diff options
Diffstat (limited to 'gnu/javax/crypto')
44 files changed, 371 insertions, 377 deletions
diff --git a/gnu/javax/crypto/assembly/Cascade.java b/gnu/javax/crypto/assembly/Cascade.java index 678a7e730..a35d66886 100644 --- a/gnu/javax/crypto/assembly/Cascade.java +++ b/gnu/javax/crypto/assembly/Cascade.java @@ -60,7 +60,7 @@ import java.util.Set; * of identical ciphers).</p> * * <p>The term "block ciphers" used above refers to implementations of - * {@link gnu.crypto.mode.IMode}, including the {@link gnu.crypto.mode.ECB} + * {@link gnu.javax.crypto.mode.IMode}, including the {@link gnu.javax.crypto.mode.ECB} * mode which basically exposes a symmetric-key block cipher algorithm as a * <i>Mode</i> of Operations.</p> * diff --git a/gnu/javax/crypto/assembly/Direction.java b/gnu/javax/crypto/assembly/Direction.java index 58b59a630..935b9618e 100644 --- a/gnu/javax/crypto/assembly/Direction.java +++ b/gnu/javax/crypto/assembly/Direction.java @@ -45,9 +45,9 @@ package gnu.javax.crypto.assembly; * * <p>The possible values for this type are two:</p> * <ol> - * <li>FORWARD: equivalent to {@link gnu.crypto.mode.IMode#ENCRYPTION}, and + * <li>FORWARD: equivalent to {@link gnu.javax.crypto.mode.IMode#ENCRYPTION}, and * its inverse value</li> - * <li>REVERSED: equivalent to {@link gnu.crypto.mode.IMode#DECRYPTION}.</li> + * <li>REVERSED: equivalent to {@link gnu.javax.crypto.mode.IMode#DECRYPTION}.</li> * </ol> */ public final class Direction diff --git a/gnu/javax/crypto/assembly/Transformer.java b/gnu/javax/crypto/assembly/Transformer.java index 80430dc19..74a619af0 100644 --- a/gnu/javax/crypto/assembly/Transformer.java +++ b/gnu/javax/crypto/assembly/Transformer.java @@ -47,7 +47,7 @@ import java.util.Map; * <p>A <code>Transformer</code> is an abstract representation of a two-way * <i>transformation</i> that can be chained together with other instances of * this type. Examples of such transformations in this library are: - * {@link Cascade} cipher, {@link gnu.crypto.pad.IPad} algorithm, and a + * {@link Cascade} cipher, {@link gnu.javax.crypto.pad.IPad} algorithm, and a * ZLib-based deflater/inflater algorithm. A special implementation of a * <code>Transformer</code> to close a chain is also provided.</p> * diff --git a/gnu/javax/crypto/cipher/BaseCipher.java b/gnu/javax/crypto/cipher/BaseCipher.java index 9d62311ed..f6d92994d 100644 --- a/gnu/javax/crypto/cipher/BaseCipher.java +++ b/gnu/javax/crypto/cipher/BaseCipher.java @@ -38,8 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.cipher; -import gnu.java.security.util.Util; - import java.security.InvalidKeyException; import java.util.Arrays; import java.util.Iterator; diff --git a/gnu/javax/crypto/cipher/IBlockCipherSpi.java b/gnu/javax/crypto/cipher/IBlockCipherSpi.java index 6fe07ca7f..046f43f6f 100644 --- a/gnu/javax/crypto/cipher/IBlockCipherSpi.java +++ b/gnu/javax/crypto/cipher/IBlockCipherSpi.java @@ -43,7 +43,7 @@ import java.util.Iterator; /** * <p>Package-private interface exposing mandatory methods to be implemented by - * concrete {@link gnu.crypto.cipher.BaseCipher} sub-classes.</p> + * concrete {@link gnu.javax.crypto.cipher.BaseCipher} sub-classes.</p> */ interface IBlockCipherSpi extends Cloneable { diff --git a/gnu/javax/crypto/jce/cipher/CipherAdapter.java b/gnu/javax/crypto/jce/cipher/CipherAdapter.java index 5eaa31b77..f8adedce7 100644 --- a/gnu/javax/crypto/jce/cipher/CipherAdapter.java +++ b/gnu/javax/crypto/jce/cipher/CipherAdapter.java @@ -118,9 +118,9 @@ class CipherAdapter extends CipherSpi /** * <p>Protected constructor to be called by subclasses. The cipher name - * argument should be the appropriate one listed in {@link gnu.crypto.Registry}. + * argument should be the appropriate one listed in {@link gnu.java.security.Registry}. * The basic cipher instance is created, along with an instance of the - * {@link gnu.crypto.mode.ECB} mode and no padding.</p> + * {@link gnu.javax.crypto.mode.ECB} mode and no padding.</p> * * @param cipherName The cipher to instantiate. * @param blockLen The block length to use. diff --git a/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java index f9725eae0..6442cd696 100644 --- a/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/AnubisSecretKeyFactoryImpl.java @@ -38,13 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class AnubisSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public AnubisSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java index 4b3620bc1..91f97af36 100644 --- a/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/BlowfishSecretKeyFactoryImpl.java @@ -38,13 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class BlowfishSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public BlowfishSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java index 4bd31711e..048b54474 100644 --- a/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/Cast5SecretKeyFactoryImpl.java @@ -38,13 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class Cast5SecretKeyFactoryImpl extends SecretKeyFactoryImpl { public Cast5SecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java index c86e01110..6c7ab42f7 100644 --- a/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/KhazadSecretKeyFactoryImpl.java @@ -37,13 +37,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class KhazadSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public KhazadSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java index 4aab584a2..d46191644 100644 --- a/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/RijndaelSecretKeyFactoryImpl.java @@ -37,13 +37,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class RijndaelSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public RijndaelSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java index 6e80671fa..9f06bf329 100644 --- a/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/SerpentSecretKeyFactoryImpl.java @@ -37,13 +37,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class SerpentSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public SerpentSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java index d1d5d5514..fce7375b3 100644 --- a/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/SquareSecretKeyFactoryImpl.java @@ -37,13 +37,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class SquareSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public SquareSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java b/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java index e6ca80b63..a182d4116 100644 --- a/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java +++ b/gnu/javax/crypto/jce/key/TwofishSecretKeyFactoryImpl.java @@ -37,13 +37,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.key; -import java.security.InvalidKeyException; -import java.security.spec.InvalidKeySpecException; - -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactorySpi; -import javax.crypto.spec.SecretKeySpec; - public class TwofishSecretKeyFactoryImpl extends SecretKeyFactoryImpl { public TwofishSecretKeyFactoryImpl() diff --git a/gnu/javax/crypto/jce/keyring/GnuKeyring.java b/gnu/javax/crypto/jce/keyring/GnuKeyring.java index d2501f893..5eeb2a306 100644 --- a/gnu/javax/crypto/jce/keyring/GnuKeyring.java +++ b/gnu/javax/crypto/jce/keyring/GnuKeyring.java @@ -90,30 +90,44 @@ public class GnuKeyring public Enumeration engineAliases() { + log.entering(this.getClass().getName(), "engineAliases"); ensureLoaded(); Enumeration result; if (privateKR == null) result = Collections.enumeration(Collections.EMPTY_SET); - else - { - Set aliases = new HashSet(); - for (Enumeration e = privateKR.aliases(); e.hasMoreElements();) - { - String alias = (String) e.nextElement(); - if (alias != null) - aliases.add(alias); - } - - for (Enumeration e = publicKR.aliases(); e.hasMoreElements();) - { - String alias = (String) e.nextElement(); - if (alias != null) - aliases.add(alias); - } - - result = Collections.enumeration(aliases); - } - + else + { + Set aliases = new HashSet(); + for (Enumeration e = privateKR.aliases(); e.hasMoreElements();) + { + String alias = (String) e.nextElement(); + if (alias != null) + { + alias = alias.trim(); + if (alias.length() > 0) + { + log.finest("Adding alias (from private keyring): " + alias); + aliases.add(alias); + } + } + } + for (Enumeration e = publicKR.aliases(); e.hasMoreElements();) + { + String alias = (String) e.nextElement(); + if (alias != null) + { + alias = alias.trim(); + if (alias.length() > 0) + { + log.finest("Adding alias (from public keyring): " + alias); + aliases.add(alias); + } + } + } + log.finest("Will enumerate: " + aliases); + result = Collections.enumeration(aliases); + } + log.exiting(this.getClass().getName(), "engineAliases"); return result; } @@ -181,13 +195,23 @@ public class GnuKeyring } public void engineSetCertificateEntry(String alias, Certificate cert) + throws KeyStoreException { log.entering(this.getClass().getName(), "engineSetCertificateEntry", new Object[] { alias, cert }); - ensureLoaded(); - publicKR.putCertificate(alias, cert); + if (privateKR.containsAlias(alias)) + throw new KeyStoreException("Alias [" + alias + + "] already exists and DOES NOT identify a " + + "Trusted Certificate Entry"); + if (publicKR.containsCertificate(alias)) + { + log.fine("Public keyring already contains Alias [" + alias + + "]. Will remove it"); + publicKR.remove(alias); + } + publicKR.putCertificate(alias, cert); log.exiting(this.getClass().getName(), "engineSetCertificateEntry"); } @@ -218,9 +242,7 @@ public class GnuKeyring public Key engineGetKey(String alias, char[] password) throws UnrecoverableKeyException { - log.entering(this.getClass().getName(), "engineGetKey", - String.valueOf(password)); - + log.entering(this.getClass().getName(), "engineGetKey", alias); ensureLoaded(); Key result = null; if (password == null) @@ -231,7 +253,8 @@ public class GnuKeyring else if (privateKR.containsPrivateKey(alias)) result = privateKR.getPrivateKey(alias, password); - log.exiting(this.getClass().getName(), "engineGetKey", result); + log.exiting(this.getClass().getName(), "engineGetKey", + result == null ? "null" : result.getClass().getName()); return result; } @@ -240,20 +263,28 @@ public class GnuKeyring throws KeyStoreException { log.entering(this.getClass().getName(), "engineSetKeyEntry", - new Object[] { alias, key, password, chain }); + new Object[] { alias, key.getClass().getName(), chain }); ensureLoaded(); + if (publicKR.containsAlias(alias)) + throw new KeyStoreException("Alias [" + alias + + "] already exists and DOES NOT identify a " + + "Key Entry"); if (key instanceof PublicKey) - privateKR.putPublicKey(alias, (PublicKey) key); + { + privateKR.remove(alias); + PublicKey pk = (PublicKey) key; + privateKR.putPublicKey(alias, pk); + } else { if (! (key instanceof PrivateKey) && ! (key instanceof SecretKey)) throw new KeyStoreException("cannot store keys of type " + key.getClass().getName()); + privateKR.remove(alias); privateKR.putCertPath(alias, chain); log.finest("About to put private key in keyring..."); privateKR.putPrivateKey(alias, key, password); } - log.exiting(this.getClass().getName(), "engineSetKeyEntry"); } @@ -292,7 +323,7 @@ public class GnuKeyring public void engineLoad(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "engineLoad", String.valueOf(password)); + log.entering(this.getClass().getName(), "engineLoad"); if (in != null) { if (! in.markSupported()) @@ -305,14 +336,12 @@ public class GnuKeyring createNewKeyrings(); loaded = true; - log.exiting(this.getClass().getName(), "engineLoad"); } public void engineStore(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "engineStore", String.valueOf(password)); - + log.entering(this.getClass().getName(), "engineStore"); ensureLoaded(); HashMap attr = new HashMap(); attr.put(IKeyring.KEYRING_DATA_OUT, out); @@ -320,14 +349,18 @@ public class GnuKeyring privateKR.store(attr); publicKR.store(attr); - log.exiting(this.getClass().getName(), "engineStore"); } public int engineSize() { - ensureLoaded(); - return privateKR.size() + publicKR.size(); + log.entering(this.getClass().getName(), "engineSize"); + int result = 0; + for (Enumeration e = engineAliases(); e.hasMoreElements(); result++) + e.nextElement(); + + log.exiting(this.getClass().getName(), "engineSize", Integer.valueOf(result)); + return result; } /** diff --git a/gnu/javax/crypto/jce/mac/OMacImpl.java b/gnu/javax/crypto/jce/mac/OMacImpl.java index f91902ae5..bf30d8e13 100644 --- a/gnu/javax/crypto/jce/mac/OMacImpl.java +++ b/gnu/javax/crypto/jce/mac/OMacImpl.java @@ -39,7 +39,6 @@ exception statement from your version. */ package gnu.javax.crypto.jce.mac; import gnu.java.security.Registry; -import javax.crypto.MacSpi; public abstract class OMacImpl extends MacAdapter { diff --git a/gnu/javax/crypto/jce/prng/CSPRNGSpi.java b/gnu/javax/crypto/jce/prng/CSPRNGSpi.java index c0aa015b0..acc0c8e84 100644 --- a/gnu/javax/crypto/jce/prng/CSPRNGSpi.java +++ b/gnu/javax/crypto/jce/prng/CSPRNGSpi.java @@ -38,10 +38,9 @@ exception statement from your version. */ package gnu.javax.crypto.jce.prng; -import gnu.java.security.Registry; -import gnu.javax.crypto.prng.CSPRNG; import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; +import gnu.javax.crypto.prng.CSPRNG; import java.net.MalformedURLException; import java.security.SecureRandomSpi; diff --git a/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java b/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java index 0ebec0991..a3b5f26e8 100644 --- a/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java +++ b/gnu/javax/crypto/jce/spec/TMMHParameterSpec.java @@ -45,7 +45,7 @@ import java.security.spec.AlgorithmParameterSpec; /** * This class represents the algorithm parameters for the Truncated * Multi-Modular Hash function for use with JCE-derived instances of - * {@link gnu.crypto.mac.TMMH16}. + * {@link gnu.javax.crypto.mac.TMMH16}. * * <p>This class is little more than a container for the key stream, tag * length, and prefix parameters for the TMMH algorithm. diff --git a/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java