Imported GNU Classpath 0.90
Imported GNU Classpath 0.90
* scripts/makemake.tcl: Set gnu/java/awt/peer/swing to ignore.
* gnu/classpath/jdwp/VMFrame.java (SIZE): New constant.
* java/lang/VMCompiler.java: Use gnu.java.security.hash.MD5.
* java/lang/Math.java: New override file.
* java/lang/Character.java: Merged from Classpath.
(start, end): Now 'int's.
(canonicalName): New field.
(CANONICAL_NAME, NO_SPACES_NAME, CONSTANT_NAME): New constants.
(UnicodeBlock): Added argument.
(of): New overload.
(forName): New method.
Updated unicode blocks.
(sets): Updated.
* sources.am: Regenerated.
* Makefile.in: Likewise.
From-SVN: r111942
This commit is contained in:
@@ -0,0 +1,181 @@
|
||||
/* GnuRSAKey.java --
|
||||
Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is a part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
||||
USA
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
import gnu.java.security.util.FormatUtil;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.Key;
|
||||
import java.security.interfaces.RSAKey;
|
||||
|
||||
/**
|
||||
* <p>A base asbtract class for both public and private RSA keys.</p>
|
||||
*
|
||||
* @version $Revision: 1.3 $
|
||||
*/
|
||||
public abstract class GnuRSAKey implements Key, RSAKey
|
||||
{
|
||||
|
||||
// Constants and variables
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/** The public modulus of an RSA key pair. */
|
||||
private final BigInteger n;
|
||||
|
||||
/** The public exponent of an RSA key pair. */
|
||||
private final BigInteger e;
|
||||
|
||||
/**
|
||||
* Identifier of the default encoding format to use when externalizing the
|
||||
* key material.
|
||||
*/
|
||||
protected final int defaultFormat;
|
||||
|
||||
// Constructor(s)
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Trivial protected constructor.
|
||||
*
|
||||
* @param defaultFormat the identifier of the encoding format to use by
|
||||
* default when externalizing the key.
|
||||
* @param n the public modulus <code>n</code>.
|
||||
* @param e the public exponent <code>e</code>.
|
||||
*/
|
||||
protected GnuRSAKey(int defaultFormat, BigInteger n, BigInteger e)
|
||||
{
|
||||
super();
|
||||
|
||||
this.defaultFormat = defaultFormat <= 0 ? Registry.RAW_ENCODING_ID
|
||||
: defaultFormat;
|
||||
this.n = n;
|
||||
this.e = e;
|
||||
}
|
||||
|
||||
// Class methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// Instance methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// java.security.interfaces.RSAKey interface implementation ----------------
|
||||
|
||||
public BigInteger getModulus()
|
||||
{
|
||||
return getN();
|
||||
}
|
||||
|
||||
// java.security.Key interface implementation ------------------------------
|
||||
|
||||
public String getAlgorithm()
|
||||
{
|
||||
return Registry.RSA_KPG;
|
||||
}
|
||||
|
||||
/** @deprecated see getEncoded(int). */
|
||||
public byte[] getEncoded()
|
||||
{
|
||||
return getEncoded(IKeyPairCodec.RAW_FORMAT);
|
||||
}
|
||||
|
||||
public String getFormat()
|
||||
{
|
||||
return FormatUtil.getEncodingShortName(defaultFormat);
|
||||
}
|
||||
|
||||
// Other instance methods --------------------------------------------------
|
||||
|
||||
/**
|
||||
* <p>Returns the modulus <code>n</code>.</p>
|
||||
*
|
||||
* @return the modulus <code>n</code>.
|
||||
*/
|
||||
public BigInteger getN()
|
||||
{
|
||||
return n;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns the public exponent <code>e</code>.</p>
|
||||
*
|
||||
* @return the public exponent <code>e</code>.
|
||||
*/
|
||||
public BigInteger getPublicExponent()
|
||||
{
|
||||
return getE();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Same as {@link #getPublicExponent()}.</p>
|
||||
*
|
||||
* @return the public exponent <code>e</code>.
|
||||
*/
|
||||
public BigInteger getE()
|
||||
{
|
||||
return e;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns <code>true</code> if the designated object is an instance of
|
||||
* {@link RSAKey} and has the same RSA parameter values as this one.</p>
|
||||
*
|
||||
* @param obj the other non-null RSA key to compare to.
|
||||
* @return <code>true</code> if the designated object is of the same type and
|
||||
* value as this one.
|
||||
*/
|
||||
public boolean equals(final Object obj)
|
||||
{
|
||||
if (obj == null)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
if (!(obj instanceof RSAKey))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
final RSAKey that = (RSAKey) obj;
|
||||
return n.equals(that.getModulus());
|
||||
}
|
||||
|
||||
// abstract methods to be implemented by subclasses ------------------------
|
||||
|
||||
public abstract byte[] getEncoded(int format);
|
||||
}
|
||||
@@ -0,0 +1,299 @@
|
||||
/* GnuRSAPrivateKey.java --
|
||||
Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is a part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
||||
USA
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.interfaces.RSAPrivateCrtKey;
|
||||
import java.security.interfaces.RSAPrivateKey;
|
||||
|
||||
/**
|
||||
* <p>An object that embodies an RSA private key.</p>
|
||||
*
|
||||
* <p>References:</p>
|
||||
* <ol>
|
||||
* <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
|
||||
* RSA-PSS Signature Scheme with Appendix, part B.</a><br>
|
||||
* Primitive specification and supporting documentation.<br>
|
||||
* Jakob Jonsson and Burt Kaliski.</li>
|
||||
* </ol>
|
||||
*
|
||||
* @version $Revision: 1.3 $
|
||||
*/
|
||||
public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
|
||||
RSAPrivateCrtKey
|
||||
{
|
||||
|
||||
// Constants and variables
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/** The first prime divisor of the modulus. */
|
||||
private final BigInteger p;
|
||||
|
||||
/** The second prime divisor of the modulus. */
|
||||
private final BigInteger q;
|
||||
|
||||
/** The public exponent of an RSA key. */
|
||||
// private final BigInteger e;
|
||||
/** The private exponent of an RSA private key. */
|
||||
private final BigInteger d;
|
||||
|
||||
/** The first factor's exponent. */
|
||||
private final BigInteger dP;
|
||||
|
||||
/** The second factor's exponent. */
|
||||
private final BigInteger dQ;
|
||||
|
||||
/** The CRT (Chinese Remainder Theorem) coefficient. */
|
||||
private final BigInteger qInv;
|
||||
|
||||
// Constructor(s)
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Convenience constructor. Calls the constructor with 5 arguments passing
|
||||
* {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
|
||||
* encoding format.
