diff options
| author | mark <mark@138bc75d-0d04-0410-961f-82ee72b054a4> | 2006-05-18 17:29:21 +0000 |
|---|---|---|
| committer | mark <mark@138bc75d-0d04-0410-961f-82ee72b054a4> | 2006-05-18 17:29:21 +0000 |
| commit | 64089cc9f030d8ef7972adb5d117e0b23f47d62b (patch) | |
| tree | 9f9c470de62ee62fba1331a396450d728d2b1fad /libjava/classpath/gnu/java/security | |
| parent | 96034e28360d660d7a7708807fcbc4b519574d8e (diff) | |
| download | gcc-64089cc9f030d8ef7972adb5d117e0b23f47d62b.tar.gz | |
Imported GNU Classpath 0.90
* scripts/makemake.tcl: LocaleData.java moved to gnu/java/locale.
* sources.am: Regenerated.
* gcj/javaprims.h: Regenerated.
* Makefile.in: Regenerated.
* gcj/Makefile.in: Regenerated.
* include/Makefile.in: Regenerated.
* testsuite/Makefile.in: Regenerated.
* gnu/java/lang/VMInstrumentationImpl.java: New override.
* gnu/java/net/local/LocalSocketImpl.java: Likewise.
* gnu/classpath/jdwp/VMMethod.java: Likewise.
* gnu/classpath/jdwp/VMVirtualMachine.java: Update to latest
interface.
* java/lang/Thread.java: Add UncaughtExceptionHandler.
* java/lang/reflect/Method.java: Implements GenericDeclaration and
isSynthetic(),
* java/lang/reflect/Field.java: Likewise.
* java/lang/reflect/Constructor.java
* java/lang/Class.java: Implements Type, GenericDeclaration,
getSimpleName() and getEnclosing*() methods.
* java/lang/Class.h: Add new public methods.
* java/lang/Math.java: Add signum(), ulp() and log10().
* java/lang/natMath.cc (log10): New function.
* java/security/VMSecureRandom.java: New override.
* java/util/logging/Logger.java: Updated to latest classpath
version.
* java/util/logging/LogManager.java: New override.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@113887 138bc75d-0d04-0410-961f-82ee72b054a4
Diffstat (limited to 'libjava/classpath/gnu/java/security')
66 files changed, 925 insertions, 620 deletions
diff --git a/libjava/classpath/gnu/java/security/Properties.java b/libjava/classpath/gnu/java/security/Properties.java index 813888c20a8..860b7d928ff 100644 --- a/libjava/classpath/gnu/java/security/Properties.java +++ b/libjava/classpath/gnu/java/security/Properties.java @@ -333,9 +333,9 @@ public final class Properties handleBooleanProperty(DO_RSA_BLINDING); // re-sync the 'known' properties - reproducible = new Boolean((String) props.get(REPRODUCIBLE_PRNG)).booleanValue(); - checkForWeakKeys = new Boolean((String) props.get(CHECK_WEAK_KEYS)).booleanValue(); - doRSABlinding = new Boolean((String) props.get(DO_RSA_BLINDING)).booleanValue(); + reproducible = Boolean.valueOf((String) props.get(REPRODUCIBLE_PRNG)).booleanValue(); + checkForWeakKeys = Boolean.valueOf((String) props.get(CHECK_WEAK_KEYS)).booleanValue(); + doRSABlinding = Boolean.valueOf((String) props.get(DO_RSA_BLINDING)).booleanValue(); // This does not change. props.put(VERSION, Registry.VERSION_STRING); diff --git a/libjava/classpath/gnu/java/security/Registry.java b/libjava/classpath/gnu/java/security/Registry.java index efb54e71470..0cb92513502 100644 --- a/libjava/classpath/gnu/java/security/Registry.java +++ b/libjava/classpath/gnu/java/security/Registry.java @@ -159,6 +159,9 @@ public interface Registry // Padding scheme names and synonyms........................................ + /** PKCS#5 padding scheme. */ + String PKCS5_PAD = "pkcs5"; + /** PKCS#7 padding scheme. */ String PKCS7_PAD = "pkcs7"; diff --git a/libjava/classpath/gnu/java/security/hash/Haval.java b/libjava/classpath/gnu/java/security/hash/Haval.java index f9f3282f278..1bf75652de7 100644 --- a/libjava/classpath/gnu/java/security/hash/Haval.java +++ b/libjava/classpath/gnu/java/security/hash/Haval.java @@ -567,7 +567,7 @@ public class Haval extends BaseHash { if (valid == null) { - valid = new Boolean(DIGEST0.equals(Util.toString(new Haval().digest()))); + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Haval().digest()))); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/MD2.java b/libjava/classpath/gnu/java/security/hash/MD2.java index 41e876983bd..2a93c42c44a 100644 --- a/libjava/classpath/gnu/java/security/hash/MD2.java +++ b/libjava/classpath/gnu/java/security/hash/MD2.java @@ -181,7 +181,7 @@ public class MD2 extends BaseHash { if (valid == null) { - valid = new Boolean(DIGEST0.equals(Util.toString(new MD2().digest()))); + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD2().digest()))); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/MD4.java b/libjava/classpath/gnu/java/security/hash/MD4.java index 54dda358b11..a09eb170554 100644 --- a/libjava/classpath/gnu/java/security/hash/MD4.java +++ b/libjava/classpath/gnu/java/security/hash/MD4.java @@ -154,7 +154,7 @@ public class MD4 extends BaseHash { if (valid == null) { - valid = new Boolean(DIGEST0.equals(Util.toString(new MD4().digest()))); + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD4().digest()))); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/MD5.java b/libjava/classpath/gnu/java/security/hash/MD5.java index 463292984dd..165392394fc 100644 --- a/libjava/classpath/gnu/java/security/hash/MD5.java +++ b/libjava/classpath/gnu/java/security/hash/MD5.java @@ -358,7 +358,7 @@ public class MD5 extends BaseHash { if (valid == null) { - valid = new Boolean(DIGEST0.equals(Util.toString(new MD5().digest()))); + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD5().digest()))); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD128.java b/libjava/classpath/gnu/java/security/hash/RipeMD128.java index 83e8f25044d..31874a0c29a 100644 --- a/libjava/classpath/gnu/java/security/hash/RipeMD128.java +++ b/libjava/classpath/gnu/java/security/hash/RipeMD128.java @@ -283,7 +283,7 @@ public class RipeMD128 extends BaseHash { if (valid == null) { - valid = new Boolean + valid = Boolean.valueOf (DIGEST0.equals(Util.toString(new RipeMD128().digest()))); } return valid.booleanValue(); diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD160.java b/libjava/classpath/gnu/java/security/hash/RipeMD160.java index 73ecc5161d7..642ffb32de6 100644 --- a/libjava/classpath/gnu/java/security/hash/RipeMD160.java +++ b/libjava/classpath/gnu/java/security/hash/RipeMD160.java @@ -320,7 +320,7 @@ public class RipeMD160 extends BaseHash { if (valid == null) { - valid = new Boolean + valid = Boolean.valueOf (DIGEST0.equals(Util.toString(new RipeMD160().digest()))); } return valid.booleanValue(); diff --git a/libjava/classpath/gnu/java/security/hash/Sha160.java b/libjava/classpath/gnu/java/security/hash/Sha160.java index bf5f45652a1..037b118e601 100644 --- a/libjava/classpath/gnu/java/security/hash/Sha160.java +++ b/libjava/classpath/gnu/java/security/hash/Sha160.java @@ -229,7 +229,7 @@ public class Sha160 extends BaseHash md.update((byte) 0x62); // b md.update((byte) 0x63); // c String result = Util.toString(md.digest()); - valid = new Boolean(DIGEST0.equals(result)); + valid = Boolean.valueOf(DIGEST0.equals(result)); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/Sha256.java b/libjava/classpath/gnu/java/security/hash/Sha256.java index 9ef70a1a6a3..284425ea43a 100644 --- a/libjava/classpath/gnu/java/security/hash/Sha256.java +++ b/libjava/classpath/gnu/java/security/hash/Sha256.java @@ -217,7 +217,7 @@ public class Sha256 extends BaseHash md.update((byte) 0x62); // b md.update((byte) 0x63); // c String result = Util.toString(md.digest()); - valid = new Boolean(DIGEST0.equals(result)); + valid = Boolean.valueOf(DIGEST0.equals(result)); } return valid.booleanValue(); diff --git a/libjava/classpath/gnu/java/security/hash/Sha384.java b/libjava/classpath/gnu/java/security/hash/Sha384.java index 2f619dc984d..332f048d782 100644 --- a/libjava/classpath/gnu/java/security/hash/Sha384.java +++ b/libjava/classpath/gnu/java/security/hash/Sha384.java @@ -254,7 +254,7 @@ public class Sha384 extends BaseHash md.update((byte) 0x62); // b md.update((byte) 0x63); // c String result = Util.toString(md.digest()); - valid = new Boolean(DIGEST0.equals(result)); + valid = Boolean.valueOf(DIGEST0.equals(result)); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/Sha512.java b/libjava/classpath/gnu/java/security/hash/Sha512.java index 798b34dfc1d..da035dcfc2d 100644 --- a/libjava/classpath/gnu/java/security/hash/Sha512.java +++ b/libjava/classpath/gnu/java/security/hash/Sha512.java @@ -256,7 +256,7 @@ public class Sha512 extends BaseHash md.update((byte) 0x62); // b md.update((byte) 0x63); // c String result = Util.toString(md.digest()); - valid = new Boolean(DIGEST0.equals(result)); + valid = Boolean.valueOf(DIGEST0.equals(result)); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/Tiger.java b/libjava/classpath/gnu/java/security/hash/Tiger.java index f39fed30d62..be0921dceb5 100644 --- a/libjava/classpath/gnu/java/security/hash/Tiger.java +++ b/libjava/classpath/gnu/java/security/hash/Tiger.java @@ -640,7 +640,7 @@ public class Tiger extends BaseHash { if (valid == null) { - valid = new Boolean(DIGEST0.equals(Util.toString(new Tiger().digest()))); + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Tiger().digest()))); } return valid.booleanValue(); } diff --git a/libjava/classpath/gnu/java/security/hash/Whirlpool.java b/libjava/classpath/gnu/java/security/hash/Whirlpool.java index 8c5d9f360d0..b10fa53cd7f 100644 --- a/libjava/classpath/gnu/java/security/hash/Whirlpool.java +++ b/libjava/classpath/gnu/java/security/hash/Whirlpool.java @@ -42,25 +42,25 @@ import gnu.java.security.Registry; import gnu.java.security.util.Util; /** - * <p>Whirlpool, a new 512-bit hashing function operating on messages less than + * Whirlpool, a new 512-bit hashing function operating on messages less than * 2 ** 256 bits in length. The function structure is designed according to the * Wide Trail strategy and permits a wide variety of implementation trade-offs. - * </p> - * - * <p><b>IMPORTANT</b>: This implementation is not thread-safe.</p> - * - * <p>References:</p> - * + * <p> + * This implementation is of Whirlpool Version 3, described in [1] last revised + * on May 24th, 2003. + * <p> + * <b>IMPORTANT</b>: This implementation is not thread-safe. + * <p> + * References: * <ol> * <li><a href="http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html"> * The WHIRLPOOL Hashing Function</a>.<br> * <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and - * <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li> + * <a href="mailto:vincent.rijmen@iaik.tugraz.at">Vincent Rijmen</a>.