mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

First checkin of Network Security Services, Java version.

This commit is contained in:
nicolson%netscape.com 2000-12-15 20:53:03 +00:00
Родитель 31e9a7c014
Коммит eea1482d41
361 изменённых файлов: 66095 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

90
security/jss/Makefile Normal file
Просмотреть файл

@ -0,0 +1,90 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
# don't even try to build for now
default:
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
nss_release::
ifdef BUILD_OPT
@echo "== nss_release.pl =="
@perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/ninja/nss_release.pl \
"RELEASE_TREE=$(RELEASE_TREE)" \
"RELEASE=$(RELEASE)" \
"RELEASE_VERSION=$(RELEASE_VERSION)" \
"PLATFORM=$(PLATFORM)" \
"OS_ARCH=$(OS_ARCH)"
else
@echo "The \"nss_release.pl\" script may ONLY be used on OPTimized builds!!!"
endif

76
security/jss/cmd/Makefile Normal file
Просмотреть файл

@ -0,0 +1,76 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################

252
security/jss/cmd/jssjava/GenNativesToRegister.pl Normal file
Просмотреть файл

@ -0,0 +1,252 @@
#!/usr/bin/perl
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
############################################################################
# (I) Offer a standard "Usage:" statement and process command line options #
############################################################################
# (A) Print out the "Usage:" statement since there must always
# be at least TWO command line arguments to $0.
if ( "$ARGV[1]" eq "" )
{
USAGE:
print( STDERR "Usage: perl " );
print( STDERR $0 );
print( STDERR " <generated_filename>" );
print( STDERR " <jni_header_1>" );
print( STDERR " [jni_header_2] . . ." );
print( STDERR " [jni_header_n]\n" );
exit( -1 );
}
# (B) Initialize array index
$index = 0;
# (C) Process all command line options
while( $_ = $ARGV[0] )
{
if( ( "$ARGV[0]" eq "help" ) || ( "$ARGV[0]" eq "?" ) )
{
# (1) print Usage: message
goto USAGE;
}
elsif( "$ARGV[0]" =~ /^(.*).h$/ )
{
# (2) retrieve name of generated file
$generated_header_filename = $ARGV[0];
}
else
{
# (3) retrieve name of jni file
$jni_header_filename[$index] = "_jni/";
$jni_header_filename[$index] .= $ARGV[0];
$jni_header_filename[$index] =~ s/\./_/g;
$jni_header_filename[$index] .= ".h";
# (4) store class "path" of jni
$jni_class_path[$index] = $ARGV[0];
$jni_class_path[$index] =~ s/\./\//g;
# (5) compose native "name" of jni array entry
$jni_native_methods[$index] = "&";
$jni_native_methods[$index] .= $ARGV[0];
$jni_native_methods[$index] =~ s/\./_/g;
$jni_native_methods[$index] .= "_natives[0]";
$index++;
}
shift;
}
############################################################################
# (II) Generate header file containing native method registration material #
############################################################################
# (A) If it exists, remove the old header file
# prior to regenerating a new header file
if( -e $generated_header_filename )
{
unlink $generated_header_filename;
}
# (B) Create a new file that will contain all
# native method registration material
open( FD, ">>$generated_header_filename" );
# (C) Compose header section of new file
# (1) print the static portion
print( FD "/**-- DO NOT EDIT THIS FILE. IT IS MACHINE GENERATED --**/\n" );
print( FD "#include <jni.h>\n\n" );
# (2) print the computed portion
for( $index = 0; $index < scalar( @jni_header_filename ); $index++ )
{
print( FD "#include \"$jni_header_filename[$index]\"\n" );
}
print( FD "\n" );
# (D) Process all jni files
for( $index = 0; $index < scalar( @jni_header_filename ); $index++ )
{
# (1) initialize $class, $method, $signature,
# $jnimethod, and $jnimethod_count
$class = "";
$method = "";
$signature = "";
$jnimethod = "";
$jnimethod_count[$index] = 0;
# (2) open this jni file
open( JNIFD, $jni_header_filename[$index] );
# (3) process first value of "Class:" in this jni file
while( $line = <JNIFD> )
{
if( $line =~ /Class:/ )
{
# (a) remove all trailing white space
$line =~ s/\s*$//;
# (b) assign relevant portion of "Class:" string
$class = substr( $line, rindex( $line, " " ) + 1 );
# (c) print "Class:" string to file as an array name
print( FD "const JNINativeMethod ", $class, "_natives[] =\n" );
print( FD "{\n" );
# (d) break
last;
}
}
# (4) process each value of "Method:", "Signature:",
# and "JNIEXPORT" in this jni file
while( $line = <JNIFD> )
{
if( $line =~ /Method:/ )
{
# (a) remove all trailing white space
$line =~ s/\s*$//;
# (b) assign relevant portion of "Method:" string
$method = substr( $line, rindex( $line, " " ) + 1 );
}
elsif( $line =~ /Signature:/ )
{
# (c) remove all trailing white space
$line =~ s/\s*$//;
# (d) assign relevant portion of "Signature:" string
$signature = substr( $line, rindex( $line, " " ) + 1 );
}
elsif( $line =~ /JNIEXPORT/ )
{
# (e) remove all trailing white space
$line =~ s/\s*$//;
# (f) assign relevant portion of "JNIEXPORT" string
$jnimethod = substr( $line, rindex( $line, " " ) + 1 );
}
# (5) construct array entry from $method,
# $signature, and $jnimethod
if( ( $method ne "" ) &&
( $signature ne "" ) &&
( $jnimethod ne "" ) )
{
# (a) print an array value
print( FD " {\"", $method, "\", " );
print( FD "\"", $signature, "\", " );
print( FD "(void *)", $jnimethod, "},\n" );
# (b) increment the total number of
# JNI methods for this file
$jnimethod_count[$index]++;
# (c) reset $method, $signature,
# and $jnimethod to be empty
$method = "";
$signature = "";
$jnimethod = "";
}
}
# (5) terminate this native JNI methods array
print( FD " 0\n" );
print( FD "};\n\n" );
# (6) close this jni file
close( JNIFD );
# (7) move to next jni file
shift;
}
# (E) Compose footer section of new file
# (1) print the static portion
print( FD "struct native_methods {\n" );
print( FD " char *classname;\n" );
print( FD " int nmethods;\n" );
print( FD " const JNINativeMethod *nat_methods;\n" );
print( FD "} nativeMethods[] =\n" );
print( FD "{\n" );
# (2) print the computed portion
for( $index = 0; $index < scalar( @jni_header_filename ); $index++ )
{
print( FD " {\"$jni_class_path[$index]\", " );
print( FD "$jnimethod_count[$index], " );
print( FD "$jni_native_methods[$index]},\n" );
}
# (3) terminate the footer
print( FD " 0\n" );
print( FD "};\n\n" );
# (F) Close the new file that now contains all
# native method registration material
close( FD );

103
security/jss/cmd/jssjava/Makefile Normal file
Просмотреть файл

@ -0,0 +1,103 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
all::
gmake -f jnigen.mk
gmake -f csrcs.mk
import::
gmake -f jnigen.mk import
gmake -f csrcs.mk import
clean::
gmake -f jnigen.mk clean
gmake -f csrcs.mk clean
export::
gmake -f jnigen.mk export
gmake -f csrcs.mk export
private_export::
gmake -f jnigen.mk private_export
gmake -f csrcs.mk private_export
libs::
gmake -f jnigen.mk libs
gmake -f csrcs.mk libs
program::
gmake -f jnigen.mk program
gmake -f csrcs.mk program
install::
gmake -f jnigen.mk install
gmake -f csrcs.mk install
release::
gmake -f jnigen.mk release
gmake -f csrcs.mk release
release_clean::
gmake -f jnigen.mk release_clean
gmake -f csrcs.mk release_clean
release_export::
gmake -f jnigen.mk release_export
gmake -f csrcs.mk release_export
release_classes::
gmake -f jnigen.mk release_classes
gmake -f csrcs.mk release_classes
ifneq ($(POLICY),)
release_policy::
gmake -f jnigen.mk release_policy
gmake -f csrcs.mk release_policy
endif
release_md::
gmake -f jnigen.mk release_md
gmake -f csrcs.mk release_md
release_jars::
gmake -f jnigen.mk release_jars
gmake -f csrcs.mk release_jars
release_cpdistdir::
gmake -f jnigen.mk release_cpdistdir
gmake -f csrcs.mk release_cpdistdir
tests::
gmake -f jnigen.mk tests
gmake -f csrcs.mk tests

