArray()); else - throw new IllegalArgumentException( - pw.getClass().getName() - + "is not a valid password class"); + throw new IllegalArgumentException(pw.getClass().getName() + + "is not a valid password class"); } else { - final PasswordCallback pwdCB = new PasswordCallback( - "password: ", + final PasswordCallback pwdCB = new PasswordCallback("password: ", false); this.handler.handle(new Callback[] { pwdCB }); password = new Password(pwdCB.getPassword()); @@ -912,13 +711,9 @@ public class SRPClient extends ClientMechanism implements SaslClient } if (U == null) - { - throw new AuthenticationException("null username supplied"); - } + throw new AuthenticationException("null username supplied"); if (password == null) - { - throw new AuthenticationException("null password supplied"); - } + throw new AuthenticationException("null password supplied"); } catch (UnsupportedCallbackException x) { @@ -935,9 +730,8 @@ public class SRPClient extends ClientMechanism implements SaslClient // to us by the client. private String createO(final String aol) throws AuthenticationException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> createO(\"" + aol + "\")"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "createO", aol); boolean replaydetectionAvailable = false; boolean integrityAvailable = false; boolean confidentialityAvailable = false; @@ -945,7 +739,6 @@ public class SRPClient extends ClientMechanism implements SaslClient int i; String mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME; - final StringTokenizer st = new StringTokenizer(aol, ","); while (st.hasMoreTokens()) { @@ -953,8 +746,8 @@ public class SRPClient extends ClientMechanism implements SaslClient if (option.startsWith(SRPRegistry.OPTION_SRP_DIGEST + "=")) { option = option.substring(option.indexOf('=') + 1); - if (DEBUG && debuglevel > 6) - debug(TRACE, "mda: <" + option + ">"); + if (Configuration.DEBUG) + log.fine("mda: <" + option + ">"); for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) { if (SRPRegistry.SRP_ALGORITHMS[i].equals(option)) @@ -965,14 +758,12 @@ public class SRPClient extends ClientMechanism implements SaslClient } } else if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) - { - replaydetectionAvailable = true; - } + replaydetectionAvailable = true; else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "=")) { option = option.substring(option.indexOf('=') + 1); - if (DEBUG && debuglevel > 6) - debug(TRACE, "ialg: <" + option + ">"); + if (Configuration.DEBUG) + log.fine("ialg: <" + option + ">"); for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) { if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) @@ -986,8 +777,8 @@ public class SRPClient extends ClientMechanism implements SaslClient else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) { option = option.substring(option.indexOf('=') + 1); - if (DEBUG && debuglevel > 6) - debug(TRACE, "calg: <" + option + ">"); + if (Configuration.DEBUG) + log.fine("calg: <" + option + ">"); for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) { if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) @@ -999,9 +790,7 @@ public class SRPClient extends ClientMechanism implements SaslClient } } else if (option.startsWith(SRPRegistry.OPTION_MANDATORY + "=")) - { - mandatory = option.substring(option.indexOf('=') + 1); - } + mandatory = option.substring(option.indexOf('=') + 1); else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=")) { final String maxBufferSize = option.substring(option.indexOf('=') + 1); @@ -1010,32 +799,22 @@ public class SRPClient extends ClientMechanism implements SaslClient rawSendSize = Integer.parseInt(maxBufferSize); if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT || rawSendSize < 1) - { - throw new AuthenticationException( - "Illegal value for 'maxbuffersize' option"); - } + throw new AuthenticationException("Illegal value for 'maxbuffersize' option"); } catch (NumberFormatException x) { - throw new AuthenticationException( - SRPRegistry.OPTION_MAX_BUFFER_SIZE - + "=" - + String.valueOf(maxBufferSize), + throw new AuthenticationException(SRPRegistry.OPTION_MAX_BUFFER_SIZE + + "=" + maxBufferSize, x); } } } - replayDetection = replaydetectionAvailable - && Boolean.valueOf( - (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION)).booleanValue(); + && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION)).booleanValue(); boolean integrity = integrityAvailable - && Boolean.valueOf( - (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION)).booleanValue(); + && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION)).booleanValue(); boolean confidentiality = confidentialityAvailable - && Boolean.valueOf( - (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY)).booleanValue(); - + && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY)).booleanValue(); // make sure we do the right thing if (SRPRegistry.OPTION_REPLAY_DETECTION.equals(mandatory)) { @@ -1043,95 +822,67 @@ public class SRPClient extends ClientMechanism implements SaslClient integrity = true; } else if (SRPRegistry.OPTION_INTEGRITY.equals(mandatory)) - { - integrity = true; - } + integrity = true; else if (SRPRegistry.OPTION_CONFIDENTIALITY.equals(mandatory)) - { - confidentiality = true; - } + confidentiality = true; + if (replayDetection) { if (chosenIntegrityAlgorithm == null) - { - throw new AuthenticationException( - "Replay detection is required but no " - + "integrity protection algorithm was chosen"); - } + throw new AuthenticationException( + "Replay detection is required but no integrity protection algorithm was chosen"); } if (integrity) { if (chosenIntegrityAlgorithm == null) - { - throw new AuthenticationException( - "Integrity protection is required but no " - + "algorithm was chosen"); - } + throw new AuthenticationException( + "Integrity protection is required but no algorithm was chosen"); } if (confidentiality) { if (chosenConfidentialityAlgorithm == null) - { - throw new AuthenticationException( - "Confidentiality protection is required " - + "but no algorithm was chosen"); - } + throw new AuthenticationException( + "Confidentiality protection is required but no algorithm was chosen"); } - // 1. check if we'll be using confidentiality; if not set IV to 0-byte if (chosenConfidentialityAlgorithm == null) - { - cIV = new byte[0]; - } + cIV = new byte[0]; else { // 2. get the block size of the cipher final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm); if (cipher == null) - { - throw new AuthenticationException("createO()", - new NoSuchAlgorithmException()); - } + throw new AuthenticationException("createO()", + new NoSuchAlgorithmException()); final int blockSize = cipher.defaultBlockSize(); // 3. generate random iv cIV = new byte[blockSize]; getDefaultPRNG().nextBytes(cIV); } - srp = SRP.instance(mdName); - // Now create the options list specifying which of the available options // we have chosen. // For now we just select the defaults. Later we need to add support for // properties (perhaps in a file) where a user can specify the list of // algorithms they would prefer to use. - final StringBuffer sb = new StringBuffer(); - sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append(mdName).append( - ","); + sb.append(SRPRegistry.OPTION_SRP_DIGEST) + .append("=").append(mdName).append(","); if (replayDetection) - { - sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(","); - } + sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(","); if (integrity) - { - sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append( - chosenIntegrityAlgorithm).append( - ","); - } + sb.append(SRPRegistry.OPTION_INTEGRITY) + .append("=").append(chosenIntegrityAlgorithm).append(","); if (confidentiality) - { - sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append( - chosenConfidentialityAlgorithm).append( - ","); - } - final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append( - "=").append( - Registry.SASL_BUFFER_MAX_LIMIT).toString(); - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== createO() --> " + result); + sb.append(SRPRegistry.OPTION_CONFIDENTIALITY) + .append("=").append(chosenConfidentialityAlgorithm).append(","); + + final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE) + .append("=").append(Registry.SASL_BUFFER_MAX_LIMIT) + .toString(); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "createO", result); return result; } @@ -1139,33 +890,30 @@ public class SRPClient extends ClientMechanism implements SaslClient throws SaslException { complete = true; // signal end of authentication phase - if (!sessionReUse) + if (! sessionReUse) { outCounter = inCounter = 0; // instantiate cipher if confidentiality protection filter is active if (chosenConfidentialityAlgorithm != null) { - if (DEBUG && debuglevel > 2) - debug(INFO, "Activating confidentiality protection filter"); + if (Configuration.DEBUG) + log.fine("Activating confidentiality protection filter"); inCipher = CALG.getInstance(chosenConfidentialityAlgorithm); outCipher = CALG.getInstance(chosenConfidentialityAlgorithm); } // instantiate hmacs if integrity protection filter is active if (chosenIntegrityAlgorithm != null) { - if (DEBUG && debuglevel > 2) - debug(INFO, "Activating integrity protection filter"); + if (Configuration.DEBUG) + log.fine("Activating integrity protection filter"); inMac = IALG.getInstance(chosenIntegrityAlgorithm); outMac = IALG.getInstance(chosenIntegrityAlgorithm); } } - else - { // same session new Keys - K = srp.generateKn(K, cn, sn); - } + else // same session new Keys + K = srp.generateKn(K, cn, sn); final KDF kdf = KDF.getInstance(K); - // initialise in/out ciphers if confidentiality protection is used if (inCipher != null) { @@ -1178,16 +926,13 @@ public class SRPClient extends ClientMechanism implements SaslClient inMac.init(kdf); outMac.init(kdf); } - if (sid != null && sid.length != 0) { // update the security context and save in map - if (DEBUG && debuglevel > 2) - debug(INFO, "Updating security context for UID = " + uid); - ClientStore.instance().cacheSession( - uid, + if (Configuration.DEBUG) + log.fine("Updating security context for UID = " + uid); + ClientStore.instance().cacheSession(uid, ttl, - new SecurityContext( - srp.getAlgorithm(), + new SecurityContext(srp.getAlgorithm(), sid, K, cIV, diff --git a/gnu/javax/crypto/sasl/srp/SRPServer.java b/gnu/javax/crypto/sasl/srp/SRPServer.java index 672660b26..18452555c 100644 --- a/gnu/javax/crypto/sasl/srp/SRPServer.java +++ b/gnu/javax/crypto/sasl/srp/SRPServer.java @@ -38,18 +38,18 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.srp; +import gnu.classpath.Configuration; import gnu.java.security.Registry; import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; - import gnu.javax.crypto.assembly.Direction; import gnu.javax.crypto.cipher.CipherFactory; import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.key.IKeyAgreementParty; -import gnu.javax.crypto.key.KeyAgreementFactory; +import gnu.javax.crypto.key.IncomingMessage; import gnu.javax.crypto.key.KeyAgreementException; +import gnu.javax.crypto.key.KeyAgreementFactory; import gnu.javax.crypto.key.OutgoingMessage; -import gnu.javax.crypto.key.IncomingMessage; import gnu.javax.crypto.key.srp6.SRP6KeyAgreement; import gnu.javax.crypto.sasl.IllegalMechanismStateException; import gnu.javax.crypto.sasl.InputBuffer; @@ -57,114 +57,55 @@ import gnu.javax.crypto.sasl.IntegrityException; import gnu.javax.crypto.sasl.OutputBuffer; import gnu.javax.crypto.sasl.ServerMechanism; -import java.io.IOException; -import java.io.PrintWriter; import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.util.Arrays; import java.util.HashMap; import java.util.StringTokenizer; +import java.util.logging.Logger; import javax.security.sasl.AuthenticationException; import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; /** - * <p>The SASL-SRP server-side mechanism.</p> + * The SASL-SRP server-side mechanism. */ public class SRPServer extends ServerMechanism implements SaslServer { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "SRPServer"; - - // private static final String ERROR = "ERROR"; - private static final String WARN = " WARN"; - - private static final String INFO = " INFO"; - - private static final String TRACE = "DEBUG"; - - private static final boolean DEBUG = true; - - private static final int debuglevel = 3; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(final String level, final Object obj) - { - err.println("[" + level + "] " + NAME + ": " + String.valueOf(obj)); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(SRPServer.class.getName()); private String U = null; // client's username - private BigInteger N, g, A, B; - private byte[] s; // salt - private byte[] cIV, sIV; // client+server IVs, when confidentiality is on - private byte[] cn, sn; // client's and server's nonce - private SRP srp; // SRP algorithm instance used by this server - private byte[] sid; // session ID when re-used - private int ttl = 360; // session time-to-live in seconds - private byte[] cCB; // peer's channel binding' - private String mandatory; // List of available options - private String L = null; - private String o; - private String chosenIntegrityAlgorithm; - private String chosenConfidentialityAlgorithm; - private int rawSendSize = Registry.SASL_BUFFER_MAX_LIMIT; - private byte[] K; // shared session key - private boolean replayDetection = true; // whether Replay Detection is on - private int inCounter = 0; // messages sequence numbers - private int outCounter = 0; - private IALG inMac, outMac; // if !null, use for integrity - private CALG inCipher, outCipher; // if !null, use for confidentiality - private IKeyAgreementParty serverHandler = KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA); - /** Our default source of randomness. */ private PRNG prng = null; - // Constructor(s) - // ------------------------------------------------------------------------- - public SRPServer() { super(Registry.SASL_SRP_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { // TODO: @@ -187,21 +128,18 @@ public class SRPServer extends ServerMechanism implements SaslServer sid = null; } - // javax.security.sasl.SaslServer interface implementation ----------------- - public byte[] evaluateResponse(final byte[] response) throws SaslException { switch (state) { case 0: if (response == null) - { - return null; - } + return null; + state++; return sendProtocolElements(response); case 1: - if (!complete) + if (! complete) { state++; return sendEvidence(response); @@ -215,65 +153,15 @@ public class SRPServer