</li> * </ol> */ public final class Whirlpool extends BaseHash { - // Debugging methods and variables // ------------------------------------------------------------------------- @@ -74,45 +74,43 @@ public final class Whirlpool extends BaseHash private static final int BLOCK_SIZE = 64; // inner block size in bytes /** The digest of the 0-bit long message. */ - private static final String DIGEST0 = "470F0409ABAA446E49667D4EBE12A14387CEDBD10DD17B8243CAD550A089DC0F" - + "EEA7AA40F6C2AAAB71C6EBD076E43C7CFCA0AD32567897DCB5969861049A0F5A"; - - private static final int R = 10; // default number of rounds - - private static final String Sd = // p. 19 [WHIRLPOOL] - "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152" - + "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57" - + "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85" - + "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8" - + "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333" - + "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0" - + "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE" - + "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d" - + "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF" - + "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A" - + "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c" - + "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04" - + "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB" - + "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9" - + "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1" - + "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886"; - + private static final String DIGEST0 = + "19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A7" + + "3E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3"; + + /** Default number of rounds. */ + private static final int R = 10; + + /** Whirlpool S-box; p. 19. */ + private static final String S_box = // p. 19 [WHIRLPOOL] + "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152" + + "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57" + + "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85" + + "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8" + + "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333" + + "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0" + + "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE" + + "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d" + + "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF" + + "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A" + + "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c" + + "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04" + + "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB" + + "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9" + + "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1" + + "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886"; + + /** The 64-bit lookup tables; section 7.1 p. 13. */ private static final long[] T0 = new long[256]; - private static final long[] T1 = new long[256]; - private static final long[] T2 = new long[256]; - private static final long[] T3 = new long[256]; - private static final long[] T4 = new long[256]; - private static final long[] T5 = new long[256]; - private static final long[] T6 = new long[256]; - private static final long[] T7 = new long[256]; + /** The round constants. */ private static final long[] rc = new long[R]; /** caches the result of the correctness test, once executed. */ @@ -123,12 +121,10 @@ public final class Whirlpool extends BaseHash /** Work area for computing the round key schedule. */ private long k00, k01, k02, k03, k04, k05, k06, k07; - private long Kr0, Kr1, Kr2, Kr3, Kr4, Kr5, Kr6, Kr7; /** work area for transforming the 512-bit buffer. */ private long n0, n1, n2, n3, n4, n5, n6, n7; - private long nn0, nn1, nn2, nn3, nn4, nn5, nn6, nn7; /** work area for holding block cipher's intermediate values. */ @@ -140,72 +136,67 @@ public final class Whirlpool extends BaseHash { long time = System.currentTimeMillis(); - int ROOT = 0x11d; // para. 2.1 [WHIRLPOOL] + int ROOT = 0x11D; // para. 2.1 [WHIRLPOOL] int i, r, j; - long s, s2, s3, s4, s5, s8, s9, t; + long s1, s2, s4, s5, s8, s9, t; char c; final byte[] S = new byte[256]; for (i = 0; i < 256; i++) { - c = Sd.charAt(i >>> 1); + c = S_box.charAt(i >>> 1); - s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFFL; - s2 = s << 1; + s1 = ((i & 1) == 0 ? c >>> 8 : c) & 0xFFL; + s2 = s1 << 1; if (s2 > 0xFFL) - { - s2 ^= ROOT; - } - s3 = s2 ^ s; + s2 ^= ROOT; + s4 = s2 << 1; if (s4 > 0xFFL) - { - s4 ^= ROOT; - } - s5 = s4 ^ s; + s4 ^= ROOT; + + s5 = s4 ^ s1; s8 = s4 << 1; if (s8 > 0xFFL) - { - s8 ^= ROOT; - } - s9 = s8 ^ s; + s8 ^= ROOT; - S[i] = (byte) s; - T0[i] = t = s << 56 | s << 48 | s3 << 40 | s << 32 | s5 << 24 - | s8 << 16 | s9 << 8 | s5; - T1[i] = t >>> 8 | t << 56; + s9 = s8 ^ s1; + + T0[i] = t = s1 << 56 | s1 << 48 | s4 << 40 | s1 << 32 + | s8 << 24 | s5 << 16 | s2 << 8 | s9; + T1[i] = t >>> 8 | t << 56; T2[i] = t >>> 16 | t << 48; T3[i] = t >>> 24 | t << 40; T4[i] = t >>> 32 | t << 32; T5[i] = t >>> 40 | t << 24; T6[i] = t >>> 48 | t << 16; - T7[i] = t >>> 56 | t << 8; + T7[i] = t >>> 56 | t << 8; } - for (r = 1, i = 0, j = 0; r < R + 1; r++) - { - rc[i++] = (S[j++] & 0xFFL) << 56 | (S[j++] & 0xFFL) << 48 - | (S[j++] & 0xFFL) << 40 | (S[j++] & 0xFFL) << 32 - | (S[j++] & 0xFFL) << 24 | (S[j++] & 0xFFL) << 16 - | (S[j++] & 0xFFL) << 8 | (S[j++] & 0xFFL); - } + for (r = 0, i = 0; r < R; ) + rc[r++] = (T0[i++] & 0xFF00000000000000L) + ^ (T1[i++] & 0x00FF000000000000L) + ^ (T2[i++] & 0x0000FF0000000000L) + ^ (T3[i++] & 0x000000FF00000000L) + ^ (T4[i++] & 0x00000000FF000000L) + ^ (T5[i++] & 0x0000000000FF0000L) + ^ (T6[i++] & 0x000000000000FF00L) + ^ (T7[i++] & 0x00000000000000FFL); time = System.currentTimeMillis() - time; - if (DEBUG && debuglevel > 8) { System.out.println("=========="); System.out.println(); System.out.println("Static data"); System.out.println(); - + System.out.println(); System.out.println("T0[]:"); for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -213,9 +204,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -223,9 +213,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -233,9 +222,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -243,9 +231,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -253,9 +240,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -263,9 +249,8 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); @@ -273,17 +258,15 @@ public final class Whirlpool extends BaseHash for (i = 0; i < 64; i++) { for (j = 0; j < 4; j++) - { - System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); - } + System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", "); + System.out.println(); } System.out.println(); System.out.println("rc[]:"); for (i = 0; i < R; i++) - { - System.out.println("0x" + Util.toString(rc[i])); - } + System.out.println("0x" + Util.toString(rc[i])); + System.out.println(); System.out.println(); @@ -340,38 +323,70 @@ public final class Whirlpool extends BaseHash protected void transform(byte[] in, int offset) { // apply mu to the input - n0 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n1 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n2 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n3 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n4 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n5 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n6 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); - n7 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48 - | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32 - | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16 - | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL); + n0 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n1 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n2 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n3 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n4 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n5 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n6 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); + n7 = (in[offset++] & 0xFFL) << 56 + | (in[offset++] & 0xFFL) << 48 + | (in[offset++] & 0xFFL) << 40 + | (in[offset++] & 0xFFL) << 32 + | (in[offset++] & 0xFFL) << 24 + | (in[offset++] & 0xFFL) << 16 + | (in[offset++] & 0xFFL) << 8 + | (in[offset++] & 0xFFL); // transform K into the key schedule Kr; 0 <= r <= R k00 = H0; @@ -399,62 +414,70 @@ public final class Whirlpool extends BaseHash { // 1. compute intermediate round key schedule by applying ro[rc] // to the previous round key schedule --rc being the round constant - Kr0 = T0[(int) ((k00 >> 56) & 0xFFL)] ^ T1[(int) ((k07 >> 48) & 0xFFL)] - ^ T2[(int) ((k06 >> 40) & 0xFFL)] - ^ T3[(int) ((k05 >> 32) & 0xFFL)] - ^ T4[(int) ((k04 >> 24) & 0xFFL)] - ^ T5[(int) ((k03 >> 16) & 0xFFL)] - ^ T6[(int) ((k02 >> 8) & 0xFFL)] ^ T7[(int) (k01 & 0xFFL)] - ^ rc[r]; - - Kr1 = T0[(int) ((k01 >> 56) & 0xFFL)] ^ T1[(int) ((k00 >> 48) & 0xFFL)] - ^ T2[(int) ((k07 >> 40) & 0xFFL)] - ^ T3[(int) ((k06 >> 32) & 0xFFL)] - ^ T4[(int) ((k05 >> 24) & 0xFFL)] - ^ T5[(int) ((k04 >> 16) & 0xFFL)] - ^ T6[(int) ((k03 >> 8) & 0xFFL)] ^ T7[(int) (k02 & 0xFFL)]; - - Kr2 = T0[(int) ((k02 >> 56) & 0xFFL)] ^ T1[(int) ((k01 >> 48) & 0xFFL)] - ^ T2[(int) ((k00 >> 40) & 0xFFL)] - ^ T3[(int) ((k07 >> 32) & 0xFFL)] - ^ T4[(int) ((k06 >> 24) & 0xFFL)] - ^ T5[(int) ((k05 >> 16) & 0xFFL)] - ^ T6[(int) ((k04 >> 8) & 0xFFL)] ^ T7[(int) (k03 & 0xFFL)]; - - Kr3 = T0[(int) ((k03 >> 56) & 0xFFL)] ^ T1[(int) ((k02 >> 48) & 0xFFL)] - ^ T2[(int) ((k01 >> 40) & 0xFFL)] - ^ T3[(int) ((k00 >> 32) & 0xFFL)] - ^ T4[(int) ((k07 >> 24) & 0xFFL)] - ^ T5[(int) ((k06 >> 16) & 0xFFL)] - ^ T6[(int) ((k05 >> 8) & 0xFFL)] ^ T7[(int) (k04 & 0xFFL)]; - - Kr4 = T0[(int) ((k04 >> 56) & 0xFFL)] ^ T1[(int) ((k03 >> 48) & 0xFFL)] - ^ T2[(int) ((k02 >> 40) & 0xFFL)] - ^ T3[(int) ((k01 >> 32) & 0xFFL)] - ^ T4[(int) ((k00 >> 24) & 0xFFL)] - ^ T5[(int) ((k07 >> 16) & 0xFFL)] - ^ T6[(int) ((k06 >> 8) & 0xFFL)] ^ T7[(int) (k05 & 0xFFL)]; - - Kr5 = T0[(int) ((k05 >> 56) & 0xFFL)] ^ T1[(int) ((k04 >> 48) & 0xFFL)] - ^ T2[(int) ((k03 >> 40) & 0xFFL)] - ^ T3[(int) ((k02 >> 32) & 0xFFL)] - ^ T4[(int) ((k01 >> 24) & 0xFFL)] - ^ T5[(int) ((k00 >> 16) & 0xFFL)] - ^ T6[(int) ((k07 >> 8) & 0xFFL)] ^ T7[(int) (k06 & 0xFFL)]; - - Kr6 = T0[(int) ((k06 >> 56) & 0xFFL)] ^ T1[(int) ((k05 >> 48) & 0xFFL)] - ^ T2[(int) ((k04 >> 40) & 0xFFL)] - ^ T3[(int) ((k03 >> 32) & 0xFFL)] - ^ T4[(int) ((k02 >> 24) & 0xFFL)] - ^ T5[(int) ((k01 >> 16) & 0xFFL)] - ^ T6[(int) ((k00 >> 8) & 0xFFL)] ^ T7[(int) (k07 & 0xFFL)]; - - Kr7 = T0[(int) ((k07 >> 56) & 0xFFL)] ^ T1[(int) ((k06 >> 48) & 0xFFL)] - ^ T2[(int) ((k05 >> 40) & 0xFFL)] - ^ T3[(int) ((k04 >> 32) & 0xFFL)] - ^ T4[(int) ((k03 >> 24) & 0xFFL)] - ^ T5[(int) ((k02 >> 16) & 0xFFL)] - ^ T6[(int) ((k01 >> 8) & 0xFFL)] ^ T7[(int) (k00 & 0xFFL)]; + Kr0 = T0[(int)((k00 >> 56) & 0xFFL)] + ^ T1[(int)((k07 >> 48) & 0xFFL)] + ^ T2[(int)((k06 >> 40) & 0xFFL)] + ^ T3[(int)((k05 >> 32) & 0xFFL)] + ^ T4[(int)((k04 >> 24) & 0xFFL)] + ^ T5[(int)((k03 >> 16) & 0xFFL)] + ^ T6[(int)((k02 >> 8) & 0xFFL)] + ^ T7[(int)( k01 & 0xFFL)] ^ rc[r]; + Kr1 = T0[(int)((k01 >> 56) & 0xFFL)] + ^ T1[(int)((k00 >> 48) & 0xFFL)] + ^ T2[(int)((k07 >> 40) & 0xFFL)] + ^ T3[(int)((k06 >> 32) & 0xFFL)] + ^ T4[(int)((k05 >> 24) & 0xFFL)] + ^ T5[(int)((k04 >> 16) & 0xFFL)] + ^ T6[(int)((k03 >> 8) & 0xFFL)] + ^ T7[(int)( k02 & 0xFFL)]; + Kr2 = T0[(int)((k02 >> 56) & 0xFFL)] + ^ T1[(int)((k01 >> 48) & 0xFFL)] + ^ T2[(int)((k00 >> 40) & 0xFFL)] + ^ T3[(int)((k07 >> 32) & 0xFFL)] + ^ T4[(int)((k06 >> 24) & 0xFFL)] + ^ T5[(int)((k05 >> 16) & 0xFFL)] + ^ T6[(int)((k04 >> 8) & 0xFFL)] + ^ T7[(int)( k03 & 0xFFL)]; + Kr3 = T0[(int)((k03 >> 56) & 0xFFL)] + ^ T1[(int)((k02 >> 48) & 0xFFL)] + ^ T2[(int)((k01 >> 40) & 0xFFL)] + ^ T3[(int)((k00 >> 32) & 0xFFL)] + ^ T4[(int)((k07 >> 24) & 0xFFL)] + ^ T5[(int)((k06 >> 16) & 0xFFL)] + ^ T6[(int)((k05 >> 8) & 0xFFL)] + ^ T7[(int)( k04 & 0xFFL)]; + Kr4 = T0[(int)((k04 >> 56) & 0xFFL)] + ^ T1[(int)((k03 >> 48) & 0xFFL)] + ^ T2[(int)((k02 >> 40) & 0xFFL)] + ^ T3[(int)((k01 >> 32) & 0xFFL)] + ^ T4[(int)((k00 >> 24) & 0xFFL)] + ^ T5[(int)((k07 >> 16) & 0xFFL)] + ^ T6[(int)((k06 >> 8) & 0xFFL)] + ^ T7[(int)( k05 & 0xFFL)]; + Kr5 = T0[(int)((k05 >> 56) & 0xFFL)] + ^ T1[(int)((k04 >> 48) & 0xFFL)] + ^ T2[(int)((k03 >> 40) & 0xFFL)] + ^ T3[(int)((k02 >> 32) & 0xFFL)] + ^ T4[(int)((k01 >> 24) & 0xFFL)] + ^ T5[(int)((k00 >> 16) & 0xFFL)] + ^ T6[(int)((k07 >> 8) & 0xFFL)] + ^ T7[(int)( k06 & 0xFFL)]; + Kr6 = T0[(int)((k06 >> 56) & 0xFFL)] + ^ T1[(int)((k05 >> 48) & 0xFFL)] + ^ T2[(int)((k04 >> 40) & 0xFFL)] + ^ T3[(int)((k03 >> 32) & 0xFFL)] + ^ T4[(int)((k02 >> 24) & 0xFFL)] + ^ T5[(int)((k01 >> 16) & 0xFFL)] + ^ T6[(int)((k00 >> 8) & 0xFFL)] + ^ T7[(int)( k07 & 0xFFL)]; + Kr7 = T0[(int)((k07 >> 56) & 0xFFL)] + ^ T1[(int)((k06 >> 48) & 0xFFL)] + ^ T2[(int)((k05 >> 40) & 0xFFL)] + ^ T3[(int)((k04 >> 32) & 0xFFL)] + ^ T4[(int)((k03 >> 24) & 0xFFL)] + ^ T5[(int)((k02 >> 16) & 0xFFL)] + ^ T6[(int)((k01 >> 8) & 0xFFL)] + ^ T7[(int)( k00 & 0xFFL)]; k00 = Kr0; k01 = Kr1; @@ -466,54 +489,70 @@ public final class Whirlpool extends BaseHash k07 = Kr7; // 2. incrementally compute the cipher output - w0 = T0[(int) ((nn0 >> 56) & 0xFFL)] ^ T1[(int) ((nn7 >> 48) & 0xFFL)] - ^ T2[(int) ((nn6 >> 40) & 0xFFL)] - ^ T3[(int) ((nn5 >> 32) & 0xFFL)] - ^ T4[(int) ((nn4 >> 24) & 0xFFL)] - ^ T5[(int) ((nn3 >> 16) & 0xFFL)] ^ T6[(int) ((nn2 >> 8) & 0xFFL)] - ^ T7[(int) (nn1 & 0xFFL)] ^ Kr0; - w1 = T0[(int) ((nn1 >> 56) & 0xFFL)] ^ T1[(int) ((nn0 >> 48) & 0xFFL)] - ^ T2[(int) ((nn7 >> 40) & 0xFFL)] - ^ T3[(int) ((nn6 >> 32) & 0xFFL)] - ^ T4[(int) ((nn5 >> 24) & 0xFFL)] - ^ T5[(int) ((nn4 >> 16) & 0xFFL)] ^ T6[(int) ((nn3 >> 8) & 0xFFL)] - ^ T7[(int) (nn2 & 0xFFL)] ^ Kr1; - w2 = T0[(int) ((nn2 >> 56) & 0xFFL)] ^ T1[(int) ((nn1 >> 48) & 0xFFL)] - ^ T2[(int) ((nn0 >> 40) & 0xFFL)] - ^ T3[(int) ((nn7 >> 32) & 0xFFL)] - ^ T4[(int) ((nn6 >> 24) & 0xFFL)] - ^ T5[(int) ((nn5 >> 16) & 0xFFL)] ^ T6[(int) ((nn4 >> 8) & 0xFFL)] - ^ T7[(int) (nn3 & 0xFFL)] ^ Kr2; - w3 = T0[(int) ((nn3 >> 56) & 0xFFL)] ^ T1[(int) ((nn2 >> 48) & 0xFFL)] - ^ T2[(int) ((nn1 >> 40) & 0xFFL)] - ^ T3[(int) ((nn0 >> 32) & 0xFFL)] - ^ T4[(int) ((nn7 >> 24) & 0xFFL)] - ^ T5[(int) ((nn6 >> 16) & 0xFFL)] ^ T6[(int) ((nn5 >> 8) & 0xFFL)] - ^ T7[(int) (nn4 & 0xFFL)] ^ Kr3; - w4 = T0[(int) ((nn4 >> 56) & 0xFFL)] ^ T1[(int) ((nn3 >> 48) & 0xFFL)] - ^ T2[(int) ((nn2 >> 40) & 0xFFL)] - ^ T3[(int) ((nn1 >> 32) & 0xFFL)] - ^ T4[(int) ((nn0 >> 24) & 0xFFL)] - ^ T5[(int) ((nn7 >> 16) & 0xFFL)] ^ T6[(int) ((nn6 >> 8) & 0xFFL)] - ^ T7[(int) (nn5 & 0xFFL)] ^ Kr4; - w5 = T0[(int) ((nn5 >> 56) & 0xFFL)] ^ T1[(int) ((nn4 >> 48) & 0xFFL)] - ^ T2[(int) ((nn3 >> 40) & 0xFFL)] - ^ T3[(int) ((nn2 >> 32) & 0xFFL)] - ^ T4[(int) ((nn1 >> 24) & 0xFFL)] - ^ T5[(int) ((nn0 >> 16) & 0xFFL)] ^ T6[(int) ((nn7 >> 8) & 0xFFL)] - ^ T7[(int) (nn6 & 0xFFL)] ^ Kr5; - w6 = T0[(int) ((nn6 >> 56) & 0xFFL)] ^ T1[(int) ((nn5 >> 48) & 0xFFL)] - ^ T2[(int) ((nn4 >> 40) & 0xFFL)] - ^ T3[(int) ((nn3 >> 32) & 0xFFL)] - ^ T4[(int) ((nn2 >> 24) & 0xFFL)] - ^ T5[(int) ((nn1 >> 16) & 0xFFL)] ^ T6[(int) ((nn0 >> 8) & 0xFFL)] - ^ T7[(int) (nn7 & 0xFFL)] ^ Kr6; - w7 = T0[(int) ((nn7 >> 56) & 0xFFL)] ^ T1[(int) ((nn6 >> 48) & 0xFFL)] - ^ T2[(int) ((nn5 >> 40) & 0xFFL)] - ^ T3[(int) ((nn4 >> 32) & 0xFFL)] - ^ T4[(int) ((nn3 >> 24) & 0xFFL)] - ^ T5[(int) ((nn2 >> 16) & 0xFFL)] ^ T6[(int) ((nn1 >> 8) & 0xFFL)] - ^ T7[(int) (nn0 & 0xFFL)] ^ Kr7; + w0 = T0[(int)((nn0 >> 56) & 0xFFL)] + ^ T1[(int)((nn7 >> 48) & 0xFFL)] + ^ T2[(int)((nn6 >> 40) & 0xFFL)] + ^ T3[(int)((nn5 >> 32) & 0xFFL)] + ^ T4[(int)((nn4 >> 24) & 0xFFL)] + ^ T5[(int)((nn3 >> 16) & 0xFFL)] + ^ T6[(int)((nn2 >> 8) & 0xFFL)] + ^ T7[(int)( nn1 & 0xFFL)] ^ Kr0; + w1 = T0[(int)((nn1 >> 56) & 0xFFL)] + ^ T1[(int)((nn0 >> 48) & 0xFFL)] + ^ T2[(int)((nn7 >> 40) & 0xFFL)] + ^ T3[(int)((nn6 >> 32) & 0xFFL)] + ^ T4[(int)((nn5 >> 24) & 0xFFL)] + ^ T5[(int)((nn4 >> 16) & 0xFFL)] + ^ T6[(int)((nn3 >> 8) & 0xFFL)] + ^ T7[(int)( nn2 & 0xFFL)] ^ Kr1; + w2 = T0[(int)((nn2 >> 56) & 0xFFL)] + ^ T1[(int)((nn1 >> 48) & 0xFFL)] + ^ T2[(int)((nn0 >> 40) & 0xFFL)] + ^ T3[(int)((nn7 >> 32) & 0xFFL)] + ^ T4[(int)((nn6 >> 24) & 0xFFL)] + ^ T5[(int)((nn5 >> 16) & 0xFFL)] + ^ T6[(int)((nn4 >> 8) & 0xFFL)] + ^ T7[(int)( nn3 & 0xFFL)] ^ Kr2; + w3 = T0[(int)((nn3 >> 56) & 0xFFL)] + ^ T1[(int)((nn2 >> 48) & 0xFFL)] + ^ T2[(int)((nn1 >> 40) & 0xFFL)] + ^ T3[(int)((nn0 >> 32) & 0xFFL)] + ^ T4[(int)((nn7 >> 24) & 0xFFL)] + ^ T5[(int)((nn6 >> 16) & 0xFFL)] + ^ T6[(int)((nn5 >> 8) & 0xFFL)] + ^ T7[(int)( nn4 & 0xFFL)] ^ Kr3; + w4 = T0[(int)((nn4 >> 56) & 0xFFL)] + ^ T1[(int)((nn3 >> 48) & 0xFFL)] + ^ T2[(int)((nn2 >> 40) & 0xFFL)] + ^ T3[(int)((nn1 >> 32) & 0xFFL)] + ^ T4[(int)((nn0 >> 24) & 0xFFL)] + ^ T5[(int)((nn7 >> 16) & 0xFFL)] + ^ T6[(int)((nn6 >> 8) & 0xFFL)] + ^ T7[(int)( nn5 & 0xFFL)] ^ Kr4; + w5 = T0[(int)((nn5 >> 56) & 0xFFL)] + ^ T1[(int)((nn4 >> 48) & 0xFFL)] + ^ T2[(int)((nn3 >> 40) & 0xFFL)] + ^ T3[(int)((nn2 >> 32) & 0xFFL)] + ^ T4[(int)((nn1 >> 24) & 0xFFL)] + ^ T5[(int)((nn0 >> 16) & 0xFFL)] + ^ T6[(int)((nn7 >> 8) & 0xFFL)] + ^ T7[(int)( nn6 & 0xFFL)] ^ Kr5; + w6 = T0[(int)((nn6 >> 56) & 0xFFL)] + ^ T1[(int)((nn5 >> 48) & 0xFFL)] + ^ T2[(int)((nn4 >> 40) & 0xFFL)] + ^ T3[(int)((nn3 >> 32) & 0xFFL)] + ^ T4[(int)((nn2 >> 24) & 0xFFL)] + ^ T5[(int)((nn1 >> 16) & 0xFFL)] + ^ T6[(int)((nn0 >> 8) & 0xFFL)] + ^ T7[(int)( nn7 & 0xFFL)] ^ Kr6; + w7 = T0[(int)((nn7 >> 56) & 0xFFL)] + ^ T1[(int)((nn6 >> 48) & 0xFFL)] + ^ T2[(int)((nn5 >> 40) & 0xFFL)] + ^ T3[(int)((nn4 >> 32) & 0xFFL)] + ^ T4[(int)((nn3 >> 24) & 0xFFL)] + ^ T5[(int)((nn2 >> 16) & 0xFFL)] + ^ T6[(int)((nn1 >> 8) & 0xFFL)] + ^ T7[(int)( nn0 & 0xFFL)] ^ Kr7; nn0 = w0; nn1 = w1; @@ -547,7 +586,7 @@ public final class Whirlpool extends BaseHash // are 33 (1 for the 1-bit followed by the 0-bits and the encoding of // the count framed in a 256-bit block). our formula is then: // count + 33 + padding = 0 (mod BLOCK_SIZE) - int n = (int) ((count + 33) % BLOCK_SIZE); + int n = (int)((count + 33) % BLOCK_SIZE); int padding = n == 0 ? 33 : BLOCK_SIZE - n + 33; byte[] result = new byte[padding]; @@ -558,14 +597,14 @@ public final class Whirlpool extends BaseHash // save (right justified) the number of bits hashed long bits = count * 8; int i = padding - 8; - result[i++] = (byte) (bits >>> 56); - result[i++] = (byte) (bits >>> 48); - result[i++] = (byte) (bits >>> 40); - result[i++] = (byte) (bits >>> 32); - result[i++] = (byte) (bits >>> 24); - result[i++] = (byte) (bits >>> 16); - result[i++] = (byte) (bits >>> 8); - result[i] = (byte) bits; + result[i++] = (byte)(bits >>> 56); + result[i++] = (byte)(bits >>> 48); + result[i++] = (byte)(bits >>> 40); + result[i++] = (byte)(bits >>> 32); + result[i++] = (byte)(bits >>> 24); + result[i++] = (byte)(bits >>> 16); + result[i++] = (byte)(bits >>> 8); + result[i ] = (byte) bits; return result; } @@ -573,38 +612,24 @@ public final class Whirlpool extends BaseHash protected byte[] getResult() { // apply inverse mu to the context - byte[] result = new byte[] { (byte) (H0 >>> 56), (byte) (H0 >>> 48), - (byte) (H0 >>> 40), (byte) (H0 >>> 32), - (byte) (H0 >>> 24), (byte) (H0 >>> 16), - (byte) (H0 >>> 8), (byte) H0, - (byte) (H1 >>> 56), (byte) (H1 >>> 48), - (byte) (H1 >>> 40), (byte) (H1 >>> 32), - (byte) (H1 >>> 24), (byte) (H1 >>> 16), - (byte) (H1 >>> 8), (byte) H1, - (byte) (H2 >>> 56), (byte) (H2 >>> 48), - (byte) (H2 >>> 40), (byte) (H2 >>> 32), - (byte) (H2 >>> 24), (byte) (H2 >>> 16), - (byte) (H2 >>> 8), (byte) H2, - (byte) (H3 >>> 56), (byte) (H3 >>> 48), - (byte) (H3 >>> 40), (byte) (H3 >>> 32), - (byte) (H3 >>> 24), (byte) (H3 >>> 16), - (byte) (H3 >>> 8), (byte) H3, - (byte) (H4 >>> 56), (byte) (H4 >>> 48), - (byte) (H4 >>> 40), (byte) (H4 >>> 32), - (byte) (H4 >>> 24), (byte) (H4 >>> 16), - (byte) (H4 >>> 8), (byte) H4, - (byte) (H5 >>> 56), (byte) (H5 >>> 48), - (byte) (H5 >>> 40), (byte) (H5 >>> 32), - (byte) (H5 >>> 24), (byte) (H5 >>> 16), - (byte) (H5 >>> 8), (byte) H5, - (byte) (H6 >>> 56), (byte) (H6 >>> 48), - (byte) (H6 >>> 40), (byte) (H6 >>> 32), - (byte) (H6 >>> 24), (byte) (H6 >>> 16), - (byte) (H6 >>> 8), (byte) H6, - (byte) (H7 >>> 56), (byte) (H7 >>> 48), - (byte) (H7 >>> 40), (byte) (H7 >>> 32), - (byte) (H7 >>> 24), (byte) (H7 >>> 16), - (byte) (H7 >>> 8), (byte) H7 }; + byte[] result = new byte[] { + (byte)(H0 >>> 56), (byte)(H0 >>> 48), (byte)(H0 >>> 40), (byte)(H0 >>> 32), + (byte)(H0 >>> 24), (byte)(H0 >>> 16), (byte)(H0 >>> 8), (byte) H0, + (byte)(H1 >>> 56), (byte)(H1 >>> 48), (byte)(H1 >>> 40), (byte)(H1 >>> 32), + (byte)(H1 >>> 24), (byte)(H1 >>> 16), (byte)(H1 >>> 8), (byte) H1, + (byte)(H2 >>> 56), (byte)(H2 >>> 48), (byte)(H2 >>> 40), (byte)(H2 >>> 32), + (byte)(H2 >>> 24), (byte)(H2 >>> 16), (byte)(H2 >>> 8), (byte) H2, + (byte)(H3 >>> 56), (byte)(H3 >>> 48), (byte)(H3 >>> 40), (byte)(H3 >>> 32), + (byte)(H3 >>> 24), (byte)(H3 >>> 16), (byte)(H3 >>> 8), (byte) H3, + (byte)(H4 >>> 56), (byte)(H4 >>> 48), (byte)(H4 >>> 40), (byte)(H4 >>> 32), + (byte)(H4 >>> 24), (byte)(H4 >>> 16), (byte)(H4 >>> 8), (byte) H4, + (byte)(H5 >>> 56), (byte)(H5 >>> 48), (byte)(H5 >>> 40), (byte)(H5 >>> 32), + (byte)(H5 >>> 24), (byte)(H5 >>> 16), (byte)(H5 >>> 8), (byte) H5, + (byte)(H6 >>> 56), (byte)(H6 >>> 48), (byte)(H6 >>> 40), (byte)(H6 >>> 32), + (byte)(H6 >>> 24), (byte)(H6 >>> 16), (byte)(H6 >>> 8), (byte) H6, + (byte)(H7 >>> 56), (byte)(H7 >>> 48), (byte)(H7 >>> 40), (byte)(H7 >>> 32), + (byte)(H7 >>> 24), (byte)(H7 >>> 16), (byte)(H7 >>> 8), (byte) H7 + }; return result; } @@ -617,10 +642,8 @@ public final class Whirlpool extends BaseHash public boolean selfTest() { if (valid == null) - { - valid = new Boolean( - DIGEST0.equals(Util.toString(new Whirlpool().digest()))); - } + valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Whirlpool().digest()))); + return valid.booleanValue(); } } diff --git a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java index e127779efb4..05595edeae8 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the <code>HAVAL</code> <i>Service Provider Interface</i> * (<b>SPI</b>) Adapter.<p> - * - * @version Revision: $ */ public class HavalSpi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java index 5b6b0e1e1d7..001cbaf3c8e 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the MD2 <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class MD2Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java index 8be44993400..41fef87bf38 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the MD4 <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class MD4Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java index 92fb6ab3864..aa1a8844e36 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the MD5 <i>Service Provider Interface</i> (<b>SPI</b>) * adapter.<p> - * - * @version $Revision: 1.1 $ */ public class MD5Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java index 9b8a73d55fd..e30beca3df3 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java +++ b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java @@ -59,8 +59,6 @@ import java.security.MessageDigestSpi; * * All the implementations which subclass this object, and which are serviced by * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p> - * - * @version $Revision: 1.1 $ */ class MessageDigestAdapter extends MessageDigestSpi implements Cloneable { diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java index b8e90d4bfb4..404214d91ba 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the RIPEMD-128 <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.<p> - * - * @version $Revision: 1.1 $ */ public class RipeMD128Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java index 49615e2fcc8..841f46b3bc2 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the RIPEMD-160 <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.