From 11a56217114c8a391aa3d8bd274df8553d03633f Mon Sep 17 00:00:00 2001 From: "Aaron M. Renn" Date: Sun, 18 Jul 1999 21:36:51 +0000 Subject: Initial checkin of Mark Benvenuto's security code --- gnu/java/security/der/DEREncodingException.java | 34 ++ gnu/java/security/provider/DERReader.java | 115 ++++++ gnu/java/security/provider/DERWriter.java | 105 +++++ .../security/provider/DSAKeyPairGenerator.java | 153 ++++++++ .../security/provider/DSAParameterGenerator.java | 109 ++++++ gnu/java/security/provider/DSAParameters.java | 121 ++++++ gnu/java/security/provider/DSASignature.java | 211 ++++++++++ gnu/java/security/provider/Gnu.java | 71 ++++ gnu/java/security/provider/GnuDSAPrivateKey.java | 66 ++++ gnu/java/security/provider/GnuDSAPublicKey.java | 66 ++++ gnu/java/security/provider/MD5.java | 316 +++++++++++++++ gnu/java/security/provider/SHA.java | 427 +++++++++++---------- gnu/java/security/provider/SHA1PRNG.java | 100 +++++ gnu/java/security/util/Prime.java | 145 +++++++ 14 files changed, 1828 insertions(+), 211 deletions(-) create mode 100644 gnu/java/security/der/DEREncodingException.java create mode 100644 gnu/java/security/provider/DERReader.java create mode 100644 gnu/java/security/provider/DERWriter.java create mode 100644 gnu/java/security/provider/DSAKeyPairGenerator.java create mode 100644 gnu/java/security/provider/DSAParameterGenerator.java create mode 100644 gnu/java/security/provider/DSAParameters.java create mode 100644 gnu/java/security/provider/DSASignature.java create mode 100644 gnu/java/security/provider/Gnu.java create mode 100644 gnu/java/security/provider/GnuDSAPrivateKey.java create mode 100644 gnu/java/security/provider/GnuDSAPublicKey.java create mode 100644 gnu/java/security/provider/MD5.java create mode 100644 gnu/java/security/provider/SHA1PRNG.java create mode 100644 gnu/java/security/util/Prime.java (limited to 'gnu/java') diff --git a/gnu/java/security/der/DEREncodingException.java b/gnu/java/security/der/DEREncodingException.java new file mode 100644 index 000000000..ef3ed464a --- /dev/null +++ b/gnu/java/security/der/DEREncodingException.java @@ -0,0 +1,34 @@ +/* DEREncodingException.java --- DER Encoding Exception + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.der; + +public class DEREncodingException extends Exception +{ + +public DEREncodingException() +{ + super(); +} + +public DEREncodingException(String msg) +{ + super(msg); +} + +} diff --git a/gnu/java/security/provider/DERReader.java b/gnu/java/security/provider/DERReader.java new file mode 100644 index 000000000..66645e69e --- /dev/null +++ b/gnu/java/security/provider/DERReader.java @@ -0,0 +1,115 @@ +package gnu.java.security.provider; + +import java.math.BigInteger; +import gnu.java.security.der.DEREncodingException; + +public class DERReader +{ +byte source[]; +int pos; + +static final int UNIVERSAL = 1; +static final int APPLICATION = 2; +static final int CONTEXT_SPECIFIC = 3; +static final int PRIVATE = 4; + + +public DERReader() +{ + source = null; + pos = 0; +} + +public DERReader( byte source[] ) +{ + init( source ); +} + +public void init( String source ) +{ + init( source.getBytes() ); +} + +public void init( byte source[] ) +{ + this.source = source; + pos = 0; +} + +public BigInteger getBigInteger() throws DEREncodingException +{ + return new BigInteger( getPrimitive() ); +} + +//Reads Primitive, definite-length method +private byte[] getPrimitive() throws DEREncodingException +{ + int tmp = pos; + + //Read Identifier + byte identifier = source[tmp++]; + if( (0x20 & identifier) != 0) + throw new DEREncodingException(); + int type = translateLeadIdentifierByte(identifier); + //System.out.println("Type: " + type); + + //get tag + int tag = (0x1f & identifier); + //if( tag == 0x1f) + // tag = getIdentifier(tmp); + //System.out.println("Tag: " + tag); + + //get length + byte len = source[tmp]; //may be length of length parameter + long length = 0x7f & len; + int i; + if( (0x80 & len) != 0 ) { + //System.out.println("Extra Long Length"); + len &= 0x7f; + //System.out.println("Length of Length: " + len); + //get length here + length = 0; + for( i = 0; i < len; i++ ) { + tmp++; + length <<= 8; + length += (source[tmp] < 0 ) ? + (256 + source[tmp]) : + source[tmp]; + //System.out.println("Length of Length: " + length); + } + tmp++; + } else + tmp++; + + /*System.out.println("Position: " + tmp); + System.out.println("Length: " + length); + for( i = 0; i < 10; i++) + System.out.print(source[tmp + i] + " "); + System.out.println();*/ + + byte tmpb[] = new byte[ (int)length ]; + System.arraycopy( source, tmp, tmpb, 0, (int)length); + pos = (int)(tmp + length); + return tmpb; +} + +private int translateLeadIdentifierByte(byte b) +{ + if( (0x3f & b ) == b) + return UNIVERSAL; + else if( (0x7f & b ) == b) + return APPLICATION; + else if( (0xbf & b ) == b) + return CONTEXT_SPECIFIC; + else + return PRIVATE; +} + +private int getIdentifier(int tpos) +{ + while( (0x80 & source[tpos]) != 0) + tpos++; + return tpos; +} + +} diff --git a/gnu/java/security/provider/DERWriter.java b/gnu/java/security/provider/DERWriter.java new file mode 100644 index 000000000..037274d1e --- /dev/null +++ b/gnu/java/security/provider/DERWriter.java @@ -0,0 +1,105 @@ +package gnu.java.security.provider; + +import java.math.BigInteger; + +public class DERWriter +{ + +static final int UNIVERSAL = 1; +static final int APPLICATION = 2; +static final int CONTEXT_SPECIFIC = 3; +static final int PRIVATE = 4; + +public DERWriter() +{} + +public byte[] writeBigInteger( BigInteger i) +{ + return writePrimitive( 0x02, UNIVERSAL, (int)Math.ceil((double)i.bitLength() / 8), i.toByteArray() ); +} + +private byte[] writePrimitive( int identifier, int identifierencoding, + int length, byte contents[]) +{ + return joinarrays( generateIdentifier( identifier, identifierencoding ), generateLength( length ), contents); +} + +public byte[] joinarrays( byte a[], byte b[]) +{ + byte d[] = new byte[ a.length + b.length]; + System.arraycopy( a, 0, d, 0, a.length); + System.arraycopy( b, 0, d, a.length, b.length); + return d; +} + +public byte[] joinarrays( byte a[], byte b[], byte c[]) +{ + byte d[] = new byte[ a.length + b.length + c.length]; + System.arraycopy( a, 0, d, 0, a.length); + System.arraycopy( b, 0, d, a.length, b.length); + System.arraycopy( c, 0, d, a.length + b.length, c.length); + return d; +} + +private byte[] generateIdentifier(int identifier, + int identifierencoding) +{ + byte b[]; + if( identifier > 31 ) { + int count = (int)(Math.log( identifier ) / Math.log( 256 )); + b = new byte[ count + 1 ]; + b[0] = (byte)(translateLeadIdentifierByte(identifierencoding) + | 0x1f); + int i; + for( i = 1; i < (count + 1); i++) { + b[i] = (byte)(0x7f & ( identifier >> (7 * (count - i)) )); + b[i] |= 0x80; + } + b[i - 1] ^= 0x80; + //System.out.println("Identifier1: " + b[0]); + return b; + } else { + b = new byte[1]; + b[0] = (byte)((translateLeadIdentifierByte(identifierencoding) + | (byte)( identifier & 0x1f )) & 0xdf); + //System.out.println("Identifier2: " + b[0]); + return b; + } +} + +private byte translateLeadIdentifierByte(int b) +{ + if( b == UNIVERSAL) + return (byte)0x3f; + else if( b == APPLICATION) + return (byte)0x7f; + else if( b == CONTEXT_SPECIFIC) + return (byte)0xbf; + else + return (byte)0xC0; +} + +private byte[] generateLength( int length ) +{ + byte b[]; + if( length > 127 ) { + int count = (int)Math.ceil(Math.log( length ) / Math.log( 256 )); + //System.out.println("Length byte count: " + count); + b = new byte[ count + 1 ]; + b[0] = (byte)((count & 0x7f) | 0x80); + for( int i = 1; i < (count + 1); i++) { + b[i] = (byte)( length >>> (8 * ( count - i) )); + //System.out.println("Length1 byte1: " + (length >>> (8 * ( count - i) ))); + //System.out.println("Length1 byte2: " + b[i]); + } + + //System.out.println("Length1: " + length); + return b; + } else { + b = new byte[1]; + b[0] = (byte)( length & 0x7f ); + //System.out.println("Length2: " + length); + return b; + } +} +} diff --git a/gnu/java/security/provider/DSAKeyPairGenerator.java b/gnu/java/security/provider/DSAKeyPairGenerator.java new file mode 100644 index 000000000..80475a623 --- /dev/null +++ b/gnu/java/security/provider/DSAKeyPairGenerator.java @@ -0,0 +1,153 @@ +/* GnuDSAKeyPairGenerator.java --- Gnu DSA Key Pair Generator + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.math.BigInteger; +import java.security.AlgorithmParameters; +import java.security.AlgorithmParameterGenerator; +import java.security.KeyPairGeneratorSpi; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.InvalidParameterException; +import java.security.InvalidAlgorithmParameterException; +import java.security.interfaces.DSAParams; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.util.Random; + +import gnu.java.security.util.Prime; + +public class DSAKeyPairGenerator extends KeyPairGeneratorSpi + implements java.security.interfaces.DSAKeyPairGenerator +{ +int keysize; +SecureRandom random; +private BigInteger q = null; // the small prime +private BigInteger p = null; // the big prime +private BigInteger g = null; + +DSAKeyPairGenerator() +{ + keysize = 1024; +} + +public void initialize(int keysize, SecureRandom random) +{ + //if( ((keysize % 64) != 0) || (keysize < 512) || (keysize > 1024) ) + // throw new InvalidAlgorithmParameterException("Invalid key size"); + + this.keysize = keysize; + this.random = random; +} + +public void initialize(AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException +{ + if( !( params instanceof DSAParameterSpec ) ) + throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); + + DSAParameterSpec dsaparameterspec = (DSAParameterSpec)params; + p = dsaparameterspec.getP(); + q = dsaparameterspec.getQ(); + g = dsaparameterspec.getG(); + this.random = random; +} + +public void initialize(DSAParams params, SecureRandom random) + throws InvalidParameterException +{ + if(params.getP() != null) + p = params.getP(); + else + throw new InvalidParameterException(); + + if(params.getQ() != null) + q = params.getQ(); + else + throw new InvalidParameterException(); + + if(params.getG() != null) + g = params.getG(); + else + throw new InvalidParameterException(); + + this.random = random; +} + +public void initialize(int modlen, boolean genParams, SecureRandom random) + throws InvalidParameterException +{ + if( ((modlen % 64) != 0) || (modlen < 512) || (modlen > 1024) ) + throw new InvalidParameterException(); + + if( (genParams == false) && (modlen != 512) && (modlen != 768) && (modlen != 1024) ) + throw new InvalidParameterException(); + this.keysize = modlen; + this.random = random; + p = null; + q = null; + g = null; +} + +public KeyPair generateKeyPair() +{ + if( getDefaults() == false) { + try { + AlgorithmParameterGenerator apgDSA = AlgorithmParameterGenerator.getInstance("DSA"); + AlgorithmParameters apDSA = apgDSA.generateParameters(); + DSAParameterSpec dsaparameterspec = (DSAParameterSpec)apDSA.getParameterSpec( DSAParameterSpec.class ); + p = dsaparameterspec.getP(); + q = dsaparameterspec.getQ(); + g = dsaparameterspec.getG(); + } catch ( Exception e ) { + return null; + } + } + + BigInteger x = new BigInteger( 159, new Random() ); + + BigInteger y = g.modPow( x, p ); + + return new KeyPair( new GnuDSAPublicKey(y,p,q,g), new GnuDSAPrivateKey(x,p,q,g)); + //return new KeyPair( public, private ); +} + +//These constants are Sun's Constants copied from the +//Cryptography Specification +private boolean getDefaults() +{ + if( keysize == 512) { + p = new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16); + q = new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16); + g = new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16); + return true; + } else if( keysize == 768) { + p = new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d890141922d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d777d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16); + q = new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16); + g = new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d83c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16); + } else if( keysize == 512) { + p = new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16); + q = new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16); + g = new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16); + } + return false; +} + +} diff --git a/gnu/java/security/provider/DSAParameterGenerator.java b/gnu/java/security/provider/DSAParameterGenerator.java new file mode 100644 index 000000000..ed8fb9236 --- /dev/null +++ b/gnu/java/security/provider/DSAParameterGenerator.java @@ -0,0 +1,109 @@ +/* DSAParameterGenerator.java --- DSA Parameter Generator Implementation + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.math.BigInteger; +import java.security.AlgorithmParameters; +import java.security.AlgorithmParameterGeneratorSpi; +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.Random; + +import gnu.java.security.util.Prime; + +public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi +{ +private int size; +private SecureRandom random = null; + +public DSAParameterGenerator() +{ + size = 1024; +} + +public void engineInit(int size, SecureRandom random) +{ + if( (size < 512) || (size > 1024) || ( (size % 64) != 0) ) + //throw new InvalidAlgorithmParameterException("Invalid Size"); + return; + this.size = size; + this.random = random; +} + +public void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) + throws InvalidAlgorithmParameterException +{ + if( !( genParamSpec instanceof DSAParameterSpec ) ) + throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); + + DSAParameterSpec dsaparameterspec = (DSAParameterSpec)genParamSpec; + int tmp = dsaparameterspec.getP().bitLength(); + + if( (tmp < 512) || (tmp > 1024) || ( (tmp % 64) != 0) ) + throw new InvalidAlgorithmParameterException("Invalid Size"); + + this.random = random; +} + +//For more information see IEEE P1363 A.16.1 (10/05/98 Draft) +public AlgorithmParameters engineGenerateParameters() +{ + DSAParameterSpec dsaparameterspec; + + int L = size; + BigInteger r, p, k, h, g; + + //q 2^159 < q < 2^160 + r = Prime.generateRandomPrime( 159, 160, BigInteger.valueOf(1)); + + // 2^(L-1) < p < 2^L + p = Prime.generateRandomPrime( r, BigInteger.valueOf(1), L - 1, L, BigInteger.valueOf(1)); + + k = p.subtract( BigInteger.valueOf(1) ); + k = k.divide( r ); + + Random rand = new Random(); + h = BigInteger.valueOf(1); + + for(;;) { + h = h.add(BigInteger.valueOf( 1 ) ); + + g = h.modPow(k, p); + + if( g.compareTo( BigInteger.valueOf(1) ) != 1 ) + break; + } + + try { + dsaparameterspec = new DSAParameterSpec(p, r, g); + AlgorithmParameters ap = AlgorithmParameters.getInstance("DSA"); + ap.init( dsaparameterspec ); + return ap; + } catch ( NoSuchAlgorithmException nsae ) { + return null; + } catch ( InvalidParameterSpecException ipse) { + return null; + } +} + +} diff --git a/gnu/java/security/provider/DSAParameters.java b/gnu/java/security/provider/DSAParameters.java new file mode 100644 index 000000000..a73cd2be3 --- /dev/null +++ b/gnu/java/security/provider/DSAParameters.java @@ -0,0 +1,121 @@ +/* DSAParameters.java --- DSA Parameters Implementation + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.io.IOException; +import java.math.BigInteger; +import java.security.AlgorithmParametersSpi; +import java.security.InvalidAlgorithmParameterException; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.DSAParameterSpec; +import java.security.spec.InvalidParameterSpecException; +import java.util.Random; +import gnu.java.security.der.DEREncodingException; + +import gnu.java.security.util.Prime; + +/* + ASN.1 Encoding for DSA from rfc2459 + + id-dsa ID ::= { iso(1) member-body(2) us(840) x9-57(10040) + x9cm(4) 1 } + + Dss-Parms ::= SEQUENCE { + p INTEGER, + q INTEGER, + g INTEGER } + +*/ +public class DSAParameters extends AlgorithmParametersSpi +{ +private BigInteger q; // the small prime +private BigInteger p; // the big prime +private BigInteger g; + + +public void engineInit(AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException +{ + if( paramSpec instanceof DSAParameterSpec ) { + DSAParameterSpec dsaParamSpec = (DSAParameterSpec)paramSpec; + p = dsaParamSpec.getP(); + q = dsaParamSpec.getQ(); + q = dsaParamSpec.getG(); + } + else + throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); +} + +public void engineInit(byte[] params) + throws IOException +{ + DERReader reader = new DERReader( params ); + try { + + p = reader.getBigInteger(); + q = reader.getBigInteger(); + g = reader.getBigInteger(); + + } catch ( DEREncodingException DERee) { + throw new IOException("Invalid Format: Only accepts ASN.1"); + } +} + +public void engineInit(byte[] params, String format) + throws IOException +{ + if( !format.equals("ASN.1") ) + throw new IOException("Invalid Format: Only accepts ASN.1"); + engineInit( params ); +} + +public AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException +{ + if( paramSpec.isAssignableFrom(DSAParameterSpec.class) ) + return new DSAParameterSpec(p, q, g); + else + throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); +} + +public byte[] engineGetEncoded() + throws IOException +{ + DERWriter writer = new DERWriter(); + return writer.joinarrays( writer.writeBigInteger(p), + writer.writeBigInteger(q), + writer.writeBigInteger(g) ); +} + + +public byte[] engineGetEncoded(String format) + throws IOException +{ + if( !format.equals("ASN.1") ) + throw new IOException("Invalid Format: Only accepts ASN.1"); + return engineGetEncoded(); +} + +public String engineToString() +{ + String lineSeparator = System.getProperty("line.seperator"); + return ("q: " + q + lineSeparator + "p: " + p + lineSeparator + "g:" + g); +} + +} diff --git a/gnu/java/security/provider/DSASignature.java b/gnu/java/security/provider/DSASignature.java new file mode 100644 index 