extends ServerMechanism implements SaslServer protected byte[] engineUnwrap(final byte[] incoming, final int offset, final int len) throws SaslException { - // if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineUnwrap()"); - // - // if (inMac == null && inCipher == null) { - // throw new IllegalStateException("connection is not protected"); - // } - // - // if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (before security): "+Util.dumpString(incoming, offset, len)); - // - // byte[] data = null; - // try { - // InputBuffer frameIn = InputBuffer.getInstance(incoming, offset, len); - // data = frameIn.getEOS(); - // if (inMac != null) { - // byte[] received_mac = frameIn.getOS(); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Got C (received MAC): "+Util.dumpString(received_mac)); - // inMac.update(data); - // if (replayDetection) { - // inCounter++; - // if (DEBUG && debuglevel > 6) debug(TRACE, "inCounter="+String.valueOf(inCounter)); - // inMac.update(new byte[] { - // (byte)(inCounter >>> 24), - // (byte)(inCounter >>> 16), - // (byte)(inCounter >>> 8), - // (byte) inCounter }); - // } - // final byte[] computed_mac = inMac.doFinal(); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Computed MAC: "+Util.dumpString(computed_mac)); - // if (!Arrays.equals(received_mac, computed_mac)) - // throw new IntegrityException("engineUnwrap()"); - // } - // if (inCipher != null) { - // data = inCipher.doFinal(data); - // } - // } catch (IOException x) { - // if (x instanceof SaslException) { - // throw (SaslException) x; - // } - // throw new SaslException("engineUnwrap()", x); - // } - // - // if (DEBUG && debuglevel > 6) debug(TRACE, "Incoming buffer (after security): "+Util.dumpString(data)); - // if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineUnwrap()"); - // return data; - - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> engineUnwrap()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineUnwrap"); if (inMac == null && inCipher == null) - { - throw new IllegalStateException("connection is not protected"); - } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (before security): " - + Util.dumpString(incoming, offset, len)); - + throw new IllegalStateException("connection is not protected"); + if (Configuration.DEBUG) + log.fine("Incoming buffer (before security): " + + Util.dumpString(incoming, offset, len)); // at this point one, or both, of confidentiality and integrity protection // services are active. - final byte[] result; try { @@ -284,137 +172,67 @@ public class SRPServer extends ServerMechanism implements SaslServer final byte[] received_mac = new byte[macBytesCount]; System.arraycopy(incoming, offset + payloadLength, received_mac, 0, macBytesCount); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got C (received MAC): " - + Util.dumpString(received_mac)); + if (Configuration.DEBUG) + log.fine("Got C (received MAC): " + Util.dumpString(received_mac)); inMac.update(incoming, offset, payloadLength); if (replayDetection) { inCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "inCounter=" + String.valueOf(inCounter)); - inMac.update(new byte[] { (byte) (inCounter >>> 24), - (byte) (inCounter >>> 16), - (byte) (inCounter >>> 8), - (byte) inCounter }); + if (Configuration.DEBUG) + log.fine("inCounter=" + String.valueOf(inCounter)); + inMac.update(new byte[] { (byte)(inCounter >>> 24), + (byte)(inCounter >>> 16), + (byte)(inCounter >>> 8), + (byte) inCounter }); } - final byte[] computed_mac = inMac.doFinal(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Computed MAC: " + Util.dumpString(computed_mac)); + if (Configuration.DEBUG) + log.fine("Computed MAC: " + Util.dumpString(computed_mac)); if (!Arrays.equals(received_mac, computed_mac)) - { - throw new IntegrityException("engineUnwrap()"); - } + throw new IntegrityException("engineUnwrap()"); // deal with the payload, which can be either plain or encrypted if (inCipher != null) - { - result = inCipher.doFinal(incoming, offset, payloadLength); - } + result = inCipher.doFinal(incoming, offset, payloadLength); else { result = new byte[payloadLength]; System.arraycopy(incoming, offset, result, 0, result.length); } } - else - { // no integrity protection; just confidentiality - // if (inCipher != null) { - result = inCipher.doFinal(incoming, offset, len); - // } else { - // result = new byte[len]; - // System.arraycopy(incoming, offset, result, 0, len); - // } - } + else // no integrity protection; just confidentiality + result = inCipher.doFinal(incoming, offset, len); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("engineUnwrap()", x); } - if (DEBUG && debuglevel > 6) - debug(TRACE, "Incoming buffer (after security): " - + Util.dumpString(result)); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== engineUnwrap()"); + if (Configuration.DEBUG) + { + log.fine("Incoming buffer (after security): " + Util.dumpString(result)); + log.exiting(this.getClass().getName(), "engineUnwrap"); + } return result; } protected byte[] engineWrap(final byte[] outgoing, final int offset, final int len) throws SaslException { - // if (DEBUG && debuglevel > 8) debug(TRACE, "==> engineWrap()"); - // - // if (outMac == null && outCipher == null) { - // throw new IllegalStateException("connection is not protected"); - // } - // - // byte[] data = new byte[len]; - // System.arraycopy(outgoing, offset, data, 0, len); - // - // if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (hex): "+Util.dumpString(data)); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Outgoing buffer (before security) (str): \""+new String(data)+"\""); - // - // final byte[] result; - // try { - // OutputBuffer frameOut = new OutputBuffer(); - // // Process the data - // if (outCipher != null) { - // data = outCipher.doFinal(data); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding c (encrypted plaintext): "+Util.dumpString(data)); - // } else { - // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding p (plaintext): "+Util.dumpString(data)); - // } - // frameOut.setEOS(data); - // if (outMac != null) { - // outMac.update(data); - // if (replayDetection) { - // outCounter++; - // if (DEBUG && debuglevel > 6) debug(TRACE, "outCounter="+String.valueOf(outCounter)); - // outMac.update(new byte[] { - // (byte)(outCounter >>> 24), - // (byte)(outCounter >>> 16), - // (byte)(outCounter >>> 8), - // (byte) outCounter}); - // } - // byte[] C = outMac.doFinal(); - // frameOut.setOS(C); - // if (DEBUG && debuglevel > 6) debug(TRACE, "Encoding C (integrity checksum): "+Util.dumpString(C)); - // } - // result = frameOut.wrap(); - // - // } catch (IOException x) { - // if (x instanceof SaslException) { - // throw (SaslException) x; - // } - // throw new SaslException("engineWrap()", x); - // } - // - // if (DEBUG && debuglevel > 8) debug(TRACE, "<== engineWrap()"); - // return result; - - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> engineWrap()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "engineWrap"); if (outMac == null && outCipher == null) + throw new IllegalStateException("connection is not protected"); + if (Configuration.DEBUG) { - throw new IllegalStateException("connection is not protected"); + log.fine("Outgoing buffer (before security) (hex): " + + Util.dumpString(outgoing, offset, len)); + log.fine("Outgoing