<p> - * - * @version $Revision: 1.1 $ */ public class RipeMD160Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java index a9b72634d78..41988438270 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the SHA-1 (160-bit) <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.<p> - * - * @version $Revision: 1.1 $ */ public class Sha160Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java index 9eeaebdeaec..f07e1894115 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the SHA-2-1 (256-bit) <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class Sha256Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java index 96e1e6eb0ab..fc17077e831 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the SHA-2-2 (384-bit) <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class Sha384Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java index 75c617046fc..0b4c3d62c65 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the SHA-2-3 (512-bit) <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class Sha512Spi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java index b355d78d05c..599437410e6 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * <p>The implementation of the Tiger <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.</p> - * - * @version $Revision: 1.1 $ */ public class TigerSpi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java index e42e74ddb36..d1864bc7cd4 100644 --- a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java +++ b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java @@ -43,8 +43,6 @@ import gnu.java.security.Registry; /** * The implementation of the Whirlpool <i>Service Provider Interface</i> * (<b>SPI</b>) adapter.<p> - * - * @version $Revision: 1.1 $ */ public class WhirlpoolSpi extends MessageDigestAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java index e7cb7209103..70d30f15301 100644 --- a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java +++ b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java @@ -42,7 +42,7 @@ import gnu.java.security.prng.LimitReachedException; import gnu.java.security.prng.MDGenerator; import java.security.SecureRandomSpi; -import java.util.HashMap; +import java.util.Collections; /** * <p>The implementation of a generic {@link java.security.SecureRandom} adapter @@ -80,6 +80,7 @@ abstract class SecureRandomAdapter extends SecureRandomSpi super(); this.mdName = mdName; + adaptee.init (Collections.singletonMap (MDGenerator.MD_NAME, mdName)); } // Class methods @@ -118,9 +119,6 @@ abstract class SecureRandomAdapter extends SecureRandomSpi public void engineSetSeed(byte[] seed) { - HashMap attributes = new HashMap(); - attributes.put(MDGenerator.MD_NAME, mdName); - attributes.put(MDGenerator.SEEED, seed); - adaptee.init(attributes); + adaptee.addRandomBytes (seed); } } diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java index 97e9594f6a5..44503b26b9a 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java @@ -57,8 +57,6 @@ import java.util.HashMap; * In case the client does not explicitly initialize the KeyPairGenerator (via * a call to an <code>initialize()</code> method), the GNU Crypto provider * uses a default <i>modulus</i> size (keysize) of 1024 bits.<p> - * - * @version $Revision: 1.3 $ */ public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements DSAKeyPairGenerator diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java index 16e4ddd4edc..a63c51afab8 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java +++ b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java @@ -45,8 +45,6 @@ import gnu.java.security.sig.dss.DSSSignatureRawCodec; * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter * for the DSS (Digital Signature Standard) signature scheme, encoded and/or * decoded in RAW format.<p> - * - * @version $Revision: 1.1 $ */ public class DSSRawSignatureSpi extends SignatureAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java index 60268299188..edf19f627e0 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java +++ b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java @@ -63,8 +63,6 @@ import java.security.spec.AlgorithmParameterSpec; * supplies (and document) default values to be used. For example, the GNU * Crypto provider uses a default <i>modulus</i> size (keysize) of 1024 bits for * the DSS (Digital Signature Standard) a.k.a <i>DSA</i>.<p> - * - * @version $Revision: 1.3 $ */ public abstract class KeyPairGeneratorAdapter extends KeyPairGenerator { diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java index fecf54cb8e9..674e2afb6a5 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java @@ -84,7 +84,7 @@ public class RSAKeyFactory PublicKey result; try { - result = new RSAKeyPairX509Codec().decodePublicKey(encoded); + return new RSAKeyPairX509Codec().decodePublicKey(encoded); } catch (RuntimeException x) { @@ -131,7 +131,7 @@ public class RSAKeyFactory PrivateKey result; try { - result = new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded); + return new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded); } catch (RuntimeException x) { diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java index e44b8adf14d..f3548d884d6 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java +++ b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java @@ -44,8 +44,6 @@ import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec; /** * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter * for the RSA-PSS signature scheme, encoded and/or decoded in RAW format.<p> - * - * @version $Revision: 1.1 $ */ public class RSAPSSRawSignatureSpi extends SignatureAdapter { diff --git a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java index 6cb7c7c7128..4dcbe78e570 100644 --- a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java +++ b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java @@ -69,8 +69,6 @@ import java.util.logging.Logger; * * All the implementations which subclass this object, and which are serviced by * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p> - * - * @version $Revision: 1.2 $ */ class SignatureAdapter extends SignatureSpi implements Cloneable { diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java index c64f928574b..965a317d4ff 100644 --- a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java +++ b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java @@ -48,8 +48,6 @@ import java.security.PublicKey; * cryptographic asymmetric keypairs. Codecs are useful for (a) externalising * public and private keys for storage and on-the-wire transmission, as well as * (b) re-creating their internal Java representation from external sources.</p> - * - * @version $Revision: 1.2 $ */ public interface IKeyPairCodec { diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java index 219863d33eb..2e0b299286b 100644 --- a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java +++ b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java @@ -43,8 +43,6 @@ import java.util.Map; /** * The visible methods of every asymmetric keypair generator.<p> - * - * @version $Revision: 1.1 $ */ public interface IKeyPairGenerator { diff --git a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java index edcc186e2c7..8c2f348c9c7 100644 --- a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java +++ b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java @@ -49,8 +49,6 @@ import java.util.Set; /** * <p>A Factory to instantiate asymmetric keypair generators.</p> - * - * @version $Revision: 1.1 $ */ public class KeyPairGeneratorFactory { @@ -87,7 +85,7 @@ public class KeyPairGeneratorFactory name = name.trim(); IKeyPairGenerator result = null; if (name.equalsIgnoreCase(Registry.DSA_KPG) - || name.equals(Registry.DSS_KPG)) + || name.equalsIgnoreCase(Registry.DSS_KPG)) { result = new DSSKeyPairGenerator(); } @@ -118,6 +116,7 @@ public class KeyPairGeneratorFactory { HashSet hs = new HashSet(); hs.add(Registry.DSS_KPG); + hs.add(Registry.DSA_KPG); hs.add(Registry.RSA_KPG); hs.add(Registry.DH_KPG); hs.add(Registry.SRP_KPG); @@ -135,11 +134,9 @@ public class KeyPairGeneratorFactory } catch (Exception x) { - IllegalArgumentException iae = - new IllegalArgumentException ("strong crypto key pair generator not available: " - + clazz); - iae.initCause (x); - throw iae; + throw new IllegalArgumentException( + "strong crypto key pair generator not available: " + clazz, + x); } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java index 428cab1e78e..40aaea89352 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.util.FormatUtil; @@ -59,7 +60,6 @@ import java.security.spec.DSAParameterSpec; * the relevant <code>getEncoded()</code> methods of each of the private and * public keys.</p> * - * @version $Revision: 1.4 $ * @see DSSPrivateKey#getEncoded * @see DSSPublicKey#getEncoded */ @@ -95,6 +95,9 @@ public abstract class DSSKey implements Key, DSAKey */ protected final int defaultFormat; + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -176,6 +179,22 @@ public abstract class DSSKey implements Key, DSAKey && g.equals(that.getParams().getG()); } + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder().append(ls) + .append("defaultFormat=").append(defaultFormat).append(",").append(ls) + .append("p=0x").append(p.toString(16)).append(",").append(ls) + .append("q=0x").append(q.toString(16)).append(",").append(ls) + .append("g=0x").append(g.toString(16)) + .toString(); + } + + return str; + } + // abstract methods to be implemented by subclasses ------------------------ public abstract byte[] getEncoded(int format); diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java index 30e30bd144d..3a115b96378 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java @@ -55,6 +55,7 @@ import java.security.InvalidParameterException; import java.security.PrivateKey; import java.security.PublicKey; import java.util.ArrayList; +import java.util.logging.Logger; /** * An implementation of an {@link IKeyPairCodec} that knows how to encode / @@ -65,6 +66,7 @@ import java.util.ArrayList; public class DSSKeyPairPKCS8Codec implements IKeyPairCodec { + private static final Logger log = Logger.getLogger(DSSKeyPairPKCS8Codec.class.getName()); private static final OID DSA_ALG_OID = new OID(Registry.DSA_OID_STRING); // implicit 0-arguments constructor @@ -137,7 +139,9 @@ public class DSSKeyPairPKCS8Codec DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, algorithmID); - DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, Util.trim(x)); + // The OCTET STRING is the DER encoding of an INTEGER. + DERValue derX = new DERValue(DER.INTEGER, x); + DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, derX.getEncoded()); ArrayList pki = new ArrayList(3); pki.add(derVersion); @@ -180,6 +184,8 @@ public class DSSKeyPairPKCS8Codec */ public PrivateKey decodePrivateKey(byte[] input) { + log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey"); + if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -220,8 +226,13 @@ public class DSSKeyPairPKCS8Codec g = (BigInteger) val.getValue(); val = der.read(); + log.finest("val = " + val); byte[] xBytes = (byte[]) val.getValue(); - x = new BigInteger(1, xBytes); + log.finest(Util.dumpString(xBytes, "xBytes: ")); + DERReader der2 = new DERReader(xBytes); + val = der2.read(); + DerUtil.checkIsBigInteger(val, "Wrong X field"); + x = (BigInteger) val.getValue(); } catch (IOException e) { @@ -230,6 +241,7 @@ public class DSSKeyPairPKCS8Codec throw y; } + log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey"); return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java index 86e5b0bef7e..7c5491d6f37 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java @@ -49,8 +49,6 @@ import java.security.PublicKey; /** * <p>An object that implements the {@link IKeyPairCodec} operations for the * <i>Raw</i> format to use with DSS keypairs.