b/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java index 0e71623b9..70b684b77 100644 --- a/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java +++ b/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java @@ -154,7 +154,7 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey * @return the byte sequence encoding this key according to the designated * format. * @exception IllegalArgumentException if the format is not supported. - * @see gnu.crypto.key.dh.DHKeyPairRawCodec + * @see DHKeyPairRawCodec */ public byte[] getEncoded(int format) { diff --git a/gnu/javax/crypto/keyring/AuthenticatedEntry.java b/gnu/javax/crypto/keyring/AuthenticatedEntry.java index 22b42b3ea..fa77c6ec6 100644 --- a/gnu/javax/crypto/keyring/AuthenticatedEntry.java +++ b/gnu/javax/crypto/keyring/AuthenticatedEntry.java @@ -38,25 +38,20 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; +import gnu.java.security.Registry; +import gnu.javax.crypto.mac.IMac; +import gnu.javax.crypto.mac.MacFactory; +import gnu.javax.crypto.mac.MacOutputStream; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; - import java.security.InvalidKeyException; - import java.util.Arrays; -import java.util.Date; -import java.util.Iterator; import java.util.HashMap; -import java.util.List; - -import gnu.java.security.Registry; -import gnu.javax.crypto.mac.IMac; -import gnu.javax.crypto.mac.MacFactory; -import gnu.javax.crypto.mac.MacInputStream; -import gnu.javax.crypto.mac.MacOutputStream; +import java.util.Iterator; public final class AuthenticatedEntry extends MaskableEnvelopeEntry implements Registry diff --git a/gnu/javax/crypto/keyring/CertPathEntry.java b/gnu/javax/crypto/keyring/CertPathEntry.java index ef62347ec..f9e523b2c 100644 --- a/gnu/javax/crypto/keyring/CertPathEntry.java +++ b/gnu/javax/crypto/keyring/CertPathEntry.java @@ -40,14 +40,11 @@ package gnu.javax.crypto.keyring; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; -import java.io.DataOutputStream; import java.io.IOException; - import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; - import java.util.Date; /** diff --git a/gnu/javax/crypto/keyring/CertificateEntry.java b/gnu/javax/crypto/keyring/CertificateEntry.java index 95a708ac5..67ac7bf4b 100644 --- a/gnu/javax/crypto/keyring/CertificateEntry.java +++ b/gnu/javax/crypto/keyring/CertificateEntry.java @@ -39,13 +39,11 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; import java.io.DataInputStream; -import java.io.DataOutputStream; import java.io.IOException; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; import java.util.Date; /** diff --git a/gnu/javax/crypto/keyring/EncryptedEntry.java b/gnu/javax/crypto/keyring/EncryptedEntry.java index fad5f54b2..a47a3c6fa 100644 --- a/gnu/javax/crypto/keyring/EncryptedEntry.java +++ b/gnu/javax/crypto/keyring/EncryptedEntry.java @@ -38,21 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.DataInputStream; -import java.io.DataOutputStream; -import java.io.IOException; - -import java.security.InvalidKeyException; - -import java.util.Arrays; -import java.util.Collections; -import java.util.Date; -import java.util.Iterator; -import java.util.HashMap; -import java.util.List; - import gnu.java.security.Registry; import gnu.javax.crypto.cipher.CipherFactory; import gnu.javax.crypto.cipher.IBlockCipher; @@ -62,6 +47,15 @@ import gnu.javax.crypto.pad.IPad; import gnu.javax.crypto.pad.PadFactory; import gnu.javax.crypto.pad.WrongPaddingException; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.security.InvalidKeyException; +import java.util.HashMap; +import java.util.Iterator; + public class EncryptedEntry extends MaskableEnvelopeEntry implements Registry { diff --git a/gnu/javax/crypto/keyring/Entry.java b/gnu/javax/crypto/keyring/Entry.java index fa7f49679..2f311271a 100644 --- a/gnu/javax/crypto/keyring/Entry.java +++ b/gnu/javax/crypto/keyring/Entry.java @@ -41,16 +41,23 @@ package gnu.javax.crypto.keyring; import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; +import java.util.logging.Logger; /** * An immutable class representing a single entry in a keyring. */ public abstract class Entry { - // Fields. // ------------------------------------------------------------------------ + private static final Logger log = Logger.getLogger(Entry.class.getName()); + private static final String[] TYPES = new String[] + { + "Encrypted", "PasswordEncrypted", "Authenticated", "PasswordAuthenticated", + "Compressed", "Certificate", "PublicKey", "PrivateKey", "CertPath", + "BinaryData" + }; /** This entry's type identifier. */ protected int type; @@ -145,6 +152,17 @@ public abstract class Entry out.write(payload); } + public String toString() + { + + return new StringBuilder("Entry{") + .append("type=").append(TYPES[type]) + .append(", properties=").append(properties) + .append(", payload=") + .append(payload == null? "-" : "byte[" + payload.length + "]") + .append("}").toString(); + } + /** * Generic decoding method, which simply decodes the properties field * and reads the payload field. @@ -161,6 +179,7 @@ public abstract class Entry { throw new IOException("corrupt length"); } + log.finest("About to instantiate new payload byte array for " + this); payload = new byte[len]; in.readFully(payload); } diff --git a/gnu/javax/crypto/keyring/EnvelopeEntry.java b/gnu/javax/crypto/keyring/EnvelopeEntry.java index 25b1dc2a0..2a57a23da 100644 --- a/gnu/javax/crypto/keyring/EnvelopeEntry.java +++ b/gnu/javax/crypto/keyring/EnvelopeEntry.java @@ -42,13 +42,12 @@ import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; - import java.util.ArrayList; -import java.util.Date; import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.StringTokenizer; +import java.util.logging.Logger; /** * An envelope entry is a generic container for some number of primitive @@ -56,10 +55,10 @@ import java.util.StringTokenizer; */ public abstract class EnvelopeEntry extends Entry { - // Fields. // ------------------------------------------------------------------------ + private static final Logger log = Logger.getLogger(EnvelopeEntry.class.getName()); /** The envelope that contains this one (if any). */ protected EnvelopeEntry containingEnvelope; @@ -95,16 +94,17 @@ public abstract class EnvelopeEntry extends Entry */ public void add(Entry entry) { - if (!containsEntry(entry)) + log.entering(this.getClass().getName(), "add", entry); + if (! containsEntry(entry)) { if (entry instanceof EnvelopeEntry) - { - ((EnvelopeEntry) entry).setContainingEnvelope(this); - } + ((EnvelopeEntry) entry).setContainingEnvelope(this); + entries.add(entry); - payload = null; + log.finest("Payload is " + (payload == null ? "" : "not ") + "null"); makeAliasList(); } + log.exiting(this.getClass().getName(), "add"); } /** @@ -117,20 +117,22 @@ public abstract class EnvelopeEntry extends Entry */ public boolean containsAlias(String alias) { + log.entering(this.getClass().getName(), "containsAlias", alias); String aliases = getAliasList(); - if (aliases == null) - { - return false; - } - StringTokenizer tok = new StringTokenizer(aliases, ";"); - while (tok.hasMoreTokens()) + log.finest("aliases = [" + aliases + "]"); + boolean result = false; + if (aliases != null) { - if (tok.nextToken().equals(alias)) - { - return true; - } + StringTokenizer tok = new StringTokenizer(aliases, ";"); + while (tok.hasMoreTokens()) + if (tok.nextToken().equals(alias)) + { + result = true; + break; + } } - return false; + log.exiting(this.getClass().getName(), "containsAlias", Boolean.valueOf(result)); + return result; } /** @@ -180,34 +182,41 @@ public abstract class EnvelopeEntry extends Entry */ public List get(String alias) { + log.entering(this.getClass().getName(), "get", alias); + List result = new LinkedList(); for (Iterator it = entries.iterator(); it.hasNext();) { Entry e = (Entry) it.next(); if (e instanceof EnvelopeEntry) { - if (!