diff options
Diffstat (limited to 'gnu/java/security')
-rw-r--r-- | gnu/java/security/PolicyFile.java | 93 | ||||
-rw-r--r-- | gnu/java/security/provider/DSAKeyPairGenerator.java | 119 |
2 files changed, 125 insertions, 87 deletions
diff --git a/gnu/java/security/PolicyFile.java b/gnu/java/security/PolicyFile.java index dd3a4dec4..c6a3061ea 100644 --- a/gnu/java/security/PolicyFile.java +++ b/gnu/java/security/PolicyFile.java @@ -37,6 +37,10 @@ exception statement from your version. */ package gnu.java.security; +import gnu.classpath.SystemProperties; +import gnu.classpath.debug.Component; +import gnu.classpath.debug.SystemLogger; + import java.io.File; import java.io.IOException; import java.io.InputStreamReader; @@ -66,6 +70,7 @@ import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.StringTokenizer; +import java.util.logging.Logger; /** * An implementation of a {@link java.security.Policy} object whose @@ -143,24 +148,16 @@ public final class PolicyFile extends Policy // Constants and fields. // ------------------------------------------------------------------------- - private static final boolean DEBUG = true; - // Package-private to avoid a trampoline. - static void debug(String msg) - { - System.err.print(">> PolicyFile: "); - System.err.println(msg); - } - - private static void debug(Throwable t) - { - System.err.println(">> PolicyFile"); - t.printStackTrace(System.err); - } + private static final Logger logger = SystemLogger.SYSTEM; - private static final String DEFAULT_POLICY = System.getProperty("java.home") - + System.getProperty("file.separator") + "lib" - + System.getProperty("file.separator") + "security" - + System.getProperty("file.separator") + "java.policy"; + private static final String DEFAULT_POLICY = + SystemProperties.getProperty("java.home") + + SystemProperties.getProperty("file.separator") + "lib" + + SystemProperties.getProperty("file.separator") + "security" + + SystemProperties.getProperty("file.separator") + "java.policy"; + private static final String DEFAULT_USER_POLICY = + SystemProperties.getProperty ("user.home") + + SystemProperties.getProperty ("file.separator") + ".java.policy"; private final Map cs2pc; @@ -185,7 +182,8 @@ public final class PolicyFile extends Policy CodeSource cs = (CodeSource) e.getKey(); if (cs.implies(codeSource)) { - if (DEBUG) debug(cs+" -> "+codeSource); + logger.log (Component.POLICY, "{0} -> {1}", new Object[] + { cs, codeSource }); PermissionCollection pc = (PermissionCollection) e.getValue(); for (Enumeration ee = pc.elements(); ee.hasMoreElements(); ) { @@ -193,50 +191,69 @@ public final class PolicyFile extends Policy } } else - if (DEBUG) debug(cs+" !-> "+codeSource); + logger.log (Component.POLICY, "{0} !-> {1}", new Object[] + { cs, codeSource }); } - if (DEBUG) debug ("returning permissions " + perms + " for " + codeSource); + logger.log (Component.POLICY, "returning permissions {0} for {1}", + new Object[] { perms, codeSource }); return perms; } public void refresh() { cs2pc.clear(); - List policyFiles = new LinkedList(); + final List policyFiles = new LinkedList(); try { - policyFiles.add(new File(DEFAULT_POLICY).toURL()); - if (DEBUG) debug ("defualt policy is " + DEFAULT_POLICY); - policyFiles.addAll((List) AccessController.doPrivileged( + policyFiles.add (new File (DEFAULT_POLICY).toURL()); + policyFiles.add (new File (DEFAULT_USER_POLICY).toURL ()); + + AccessController.doPrivileged( new PrivilegedExceptionAction() { public Object run() throws Exception { - LinkedList l = new LinkedList(); + String allow = Security.getProperty ("policy.allowSystemProperty"); + if (allow == null || Boolean.getBoolean (allow)) + { + String s = SystemProperties.getProperty ("java.security.policy"); + logger.log (Component.POLICY, "java.security.policy={0}", s); + if (s != null) + { + boolean only = s.startsWith ("="); + if (only) + s = s.substring (1); + policyFiles.clear (); + policyFiles.add (new URL (s)); + if (only) + return null; + } + } for (int i = 1; ; i++) { - String s = Security.getProperty("policy.file."+i); - if (DEBUG) debug("policy.file."+i+"="+s); + String pname = "policy.url." + i; + String s = Security.getProperty (pname); + logger.log (Component.POLICY, "{0}={1}", new Object [] + { pname, s }); if (s == null) break; - l.add(new URL(s)); + policyFiles.add (new URL (s)); } - String s = System.getProperty("java.security.policy"); - if (DEBUG) debug("java.security.policy="+s); - if (s != null) - l.add(new URL(s)); - return l; + return null; } - })); + }); } catch (PrivilegedActionException pae) { - if (DEBUG) debug(pae); + logger.log (Component.POLICY, "reading policy properties", pae); } catch (MalformedURLException mue) { - if (DEBUG) debug(mue); + logger.log (Component.POLICY, "setting default policies", mue); } + + logger.log (Component.POLICY, "building policy from URLs {0}", + policyFiles); for (Iterator it = policyFiles.iterator(); it.hasNext(); ) { try @@ -246,7 +263,7 @@ public final class PolicyFile extends Policy } catch (IOException ioe) { - if (DEBUG) debug(ioe); + logger.log (Component.POLICY, "reading policy", ioe); } } } @@ -273,7 +290,7 @@ public final class PolicyFile extends Policy */ private void parse(final URL url) throws IOException { - if (DEBUG) debug ("reading policy file from " + url); + logger.log (Component.POLICY, "reading policy file from {0}", url); final StreamTokenizer in = new StreamTokenizer(new InputStreamReader(url.openStream())); in.resetSyntax(); in.slashSlashComments(true); diff --git