</p> - * - * @version $Revision: 1.1 $ */ public class DSSKeyPairRawCodec implements IKeyPairCodec { diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java index c81eb93b078..fe59cb6d77b 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -48,21 +49,24 @@ import java.security.interfaces.DSAPrivateKey; /** * <p>An object that embodies a DSS (Digital Signature Standard) private key.</p> * - * @version $Revision: 1.2 $ * @see #getEncoded */ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey { - // Constants and variables // ------------------------------------------------------------------------- + private static final boolean DEBUG = false; + /** * <p>A randomly or pseudorandomly generated integer with <code>0 < x < * q</code>.</p> */ private final BigInteger x; + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -198,4 +202,18 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey DSAPrivateKey that = (DSAPrivateKey) obj; return super.equals(that) && x.equals(that.getX()); } + + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls) + .append(")").toString(); + } + + return str; + } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java index 93bb6402203..52292131336 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -48,12 +49,10 @@ import java.security.interfaces.DSAPublicKey; /** * <p>An object that embodies a DSS (Digital Signature Standard) public key.</p> * - * @version $Revision: 1.2 $ * @see #getEncoded */ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey { - // Constants and variables // ------------------------------------------------------------------------- @@ -63,6 +62,9 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey */ private final BigInteger y; + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -198,4 +200,18 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey DSAPublicKey that = (DSAPublicKey) obj; return super.equals(that) && y.equals(that.getY()); } + + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append("y=0x").append(y.toString(16)).append(ls) + .append(")").toString(); + } + + return str; + } } diff --git a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java index 74be626f58e..5984bcc9393 100644 --- a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java +++ b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java @@ -53,8 +53,6 @@ import java.security.SecureRandom; * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature * Standard (DSS)</a>, Federal Information Processing Standards Publication 186. * National Institute of Standards and Technology. - * - * @version $Revision: 1.2 $ */ public class FIPS186 { diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java index 72cd808d43b..3009dd71fa0 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java @@ -38,8 +38,8 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; -import gnu.java.security.key.IKeyPairCodec; import gnu.java.security.util.FormatUtil; import java.math.BigInteger; @@ -48,8 +48,6 @@ import java.security.interfaces.RSAKey; /** * <p>A base asbtract class for both public and private RSA keys.</p> - * - * @version $Revision: 1.3 $ */ public abstract class GnuRSAKey implements Key, RSAKey { @@ -69,6 +67,9 @@ public abstract class GnuRSAKey implements Key, RSAKey */ protected final int defaultFormat; + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -113,7 +114,7 @@ public abstract class GnuRSAKey implements Key, RSAKey /** @deprecated see getEncoded(int). */ public byte[] getEncoded() { - return getEncoded(IKeyPairCodec.RAW_FORMAT); + return getEncoded(defaultFormat); } public String getFormat() @@ -175,6 +176,20 @@ public abstract class GnuRSAKey implements Key, RSAKey return n.equals(that.getModulus()); } + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder().append(ls) + .append("defaultFormat=").append(defaultFormat).append(",").append(ls) + .append("n=0x").append(n.toString(16)).append(",").append(ls) + .append("e=0x").append(e.toString(16)) + .toString(); + } + return str; + } + // abstract methods to be implemented by subclasses ------------------------ public abstract byte[] getEncoded(int format); diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java index f8acaa50df7..92053448763 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -56,16 +57,15 @@ import java.security.interfaces.RSAPrivateKey; * Primitive specification and supporting documentation.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.3 $ */ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, RSAPrivateCrtKey { - // Constants and variables // ------------------------------------------------------------------------- + private static final boolean DEBUG = false; + /** The first prime divisor of the modulus. */ private final BigInteger p; @@ -86,6 +86,9 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, /** The CRT (Chinese Remainder Theorem) coefficient. */ private final BigInteger qInv; + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -296,4 +299,22 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, } return false; } + + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append("d=0x").append(DEBUG ? d.toString(16) : "**...*").append(ls) + .append("p=0x").append(DEBUG ? p.toString(16) : "**...*").append(ls) + .append("q=0x").append(DEBUG ? q.toString(16) : "**...*").append(ls) + .append("dP=0x").append(DEBUG ? dP.toString(16) : "**...*").append(ls) + .append("dQ=0x").append(DEBUG ? dQ.toString(16) : "**...*").append(ls) + .append("qInv=0x").append(DEBUG ? qInv.toString(16) : "**...*").append(ls) + .append(")").toString(); + } + return str; + } } diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java index f49027ca621..8badede1422 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.classpath.SystemProperties; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; @@ -55,16 +56,16 @@ import java.security.interfaces.RSAPublicKey; * Primitive specification and supporting documentation.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.2 $ */ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, RSAPublicKey { - // Constants and variables // ------------------------------------------------------------------------- + /** String representation of this key. Cached for speed. */ + private transient String str; + // Constructor(s) // ------------------------------------------------------------------------- @@ -182,4 +183,16 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, return super.equals(that) && getPublicExponent().equals(that.getPublicExponent()); } + + public String toString() + { + if (str == null) + { + String ls = SystemProperties.getProperty("line.separator"); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append(")").toString(); + } + return str; + } } diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java index 9c7338f662a..39063381f37 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java @@ -50,6 +50,7 @@ import java.security.PublicKey; import java.security.SecureRandom; import java.security.spec.RSAKeyGenParameterSpec; import java.util.Map; +import java.util.logging.Logger; /** * <p>A key-pair generator for asymetric keys to use in conjunction with the RSA @@ -68,10 +69,11 @@ import java.util.Map; */ public class RSAKeyPairGenerator implements IKeyPairGenerator { - // Constants and variables // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(RSAKeyPairGenerator.class.getName()); + /** The BigInteger constant 1. */ private static final BigInteger ONE = BigInteger.ONE; @@ -150,6 +152,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator */ public void setup(Map attributes) { + log.entering(this.getClass().getName(), "setup", attributes); + // do we have a SecureRandom, or should we use our own? rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); @@ -177,6 +181,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT : formatID.intValue(); + + log.exiting(this.getClass().getName(), "setup"); } /** @@ -187,6 +193,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator */ public KeyPair generate() { + log.entering(this.getClass().getName(), "generate"); + BigInteger p, q, n, d; // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where @@ -234,7 +242,9 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e); PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d); - return new KeyPair(pubK, secK); + KeyPair result = new KeyPair(pubK, secK); + log.exiting(this.getClass().getName(), "generate", result); + return result; } // helper methods ---------------------------------------------------------- diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java index a7f65b61012..0b980903251 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java @@ -45,6 +45,7 @@ import java.security.InvalidParameterException; import java.security.PrivateKey; import java.security.PublicKey; import java.util.ArrayList; +import java.util.logging.Logger; import gnu.java.security.OID; import gnu.java.security.Registry; @@ -62,6 +63,7 @@ import gnu.java.security.util.DerUtil; public class RSAKeyPairPKCS8Codec implements IKeyPairCodec { + private static final Logger log = Logger.getLogger(RSAKeyPairPKCS8Codec.class.getName()); private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING); // implicit 0-arguments constructor @@ -120,6 +122,8 @@ public class RSAKeyPairPKCS8Codec */ public byte[] encodePrivateKey(PrivateKey key) { + log.entering(this.getClass().getName(), "encodePrivateKey()", key); + if (! (key instanceof GnuRSAPrivateKey)) throw new InvalidParameterException("Wrong key type"); @@ -187,6 +191,7 @@ public class RSAKeyPairPKCS8Codec throw y; } + log.exiting(this.getClass().getName(), "encodePrivateKey()", result); return result; } @@ -208,6 +213,8 @@ public class RSAKeyPairPKCS8Codec */ public PrivateKey decodePrivateKey(byte[] input) { + log.entering(this.getClass().getName(), "decodePrivateKey()", input); + if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -278,7 +285,9 @@ public class RSAKeyPairPKCS8Codec throw y; } - return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, d, p, q, - dP, dQ, qInv); + PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, + d, p, q, dP, dQ, qInv); + log.exiting(this.getClass().getName(), "decodePrivateKey()", result); + return result; } } diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java index 1c362784b35..882d9c7b2ca 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java @@ -128,8 +128,9 @@ public class RSAKeyPairX509Codec DERValue derN = new DERValue(DER.INTEGER, n); DERValue derE = new DERValue(DER.INTEGER, e); - ArrayList algorithmID = new ArrayList(1); + ArrayList algorithmID = new ArrayList(2); algorithmID.add(derOID); + algorithmID.add(new DERValue(DER.NULL, null)); DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, algorithmID); diff --git a/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java b/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java new file mode 100644 index 00000000000..3d3052b965b --- /dev/null +++ b/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java @@ -0,0 +1,69 @@ +/* PKCS7Data.java -- Reader/writer for PKCS#7 Data objects + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.pkcs; + +import gnu.java.security.OID; + +/** + * A