buffer (before security) (str): \"" + + new String(outgoing, offset, len) + "\""); } - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (before security) (hex): " - + Util.dumpString(outgoing, offset, len)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Outgoing buffer (before security) (str): \"" - + new String(outgoing, offset, len) + "\""); - // at this point one, or both, of confidentiality and integrity protection // services are active. - byte[] result; try { @@ -422,74 +240,62 @@ public class SRPServer extends ServerMechanism implements SaslServer if (outCipher != null) { result = outCipher.doFinal(outgoing, offset, len); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding c (encrypted plaintext): " - + Util.dumpString(result)); - + if (Configuration.DEBUG) + log.fine("Encoding c (encrypted plaintext): " + + Util.dumpString(result)); out.write(result); - if (outMac != null) { outMac.update(result); if (replayDetection) { outCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "outCounter=" + String.valueOf(outCounter)); - outMac.update(new byte[] { (byte) (outCounter >>> 24), - (byte) (outCounter >>> 16), - (byte) (outCounter >>> 8), - (byte) outCounter }); + if (Configuration.DEBUG) + log.fine("outCounter=" + outCounter); + outMac.update(new byte[] { (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding C (integrity checksum): " - + Util.dumpString(C)); - } // else ciphertext only; do nothing + if (Configuration.DEBUG) + log.fine("Encoding C (integrity checksum): " + Util.dumpString(C)); + } + // else ciphertext only; do nothing } - else - { // no confidentiality; just integrity [+ replay detection] - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding p (plaintext): " - + Util.dumpString(outgoing, offset, len)); - + else // no confidentiality; just integrity [+ replay detection] + { + if (Configuration.DEBUG) + log.fine("Encoding p (plaintext): " + + Util.dumpString(outgoing, offset, len)); out.write(outgoing, offset, len); - - // if (outMac != null) { outMac.update(outgoing, offset, len); if (replayDetection) { outCounter++; - if (DEBUG && debuglevel > 6) - debug(TRACE, "outCounter=" + String.valueOf(outCounter)); - outMac.update(new byte[] { (byte) (outCounter >>> 24), - (byte) (outCounter >>> 16), - (byte) (outCounter >>> 8), - (byte) outCounter }); + if (Configuration.DEBUG) + log.fine("outCounter=" + outCounter); + outMac.update(new byte[] { (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding C (integrity checksum): " - + Util.dumpString(C)); - // } // else plaintext only; do nothing + if (Configuration.DEBUG) + log.fine("Encoding C (integrity checksum): " + Util.dumpString(C)); } - result = out.toByteArray(); - } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("engineWrap()", x); } - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== engineWrap()"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "engineWrap"); return result; } @@ -498,13 +304,9 @@ public class SRPServer extends ServerMechanism implements SaslServer if (inMac != null) { if (inCipher != null) - { - return Registry.QOP_AUTH_CONF; - } - else - { - return Registry.QOP_AUTH_INT; - } + return Registry.QOP_AUTH_CONF; + + return Registry.QOP_AUTH_INT; } return Registry.QOP_AUTH; } @@ -514,13 +316,9 @@ public class SRPServer extends ServerMechanism implements SaslServer if (inMac != null) { if (inCipher != null) - { - return Registry.STRENGTH_HIGH; - } - else - { - return Registry.STRENGTH_MEDIUM; - } + return Registry.STRENGTH_HIGH; + + return Registry.STRENGTH_MEDIUM; } return Registry.STRENGTH_LOW; } @@ -535,45 +333,39 @@ public class SRPServer extends ServerMechanism implements SaslServer return Registry.REUSE_TRUE; } - // other methods ----------------------------------------------------------- - private byte[] sendProtocolElements(final byte[] input) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> sendProtocolElements()"); - if (DEBUG && debuglevel > 6) - debug(TRACE, "C: " + Util.dumpString(input)); - + if (Configuration.DEBUG) + { + log.entering(this.getClass().getName(), "sendProtocolElements"); + log.fine("C: " + Util.dumpString(input)); + } // Client send U, I, sid, cn final InputBuffer frameIn = new InputBuffer(input); try { U = frameIn.getText(); // Extract username - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got U (username): \"" + U + "\""); + if (Configuration.DEBUG) + log.fine("Got U (username): \"" + U + "\""); authorizationID = frameIn.getText(); // Extract authorisation ID - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got I (userid): \"" + authorizationID + "\""); + if (Configuration.DEBUG) + log.fine("Got I (userid): \"" + authorizationID + "\""); sid = frameIn.getEOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got sid (session ID): " + new String(sid)); + if (Configuration.DEBUG) + log.fine("Got sid (session ID): " + new String(sid)); cn = frameIn.getOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got cn (client nonce): " + Util.dumpString(cn)); + if (Configuration.DEBUG) + log.fine("Got cn (client nonce): " + Util.dumpString(cn)); cCB = frameIn.getEOS(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got cCB (client channel binding): " - + Util.dumpString(cCB)); + if (Configuration.DEBUG) + log.fine("Got cCB (client channel binding): " + Util.dumpString(cCB)); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendProtocolElements()", x); } - // do/can we re-use? if (ServerStore.instance().isAlive(sid)) { @@ -589,15 +381,11 @@ public class SRPServer extends ServerMechanism implements SaslServer outMac = ctx.getOutMac(); inCipher = ctx.getInCipher(); outCipher = ctx.getOutCipher(); - if (sn == null || sn.length != 16) - { - sn = new byte[16]; - } - getDefaultPRNG().nextBytes(sn); + sn = new byte[16]; + getDefaultPRNG().nextBytes(sn); setupSecurityServices(false); - final OutputBuffer frameOut = new OutputBuffer(); try { @@ -608,34 +396,27 @@ public class SRPServer extends ServerMechanism implements SaslServer catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendProtocolElements()", x); } final byte[] result = frameOut.encode(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendProtocolElements()"); - if (DEBUG && debuglevel > 2) - debug(INFO, "Old session..."); - if (DEBUG && debuglevel > 2) - debug(INFO, "S: " + Util.dumpString(result)); - if (DEBUG && debuglevel > 2) - debug(INFO, " sn = " + Util.dumpString(sn)); - if (DEBUG && debuglevel > 2) - debug(INFO, " sCB = " + Util.dumpString(channelBinding)); + if (Configuration.DEBUG) + { + log.fine("Old session..."); + log.fine("S: " + Util.dumpString(result)); + log.fine(" sn = " + Util.dumpString(sn)); + log.fine(" sCB = " + Util.dumpString(channelBinding)); + log.exiting(this.getClass().getName(), "sendProtocolElements"); + } return result; } else { // new session authenticator.activate(properties); - // ------------------------------------------------------------------- final HashMap mapB = new HashMap(); - // mapB.put(SRP6KeyAgreement.HASH_FUNCTION, srp.newDigest()); mapB.put(SRP6KeyAgreement.HASH_FUNCTION, srp.getAlgorithm()); mapB.put(SRP6KeyAgreement.HOST_PASSWORD_DB, authenticator); - try { serverHandler.init(mapB); @@ -643,7 +424,6 @@ public class SRPServer extends ServerMechanism implements