Casey Marshall <[EMAIL PROTECTED]> writes:
> Brian Jones wrote:
> | Casey Marshall <[EMAIL PROTECTED]> writes:
> |
> |
> |>Attached are the java.security patches I posted earlier, reformatted
> |>slightly. My paperwork for GCC and Classpath is through (I haven't
> |>gotten the photocopies back, but Jessica sent me a message saying they
> |>have been accepted).
> |>
> |>I am having some difficulties talking with subversions right now;
> |>hopefully the patches are not corrupt.
> |>
> |>Cheers,
> |>
> |>--
> |>Casey Marshall || [EMAIL PROTECTED]
> |
> | Thanks Casey,
> |
> | Is there a ChangeLog entry?
> |
>
> Some things may conflict with the current state of these files, since
> there have been some other changes to the security files recently.
>
> ~ * java/security/AlgorithmParameterGenerator.java:
> ~ modify getInstance methods to use the Engine class; adds
> ~ JDK1.4 getInstance method; getInstance throws an exception
> ~ if provider argument is null; minor comment improvements
> ~ or elaborations; copyright updated to include 2003.
> ~ * java/security/AlgorithmParameters.java: likewise.
> ~ * java/security/KeyFactory.java: likewise.
> ~ * java/security/KeyPairGenerator.java: likewise.
> ~ * java/security/MessageDigest.java: likewise.
> ~ * java/security/Signature.java: likewise.
> ~ * java/security/SecureRandom.java: likewise.
> ~ * java/security/KeyStore.java: modify getInstance methods to use
> ~ the Engine class.
> ~ * java/security/Engine.java: new package-private class with a single
> ~ package-private class method that implements a general getInstance.
Okay, the attached patch is roughly the rest of your patch applied to
what is already in CVS. If you're happy with it I'll go ahead and
check it in.
Brian
--
Brian Jones <[EMAIL PROTECTED]>
Index: java/security/AlgorithmParameterGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/AlgorithmParameterGenerator.java,v
retrieving revision 1.6
diff -u -r1.6 AlgorithmParameterGenerator.java
--- java/security/AlgorithmParameterGenerator.java 9 Mar 2003 07:08:32 -0000 1.6
+++ java/security/AlgorithmParameterGenerator.java 26 Mar 2003 04:24:02 -0000
@@ -1,5 +1,5 @@
/* AlgorithmParameterGenerator.java --- Algorithm Parameter Generator
- Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1999, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -80,6 +80,10 @@
*/
public class AlgorithmParameterGenerator
{
+ /** Service name for algorithm parameter generators. */
+ private static final String ALGORITHM_PARAMETER_GENERATOR =
+ "AlgorithmParameterGenerator";
+
private AlgorithmParameterGeneratorSpi paramGenSpi;
private Provider provider;
private String algorithm;
@@ -132,7 +136,7 @@
for (int i = 0; i < p.length; i++)
try
{
- getInstance(algorithm, p[i]);
+ return getInstance(algorithm, p[i]);
}
catch (NoSuchAlgorithmException ignored) {}
@@ -159,6 +163,9 @@
String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException();
@@ -186,59 +193,18 @@
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
-
- // try the name as is
- String className = provider.getProperty(
- "AlgorithmParameterGenerator." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("AlgorithmParameterGenerator." + upper);
- if (className == null) // try if it's an alias
- {
- String alias = provider.getProperty(
- "Alg.Alias.AlgorithmParameterGenerator." + algorithm);
- if (alias == null) // try all-uppercase alias name
- {
- alias = provider.getProperty(
- "Alg.Alias.AlgorithmParameterGenerator." + upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty(
- "AlgorithmParameterGenerator." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
-
- private static AlgorithmParameterGenerator getInstance(String classname,
- String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
+ throw new IllegalArgumentException("Illegal provider");
try
{
- return new AlgorithmParameterGenerator(
- (AlgorithmParameterGeneratorSpi) Class.forName(classname).newInstance(),
- provider,
- algorithm);
- }
- catch (ClassNotFoundException cnfe)
- {
- throw new NoSuchAlgorithmException("Class not found");
- }
- catch (InstantiationException ie)
- {
- throw new NoSuchAlgorithmException("Class instantiation failed");
- }
- catch (IllegalAccessException iae)
+ return new AlgorithmParameterGenerator(
+ (AlgorithmParameterGeneratorSpi) Engine.getInstance(
+ ALGORITHM_PARAMETER_GENERATOR, algorithm, provider),
+ provider, algorithm);
+ }
+ catch (ClassCastException cce)
{
- throw new NoSuchAlgorithmException("Illegal Access");
+ throw new NoSuchAlgorithmException(algorithm);
}
}
Index: java/security/AlgorithmParameters.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/AlgorithmParameters.java,v
retrieving revision 1.6
diff -u -r1.6 AlgorithmParameters.java
--- java/security/AlgorithmParameters.java 9 Mar 2003 07:12:01 -0000 1.6
+++ java/security/AlgorithmParameters.java 26 Mar 2003 04:24:03 -0000
@@ -1,5 +1,5 @@
/* AlgorithmParameters.java --- Algorithm Parameters Implementation Class
- Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1999, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -81,6 +81,9 @@