387
security/jss/cmd/jssjava/README Normal file
Просмотреть файл

@ -0,0 +1,387 @@
The contents of this file are subject to the Mozilla Public
License Version 1.1 (the "License"); you may not use this file
except in compliance with the License. You may obtain a copy of
the License at http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS
IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
implied. See the License for the specific language governing
rights and limitations under the License.
The Original Code is Netscape Security Services for Java.
The Initial Developer of the Original Code is Netscape
Communications Corporation. Portions created by Netscape are
Copyright (C) 1998-2000 Netscape Communications Corporation. All
Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the
terms of the GNU General Public License Version 2 or later (the
"GPL"), in which case the provisions of the GPL are applicable
instead of those above. If you wish to allow use of your
version of this file only under the terms of the GPL and not to
allow others to use your version of this file under the MPL,
indicate your decision by deleting the provisions above and
replace them with the notice and other provisions required by
the GPL. If you do not delete the provisions above, a recipient
may use your version of this file under either the MPL or the
GPL.
****************************************************************
Ninja 1.5
Build 1998????
****************************************************************
**
** Directory organization of this release
**
****************************************************************
The domestic version of this release is located under:
- /m/dist/ninja/domestic/JSS_1_5
The export version of this release is located under:
- /m/dist/ninja/export/JSS_1_5
Each version of the release consists of the following:
- a JAR file, xpclass.jar, that contains all of the public class files.
- a JAR file, xpclass_g.jar, that contains all of the debuggable public class
files.
- <platform> directories: where <platform> is of the form
<os-name><os-version>[_<compiler>][_<implementation strategy>]_<DBG/OPT>.OBJ
For example,
IRIX6.2_DBG.OBJ (debug build)
SunOS5.5.1_OPT.OBJ (optimized build)
SunOS5.5.1_gcc_DBG.OBJ (built using the non-native compiler gcc)
OSF1V4.0_PTH_DBG.OBJ (PTH means the implementation uses pthreads.)
AIX4.1_PTH_USER_DBG.OBJ (PTH_USER means the implementation is
a combination of user-level threads and pthreads.)
Under each <platform> directory is the file, mdbinary.jar. This is a
JAR file containing the compiled programs and libraries.
************************************************************
**
** Java Cross-platform code
** (Debug and Optimized, Domestic and Export)
**
************************************************************
All java code is built once per tree instance, and MUST be
built using the latest JDK available on all of the platforms.
At the current time, this is JDK 1.1.6.
************************************************************
**
** Platforms supported for Native JNI code
** (Debug and Optimized, Domestic and Export)
**
************************************************************
The following platforms are supported:
- Solaris on sparc: 2.5.1 (built with cc and JDK 1.1.6 libraries
running on native threads [Sun threads])
- Solaris on sparc: 2.6 (symbolically linked to corresponding
Solaris 2.5.1 releases)
- WIN95: 4.0 (built with Visual C++ 5.0 and JDK 1.1.6
libraries running on non-fiberous threads)
- WINNT: 4.0 (symbolically linked to corresponding
Windows 95 4.0 releases)
- HP-UX: B.11.00 (built with cc and JDK 1.1.5 libraries
running on native threads [pthreads])
************************************************************
**
** Future platforms supported for Native JNI code
** (Debug and Optimized, Domestic and Export)
**
************************************************************
The following platforms will be supported in the near future:
- AIX: 4.3 (built with cc and JDK 1.1.6 libraries
running on native threads [pthreads])
- IRIX: 6.2 (built with cc with "-n32" and JDK 1.1.5
libraries running on native threads [pthreads])
- OSF/1: 4.0D (built with cc and JDK 1.1.6 libraries
running on native threads [pthreads])
- Linux: 2.1 (built with gcc and JDK 1.1.3 libraries
running on native threads [pthreads])
************************************************************
**
** How to build Ninja yourself
**
************************************************************
To build this version of Ninja yourself, execute the following
instructions:
On UNIX machines (assuming tcsh):
For the FIRST INSTANCE of Ninja in your build tree:
1) IMPORTANT: If you have NOT built Ninja in your current tree, and
this is the FIRST platform that you are building it on,
then you MUST set the following environment variable
in order to build JAVA and JNI headers!!! Additionally,
this platform MUST utilize the latest "approved" version
of the JDK, since JAVA and JNI headers are only ever
built ONCE per instance of build tree!!! Note that at
the time of this writing, the only acceptible INITIAL
UNIX build platforms are Sun, AIX, and OSF/1.
setenv NS_USE_JDK_TOOLSET 1
2) You MAY need to set the following environment variables for this
platform:
setenv CVSROOT /m/src
setenv USE_PTHREADS 1
setenv USE_N32 1
setenv JAVA_HOME [...]
3) You MAY need to unset the following environment variables for this
platform:
unsetenv CVSREAD
unsetenv JAVAC
unsetenv JAVAH
unsetenv JMC
unsetenv USE_PTHREADS
unsetenv USE_N32
4) Check out the following source code directories (FIRST TIME ONLY!)
cvs co ns/coreconf
cvs co -r JSS_1_5 ns/ninja
cvs co ns/security/lib
cvs co -r JSS_1_5 ns/security/lib/manifest.mn
5) Setup ns/coreconf to reference the correct compiler paths for this
platform
cd ns/coreconf
source ./.cshrc
6) Build "nsinstall" executable for this platform
gmake
gmake BUILD_OPT=1
7) Import Ninja support files for this platform
cd ../ninja
gmake import
gmake BUILD_OPT=1 import
8) Change to the security directory
cd ../security/lib
9) Build the security library
gmake private_export
gmake
gmake BUILD_OPT=1
10) Change back to the ninja directory
cd ../../ninja
11) Create Ninja private exports (FIRST TIME ONLY!)
gmake private_export
12) Begin building Ninja from a "fresh" tree (FIRST TIME ONLY!)
gmake clean
gmake BUILD_OPT=1 clean
13) Build "standard debuggable" version for this UNIX
(e. g. - SunOS5.5.1_DBG.OBJ)
gmake
14) Build "standard optimized" version for this UNIX
(e. g. - SunOS5.5.1_OPT.OBJ)
gmake BUILD_OPT=1
15) You MUST always ensure that the following environment variable
is UNSET for ALL of the remaining builds!!!:
unsetenv NS_USE_JDK_TOOLSET
16) Build "_g debuggable" version for this UNIX
(e. g. - SunOS5.5.1_DBG.OBJ)
gmake JDK_DEBUG=1
For the FOLLOWING INSTANCES of Ninja in your build tree:
17) You MUST always ensure that the following environment variables
are UNSET for ALL of the remaining builds!!!:
unsetenv NS_USE_JDK_TOOLSET
unsetenv USE_PTHREADS
unsetenv USE_N32
18) You MAY need to set the following environment variables for this
platform:
setenv CVSROOT /m/src
setenv USE_PTHREADS 1 (this MUST be set on IRIX ONLY!!!)
setenv USE_N32 1 (this MUST be set on IRIX ONLY!!!)
setenv JAVA_HOME [...]
19) You MAY need to unset the following environment variables for this
platform:
unsetenv CVSREAD
unsetenv JAVAC
unsetenv JAVAH
unsetenv JMC
20) Setup ns/coreconf to reference the correct compiler paths for this
platform
cd ns/coreconf
source ./.cshrc
21) Build "nsinstall" executable for this platform
gmake
gmake BUILD_OPT=1
22) Import Ninja support files for this platform
cd ../ninja
gmake import
gmake BUILD_OPT=1 import
23) Change to the security directory
cd ../security/lib
24) Build the security library
gmake private_export
gmake
gmake BUILD_OPT=1
25) Change back to the ninja directory
cd ../../ninja
26) Build "standard debuggable" version for this UNIX
(e. g. - SunOS5.5.1_DBG.OBJ)
gmake
27) Build "standard optimized" version for this UNIX
(e. g. - SunOS5.5.1_OPT.OBJ)
gmake BUILD_OPT=1
28) Build "_g debuggable" version for this UNIX
(e. g. - SunOS5.5.1_DBG.OBJ)
gmake JDK_DEBUG=1
On Windows NT machines (assuming DOS shell):
For the FIRST INSTANCE of Ninja in your build tree:
1) IMPORTANT: If you have NOT built Ninja in your current tree, and
this is the FIRST platform that you are building it on,
then you MUST set the following environment variable
in order to build JAVA and JNI headers!!! Additionally,
this platform MUST utilize the latest "approved" version
of the JDK, since JAVA and JNI headers are only ever
built ONCE per instance of build tree!!!
set NS_USE_JDK_TOOLSET=1
2) Set the following environment variables for this platform:
set OS_TARGET=WIN95
set CVSROOT=:pserver:<username>@cvsserver:/m/src
set JAVA_HOME=[location of local JDK] (use UNIX forward slashes!)
3) You MAY need to unset the following environment variables for this
platform:
unset CVSREAD
unset JAVAC
unset JAVAH
unset JMC
4) Check out the following source code directories (FIRST TIME ONLY!)
cvs login
cvs co ns/coreconf
cvs co -r JSS_1_5 ns/ninja
cvs co ns/security/lib
cvs co -r JSS_1_5 ns/security/lib/manifest.mn
5) Import Ninja support files for this platform
cd ..\ninja
gmake import
gmake BUILD_OPT=1 import
6) Change to the security directory
cd ..\security\lib
7) Build the security library
gmake private_export
gmake
gmake BUILD_OPT=1
8) Change back to the ninja directory
cd ..\..\ninja
9) Create Ninja private exports (FIRST TIME ONLY!)
gmake private_export
10) HACK: Use the MKS toolkit shell (sh.exe) instead of shmsdos.exe!!!
copy shmsdos.exe shmsdos.sav
copy [MKS home]\sh.exe shmsdos.exe
11) Begin building Ninja from a "fresh" tree (FIRST TIME ONLY!)
gmake clean
gmake BUILD_OPT=1 clean
12) Build "standard debuggable" WIN954.0_DBG.OBJ version
gmake
13) Build "standard optimized" WIN954.0_OPT.OBJ version
gmake BUILD_OPT=1
14) You MUST always ensure that the following environment variable
is UNSET for ALL of the remaining builds!!!:
unset NS_USE_JDK_TOOLSET
15) Build "_g debuggable" WIN954.0_DBG.OBJ version
gmake JDK_DEBUG=1
16) IMPORTANT: Restore original shmsdos.exe!!!
copy shmsdos.sav shmsdos.exe