((EnvelopeEntry) e).containsAlias(alias)) - { - continue; - } - if (e instanceof MaskableEnvelopeEntry) + EnvelopeEntry ee = (EnvelopeEntry) e; + if (! ee.containsAlias(alias)) + continue; + + if (ee instanceof MaskableEnvelopeEntry) { - if (((MaskableEnvelopeEntry) e).isMasked()) + MaskableEnvelopeEntry mee = (MaskableEnvelopeEntry) ee; + if (mee.isMasked()) { - result.add(e); + log.finer("Processing masked entry: " + mee); + result.add(mee); continue; } } - result.addAll(((EnvelopeEntry) e).get(alias)); + + log.finer("Processing unmasked entry: " + ee); + result.addAll(ee.get(alias)); } else if (e instanceof PrimitiveEntry) { - if (((PrimitiveEntry) e).getAlias().equals(alias)) - { - result.add(e); - } + PrimitiveEntry pe = (PrimitiveEntry) e; + if (pe.getAlias().equals(alias)) + result.add(e); } } + + log.exiting(this.getClass().getName(), "get", result); return result; } @@ -238,6 +247,7 @@ public abstract class EnvelopeEntry extends Entry */ public boolean remove(Entry entry) { + log.entering(this.getClass().getName(), "remove", entry); boolean ret = false; for (Iterator it = entries.iterator(); it.hasNext();) { @@ -268,36 +278,63 @@ public abstract class EnvelopeEntry extends Entry } if (ret) { + log.finest("State before: " + this); payload = null; makeAliasList(); + log.finest("State after: " + this); } + log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(ret)); return ret; } /** * Removes all primitive entries that have the specified alias. - * + * * @param alias The alias of the entries to remove. + * @return <code>true</code> if <code>alias</code> was present and was + * successfully trmoved. Returns <code>false</code> if + * <code>alias</code> was not present in the list of aliases in this + * envelope. */ - public void remove(String alias) + public boolean remove(String alias) { + log.entering(this.getClass().getName(), "remove", alias); + boolean result = false; for (Iterator it = entries.iterator(); it.hasNext();) { Entry e = (Entry) it.next(); if (e instanceof EnvelopeEntry) { - ((EnvelopeEntry) e).remove(alias); + EnvelopeEntry ee = (EnvelopeEntry) e; + result = ee.remove(alias) || result; } else if (e instanceof PrimitiveEntry) { - if (((PrimitiveEntry) e).getAlias().equals(alias)) + PrimitiveEntry pe = (PrimitiveEntry) e; + if (pe.getAlias().equals(alias)) { it.remove(); + result = true; } } } - payload = null; - makeAliasList(); + if (result) + { + log.finest("State before: " + this); + payload = null; + makeAliasList(); + log.finest("State after: " + this); + } + log.exiting(this.getClass().getName(), "remove", Boolean.valueOf(result)); + return result; + } + + public String toString() + { + return new StringBuilder("Envelope{") + .append(super.toString()) + .append(", entries=").append(entries) + .append("}").toString(); } // Protected methods. @@ -324,6 +361,7 @@ public abstract class EnvelopeEntry extends Entry protected void decodeEnvelope(DataInputStream in) throws IOException { + this.entries.clear(); while (true) { int type = in.read(); @@ -372,27 +410,39 @@ public abstract class EnvelopeEntry extends Entry private void makeAliasList() { - if (entries.isEmpty()) - return; - StringBuffer buf = new StringBuffer(); - for (Iterator it = entries.iterator(); it.hasNext();) + log.entering(this.getClass().getName(), "makeAliasList"); + if (! entries.isEmpty()) { - Entry entry = (Entry) it.next(); - if (entry instanceof EnvelopeEntry) - { - buf.append(((EnvelopeEntry) entry).getAliasList()); - } - else if (entry instanceof PrimitiveEntry) + StringBuilder buf = new StringBuilder(); + String aliasOrList; + for (Iterator it = entries.iterator(); it.hasNext();) { - buf.append(((PrimitiveEntry) entry).getAlias()); + Entry entry = (Entry) it.next(); + aliasOrList = null; + if (entry instanceof EnvelopeEntry) + aliasOrList = ((EnvelopeEntry) entry).getAliasList(); + else if (entry instanceof PrimitiveEntry) + aliasOrList = ((PrimitiveEntry) entry).getAlias(); + else + log.fine("Entry with no Alias. Ignored: " + entry); + + if (aliasOrList != null) + { + aliasOrList = aliasOrList.trim(); + if (aliasOrList.trim().length() > 0) + { + buf.append(aliasOrList); + if (it.hasNext()) + buf.append(';'); + } + } } - if (it.hasNext()) - buf.append(';'); - } - properties.put("alias-list", buf.toString()); - if (containingEnvelope != null) - { - containingEnvelope.makeAliasList(); + String aliasList = buf.toString(); + properties.put("alias-list", aliasList); + log.finer("alias-list=[" + aliasList + "]"); + if (containingEnvelope != null) + containingEnvelope.makeAliasList(); } + log.exiting(this.getClass().getName(), "makeAliasList"); } } diff --git a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java index c1fe30e67..bd5a96227 100644 --- a/gnu/javax/crypto/keyring/GnuPrivateKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPrivateKeyring.java @@ -106,7 +106,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public boolean containsPrivateKey(String alias) { log.entering(this.getClass().getName(), "containsPrivateKey", alias); - boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -115,7 +114,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsPrivateKey", Boolean.valueOf(result)); return result; @@ -124,17 +122,15 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public Key getPrivateKey(String alias, char[] password) throws UnrecoverableKeyException { - log.entering(this.getClass().getName(), "getPrivateKey", - new Object[] { alias, String.valueOf(password) }); - + log.entering(this.getClass().getName(), "getPrivateKey", alias); Key result = null; if (containsAlias(alias)) { PasswordAuthenticatedEntry e1 = null; - PasswordEncryptedEntry e2 = null; for (Iterator it = get(alias).iterator(); it.hasNext();) { Entry e = (Entry) it.next(); + log.finest("Entry: " + e); if (e instanceof PasswordAuthenticatedEntry) { e1 = (PasswordAuthenticatedEntry) e; @@ -142,6 +138,7 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } } + log.finest("e1 = " + e1); if (e1 != null) { try @@ -150,9 +147,11 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } catch (Exception e) { + log.throwing(this.getClass().getName(), "getPrivateKey", e); throw new UnrecoverableKeyException("authentication