SaslServer out.writeString(U); IncomingMessage in = new IncomingMessage(out.toByteArray()); out = serverHandler.processMessage(in); - in = new IncomingMessage(out.toByteArray()); N = in.readMPI(); g = in.readMPI(); @@ -655,26 +435,22 @@ public class SRPServer extends ServerMechanism implements SaslServer throw new SaslException("sendProtocolElements()", x); } // ------------------------------------------------------------------- - - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding N (modulus): " + Util.dump(N)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding g (generator): " + Util.dump(g)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding s (client's salt): " + Util.dumpString(s)); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding B (server ephemeral public key): " - + Util.dump(B)); - + if (Configuration.DEBUG) + { + log.fine("Encoding N (modulus): " + Util.dump(N)); + log.fine("Encoding g (generator): " + Util.dump(g)); + log.fine("Encoding s (client's salt): " + Util.dumpString(s)); + log.fine("Encoding B (server ephemeral public key): " + Util.dump(B)); + } // The server creates an options list (L), which consists of a // comma-separated list of option strings that specify the security // service options the server supports. L = createL(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding L (available options): \"" + L + "\""); - if (DEBUG && debuglevel > 6) - debug(TRACE, "Encoding sIV (server IV): " + Util.dumpString(sIV)); - + if (Configuration.DEBUG) + { + log.fine("Encoding L (available options): \"" + L + "\""); + log.fine("Encoding sIV (server IV): " + Util.dumpString(sIV)); + } final OutputBuffer frameOut = new OutputBuffer(); try { @@ -688,69 +464,58 @@ public class SRPServer extends ServerMechanism implements SaslServer catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendProtocolElements()", x); } final byte[] result = frameOut.encode(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendProtocolElements()"); - if (DEBUG && debuglevel > 2) - debug(INFO, "New session..."); - if (DEBUG && debuglevel > 2) - debug(INFO, "S: " + Util.dumpString(result)); - if (DEBUG && debuglevel > 2) - debug(INFO, " N = 0x" + N.toString(16)); - if (DEBUG && debuglevel > 2) - debug(INFO, " g = 0x" + g.toString(16)); - if (DEBUG && debuglevel > 2) - debug(INFO, " s = " + Util.dumpString(s)); - if (DEBUG && debuglevel > 2) - debug(INFO, " B = 0x" + B.toString(16)); - if (DEBUG && debuglevel > 2) - debug(INFO, " L = " + L); + if (Configuration.DEBUG) + { + log.fine("New session..."); + log.fine("S: " + Util.dumpString(result)); + log.fine(" N = 0x" + N.toString(16)); + log.fine(" g = 0x" + g.toString(16)); + log.fine(" s = " + Util.dumpString(s)); + log.fine(" B = 0x" + B.toString(16)); + log.fine(" L = " + L); + log.exiting(this.getClass().getName(), "sendProtocolElements"); + } return result; } } private byte[] sendEvidence(final byte[] input) throws SaslException { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> sendEvidence()"); - if (DEBUG && debuglevel > 6) - debug(TRACE, "C: " + Util.dumpString(input)); - + if (Configuration.DEBUG) + { + log.entering(this.getClass().getName(), "sendEvidence"); + log.fine("C: " + Util.dumpString(input)); + } // Client send A, M1, o, cIV final InputBuffer frameIn = new InputBuffer(input); final byte[] M1; try { A = frameIn.getMPI(); // Extract client's ephemeral public key - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got A (client ephemeral public key): " + Util.dump(A)); + if (Configuration.DEBUG) + log.fine("Got A (client ephemeral public key): " + Util.dump(A)); M1 = frameIn.getOS(); // Extract evidence - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got M1 (client evidence): " + Util.dumpString(M1)); + if (Configuration.DEBUG) + log.fine("Got M1 (client evidence): " + Util.dumpString(M1)); o = frameIn.getText(); // Extract client's options list - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got o (client chosen options): \"" + o + "\""); + if (Configuration.DEBUG) + log.fine("Got o (client chosen options): \"" + o + "\""); cIV = frameIn.getOS(); // Extract client's IV - if (DEBUG && debuglevel > 6) - debug(TRACE, "Got cIV (client IV): " + Util.dumpString(cIV)); + if (Configuration.DEBUG) + log.fine("Got cIV (client IV): " + Util.dumpString(cIV)); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendEvidence()", x); } - // Parse client's options and set security layer variables parseO(o); - // ---------------------------------------------------------------------- try { @@ -765,10 +530,8 @@ public class SRPServer extends ServerMechanism implements SaslServer throw new SaslException("sendEvidence()", x); } // ---------------------------------------------------------------------- - - if (DEBUG && debuglevel > 6) - debug(TRACE, "K: " + Util.dumpString(K)); - + if (Configuration.DEBUG) + log.fine("K: " + Util.dumpString(K)); final byte[] expected; try { @@ -779,15 +542,11 @@ public class SRPServer extends ServerMechanism implements SaslServer { throw new AuthenticationException("sendEvidence()", x); } - // Verify client evidence if (!Arrays.equals(M1, expected)) - { - throw new AuthenticationException("M1 mismatch"); - } + throw new AuthenticationException("M1 mismatch"); setupSecurityServices(true); - final byte[] M2; try { @@ -798,7 +557,6 @@ public class SRPServer extends ServerMechanism implements SaslServer { throw new AuthenticationException("sendEvidence()", x); } - final OutputBuffer frameOut = new OutputBuffer(); try { @@ -811,93 +569,71 @@ public class SRPServer extends ServerMechanism implements SaslServer catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("sendEvidence()", x); } final byte[] result = frameOut.encode(); - if (DEBUG && debuglevel > 2) - debug(INFO, "S: " + Util.dumpString(result)); - if (DEBUG && debuglevel > 2) - debug(INFO, " M2 = " + Util.dumpString(M2)); - if (DEBUG && debuglevel > 2) - debug(INFO, " sIV = " + Util.dumpString(sIV)); - if (DEBUG && debuglevel > 2) - debug(INFO, " sid = " + new String(sid)); - if (DEBUG && debuglevel > 2) - debug(INFO, " ttl = " + ttl); - if (DEBUG && debuglevel > 2) - debug(INFO, " sCB = " + Util.dumpString(channelBinding)); - - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== sendEvidence()"); + if (Configuration.DEBUG) + { + log.fine("S: " + Util.dumpString(result)); + log.fine(" M2 = " + Util.dumpString(M2)); + log.fine(" sIV = " + Util.dumpString(sIV)); + log.fine(" sid = " + new String(sid)); + log.fine(" ttl = " + ttl); + log.fine(" sCB = " + Util.dumpString(channelBinding)); + log.exiting(this.getClass().getName(), "sendEvidence"); + } return result; } private String createL() { - if (DEBUG && debuglevel > 8) - debug(TRACE, "==> createL()"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "createL()"); String s = (String) properties.get(SRPRegistry.SRP_MANDATORY); if (s == null) + s = SRPRegistry.DEFAULT_MANDATORY; + + if (! SRPRegistry.MANDATORY_NONE.equals(s) + && ! SRPRegistry.OPTION_REPLAY_DETECTION.equals(s) + && ! SRPRegistry.OPTION_INTEGRITY.equals(s) + && ! SRPRegistry.OPTION_CONFIDENTIALITY.equals(s)) { + if (Configuration.DEBUG) + log.fine("Unrecognised mandatory option (" + s + "). Using default..."); s = SRPRegistry.DEFAULT_MANDATORY; } - if (!SRPRegistry.MANDATORY_NONE.equals(s) - && !SRPRegistry.OPTION_REPLAY_DETECTION.equals(s) - && !SRPRegistry.OPTION_INTEGRITY.equals(s) - && !SRPRegistry.OPTION_CONFIDENTIALITY.equals(s)) - { - if (DEBUG && debuglevel > 4) - debug(WARN, "Unrecognised mandatory option (" + s - + "). Using default..."); - s = SRPRegistry.DEFAULT_MANDATORY; - } - mandatory = s; - s = (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY); final boolean confidentiality = (s == null ? SRPRegistry.DEFAULT_CONFIDENTIALITY - : Boolean.valueOf(s).booleanValue()); - + : Boolean.valueOf(s).booleanValue()); s = (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION); boolean integrity = (s == null ? SRPRegistry.DEFAULT_INTEGRITY - : Boolean.valueOf(s).booleanValue()); - + : Boolean.valueOf(s).booleanValue()); s = (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION); final boolean replayDetection = (s == null ? SRPRegistry.DEFAULT_REPLAY_DETECTION - : Boolean.valueOf(s).booleanValue()); - + : Boolean.valueOf(s).booleanValue()); final StringBuffer sb = new StringBuffer(); - sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=").append( - srp.getAlgorithm()).append( - ","); + sb.append(SRPRegistry.OPTION_SRP_DIGEST).append("=") + .append(srp.getAlgorithm()).append(","); + + if (! SRPRegistry.MANDATORY_NONE.equals(mandatory)) + sb.append(SRPRegistry.OPTION_MANDATORY) + .append("=").append(mandatory).append(","); - if (!SRPRegistry.MANDATORY_NONE.equals(mandatory)) - { - sb.append(SRPRegistry.OPTION_MANDATORY).append("=").append(mandatory).append( - ","); - } if (replayDetection) { sb.append(SRPRegistry.OPTION_REPLAY_DETECTION).append(","); // if replay detection is on then force integrity protection integrity = true; } - int i; if (integrity) { for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) - { - sb.append(SRPRegistry.OPTION_INTEGRITY).append("=").append( - SRPRegistry.INTEGRITY_ALGORITHMS[i]).append( - ","); - } + sb.append(SRPRegistry.OPTION_INTEGRITY).append("=") + .append(SRPRegistry.INTEGRITY_ALGORITHMS[i]).append(","); } - if (confidentiality) { IBlockCipher cipher; @@ -905,19 +641,15 @@ public class SRPServer extends ServerMechanism implements SaslServer { cipher = CipherFactory.getInstance(SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]); if (cipher != null) - { - sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=").append( - SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]).append( - ","); - } + sb.append(SRPRegistry.OPTION_CONFIDENTIALITY).append("=") + .append(SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i]).append(","); } } - - final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE).append( - "=").append( - Registry.SASL_BUFFER_MAX_LIMIT).toString(); - if (DEBUG && debuglevel > 8) - debug(TRACE, "<== createL()"); + final String result = sb.append(SRPRegistry.OPTION_MAX_BUFFER_SIZE) + .append("=").append(Registry.SASL_BUFFER_MAX_LIMIT) + .toString(); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "createL"); return result; } @@ -934,69 +666,51 @@ public class SRPServer extends ServerMechanism implements SaslServer while (st.hasMoreTokens()) { option = st.nextToken(); - if (DEBUG && debuglevel > 6) - debug(TRACE, "option: <" + option + ">"); + if (Configuration.DEBUG) + log.fine("option: <" + option + ">"); if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) - { - replayDetection = true; - } + replayDetection = true; else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "=")) { if (integrity) + throw new AuthenticationException("Only one integrity algorithm may be chosen"); + + option = option.substring(option.indexOf('=') + 1); + if (Configuration.DEBUG) + log.fine("algorithm: <" + option + ">"); + for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) { - throw new AuthenticationException( - "Only one integrity algorithm may be chosen"); - } - else - { - option = option.substring(option.indexOf('=') + 1); - if (DEBUG && debuglevel > 6) - debug(TRACE, "algorithm: <" + option + ">"); - for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) + if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) { - if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) - { - chosenIntegrityAlgorithm = option; - integrity = true; - break; - } - } - if (!integrity) - { - throw new AuthenticationException( - "Unknown integrity algorithm: " - + option); + chosenIntegrityAlgorithm = option; + integrity = true; + break; } } + if (! integrity) + throw new AuthenticationException("Unknown integrity algorithm: " + + option); } else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) { if (confidentiality) + throw new AuthenticationException("Only one confidentiality algorithm may be chosen"); + + option = option.substring(option.indexOf('=') + 1); + if (Configuration.DEBUG) + log.fine("algorithm: <" + option + ">"); + for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) { - throw new AuthenticationException( - "Only one confidentiality algorithm may be chosen"); - } - else - { - option = option.substring(option.indexOf('=') + 1); - if (DEBUG && debuglevel > 6) - debug(TRACE, "algorithm: <" + option + ">"); - for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) + if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) { - if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) - { - chosenConfidentialityAlgorithm = option; - confidentiality = true; - break; - } - } - if (!confidentiality) - { - throw new AuthenticationException( - "Unknown confidentiality algorithm: " - + option); + chosenConfidentialityAlgorithm = option; + confidentiality = true; + break; } } + if (! confidentiality) + throw new AuthenticationException("Unknown confidentiality algorithm: " + + option); } else if (option.startsWith(SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=")) { @@ -1006,71 +720,49 @@ public class SRPServer extends ServerMechanism implements SaslServer rawSendSize = Integer.parseInt(maxBufferSize); if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT || rawSendSize < 1) - throw new AuthenticationException( - "Illegal value for 'maxbuffersize' option"); + throw new AuthenticationException("Illegal value for 'maxbuffersize' option"); } catch (NumberFormatException x) { - throw new AuthenticationException( - SRPRegistry.OPTION_MAX_BUFFER_SIZE - + "=" - + String.valueOf(maxBufferSize), + throw new AuthenticationException(SRPRegistry.OPTION_MAX_BUFFER_SIZE + + "=" + maxBufferSize, x); } } } - // check if client did the right thing if (replayDetection) { - if (!integrity) - { - throw new AuthenticationException( - "Missing integrity protection algorithm " - + "but replay detection is chosen"); - } + if (! integrity) + throw new AuthenticationException("Missing integrity protection algorithm " + + "but replay detection is chosen"); } if (mandatory.