67
security/jss/cmd/jssjava/README.NSS Normal file
Просмотреть файл

@ -0,0 +1,67 @@
The contents of this file are subject to the Mozilla Public
License Version 1.1 (the "License"); you may not use this file
except in compliance with the License. You may obtain a copy of
the License at http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS
IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
implied. See the License for the specific language governing
rights and limitations under the License.
The Original Code is Netscape Security Services for Java.
The Initial Developer of the Original Code is Netscape
Communications Corporation. Portions created by Netscape are
Copyright (C) 1998-2000 Netscape Communications Corporation. All
Rights Reserved.
Contributor(s):
Alternatively, the contents of this file may be used under the
terms of the GNU General Public License Version 2 or later (the
"GPL"), in which case the provisions of the GPL are applicable
instead of those above. If you wish to allow use of your
version of this file only under the terms of the GPL and not to
allow others to use your version of this file under the MPL,
indicate your decision by deleting the provisions above and
replace them with the notice and other provisions required by
the GPL. If you do not delete the provisions above, a recipient
may use your version of this file under either the MPL or the
GPL.
**********************************************************************
README.ninja contains instructions for building Ninja normally.
The following addenda tell how to build the version of Ninja that
is included with NSS 2.0.
1. Checkout ns/ninja with the tag NSS2_0_RELEASE instead of JSS_1_3.
2. Before building, do "setenv STANDALONE_LIBJSS 1". This will cause
libjss.so/jss.dll to have NSPR embedded in it. Normal Ninja builds do
not embed NSPR.
3. To release to /m/dist, do NOT do "gmake release". First set the release
version to something suitable by doing something like
"setenv RELEASE_VERSION NSS_2_0". Then, in the top level directory of
ninja (ns/ninja), do "gmake nss_release". This will create one of the
following outputs in /m/dist/ninja/<RELEASE_VERSION>:
UNIX
====
unixjss.tar
- jss.zip
- contains JSS classes for SSL and initialization
- libjss.so
- native implementation library, consists of security, NSPR, DBM,
and the native JSS code.
WINDOWS
=======
winjss.zip
- jss.zip
- same as in the UNIX version, contains JSS classes for SSL
and initialization
- jss.dll
- native implementation library, consists of security, NSPR, DBM,
and the native JSS code.

109
security/jss/cmd/jssjava/config.mk Normal file
Просмотреть файл

@ -0,0 +1,109 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# Adjust specific variables for specific platforms #
#######################################################################
# We don't need static, import, or purify libraries
LIBRARY=
IMPORT_LIBRARY=
PURE_LIBRARY=
# Get rid of embedded "32" in library names on Windows
ifeq ($(OS_ARCH),WINNT)
SHARED_LIBRARY := $(subst 32,,$(SHARED_LIBRARY))
SHARED_LIBRARY_G := $(subst 32,,$(SHARED_LIBRARY_G))
endif
#######################################################################
# Adjust specific variables for all platforms #
#######################################################################
OS_CFLAGS += -DNSPR20=1
ifeq ($(OS_ARCH),WINNT)
LDOPTS += -PDB:NONE
endif
# Only used for "sanitizing" the release
STATIC_LIB_EXTENSION=
DYNAMIC_LIB_EXTENSION=
PURE_LIB_EXTENSION=
# Include "funky" link path to pick up ALL native libraries for OSF/1.
ifeq ($(OS_ARCH), OSF1)
JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR).no
endif
#######################################################################
# Set the LDFLAGS value to encompass all normal link options and all #
# special system linking options #
#######################################################################
ifneq ($(STANDALONE_LIBJSS),0)
LDFLAGS += $(LDOPTS) $(LIBJSSSSL) $(LIBJSSMANAGE) $(LIBSVRPLCY) $(LIBJSSPOLICY) $(LIBJSSPKCS11) $(LIBJSSMANAGE) $(LIBJSSCRYPTO) $(LIBJSSPKCS11) $(LIBJSSUTIL) $(LIBJSSMANAGE) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBJSSHCLHACKS) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS12) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(LIBPLDS) $(LIBPLC) $(LIBPR) $(JAVA_LIBS) $(DLLSYSTEM)
else
LDFLAGS += $(LDOPTS) $(LIBJSSSSL) $(LIBJSSMANAGE) $(LIBSVRPLCY) $(LIBJSSPOLICY) $(LIBJSSPKCS11) $(LIBJSSMANAGE) $(LIBJSSCRYPTO) $(LIBJSSPKCS11) $(LIBJSSUTIL) $(LIBJSSMANAGE) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBJSSHCLHACKS) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS12) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(DLLPLDS) $(DLLPLC) $(DLLPR) $(JAVA_LIBS) $(DLLSYSTEM)
endif
#######################################################################
# Set the LD_LIBS value to encompass all static JSS, security, and #
# dbm libraries #
#######################################################################
ifeq ($(OS_ARCH), OSF1)
LD_LIBS += $(LIBJSSSSL) $(LIBJSSMANAGE) $(LIBSVRPLCY) $(LIBJSSPOLICY) $(LIBJSSPKCS11) $(LIBJSSCRYPTO) $(LIBJSSUTIL) $(LIBJSSHCLHACKS) $(LIBSSL) $(LIBSECMOD) $(LIBPKCS12) $(LIBCERT) $(LIBPKCS7) $(LIBKEY) $(LIBCRYPTO) $(LIBHASH) $(LIBSECUTIL) $(LIBDBM)
else
LD_LIBS += $(LIBJSSSSL) $(LIBJSSMANAGE) $(LIBSVRPLCY) $(LIBJSSPOLICY) $(LIBJSSPKCS11) $(LIBJSSMANAGE) $(LIBJSSCRYPTO) $(LIBJSSUTIL) $(LIBJSSHCLHACKS) $(LIBJSSMANAGE) $(LIBSSL) $(LIBSECMOD) $(LIBPKCS12) $(LIBCERT) $(LIBPKCS7) $(LIBKEY) $(LIBCRYPTO) $(LIBHASH) $(LIBSECUTIL) $(LIBDBM)
endif
#######################################################################
# Append additional LD_LIBS value to encompass all dynamic NSPR 2.0, #
# java, and system libraries #
#######################################################################
ifneq ($(STANDALONE_LIBJSS),0)
# NSPR is included in libjss
ifeq ($(OS_ARCH), WINNT)
LD_LIBS += $(LIBPLDS) $(LIBPLC) $(LIBPR) $(JAVA_LIBS) $(DLLSYSTEM)
else
LD_LIBS += -L$(SOURCE_LIB_DIR) $(LIBPLDS) $(LIBPLC) $(LIBPR) $(JAVA_LIBS) $(DLLSYSTEM)
endif
else
# NSPR is not included in libjss
ifeq ($(OS_ARCH), WINNT)
LD_LIBS += $(DLLPLDS) $(DLLPLC) $(DLLPR) $(JAVA_LIBS) $(DLLSYSTEM)
else
LD_LIBS += -L$(SOURCE_LIB_DIR) -lplds3 -lplc3 -lnspr3 $(JAVA_LIBS) $(DLLSYSTEM)
endif
endif

96
security/jss/cmd/jssjava/csrcs.mk Normal file
Просмотреть файл

@ -0,0 +1,96 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
PRIVATE_EXPORTS = registerNatives.h \
$(NULL)
REQUIRES = dbm \
security \
svrcore \
$(NULL)
CSRCS = registerNatives.c \
jssjava.c \
$(NULL)
XP_FILES = README
# NOTE: Beginning with JSS_2_1, we now ONLY create dynamic libraries . . .
# (e. g. - we no longer build the "jssjava" executable)
LIBRARY_NAME = jss21
# PROGRAM = jssjava
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/config.mk
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include config.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include rules.mk