failed"); } + PasswordEncryptedEntry e2 = null; for (Iterator it = e1.getEntries().iterator(); it.hasNext();) { Entry e = (Entry) it.next(); @@ -171,6 +170,7 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } catch (Exception e) { + log.throwing(this.getClass().getName(), "getPrivateKey", e); throw new UnrecoverableKeyException("decryption failed"); } @@ -186,31 +186,26 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring } } } - - log.exiting(this.getClass().getName(), "getPrivateKey", result); + log.exiting(this.getClass().getName(), "getPrivateKey", + result == null ? "null" : result.getClass().getName()); return result; } public void putPrivateKey(String alias, Key key, char[] password) { log.entering(this.getClass().getName(), "putPrivateKey", - new Object[] { alias, key, String.valueOf(password) }); - + new Object[] { alias, key.getClass().getName() }); if (! containsPrivateKey(alias)) { alias = fixAlias(alias); Properties p = new Properties(); p.put("alias", alias); PrivateKeyEntry pke = new PrivateKeyEntry(key, new Date(), p); + + log.finest("About to encrypt the key..."); PasswordEncryptedEntry enc; enc = new PasswordEncryptedEntry(cipher, mode, keylen, new Properties()); enc.add(pke); - - PasswordAuthenticatedEntry auth; - auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties()); - auth.add(enc); - - log.finest("About to encrypt the key..."); try { enc.encode(null, password); @@ -218,11 +213,14 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring catch (IOException x) { log.log(Level.FINER, "Exception while encrypting the key. " - + "Rethrow as IllegalArgumentException", x); + + "Rethrow as IllegalArgumentException", x); throw new IllegalArgumentException(x.toString()); } log.finest("About to authenticate the encrypted key..."); + PasswordAuthenticatedEntry auth; + auth = new PasswordAuthenticatedEntry(mac, maclen, new Properties()); + auth.add(enc); try { auth.encode(null, password); @@ -230,7 +228,7 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring catch (IOException x) { log.log(Level.FINER, "Exception while authenticating the encrypted " - + "key. Rethrow as IllegalArgumentException", x); + + "key. Rethrow as IllegalArgumentException", x); throw new IllegalArgumentException(x.toString()); } @@ -245,7 +243,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public boolean containsPublicKey(String alias) { log.entering(this.getClass().getName(), "containsPublicKey", alias); - boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -254,7 +251,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsPublicKey", Boolean.valueOf(result)); return result; @@ -263,7 +259,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public PublicKey getPublicKey(String alias) { log.entering(this.getClass().getName(), "getPublicKey", alias); - PublicKey result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -275,16 +270,15 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring break; } } - - log.exiting(this.getClass().getName(), "getPublicKey", result); + log.exiting(this.getClass().getName(), "getPublicKey", + result == null ? "null" : result.getClass().getName()); return result; } public void putPublicKey(String alias, PublicKey key) { log.entering(this.getClass().getName(), "putPublicKey", - new Object[] { alias, key }); - + new Object[] { alias, key.getClass().getName() }); if (! containsPublicKey(alias)) { Properties p = new Properties(); @@ -300,7 +294,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public boolean containsCertPath(String alias) { log.entering(this.getClass().getName(), "containsCertPath", alias); - boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -309,7 +302,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsCertPath", Boolean.valueOf(result)); return result; @@ -318,7 +310,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring public Certificate[] getCertPath(String alias) { log.entering(this.getClass().getName(), "getCertPath", alias); - Certificate[] result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -330,7 +321,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring break; } } - log.exiting(this.getClass().getName(), "getCertPath", result); return result; } @@ -339,7 +329,6 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring { log.entering(this.getClass().getName(), "putCertPath", new Object[] { alias, path }); - if (! containsCertPath(alias)) { Properties p = new Properties(); @@ -354,28 +343,23 @@ public class GnuPrivateKeyring extends BaseKeyring implements IPrivateKeyring protected void load(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "load", - new Object[] { in, String.valueOf(password) }); - + log.entering(this.getClass().getName(), "load"); if (in.read() != USAGE) throw new MalformedKeyringException("incompatible keyring usage"); if (in.read() != PasswordAuthenticatedEntry.TYPE) throw new MalformedKeyringException("expecting password-authenticated entry tag"); - keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), password); - + keyring = PasswordAuthenticatedEntry.decode(new DataInputStream(in), + password); log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "store", - new Object[] { out, String.valueOf(password) }); - + log.entering(this.getClass().getName(), "store"); out.write(USAGE); keyring.encode(new DataOutputStream(out), password); - log.exiting(this.getClass().getName(), "store"); } } diff --git a/gnu/javax/crypto/keyring/GnuPublicKeyring.java b/gnu/javax/crypto/keyring/GnuPublicKeyring.java index 490eb4458..7e1182bc1 100644 --- a/gnu/javax/crypto/keyring/GnuPublicKeyring.java +++ b/gnu/javax/crypto/keyring/GnuPublicKeyring.java @@ -78,7 +78,6 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring public boolean containsCertificate(String alias) { log.entering(this.getClass().getName(), "containsCertificate", alias); - boolean result = false; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -87,7 +86,6 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring result = true; break; } - log.exiting(this.getClass().getName(), "containsCertificate", Boolean.valueOf(result)); return result; @@ -96,7 +94,6 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring public Certificate getCertificate(String alias) { log.entering(this.getClass().getName(), "getCertificate", alias); - Certificate result = null; if (containsAlias(alias)) for (Iterator it = get(alias).iterator(); it.hasNext();) @@ -108,7 +105,6 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring break; } } - log.exiting(this.getClass().getName(), "getCertificate", result); return result; } @@ -117,7 +113,6 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring { log.entering(this.getClass().getName(), "putCertificate", new Object[] { alias, cert }); - if (! containsCertificate(alias)) { Properties p = new Properties(); @@ -132,9 +127,7 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring protected void load(InputStream in, char[] password) throws IOException { - log.entering(this.getClass().getName(), "load", - new