|
||||
*
|
||||
* @param p the modulus first prime divisor.
|
||||
* @param q the modulus second prime divisor.
|
||||
* @param e the public exponent.
|
||||
* @param d the private exponent.
|
||||
*/
|
||||
public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e,
|
||||
BigInteger d)
|
||||
{
|
||||
this(Registry.RAW_ENCODING_ID, p, q, e, d);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the
|
||||
* designated arguments.
|
||||
*
|
||||
* @param preferredFormat the indetifier of the preferred encoding format to
|
||||
* use when externalizing this key.
|
||||
* @param p the modulus first prime divisor.
|
||||
* @param q the modulus second prime divisor.
|
||||
* @param e the public exponent.
|
||||
* @param d the private exponent.
|
||||
*/
|
||||
public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q,
|
||||
BigInteger e, BigInteger d)
|
||||
{
|
||||
this(preferredFormat, p.multiply(q), e, d, p, q,
|
||||
e.modInverse(p.subtract(BigInteger.ONE)),
|
||||
e.modInverse(q.subtract(BigInteger.ONE)),
|
||||
q.modInverse(p));
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the
|
||||
* designated arguments.
|
||||
*
|
||||
* @param preferredFormat the indetifier of the preferred encoding format to
|
||||
* use when externalizing this key.
|
||||
* @param n the public modulus, which is also the product of <code>p</code>
|
||||
* and <code>q</code>.
|
||||
* @param e the public exponent.
|
||||
* @param d the private exponent.
|
||||
* @param p the modulus first prime divisor.
|
||||
* @param q the modulus second prime divisor.
|
||||
* @param dP the first prime's exponen. A positive integer less than
|
||||
* <code>p</code> and <code>q</code>, satisfying <code>e * dP = 1 (mod p-1)
|
||||
* </code>.
|
||||
* @param dQ the second prime's exponent. A positive integer less than
|
||||
* <code>p</code> and <code>q</code>, satisfying <code>e * dQ = 1 (mod p-1)
|
||||
* </code>.
|
||||
* @param qInv the Chinese Remainder Theorem coefiicient. A positive integer
|
||||
* less than <code>p</code>, satisfying <code>q * qInv = 1 (mod p)</code>.
|
||||
*/
|
||||
public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e,
|
||||
BigInteger d, BigInteger p, BigInteger q,
|
||||
BigInteger dP, BigInteger dQ, BigInteger qInv)
|
||||
{
|
||||
super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
|
||||
: preferredFormat,
|
||||
n, e);
|
||||
|
||||
this.d = d;
|
||||
this.p = p;
|
||||
this.q = q;
|
||||
// the exponents dP and dQ are positive integers less than p and q
|
||||
// respectively satisfying
|
||||
// e * dP = 1 (mod p-1);
|
||||
// e * dQ = 1 (mod q-1),
|
||||
this.dP = dP;
|
||||
this.dQ = dQ;
|
||||
// the CRT coefficient qInv is a positive integer less than p satisfying
|
||||
// q * qInv = 1 (mod p).
|
||||
this.qInv = qInv;
|
||||
}
|
||||
|
||||
// Class methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* A class method that takes the output of the <code>encodePrivateKey()</code>
|
||||
* method of an RSA keypair codec object (an instance implementing
|
||||
* {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this
|
||||
* object.
|
||||
*
|
||||
* @param k the contents of a previously encoded instance of this object.
|
||||
* @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in
|
||||
* <code>k</code>, to represent a valid encoding of an instance
|
||||
* of this object.
|
||||
* @throws IllegalArgumentException if the byte sequence does not represent a
|
||||
* valid encoding of an instance of this object.
|
||||
*/
|
||||
public static GnuRSAPrivateKey valueOf(final byte[] k)
|
||||
{
|
||||
// try RAW codec
|
||||
if (k[0] == Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0])
|
||||
try
|
||||
{
|
||||
return (GnuRSAPrivateKey) new RSAKeyPairRawCodec().decodePrivateKey(k);
|
||||
}
|
||||
catch (IllegalArgumentException ignored)
|
||||
{
|
||||
}
|
||||
|
||||
// try PKCS#8 codec
|
||||
return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k);
|
||||
}
|
||||
|
||||
// Instance methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
public BigInteger getPrimeP()
|
||||
{
|
||||
return p;
|
||||
}
|
||||
|
||||
public BigInteger getPrimeQ()
|
||||
{
|
||||
return q;
|
||||
}
|
||||
|
||||
public BigInteger getPrimeExponentP()
|
||||
{
|
||||
return dP;
|
||||
}
|
||||
|
||||
public BigInteger getPrimeExponentQ()
|
||||
{
|
||||
return dQ;
|
||||
}
|
||||
|
||||
public BigInteger getCrtCoefficient()
|
||||
{
|
||||
return qInv;
|
||||
}
|
||||
|
||||
// java.security.interfaces.RSAPrivateKey interface implementation ---------
|
||||
|
||||
public BigInteger getPrivateExponent()
|
||||
{
|
||||
return d;
|
||||
}
|
||||
|
||||
// Other instance methods --------------------------------------------------
|
||||
|
||||
/**
|
||||
* Returns the encoded form of this private key according to the
|
||||
* designated format.
|
||||
*
|
||||
* @param format the desired format identifier of the resulting encoding.
|
||||
* @return the byte sequence encoding this key according to the designated
|
||||
* format.
|
||||
* @throws IllegalArgumentException if the format is not supported.
|
||||
* @see RSAKeyPairRawCodec
|
||||
* @see RSAKeyPairPKCS8Codec
|
||||
*/
|
||||
public byte[] getEncoded(int format)
|
||||
{
|
||||
final byte[] result;
|
||||
switch (format)
|
||||
{
|
||||
case IKeyPairCodec.RAW_FORMAT:
|
||||
result = new RSAKeyPairRawCodec().encodePrivateKey(this);
|
||||
break;
|
||||
case IKeyPairCodec.PKCS8_FORMAT:
|
||||
result = new RSAKeyPairPKCS8Codec().encodePrivateKey(this);
|
||||
break;
|
||||
default:
|
||||
throw new IllegalArgumentException("Unsupported encoding format: "
|
||||
+ format);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns <code>true</code> if the designated object is an instance of
|
||||
* this class and has the same RSA parameter values as this one.</p>
|
||||
*
|
||||
* @param obj the other non-null RSA key to compare to.