126
security/jss/cmd/jssjava/jnigen.mk Normal file
Просмотреть файл

@ -0,0 +1,126 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
JNI_GEN += com.netscape.jss.ssl.SSLInputStream \
com.netscape.jss.ssl.SSLOutputStream \
com.netscape.jss.ssl.SSLSocketImpl \
com.netscape.jss.pkcs11.PrivateKeyProxy \
com.netscape.jss.pkcs11.PublicKeyProxy \
com.netscape.jss.CryptoManager \
com.netscape.jss.NSSInit \
com.netscape.jss.DatabaseCloser \
com.netscape.jss.crypto.Algorithm \
com.netscape.jss.crypto.EncryptionAlgorithm \
com.netscape.jss.crypto.PQGParams \
com.netscape.jss.pkcs11.PK11Token \
com.netscape.jss.pkcs11.CertProxy \
com.netscape.jss.pkcs11.CipherContextProxy \
com.netscape.jss.pkcs11.ModuleProxy \
com.netscape.jss.pkcs11.PK11RSAPublicKey \
com.netscape.jss.pkcs11.PK11DSAPublicKey \
com.netscape.jss.pkcs11.PK11KeyPairGenerator \
com.netscape.jss.pkcs11.PK11KeyGenerator \
com.netscape.jss.pkcs11.PK11Cert \
com.netscape.jss.pkcs11.PK11Cipher \
com.netscape.jss.pkcs11.PK11MessageDigest \
com.netscape.jss.pkcs11.PK11Module \
com.netscape.jss.pkcs11.PK11PrivKey \
com.netscape.jss.pkcs11.PK11PubKey \
com.netscape.jss.pkcs11.PK11SymKey \
com.netscape.jss.pkcs11.SymKeyProxy \
com.netscape.jss.pkcs11.SigContextProxy \
com.netscape.jss.pkcs11.PK11Signature \
com.netscape.jss.pkcs11.PK11Store \
com.netscape.jss.pkcs11.PK11KeyWrapper \
com.netscape.jss.util.Password \
com.netscape.jss.util.Debug \
com.netscape.jss.pkcs11.PK11SecureRandom \
$(NULL)
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/config.mk
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
ALL_TRASH += nativeMethods.h
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
export::
@if test ! -d nativeMethods.h; then \
echo perl GenNativesToRegister.pl nativeMethods.h $(JNI_GEN) ; \
perl GenNativesToRegister.pl nativeMethods.h $(JNI_GEN) ; \
else \
echo "Checking to see if nativeMethods.h file is out of date" ; \
cmd="perl regen_nativeMethods.pl $(PERLARG) \
-d $(JNI_GEN_DIR) nativeMethods.h $(JNI_GEN)"; \
echo $$cmd; \
list=`$$cmd`; \
if test "$${list}x" != "x"; then \
echo perl GenNativesToRegister.pl nativeMethods.h $(JNI_GEN) ; \
perl GenNativesToRegister.pl nativeMethods.h $(JNI_GEN) ; \
fi \
fi

489
security/jss/cmd/jssjava/jssjava.c Normal file
Просмотреть файл

@ -0,0 +1,489 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/*
* Crypto VM - Java VM with statically linked crypto aka libsec routines.
*
* static routines are registered to VM using JNI API.
*/
#include <jni.h>
#include "registerNatives.h"
#include "nspr.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <svrplcy.h>
PR_IMPLEMENT( SVRPLCYPolicyType )
JSS_getExportControlPolicyType( void );
#if defined(_WINDOWS)
#define USAGE "Usage: %s [-version] [-debug] [-nojit] [-classpath classpath] [-ms<size>] [-mx<size>] [-D property] <java_class>\n"
#else
#define USAGE "Usage: %s [-version] [-debug] [-classpath classpath] [-ms<size>] [-mx<size>] [-D property] <java_class>\n"
#endif
/* Unique "jssjava" version information */
/* NOTE: Must be changed for ALL new releases!!! */
#define JSSJAVA_MAJOR_VERSION "2"
#define JSSJAVA_MINOR_VERSION "1"
#define JDK_MAJOR_VERSION "1.2"
#define JDK_MINOR_VERSION "2"
/* args & options */
char * prog_name = 0;
char * classpath = 0;
char * javaclass = 0;
char ** javaArgs = 0;
int numJavaArgs = 0;
int debug = 0;
int jssjava_version = 0;
/* set property to not load jdkcertsec10 from the beg */
char ** userProps = 0;
int numUserProps = 0;
static int maxUserProps = 0;
static void errExit(int exitCode)
{
#if defined(DEBUG) && defined(_WINDOWS)
_sleep(10);
#endif
exit(exitCode);
}
static void addUserProp(char *keyval)
{
char **newUserProps = 0;
char *val = 0;
if (maxUserProps < numUserProps+2) {
newUserProps = (char **)calloc(numUserProps+4, sizeof(char *));
maxUserProps = numUserProps+4;
memcpy(newUserProps, userProps, numUserProps*sizeof(char *));
userProps = newUserProps;
}
if (val = (char *)strtok(keyval, (const char *)"="))
*val++ = 0;
userProps[numUserProps++] = keyval;
userProps[numUserProps++] = val;
}
static void getArgs (int argc, char *argv[])
{
int i,j;
char* msptr;
char* mxptr;
#ifdef DEBUG_nelsonb
for (i = 0; i < argc; ++i)
puts(argv[i]);
#endif
prog_name = *argv++; argc--;
for (i = 0; i < argc; i++) {
if (!strcmp(argv[i], "-version")) {
jssjava_version = 1;
}
else if (!strcmp(argv[i], "-debug")) {
debug = 1;
}
else if (!strcmp(argv[i], "-classpath")) {
if (++i == argc)
break;
classpath = argv[i];
}
else if (!strcmp(argv[i], "-D")) {
if (++i == argc)
break;
addUserProp(argv[i]);
}
#if defined(_WINDOWS)
else if (!strcmp(argv[i], "-nojit")) {
addUserProp(argv[i]);
}
#endif
else if (!strncmp(argv[i], "-ms", 3)) {
msptr = (char*)malloc(strlen(argv[i]) + 5);
sprintf(msptr, "-X%s", argv[i] + 1); /* skip '-' */
addUserProp(msptr);
}
else if (!strncmp(argv[i], "-mx", 3)) {
mxptr = (char*)malloc(strlen(argv[i]) + 5);
sprintf(mxptr, "-X%s", argv[i] + 1); /* skip '-' */
addUserProp(mxptr);
} else if(!strcmp(argv[i], "-info")) {
/* -info is a dummy argument where information can be placed
* that will show up in a ps listing. Its argument is
* ignored. */
if( i+1 < argc ) {
++i;
}
} else {
javaclass = argv[i++];
break;
}
}
if (jssjava_version == 1) {
SVRPLCYPolicyType policy;
char policyString[50];
/* First, initialize export control policy information. */
if( SVRPLCY_InstallUtilityPolicy() != PR_SUCCESS ) {
errExit(-1);
}
/* Second, establish which export control policy is being used. */
policy = JSS_getExportControlPolicyType();
switch( policy ) {
case SVRPLCYNull:
strcpy( policyString, "null" );
break;
case SVRPLCYDomestic:
strcpy( policyString, "domestic" );
break;
case SVRPLCYExport:
strcpy( policyString, "export" );
break;
case SVRPLCYFrance:
strcpy( policyString, "france" );
break;
default:
strcpy( policyString, "none" );
break;
}
/* Third, print the export control policy & version information: */
printf( "%s version \"%s.%s\" [%s]\n"
" (uses JDK \"%s.%s\")\n",
prog_name, JSSJAVA_MAJOR_VERSION, JSSJAVA_MINOR_VERSION,
policyString, JDK_MAJOR_VERSION, JDK_MINOR_VERSION );
errExit(0);
}
if (javaclass == 0) {
printf(USAGE, prog_name);
errExit(1);
}
numJavaArgs = argc - i;
if (numJavaArgs > 0)
javaArgs = &argv[i];
for (j = strlen(javaclass)-1; j >= 0; j--) {
if (javaclass[j] == '.')
javaclass[j] = '/';
}
}
static int setUserProps(JNIEnv *env)
{
jclass system_cls;
jobject system_props;
jmethodID getprop_mid;
jmethodID setprop_mid;
jclass prop_cls;
jmethodID put_mid;
jstring key, val;
jthrowable exc;
int i;
/* get java.lang.System class and its get/setProperties methods */
system_cls = (*env)->FindClass(env, "java/lang/System");
if (system_cls == 0) {
fprintf(stderr, "Can't find java/lang/System.\n");
return -1;
}
getprop_mid = (*env)->GetStaticMethodID(env, system_cls, "getProperties",
"()Ljava/util/Properties;");
if (getprop_mid == 0) {
fprintf(stderr,"Can't find getProperties method in java.lang.System\n");
return -1;
}
setprop_mid = (*env)->GetStaticMethodID(env, system_cls, "setProperties",
"(Ljava/util/Properties;)V");
if (setprop_mid == 0) {
fprintf(stderr,"Can't find setProperties method in java.lang.System\n");
return -1;
}
/* get system properties, java.util.Properties class and its put method */
system_props = (*env)->CallStaticObjectMethod(env, system_cls, getprop_mid);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
return -1;
}
prop_cls = (*env)->GetObjectClass(env, system_props);
put_mid = (*env)->GetMethodID(env, prop_cls, "put",
"(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;");
if (put_mid == 0) {
fprintf(stderr, "Can't find put method in java.util.Properties\n");
return -1;
}
/* add default prop to not load JSS library */
key = (*env)->NewStringUTF(env, "jss.load");
if (key == 0) {
fprintf(stderr, "Out of memory\n");
return -1;
}
val = (*env)->NewStringUTF(env, "no");
if (val == 0) {
fprintf(stderr, "Out of memory\n");
return -1;
}
(void)(*env)->CallObjectMethod(env, system_props, put_mid,
(jobject)key, (jobject)val);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
return -1;
}
/* add user properties */
i = 0;
while (i < numUserProps) {
key = (*env)->NewStringUTF(env, userProps[i++]);
if (key == 0) {
fprintf(stderr, "Out of memory\n");
errExit(1);
}
val = (*env)->NewStringUTF(env, userProps[i++]);
if (val == 0) {
fprintf(stderr, "Out of memory\n");
errExit(1);
}
(void)(*env)->CallObjectMethod(env, system_props, put_mid,
(jobject)key, (jobject)val);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
return -1;
}
}
/* set new set of system properties */
(*env)->CallStaticVoidMethod(env, system_cls, setprop_mid, system_props);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
errExit(1);
}
return 0;
}
static jobjectArray setJavaArgs(JNIEnv *env)
{
jclass jstr_cls;
jstring jstr;
jobjectArray java_args;
int i;
jstr_cls = (*env)->FindClass(env, "java/lang/String");
if (numJavaArgs != 0) {
jstr = (*env)->NewStringUTF(env, javaArgs[0]);
if (jstr == 0) {
fprintf(stderr, "Out of memory\n");
return 0;
}
java_args = (*env)->NewObjectArray(env, numJavaArgs, jstr_cls, jstr);
if (java_args == 0) {
fprintf(stderr, "Out of memory\n");
return 0;
}
for (i=1; i < numJavaArgs; i++) {
jstr = (*env)->NewStringUTF(env, javaArgs[i]);
if (jstr == 0) {
fprintf(stderr, "Out of memory\n");
return 0;
}
(*env)->SetObjectArrayElement(env, java_args, i, jstr);
}
}
else {
java_args = (*env)->NewObjectArray(env, 0, jstr_cls, 0);
if (java_args == 0) {
fprintf(stderr, "Out of memory\n");
return 0;
}
}
return java_args;
}
int main (int argc, char *argv[])
{
JDK1_1InitArgs vm_args;
JNIEnv * env;
JavaVM * jvm;
jclass cls;
jmethodID mid;
jobjectArray java_args;
jthrowable exc;
jint res;
/* get options, check usage */
getArgs(argc, argv);
/* initialize VM args */
/* IMPORTANT: specify vm_args version # for JDK1.1.2 and beyond */
vm_args.version = 0x00010001;
JNI_GetDefaultJavaVMInitArgs(&vm_args);
/* set VM args from options */
if (classpath || (classpath = getenv("CLASSPATH")))
vm_args.classpath = classpath;
if (debug)
vm_args.debugging = JNI_TRUE;
/* create Java VM */
res = JNI_CreateJavaVM(&jvm, &env, &vm_args);
if (res < 0) {
fprintf(stderr, "Can't create Java VM\n");
errExit(1);
}
/* set additional system properties */
if (setUserProps(env) < 0) {
fprintf(stderr, "Error setting system properties.\n");
errExit(1);
}
/* register all statically linked native methods. */
if (registerNatives(env) < 0) {
fprintf(stderr,"Error registering statically linked native methods\n");
errExit(1);
}
/* set up java args */
java_args = setJavaArgs(env);
if (java_args == 0) {
fprintf(stderr, "Error setting up arguments to Java class");
errExit(1);
}
PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 0);
/* find the java class & main method to invoke */
cls = (*env)->FindClass(env, javaclass);
if (cls == 0) {
fprintf(stderr, "Can't find %s class\n", javaclass);
errExit(1);
}
mid = (*env)->GetStaticMethodID(env,cls,"main","([Ljava/lang/String;)V");
if (mid == 0) {
fprintf(stderr, "Can't find %s.main\n", javaclass);
errExit(1);
}
/* call java main */
(*env)->CallStaticVoidMethod(env, cls, mid, java_args);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
}
#ifdef DEBUG
/* Garbage collect to run finalizers before exiting. Also, try to
* verify the NativeProxy class, but keep in mind that it might not
* be loaded at all. */
{
jclass systemClass;
jclass nativeProxyClass;
jmethodID gc;
jmethodID finalize;
jmethodID assertRegistryEmpty;
/*
* garbage collect
*/
systemClass = (*env)->FindClass(env, "java/lang/System");
PR_ASSERT(systemClass != NULL);
/* This is hanging on Solaris for some reason :( */
#if 0
gc = (*env)->GetStaticMethodID(env, systemClass, "gc", "()V");
PR_ASSERT( gc != NULL);
(*env)->CallStaticVoidMethod(env, systemClass, gc);
PR_ASSERT( (*env)->ExceptionOccurred(env) == NULL );
#endif
finalize = (*env)->GetStaticMethodID(env, systemClass, "runFinalization",
"()V");
PR_ASSERT( finalize != NULL );
(*env)->CallStaticVoidMethod(env, systemClass, finalize);
PR_ASSERT( (*env)->ExceptionOccurred(env) == NULL );
/*
* Make sure the registry is empty
*/
nativeProxyClass = (*env)->FindClass(env,
"com/netscape/jss/util/NativeProxy");
/* If it's NULL, don't worry, maybe they just aren't using the class */
(*env)->ExceptionClear(env);
if(nativeProxyClass != NULL) {
/* OK, the class is loaded, so we should validate it */
assertRegistryEmpty = (*env)->GetStaticMethodID(env, nativeProxyClass,
"assertRegistryEmpty", "()V");
PR_ASSERT(assertRegistryEmpty != NULL);
(*env)->CallStaticVoidMethod(env, nativeProxyClass,
assertRegistryEmpty);
if( (*env)->ExceptionOccurred(env) != NULL ) {
(*env)->ExceptionDescribe(env);
}
}
}
#endif
(*jvm)->DestroyJavaVM(jvm);
#if defined(DEBUG) && defined(WIN32)
_sleep(10 * 1000); // milliseconds
#endif
return 0;
}