000000000..5665ad9fd --- /dev/null +++ b/gnu/java/security/provider/DSASignature.java @@ -0,0 +1,211 @@ +package gnu.java.security.provider; + +import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Random; +import gnu.java.security.der.DEREncodingException; + +public class DSASignature extends SignatureSpi +{ +private DSAPublicKey publicKey; +private DSAPrivateKey privateKey; +private MessageDigest digest = null; + +public DSASignature() +{} + +private void init() +{ + if( digest == null ) { + try { + digest = MessageDigest.getInstance( "SHA1", "GNU" ); + } catch ( NoSuchAlgorithmException nsae ) { + digest = null; + } catch ( NoSuchProviderException nspe ) { + digest = null; + } + } + digest.reset(); +} + +public void engineInitVerify(PublicKey publicKey) + throws InvalidKeyException +{ + if( publicKey instanceof DSAPublicKey ) + this.publicKey = (DSAPublicKey)publicKey; + else + throw new InvalidKeyException(); + init(); +} + +public void engineInitSign(PrivateKey privateKey) + throws InvalidKeyException +{ + if( privateKey instanceof DSAPrivateKey ) + this.privateKey = (DSAPrivateKey)privateKey; + else + throw new InvalidKeyException(); + + init(); +} + +public void engineInitSign(PrivateKey privateKey, + SecureRandom random) + throws InvalidKeyException +{ + if( privateKey instanceof DSAPrivateKey ) + this.privateKey = (DSAPrivateKey)privateKey; + else + throw new InvalidKeyException(); + + appRandom = random; + init(); +} + +public void engineUpdate(byte b) + throws SignatureException +{ + if( digest == null ) + throw new SignatureException(); + + digest.update( b ); +} + +public void engineUpdate(byte[] b, int off, int len) + throws SignatureException +{ + if( digest == null ) + throw new SignatureException(); + + digest.update( b, off, len ); +} + +public byte[] engineSign() + throws SignatureException +{ + if( digest == null ) + throw new SignatureException(); + if( privateKey == null) + throw new SignatureException(); + + try { + + BigInteger g = privateKey.getParams().getG(); + BigInteger p = privateKey.getParams().getP(); + BigInteger q = privateKey.getParams().getQ(); + + BigInteger x = privateKey.getX(); + + BigInteger k = new BigInteger( 159, (Random)appRandom ); + + BigInteger r = g.modPow(k, p); + r = r.mod(q); + + byte bytes[] = digest.digest(); + BigInteger sha = new BigInteger(1, bytes); + + BigInteger s = sha.add( x.multiply( r ) ); + s = s.multiply( k.modInverse(q) ).mod( q ); + + DERWriter writer = new DERWriter(); + return writer.joinarrays( writer.writeBigInteger( r ), writer.writeBigInteger( s ) ); + + } catch ( ArithmeticException ae ) { + throw new SignatureException(); + } +} + +public int engineSign(byte[] outbuf, int offset, int len) + throws SignatureException +{ + byte tmp[] = engineSign(); + if( tmp.length > len ) + throw new SignatureException(); + System.arraycopy( tmp, 0, outbuf, offset, tmp.length ); + return tmp.length; +} + +public boolean engineVerify(byte[] sigBytes) + throws SignatureException +{ + //Decode sigBytes from ASN.1 DER encoding + try { + DERReader reader = new DERReader( sigBytes ); + BigInteger r = reader.getBigInteger(); + BigInteger s = reader.getBigInteger(); + + BigInteger g = publicKey.getParams().getG(); + BigInteger p = publicKey.getParams().getP(); + BigInteger q = publicKey.getParams().getQ(); + + BigInteger y = publicKey.getY(); + + BigInteger w = s.modInverse( q ); + + byte bytes[] = digest.digest(); + BigInteger sha = new BigInteger(1, bytes); + + BigInteger u1 = w.multiply( sha ).mod( q ); + + BigInteger u2 = r.multiply( w ).mod( q ); + + //This should test the compiler :) + BigInteger v = g.modPow( u1, p ).multiply( y.modPow( u2, p ) ).mod( p ).mod( q ); + + if( v.equals( r ) ) + return true; + else + return false; + } catch ( DEREncodingException deree ) { + throw new SignatureException(); + } +} + +public void engineSetParameter(String param, + Object value) + throws InvalidParameterException +{ + throw new InvalidParameterException(); +} + +public void engineSetParameter(AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException +{ + throw new InvalidParameterException(); + +} + +public Object engineGetParameter(String param) + throws InvalidParameterException +{ + throw new InvalidParameterException(); +} + +public Object clone() + //throws CloneNotSupportedException +{ + return new DSASignature( this ); +} + +private DSASignature( DSASignature copy ) +{ + this(); + this.publicKey = copy.publicKey; + this.privateKey = copy.privateKey; + this.digest = copy.digest; +} + +} diff --git a/gnu/java/security/provider/Gnu.java b/gnu/java/security/provider/Gnu.java new file mode 100644 index 000000000..d321d7c49 --- /dev/null +++ b/gnu/java/security/provider/Gnu.java @@ -0,0 +1,71 @@ +/* Gnu.java --- Gnu provider main class + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; +import java.security.Provider; + +public final class Gnu extends Provider +{ + public Gnu() + { + super( "GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA"); + + // Signature + put("Signature.SHA1withDSA", "gnu.java.security.provider.DSASignature"); + + put("Alg.Alias.Signature.DSS", "SHA1withDSA"); + put("Alg.Alias.Signature.DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAwithSHA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA-1/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA1/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "SHA1withDSA"); + put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA1withDSA"); + + // Key Pair Generator + put("KeyPairGenerator.DSA", "gnu.java.security.provider.DSAKeyPairGenerator"); + + put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); + + // Message Digests + put("MessageDigest.SHA", "gnu.java.security.provider.SHA"); + put("MessageDigest.MD5", "gnu.java.security.provider.MD5"); + + // Format "Alias", "Actual Name" + put("Alg.Alias.MessageDigest.SHA1", "SHA"); + put("Alg.Alias.MessageDigest.SHA-1", "SHA"); + + // Algorithm Parameters + put("AlgorithmParameters.DSA", "gnu.java.security.provider.DSAAlgorithmParameters"); + + // Algorithm Parameter Generator + put("AlgorithmParameterGenerator.DSA", "gnu.java.security.provider.DSAAlgorithmParameterGenerator"); + + // SecureRandom + put("SecureRandom.SHA1PRNG", "gnu.java.security.provider.SHA1PRNG"); + + + } + +} \ No newline at end of file diff --git a/gnu/java/security/provider/GnuDSAPrivateKey.java b/gnu/java/security/provider/GnuDSAPrivateKey.java new file mode 100644 index 000000000..1757fa9cd --- /dev/null +++ b/gnu/java/security/provider/GnuDSAPrivateKey.java @@ -0,0 +1,66 @@ +/* GnuDSAPrivateKey.java --- Gnu DSA Private Key + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.math.BigInteger; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAParams; +import java.security.spec.DSAParameterSpec; + +public class GnuDSAPrivateKey implements DSAPrivateKey +{ +BigInteger x; +BigInteger p; +BigInteger q; +BigInteger g; + +public GnuDSAPrivateKey(BigInteger x, BigInteger p, BigInteger q, BigInteger g ) +{ + this.x = x; + this.p = p; + this.q = q; + this.g = g; +} + +public String getAlgorithm() +{ + return "DSA"; +} + +public String getFormat() +{ + return null; +} + +public byte[] getEncoded() +{ + return null; +} + +public DSAParams getParams() +{ + return (DSAParams)(new DSAParameterSpec(p,q,g)); +} + +public BigInteger getX() +{ + return x; +} + +} diff --git a/gnu/java/security/provider/GnuDSAPublicKey.java b/gnu/java/security/provider/GnuDSAPublicKey.java new file mode 100644 index 000000000..4d2e5166f --- /dev/null +++ b/gnu/java/security/provider/GnuDSAPublicKey.java @@ -0,0 +1,66 @@ +/* GnuDSAPublicKey.java --- Gnu DSA Public Key + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.math.BigInteger; +import java.security.interfaces.DSAPublicKey; +import java.security.interfaces.DSAParams; +import java.security.spec.DSAParameterSpec; + +public class GnuDSAPublicKey implements DSAPublicKey +{ +BigInteger y; +BigInteger p; +BigInteger q; +BigInteger g; + +public GnuDSAPublicKey(BigInteger y, BigInteger p, BigInteger q, BigInteger g ) +{ + this.y = y; + this.p = p; + this.q = q; + this.g = g; +} + +public String getAlgorithm() +{ + return "DSA"; +} + +public String getFormat() +{ + return null; +} + +public byte[] getEncoded() +{ + return null; +} + +public DSAParams getParams() +{ + return (DSAParams)(new DSAParameterSpec(p,q,g)); +} + +public BigInteger getY() +{ + return y; +} + +} diff --git a/gnu/java/security/provider/MD5.java b/gnu/java/security/provider/MD5.java new file mode 100644 index 000000000..decc3282b --- /dev/null +++ b/gnu/java/security/provider/MD5.java @@ -0,0 +1,316 @@ +/* MD5.java -- Class implementing the MD5 algorithm as specified in RFC1321. + Copyright (c) 1999 by Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; +import java.security.MessageDigestSpi; + +/** + This class implements the MD5 algorithm as described in RFC1321. + + @see java.security.MessageDigest +*/ +public class MD5 extends MessageDigestSpi implements Cloneable +{ + private final int W[] = new int[16]; + private long bytecount; + private int A; + private int B; + private int C; + private int D; + + public MD5() + { + super(); + engineReset (); + } + + public Object clone() + { + return new MD5 (this); + } + + private MD5 (MD5 copy) + { + this (); + bytecount = copy.bytecount; + A = copy.A; + B = copy.B; + C = copy.C; + D = copy.D; + System.arraycopy (copy.W, 0, W, 0, 16); + } + + public int engineGetDigestLength() + { + return 20; + } + + // Intialize the A,B,C,D needed for the hash + public void engineReset() + { + bytecount = 0; + A = 0x67452301; + B = 0xefcdab89; + C = 0x98badcfe; + D = 0x10325476; + for(int i = 0; i < 16; i++) + W[i] = 0; + } + + public void engineUpdate (byte b) + { + int i = (int)bytecount % 64; + int shift = (3 - i % 4) * 8; + int idx = i / 4; + + // if you could index ints, this would be: W[idx][shift/8] = b + W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); + + // if we've filled up a block, then process it + if ((++ bytecount) % 64 == 0) + munch (); + } + + public void engineUpdate (byte bytes[], int off, int len) + { + if (len < 0) + throw new ArrayIndexOutOfBoundsException (); + + int end = off + len; + while (off < end) + engineUpdate (bytes[off++]); + } + + public byte[] engineDigest() + { + long bitcount = bytecount * 8; + engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding + + // add the rest of the padding to fill this block out, but leave 8 + // bytes to put in the original bytecount + while ((int)bytecount % 64 != 56) + engineUpdate ((byte)0); + + // add the length of the original, unpadded block to the end of + // the padding + W[14] = SWAP((int)(0xffffffff & bitcount)); + W[15] = SWAP((int)(0xffffffff & (bitcount >>> 32))); + bytecount += 8; + + // digest the fully padded block + munch (); + + A = SWAP(A); + B = SWAP(B); + C = SWAP(C); + D = SWAP(D); + byte[] result = new byte[] {(byte)(A >>> 24), (byte)(A >>> 16), + (byte)(A >>> 8), (byte)A, + (byte)(B >>> 24), (byte)(B >>> 16), + (byte)(B >>> 8), (byte)B, + (byte)(C >>> 24), (byte)(C >>> 16), + (byte)(C >>> 8), (byte)C, + (byte)(D >>> 24), (byte)(D >>> 16), + (byte)(D >>> 8), (byte)D}; + + engineReset (); + return result; + } + + private int F( int X, int Y, int Z) + { + return ((X & Y) | (~X & Z)); + } + + private int G( int X, int Y, int Z) + { + return ((X & Z) | (Y & ~Z)); + } + + private int H( int X, int Y, int Z) + { + return (X ^ Y ^ Z); + } + + private int I( int X, int Y, int Z) + { + return (Y ^ (X | ~Z)); + } + + private int rotateLeft( int i, int count) + { + //Taken from FIPS 180-1 + return ( (i << count) | (i >>> (32 - count)) ) ; + } + + /* Round 1. */ + private int FF( int a, int b, int c, int d, int k, int s, int i) + { + /* Let [abcd k s i] denote the operation */ + a += F(b,c,d) + k + i; + return b + rotateLeft(a, s); + } + /* Round 2. */ + private int GG( int a, int b, int c, int d, int k, int s, int i) + { + /* Let [abcd k s i] denote