*/
public class AlgorithmParameters
{
+ /** Service name for algorithm parameters. */
+ private static final String ALGORITHM_PARAMETERS = "AlgorithmParameters";
+
private AlgorithmParametersSpi paramSpi;
private Provider provider;
private String algorithm;
@@ -163,6 +166,9 @@
public static AlgorithmParameters getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException();
@@ -190,55 +196,17 @@
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
-
- // try the name as is
- String className = provider.getProperty("AlgorithmParameters." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("AlgorithmParameters." + upper);
- if (className == null) // try if it's an alias
- {
- String alias =
- provider.getProperty("Alg.Alias.AlgorithmParameters." + algorithm);
- if (alias == null) // try all-uppercase alias name
- {
- alias = provider.getProperty("Alg.Alias.AlgorithmParameters." + upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty("AlgorithmParameters." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
+ throw new IllegalArgumentException("Illegal provider");
- private static AlgorithmParameters getInstance(String classname,
- String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
try
{
- return new AlgorithmParameters(
- (AlgorithmParametersSpi) Class.forName(classname).newInstance(),
- provider,
- algorithm);
- }
- catch (ClassNotFoundException cnfe)
- {
- throw new NoSuchAlgorithmException("Class not found");
- }
- catch (InstantiationException ie)
- {
- throw new NoSuchAlgorithmException("Class instantiation failed");
+ return new AlgorithmParameters((AlgorithmParametersSpi)
+ Engine.getInstance(ALGORITHM_PARAMETERS, algorithm, provider),
+ provider, algorithm);
}
- catch (IllegalAccessException iae)
+ catch (ClassCastException cce)
{
- throw new NoSuchAlgorithmException("Illegal Access");
+ throw new NoSuchAlgorithmException(algorithm);
}
}
Index: java/security/Engine.java
===================================================================
RCS file: java/security/Engine.java
diff -N java/security/Engine.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ java/security/Engine.java 26 Mar 2003 04:24:03 -0000
@@ -0,0 +1,152 @@
+/* Engine -- generic getInstance method.
+ Copyright (C) 2003 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+package java.security;
+
+/**
+ * Generic implementation of the getInstance methods in the various
+ * engine classes in java.security.
+ * <p>
+ * These classes ([EMAIL PROTECTED] java.security.Signature} for example) can be
+ * thought of as the "chrome, upholstery, and steering wheel", and the SPI
+ * (service provider interface, e.g. [EMAIL PROTECTED] java.security.SignatureSpi})
+ * classes can be thought of as the "engine" -- providing the actual
+ * functionality of whatever cryptographic algorithm the instance
+ * represents.
+ *
+ * @see Provider
+ * @author Casey Marshall
+ */
+final class Engine
+{
+
+ // Constants.
+ // ------------------------------------------------------------------------
+
+ /** Prefix for aliases. */
+ private static final String ALG_ALIAS = "Alg.Alias.";
+
+ /** Maximum number of aliases to try. */
+ private static final int MAX_ALIASES = 5;
+
+ // Constructor.
+ // ------------------------------------------------------------------------
+
+ /** This class cannot be instantiated. */
+ private Engine() { }
+
+ // Class method.
+ // ------------------------------------------------------------------------
+
+ /**
+ * Get the implementation for <i>algorithm</i> for service
+ * <i>service</i> from <i>provider</i>. The service is e.g.
+ * "Signature", and the algorithm "DSA".
+ *
+ * @param service The service name.
+ * @param algorithm The name of the algorithm to get.
+ * @param provider The provider to get the implementation from.
+ * @return The engine class for the specified algorithm; the object
+ * returned is typically a subclass of the SPI class for that
+ * service, but callers should check that this is so.
+ * @throws NoSuchAlgorithmException If the implementation cannot be
+ * found or cannot be instantiated.
+ * @throws IllegalArgumentException If any of the three arguments are null.
+ */
+ static Object
+ getInstance(String service, String algorithm, Provider provider)
+ throws NoSuchAlgorithmException
+ {
+ if (service == null || algorithm == null || provider == null)
+ throw new IllegalArgumentException();
+
+ // If there is no property "service.algorithm"
+ if (provider.getProperty(service + "." + algorithm) == null)
+ {
+ // Iterate through aliases, until we find the class name or resolve
+ // too many aliases.
+ String alias = null;
+ int count = 0;
+ while ((alias = provider.getProperty(
+ ALG_ALIAS + service + "." + algorithm)) != null)
+ {
+ if (algorithm.equals(alias)) // Refers to itself!
+ break;
+ algorithm = alias;
+ if (count++ > MAX_ALIASES)
+ throw new NoSuchAlgorithmException("too many aliases");
+ }
+ if (provider.getProperty(service + "." + algorithm) == null)
+ throw new NoSuchAlgorithmException(algorithm);
+ }
+
+ // Find and instantiate the implementation.