39
security/jss/cmd/jssjava/manifest.mn Normal file
Просмотреть файл

@ -0,0 +1,39 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
CORE_DEPTH = ../../..
MODULE = ninja
NS_USE_JDK = 1

89
security/jss/cmd/jssjava/regen_nativeMethods.pl Normal file
Просмотреть файл

@ -0,0 +1,89 @@
#!/usr/local/bin/perl
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
# Input: -d dir generated_file foo1 foo2 . . .
# Compares generated file with "_jni/foo1.h", and
# generated file with "_jni/foo2.h", etc.
#
# (NOTE: unlike its closely related cousin, outofdate.pl,
# the "-d dir" must always be specified; also, unlike
# its closely related cousin, jniregen.pl, if the generated file
# is older than ANY "_jni/foo?.h", then the generated file will
# be regenerated in its entirety, rather than just the portions
# associated with the list of files returned by this script)
#
# Returns: list of headers which are NEWER than corresponding class
# files (non-existant header files are considered to be real old :-)
$found = 1;
if ($ARGV[0] eq '-d')
{
$headerdir = $ARGV[1];
$headerdir .= "/";
shift;
shift;
}
else
{
print STDERR "Usage: perl ", $0, " -d dir generated_file foo1 foo2 . . .\n";
exit -1;
}
$generatedfilename = $ARGV[0];
shift;
foreach $filename (@ARGV)
{
$headerfilename = $headerdir;
$headerfilename .= $filename;
$headerfilename =~ s/\./_/g;
$headerfilename .= ".h";
( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $generatedmtime,
$ctime, $blksize, $blocks ) = stat( $generatedfilename );
( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $headermtime,
$ctime, $blksize, $blocks ) = stat( $headerfilename );
if( $headermtime > $generatedmtime )
{
print $filename, " ";
$found = 0;
}
}
print "\n";
exit 0;

86
security/jss/cmd/jssjava/registerNatives.c Normal file
Просмотреть файл

@ -0,0 +1,86 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/*
* registerNatives.c -
* registers statically linked native methods with the VM.
*/
#include <jni.h>
#include <assert.h>
#include <stdlib.h>
#include "registerNatives.h"
#include "nativeMethods.h"
int
registerNatives(JNIEnv *env)
{
jclass c;
jint res;
jthrowable exc;
int j;
if( (*env)->ExceptionOccurred(env) != NULL ) {
fprintf(stderr,
"ERROR: exception occurred before registering natives\n");
exit(-1);
}
for (j = 0; nativeMethods[j].classname != 0; j++) {
c = (*env)->FindClass(env, nativeMethods[j].classname);
if (c == 0) {
(*env)->ExceptionDescribe(env);
(*env)->ExceptionClear(env);
fprintf(stderr, "Can't find %s class\n",
nativeMethods[j].classname);
continue;
}
res = (*env)->RegisterNatives(env, c,
nativeMethods[j].nat_methods,
nativeMethods[j].nmethods);
exc = (*env)->ExceptionOccurred(env);
if (exc) {
(*env)->ExceptionDescribe(env);
return -1;
}
if (res < 0) {
fprintf(stderr, "Error in register statically linked native methods"
"for %s\n", nativeMethods[j].classname);
return -1;
}
}
return 0;
}

38
security/jss/cmd/jssjava/registerNatives.h Normal file
Просмотреть файл

@ -0,0 +1,38 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/*
* registerNatives.h
*/
int registerNatives(JNIEnv *env);