read/write helper class for PKCS#7 Data ASN.1 structures. + */ +public class PKCS7Data +{ + public static final OID PKCS7_DATA = new OID("1.2.840.113549.1.7.1"); + + private byte[] content; + + /** + * Constructs a new instance of <code>PKCS7Data</code> with the possibly + * null (implicetly referenced) content data. + * + * @param data the raw bytes of the data to use in a PKCS#7 framework. + */ + public PKCS7Data(byte[] data) + { + super(); + + this.content = data; + } + + public byte[] getEncoded() + { + return content; + } +} diff --git a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java index ba5efc7222f..0781f4ba97c 100644 --- a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java +++ b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java @@ -1,5 +1,5 @@ -/* PKCS7SignedData.java -- reader for PKCS#7 signedData objects - Copyright (C) 2004, 2005 Free Software Foundation, Inc. +/* PKCS7SignedData.java -- reader/writer for PKCS#7 signedData objects + Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -42,19 +42,26 @@ import gnu.java.security.ber.BER; import gnu.java.security.ber.BEREncodingException; import gnu.java.security.ber.BERReader; import gnu.java.security.ber.BERValue; +import gnu.java.security.der.DER; import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.util.Util; import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; import java.math.BigInteger; import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.Certificate; +import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; +import java.security.cert.X509CRL; import java.util.ArrayList; import java.util.Collections; @@ -63,6 +70,7 @@ import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Set; +import java.util.logging.Logger; /** * The SignedData object in PKCS #7. This is a read-only implementation of @@ -72,8 +80,8 @@ import java.util.Set; */ public class PKCS7SignedData { + private static final Logger log = Logger.getLogger(PKCS7SignedData.class.getName()); - public static final OID PKCS7_DATA = new OID("1.2.840.113549.1.7.1"); public static final OID PKCS7_SIGNED_DATA = new OID("1.2.840.113549.1.7.2"); private BigInteger version; @@ -84,13 +92,6 @@ public class PKCS7SignedData private CRL[] crls; private Set signerInfos; - private static final boolean DEBUG = false; - private static void debug(String msg) - { - System.err.print("PKCS7SignedData >> "); - System.err.println(msg); - } - public PKCS7SignedData(InputStream in) throws CRLException, CertificateException, IOException { @@ -103,14 +104,12 @@ public class PKCS7SignedData * * <pre> * SignedData ::= SEQUENCE { - * version Version, - * digestAlgorithms DigestAlgorithmIdentifiers, - * contentInfo ContentInfo, - * certificates - * [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL, - * crls - * [1] IMPLICIT CertificateRevocationLists OPTIONAL, - * signerInfos SignerInfos } + * version Version, -- always 1 for PKCS7 v1.5 + * digestAlgorithms DigestAlgorithmIdentifiers, + * contentInfo ContentInfo, + * certificates [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL, + * crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, + * signerInfos SignerInfos } * * Version ::= INTEGER * @@ -119,8 +118,8 @@ public class PKCS7SignedData * DigestAlgorithmIdentifier ::= AlgorithmIdentifier * * ContentInfo ::= SEQUENCE { - * contentType ContentType, - * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } + * contentType ContentType, + * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } * * ContentType ::= OBJECT IDENTIFIER * @@ -128,7 +127,7 @@ public class PKCS7SignedData * SET OF ExtendedCertificatesAndCertificate * * ExtendedCertificatesAndCertificate ::= CHOICE { - * certificate Certificate, -- from X.509 + * certificate Certificate, -- from X.509 * extendedCertificate [0] IMPLICIT ExtendedCertificate } * * CertificateRevocationLists ::= SET OF CertificateRevocationList @@ -137,15 +136,13 @@ public class PKCS7SignedData * SignerInfos ::= SET OF SignerInfo * * SignerInfo ::= SEQUENCE { - * version Version, - * issuerAndSerialNumber IssuerAndSerialNumber, - * digestAlgorithm DigestAlgorithmIdentifier, - * authenticatedAttributes - * [0] IMPLICIT Attributes OPTIONAL, - * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, - * encryptedDigest EncryptedDigest, - * unauthenticatedAttributes - * [1] IMPLICIT Attributes OPTIONAL } + * version Version, -- always 1 for PKCS7 v1.5 + * issuerAndSerialNumber IssuerAndSerialNumber, + * digestAlgorithm DigestAlgorithmIdentifier, + * authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, + * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, + * encryptedDigest EncryptedDigest, + * unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL } * * EncryptedDigest ::= OCTET STRING * </pre> @@ -177,23 +174,21 @@ public class PKCS7SignedData if (!val.isConstructed()) throw new BEREncodingException("malformed SignedData"); - if (DEBUG) - debug("SignedData: " + val); + log.finest("SignedData: " + val); val = ber.read(); if (val.getTag() != BER.INTEGER) throw new BEREncodingException("expecting Version"); version = (BigInteger) val.getValue(); - if (DEBUG) - debug(" Version: " + version); + log.finest(" Version: " + version); digestAlgorithms = new HashSet(); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed DigestAlgorithmIdentifiers"); - if (DEBUG) - debug(" DigestAlgorithmIdentifiers: " + val); + + log.finest(" DigestAlgorithmIdentifiers: " + val); int count = 0; DERValue val2 = ber.read(); while (val2 != BER.END_OF_SEQUENCE && @@ -201,14 +196,14 @@ public class PKCS7SignedData { if (!val2.isConstructed()) throw new BEREncodingException("malformed AlgorithmIdentifier"); - if (DEBUG) - debug(" AlgorithmIdentifier: " + val2); + + log.finest(" AlgorithmIdentifier: " + val2); count += val2.getEncodedLength(); val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed AlgorithmIdentifier"); - if (DEBUG) - debug(" ID: " + val2.getValue()); + + log.finest(" digestAlgorithmIdentifiers OID: " + val2.getValue()); List algId = new ArrayList(2); algId.add(val2.getValue()); val2 = ber.read(); @@ -219,29 +214,33 @@ public class PKCS7SignedData algId.add(null); else algId.add(val2.getEncoded()); - if (DEBUG) - debug(" params: " + new BigInteger(1, val2.getEncoded()).toString(16)); + if (val2.isConstructed()) ber.skip(val2.getLength()); + if (BERValue.isIndefinite(val)) val2 = ber.read(); } else algId.add(null); + + log.finest(" digestAlgorithmIdentifiers params: "); + log.finest(Util.dumpString((byte[]) algId.get(1), + " digestAlgorithmIdentifiers params: ")); digestAlgorithms.add(algId); } val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed ContentInfo"); - if (DEBUG) - debug(" ContentInfo: " + val); + + log.finest(" ContentInfo: " + val); val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed ContentType"); + contentType = (OID) val2.getValue(); - if (DEBUG) - debug(" ContentType: " + contentType); + log.finest(" ContentType OID: " + contentType); if (BERValue.isIndefinite(val) || (val.getLength() > 0 && val.getLength() > val2.getEncodedLength())) { @@ -251,18 +250,19 @@ public class PKCS7SignedData content = val2.getEncoded(); if (BERValue.isIndefinite(val)) val2 = ber.read(); - if (DEBUG) - debug(" Content: " + new BigInteger(1, content).toString(16)); } } + log.finest(" Content: "); + log.finest(Util.dumpString(content, " Content: ")); + val = ber.read(); if (val.getTag() == 0) { if (!val.isConstructed()) throw new BEREncodingException("malformed ExtendedCertificatesAndCertificates"); - if (DEBUG) - debug(" ExtendedCertificatesAndCertificates: " + val); + + log.finest(" ExtendedCertificatesAndCertificates: " + val); count = 0; val2 = ber.read(); List certs = new LinkedList(); @@ -271,8 +271,7 @@ public class PKCS7SignedData { Certificate cert = x509.generateCertificate(new ByteArrayInputStream(val2.getEncoded())); - if (DEBUG) - debug(" Certificate: " + cert); + log.finest(" Certificate: " + cert); certs.add(cert); count += val2.getEncodedLength(); ber.skip(val2.getLength()); @@ -287,8 +286,8 @@ public class PKCS7SignedData { if (!val.isConstructed()) throw new BEREncodingException("malformed CertificateRevocationLists"); - if (DEBUG) - debug(" CertificateRevocationLists: " + val); + + log.finest(" CertificateRevocationLists: " + val); count = 0; val2 = ber.read(); List crls = new LinkedList(); @@ -296,8 +295,7 @@ public class PKCS7SignedData (val.getLength() > 0 && val.getLength() > count)) { CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded())); - if (DEBUG) - debug (" CRL: " + crl); + log.finest(" CRL: " + crl); crls.add(crl); count += val2.getEncodedLength(); ber.skip(val2.getLength()); @@ -312,8 +310,7 @@ public class PKCS7SignedData if (!val.isConstructed()) throw new BEREncodingException("malformed SignerInfos"); - if (DEBUG) - debug(" SignerInfos: " + val); + log.finest(" SignerInfos: " + val); // FIXME read this more carefully. // Since we are just reading a file (probably) we just read until we @@ -327,6 +324,39 @@ public class PKCS7SignedData } } + /** + * Constructs a new instance of <code>PKCS7SignedData</code> given a + * designated set of fields. + * + * @param digestAlgorithms the collection of DigestAlgorithm elements. Each + * DigestAlgorithm is a {@link List} of two elements, the first is an + * OID while the second is dependent on the value of the OID element. + * @param data an instance of a PKCS#7 (non-signed) data. In its simplest form + * such an ASN.1 structure would consist of just the OID of a + * non-signed PKCS#7 Data. + * @param certificates the array of Certificates used to authenticate the + * enclosed (or referenced, in case the content is null) data. + * @param crls the array of certificate-revocation lists of the used + * certificates. + * @param signerInfos a set of {@link SignerInfo} elements, one per signer of + * the data referenced by this <code>PKCS7SignedData</code> + * instance. + */ + public PKCS7SignedData(Set digestAlgorithms, PKCS7Data data, + Certificate[] certificates, X509CRL[] crls, + Set signerInfos) + { + super(); + + this.version = BigInteger.ONE; + this.digestAlgorithms = digestAlgorithms; + this.contentType = PKCS7_SIGNED_DATA; + this.content = data == null ? null : data.getEncoded(); + this.certificates = certificates; + this.crls = crls; + this.signerInfos = signerInfos; + } + public BigInteger getVersion() { return version; @@ -361,4 +391,89 @@ public class PKCS7SignedData copy.add(it.next()); return Collections.unmodifiableSet(copy); } + + /** + * Writes to the designated output stream the DER encoding of the current + * contents of this instance. + * + * @param out the destination output stream. + * @throws IOException if an I/O related exception occurs during the process. + * @throws CRLException if an exception occurs while encoding the certificate + * revocation lists associated with this instance. + * @throws CertificateEncodingException if an exception occurs while encoding + * the certificate chains associated with this instance. + */ + public void encode(OutputStream out) throws IOException, CRLException, + CertificateEncodingException + { + DERValue derVersion = new DERValue(DER.INTEGER, version); + + DERValue derDigestAlgorithms = new DERValue(DER.CONSTRUCTED | DER.SET, + digestAlgorithms); + + DERValue derContentType = new DERValue(DER.OBJECT_IDENTIFIER, + PKCS7Data.PKCS7_DATA); + ArrayList contentInfo = new ArrayList(2); + contentInfo.add(derContentType); + if (content == null) + contentInfo.add(new DERValue(DER.NULL, null)); + else + contentInfo.add(content); + + DERValue derContentInfo = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + contentInfo); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(4096); + for (int i = 0; i < certificates.length; i++) + baos.write(certificates[i].getEncoded()); + + baos.flush(); + byte[] b = baos.toByteArray(); + DERValue derExtendedCertificatesAndCertificates = + new DERValue(DER.CONSTRUCTED | DER.CONTEXT | 0, b.length, b, null); + + DERValue derCertificateRevocationLists = null; + if (crls != null && crls.length > 0) + { + baos.reset(); + for (int i = 0; i < crls.length; i++) + baos.write(((X509CRL) crls[i]).getEncoded()); + + baos.flush(); + byte[] b2 = baos.toByteArray(); + derCertificateRevocationLists = + new DERValue(DER.CONSTRUCTED | DER.CONTEXT | 1, b2.length, b2, null); + } + + baos.reset(); + for (Iterator it = signerInfos.iterator(); it.hasNext();) + { + SignerInfo signerInfo = (SignerInfo) it.next(); + signerInfo.encode(baos); + } + baos.flush(); + byte[] b3 = baos.toByteArray(); + DERValue derSignerInfos = new DERValue(DER.CONSTRUCTED | DER.SET, + b3.length, b3, null); + + ArrayList signedData = new ArrayList(6); + signedData.add(derVersion); + signedData.add(derDigestAlgorithms); + signedData.add(derContentInfo); + signedData.add(derExtendedCertificatesAndCertificates); + if (derCertificateRevocationLists != null) + signedData.add(derCertificateRevocationLists); + + signedData.add(derSignerInfos); + DERValue derSignedData = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + signedData); + // now the outer contents + ArrayList outer = new ArrayList(3); + outer.add(new DERValue(DER.OBJECT_IDENTIFIER, PKCS7_SIGNED_DATA)); + outer.add(new DERValue(DER.CONTEXT | 0, null)); + outer.add(derSignedData); + DERValue derOuter = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, outer); + + DERWriter.write(out, derOuter); + } } diff --git a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java index c976799bb0c..7b38bfefdaf 100644 --- a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java +++ b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java @@ -42,16 +42,25 @@ import gnu.java.security.ber.BER; import gnu.java.security.ber.BEREncodingException; import gnu.java.security.ber.BERReader; import gnu.java.security.ber.BERValue; +import gnu.java.security.der.DER; import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; +import gnu.java.security.util.Util; +import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.io.OutputStream; import java.math.BigInteger; +import java.util.ArrayList; +import java.util.logging.Logger; import javax.security.auth.x500.X500Principal; public class SignerInfo { + private static final Logger log = Logger.getLogger(SignerInfo.class.getName()); + private final BigInteger version; private final BigInteger serialNumber; private final X500Principal issuer; @@ -63,67 +72,80 @@ public class SignerInfo private final byte[] encryptedDigest; private final byte[] unauthenticatedAttributes; - private static final boolean DEBUG = false; - private static void debug(String msg) - { - System.err.print("SignerInfo >> "); - System.err.println(msg); - } - /** * Parse a SignerInfo object. + * <p> + * A SignerInfo is a structure with the following ASN.1 syntax: + * <pre> + * SignerInfo ::= SEQUENCE { + * version Version, -- always 1 for PKCS7 v1.5 + * issuerAndSerialNumber IssuerAndSerialNumber, -- an INTEGER + * digestAlgorithm DigestAlgorithmIdentifier, + * authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, + * digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, + * encryptedDigest EncryptedDigest, + * unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL } + * + * IssuerAndSerialNumber ::= SEQUENCE { + * issuer Name, + * serialNumber CertificateSerialNumber + * } + * + * DigestAlgorithmIdentifier ::= AlgorithmIdentifier + * + * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + * + * EncryptedDigest ::= OCTET STRING + * </pre> */ public SignerInfo(BERReader ber) throws IOException { DERValue val = ber.read(); - if (DEBUG) - debug("SignerInfo: " + val); + log.finest("SignerInfo: " + val); if (!val.isConstructed()) throw new BEREncodingException("malformed SignerInfo"); val = ber.read(); if (val.getTag() != BER.INTEGER) throw new BEREncodingException("malformed Version"); - version = (BigInteger) val.getValue(); - if (DEBUG) - debug(" Version: " + version); + version = (BigInteger) val.getValue(); + log.finest(" Version: " + version); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed IssuerAndSerialNumber"); - if (DEBUG) - debug(" IssuerAndSerialNumber: " + val); + log.finest(" IssuerAndSerialNumber: " + val); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed Issuer"); + issuer = new X500Principal(val.getEncoded()); ber.skip(val.getLength()); - if (DEBUG) - debug(" Issuer: " + issuer); + log.finest(" Issuer: " + issuer); val = ber.read(); if (val.getTag() != BER.INTEGER) throw new BEREncodingException("malformed SerialNumber"); + serialNumber = (BigInteger) val.getValue(); - if (DEBUG) - debug(" SerialNumber: " + serialNumber); + log.finest(" SerialNumber: " + serialNumber); val = ber.read(); if (!val.isConstructed()) throw new BEREncodingException("malformed DigestAlgorithmIdentifier"); - if (DEBUG) - debug(" DigestAlgorithmIdentifier: " + val); + + log.finest(" DigestAlgorithmIdentifier: " + val); int count = 0; DERValue val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed AlgorithmIdentifier"); + digestAlgorithmId = (OID) val2.getValue(); - if (DEBUG) - debug(" OID: " + digestAlgorithmId); + log.finest(" digestAlgorithm OID: " + digestAlgorithmId); if (BERValue.isIndefinite(val)) { @@ -147,9 +169,10 @@ public class SignerInfo } else digestAlgorithmParams = null; - if(DEBUG) - debug(" params: " + (digestAlgorithmParams == null ? null - : new BigInteger(digestAlgorithmParams).toString(16))); + + log.finest(" digestAlgorithm params: "); + log.finest(Util.dumpString(digestAlgorithmParams, + " digestAlgorithm params: ")); val = ber.read(); if (val.getTag() == 0) @@ -158,24 +181,27 @@ public class SignerInfo val = ber.read(); if (val.isConstructed()) ber.skip(val.getLength()); - if (DEBUG) - debug(" AuthenticatedAttributes: " + val); + val = ber.read(); } else authenticatedAttributes = null; + log.finest(" AuthenticatedAttributes: "); + log.finest(Util.dumpString(authenticatedAttributes, + " AuthenticatedAttributes: ")); + if (!val.isConstructed()) throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier"); - if (DEBUG) - debug(" DigestEncryptionAlgorithmIdentifier: " + val); + + log.finest(" DigestEncryptionAlgorithmIdentifier: " + val); count = 0; val2 = ber.read(); if (val2.getTag() != BER.OBJECT_IDENTIFIER) throw new BEREncodingException("malformed AlgorithmIdentifier"); + digestEncryptionAlgorithmId = (OID) val2.getValue(); - if (DEBUG) - debug(" OID: " + digestEncryptionAlgorithmId); + log.finest(" digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId); if (BERValue.isIndefinite(val)) { @@ -199,26 +225,74 @@ public class SignerInfo } else digestEncryptionAlgorithmParams = null; - if(DEBUG) - debug(" params: " + (digestEncryptionAlgorithmParams == null ? null - : new BigInteger(digestEncryptionAlgorithmParams).toString(16))); + + log.finest(" digestEncryptionAlgorithm params: "); + log.finest(Util.dumpString(digestEncryptionAlgorithmParams, + " digestEncryptionAlgorithm params: ")); val = ber.read(); if (val.getTag() != BER.OCTET_STRING) throw new BEREncodingException("malformed EncryptedDigest"); + encryptedDigest = (byte[]) val.getValue(); - if (DEBUG) - debug(" EncryptedDigest: " + new BigInteger(1, encryptedDigest).toString(16)); + log.finest(" EncryptedDigest: "); + log.finest(Util.dumpString(encryptedDigest, " EncryptedDigest: ")); if (ber.peek() == 1) unauthenticatedAttributes = ber.read().getEncoded(); else unauthenticatedAttributes = null; + log.finest(" UnauthenticatedAttributes: "); + log.finest(Util.dumpString(unauthenticatedAttributes, + " UnauthenticatedAttributes: ")); + if (ber.peek() == 0) ber.read(); } + /** + * Constructs a new instance of <code>SignerInfo</code> given a designated + * set of fields. + * + * @param issuer the X.500 Principal name of the signer referenced by this + * instance. + * @param serialNumber the serial number of the certificate being used. Both + * this and the previous arguments are gleaned from the signer's + * certificate. + * @param digestAlgorithmOID the OID of the digest algorithm. When + * constructing the DigestAlgorithmIdentifier with this OID, the + * parameters part will be NULL. + * @param authenticatedAttributes the encoding of the set of authenticated + * attributes to use. + * @param digestEncryptionAlgorithmOID the OID of the digest encryption + * algorithm. When constructing the + * DigestEncryptionAlgorithmIdentifier with this OID, the parameters + * part will be NULL. + * @param encryptedDigest the encrypted hash generated with this signer's + * private key. + * @param unauthenticatedAttributes the encoding of the set of + * unauthencticated attributes. + */ + public SignerInfo(X500Principal issuer, BigInteger serialNumber, + OID digestAlgorithmOID, byte[] authenticatedAttributes, + OID digestEncryptionAlgorithmOID, + byte[] encryptedDigest, byte[] unauthenticatedAttributes) + { + super(); + + this.version = BigInteger.ONE; + this.issuer = issuer; + this.serialNumber = serialNumber; + this.digestAlgorithmId = digestAlgorithmOID; + this.digestAlgorithmParams = null; + this.authenticatedAttributes = authenticatedAttributes; + this.digestEncryptionAlgorithmId = digestEncryptionAlgorithmOID; + this.digestEncryptionAlgorithmParams = null; + this.encryptedDigest = encryptedDigest; + this.unauthenticatedAttributes = unauthenticatedAttributes; + } + public BigInteger getVersion() { return version; @@ -276,4 +350,65 @@ public class SignerInfo ? (byte[]) unauthenticatedAttributes.clone() : null); } + + /** + * Writes to the designated output stream the DER encoding of the current + * contents of this instance. + * + * @param out the destination output stream. + * @throws IOException if an I/O related exception occurs during the process. + */ + public void encode(OutputStream out) throws IOException + { + DERValue derVersion = new DERValue(DER.INTEGER, version); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(4096); + baos.write(issuer.getEncoded()); + DERValue derSerialNumber = new DERValue(DER.INTEGER, serialNumber); + DERWriter.write(baos, derSerialNumber); + baos.flush(); + byte[] b = baos.toByteArray(); + DERValue derIssuerAndSerialNumber = + new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, b.length, b, null); + + DERValue derDigestAlgorithmOID = new DERValue(DER.OBJECT_IDENTIFIER, + digestAlgorithmId); + ArrayList digestAlgorithmIdentifier = new ArrayList(1); + digestAlgorithmIdentifier.add(derDigestAlgorithmOID); + DERValue derDigestAlgorithmIdentifier = + new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestAlgorithmIdentifier); + + DERValue derAuthenticatedAttributes; + if (authenticatedAttributes == null) + derAuthenticatedAttributes = new DERValue(DER.NULL, null); + else + derAuthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET, + authenticatedAttributes); + + DERValue derDigestEncryptionAlgorithmOID = + new DERValue(DER.OBJECT_IDENTIFIER, digestEncryptionAlgorithmId); + ArrayList digestEncryptionAlgorithmIdentifier = new ArrayList(1); + digestEncryptionAlgorithmIdentifier.add(derDigestEncryptionAlgorithmOID); + DERValue