+ Class clazz = null;
+ ClassLoader loader = provider.getClass().getClassLoader();
+ String error = algorithm;
+ try
+ {
+ if (loader != null)
+ clazz = loader.loadClass(provider.getProperty(service+"."+algorithm));
+ else
+ clazz = Class.forName(provider.getProperty(service+"."+algorithm));
+ return clazz.newInstance();
+ }
+ catch (ClassNotFoundException cnfe)
+ {
+ error = "class not found: " + algorithm;
+ }
+ catch (IllegalAccessException iae)
+ {
+ error = "illegal access: " + iae.getMessage();
+ }
+ catch (InstantiationException ie)
+ {
+ error = "instantiation exception: " + ie.getMessage();
+ }
+ catch (ExceptionInInitializerError eiie)
+ {
+ error = "exception in initializer: " + eiie.getMessage();
+ }
+ catch (SecurityException se)
+ {
+ error = "security exception: " + se.getMessage();
+ }
+
+ throw new NoSuchAlgorithmException(error);
+ }
+}
Index: java/security/KeyFactory.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/KeyFactory.java,v
retrieving revision 1.6
diff -u -r1.6 KeyFactory.java
--- java/security/KeyFactory.java 9 Mar 2003 07:13:19 -0000 1.6
+++ java/security/KeyFactory.java 26 Mar 2003 04:24:03 -0000
@@ -1,5 +1,5 @@
/* KeyFactory.java --- Key Factory Class
- Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1999, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -83,6 +83,9 @@
*/
public class KeyFactory
{
+ /** The service name for key factories. */
+ private static final String KEY_FACTORY = "KeyFactory";
+
private KeyFactorySpi keyFacSpi;
private Provider provider;
private String algorithm;
@@ -125,7 +128,7 @@
for (int i = 0; i < p.length; i++)
try
{
- getInstance(algorithm, p[i]);
+ return getInstance(algorithm, p[i]);
}
catch (NoSuchAlgorithmException ignored) {}
@@ -150,6 +153,9 @@
public static KeyFactory getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException();
@@ -178,55 +184,18 @@
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
+ throw new IllegalArgumentException("Illegal provider");
- // try the name as is
- String className = provider.getProperty("KeyFactory." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("KeyFactory." + upper);
- if (className == null) // try if it's an alias
- {
- String alias =
- provider.getProperty("Alg.Alias.KeyFactory." + algorithm);
- if (alias == null) // try all-uppercase alias name
- {
- alias = provider.getProperty("Alg.Alias.KeyFactory." + upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty("KeyFactory." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
-
- private static KeyFactory getInstance(String classname, String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
try
{
- return new KeyFactory(
- (KeyFactorySpi) Class.forName(classname).newInstance(),
- provider,
- algorithm);
- }
- catch (ClassNotFoundException cnfe)
- {
- throw new NoSuchAlgorithmException("Class not found");
+ return new KeyFactory((KeyFactorySpi)
+ Engine.getInstance(KEY_FACTORY, algorithm, provider),
+ provider, algorithm);
}
- catch (InstantiationException ie)
+ catch (ClassCastException cce)
{
- throw new NoSuchAlgorithmException("Class instantiation failed");
- }
- catch (IllegalAccessException iae)
- {
- throw new NoSuchAlgorithmException("Illegal Access");
- }
+ throw new NoSuchAlgorithmException(algorithm);
+ }
}
/**
Index: java/security/KeyPairGenerator.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/KeyPairGenerator.java,v
retrieving revision 1.8
diff -u -r1.8 KeyPairGenerator.java
--- java/security/KeyPairGenerator.java 9 Mar 2003 07:14:00 -0000 1.8
+++ java/security/KeyPairGenerator.java 26 Mar 2003 04:24:03 -0000
@@ -106,20 +106,28 @@
* service providers who wish to supply their own implementations of key pair
* generators.</p>
*
- * @author Mark Benvenuto
+ * @see Signature
+ * @see KeyPair
* @see AlgorithmParameterSpec
+ * @author Mark Benvenuto
+ * @author Casey Marshall
*/
public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
{
+ /** The service name for key pair generators. */
+ private static final String KEY_PAIR_GENERATOR = "KeyPairGenerator";
+
Provider provider;
private String algorithm;
/**
- * Creates a <code>KeyPairGenerator</code> object for the specified algorithm.
+ * Creates a <code>KeyPairGenerator</code> object for the specified
+ * algorithm.
*
- * @param algorithm the standard string name of the algorithm. See Appendix A
- * in the Java Cryptography Architecture API Specification & Reference for
- * information about standard algorithm names.
+ * @param algorithm the standard string name of the algorithm.
+ * See Appendix A in the Java Cryptography Architecture API
+ * Specification & Reference for information about standard
+ * algorithm names.
*/
protected KeyPairGenerator(String algorithm)
{
@@ -171,17 +179,17 @@
}
/**
- * Generates a <code>KeyPairGenerator</code> object implementing the specified
- * algorithm, as supplied from the specified provider, if such an algorithm is
- * available from the provider.
+ * Generates a <code>KeyPairGenerator</code> object implementing the
+ * specified algorithm, as supplied from the specified provider, if
+ * such an algorithm is available from the provider.
*
- * @param algorithm the standard string name of the algorithm. See Appendix A
- * in the Java Cryptography Architecture API Specification & Reference for
- * information about standard algorithm names.
+ * @param algorithm the standard string name of the algorithm. See
+ * Appendix A in the Java Cryptography Architecture API Specification
+ * & Reference for information about standard algorithm names.
* @param provider the string name of the provider.
* @return the new <code>KeyPairGenerator</code> object.
- * @throws NoSuchAlgorithmException if the algorithm is not available from the
- * provider.
+ * @throws NoSuchAlgorithmException if the algorithm is not available
+ * from the provider.
* @throws NoSuchProviderException if the provider is not available in the
* environment.