Object[] { in, String.valueOf(password) }); - + log.entering(this.getClass().getName(), "load"); if (in.read() != USAGE) throw new MalformedKeyringException("incompatible keyring usage"); @@ -143,18 +136,14 @@ public class GnuPublicKeyring extends BaseKeyring implements IPublicKeyring DataInputStream dis = new DataInputStream(in); keyring = PasswordAuthenticatedEntry.decode(dis, password); - log.exiting(this.getClass().getName(), "load"); } protected void store(OutputStream out, char[] password) throws IOException { - log.entering(this.getClass().getName(), "store", - new Object[] { out, String.valueOf(password) }); - + log.entering(this.getClass().getName(), "store"); out.write(USAGE); keyring.encode(new DataOutputStream(out), password); - log.exiting(this.getClass().getName(), "store"); } } diff --git a/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java b/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java index 7fed7c40c..653d62ced 100644 --- a/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java +++ b/gnu/javax/crypto/keyring/MaskableEnvelopeEntry.java @@ -48,7 +48,6 @@ import java.util.List; */ public abstract class MaskableEnvelopeEntry extends EnvelopeEntry { - // Fields. // ------------------------------------------------------------------------ @@ -137,12 +136,19 @@ public abstract class MaskableEnvelopeEntry extends EnvelopeEntry return super.remove(entry); } - public void remove(String alias) + public boolean remove(String alias) { if (isMasked()) - { - throw new IllegalStateException("masked envelope"); - } - super.remove(alias); + throw new IllegalStateException("masked envelope"); + + return super.remove(alias); + } + + public String toString() + { + return new StringBuilder("MaskableEnvelope{") + .append(super.toString()) + .append(", masked=").append(masked) + .append("}").toString(); } } diff --git a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java index 4e7e49a0b..96d4fc4db 100644 --- a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java @@ -146,11 +146,11 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry public void verify(char[] password) { - log.entering(this.getClass().getName(), "verify", String.valueOf(password)); - long tt = - System.currentTimeMillis(); - + log.entering(this.getClass().getName(), "verify"); if (isMasked() && payload != null) { + log.finest("payload to verify: " + Util.dumpString(payload)); + long tt = - System.currentTimeMillis(); IMac m = null; try { @@ -169,6 +169,8 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry if (! Arrays.equals(macValue, m.digest())) throw new IllegalArgumentException("MAC verification failed"); + setMasked(false); + ByteArrayInputStream bais; try { @@ -180,19 +182,18 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry { throw new IllegalArgumentException("malformed keyring fragment"); } - setMasked(false); - payload = null; - } - tt += System.currentTimeMillis(); - log.finer("Verified in " + tt + "ms."); + tt += System.currentTimeMillis(); + log.finer("Verified in " + tt + "ms."); + } + else + log.finer("Skip verification; " + (isMasked() ? "null payload" : "unmasked")); log.exiting(this.getClass().getName(), "verify"); } public void authenticate(char[] password) throws IOException { - log.entering(this.getClass().getName(), "authenticate", - String.valueOf(password)); + log.entering(this.getClass().getName(), "authenticate"); long tt = - System.currentTimeMillis(); long t1 = - System.currentTimeMillis(); @@ -218,7 +219,10 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry log.finer("-- Authenticated an Entry in " + t1 + "ms."); } bout.write(m.digest()); + payload = bout.toByteArray(); + log.finest("authenticated payload: " + Util.dumpString(payload)); + setMasked(true); tt += System.currentTimeMillis(); log.finer("Authenticated in " + tt + "ms."); @@ -235,6 +239,7 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry { if (payload == null) { + log.fine("Null payload: " + this); throw new IllegalStateException("mac not computed"); } } @@ -244,26 +249,25 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry private IMac getMac(char[] password) throws MalformedKeyringException { - if (!properties.containsKey("salt")) - { - throw new MalformedKeyringException("no salt"); - } - byte[] salt = Util.toBytesFromString(properties.get("salt")); - IMac mac = MacFactory.getInstance(properties.get("mac")); + log.entering(this.getClass().getName(), "getMac"); + String saltString = properties.get("salt"); + if (saltString == null) + throw new MalformedKeyringException("no salt"); + + byte[] salt = Util.toBytesFromString(saltString); + String macAlgorithm = properties.get("mac"); + IMac mac = MacFactory.getInstance(macAlgorithm); if (mac == null) - { - throw new MalformedKeyringException("no such mac: " - + properties.get("mac")); - } - int keylen = mac.macSize(); - int maclen = 0; - if (!properties.containsKey("maclen")) - { - throw new MalformedKeyringException("no MAC length"); - } + throw new MalformedKeyringException("no such mac: " + macAlgorithm); + + String macLenString = properties.get("maclen"); + if (macLenString == null) + throw new MalformedKeyringException("no MAC length"); + + int maclen; try { - maclen = Integer.parseInt(properties.get("maclen")); + maclen = Integer.parseInt(macLenString); } catch (NumberFormatException nfe) { @@ -277,6 +281,7 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA"); kdf.init(pbAttr); + int keylen = mac.macSize(); byte[] dk = new byte[keylen]; try { @@ -298,6 +303,7 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry { throw new Error(shouldNotHappen.toString()); } + log.exiting(this.getClass().getName(), "getMac"); return mac; } } diff --git a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java index d67ef0e0a..24ab98266 100644 --- a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java @@ -132,39 +132,40 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements public void decrypt(char[] password) throws IllegalArgumentException, WrongPaddingException { - log.entering(this.getClass().getName(), "decrypt", String.valueOf(password)); - long tt = - System.currentTimeMillis(); + log.entering(this.getClass().getName(), "decrypt"); + if (isMasked() && payload != null) + { + long tt = - System.currentTimeMillis(); + IMode mode = getMode(password, IMode.DECRYPTION); + IPad padding = PadFactory.getInstance("PKCS7"); + padding.init(mode.currentBlockSize()); + byte[] buf = new byte[payload.length]; + int count = 0; + while (count + mode.currentBlockSize() <= payload.length) + { + mode.update(payload, count, buf, count); + count += mode.currentBlockSize(); + } + int padlen = padding.unpad(buf, 0, buf.length); - if (!isMasked() || payload == null) - return; + setMasked(false); - IMode mode = getMode(password, IMode.DECRYPTION); - IPad padding = PadFactory.getInstance("PKCS7"); - padding.init(mode.currentBlockSize()); - byte[] buf = new byte[payload.length]; - int count = 0; - for (int i = 0; i < payload.length; i++) - { - mode.update(payload, count, buf, count); - count += mode.currentBlockSize(); - } - int padlen = padding.unpad(buf, 0, buf.length); - ByteArrayInputStream baos = new ByteArrayInputStream(buf, 0, - buf.length - padlen); - DataInputStream in = new DataInputStream(baos); - try - { - decodeEnvelope(in); - } - catch (IOException ioe) - { - throw new IllegalArgumentException("decryption failed"); + ByteArrayInputStream baos = new ByteArrayInputStream(buf, 0, + buf.length - padlen); + DataInputStream in = new DataInputStream(baos); + try + { + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("decryption failed"); + } + tt += System.currentTimeMillis(); + log.finer("Decrypted in " + tt + "ms."); } - setMasked(false); - payload = null; - - tt += System.currentTimeMillis(); - log.finer("Decrypted in " + tt + "ms."); + else + log.finer("Skip decryption; " + (isMasked() ? "null payload" : "unmasked")); log.exiting(this.getClass().getName(), "decrypt"); } @@ -208,6 +209,8 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements } mode.update(lastBlock, 0, payload, count); + setMasked(true); + tt += System.currentTimeMillis(); log.finer("Encrypted in " + tt + "ms."); log.exiting(this.getClass().getName(), "encrypt"); @@ -223,6 +226,7 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements { if (payload == null) { + log.fine("Null payload: " + this); throw new IllegalStateException("not encrypted"); } } diff --git a/gnu/javax/crypto/keyring/PrivateKeyEntry.java b/gnu/javax/crypto/keyring/PrivateKeyEntry.java index 882495633..cf5b41287 100644 --- a/gnu/javax/crypto/keyring/PrivateKeyEntry.java +++ b/gnu/javax/crypto/keyring/PrivateKeyEntry.java @@ -42,12 +42,10 @@ import gnu.java.security.key.IKeyPairCodec; import gnu.java.security.key.KeyPairCodecFactory; import gnu.java.security.key.dss.DSSPrivateKey; import gnu.java.security.key.rsa.GnuRSAPrivateKey; - import gnu.javax.crypto.key.GnuSecretKey; import gnu.javax.crypto.key.dh.GnuDHPrivateKey; import java.io.DataInputStream; -import java.io.DataOutputStream; import java.io.IOException; import java.security.Key; import java.security.KeyFactory; @@ -56,11 +54,11 @@ import java.security.spec.PKCS8EncodedKeySpec; import java.util.Date; /** - * <p>An immutable class representing a private or secret key entry.</p> + * An immutable class representing a private or secret key entry. */ -public final class PrivateKeyEntry extends PrimitiveEntry +public final class PrivateKeyEntry + extends PrimitiveEntry { - // Constants and variables // ------------------------------------------------------------------------- @@ -73,7 +71,7 @@ public final class PrivateKeyEntry extends PrimitiveEntry // ------------------------------------------------------------------------- /** - * <p>Creates a new key entry.</p> + * Creates a new key entry. * * @param key The key. * @param creationDate The entry creation date. @@ -85,13 +83,11 @@ public final class PrivateKeyEntry extends PrimitiveEntry super(TYPE, creationDate, properties); if (key == null) - { - throw new IllegalArgumentException("no private key"); - } - if (!(key instanceof PrivateKey) && !(key instanceof GnuSecretKey)) - { - throw new IllegalArgumentException("not a private or secret key"); - } + throw new IllegalArgumentException("no private key"); + + if (! (key instanceof PrivateKey) && ! (key instanceof GnuSecretKey)) + throw new IllegalArgumentException("not a private or secret key"); + this.key = key; } @@ -109,9 +105,8 @@ public final class PrivateKeyEntry extends PrimitiveEntry entry.defaultDecode(in); String type = entry.properties.get("type"); if (type == null) - { - throw new MalformedKeyringException("no key type"); - } + throw new MalformedKeyringException("no key type"); + if (type.equalsIgnoreCase("RAW-DSS")) { IKeyPairCodec coder = KeyPairCodecFactory.getInstance("dss"); @@ -128,42 +123,38 @@ public final class PrivateKeyEntry extends PrimitiveEntry entry.key = coder.decodePrivateKey(entry.payload); } else if (type.equalsIgnoreCase("RAW")) - { - entry.key = new GnuSecretKey(entry.payload, null); - } + entry.key = new GnuSecretKey(entry.payload, null); else if (type.equalsIgnoreCase("PKCS8")) { try { KeyFactory kf = KeyFactory.getInstance("RSA"); - entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec( - entry.payload)); + PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(entry.payload); + entry.key = kf.generatePrivate(ks); } - catch (Exception x) + catch (Exception ignored) { } + if (entry.key == null) { try { KeyFactory kf = KeyFactory.getInstance("DSA"); - entry.key = kf.generatePrivate(new PKCS8EncodedKeySpec( - entry.payload)); + PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(entry.payload); + entry.key = kf.generatePrivate(ks); } - catch (Exception x) + catch (Exception ignored) { } + if (entry.key == null) - { - throw new MalformedKeyringException( - "could not decode PKCS#8 key"); - } + throw new MalformedKeyringException("could not decode PKCS#8 key"); } } else - { - throw new MalformedKeyringException("unsupported key type " + type); - } + throw new MalformedKeyringException("unsupported key type " + type); + return entry; } @@ -171,7 +162,7 @@ public final class PrivateKeyEntry extends PrimitiveEntry // ------------------------------------------------------------------------- /** - * <p>Returns this entry's key.</p> + * Returns this entry's key. * * @return The key. */ @@ -212,8 +203,12 @@ public final class PrivateKeyEntry extends PrimitiveEntry payload = key.getEncoded(); } else - { - throw new IllegalArgumentException("unsupported private key"); - } + throw new IllegalArgumentException("unsupported private key"); + } + + public String toString() + { + return "PrivateKeyEntry{key=" + + (key == null ? "-" : key.getClass().getName()) + "}"; } } diff --git a/gnu/javax/crypto/keyring/PublicKeyEntry.java b/gnu/javax/crypto/keyring/PublicKeyEntry.java index 528e70cc6..bc09445fd 100644 --- a/gnu/javax/crypto/keyring/PublicKeyEntry.java +++ b/gnu/javax/crypto/keyring/PublicKeyEntry.java @@ -38,22 +38,19 @@ exception statement from your version. */ package gnu.javax.crypto.keyring; -import java.io.DataInputStream; -import java.io.DataOutputStream; -import java.io.IOException; - -import java.security.PublicKey; -import java.security.KeyFactory; -import java.security.spec.X509EncodedKeySpec; - -import java.util.Date; - import gnu.java.security.key.IKeyPairCodec; import gnu.java.security.key.KeyPairCodecFactory; import gnu.java.security.key.dss.DSSPublicKey; import gnu.java.security.key.rsa.GnuRSAPublicKey; import gnu.javax.crypto.key.dh.GnuDHPublicKey; +import java.io.DataInputStream; +import java.io.IOException; +import java.security.KeyFactory; +import java.security.PublicKey; +import java.security.spec.X509EncodedKeySpec; +import java.util.Date; + public final class PublicKeyEntry extends PrimitiveEntry { diff --git a/gnu/javax/crypto/mac/OMAC.java b/gnu/javax/crypto/mac/OMAC.java index c83320a1b..21156ac63 100644 --- a/gnu/javax/crypto/mac/OMAC.java +++ b/gnu/javax/crypto/mac/OMAC.java @@ -43,10 +43,8 @@ import gnu.java.security.util.Util; import gnu.javax.crypto.cipher.CipherFactory; import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.mode.IMode; -import gnu.javax.crypto.mode.ModeFactory; import java.security.InvalidKeyException; - import java.util.Arrays; import java.util.HashMap; import java.util.Map; diff --git a/gnu/javax/crypto/mode/BaseMode.java b/gnu/javax/crypto/mode/BaseMode.java index 0a9ab2dab..f230cbd72 100644 --- a/gnu/javax/crypto/mode/BaseMode.java +++ b/gnu/javax/crypto/mode/BaseMode.java @@ -146,7 +146,7 @@ public abstract class BaseMode implements IMode * of the method(s) available in the factory class.