|
||||
* @return <code>true</code> if the designated object is of the same type
|
||||
* and value as this one.
|
||||
*/
|
||||
public boolean equals(final Object obj)
|
||||
{
|
||||
if (obj == null)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
if (obj instanceof RSAPrivateKey)
|
||||
{
|
||||
final RSAPrivateKey that = (RSAPrivateKey) obj;
|
||||
return super.equals(that) && d.equals(that.getPrivateExponent());
|
||||
}
|
||||
if (obj instanceof RSAPrivateCrtKey)
|
||||
{
|
||||
final RSAPrivateCrtKey that = (RSAPrivateCrtKey) obj;
|
||||
return super.equals(that) && p.equals(that.getPrimeP())
|
||||
&& q.equals(that.getPrimeQ())
|
||||
&& dP.equals(that.getPrimeExponentP())
|
||||
&& dQ.equals(that.getPrimeExponentQ())
|
||||
&& qInv.equals(that.getCrtCoefficient());
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,185 @@
|
||||
/* GnuRSAPublicKey.java --
|
||||
Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is a part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
||||
USA
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.PublicKey;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
|
||||
/**
|
||||
* <p>An object that encapsulates an RSA public key.</p>
|
||||
*
|
||||
* <p>References:</p>
|
||||
* <ol>
|
||||
* <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
|
||||
* RSA-PSS Signature Scheme with Appendix, part B.</a><br>
|
||||
* Primitive specification and supporting documentation.<br>
|
||||
* Jakob Jonsson and Burt Kaliski.</li>
|
||||
* </ol>
|
||||
*
|
||||
* @version $Revision: 1.2 $
|
||||
*/
|
||||
public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
|
||||
RSAPublicKey
|
||||
{
|
||||
|
||||
// Constants and variables
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// Constructor(s)
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Conveience constructor. Calls the constructor with 3 arguments passing
|
||||
* {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
|
||||
* encoding format.
|
||||
*
|
||||
* @param n the modulus.
|
||||
* @param e the public exponent.
|
||||
*/
|
||||
public GnuRSAPublicKey(final BigInteger n, final BigInteger e)
|
||||
{
|
||||
this(Registry.RAW_ENCODING_ID, n, e);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a new instance of <code>GnuRSAPublicKey</code> given the
|
||||
* designated arguments.
|
||||
*
|
||||
* @param preferredFormat the identifier of the preferred encoding format to
|
||||
* use when externalizing this key.
|
||||
* @param n the modulus.
|
||||
* @param e the public exponent.
|
||||
*/
|
||||
public GnuRSAPublicKey(int preferredFormat, BigInteger n, BigInteger e)
|
||||
{
|
||||
super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID
|
||||
: preferredFormat,
|
||||
n, e);
|
||||
}
|
||||
|
||||
// Class methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* A class method that takes the output of the <code>encodePublicKey()</code>
|
||||
* method of an RSA keypair codec object (an instance implementing
|
||||
* {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this
|
||||
* object.
|
||||
*
|
||||
* @param k the contents of a previously encoded instance of this object.
|
||||
* @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in
|
||||
* <code>k</code>, to represent a valid encoding of an instance
|
||||
* of this object.
|
||||
* @throws IllegalArgumentException if the byte sequence does not represent a
|
||||
* valid encoding of an instance of this object.
|
||||
*/
|
||||
public static GnuRSAPublicKey valueOf(final byte[] k)
|
||||
{
|
||||
// try RAW codec
|
||||
if (k[0] == Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0])
|
||||
try
|
||||
{
|
||||
return (GnuRSAPublicKey) new RSAKeyPairRawCodec().decodePublicKey(k);
|
||||
}
|
||||
catch (IllegalArgumentException ignored)
|
||||
{
|
||||
}
|
||||
|
||||
// try X.509 codec
|
||||
return (GnuRSAPublicKey) new RSAKeyPairX509Codec().decodePublicKey(k);
|
||||
}
|
||||
|
||||
// Instance methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* <p>Returns the encoded form of this public key according to the designated
|
||||
* format.</p>
|
||||
*
|
||||
* @param format the desired format identifier of the resulting encoding.
|
||||
* @return the byte sequence encoding this key according to the designated
|
||||
* format.
|
||||
* @throws IllegalArgumentException if the format is not supported.
|
||||
* @see RSAKeyPairRawCodec
|
||||
*/
|
||||
public byte[] getEncoded(final int format)
|
||||
{
|
||||
final byte[] result;
|
||||
switch (format)
|
||||
{
|
||||
case IKeyPairCodec.RAW_FORMAT:
|
||||
result = new RSAKeyPairRawCodec().encodePublicKey(this);
|
||||
break;
|
||||
case IKeyPairCodec.X509_FORMAT:
|
||||
result = new RSAKeyPairX509Codec().encodePublicKey(this);
|
||||
break;
|
||||
default:
|
||||
throw new IllegalArgumentException("Unsupported encoding format: "
|
||||
+ format);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns <code>true</code> if the designated object is an instance of
|
||||
* this class and has the same RSA parameter values as this one.</p>
|
||||
*
|
||||
* @param obj the other non-null RSA key to compare to.
|
||||
* @return <code>true</code> if the designated object is of the same type and
|
||||
* value as this one.
|
||||
*/
|
||||
public boolean equals(final Object obj)
|
||||
{
|
||||
if (obj == null)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
if (!(obj instanceof RSAPublicKey))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
final RSAPublicKey that = (RSAPublicKey) obj;
|
||||
return super.equals(that)
|
||||
&& getPublicExponent().equals(that.getPublicExponent());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,264 @@
|
||||
/* RSAKeyPairGenerator.java --
|
||||
Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is a part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
||||
USA
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.key.IKeyPairGenerator;
|
||||
import gnu.java.security.util.PRNG;
|
||||
import gnu.java.security.util.Prime2;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.KeyPair;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.spec.RSAKeyGenParameterSpec;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* <p>A key-pair generator for asymetric keys to use in conjunction with the RSA
|
||||
* scheme.</p>
|
||||
*
|
||||
* <p>Reference:</p>
|
||||
* <ol>
|
||||
* <li><a href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
|
||||
* RSA-PSS Signature Scheme with Appendix</a>, part B. Primitive
|
||||
* specification and supporting documentation. Jakob Jonsson and Burt Kaliski.