67
security/jss/cmd/jssjava/rules.mk Normal file
Просмотреть файл

@ -0,0 +1,67 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
release_md:: release_sanitize
release_sanitize::
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jsscrypto$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jsshclhacks$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jssmanage$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jsspkcs11$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jsspolicy$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jssssl$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(LIB_PREFIX)jssutil$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jsscrypto$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jsshclhacks$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jssmanage$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jsspkcs11$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jsspolicy$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jssssl$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(DLL_PREFIX)jssutil$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX)
ifeq ($(OS_ARCH),WINNT)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jsscrypto$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jsshclhacks$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jssmanage$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jsspkcs11$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jsspolicy$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jssssl$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(IMPORT_LIB_PREFIX)jssutil$(IMPORT_LIB_EXTENSION)$(IMPORT_LIB_SUFFIX)
else
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jsscrypto$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jsshclhacks$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jssmanage$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jsspkcs11$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jsspolicy$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jssssl$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
-rm $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR)/$(PURE_LIB_PREFIX)jssutil$(PURE_LIB_EXTENSION)$(PURE_LIB_SUFFIX)
endif

39
security/jss/cmd/manifest.mn Normal file
Просмотреть файл

@ -0,0 +1,39 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
CORE_DEPTH = ../..
MODULE = ninja
DIRS = jssjava \
$(NULL)

103
security/jss/config/config.mk Normal file
Просмотреть файл

@ -0,0 +1,103 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#
# Configuration information unique to the "sectools" component
#
#######################################################################
# [1.0] Local "sectools" component library names #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/libnames.mk
#######################################################################
# [2.0] Local "sectools" component library link options #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/linkage.mk
#######################################################################
# [3.0] Local "sectools" component STATIC system library names #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/static.mk
#######################################################################
# [4.0] Local "sectools" component DYNAMIC system library names #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/dynamic.mk
# Stricter semantic checking for SunOS compiler. This catches calling
# undeclared functions, a major headache during debugging.
ifeq ($(OS_ARCH), SunOS)
OS_CFLAGS += -v
endif
# Unfortunately, since the DBM and SECURITY libraries were compiled with
# the "-taso" switch (in ns/coreconf/OSF1.mk), we must ALSO compile the
# JSS dynamic libraries with the "-taso" switch (unless USE_64 is specified)
ifeq ($(OS_ARCH), OSF1)
ifneq ($(USE_64), 1)
LD_LIBS += -taso
endif
endif
# Add symbolic binding values to MKSHLIB and LINK_DLL to
# encompass special link options for dynamic libraries
ifeq ($(OS_ARCH), AIX)
MKSHLIB += -bsymbolic
endif
ifeq ($(OS_ARCH), HP-UX)
MKSHLIB += -B symbolic
endif
ifeq ($(OS_ARCH), IRIX)
MKSHLIB += -B symbolic
endif
ifeq ($(OS_ARCH), Linux)
MKSHLIB += -Bsymbolic
endif
ifeq ($(OS_ARCH), OSF1)
MKSHLIB += -B symbolic
endif
ifeq ($(OS_ARCH), SunOS)
MKSHLIB += -B symbolic
endif
ifeq ($(OS_ARCH), WINNT)
LINK_DLL += -LIBPATH:$(SOURCE_LIB_DIR)
LINK_DLL += -LIBPATH:$(JAVA_HOME)/$(JAVA_LIBDIR)
LINK_DLL += $(foreach file,$(LD_LIBS),-DEFAULTLIB:"$(notdir $(file))")
endif

146
security/jss/config/dynamic.mk Normal file
Просмотреть файл

@ -0,0 +1,146 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# Initialize DYNAMIC system library names on some platforms #
#######################################################################
#
# AIX platforms
#
ifeq ($(OS_ARCH),AIX)
ifeq ($(OS_RELEASE),4.1)
DLLSYSTEM += -lsvld -lC_r -lC -lpthreads -lc_r -lm /usr/lib/libc.a
else
DLLSYSTEM += -ldl -lC_r -lC -lpthreads -lc_r -lm /usr/lib/libc.a
endif
endif
#
# HP/UX platforms
#
ifeq ($(OS_ARCH),HP-UX)
ifeq ($(USE_PTHREADS), 1)
DLLSYSTEM += -lpthread
endif
ifeq ($(PTHREADS_USER), 1)
DLLSYSTEM += -lpthread
endif
ifeq ($(OS_RELEASE),A.09.03)
DLLSYSTEM += -ldld -L/lib/pa1.1 -lm
else
DLLSYSTEM += -ldld -lm -lc
endif
endif
#
# IRIX platforms
#
ifeq ($(OS_ARCH), IRIX)
ifeq ($(USE_PTHREADS), 1)
DLLSYSTEM += -lpthread
endif
endif
#
# Linux platforms
#
ifeq ($(OS_ARCH), Linux)
DLLSYSTEM += -ldl -lpthread -lm
endif
#
# NCR platforms
#
ifeq ($(OS_ARCH), NCR)
DLLSYSTEM += -lsocket -ldl -lnsl -lc
endif
#
# OSF 1 platforms
#
ifeq ($(OS_ARCH),OSF1)
ifneq ($(OS_RELEASE),V2.0)
DLLSYSTEM += -lc_r
endif
ifeq ($(USE_PTHREADS), 1)
DLLSYSTEM += -lpthread -lrt
endif
ifeq ($(USE_IPV6), 1)
DLLSYSTEM += -lip6
endif
endif
#
# SCO platforms
#
ifeq ($(OS_ARCH), SCO_SV)
DLLSYSTEM += -lsocket -ldl -lnsl -lc
endif
#
# Solaris platforms
#
ifeq ($(OS_ARCH), SunOS)
ifneq ($(OS_RELEASE), 4.1.3_U1)
DLLSYSTEM += -lthread -lposix4 -lsocket -lnsl -lintl -ldl
endif
endif
#
# UNIXWARE platforms
#
ifeq ($(OS_ARCH), UNIXWARE)
DLLSYSTEM += -lsocket
endif
#
# Windows platforms
#
ifeq ($(OS_ARCH),WINNT)
ifneq ($(OS_TARGET),WIN16)
DLLSYSTEM += wsock32.lib winmm.lib
endif
endif

300
security/jss/config/libnames.mk Normal file
Просмотреть файл

@ -0,0 +1,300 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# Initialize variables containing STATIC component library names #
#######################################################################
#
# legacy library
#
LIBJDKCERTSEC10 = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jdkcertsec10$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss hclhacks library
#
LIBJSSHCLHACKS = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jsshclhacks$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss library
#
LIBJSS = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jss$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss ssl jni library
#
LIBJSSSSL = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jssssl$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss util jni library
#
LIBJSSUTIL = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jssutil$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss pkcs #11 jni library
#
LIBJSSPKCS11= $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jsspkcs11$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss pkcs #12 jni library
#
LIBJSSPKCS12= $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jsspkcs12$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss crypto jni library
#
LIBJSSCRYPTO= $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jsscrypto$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss manage jni library
#
LIBJSSMANAGE = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jssmanage$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# jss policy library
#
LIBJSSPOLICY = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jsspolicy$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# sectools library
#
LIBSECTOOLS = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)sectools$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# sechlp library
#
LIBSECHLP = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)sechlp$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# security libraries
#
LIBSSL = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)ssl$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBNSS = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)nss$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPKCS7 = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)pkcs7$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPKCS12 = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)pkcs12$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBCERT = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)cert$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBKEY = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)key$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBSECMOD = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)secmod$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBCRYPTO = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)crypto$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBSECUTIL = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)secutil$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBJAR = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)jar$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBZLIB = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)zlib$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBHASH = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)hash$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBSECTOOL = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)sectool$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# DBM library
#
LIBDBM = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)dbm$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#
# NSPR 2.0 libraries
#
ifeq ($(OS_ARCH),WINNT)
ifeq ($(OS_TARGET),WIN95)
LIBPLDS = $(SOURCE_LIB_DIR)/plds3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPLC = $(SOURCE_LIB_DIR)/plc3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPR = $(SOURCE_LIB_DIR)/nspr3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
else
LIBPLDS = $(SOURCE_LIB_DIR)/libplds3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPLC = $(SOURCE_LIB_DIR)/libplc3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPR = $(SOURCE_LIB_DIR)/libnspr3_s$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
endif
else
LIBPLDS = $(SOURCE_LIB_DIR)/libplds3$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPLC = $(SOURCE_LIB_DIR)/libplc3$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
LIBPR = $(SOURCE_LIB_DIR)/libnspr3$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
endif
#
# svrcore libraries
#
LIBSVRPLCY = $(SOURCE_LIB_DIR)/$(LIB_PREFIX)svrplcy$(STATIC_LIB_EXTENSION)$(STATIC_LIB_SUFFIX_FOR_LINKING)
#######################################################################
# Initialize variables containing DYNAMIC component library names #
#######################################################################
#
# legacy library
#
DLLJDKCERTSEC10 = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jdkcertsec10$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jss hclhacks library
#
DLLJSS = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jsshclhacks$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jss library
#
DLLJSS = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jss$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jssutil library
#
DLLJSSUTIL = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jssutil$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jsspkcs11 library
#
DLLJSSPKCS11 = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jsspkcs11$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jsspkcs12 library
#
DLLJSSPKCS12 = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jsspkcs12$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jsscrypto library
#
DLLJSSCRYPTO= $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jsscrypto$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jssmanage library
#
DLLJSSMANAGE = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jssmanage$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jsspolicy library
#
DLLJSSPOLICY = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jsspolicy$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# jssssl library
#
DLLJSSSSL = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)jssssl$(DYNAMIC_LIB_EXTENSION)$(JDK_DEBUG_SUFFIX)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# secttools library
#
DLLSECTOOLS = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)sectools$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# sechlp library
#
DLLSECHLP = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)sechlp$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# there are NO dynamic security libraries
#
#
# DBM library
#
DLLDBM = $(SOURCE_LIB_DIR)/$(DLL_PREFIX)dbm$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
#
# NSPR 2.0 libraries
#
ifeq ($(OS_ARCH),WINNT)
ifeq ($(OS_TARGET),WIN95)
DLLPLDS = $(SOURCE_LIB_DIR)/plds3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPLC = $(SOURCE_LIB_DIR)/plc3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPR = $(SOURCE_LIB_DIR)/nspr3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
else
DLLPLDS = $(SOURCE_LIB_DIR)/libplds3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPLC = $(SOURCE_LIB_DIR)/libplc3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPR = $(SOURCE_LIB_DIR)/libnspr3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
endif
else
DLLPLDS = $(SOURCE_LIB_DIR)/libplds3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPLC = $(SOURCE_LIB_DIR)/libplc3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
DLLPR = $(SOURCE_LIB_DIR)/libnspr3$(DYNAMIC_LIB_EXTENSION)$(DYNAMIC_LIB_SUFFIX_FOR_LINKING)
endif
#
# there are NO dynamic svrcore libraries
#
#######################################################################
# Tweak library names for windows and AIX.
#######################################################################
ifndef BUILD_OPT
ifdef LIBRARY_NAME
ifeq ($(OS_ARCH), WINNT)
ifeq ($(OS_TARGET), WIN16)
SHARED_LIBRARY_G = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)16_g.dll
IMPORT_LIBRARY_G = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)16_g.lib
else
SHARED_LIBRARY_G = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32_g.dll
IMPORT_LIBRARY_G = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32_g.lib
endif
else
ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1)
SHARED_LIBRARY_G = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)_shr_g.a
else
SHARED_LIBRARY_G = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)_g.$(DLL_SUFFIX)
endif
ifdef HAVE_PURIFY
ifdef DSO_BACKEND
PURE_LIBRARY_G = $(OBJDIR)/purelib$(LIBRARY_NAME)$(LIBRARY_VERSION)_g.$(DLL_SUFFIX)
endif
endif
endif
endif
endif