* @throws IllegalArgumentException if the provider name is <code>null</code>
@@ -216,69 +224,26 @@
* @since 1.4
* @see Provider
*/
- public static KeyPairGenerator getInstance(String algorithm, Provider provider)
+ public static KeyPairGenerator getInstance(String algorithm,
+ Provider provider)
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
+ throw new IllegalArgumentException("Illegal provider");
- // try the name as is
- String className = provider.getProperty("KeyPairGenerator." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("KeyPairGenerator." + upper);
- if (className == null) // try if it's an alias
- {
- String alias = provider.getProperty(
- "Alg.Alias.KeyPairGenerator." + algorithm);
- if (alias == null) // try all-uppercase alias name
- {
- alias = provider.getProperty(
- "Alg.Alias.KeyPairGenerator." + upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty("KeyPairGenerator." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
-
- private static KeyPairGenerator getInstance(String classname,
- String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
- try
- {
- Object o = Class.forName(classname).newInstance();
- KeyPairGenerator kpg;
- if (o instanceof KeyPairGeneratorSpi)
- kpg = new DummyKeyPairGenerator((KeyPairGeneratorSpi) o, algorithm);
- else
- {
- kpg = (KeyPairGenerator) o;
- kpg.algorithm = algorithm;
- }
-
- kpg.provider = provider;
- return kpg;
- }
- catch (ClassNotFoundException cnfe)
- {
- throw new NoSuchAlgorithmException("Class not found");
- }
- catch (InstantiationException ie)
+ Object o = Engine.getInstance(KEY_PAIR_GENERATOR, algorithm, provider);
+ KeyPairGenerator result = null;
+ if (o instanceof KeyPairGeneratorSpi)
{
- throw new NoSuchAlgorithmException("Class instantiation failed");
+ result = new DummyKeyPairGenerator((KeyPairGeneratorSpi) o, algorithm);
}
- catch (IllegalAccessException iae)
+ else if (o instanceof KeyPairGenerator)
{
- throw new NoSuchAlgorithmException("Illegal Access");
+ result = (KeyPairGenerator) o;
+ result.algorithm = algorithm;
}
+ result.provider = provider;
+ return result;
}
/**
Index: java/security/KeyStore.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/KeyStore.java,v
retrieving revision 1.5
diff -u -r1.5 KeyStore.java
--- java/security/KeyStore.java 18 Nov 2002 18:04:38 -0000 1.5
+++ java/security/KeyStore.java 26 Mar 2003 04:24:04 -0000
@@ -1,5 +1,5 @@
/* KeyStore.java --- Key Store Class
- Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+ Copyright (C) 1999, 2002, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -44,37 +44,52 @@
import java.util.Enumeration;
/**
- Keystore represents an in-memory collection of keys and
- certificates. There are two types of entries:
-
- * Key Entry
-
- This type of keystore entry store sensitive crytographic key
- information in a protected format.Typically this is a secret
- key or a private key with a certificate chain.
-
-
- * Trusted Ceritificate Entry
-
- This type of keystore entry contains a single public key
- certificate belonging to annother entity. It is called trusted
- because the keystore owner trusts that the certificates
- belongs to the subject (owner) of the certificate.
-
- The keystore contains an "alias" string for each entry.
-
- The structure and persistentence of the key store is not
- specified. Any method could be used to protect sensitive
- (private or secret) keys. Smart cards or integrated
- cryptographic engines could be used or the keystore could
- be simply stored in a file.
+ * Keystore represents an in-memory collection of keys and
+ * certificates. There are two types of entries:
+ *
+ * <dl>
+ * <dt>Key Entry</dt>
+ *
+ * <dd><p>This type of keystore entry store sensitive crytographic key
+ * information in a protected format.Typically this is a secret
+ * key or a private key with a certificate chain.</p></dd>
+ *
+ * <dt>Trusted Ceritificate Entry</dt>
+ *
+ * <dd><p>This type of keystore entry contains a single public key
+ * certificate belonging to annother entity. It is called trusted
+ * because the keystore owner trusts that the certificates
+ * belongs to the subject (owner) of the certificate.</p></dd>
+ * </dl>
+ *
+ * <p>Entries in a key store are referred to by their "alias": a simple
+ * unique string.
+ *
+ * <p>The structure and persistentence of the key store is not
+ * specified. Any method could be used to protect sensitive
+ * (private or secret) keys. Smart cards or integrated
+ * cryptographic engines could be used or the keystore could
+ * be simply stored in a file.</p>
+ *
+ * @see java.security.cert.Certificate
+ * @see Key
*/
public class KeyStore
{
+
+ // Constants and fields.
+ // ------------------------------------------------------------------------
+
+ /** Service name for key stores. */
+ private static final String KEY_STORE = "KeyStore";
+
private KeyStoreSpi keyStoreSpi;
private Provider provider;
private String type;
+ // Constructors.
+ // ------------------------------------------------------------------------
+
/**
Creates an instance of KeyStore
@@ -89,16 +104,18 @@
this.type = type;
}
- /**
- Gets an instance of the KeyStore class representing
- the specified keystore. If the type is not
- found then, it throws KeyStoreException.
-
- @param type the type of keystore to choose
-
- @return a KeyStore repesenting the desired type
+ // Class methods.
+ // ------------------------------------------------------------------------
- @throws KeyStoreException if the type of keystore is not implemented by providers
+ /**
+ * Gets an instance of the KeyStore class representing
+ * the specified keystore. If the type is not
+ * found then, it throws KeyStoreException.
+ *
+ * @param type the type of keystore to choose
+ * @return a KeyStore repesenting the desired type
+ * @throws KeyStoreException if the type of keystore is not implemented
+ * by providers or the implementation cannot be instantiated.