|
||||
* </li>
|
||||
* <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
|
||||
* Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
|
||||
* Vanstone. Section 11.3 RSA and related signature schemes.</li>
|
||||
* </ol>
|
||||
*/
|
||||
public class RSAKeyPairGenerator implements IKeyPairGenerator
|
||||
{
|
||||
|
||||
// Constants and variables
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/** The BigInteger constant 1. */
|
||||
private static final BigInteger ONE = BigInteger.ONE;
|
||||
|
||||
/** The BigInteger constant 2. */
|
||||
private static final BigInteger TWO = BigInteger.valueOf(2L);
|
||||
|
||||
/** Property name of the length (Integer) of the modulus of an RSA key. */
|
||||
public static final String MODULUS_LENGTH = "gnu.crypto.rsa.L";
|
||||
|
||||
/**
|
||||
* Property name of an optional {@link SecureRandom} instance to use. The
|
||||
* default is to use a classloader singleton from {@link PRNG}.
|
||||
*/
|
||||
public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.rsa.prng";
|
||||
|
||||
/**
|
||||
* Property name of an optional {@link RSAKeyGenParameterSpec} instance to
|
||||
* use for this generator's <code>n</code>, and <code>e</code> values. The
|
||||
* default is to generate <code>n</code> and use a fixed value for
|
||||
* <code>e</.code> (Fermat's F4 number).
|
||||
*/
|
||||
public static final String RSA_PARAMETERS = "gnu.crypto.rsa.params";
|
||||
|
||||
/**
|
||||
* Property name of the preferred encoding format to use when externalizing
|
||||
* generated instance of key-pairs from this generator. The property is taken
|
||||
* to be an {@link Integer} that encapsulates an encoding format identifier.
|
||||
*/
|
||||
public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.rsa.encoding";
|
||||
|
||||
/** Default value for the modulus length. */
|
||||
private static final int DEFAULT_MODULUS_LENGTH = 1024;
|
||||
|
||||
/** Default encoding format to use when none was specified. */
|
||||
private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID;
|
||||
|
||||
/** The desired bit length of the modulus. */
|
||||
private int L;
|
||||
|
||||
/**
|
||||
* This implementation uses, by default, Fermat's F4 number as the public
|
||||
* exponent.
|
||||
*/
|
||||
private BigInteger e = BigInteger.valueOf(65537L);
|
||||
|
||||
/** The optional {@link SecureRandom} instance to use. */
|
||||
private SecureRandom rnd = null;
|
||||
|
||||
/** Our default source of randomness. */
|
||||
private PRNG prng = null;
|
||||
|
||||
/** Preferred encoding format of generated keys. */
|
||||
private int preferredFormat;
|
||||
|
||||
// Constructor(s)
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// implicit 0-arguments constructor
|
||||
|
||||
// Class methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// gnu.crypto.key.IKeyPairGenerator interface implementation ---------------
|
||||
|
||||
public String name()
|
||||
{
|
||||
return Registry.RSA_KPG;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Configures this instance.</p>
|
||||
*
|
||||
* @param attributes the map of name/value pairs to use.
|
||||
* @exception IllegalArgumentException if the designated MODULUS_LENGTH
|
||||
* value is less than 1024.
|
||||
*/
|
||||
public void setup(Map attributes)
|
||||
{
|
||||
// do we have a SecureRandom, or should we use our own?
|
||||
rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
|
||||
|
||||
// are we given a set of RSA params or we shall use our own?
|
||||
RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) attributes.get(RSA_PARAMETERS);
|
||||
|
||||
// find out the modulus length
|
||||
if (params != null)
|
||||
{
|
||||
L = params.getKeysize();
|
||||
e = params.getPublicExponent();
|
||||
}
|
||||
else
|
||||
{
|
||||
Integer l = (Integer) attributes.get(MODULUS_LENGTH);
|
||||
L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue());
|
||||
}
|
||||
|
||||
if (L < 1024)
|
||||
{
|
||||
throw new IllegalArgumentException(MODULUS_LENGTH);
|
||||
}
|
||||
|
||||
// what is the preferred encoding format
|
||||
Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
|
||||
preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
|
||||
: formatID.intValue();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>The algorithm used here is described in <i>nessie-pss-B.pdf</i>
|
||||
* document which is part of the RSA-PSS submission to NESSIE.</p>
|
||||
*
|
||||
* @return an RSA keypair.
|
||||
*/
|
||||
public KeyPair generate()
|
||||
{
|
||||
BigInteger p, q, n, d;
|
||||
|
||||
// 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where
|
||||
// M = CEILING(L/2), and such that GCD(p, e) = 1
|
||||
int M = (L + 1) / 2;
|
||||
BigInteger lower = TWO.pow(M - 1);
|
||||
BigInteger upper = TWO.pow(M).subtract(ONE);
|
||||
byte[] kb = new byte[(M + 7) / 8]; // enough bytes to frame M bits
|
||||
step1: while (true)
|
||||
{
|
||||
nextRandomBytes(kb);
|
||||
p = new BigInteger(1, kb).setBit(0);
|
||||
if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0
|
||||
&& Prime2.isProbablePrime(p) && p.gcd(e).equals(ONE))
|
||||
{
|
||||
break step1;
|
||||
}
|
||||
}
|
||||
|
||||
// 2. Generate a prime q such that the product of p and q is an L-bit
|
||||
// number, and such that GCD(q, e) = 1
|
||||
step2: while (true)
|
||||
{
|
||||
nextRandomBytes(kb);
|
||||
q = new BigInteger(1, kb).setBit(0);
|
||||
n = p.multiply(q);
|
||||
if (n.bitLength() == L && Prime2.isProbablePrime(q)
|
||||
&& q.gcd(e).equals(ONE))
|
||||
{
|
||||
break step2;
|
||||
}
|
||||
|
||||
// TODO: test for p != q
|
||||
}
|
||||
|
||||
// TODO: ensure p < q
|
||||
|
||||
// 3. Put n = pq. The public key is (n, e).
|
||||
// 4. Compute the parameters necessary for the private key K (see
|
||||
// Section 2.2).
|
||||
BigInteger phi = p.subtract(ONE).multiply(q.subtract(ONE));
|
||||
d = e.modInverse(phi);
|
||||
|
||||
// 5. Output the public key and the private key.