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) { - if (!replayDetection) - { - throw new AuthenticationException( - "Replay detection is mandatory but was not chosen"); - } + if (! replayDetection) + throw new AuthenticationException("Replay detection is mandatory but was not chosen"); } if (mandatory.equals(SRPRegistry.OPTION_INTEGRITY)) { - if (!integrity) - { - throw new AuthenticationException( - "Integrity protection is mandatory but was not chosen"); - } + if (! integrity) + throw new AuthenticationException("Integrity protection is mandatory but was not chosen"); } if (mandatory.equals(SRPRegistry.OPTION_CONFIDENTIALITY)) { - if (!confidentiality) - { - throw new AuthenticationException( - "Confidentiality is mandatory but was not chosen"); - } + if (! confidentiality) + throw new AuthenticationException("Confidentiality is mandatory but was not chosen"); } - int blockSize = 0; if (chosenConfidentialityAlgorithm != null) { final IBlockCipher cipher = CipherFactory.getInstance(chosenConfidentialityAlgorithm); if (cipher != null) - { - blockSize = cipher.defaultBlockSize(); - } - else - { // should not happen - throw new AuthenticationException("Confidentiality algorithm (" - + chosenConfidentialityAlgorithm - + ") not available"); - } + blockSize = cipher.defaultBlockSize(); + else // should not happen + throw new AuthenticationException("Confidentiality algorithm (" + + chosenConfidentialityAlgorithm + + ") not available"); } - sIV = new byte[blockSize]; if (blockSize > 0) getDefaultPRNG().nextBytes(sIV); @@ -1086,30 +778,26 @@ public class SRPServer extends ServerMechanism implements SaslServer // instantiate cipher if confidentiality protection filter is active if (chosenConfidentialityAlgorithm != null) { - if (DEBUG && debuglevel > 2) - debug(INFO, "Activating confidentiality protection filter"); + if (Configuration.DEBUG) + log.fine("Activating confidentiality protection filter"); inCipher = CALG.getInstance(chosenConfidentialityAlgorithm); outCipher = CALG.getInstance(chosenConfidentialityAlgorithm); } // instantiate hmacs if integrity protection filter is active if (chosenIntegrityAlgorithm != null) { - if (DEBUG && debuglevel > 2) - debug(INFO, "Activating integrity protection filter"); + if (Configuration.DEBUG) + log.fine("Activating integrity protection filter"); inMac = IALG.getInstance(chosenIntegrityAlgorithm); outMac = IALG.getInstance(chosenIntegrityAlgorithm); } - // generate a new sid if at least integrity is used sid = (inMac != null ? ServerStore.getNewSessionID() : new byte[0]); } - else - { // same session new keys - K = srp.generateKn(K, cn, sn); - } + else // same session new keys + K = srp.generateKn(K, cn, sn); final KDF kdf = KDF.getInstance(K); - // initialise in/out ciphers if confidentaility protection is used if (inCipher != null) { @@ -1122,15 +810,12 @@ public class SRPServer extends ServerMechanism implements SaslServer outMac.init(kdf); inMac.init(kdf); } - if (sid != null && sid.length != 0) { // update the security context and save in map - if (DEBUG && debuglevel > 2) - debug(INFO, "Updating security context for sid = " + new String(sid)); - ServerStore.instance().cacheSession( - ttl, - new SecurityContext( - srp.getAlgorithm(), + if (Configuration.DEBUG) + log.fine("Updating security context for sid = " + new String(sid)); + ServerStore.instance().cacheSession(ttl, + new SecurityContext(srp.getAlgorithm(), sid, K, cIV, diff --git a/gnu/javax/security/auth/login/ConfigFileParser.java b/gnu/javax/security/auth/login/ConfigFileParser.java index 55f24d232..8efadca77 100644 --- a/gnu/javax/security/auth/login/ConfigFileParser.java +++ b/gnu/javax/security/auth/login/ConfigFileParser.java @@ -38,12 +38,15 @@ exception statement from your version. */ package gnu.javax.security.auth.login; +import gnu.classpath.Configuration; + import java.io.IOException; import java.io.Reader; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.logging.Logger; import javax.security.auth.login.AppConfigurationEntry; @@ -88,26 +91,12 @@ import javax.security.auth.login.AppConfigurationEntry; */ public final class ConfigFileParser { - // Constants and fields - // -------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - private static final void debug(String m) {if (DEBUG) System.err.println(m);}; - + private static final Logger log = Logger.getLogger(ConfigFileParser.class.getName()); private ConfigFileTokenizer cft; private Map map = new HashMap(); - // Constructor(s) - // -------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // -------------------------------------------------------------------------- - - // Instance methods - // -------------------------------------------------------------------------- - /** * Returns the parse result as a {@link Map} where the keys are application * names, and the entries are {@link List}s of {@link AppConfigurationEntry} @@ -161,7 +150,8 @@ public final class ConfigFileParser } String appName = cft.sval; - debug("DEBUG: APP_NAME_OR_OTHER = " + appName); + if (Configuration.DEBUG) + log.fine("APP_NAME_OR_OTHER = " + appName); if (cft.nextToken() != '{') abort("Missing '{' after APP_NAME_OR_OTHER"); @@ -202,13 +192,15 @@ public final class ConfigFileParser } String clazz = validateClassName(cft.sval); - debug("DEBUG: MODULE_CLASS = " + clazz); + if (Configuration.DEBUG) + log.fine("MODULE_CLASS = " + clazz); if (cft.nextToken() != ConfigFileTokenizer.TT_WORD) abort("Was expecting FLAG but found none"); String flag = cft.sval; - debug("DEBUG: FLAG = " + flag); + if (Configuration.DEBUG) + log.fine("DEBUG: FLAG = " + flag); AppConfigurationEntry.LoginModuleControlFlag f = null; if (flag.equalsIgnoreCase("required")) f = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED; @@ -230,32 +222,39 @@ public final class ConfigFileParser abort("Was expecting PARAM_NAME but got '" + ((char) c) + "'"); paramName = cft.sval; - debug("DEBUG: PARAM_NAME = " + paramName); + if (Configuration.DEBUG) + log.fine("PARAM_NAME = " + paramName); if (cft.nextToken() != '=') abort("Missing '=' after PARAM_NAME"); c = cft.nextToken(); if (c != '"' && c != '\'') - debug(" WARN: Was expecting a quoted string but got no quote " + - "character. Assume unquoted string"); - + { + if (Configuration.DEBUG) + log.fine("Was expecting a quoted string but got no quote character." + + " Assume unquoted string"); + } paramValue = expandParamValue(cft.sval); - debug("DEBUG: PARAM_VALUE = " + paramValue); + if (Configuration.DEBUG) + log.fine("PARAM_VALUE = " + paramValue); options.put(paramName, paramValue); c = cft.nextToken(); } - AppConfigurationEntry ace = new AppConfigurationEntry(clazz, f, options); - debug("DEBUG: LOGIN_MODULE_ENTRY = " + ace); + if (Configuration.DEBUG) + log.fine("LOGIN_MODULE_ENTRY = " + ace); listOfACEs.add(ace); return true; } private void abort(String m) throws IOException { - debug("ERROR: " + m); - debug("DEBUG: Map (so far) = " + String.valueOf(map)); + if (Configuration.DEBUG) + { + log.fine(m); + log.fine("Map (so far) = " + String.valueOf(map)); + } throw new IOException(m); } @@ -312,14 +311,17 @@ public final class ConfigFileParser int j = s.indexOf("}", i + 2); if (j == -1) { - debug(" WARN: Found a ${ prefix with no } suffix. Ignore"); + if (Configuration.DEBUG) + log.fine("Found a ${ prefix with no } suffix. Ignore"); break; } String sysPropName = s.substring(i + 2, j); - debug("DEBUG: Found a reference to System property " + sysPropName); + if (Configuration.DEBUG) + log.fine("Found a reference to System property " + sysPropName); String sysPropValue = System.getProperty(sysPropName); - debug("DEBUG: Resolved " + sysPropName + " to '" + sysPropValue + "'"); + if (Configuration.DEBUG) + log.fine("Resolved " + sysPropName + " to '" + sysPropValue + "'"); if (sysPropValue != null) { result = s.substring(0, i) + sysPropValue + s.substring(j + 1); @@ -331,7 +333,8 @@ public final class ConfigFileParser } catch (Exception x) { - debug(" WARN: Exception while expanding " + s + ". Ignore: " + x); + if (Configuration.DEBUG) + log.fine("Exception (ignored) while expanding " + s + ": " + x); } return result; diff --git a/gnu/javax/security/auth/login/GnuConfiguration.java b/gnu/javax/security/auth/login/GnuConfiguration.java index f0b8594a0..85b6bc3a0 100644 --- a/gnu/javax/security/auth/login/GnuConfiguration.java +++ b/gnu/javax/security/auth/login/GnuConfiguration.java @@ -50,6 +50,7 @@ import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.logging.Logger; import javax.security.auth.AuthPermission; import javax.security.auth.login.AppConfigurationEntry; @@ -127,12 +128,7 @@ import javax.security.auth.login.Configuration; */ public final class GnuConfiguration extends Configuration { - // Constants and fields - // -------------------------------------------------------------------------- - - private static final boolean DEBUG = true; - private static final void debug(String m) {if (DEBUG) System.err.println(m);}; - + private static final Logger log = Logger.getLogger(GnuConfiguration.class.getName()); /** * The internal map of login modules keyed by application name. Each entry in * this map is a {@link List} of {@link AppConfigurationEntry}s for that @@ -179,7 +175,8 @@ public final class GnuConfiguration extends Configuration if (loginModules == null || loginModules.size() == 0) return null; - debug("DEBUG: " + appName + " -> " + loginModules.size() + " entry(ies)"); + if (gnu.classpath.Configuration.DEBUG) + log.fine(appName + " -> " + loginModules.size() + " entry(ies)"); return (AppConfigurationEntry[]) loginModules.toArray(new AppConfigurationEntry[0]); } @@ -193,7 +190,7 @@ public final class GnuConfiguration extends Configuration * @throws SecurityException if the caller does not have an * {@link AuthPermission} for the action named * <code>refreshLoginConfiguration</code>. - * @see {@link AuthPermission} + * @see AuthPermission */ public void refresh() { @@ -215,13 +212,25 @@ public final class GnuConfiguration extends Configuration private void init() { if (processSecurityProperties()) - debug(" INFO: Using login configuration defined by Security property(ies)"); + { + if (gnu.classpath.Configuration.DEBUG) + log.fine("Using login configuration defined by Security property(ies)"); + } else if (processSystemProperty()) - debug(" INFO: Using login configuration defined by System property"); + { + if (gnu.classpath.Configuration.DEBUG) + log.fine("Using login configuration defined by System property"); + } else if (processUserHome()) - debug(" INFO: Using login configuration defined in ${user.home}"); + { + if (gnu.classpath.Configuration.DEBUG) + log.fine("Using login configuration defined in ${user.home}"); + } else - debug(" WARN: No login configuration file found"); + { + if (gnu.classpath.Configuration.DEBUG) + log.fine("No login configuration file found"); + } } /** @@ -249,16 +258,18 @@ public final class GnuConfiguration extends Configuration s = s.trim(); if (s.length() != 0) { - debug("DEBUG: java.security.auth.login.config.url." + counter - + " = " + s); + if (gnu.classpath.Configuration.DEBUG) + log.fine("java.security.auth.login.config.url." + counter + + " = " + s); parseConfig(getInputStreamFromURL(s)); result = true; } } catch (Throwable t) { - debug(" WARN: Exception while handling Security property at #" - + counter + ". Continue: " + t); + if (gnu.classpath.Configuration.DEBUG) + log.fine("Exception while handling Security property at #" + + counter + ". Continue: " + t); } return result; } @@ -287,7 +298,8 @@ public final class GnuConfiguration extends Configuration } catch (MalformedURLException x) { - debug(" WARN: Failed opening as URL: " + s + ". Will try as File"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("Failed opening as URL: " + s + ". Will try as File"); result = new FileInputStream(s); } return result; @@ -311,7 +323,8 @@ public final class GnuConfiguration extends Configuration s = s.trim(); if (s.length() != 0) { - debug("DEBUG: java.security.auth.login.config = " + s); + if (gnu.classpath.Configuration.DEBUG) + log.fine("java.security.auth.login.config = " + s); parseConfig(getInputStreamFromURL(s)); result = true; } @@ -319,7 +332,8 @@ public final class GnuConfiguration extends Configuration } catch (Throwable t) { - debug(" WARN: Exception while handling System property. Continue: " + t); + if (gnu.classpath.Configuration.DEBUG) + log.fine("Exception while handling System property. Continue: " + t); } return result; } @@ -349,8 +363,9 @@ public final class GnuConfiguration extends Configuration if (jaasFile == null) { - debug(" WARN: Login Configuration file, in " + userHome - + ", does not exist or is inaccessible"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("Login Configuration file, in " + userHome + + ", does not exist or is inaccessible"); return result; } @@ -360,7 +375,8 @@ public final class GnuConfiguration extends Configuration } catch (Throwable t) { - debug(" WARN: Exception while handling ${user.home}: " + t); + if (gnu.classpath.Configuration.DEBUG) + log.fine("Exception (ignored) while handling ${user.home}: " + t); } return result; } @@ -397,54 +413,54 @@ public final class GnuConfiguration extends Configuration String uh = System.getProperty("user.home"); if (uh == null || uh.trim().length() == 0) { - debug(" WARN: User home path is not set or is empty"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("User home path is not set or is empty"); return null; } - uh = uh.trim(); File result = new File(uh); - if (!result.exists()) + if (! result.exists()) { - debug(" WARN: User home '" + uh + "' does not exist"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("User home '" + uh + "' does not exist"); return null; } - - if (!result.isDirectory()) + if (! result.isDirectory()) { - debug(" WARN: User home '" + uh + "' is not a directory"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("User home '" + uh + "' is not a directory"); return null; } - - if (!result.canRead()) + if (! result.canRead()) { - debug(" WARN: User home '" + uh + "' is not readable"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("User home '" + uh + "' is not readable"); return null; } - return result; } private File getConfigFromUserHome(File userHome, String fileName) { File result = new File(userHome, fileName); - if (!result.exists()) + if (! result.exists()) { - debug(" WARN: File '" + fileName + "' does not exist in user's home"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("File '" + fileName + "' does not exist in user's home"); return null; } - - if (!result.isFile()) + if (! result.isFile()) { - debug(" WARN: File '" + fileName + "' in user's home is not a file"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("File '" + fileName + "' in user's home is not a file"); return null; } - - if (!result.canRead()) + if (! result.canRead()) { - debug(" WARN: File '" + fileName + "' in user's home is not readable"); + if (gnu.classpath.Configuration.DEBUG) + log.fine("File '" + fileName + "' in user's home is not readable"); return null; } - return result; } } |