the operation */ + a += G(b,c,d) + k + i; + return b + rotateLeft(a, s); + } + /* Round 3. */ + private int HH( int a, int b, int c, int d, int k, int s, int i) + { + /* Let [abcd k s t] denote the operation */ + a += H(b,c,d) + k + i; + return b + rotateLeft(a, s); + } + + /* Round 4. */ + private int II( int a, int b, int c, int d, int k, int s, int i) + { + /* Let [abcd k s t] denote the operation */ + a += I(b,c,d) + k + i; + return b + rotateLeft(a, s); + } + + private int SWAP(int n) + { + //Copied from md5.c in FSF Gnu Privacy Guard 0.9.2 + return (( (0xff & n) << 24) | ((n & 0xff00) << 8) | ((n >>> 8) & 0xff00) | (n >>> 24)); + } + + private void munch() + { + int AA,BB,CC,DD, j; + int X[] = new int[16]; + + /* Copy block i into X. */ + for(j = 0; j < 16; j++) + X[j] = SWAP(W[j]); + + /* Save A as AA, B as BB, C as CC, and D as DD. */ + AA = A; + BB = B; + CC = C; + DD = D; + + /* The hex constants are from md5.c + in FSF Gnu Privacy Guard 0.9.2 */ + /* Round 1. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */ + /* Do the following 16 operations. */ + A = FF(A,B,C,D, X[0], 7, 0xd76aa478); + D = FF(D,A,B,C, X[1], 12, 0xe8c7b756); + C = FF(C,D,A,B, X[2], 17, 0x242070db); + B = FF(B,C,D,A, X[3], 22, 0xc1bdceee); + + A = FF(A,B,C,D, X[4], 7, 0xf57c0faf); + D = FF(D,A,B,C, X[5], 12, 0x4787c62a); + C = FF(C,D,A,B, X[6], 17, 0xa8304613); + B = FF(B,C,D,A, X[7], 22, 0xfd469501); + + A = FF(A,B,C,D, X[8], 7, 0x698098d8); + D = FF(D,A,B,C, X[9], 12, 0x8b44f7af); + C = FF(C,D,A,B, X[10], 17, 0xffff5bb1); + B = FF(B,C,D,A, X[11], 22, 0x895cd7be); + + A = FF(A,B,C,D, X[12], 7, 0x6b901122); + D = FF(D,A,B,C, X[13], 12, 0xfd987193); + C = FF(C,D,A,B, X[14], 17, 0xa679438e); + B = FF(B,C,D,A, X[15], 22, 0x49b40821); + + /* Round 2. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */ + /* Do the following 16 operations. */ + A = GG(A,B,C,D, X[1], 5, 0xf61e2562); + D = GG(D,A,B,C, X[6], 9, 0xc040b340); + C = GG(C,D,A,B, X[11], 14, 0x265e5a51); + B = GG(B,C,D,A, X[0], 20, 0xe9b6c7aa); + + A = GG(A,B,C,D, X[5], 5, 0xd62f105d); + D = GG(D,A,B,C, X[10], 9, 0x02441453); + C = GG(C,D,A,B, X[15], 14, 0xd8a1e681); + B = GG(B,C,D,A, X[4], 20, 0xe7d3fbc8); + + A = GG(A,B,C,D, X[9], 5, 0x21e1cde6); + D = GG(D,A,B,C, X[14], 9, 0xc33707d6); + C = GG(C,D,A,B, X[3], 14, 0xf4d50d87); + B = GG(B,C,D,A, X[8], 20, 0x455a14ed); + + A = GG(A,B,C,D, X[13], 5, 0xa9e3e905); + D = GG(D,A,B,C, X[2], 9, 0xfcefa3f8); + C = GG(C,D,A,B, X[7], 14, 0x676f02d9); + B = GG(B,C,D,A, X[12], 20, 0x8d2a4c8a); + + /* Round 3. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ + /* Do the following 16 operations. */ + A = HH(A,B,C,D, X[5], 4, 0xfffa3942); + D = HH(D,A,B,C, X[8], 11, 0x8771f681); + C = HH(C,D,A,B, X[11], 16, 0x6d9d6122); + B = HH(B,C,D,A, X[14], 23, 0xfde5380c); + + A = HH(A,B,C,D, X[1], 4, 0xa4beea44); + D = HH(D,A,B,C, X[4], 11, 0x4bdecfa9); + C = HH(C,D,A,B, X[7], 16, 0xf6bb4b60); + B = HH(B,C,D,A, X[10], 23, 0xbebfbc70); + + A = HH(A,B,C,D, X[13], 4, 0x289b7ec6); + D = HH(D,A,B,C, X[0], 11, 0xeaa127fa); + C = HH(C,D,A,B, X[3], 16, 0xd4ef3085); + B = HH(B,C,D,A, X[6], 23, 0x04881d05); + + A = HH(A,B,C,D, X[9], 4, 0xd9d4d039); + D = HH(D,A,B,C, X[12], 11, 0xe6db99e5); + C = HH(C,D,A,B, X[15], 16, 0x1fa27cf8); + B = HH(B,C,D,A, X[2], 23, 0xc4ac5665); + + /* Round 4. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ + /* Do the following 16 operations. */ + A = II(A,B,C,D, X[0], 6, 0xf4292244); + D = II(D,A,B,C, X[7], 10, 0x432aff97); + C = II(C,D,A,B, X[14], 15, 0xab9423a7); + B = II(B,C,D,A, X[5], 21, 0xfc93a039); + + A = II(A,B,C,D, X[12], 6, 0x655b59c3); + D = II(D,A,B,C, X[3], 10, 0x8f0ccc92); + C = II(C,D,A,B, X[10], 15, 0xffeff47d); + B = II(B,C,D,A, X[1], 21, 0x85845dd1); + + A = II(A,B,C,D, X[8], 6, 0x6fa87e4f); + D = II(D,A,B,C, X[15], 10, 0xfe2ce6e0); + C = II(C,D,A,B, X[6], 15, 0xa3014314); + B = II(B,C,D,A, X[13], 21, 0x4e0811a1); + + A = II(A,B,C,D, X[4], 6, 0xf7537e82); + D = II(D,A,B,C, X[11], 10, 0xbd3af235); + C = II(C,D,A,B, X[2], 15, 0x2ad7d2bb); + B = II(B,C,D,A, X[9], 21, 0xeb86d391); + + /* Then perform the following additions. (That is increment each + of the four registers by the value it had before this block + was started.) */ + A = A + AA; + B = B + BB; + C = C + CC; + D = D + DD; + } +} \ No newline at end of file diff --git a/gnu/java/security/provider/SHA.java b/gnu/java/security/provider/SHA.java index 8848a7bb0..ae6baa2a1 100644 --- a/gnu/java/security/provider/SHA.java +++ b/gnu/java/security/provider/SHA.java @@ -1,211 +1,216 @@ -/* SHA.java -- Class implementing the SHA-1 algorithm as specified in [1]. - Copyright (c) 1999 by Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Library General Public License as published - by the Free Software Foundation, version 2. (see COPYING.LIB) - - This program is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software Foundation - Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ - -package gnu.java.security.provider; - -import java.security.MessageDigest; - -/** - This class implements the SHA-1 algorithm as described in [1]. - - [1] Federal Information Processing Standards Publication 180-1. - Specifications for the Secure Hash Standard. April 17, 1995. - - @see java.security.MessageDigest -*/ -public class SHA extends MessageDigest implements Cloneable -{ - public SHA () - { - super ("SHA"); - engineReset (); - } - - public void engineUpdate (byte b) - { - int i = (int)bytecount % 64; - int shift = (3 - i % 4) * 8; - int idx = i / 4; - - // if you could index ints, this would be: W[idx][shift/8] = b - W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); - - // if we've filled up a block, then process it - if ((++ bytecount) % 64 == 0) - munch (); - } - - // This could be optimized. - public void engineUpdate (byte bytes[], int off, int len) - { - if (len < 0) - throw new ArrayIndexOutOfBoundsException (); - - int end = off + len; - while (off < end) - engineUpdate (bytes[off++]); - } - - public