|
||||
PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e);
|
||||
PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d);
|
||||
|
||||
return new KeyPair(pubK, secK);
|
||||
}
|
||||
|
||||
// helper methods ----------------------------------------------------------
|
||||
|
||||
/**
|
||||
* <p>Fills the designated byte array with random data.</p>
|
||||
*
|
||||
* @param buffer the byte array to fill with random data.
|
||||
*/
|
||||
private void nextRandomBytes(byte[] buffer)
|
||||
{
|
||||
if (rnd != null)
|
||||
{
|
||||
rnd.nextBytes(buffer);
|
||||
}
|
||||
else
|
||||
getDefaultPRNG().nextBytes(buffer);
|
||||
}
|
||||
|
||||
private PRNG getDefaultPRNG()
|
||||
{
|
||||
if (prng == null)
|
||||
prng = PRNG.getInstance();
|
||||
|
||||
return prng;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,284 @@
|
||||
/* RSAKeyPairPKCS8Codec.java -- PKCS#8 Encoding/Decoding handler
|
||||
Copyright (C) 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.security.InvalidParameterException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.util.ArrayList;
|
||||
|
||||
import gnu.java.security.OID;
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.der.DER;
|
||||
import gnu.java.security.der.DERReader;
|
||||
import gnu.java.security.der.DERValue;
|
||||
import gnu.java.security.der.DERWriter;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
import gnu.java.security.util.DerUtil;
|
||||
|
||||
/**
|
||||
* An implementation of an {@link IKeyPairCodec} that knows how to encode /
|
||||
* decode PKCS#8 ASN.1 external representation of RSA private keys.
|
||||
*/
|
||||
public class RSAKeyPairPKCS8Codec
|
||||
implements IKeyPairCodec
|
||||
{
|
||||
private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING);
|
||||
|
||||
// implicit 0-arguments constructor
|
||||
|
||||
public int getFormatID()
|
||||
{
|
||||
return PKCS8_FORMAT;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws InvalidParameterException ALWAYS.
|
||||
*/
|
||||
public byte[] encodePublicKey(PublicKey key)
|
||||
{
|
||||
throw new InvalidParameterException("Wrong format for public keys");
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the PKCS#8 ASN.1 <i>PrivateKeyInfo</i> representation of an RSA
|
||||
* private key. The ASN.1 specification is as follows:
|
||||
*
|
||||
* <pre>
|
||||
* PrivateKeyInfo ::= SEQUENCE {
|
||||
* version INTEGER, -- MUST be 0
|
||||
* privateKeyAlgorithm AlgorithmIdentifier,
|
||||
* privateKey OCTET STRING
|
||||
* }
|
||||
*
|
||||
* AlgorithmIdentifier ::= SEQUENCE {
|
||||
* algorithm OBJECT IDENTIFIER,
|
||||
* parameters ANY DEFINED BY algorithm OPTIONAL
|
||||
* }
|
||||
* </pre>
|
||||
*
|
||||
* <p>The <i>privateKey</i> field, which is an OCTET STRING, contains the
|
||||
* DER-encoded form of the RSA private key defined as:</p>
|
||||
*
|
||||
* <pre>
|
||||
* RSAPrivateKey ::= SEQUENCE {
|
||||
* version INTEGER, -- MUST be 0
|
||||
* modulus INTEGER, -- n
|
||||
* publicExponent INTEGER, -- e
|
||||
* privateExponent INTEGER, -- d
|
||||
* prime1 INTEGER, -- p
|
||||
* prime2 INTEGER, -- q
|
||||
* exponent1 INTEGER, -- d mod (p-1)
|
||||
* exponent2 INTEGER, -- d mod (q-1)
|
||||
* coefficient INTEGER, -- (inverse of q) mod p
|
||||
* }
|
||||
* </pre>
|
||||
*
|
||||
* @return the DER encoded form of the ASN.1 representation of the
|
||||
* <i>PrivateKeyInfo</i> field for an RSA {@link PrivateKey}..
|
||||
* @throw InvalidParameterException if an error occurs during the marshalling
|
||||
* process.
|
||||
*/
|
||||
public byte[] encodePrivateKey(PrivateKey key)
|
||||
{
|
||||
if (! (key instanceof GnuRSAPrivateKey))
|
||||
throw new InvalidParameterException("Wrong key type");
|
||||
|
||||
GnuRSAPrivateKey pk = (GnuRSAPrivateKey) key;
|
||||
BigInteger n = pk.getN();
|
||||
BigInteger e = pk.getE();
|
||||
BigInteger d = pk.getPrivateExponent();
|
||||
BigInteger p = pk.getPrimeP();
|
||||
BigInteger q = pk.getPrimeQ();
|
||||
BigInteger dP = pk.getPrimeExponentP();
|
||||
BigInteger dQ = pk.getPrimeExponentQ();
|
||||
BigInteger qInv = pk.getCrtCoefficient();
|
||||
|
||||
DERValue derVersion = new DERValue(DER.INTEGER, BigInteger.ZERO);
|
||||
|
||||
DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID);
|
||||
|
||||
ArrayList algorithmID = new ArrayList(1);
|
||||
algorithmID.add(derOID);
|
||||
DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
|
||||
algorithmID);
|
||||
|
||||
DERValue derRSAVersion = new DERValue(DER.INTEGER, BigInteger.ZERO);
|
||||
DERValue derN = new DERValue(DER.INTEGER, n);
|
||||
DERValue derE = new DERValue(DER.INTEGER, e);
|
||||
DERValue derD = new DERValue(DER.INTEGER, d);
|
||||
DERValue derP = new DERValue(DER.INTEGER, p);
|
||||
DERValue derQ = new DERValue(DER.INTEGER, q);
|
||||
DERValue derDP = new DERValue(DER.INTEGER, dP);
|
||||
DERValue derDQ = new DERValue(DER.INTEGER, dQ);
|
||||
DERValue derQInv = new DERValue(DER.INTEGER, qInv);
|
||||
|
||||
ArrayList rsaPrivateKey = new ArrayList();
|
||||
rsaPrivateKey.add(derRSAVersion);
|
||||
rsaPrivateKey.add(derN);
|
||||
rsaPrivateKey.add(derE);
|
||||
rsaPrivateKey.add(derD);
|
||||
rsaPrivateKey.add(derP);
|
||||
rsaPrivateKey.add(derQ);
|
||||
rsaPrivateKey.add(derDP);
|
||||
rsaPrivateKey.add(derDQ);
|
||||
rsaPrivateKey.add(derQInv);
|
||||
DERValue derRSAPrivateKey = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
|
||||
rsaPrivateKey);
|
||||
byte[] pkBytes = derRSAPrivateKey.getEncoded();
|
||||
DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, pkBytes);
|
||||
|
||||
ArrayList pki = new ArrayList(3);
|
||||
pki.add(derVersion);
|
||||
pki.add(derAlgorithmID);
|
||||
pki.add(derPrivateKey);
|
||||
DERValue derPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, pki);
|
||||
|
||||
byte[] result;
|
||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||
try
|
||||
{
|
||||
DERWriter.write(baos, derPKI);
|
||||
result = baos.toByteArray();
|
||||
}
|
||||
catch (IOException x)
|
||||
{
|
||||
InvalidParameterException y = new InvalidParameterException();
|
||||
y.initCause(x);
|
||||
throw y;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws InvalidParameterException ALWAYS.