94
security/jss/config/linkage.mk Normal file
Просмотреть файл

@ -0,0 +1,94 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# Adjust variables for component library linkage on some platforms #
#######################################################################
#
# AIX platforms
#
ifeq ($(OS_ARCH),AIX)
LDOPTS += -blibpath:.:$(PWD)/$(SOURCE_LIB_DIR):/usr/lib/threads:/usr/lpp/xlC/lib:/usr/lib:/lib
endif
#
# HP/UX platforms
#
ifeq ($(OS_ARCH), HP-UX)
LDOPTS += -Wl,+s,+b,$(PWD)/$(SOURCE_LIB_DIR)
endif
#
# IRIX platforms
#
ifeq ($(OS_ARCH), IRIX)
LDOPTS += -rpath $(PWD)/$(SOURCE_LIB_DIR)
endif
#
# OSF 1 platforms
#
ifeq ($(OS_ARCH), OSF1)
LDOPTS += -rpath $(PWD)/$(SOURCE_LIB_DIR) -lpthread
endif
#
# Solaris platforms
# NOTE: Disable optimization on SunOS4.1.3
#
ifeq ($(OS_ARCH), SunOS)
ifneq ($(OS_RELEASE), 4.1.3_U1)
ifdef NS_USE_GCC
LDOPTS += -Xlinker -R -Xlinker $(PWD)/$(SOURCE_LIB_DIR)
else
LDOPTS += -R $(PWD)/$(SOURCE_LIB_DIR)
endif
else
OPTIMIZER =
endif
endif
#
# Windows platforms
#
ifeq ($(OS_ARCH), WINNT)
LDOPTS += -NOLOGO -DEBUG -DEBUGTYPE:CV -INCREMENTAL:NO
endif

52
security/jss/config/rules.mk Normal file
Просмотреть файл

@ -0,0 +1,52 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
### ###
### R U L E S O F E N G A G E M E N T ###
### ###
#######################################################################
package::
-$(NSINSTALL) -m 664 $(PACKAGE_FILES) $(PLATFORM)
ifeq ($(OS_ARCH),WINNT)
cd $(PLATFORM) ; \
rm -f $(ARCHIVE_NAME).zip ; \
zip $(ARCHIVE_NAME).zip $(PACKAGE_FILES)
else
cd $(PLATFORM) ; \
rm -f $(ARCHIVE_NAME).tar $(ARCHIVE_NAME).tar.gz ; \
tar cvf $(ARCHIVE_NAME).tar $(PACKAGE_FILES) ; \
gzip $(ARCHIVE_NAME).tar
endif

138
security/jss/config/static.mk Normal file
Просмотреть файл

@ -0,0 +1,138 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# Initialize STATIC system library names on some platforms #
#######################################################################
#
# AIX platforms
#
ifeq ($(OS_ARCH),AIX)
ifeq ($(OS_RELEASE),4.1)
LIBSYSTEM += /lib/libsvld.a /lib/libC_r.a /lib/libC.a /lib/libpthreads.a /lib/libc_r.a /lib/libm.a /lib/libc.a
else
LIBSYSTEM += -ldl /lib/libC_r.a /lib/libC.a /lib/libpthreads.a /lib/libc_r.a /lib/libm.a /lib/libc.a
endif
endif
#
# HP/UX platforms
#
ifeq ($(OS_ARCH),HP-UX)
ifeq ($(USE_PTHREADS), 1)
LIBSYSTEM += -lpthread
endif
ifeq ($(PTHREADS_USER), 1)
LIBSYSTEM += -lpthread
endif
ifeq ($(OS_RELEASE),A.09.03)
LIBSYSTEM += -ldld -L/lib/pa1.1 -lm
else
LIBSYSTEM += -ldld -lm -lc
endif
endif
#
# Linux platforms
#
ifeq ($(OS_ARCH), Linux)
LIBSYSTEM += -ldl
endif
#
# IRIX platforms
#
ifeq ($(OS_ARCH), IRIX)
ifeq ($(USE_PTHREADS), 1)
LIBSYSTEM += -lpthread
endif
endif
#
# OSF 1 platforms
#
ifeq ($(OS_ARCH),OSF1)
ifneq ($(OS_RELEASE),V2.0)
LIBSYSTEM += -lc_r
endif
ifeq ($(USE_PTHREADS), 1)
LIBSYSTEM += -lpthread -lrt
endif
ifeq ($(USE_IPV6), 1)
LIBSYSTEM += -lip6
endif
endif
#
# Solaris platforms
#
ifeq ($(OS_ARCH), SunOS)
ifneq ($(OS_RELEASE), 4.1.3_U1)
ifeq ($(OS_RELEASE), 5.5.1_i86pc)
LIBSYSTEM += -lsocket -lnsl -lintl -ldl
else
ifeq ($(OS_RELEASE), 5.6_i86pc)
LIBSYSTEM += -lsocket -lnsl -lintl -ldl
else
LIBSYSTEM += -lthread -lposix4 /lib/libsocket.a /lib/libnsl.a /lib/libintl.a -ldl
endif
endif
endif
endif
#
# UNIXWARE platforms
#
ifeq ($(OS_ARCH), UNIXWARE)
LIBSYSTEM += -lsocket
endif
#
# Windows platforms
#
ifeq ($(OS_ARCH),WINNT)
ifneq ($(OS_TARGET),WIN16)
LIBSYSTEM += wsock32.lib winmm.lib
endif
endif