*/
public static KeyStore getInstance(String type) throws KeyStoreException
{
@@ -106,95 +123,102 @@
for (int i = 0; i < p.length; i++)
{
- String classname = p[i].getProperty("KeyStore." + type);
- if (classname != null)
- return getInstance(classname, type, p[i]);
+ try
+ {
+ return getInstance(type, p[i]);
+ }
+ catch (KeyStoreException ignore)
+ {
+ }
}
throw new KeyStoreException(type);
}
/**
- Gets an instance of the KeyStore class representing
- the specified key store from the specified provider.
- If the type is not found then, it throws KeyStoreException.
- If the provider is not found, then it throws
- NoSuchProviderException.
-
- @param type the type of keystore to choose
- @param provider the provider name
-
- @return a KeyStore repesenting the desired type
-
- @throws KeyStoreException if the type of keystore is not
- implemented by the given provider
- @throws NoSuchProviderException if the provider is not found
- @throws IllegalArgumentException if the provider string is
- null or empty
+ * Gets an instance of the KeyStore class representing
+ * the specified key store from the specified provider.
+ * If the type is not found then, it throws KeyStoreException.
+ * If the provider is not found, then it throws
+ * NoSuchProviderException.
+ *
+ * @param type the type of keystore to choose
+ * @param provider the provider name
+ * @return a KeyStore repesenting the desired type
+ * @throws KeyStoreException if the type of keystore is not
+ * implemented by the given provider
+ * @throws NoSuchProviderException if the provider is not found
+ * @throws IllegalArgumentException if the provider string is
+ * null or empty
*/
public static KeyStore getInstance(String type, String provider)
throws KeyStoreException, NoSuchProviderException
{
if (provider == null || provider.length() == 0)
throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException();
- return getInstance(p.getProperty("KeyStore." + type), type, p);
+ return getInstance(type, p);
}
/**
- Gets an instance of the KeyStore class representing
- the specified key store from the specified provider.
- If the type is not found then, it throws KeyStoreException.
- If the provider is not found, then it throws
- NoSuchProviderException.
-
- @param type the type of keystore to choose
- @param provider the keystore provider
-
- @return a KeyStore repesenting the desired type
-
- @throws KeyStoreException if the type of keystore is not
- implemented by the given provider
- @throws IllegalArgumentException if the provider object is null
- @since 1.4
+ * Gets an instance of the KeyStore class representing
+ * the specified key store from the specified provider.
+ * If the type is not found then, it throws KeyStoreException.
+ * If the provider is not found, then it throws
+ * NoSuchProviderException.
+ *
+ * @param type the type of keystore to choose
+ * @param provider the keystore provider
+ * @return a KeyStore repesenting the desired type
+ * @throws KeyStoreException if the type of keystore is not
+ * implemented by the given provider
+ * @throws IllegalArgumentException if the provider object is null
+ * @since 1.4
*/
public static KeyStore getInstance(String type, Provider provider)
throws KeyStoreException
{
if (provider == null)
throw new IllegalArgumentException("Illegal provider");
-
- return getInstance(provider.getProperty("KeyStore." + type),
- type, provider);
- }
-
- private static KeyStore getInstance(String classname,
- String type,
- Provider provider)
- throws KeyStoreException
- {
try
{
- return new KeyStore((KeyStoreSpi) Class.forName(classname).
- newInstance(), provider, type);
- }
- catch (ClassNotFoundException cnfe)
- {
- throw new KeyStoreException("Class not found");
+ return new KeyStore(
+ (KeyStoreSpi) Engine.getInstance(KEY_STORE, type, provider),
+ provider, type);
}
- catch (InstantiationException ie)
+ catch (NoSuchAlgorithmException nsae)
{
- throw new KeyStoreException("Class instantiation failed");
+ throw new KeyStoreException(type);
}
- catch (IllegalAccessException iae)
+ catch (ClassCastException cce)
{
- throw new KeyStoreException("Illegal Access");
+ throw new KeyStoreException(type);
}
}
+ /**
+ * Returns the default KeyStore type. This method looks up the
+ * type in <JAVA_HOME>/lib/security/java.security with the
+ * property "keystore.type" or if that fails then "jks" .
+ */
+ public static final String getDefaultType()
+ {
+ // Security reads every property in java.security so it
+ // will return this property if it exists.
+ String tmp = Security.getProperty("keystore.type");
+
+ if (tmp == null)
+ tmp = "jks";
+
+ return tmp;
+ }
+
+ // Instance methods.
+ // ------------------------------------------------------------------------
/**
Gets the provider that the class is from.
@@ -471,21 +495,4 @@
keyStoreSpi.engineLoad(stream, password);
}
- /**
- Returns the default KeyStore type. This method looks up the
- type in <JAVA_HOME>/lib/security/java.security with the
- property "keystore.type" or if that fails then "jks" .
- */
- public static final String getDefaultType()
- {
- String tmp;
- //Security reads every property in java.security so it
- //will return this property if it exists.
- tmp = Security.getProperty("keystore.type");
-
- if (tmp == null)
- tmp = "jks";
-
- return tmp;
- }
}
Index: java/security/MessageDigest.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/MessageDigest.java,v
retrieving revision 1.8
diff -u -r1.8 MessageDigest.java
--- java/security/MessageDigest.java 9 Mar 2003 07:14:52 -0000 1.8
+++ java/security/MessageDigest.java 26 Mar 2003 04:24:05 -0000
@@ -84,11 +84,15 @@
* the superclass are intended for cryptographic service providers who wish to
* supply their own implementations of message digest algorithms.</p>
*
- * @see DigestInputStream
- * @see DigestOutputStream
+ * @see MessageDigestSpi
+ * @see Provider
+ * @since JDK 1.1
*/
public abstract class MessageDigest extends MessageDigestSpi
{
+ /** The service name for message digests. */
+ private static final String MESSAGE_DIGEST = "MessageDigest";
+
private String algorithm;
Provider provider;
private byte[] lastDigest;
@@ -96,9 +100,10 @@
/**
* Creates a message digest with the specified algorithm name.