|
||||
*/
|
||||
public PublicKey decodePublicKey(byte[] input)
|
||||
{
|
||||
throw new InvalidParameterException("Wrong format for public keys");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param input the byte array to unmarshall into a valid RSA
|
||||
* {@link PrivateKey} instance. MUST NOT be null.
|
||||
* @return a new instance of a {@link GnuRSAPrivateKey} decoded from the
|
||||
* <i>PrivateKeyInfo</i> material fed as <code>input</code>.
|
||||
* @throw InvalidParameterException if an exception occurs during the
|
||||
* unmarshalling process.
|
||||
*/
|
||||
public PrivateKey decodePrivateKey(byte[] input)
|
||||
{
|
||||
if (input == null)
|
||||
throw new InvalidParameterException("Input bytes MUST NOT be null");
|
||||
|
||||
BigInteger version, n, e, d, p, q, dP, dQ, qInv;
|
||||
DERReader der = new DERReader(input);
|
||||
try
|
||||
{
|
||||
DERValue derPKI = der.read();
|
||||
DerUtil.checkIsConstructed(derPKI, "Wrong PrivateKeyInfo field");
|
||||
|
||||
DERValue derVersion = der.read();
|
||||
DerUtil.checkIsBigInteger(derVersion, "Wrong Version field");
|
||||
version = (BigInteger) derVersion.getValue();
|
||||
if (version.compareTo(BigInteger.ZERO) != 0)
|
||||
throw new InvalidParameterException("Unexpected Version: " + version);
|
||||
|
||||
DERValue derAlgoritmID = der.read();
|
||||
DerUtil.checkIsConstructed(derAlgoritmID, "Wrong AlgorithmIdentifier field");
|
||||
|
||||
DERValue derOID = der.read();
|
||||
OID algOID = (OID) derOID.getValue();
|
||||
if (! algOID.equals(RSA_ALG_OID))
|
||||
throw new InvalidParameterException("Unexpected OID: " + algOID);
|
||||
|
||||
DERValue val = der.read();
|
||||
byte[] pkBytes = (byte[]) val.getValue();
|
||||
|
||||
der = new DERReader(pkBytes);
|
||||
DERValue derRSAPrivateKey = der.read();
|
||||
DerUtil.checkIsConstructed(derRSAPrivateKey, "Wrong RSAPrivateKey field");
|
||||
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong RSAPrivateKey Version field");
|
||||
version = (BigInteger) val.getValue();
|
||||
if (version.compareTo(BigInteger.ZERO) != 0)
|
||||
throw new InvalidParameterException("Unexpected RSAPrivateKey Version: "
|
||||
+ version);
|
||||
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong modulus field");
|
||||
n = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong publicExponent field");
|
||||
e = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong privateExponent field");
|
||||
d = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong prime1 field");
|
||||
p = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong prime2 field");
|
||||
q = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong exponent1 field");
|
||||
dP = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong exponent2 field");
|
||||
dQ = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong coefficient field");
|
||||
qInv = (BigInteger) val.getValue();
|
||||
}
|
||||
catch (IOException x)
|
||||
{
|
||||
InvalidParameterException y = new InvalidParameterException();
|
||||
y.initCause(x);
|
||||
throw y;
|
||||
}
|
||||
|
||||
return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, d, p, q,
|
||||
dP, dQ, qInv);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,332 @@
|
||||
/* RSAKeyPairRawCodec.java --
|
||||
Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is a part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; if not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
||||
USA
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.math.BigInteger;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
|
||||
/**
|
||||
* <p>An object that implements the {@link IKeyPairCodec} interface for the
|
||||
* <i>Raw</i> format to use with RSA keypairs.</p>
|
||||
*
|
||||
* @version $Revision: 1.1 $
|
||||
*/
|
||||
public class RSAKeyPairRawCodec implements IKeyPairCodec
|
||||
{
|
||||
|
||||
// Constants and variables
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// Constructor(s)
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// implicit 0-arguments constructor
|
||||
|
||||
// Class methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// Instance methods
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
// gnu.crypto.key.IKeyPairCodec interface implementation -------------------
|
||||
|
||||
public int getFormatID()
|
||||
{
|
||||
return RAW_FORMAT;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns the encoded form of the designated RSA public key according to
|
||||
* the <i>Raw</i> format supported by this library.</p>
|
||||
*
|
||||
* <p>The <i>Raw</i> format for an RSA public key, in this implementation, is
|
||||
* a byte sequence consisting of the following:</p>
|
||||
*
|
||||
* <ol>
|
||||
* <li>4-byte magic consisting of the value of the literal
|
||||
* {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},<li>
|
||||
* <li>1-byte version consisting of the constant: 0x01,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>n</code> (the modulus) in internet order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>n</code>,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>e</code> (the public exponent) in internet order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>e</code>.</li>
|
||||
* </ol>
|
||||
*
|
||||
* @param key the key to encode.
|
||||
* @return the <i>Raw</i> format encoding of the designated key.
|
||||
* @exception IllegalArgumentException if the designated key is not an RSA
|
||||
* one.