void engineReset () - { - bytecount = 0; - // magic numbers from [1] p. 10. - H0 = 0x67452301; - H1 = 0xefcdab89; - H2 = 0x98badcfe; - H3 = 0x10325476; - H4 = 0xc3d2e1f0; - } - - public byte[] engineDigest () - { - long bitcount = bytecount * 8; - engineUpdate ((byte)-128); // 10000000 in binary; the start of the padding - - // add the rest of the padding to fill this block out, but leave 8 - // bytes to put in the original bytecount - while ((int)bytecount % 64 != 56) - engineUpdate ((byte)0); - - // add the length of the original, unpadded block to the end of - // the padding - W[14] = (int)(bitcount >>> 32); - W[15] = (int)bitcount; - bytecount += 8; - - // digest the fully padded block - munch (); - - byte[] result - = new byte[] {(byte)(H0 >>> 24), (byte)(H0 >>> 16), - (byte)(H0 >>> 8), (byte)H0, - (byte)(H1 >>> 24), (byte)(H1 >>> 16), - (byte)(H1 >>> 8), (byte)H1, - (byte)(H2 >>> 24), (byte)(H2 >>> 16), - (byte)(H2 >>> 8), (byte)H2, - (byte)(H3 >>> 24), (byte)(H3 >>> 16), - (byte)(H3 >>> 8), (byte)H3, - (byte)(H4 >>> 24), (byte)(H4 >>> 16), - (byte)(H4 >>> 8), (byte)H4}; - - engineReset (); - return result; - } - - // Process a single block. This is pretty much copied verbatim from - // [1] pp. 9, 10. - private void munch () - { - for (int t = 16; t < 80; ++ t) - { - int Wt = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; - W[t] = Wt << 1 | Wt >>> 31; - } - - int A = H0; - int B = H1; - int C = H2; - int D = H3; - int E = H4; - - for (int t = 0; t < 20; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + ((B & C) | (~B & D)) // f_t(B,C,D) - + E + W[t] - + 0x5a827999; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 20; t < 40; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0x6ed9eba1; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 40; t < 60; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B & C | B & D | C & D) // f_t(B,C,D) - + E + W[t] - + 0x8f1bbcdc; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 60; t < 80; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0xca62c1d6; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - H0 += A; - H1 += B; - H2 += C; - H3 += D; - H4 += E; - } - - public Object clone () - { - return new SHA (this); - } - - private SHA (SHA copy) - { - this (); - bytecount = copy.bytecount; - H0 = copy.H0; - H1 = copy.H1; - H2 = copy.H2; - H3 = copy.H3; - H4 = copy.H4; - System.arraycopy (copy.W, 0, W, 0, 80); - } - - private final int W[] = new int[80]; - private long bytecount; - private int H0; - private int H1; - private int H2; - private int H3; - private int H4; -} +/* SHA.java -- Class implementing the SHA-1 algorithm as specified in [1]. + Copyright (c) 1999 by Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.provider; + +import java.security.MessageDigest; + +/** + This class implements the SHA-1 algorithm as described in [1]. + + [1] Federal Information Processing Standards Publication 180-1. + Specifications for the Secure Hash Standard. April 17, 1995. + + @see java.security.MessageDigest +*/ +public class SHA extends MessageDigest implements Cloneable +{ + public SHA () + { + super("SHA"); + engineReset (); + } + + public int engineGetDigestLength() + { + return 16; + } + + public void engineUpdate (byte b) + { + int i = (int)bytecount % 64; + int shift = (3 - i % 4) * 8; + int idx = i / 4; + + // if you could index ints, this would be: W[idx][shift/8] = b + W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); + + // if we've filled up a block, then process it + if ((++ bytecount) % 64 == 0) + munch (); + } + + // This could be optimized. + public void engineUpdate (byte bytes[], int off, int len) + { + if (len < 0) + throw new ArrayIndexOutOfBoundsException (); + + int end = off + len; + while (off < end) + engineUpdate (bytes[off++]); + } + + public void engineReset () + { + bytecount = 0; + // magic numbers from [1] p. 10. + H0 = 0x67452301; + H1 = 0xefcdab89; + H2 = 0x98badcfe; + H3 = 0x10325476; + H4 = 0xc3d2e1f0; + } + + public byte[] engineDigest () + { + long bitcount = bytecount * 8; + engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding + + // add the rest of the padding to fill this block out, but leave 8 + // bytes to put in the original bytecount + while ((int)bytecount % 64 != 56) + engineUpdate ((byte)0); + + // add the length of the original, unpadded block to the end of + // the padding + W[14] = (int)(bitcount >>> 32); + W[15] = (int)bitcount; + bytecount += 8; + + // digest the fully padded block + munch (); + + byte[] result + = new byte[] {(byte)(H0 >>> 24), (byte)(H0 >>> 16), + (byte)(H0 >>> 8), (byte)H0, + (byte)(H1 >>> 24), (byte)(H1 >>> 16), + (byte)(H1 >>> 8), (byte)H1, + (byte)(H2 >>> 24), (byte)(H2 >>> 16), + (byte)(H2 >>> 8), (byte)H2, + (byte)(H3 >>> 24), (byte)(H3 >>> 16), + (byte)(H3 >>> 8), (byte)H3, + (byte)(H4 >>> 24), (byte)(H4 >>> 16), + (byte)(H4 >>> 8), (byte)H4}; + + engineReset (); + return result; + } + + // Process a single block. This is pretty much copied verbatim from + // [1] pp. 9, 10. + private void munch () + { + for (int t = 16; t < 80; ++ t) + { + int Wt = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; + W[t] = Wt << 1 | Wt >>> 31; + } + + int A = H0; + int B = H1; + int C = H2; + int D = H3; + int E = H4; + + for (int t = 0; t < 20; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + ((B & C) | (~B & D)) // f_t(B,C,D) + + E + W[t] + + 0x5a827999; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 20; t < 40; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B ^ C ^ D) // f_t(B,C,D) + + E + W[t] + + 0x6ed9eba1; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 40; t < 60; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B & C | B & D | C & D) // f_t(B,C,D) + + E + W[t] + + 0x8f1bbcdc; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 60; t < 80; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B ^ C ^ D) // f_t(B,C,D) + + E + W[t] + + 0xca62c1d6; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + H0 += A; + H1 += B; + H2 += C; + H3 += D; + H4 += E; + } + + public Object clone () + { + return new SHA (this); + } + + private SHA (SHA copy) + { + this (); + bytecount = copy.bytecount; + H0 = copy.H0; + H1 = copy.H1; + H2 = copy.H2; + H3 = copy.H3; + H4 = copy.H4; + System.arraycopy (copy.W, 0, W, 0, 80); + } + + private final int W[] = new int[80]; + private long bytecount; + private int H0; + private int H1; + private int H2; + private int H3; + private int H4; +} diff --git a/gnu/java/security/provider/SHA1PRNG.java b/gnu/java/security/provider/SHA1PRNG.java new file mode 100644 index 000000000..cef460c54 --- /dev/null +++ b/gnu/java/security/provider/SHA1PRNG.java @@ -0,0 +1,100 @@ +/* SHA1PRNG.java --- Secure Random SPI SHA1PRNG + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +import java.util.Random; +import java.security.SecureRandomSpi; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +//import SecureRandomSpi; +import java.io.Serializable; + +public class SHA1PRNG extends SecureRandomSpi implements Serializable +{ +MessageDigest digest; +byte seed[]; +byte data[]; +int seedpos; +int datapos; + +public SHA1PRNG() +{ + try { + digest = MessageDigest.getInstance("SHA"); + } catch ( NoSuchAlgorithmException nsae) { + System.out.println("Failed to find SHA Message Digest: " + nsae); + nsae.printStackTrace(); + } + + seed = new byte[20]; + seedpos = 0; + data = new byte[40]; + datapos = 0; + + new Random().nextBytes(seed); + + byte digestdata[]; + digestdata = digest.digest( data ); + System.arraycopy( digestdata, 0, data, 0, 20); + +} + +public void engineSetSeed(byte[] seed) +{ + for(int i = 0; i < seed.length; i++) + this.seed[seedpos++ % 20] ^= seed[i]; + seedpos %= 20; + +} + +public void engineNextBytes(byte[] bytes) +{ + + if( bytes.length < (20 - datapos) ) { + System.arraycopy( bytes, 0, data, datapos, bytes.length); + datapos += bytes.length; + return; + } + + int i, blen = bytes.length, bpos = 0; + byte digestdata[]; + while( bpos < blen ) { + i = 20 - datapos; + System.arraycopy( bytes, bpos, data, datapos, i); + bpos += i; + datapos += i; + if( datapos >= 20) { + //System.out.println( (0 + 20) + "\n" + (20 + 20) ); + System.arraycopy( seed, 0, data, 20, 20); + digestdata = digest.digest( data ); + System.arraycopy( digestdata, 0, data, 0, 20); + datapos = 0; + } + } + +} + +public byte[] engineGenerateSeed(int numBytes) +{ + byte tmp[] = new byte[numBytes]; + + engineNextBytes( tmp ); + return tmp; +} + + +} diff --git a/gnu/java/security/util/Prime.java b/gnu/java/security/util/Prime.java new file mode 100644 index 000000000..abcaf076f --- /dev/null +++ b/gnu/java/security/util/Prime.java @@ -0,0 +1,145 @@ +/* Prime.java --- Prime number generation utilities + + Copyright (c) 1999 by Free Software Foundation, Inc. + Written by Mark Benvenuto + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU Library General Public License as published + by the Free Software Foundation, version 2. (see COPYING.LIB) + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307 USA. */ + +package gnu.java.security.util; +import java.math.BigInteger; +import java.util.Random; +//import java.security.SecureRandom; + +public final class Prime +{ + +/* + See IEEE P1363 A.15.4 (10/05/98 Draft) +*/ +public static BigInteger generateRandomPrime( int pmin, int pmax, BigInteger f ) +{ + BigInteger d; + + //Step 1 - generate prime + BigInteger p = new BigInteger( (pmax + pmin)/2, new Random() ); + if( p.compareTo( BigInteger.valueOf( 1 ).shiftLeft( pmin ) ) <= 0 ) + { + p.add( BigInteger.valueOf( 1 ).shiftLeft( pmin ).subtract( p ) ); + } + + //Step 2 - test for even + if( p.mod( BigInteger.valueOf(2) ).compareTo( BigInteger.valueOf( 0 )) == 0) + p.add( BigInteger.valueOf( 1 ) ); + + for(;;) + { + //Step 3 + if( p.compareTo( BigInteger.valueOf( 1 ).shiftLeft( pmax)) > 0) + { + //Step 3.1 + p = p.subtract( BigInteger.valueOf( 1 ).shiftLeft( pmax) ); + p = p.add( BigInteger.valueOf( 1 ).shiftLeft( pmin) ); + p = p.subtract( BigInteger.valueOf( 1 ) ); + + //Step 3.2 + // put step 2 code here so looping code is cleaner + //Step 2 - test for even + if( p.mod( BigInteger.valueOf(2) ).compareTo( BigInteger.valueOf( 0 )) == 0) + p.add( BigInteger.valueOf( 1 ) ); + continue; + } + + //Step 4 - compute GCD + d = p.subtract( BigInteger.valueOf(1) ); + d = d.gcd( f ); + + //Step 5 - test d + if( d.compareTo( BigInteger.valueOf( 1 ) ) == 0) + { + //Step 5.1 - test primality + if( p.isProbablePrime( 1 ) == true ) + { + //Step 5.2; + return p; + } + } + //Step 6 + p = p.add( BigInteger.valueOf( 2 ) ); + + //Step 7 + } +} + + +/* + See IEEE P1363 A.15.5 (10/05/98 Draft) +*/ +public static BigInteger generateRandomPrime( BigInteger r, BigInteger a, int pmin, int pmax, BigInteger f ) +{ + BigInteger d, w; + + //Step 1 - generate prime + BigInteger p = new BigInteger( (pmax + pmin)/2, new Random() ); + +steptwo:{ //Step 2 + w = p.mod( r.multiply( BigInteger.valueOf(2) )); + + //Step 3 + p = p.add( r.multiply( BigInteger.valueOf(2) ) ); + p = p.subtract( w ); + p = p.add(a); + + //Step 4 - test for even + if( p.mod( BigInteger.valueOf(2) ).compareTo( BigInteger.valueOf( 0 )) == 0) + p.add( r ); + + for(;;) + { + //Step 5 + if( p.compareTo( BigInteger.valueOf( 1 ).shiftLeft( pmax)) > 0) + { + //Step 5.1 + p = p.subtract( BigInteger.valueOf( 1 ).shiftLeft( pmax) ); + p = p.add( BigInteger.valueOf( 1 ).shiftLeft( pmin) ); + p = p.subtract( BigInteger.valueOf( 1 ) ); + + //Step 5.2 - goto to Step 2 + break steptwo; + } + + //Step 6 + d = p.subtract( BigInteger.valueOf(1) ); + d = d.gcd( f ); + + //Step 7 - test d + if( d.compareTo( BigInteger.valueOf( 1 ) ) == 0) + { + //Step 7.1 - test primality + if( p.isProbablePrime( 1 ) == true ) + { + //Step 7.2; + return p; + } + } + //Step 8 + p = p.add( r.multiply( BigInteger.valueOf(2) ) ); + + //Step 9 + } + } + //Should never reach here but makes the compiler happy + return BigInteger.valueOf(0); +} + +} \ No newline at end of file -- cgit v1.2.1