*
- * @param algorithm the standard name of the digest algorithm. See Appendix A
- * in the Java Cryptography Architecture API Specification & Reference for
- * information about standard algorithm names.
+ * @param algorithm the standard name of the digest algorithm.
+ * See Appendix A in the Java Cryptography Architecture API
+ * Specification & Reference for information about standard
+ * algorithm names.
*/
protected MessageDigest(String algorithm)
{
@@ -157,8 +162,10 @@
public static MessageDigest getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
- Provider p = Security.getProvider(provider);
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+ Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException(provider);
@@ -187,71 +194,26 @@
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
-
- // try the name as is
- String className = provider.getProperty("MessageDigest." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("MessageDigest." + upper);
- if (className == null) // try if it's an alias
- {
- String alias = provider.getProperty(
- "Alg.Alias.MessageDigest." +algorithm);
- if (alias == null) // try all-uppercase alias name
- {
- alias = provider.getProperty("Alg.Alias.MessageDigest." +upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty("MessageDigest." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
-
- private static MessageDigest getInstance(String classname,
- String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
- if (classname == null)
- throw new NoSuchAlgorithmException(algorithm);
+ throw new IllegalArgumentException("Illegal provider");
MessageDigest result = null;
- try
- {
- Object obj = Class.forName(classname).newInstance();
- if (obj instanceof MessageDigest)
- {
- result = (MessageDigest) obj;
- result.algorithm = algorithm;
- }
- else if (obj instanceof MessageDigestSpi)
- result = new DummyMessageDigest((MessageDigestSpi) obj, algorithm);
- else
- throw new ClassCastException("Class "+classname+" from Provider "
- +provider.getName()
- +" does not extend java.security.MessageDigestSpi");
- result.provider = provider;
- return result;
- }
- catch (ClassNotFoundException cnfe)
+ Object o = Engine.getInstance(MESSAGE_DIGEST, algorithm, provider);
+
+ if (o instanceof MessageDigestSpi)
{
- throw new NoSuchAlgorithmException(algorithm + ": Class not found.");
+ result = new DummyMessageDigest((MessageDigestSpi) o, algorithm);
}
- catch (InstantiationException ie)
+ else if (o instanceof MessageDigest)
{
- throw new NoSuchAlgorithmException(
- algorithm + ": Class instantiation failed.");
+ result = (MessageDigest) o;
+ result.algorithm = algorithm;
}
- catch (IllegalAccessException iae)
+ else
{
- throw new NoSuchAlgorithmException(algorithm + ": Illegal Access");
+ throw new NoSuchAlgorithmException(algorithm);
}
+ result.provider = provider;
+ return result;
}
/**
@@ -312,10 +274,10 @@
* Completes the hash computation by performing final operations such as
* padding. The digest is reset after this call is made.
*
- * @param buf output buffer for the computed digest.
- * @param offset offset into the output buffer to begin storing the digest.
- * @param len number of bytes within buf allotted for the digest.
- * @return the number of bytes placed into buf.
+ * @param buf An output buffer for the computed digest.
+ * @param offset The offset into the output buffer to begin storing the digest.
+ * @param len The number of bytes within buf allotted for the digest.
+ * @return The number of bytes placed into buf.
* @throws DigestException if an error occurs.
*/
public int digest(byte[] buf, int offset, int len) throws DigestException
Index: java/security/SecureRandom.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/SecureRandom.java,v
retrieving revision 1.9
diff -u -r1.9 SecureRandom.java
--- java/security/SecureRandom.java 13 Feb 2003 17:00:50 -0000 1.9
+++ java/security/SecureRandom.java 26 Mar 2003 04:24:05 -0000
@@ -42,14 +42,24 @@
import java.util.Enumeration;
/**
- SecureRandom is the class interface for using SecureRandom
- providers. It provides an interface to the SecureRandomSpi
- engine so that programmers can generate pseudo-random numbers.
-
- @author Mark Benvenuto <[EMAIL PROTECTED]>
+ * An interface to a cryptographically secure pseudo-random number
+ * generator (PRNG). Random (or at least unguessable) numbers are used
+ * in all areas of security and cryptography, from the generation of
+ * keys and initialization vectors to the generation of random padding
+ * bytes.
+ *
+ * @author Mark Benvenuto <[EMAIL PROTECTED]>
+ * @author Casey Marshall
*/
public class SecureRandom extends Random
{
+
+ // Constants and fields.
+ // ------------------------------------------------------------------------
+
+ /** Service name for PRNGs. */
+ private static final String SECURE_RANDOM = "SecureRandom";
+
static final long serialVersionUID = 4940670005562187L;
//Serialized Field
@@ -60,6 +70,9 @@
SecureRandomSpi secureRandomSpi = null;
byte[] state = null;
+ // Constructors.
+ // ------------------------------------------------------------------------
+
/**
Default constructor for SecureRandom. It constructs a
new SecureRandom by instantating the first SecureRandom
@@ -69,7 +82,7 @@
on the first call to getnextBytes it will force a seed.