a/gnu/java/security/provider/DSAKeyPairGenerator.java b/gnu/java/security/provider/DSAKeyPairGenerator.java index 2c643d5c3..d326d2bfe 100644 --- a/gnu/java/security/provider/DSAKeyPairGenerator.java +++ b/gnu/java/security/provider/DSAKeyPairGenerator.java @@ -1,5 +1,5 @@ /* GnuDSAKeyPairGenerator.java --- Gnu DSA Key Pair Generator - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999, 2005 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -45,10 +45,12 @@ import java.security.InvalidAlgorithmParameterException; import java.security.InvalidParameterException; import java.security.KeyPair; import java.security.KeyPairGeneratorSpi; +import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.interfaces.DSAParams; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; import java.util.Random; public class DSAKeyPairGenerator extends KeyPairGeneratorSpi @@ -60,18 +62,15 @@ private BigInteger q = null; // the small prime private BigInteger p = null; // the big prime private BigInteger g = null; -DSAKeyPairGenerator() +public DSAKeyPairGenerator() { keysize = 1024; + getDefaults (); } public void initialize(int keysize, SecureRandom random) { - //if( ((keysize % 64) != 0) || (keysize < 512) || (keysize > 1024) ) - // throw new InvalidAlgorithmParameterException("Invalid key size"); - - this.keysize = keysize; - this.random = random; + initialize (keysize, false, random); } public void initialize(AlgorithmParameterSpec params, @@ -81,65 +80,87 @@ public void initialize(AlgorithmParameterSpec params, if( !( params instanceof DSAParameterSpec ) ) throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); + try + { + initialize ((DSAParams) params, random); + } + catch (InvalidParameterException ipe) + { + InvalidAlgorithmParameterException iape = + new InvalidAlgorithmParameterException(); + iape.initCause (ipe); + throw iape; + } +} + +public void initialize (DSAParams params, SecureRandom random) +{ DSAParameterSpec dsaparameterspec = (DSAParameterSpec)params; + if (dsaparameterspec.getP() == null + || dsaparameterspec.getQ() == null + || dsaparameterspec.getG() == null) + { + throw new InvalidParameterException ("none of p, q, or g may be null"); + } p = dsaparameterspec.getP(); q = dsaparameterspec.getQ(); g = dsaparameterspec.getG(); this.random = random; } -public void initialize(DSAParams params, SecureRandom random) - throws InvalidParameterException -{ - if(params.getP() != null) - p = params.getP(); - else - throw new InvalidParameterException(); - - if(params.getQ() != null) - q = params.getQ(); - else - throw new InvalidParameterException(); - - if(params.getG() != null) - g = params.getG(); - else - throw new InvalidParameterException(); - - this.random = random; -} - public void initialize(int modlen, boolean genParams, SecureRandom random) throws InvalidParameterException { if( ((modlen % 64) != 0) || (modlen < 512) || (modlen > 1024) ) throw new InvalidParameterException(); - if( (genParams == false) && (modlen != 512) && (modlen != 768) && (modlen != 1024) ) - throw new InvalidParameterException(); - this.keysize = modlen; - this.random = random; - p = null; - q = null; - g = null; + this.keysize = keysize; + this.random = random; + if (this.random == null) + { + this.random = new SecureRandom (); + } + if (genParams) + { + try + { + AlgorithmParameterGenerator apgDSA = AlgorithmParameterGenerator.getInstance("DSA"); + apgDSA.init (modlen, random); + AlgorithmParameters apDSA = apgDSA.generateParameters(); + DSAParameterSpec dsaparameterspec = (DSAParameterSpec)apDSA.getParameterSpec( DSAParameterSpec.class ); + p = dsaparameterspec.getP(); + q = dsaparameterspec.getQ(); + g = dsaparameterspec.getG(); + } + catch (NoSuchAlgorithmException nsae) + { + InvalidParameterException ipe = + new InvalidParameterException ("can't generate DSA parameters"); + ipe.initCause (nsae); + throw ipe; + } + catch (InvalidParameterSpecException ipse) + { + InvalidParameterException ipe = + new InvalidParameterException ("can't generate DSA parameters"); + ipe.initCause (ipse); + throw ipe; + } + } + else if (!getDefaults ()) + { + throw new InvalidParameterException ("unsupported key size: " + modlen); + } } public KeyPair generateKeyPair() { - if( getDefaults() == false) { - try { - AlgorithmParameterGenerator apgDSA = AlgorithmParameterGenerator.getInstance("DSA"); - AlgorithmParameters apDSA = apgDSA.generateParameters(); - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)apDSA.getParameterSpec( DSAParameterSpec.class ); - p = dsaparameterspec.getP(); - q = dsaparameterspec.getQ(); - g = dsaparameterspec.getG(); - } catch ( Exception e ) { - return null; - } - } + if (random == null) + { + random = new SecureRandom (); + } - BigInteger x = new BigInteger( 159, new Random() ); + BigInteger x = new BigInteger( 159, random ); BigInteger y = g.modPow( x, p ); @@ -160,7 +181,7 @@ private boolean getDefaults() p = new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d890141922d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d777d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16); q = new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16); g = new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d83c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16); - } else if( keysize == 512) { + } else if( keysize == 1024) { p = new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16); q = new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16); g = new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16); |