</p> * * @return the default value, in bytes, of the mode's block size. - * @see gnu.crypto.mode.ModeFactory + * @see ModeFactory */ public int defaultBlockSize() { diff --git a/gnu/javax/crypto/mode/CTR.java b/gnu/javax/crypto/mode/CTR.java index 49f4b9f3c..264d5399d 100644 --- a/gnu/javax/crypto/mode/CTR.java +++ b/gnu/javax/crypto/mode/CTR.java @@ -40,10 +40,8 @@ package gnu.javax.crypto.mode; import gnu.java.security.Registry; import gnu.java.security.util.Sequence; - import gnu.javax.crypto.cipher.IBlockCipher; -import java.math.BigInteger; import java.util.Arrays; import java.util.Iterator; diff --git a/gnu/javax/crypto/pad/IPad.java b/gnu/javax/crypto/pad/IPad.java index 4b4c925e6..9cef4f78b 100644 --- a/gnu/javax/crypto/pad/IPad.java +++ b/gnu/javax/crypto/pad/IPad.java @@ -44,7 +44,7 @@ package gnu.javax.crypto.pad; * <p>Padding algorithms serve to <i>pad</i> and <i>unpad</i> byte arrays usually * as the last step in an <i>encryption</i> or respectively a <i>decryption</i> * operation. Their input buffers are usually those processed by instances of - * {@link gnu.crypto.mode.IMode} and/or {@link gnu.crypto.cipher.IBlockCipher}.</p> + * {@link gnu.javax.crypto.mode.IMode} and/or {@link gnu.javax.crypto.cipher.IBlockCipher}.</p> */ public interface IPad { diff --git a/gnu/javax/crypto/pad/PKCS1_V1_5.java b/gnu/javax/crypto/pad/PKCS1_V1_5.java index 03c3d61a3..5f5a2cf47 100644 --- a/gnu/javax/crypto/pad/PKCS1_V1_5.java +++ b/gnu/javax/crypto/pad/PKCS1_V1_5.java @@ -92,7 +92,7 @@ public class PKCS1_V1_5 extends BasePad * <p>Trivial package-private constructor for use by the <i>Factory</i> class. * </p> * - * @see gnu.crypto.pad.PadFactory + * @see PadFactory */ PKCS1_V1_5() { diff --git a/gnu/javax/crypto/pad/PKCS7.java b/gnu/javax/crypto/pad/PKCS7.java index 5697aff27..a5a1631a9 100644 --- a/gnu/javax/crypto/pad/PKCS7.java +++ b/gnu/javax/crypto/pad/PKCS7.java @@ -86,7 +86,7 @@ public final class PKCS7 extends BasePad /** * Trivial package-private constructor for use by the <i>Factory</i> class.<p> * - * @see gnu.crypto.pad.PadFactory + * @see PadFactory */ PKCS7() { diff --git a/gnu/javax/crypto/pad/TBC.java b/gnu/javax/crypto/pad/TBC.java index 25c3e4286..c7e25cb23 100644 --- a/gnu/javax/crypto/pad/TBC.java +++ b/gnu/javax/crypto/pad/TBC.java @@ -85,7 +85,7 @@ public final class TBC extends BasePad /** * Trivial package-private constructor for use by the <i>Factory</i> class.<p> * - * @see gnu.crypto.pad.PadFactory + * @see PadFactory */ TBC() { diff --git a/gnu/javax/crypto/pad/TLS1.java b/gnu/javax/crypto/pad/TLS1.java index 00a538f88..eb7e22d5d 100644 --- a/gnu/javax/crypto/pad/TLS1.java +++ b/gnu/javax/crypto/pad/TLS1.java @@ -38,8 +38,6 @@ exception statement from your version. */ package gnu.javax.crypto.pad; -import gnu.java.security.util.Util; - /** * The padding scheme used by the Transport Layer Security protocol, * version 1. This padding scheme is used in the block-ciphered struct, diff --git a/gnu/javax/crypto/prng/CSPRNG.java b/gnu/javax/crypto/prng/CSPRNG.java index 6585dcb90..875ed9a0f 100644 --- a/gnu/javax/crypto/prng/CSPRNG.java +++ b/gnu/javax/crypto/prng/CSPRNG.java @@ -48,7 +48,6 @@ import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; import gnu.java.security.util.SimpleList; import gnu.java.security.util.Util; - import gnu.javax.crypto.cipher.CipherFactory; import gnu.javax.crypto.cipher.IBlockCipher; @@ -56,15 +55,11 @@ import java.io.ByteArrayOutputStream; import java.io.FileInputStream; import java.io.InputStream; import java.io.PrintStream; - import java.net.MalformedURLException; import java.net.URL; - import java.security.AccessController; import java.security.InvalidKeyException; import java.security.PrivilegedAction; - -import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; @@ -114,7 +109,7 @@ public class CSPRNG extends BasePRNG * <li>A {@link String}, indicating the path to the file.</li> * </ol> * - * @see gnu.crypto.util.SimpleList + * @see gnu.java.security.util.SimpleList */ public static final String FILE_SOURCES = "gnu.crypto.prng.pool.files"; @@ -332,7 +327,7 @@ public class CSPRNG extends BasePRNG * and its arguments.</p></dd> * * <dt>gnu.crypto.cspring.other</dt> - * <dd><p>These properties are other sources, passed as the {@link OTHER_SOURCES} + * <dd><p>These properties are other sources, passed as the {@link #OTHER_SOURCES} * parameter of the instance. The property value must be the full name * of a class that implements the {@link EntropySource} interface and has a * public no-argument constructor.</p></dd> @@ -994,7 +989,7 @@ public class CSPRNG extends BasePRNG // Field. // ----------------------------------------------------------------------- - private byte counter; + protected byte counter; // Constructor. // ----------------------------------------------------------------------- diff --git a/gnu/javax/crypto/sasl/SaslUtil.java b/gnu/javax/crypto/sasl/SaslUtil.java index e70312c0d..cb8d88e69 100644 --- a/gnu/javax/crypto/sasl/SaslUtil.java +++ b/gnu/javax/crypto/sasl/SaslUtil.java @@ -40,7 +40,6 @@ package gnu.javax.crypto.sasl; import gnu.java.security.util.Util; -import java.math.BigInteger; import java.security.MessageDigest; /** diff --git a/gnu/javax/crypto/sasl/srp/PasswordFile.java b/gnu/javax/crypto/sasl/srp/PasswordFile.java index 1628a4167..70a4bb65c 100644 --- a/gnu/javax/crypto/sasl/srp/PasswordFile.java +++ b/gnu/javax/crypto/sasl/srp/PasswordFile.java @@ -39,7 +39,6 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.srp; import gnu.java.security.Registry; -import gnu.java.security.hash.IMessageDigest; import gnu.java.security.util.Util; import gnu.javax.crypto.key.srp6.SRPAlgorithm; import gnu.javax.crypto.sasl.NoSuchUserException; @@ -50,9 +49,9 @@ import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; +import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; -import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.math.BigInteger; diff --git a/gnu/javax/crypto/sasl/srp/SRPRegistry.java b/gnu/javax/crypto/sasl/srp/SRPRegistry.java index 262cbcba3..9f7bba8e9 100644 --- a/gnu/javax/crypto/sasl/srp/SRPRegistry.java +++ b/gnu/javax/crypto/sasl/srp/SRPRegistry.java @@ -140,7 +140,7 @@ public interface SRPRegistry /** * Name of the SRP password database property --a reference to - * {@link gnu.crypto.sasl.srp.PasswordFile} object. + * {@link PasswordFile} object. */ String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db"; |