It is maintained for backwards compatibility and programs
- should use getInstance.
+ should use [EMAIL PROTECTED] #getInstance(java.lang.String)}.
*/
public SecureRandom()
{
@@ -88,20 +101,20 @@
{
key = (String) e.nextElement();
if (key.startsWith("SECURERANDOM."))
- {
- if ((classname = p[i].getProperty(key)) != null)
- {
- try
- {
- secureRandomSpi = (SecureRandomSpi) Class.
- forName(classname).newInstance();
- provider = p[i];
- return;
- }
- catch (Throwable ignore) { }
- }
- }
- }
+ {
+ if ((classname = p[i].getProperty(key)) != null)
+ {
+ try
+ {
+ secureRandomSpi = (SecureRandomSpi) Class.
+ forName(classname).newInstance();
+ provider = p[i];
+ return;
+ }
+ catch (Throwable ignore) { }
+ }
+ }
+ }
}
// Nothing found. Fall back to SHA1PRNG
@@ -141,15 +154,17 @@
this.provider = provider;
}
- /**
- Returns an instance of a SecureRandom. It creates the class
- for the specified algorithm if it exists from a provider.
-
- @param algorithm A SecureRandom algorithm to use
+ // Class methods.
+ // ------------------------------------------------------------------------
- @return Returns a new SecureRandom implmenting the chosen algorithm
-
- @throws NoSuchAlgorithmException if the algorithm cannot be found
+ /**
+ * Returns an instance of a SecureRandom. It creates the class from
+ * the first provider that implements it.
+ *
+ * @param algorithm The algorithm name.
+ * @return A new SecureRandom implmenting the given algorithm.
+ * @throws NoSuchAlgorithmException If no installed provider implements
+ * the given algorithm.
*/
public static SecureRandom getInstance(String algorithm) throws
NoSuchAlgorithmException
@@ -157,11 +172,13 @@
Provider p[] = Security.getProviders();
for (int i = 0; i < p.length; i++)
{
- try
- {
- return getInstance(algorithm, p[i]);
- }
- catch (NoSuchAlgorithmException ignored) { }
+ try
+ {
+ return getInstance(algorithm, p[i]);
+ }
+ catch (NoSuchAlgorithmException ignored)
+ {
+ }
}
// None found.
@@ -169,21 +186,26 @@
}
/**
- Returns an instance of a SecureRandom. It creates the class
- for the specified algorithm from the specified provider.
-
- @param algorithm A SecureRandom algorithm to use
- @param provider A security provider to use
-
- @return Returns a new SecureRandom implmenting the chosen algorithm
-
- @throws NoSuchAlgorithmException if the algorithm cannot be found
- @throws NoSuchProviderException if the provider cannot be found
+ * Returns an instance of a SecureRandom. It creates the class
+ * for the specified algorithm from the named provider.
+ *
+ * @param algorithm The algorithm name.
+ * @param provider The provider name.
+ * @return A new SecureRandom implmenting the chosen algorithm.
+ * @throws NoSuchAlgorithmException If the named provider does not implement
+ * the algorithm, or if the implementation cannot be
+ * instantiated.
+ * @throws NoSuchProviderException If no provider named
+ * <code>provider</code> is currently installed.
+ * @throws IllegalArgumentException If <code>provider</code> is null
+ * or is empty.
*/
- public static SecureRandom getInstance(String algorithm,
- String provider) throws
- NoSuchAlgorithmException, NoSuchProviderException
+ public static SecureRandom getInstance(String algorithm, String provider)
+ throws NoSuchAlgorithmException, NoSuchProviderException
{
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException();
@@ -192,88 +214,35 @@
}
/**
- Returns an instance of a SecureRandom. It creates the class for
- the specified algorithm from the given provider.
-
- @param algorithm The SecureRandom algorithm to create.
- @param provider The provider to get the instance from.
-
- @throws NoSuchAlgorithmException If the algorithm cannot be found, or
- if the class cannot be instantiated.
- */
- public static SecureRandom getInstance(String algorithm,
- Provider provider) throws
- NoSuchAlgorithmException
- {
- return getInstance(algorithm, provider, true);
- }
-
- /**
- Creates the instance of SecureRandom, recursing to resolve aliases.
-
- @param algorithm The SecureRandom algorithm to create.
- @param provider The provider to get the implementation from.
- @param recurse Whether or not to recurse to resolve aliases.
-
- @throws NoSuchAlgorithmException If the algorithm cannot be found,
- if there are too many aliases, or if the class cannot be
- instantiated.
- */
- private static SecureRandom getInstance(String algorithm,
- Provider provider,
- boolean recurse)
- throws NoSuchAlgorithmException
- {
- String msg = algorithm;
- for (Enumeration e = provider.propertyNames(); e.hasMoreElements(); )
+ * Returns an instance of a SecureRandom. It creates the class for
+ * the specified algorithm from the given provider.
+ *
+ * @param algorithm The SecureRandom algorithm to create.
+ * @param provider The provider to get the instance from.
+ * @throws NoSuchAlgorithmException If the algorithm cannot be found, or
+ * if the class cannot be instantiated.
+ * @throws IllegalArgumentException If <code>provider</code> is null.
+ */
+ public static SecureRandom getInstance(String algorithm, Provider provider)
+ throws NoSuchAlgorithmException
+ {
+ if (provider == null)
+ throw new IllegalArgumentException("Illegal provider");
+ try
{
- // We could replace the boolean with an integer, incrementing it
- // every
- String key = (String) e.nextElement();
- if (key.startsWith("SECURERANDOM.")