|
||||
*/
|
||||
public byte[] encodePublicKey(PublicKey key)
|
||||
{
|
||||
if (!(key instanceof GnuRSAPublicKey))
|
||||
{
|
||||
throw new IllegalArgumentException("key");
|
||||
}
|
||||
|
||||
GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key;
|
||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||
|
||||
// magic
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3]);
|
||||
|
||||
// version
|
||||
baos.write(0x01);
|
||||
|
||||
// n
|
||||
byte[] buffer = rsaKey.getModulus().toByteArray();
|
||||
int length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
// e
|
||||
buffer = rsaKey.getPublicExponent().toByteArray();
|
||||
length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
return baos.toByteArray();
|
||||
}
|
||||
|
||||
public PublicKey decodePublicKey(byte[] k)
|
||||
{
|
||||
// magic
|
||||
if (k[0] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]
|
||||
|| k[1] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]
|
||||
|| k[2] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]
|
||||
|| k[3] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3])
|
||||
{
|
||||
throw new IllegalArgumentException("magic");
|
||||
}
|
||||
|
||||
// version
|
||||
if (k[4] != 0x01)
|
||||
{
|
||||
throw new IllegalArgumentException("version");
|
||||
}
|
||||
int i = 5;
|
||||
|
||||
int l;
|
||||
byte[] buffer;
|
||||
|
||||
// n
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger n = new BigInteger(1, buffer);
|
||||
|
||||
// e
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger e = new BigInteger(1, buffer);
|
||||
|
||||
return new GnuRSAPublicKey(n, e);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns the encoded form of the designated RSA private key according to
|
||||
* the <i>Raw</i> format supported by this library.</p>
|
||||
*
|
||||
* <p>The <i>Raw</i> format for an RSA private key, in this implementation,
|
||||
* is a byte sequence consisting of the following:</p>
|
||||
*
|
||||
* <ol>
|
||||
* <li>4-byte magic consisting of the value of the literal
|
||||
* {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},<li>
|
||||
* <li>1-byte version consisting of the constant: 0x01,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>p</code> (the first prime factor of the modulus) in internet
|
||||
* order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>p</code>,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>q</code> (the second prime factor of the modulus) in internet
|
||||
* order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>q</code>,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>e</code> (the public exponent) in internet order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>e</code>,</li>
|
||||
* <li>4-byte count of following bytes representing the RSA parameter
|
||||
* <code>d</code> (the private exponent) in internet order,</li>
|
||||
* <li>n-bytes representation of a {@link BigInteger} obtained by invoking
|
||||
* the <code>toByteArray()</code> method on the RSA parameter <code>d</code>,</li>
|
||||
* </ol>
|
||||
*
|
||||
* @param key the key to encode.
|
||||
* @return the <i>Raw</i> format encoding of the designated key.
|
||||
*/
|
||||
public byte[] encodePrivateKey(PrivateKey key)
|
||||
{
|
||||
if (!(key instanceof GnuRSAPrivateKey))
|
||||
{
|
||||
throw new IllegalArgumentException("key");
|
||||
}
|
||||
|
||||
GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key;
|
||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||
|
||||
// magic
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]);
|
||||
baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3]);
|
||||
|
||||
// version
|
||||
baos.write(0x01);
|
||||
|
||||
// p
|
||||
byte[] buffer = rsaKey.getPrimeP().toByteArray();
|
||||
int length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
// q
|
||||
buffer = rsaKey.getPrimeQ().toByteArray();
|
||||
length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
// e
|
||||
buffer = rsaKey.getPublicExponent().toByteArray();
|
||||
length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
// d
|
||||
buffer = rsaKey.getPrivateExponent().toByteArray();
|
||||
length = buffer.length;
|
||||
baos.write(length >>> 24);
|
||||
baos.write((length >>> 16) & 0xFF);
|
||||
baos.write((length >>> 8) & 0xFF);
|
||||
baos.write(length & 0xFF);
|
||||
baos.write(buffer, 0, length);
|
||||
|
||||
return baos.toByteArray();
|
||||
}
|
||||
|
||||
public PrivateKey decodePrivateKey(byte[] k)
|
||||
{
|
||||
// magic
|
||||
if (k[0] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]
|
||||
|| k[1] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]
|
||||
|| k[2] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]
|
||||
|| k[3] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3])
|
||||
{
|
||||
throw new IllegalArgumentException("magic");
|
||||
}
|
||||
|
||||
// version
|
||||
if (k[4] != 0x01)
|
||||
{
|
||||
throw new IllegalArgumentException("version");
|
||||
}
|
||||
int i = 5;
|
||||
|
||||
int l;
|
||||
byte[] buffer;
|
||||
|
||||
// p
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger p = new BigInteger(1, buffer);
|
||||
|
||||
// q
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger q = new BigInteger(1, buffer);
|
||||
|
||||
// e
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger e = new BigInteger(1, buffer);
|
||||
|
||||
// d
|
||||
l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
|
||||
| (k[i++] & 0xFF);
|
||||
buffer = new byte[l];
|
||||
System.arraycopy(k, i, buffer, 0, l);
|
||||
i += l;
|
||||
BigInteger d = new BigInteger(1, buffer);
|
||||
|
||||
return new GnuRSAPrivateKey(p, q, e, d);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,248 @@
|
||||
/* RSAKeyPairX509Codec.java -- X.509 Encoding/Decoding handler
|
||||
Copyright (C) 2006 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package gnu.java.security.key.rsa;
|
||||
|
||||
import gnu.java.security.OID;
|
||||
import gnu.java.security.Registry;
|
||||
import gnu.java.security.der.BitString;
|
||||
import gnu.java.security.der.DER;
|
||||
import gnu.java.security.der.DERReader;
|
||||
import gnu.java.security.der.DERValue;
|
||||
import gnu.java.security.der.DERWriter;
|
||||
import gnu.java.security.key.IKeyPairCodec;
|
||||
import gnu.java.security.util.DerUtil;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.security.InvalidParameterException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.util.ArrayList;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
/**
|
||||
* An implementation of an {@link IKeyPairCodec} that knows how to encode /
|
||||
* decode X.509 ASN.1 external representation of RSA public keys.
|
||||
*/
|
||||
public class RSAKeyPairX509Codec
|
||||
implements IKeyPairCodec
|
||||
{
|
||||
private static final Logger log = Logger.getLogger(RSAKeyPairX509Codec.class.getName());
|
||||
private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING);
|
||||
|
||||
// implicit 0-arguments constructor
|
||||
|
||||
public int getFormatID()
|
||||
{
|
||||
return X509_FORMAT;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the X.509 ASN.1 <i>SubjectPublicKeyInfo</i> representation of an
|
||||
* RSA public key. The ASN.1 specification, as defined in RFC-3280, and
|
||||
* RFC-2459, is as follows:
|
||||
*
|
||||
* <pre>
|
||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
||||
* algorithm AlgorithmIdentifier,
|
||||
* subjectPublicKey BIT STRING
|
||||
* }
|
||||
*
|
||||
* AlgorithmIdentifier ::= SEQUENCE {
|
||||
* algorithm OBJECT IDENTIFIER,
|
||||
* parameters ANY DEFINED BY algorithm OPTIONAL
|
||||
* }
|
||||
* </pre>
|
||||
* <p>
|
||||
* As indicated in RFC-2459: "The parameters field shall have ASN.1 type NULL
|
||||
* for this algorithm identifier.".