derDigestEncryptionAlgorithmIdentifier = + new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestEncryptionAlgorithmIdentifier); + + DERValue derEncryptedDigest = new DERValue(DER.OCTET_STRING, encryptedDigest); + + DERValue derUnauthenticatedAttributes; + if (unauthenticatedAttributes == null) + derUnauthenticatedAttributes = new DERValue(DER.NULL, null); + else + derUnauthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET, + unauthenticatedAttributes); + + ArrayList signerInfo = new ArrayList(5); + signerInfo.add(derVersion); + signerInfo.add(derIssuerAndSerialNumber); + signerInfo.add(derDigestAlgorithmIdentifier); + signerInfo.add(derDigestEncryptionAlgorithmIdentifier); + signerInfo.add(derEncryptedDigest); + DERValue derSignerInfo = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, + signerInfo); + DERWriter.write(out, derSignerInfo); + } } diff --git a/libjava/classpath/gnu/java/security/prng/MDGenerator.java b/libjava/classpath/gnu/java/security/prng/MDGenerator.java index 255647d1c5f..073c559ae04 100644 --- a/libjava/classpath/gnu/java/security/prng/MDGenerator.java +++ b/libjava/classpath/gnu/java/security/prng/MDGenerator.java @@ -122,6 +122,20 @@ public class MDGenerator extends BasePRNG implements Cloneable md.update(buffer, 0, buffer.length); } + public void addRandomByte (final byte b) + { + if (md == null) + throw new IllegalStateException ("not initialized"); + md.update (b); + } + + public void addRandomBytes (final byte[] buf, final int off, final int len) + { + if (md == null) + throw new IllegalStateException ("not initialized"); + md.update (buf, off, len); + } + // Cloneable interface implementation --------------------------------------- public Object clone() throws CloneNotSupportedException diff --git a/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java b/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java deleted file mode 100644 index ccec1136cd3..00000000000 --- a/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java +++ /dev/null @@ -1,128 +0,0 @@ -/* DSAParameterGenerator.java --- DSA Parameter Generator Implementation - Copyright (C) 1999 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.util.Prime; - -import java.math.BigInteger; -import java.security.AlgorithmParameterGeneratorSpi; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; -import java.util.Random; - -public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi -{ - private int size; - private SecureRandom random = null; - - public DSAParameterGenerator() - { - size = 1024; - } - - public void engineInit(int size, SecureRandom random) - { - if( (size < 512) || (size > 1024) || ( (size % 64) != 0) ) - //throw new InvalidAlgorithmParameterException("Invalid Size"); - return; - this.size = size; - this.random = random; - } - - public void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) - throws InvalidAlgorithmParameterException - { - if( !( genParamSpec instanceof DSAParameterSpec ) ) - throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); - - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)genParamSpec; - int tmp = dsaparameterspec.getP().bitLength(); - - if( (tmp < 512) || (tmp > 1024) || ( (tmp % 64) != 0) ) - throw new InvalidAlgorithmParameterException("Invalid Size"); - - this.random = random; - } - - //For more information see IEEE P1363 A.16.1 (10/05/98 Draft) - public AlgorithmParameters engineGenerateParameters() - { - DSAParameterSpec dsaparameterspec; - - int L = size; - BigInteger r, p, k, h, g; - - //q 2^159 < q < 2^160 - r = Prime.generateRandomPrime( 159, 160, BigInteger.valueOf(1)); - - // 2^(L-1) < p < 2^L - p = Prime.generateRandomPrime( r, BigInteger.valueOf(1), L - 1, L, BigInteger.valueOf(1)); - - k = p.subtract( BigInteger.valueOf(1) ); - k = k.divide( r ); - - Random rand = new Random(); - h = BigInteger.valueOf(1); - - for(;;) { - h = h.add(BigInteger.valueOf( 1 ) ); - - g = h.modPow(k, p); - - if( g.compareTo( BigInteger.valueOf(1) ) != 1 ) - break; - } - - try { - dsaparameterspec = new DSAParameterSpec(p, r, g); - AlgorithmParameters ap = AlgorithmParameters.getInstance("DSA"); - ap.init( dsaparameterspec ); - return ap; - } catch ( NoSuchAlgorithmException nsae ) { - return null; - } catch ( InvalidParameterSpecException ipse) { - return null; - } - } -} diff --git a/libjava/classpath/gnu/java/security/provider/Gnu.java b/libjava/classpath/gnu/java/security/provider/Gnu.java index 06135664427..6ea96c1e4f3 100644 --- a/libjava/classpath/gnu/java/security/provider/Gnu.java +++ b/libjava/classpath/gnu/java/security/provider/Gnu.java @@ -86,6 +86,7 @@ public final class Gnu extends Provider put("Alg.Alias.Signature.md5WithRSAEncryption", "MD5withRSA"); put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA"); put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); + put("Alg.Alias.Signature.RSA", "MD5withRSA"); put("Signature.SHA160withRSA", gnu.java.security.jce.sig.SHA160withRSA.class.getName()); diff --git a/libjava/classpath/gnu/java/security/sig/ISignature.java b/libjava/classpath/gnu/java/security/sig/ISignature.java index 77653ee3722..e77f39d2cf1 100644 --- a/libjava/classpath/gnu/java/security/sig/ISignature.java +++ b/libjava/classpath/gnu/java/security/sig/ISignature.java @@ -56,8 +56,6 @@ import java.util.Map; * Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A. * Vanstone. Section 11.2.2 Digital signature schemes with appendix.</li> * </ol> - * - * @version $Revision: 1.1 $ */ public interface ISignature extends Cloneable { diff --git a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java index 119eca5fd0d..b6ab0ba9b1e 100644 --- a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java +++ b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java @@ -45,8 +45,6 @@ import gnu.java.security.Registry; * cryptographic signatures. Codecs are useful for (a) externalising signature * output data for storage and on-the-wire transmission, as well as (b) re- * creating their internal Java representation from external sources.</p> - * - * @version $Revision: 1.1 $ */ public interface ISignatureCodec { diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java index 6bedfaefa3a..370a93854e1 100644 --- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java +++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java @@ -111,8 +111,6 @@ import java.util.Random; * Signature Standard (DSS)</a>, Federal Information Processing Standards * Publication 186. National Institute of Standards and Technology.</li> * </ol> - * - * @version $Revision: 1.1 $ */ public class DSSSignature extends BaseSignature { diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java index 02f6b1ddc41..b0590a573dc 100644 --- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java +++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java @@ -47,8 +47,6 @@ import java.math.BigInteger; /** * <p>An object that implements the {@link ISignatureCodec} operations for the * <i>Raw</i> format to use with DSS signatures.</p> - * - * @version $Revision: 1.1 $ */ public class DSSSignatureRawCodec implements ISignatureCodec { diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java index 2ea8a304a9c..d155fc88fb4 100644 --- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java +++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java @@ -57,8 +57,6 @@ import java.io.ByteArrayOutputStream; * RSA Cryptography Specifications Version 2.1.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.2 $ */ public class EMSA_PKCS1_V1_5 implements Cloneable { diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java index d11a861b52e..c1c9760ed5c 100644 --- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java +++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java @@ -67,8 +67,6 @@ import java.util.Arrays; * Primitive specification and supporting documentation.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.1 $ */ public class EMSA_PSS implements Cloneable { diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java index d4b69a7a18f..e64d30b6937 100644 --- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java @@ -67,8 +67,6 @@ import java.util.Arrays; * RSA Cryptography Specifications Version 2.1.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.2 $ */ public class RSAPKCS1V1_5Signature extends BaseSignature { diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java index 95a6653f393..7ec62568a98 100644 --- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java @@ -70,8 +70,6 @@ import java.security.interfaces.RSAPublicKey; * Primitive specification and supporting documentation.<br> * Jakob Jonsson and Burt Kaliski.</li> * </ol> - * - * @version $Revision: 1.2 $ */ public class RSAPSSSignature extends BaseSignature { diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java index 64a972ca366..2be79165f18 100644 --- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java +++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java @@ -46,8 +46,6 @@ import java.io.ByteArrayOutputStream; /** * <p>An object that implements the {@link gnu.crypto.sig.ISignatureCodec} * operations for the <i>Raw</i> format to use with RSA-PSS signatures.</p> - * - * @version $Revision: 1.1 $ */ public class RSAPSSSignatureRawCodec implements ISignatureCodec { diff --git a/libjava/classpath/gnu/java/security/util/Util.java b/libjava/classpath/gnu/java/security/util/Util.java index 53f8e3c2cca..f39afb93159 100644 --- a/libjava/classpath/gnu/java/security/util/Util.java +++ b/libjava/classpath/gnu/java/security/util/Util.java @@ -42,8 +42,6 @@ import java.math.BigInteger; /** * <p>A collection of utility methods used throughout this project.</p> - * - * @version $Revision: 1.1 $ */ public class Util { diff --git a/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java b/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java index daf746f5dc5..02adad7d2fd 100644 --- a/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java +++ b/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java @@ -1,5 +1,5 @@ /* X500DistinguishedName.java -- X.500 distinguished name. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -61,7 +61,6 @@ import java.util.Set; public class X500DistinguishedName implements Principal { - // Constants and fields. // ------------------------------------------------------------------------- @@ -221,6 +220,10 @@ public class X500DistinguishedName implements Principal putComponent(DC, value); else if (name.equals("uid")) putComponent(UID, value); + else if (name.equals("o")) + putComponent(O, value); + else if (name.equals("ou")) + putComponent(OU, value); else putComponent(new OID(name), value); } @@ -328,16 +331,18 @@ public class X500DistinguishedName implements Principal { if (fixed && encoded != null) return (byte[]) encoded.clone(); + ArrayList name = new ArrayList(components.size()); for (Iterator it = components.iterator(); it.hasNext(); ) { Map m = (Map) it.next(); if (m.isEmpty()) continue; + Set rdn = new HashSet(); for (Iterator it2 = m.entrySet().iterator(); it2.hasNext(); ) { - Map.Entry e = (Map.Entry) it.next(); + Map.Entry e = (Map.Entry) it2.next(); ArrayList atav = new ArrayList(2); atav.add(new DERValue(DER.OBJECT_IDENTIFIER, e.getKey())); atav.add(new DERValue(DER.UTF8_STRING, e.getValue())); @@ -486,6 +491,9 @@ public class X500DistinguishedName implements Principal throw new EOFException(); default: buf.append((char) ch); + ch = in.read(); + if (ch == -1) + return buf.toString(); } } } |