- && key.substring(13).equalsIgnoreCase(algorithm))
- {
- try
- {
- Class c = Class.forName(provider.getProperty(key));
- return new SecureRandom((SecureRandomSpi) c.newInstance(),
- provider);
- }
- catch (Throwable ignored) { }
- }
- else if (key.startsWith("ALG.ALIAS.SECURERANDOM.")
- && key.substring(23).equalsIgnoreCase(algorithm) && recurse)
- {
- try
- {
- // First see if this alias refers to a class in this
- // provider.
- return getInstance(provider.getProperty(key), provider, false);
- }
- catch (NoSuchAlgorithmException nsae)
- {
- Provider[] provs = Security.getProviders();
- for (int i = 0; i < provs.length; i++)
- {
- if (provs[i] == provider)
- continue;
- // Now try other providers for the implementation
- try
- {
- return getInstance(provider.getProperty(key),
- provs[i], false);
- }
- catch (NoSuchAlgorithmException nsae2)
- {
- msg = nsae2.getMessage();
- }
- }
- }
- }
+ return new SecureRandom((SecureRandomSpi)
+ Engine.getInstance(SECURE_RANDOM, algorithm, provider),
+ provider);
+ }
+ catch (ClassCastException cce)
+ {
+ throw new NoSuchAlgorithmException(algorithm);
}
- throw new NoSuchAlgorithmException(algorithm);
}
+ // Instance methods.
+ // ------------------------------------------------------------------------
+
/**
Returns the provider being used by the current SecureRandom class.
@@ -318,8 +287,8 @@
(byte) (0xff & (seed >> 16)),
(byte) (0xff & (seed >> 8)),
(byte) (0xff & seed)
- };
- secureRandomSpi.engineSetSeed(tmp);
+ };
+ secureRandomSpi.engineSetSeed(tmp);
}
}
Index: java/security/Signature.java
===================================================================
RCS file: /cvsroot/classpath/classpath/java/security/Signature.java,v
retrieving revision 1.10
diff -u -r1.10 Signature.java
--- java/security/Signature.java 12 Mar 2003 17:33:06 -0000 1.10
+++ java/security/Signature.java 26 Mar 2003 04:24:05 -0000
@@ -1,5 +1,5 @@
/* Signature.java --- Signature Class
- Copyright (C) 1999, 2002, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1999, 2002, 2003 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -107,12 +107,18 @@
*/
public abstract class Signature extends SignatureSpi
{
+ /** Service name for signatures. */
+ private static final String SIGNATURE = "Signature";
+
/**
* Possible <code>state</code> value, signifying that this signature object
* has not yet been initialized.
*/
protected static final int UNINITIALIZED = 0;
+ // Constructor.
+ // ------------------------------------------------------------------------
+
/**
* Possible <code>state</code> value, signifying that this signature object
* has been initialized for signing.
@@ -196,6 +202,9 @@
public static Signature getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
+ if (provider == null || provider.length() == 0)
+ throw new IllegalArgumentException("Illegal provider");
+
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException(provider);
@@ -225,62 +234,26 @@
throws NoSuchAlgorithmException
{
if (provider == null)
- throw new IllegalArgumentException();
-
- // try the name as is
- String className = provider.getProperty("Signature." + algorithm);
- if (className == null) // try all uppercase
- {
- String upper = algorithm.toUpperCase();
- className = provider.getProperty("Signature." + upper);
- if (className == null) // try if it's an alias
- {
- String alias = provider.getProperty("Alg.Alias.Signature." + algorithm);
- if (alias == null)
- {
- alias = provider.getProperty("Alg.Alias.Signature." + upper);
- if (alias == null) // spit the dummy
- throw new NoSuchAlgorithmException(algorithm);
- }
- className = provider.getProperty("Signature." + alias);
- if (className == null)
- throw new NoSuchAlgorithmException(algorithm);
- }
- }
- return getInstance(className, algorithm, provider);
- }
+ throw new IllegalArgumentException("Illegal provider");
- private static Signature getInstance(String classname, String algorithm,
- Provider provider)
- throws NoSuchAlgorithmException
- {
- try
- {
- Object o = Class.forName(classname).newInstance();
- Signature sig;
- if (o instanceof SignatureSpi)
- sig = new DummySignature((SignatureSpi) o, algorithm);
- else
- {
- sig = (Signature) o;
- sig.algorithm = algorithm;
- }
+ Signature result = null;
+ Object o = Engine.getInstance(SIGNATURE, algorithm, provider);
- sig.provider = provider;
- return sig;
- }
- catch (ClassNotFoundException cnfe)
+ if (o instanceof SignatureSpi)
{
- throw new NoSuchAlgorithmException("Class not found");
+ result = new DummySignature((SignatureSpi) o, algorithm);
}
- catch (InstantiationException ie)
+ else if (o instanceof Signature)
{
- throw new NoSuchAlgorithmException("Class instantiation failed");
+ result = (Signature) o;
+ result.algorithm = algorithm;
}
- catch (IllegalAccessException iae)
+ else
{
- throw new NoSuchAlgorithmException("Illegal Access");
+ throw new NoSuchAlgorithmException(algorithm);
}
+ result.provider = provider;
+ return result;
}
/**
_______________________________________________
Classpath mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/classpath