|
||||
* <p>
|
||||
* The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
|
||||
* DER-encoded form of the RSA public key defined as:
|
||||
*
|
||||
* <pre>
|
||||
* RSAPublicKey ::= SEQUENCE {
|
||||
* modulus INTEGER, -- n
|
||||
* publicExponent INTEGER -- e
|
||||
* }
|
||||
* </pre>
|
||||
*
|
||||
* @param key the {@link PublicKey} instance to encode. MUST be an instance of
|
||||
* {@link GnuRSAPublicKey}.
|
||||
* @return the ASN.1 representation of the <i>SubjectPublicKeyInfo</i> in an
|
||||
* X.509 certificate.
|
||||
* @throw InvalidParameterException if <code>key</code> is not an instance
|
||||
* of {@link GnuRSAPublicKey} or if an exception occurs during the
|
||||
* marshalling process.
|
||||
*/
|
||||
public byte[] encodePublicKey(PublicKey key)
|
||||
{
|
||||
log.entering(this.getClass().getName(), "encodePublicKey()", key);
|
||||
|
||||
if (! (key instanceof GnuRSAPublicKey))
|
||||
throw new InvalidParameterException("key");
|
||||
|
||||
DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID);
|
||||
|
||||
GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key;
|
||||
BigInteger n = rsaKey.getN();
|
||||
BigInteger e = rsaKey.getE();
|
||||
|
||||
DERValue derN = new DERValue(DER.INTEGER, n);
|
||||
DERValue derE = new DERValue(DER.INTEGER, e);
|
||||
|
||||
ArrayList algorithmID = new ArrayList(1);
|
||||
algorithmID.add(derOID);
|
||||
DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
|
||||
algorithmID);
|
||||
|
||||
ArrayList publicKey = new ArrayList(2);
|
||||
publicKey.add(derN);
|
||||
publicKey.add(derE);
|
||||
DERValue derPublicKey = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
|
||||
publicKey);
|
||||
byte[] spkBytes = derPublicKey.getEncoded();
|
||||
DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(spkBytes));
|
||||
|
||||
ArrayList spki = new ArrayList(2);
|
||||
spki.add(derAlgorithmID);
|
||||
spki.add(derSPK);
|
||||
DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki);
|
||||
|
||||
byte[] result;
|
||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||
try
|
||||
{
|
||||
DERWriter.write(baos, derSPKI);
|
||||
result = baos.toByteArray();
|
||||
}
|
||||
catch (IOException x)
|
||||
{
|
||||
InvalidParameterException y = new InvalidParameterException();
|
||||
y.initCause(x);
|
||||
throw y;
|
||||
}
|
||||
|
||||
log.exiting(this.getClass().getName(), "encodePublicKey()", result);
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws InvalidParameterException ALWAYS.
|
||||
*/
|
||||
public byte[] encodePrivateKey(PrivateKey key)
|
||||
{
|
||||
throw new InvalidParameterException("Wrong format for private keys");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param input the byte array to unmarshall into a valid RSA
|
||||
* {@link PublicKey} instance. MUST NOT be null.
|
||||
* @return a new instance of a {@link GnuRSAPublicKey} decoded from the
|
||||
* <i>SubjectPublicKeyInfo</i> material in an X.509 certificate.
|
||||
* @throw InvalidParameterException if an exception occurs during the
|
||||
* unmarshalling process.
|
||||
*/
|
||||
public PublicKey decodePublicKey(byte[] input)
|
||||
{
|
||||
log.entering(this.getClass().getName(), "decodePublicKey()", input);
|
||||
|
||||
if (input == null)
|
||||
throw new InvalidParameterException("Input bytes MUST NOT be null");
|
||||
|
||||
BigInteger n, e;
|
||||
DERReader der = new DERReader(input);
|
||||
try
|
||||
{
|
||||
DERValue derSPKI = der.read();
|
||||
DerUtil.checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field");
|
||||
|
||||
DERValue derAlgorithmID = der.read();
|
||||
DerUtil.checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field");
|
||||
|
||||
DERValue derOID = der.read();
|
||||
if (! (derOID.getValue() instanceof OID))
|
||||
throw new InvalidParameterException("Wrong Algorithm field");
|
||||
|
||||
OID algOID = (OID) derOID.getValue();
|
||||
if (! algOID.equals(RSA_ALG_OID))
|
||||
throw new InvalidParameterException("Unexpected OID: " + algOID);
|
||||
|
||||
// rfc-2459 states that this field is OPTIONAL but NULL if/when present
|
||||
DERValue val = der.read();
|
||||
if (val.getTag() == DER.NULL)
|
||||
val = der.read();
|
||||
|
||||
if (! (val.getValue() instanceof BitString))
|
||||
throw new InvalidParameterException("Wrong SubjectPublicKey field");
|
||||
|
||||
byte[] spkBytes = ((BitString) val.getValue()).toByteArray();
|
||||
|
||||
der = new DERReader(spkBytes);
|
||||
val = der.read();
|
||||
DerUtil.checkIsConstructed(derAlgorithmID, "Wrong subjectPublicKey field");
|
||||
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong modulus field");
|
||||
n = (BigInteger) val.getValue();
|
||||
val = der.read();
|
||||
DerUtil.checkIsBigInteger(val, "Wrong publicExponent field");
|
||||
e = (BigInteger) val.getValue();
|
||||
}
|
||||
catch (IOException x)
|
||||
{
|
||||
InvalidParameterException y = new InvalidParameterException();
|
||||
y.initCause(x);
|
||||
throw y;
|
||||
}
|
||||
|
||||
PublicKey result = new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e);
|
||||
log.exiting(this.getClass().getName(), "decodePublicKey()", result);
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws InvalidParameterException ALWAYS.
|
||||
*/
|
||||
public PrivateKey decodePrivateKey(byte[] input)
|
||||
{
|
||||
throw new InvalidParameterException("Wrong format for private keys");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user