97
security/jss/jss.html Normal file
Просмотреть файл

@ -0,0 +1,97 @@
<html>
<!--
- The contents of this file are subject to the Mozilla Public
- License Version 1.1 (the "License"); you may not use this file
- except in compliance with the License. You may obtain a copy of
- the License at http://www.mozilla.org/MPL/
-
- Software distributed under the License is distributed on an "AS
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- implied. See the License for the specific language governing
- rights and limitations under the License.
-
- The Original Code is the Netscape Security Services for Java.
-
- The Initial Developer of the Original Code is Netscape
- Communications Corporation. Portions created by Netscape are
- Copyright (C) 1998-2000 Netscape Communications Corporation. All
- Rights Reserved.
-
- Contributor(s):
-
- Alternatively, the contents of this file may be used under the
- terms of the GNU General Public License Version 2 or later (the
- "GPL"), in which case the provisions of the GPL are applicable
- instead of those above. If you wish to allow use of your
- version of this file only under the terms of the GPL and not to
- allow others to use your version of this file under the MPL,
- indicate your decision by deleting the provisions above and
- replace them with the notice and other provisions required by
- the GPL. If you do not delete the provisions above, a recipient
- may use your version of this file under either the MPL or the
- GPL.
-->
<head>
<title>Netscape Security Services for Java</title>
</head>
<body bgcolor="white" text="black">
<!--font face="sans-serif"-->
<center><h1>Netscape Security Services for Java</h1></center>
Netscape Security Services for Java (JSS) is an interface allowing Java applications
to use the Secure Sockets Layer protocol. The interface is implemented with the
FIPS-validated Netscape Security Services library.
It consists of a system-dependent dynamic library (<code>libjss.so</code>
on UNIX, <code>jss.dll</code> on Windows) and a ZIP file
(<code>jss.zip</code>) containing system-independent Java classes.
These classes are compatible with JDK 1.1 or later <b>using the native
thread implementation (not green threads)</b>.
<h2>Building Applications with JSS</h2>
To construct Java applications that use JSS, you must:
<ul>
<li>Call the JSS classes from your application.
<li>When compiling your application, put <code>jss.zip</code> in your
<code>CLASSPATH</code>.
<li>When running your application, put <code>libjss.so</code> in your
<code>LD_LIBRARY_PATH</code> (on UNIX) or <code>jss.dll</code>
in your <code>PATH</code> (on Windows), and put
<code>jss.zip</code> in your <code>CLASSPATH</code>.
</ul>
<h2>Programming with JSS</h2>
Before the SSL classes can be used,
<a href="javadoc/com/netscape/jss/NSSInit.html#initialize(java.lang.String, java.lang.String, java.lang.String)">
<code>NSSInit.initialize</code></a> must be called to open the security
databases and initialize the random number generator.
<a href="javadoc/com/netscape/jss/NSSInit.html#setPasswordCallback(com.netscape.jss.util.PasswordCallback)"><code>
NSSInit.setPasswordCallback</code></a> may be called to change the password
callback; the default is to prompt for passwords on the command line.
<p>The files in the <code>examples</code> directory illustrate the use of JSS
in an application:
<dl>
<dt><a href="examples/SSLClient.java">SSLClient.java</a>
<dd>An example of an SSL client application.
<dt><a href="examples/SSLServer.java">SSLServer.java</a>
<dd>An example of an SSL server application.
To run, it requires certificate
and key databases that contain a certificate called "SSLServer". The sample
<code>cert7.db</code> and <code>key3.db</code> files, also in the
<code>examples</code> directory,
can be used for this purpose. When <code>SSLServer</code> is run,
it will ask for a password
for the "Internal Key Storage Token", which is the key database.
The password for the example <code>key3.db</code> file is "netscape".
</dl>
These classes are in the <code>com.netscape.jss.ssl</code> package.
The <code>.class</code> files must be put in the subdirectory
<code>com/netscape/jss/ssl</code> of a <code>CLASSPATH</code> entry
in order to be located by the Java virtual machine.
<a href="javadoc/index.html"><h2>Javadoc for the JSS Classes</h2></a>
<!--/font-->
</body>
</html>

50
security/jss/manifest.mn Normal file
Просмотреть файл

@ -0,0 +1,50 @@
#
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
CORE_DEPTH = ..
MODULE = ninja
IMPORTS = svrcore/SVRCORE_2_5_1 \
security/NSS_2_8_4_RTM \
dbm/DBM_1_54 \
nspr20/v3.5.1 \
$(NULL)
DIRS = com \
cmd \
$(NULL)
PACKAGE_DIR = _TOP
RELEASE = ninja

166
security/jss/nss_release.pl Normal file
Просмотреть файл

@ -0,0 +1,166 @@
#! /usr/local/bin/perl
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
require('coreconf.pl');
###############################################
# Read in variables on command line into %var
###############################################
$var{ZIP} = "zip";
&parse_argv;
############################
# check variables
############################
if ($var{RELEASE_TREE} eq "") { exit; }
if ($var{RELEASE} eq "") { exit; }
if ($var{RELEASE_VERSION} eq "") { exit; }
if ($var{PLATFORM} eq "") { exit; }
if ($var{OS_ARCH} eq "") { exit; }
############################
# cd to the dist directory
############################
print STDERR "chdir ../dist/classes\n";
chdir("../dist/classes");
###############################################################################
# Specify all class files to be packaged, the load_library path, and the dest
###############################################################################
$filelist =
'com/netscape/jss/ssl/*.class '.
'com/netscape/jss/crypto/AlreadyInitializedException.class '.
'com/netscape/jss/pkcs11/TokenCallbackInfo.class '.
'com/netscape/jss/NSSInit.class '.
'com/netscape/jss/CertDatabaseException.class '.
'com/netscape/jss/KeyDatabaseException.class '.
'com/netscape/jss/util/Assert.class '.
'com/netscape/jss/util/AssertionException.class '.
'com/netscape/jss/util/ConsolePasswordCallback.class '.
'com/netscape/jss/util/Debug.class '.
'com/netscape/jss/util/Password.class '.
'com/netscape/jss/util/PasswordCallback.class '.
'com/netscape/jss/util/PasswordCallback?GiveUpException.class '.
'com/netscape/jss/util/PasswordCallbackInfo.class '.
'com/netscape/jss/util/UTF8Converter.class';
$load_library = "../$var{'PLATFORM'}/lib/";
$dest = "$var{'RELEASE_TREE'}/$var{'RELEASE'}/$var{'RELEASE_VERSION'}/$var{'PLATFORM'}";
#####################################################################
# Dependent upon platform, package the files into the proper format
#####################################################################
if ($var{OS_ARCH} eq 'WINNT') {
$filelist =~ s/\//\\/;
$load_library =~ s/\//\\/;
$dest =~ s/\//\\/;
$load_library .= 'jss.dll';
print STDERR "cp $load_library .\n";
system("cp $load_library .");
print STDERR "zip -T -r jss.jar $filelist\n";
system("zip -T -r jss.zip $filelist");
print STDERR "zip -T winjss.zip jss.zip jss.dll\n";
system("zip -T winjss.zip jss.zip jss.dll");
if (! (-e "$dest" && -d "$dest")) {
print STDERR "making dir $dest \n";
&rec_mkdir("$dest");
}
print STDERR "cp winjss.zip $dest\n";
system("cp winjss.zip $dest");
print STDERR "rm winjss.zip jss.zip jss.dll\n";
system("rm winjss.zip jss.zip jss.dll");
}
elsif ($var{OS_ARCH} eq 'HP-UX') {
$load_library .= 'libjss.sl';
print STDERR "cp $load_library .\n";
system("cp $load_library .");
print STDERR "zip -T -r jss.jar $filelist\n";
system("zip -T -r jss.zip $filelist");
print STDERR "tar -cvf unixjss.tar jss.zip libjss.sl\n";
system("tar -cvf unixjss.tar jss.zip libjss.sl");
if (! (-e "$dest" && -d "$dest")) {
print STDERR "making dir $dest \n";
&rec_mkdir("$dest");
}
print STDERR "cp unixjss.tar $dest\n";
system("cp unixjss.tar $dest");
print STDERR "rm unixjss.tar jss.zip libjss.so\n";
system("rm unixjss.tar jss.zip libjss.so");
}
else {
$load_library .= 'libjss.so';
print STDERR "cp $load_library .\n";
system("cp $load_library .");
print STDERR "zip -T -r jss.jar $filelist\n";
system("zip -T -r jss.zip $filelist");
print STDERR "tar -cvf unixjss.tar jss.zip libjss.so\n";
system("tar -cvf unixjss.tar jss.zip libjss.so");
if (! (-e "$dest" && -d "$dest")) {
print STDERR "making dir $dest \n";
&rec_mkdir("$dest");
}
print STDERR "cp unixjss.tar $dest\n";
system("cp unixjss.tar $dest");
print STDERR "rm unixjss.tar jss.zip libjss.so\n";
system("rm unixjss.tar jss.zip libjss.so");
}

76
security/jss/org/Makefile Normal file
Просмотреть файл

@ -0,0 +1,76 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################

39
security/jss/org/manifest.mn Normal file
Просмотреть файл

@ -0,0 +1,39 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
CORE_DEPTH = ../..
MODULE = ninja
DIRS = netscape \
$(NULL)

76
security/jss/org/mozilla/Makefile Normal file
Просмотреть файл

@ -0,0 +1,76 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################

77
security/jss/org/mozilla/jss/Makefile Normal file
Просмотреть файл

@ -0,0 +1,77 @@
#! gmake
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include rules.mk

287
security/jss/org/mozilla/jss/asn1/ANY.java Normal file
Просмотреть файл

@ -0,0 +1,287 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import com.netscape.jss.util.Assert;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
/**
* Represents an ASN.1 <code>ANY</code> value. An ANY is just an arbitrary
* ASN.1 value. It can be thought of as the simplest implementation of the
* <code>ASN1Value</code> interface. Although they can be created
* from scratch (from raw BER), instances of <code>ANY</code> are usually
* found after decoding
* with a template that has an <code>ANY</code> field.
*
* <p>An <code>ANY</code> supports extracting the BER encoding, or decoding
* with a different template.
*/
public class ANY implements ASN1Value {
private ANY() { }
// The complete encoding of header + contents
private byte[] encoded;
private Tag tag;
/**
* Creates an ANY value, which is just a generic ASN.1 value.
* This method is provided for efficiency if the tag is already known,
* so that we don't have to parse the encoding for it.
* @param tag The tag of this value. It must be the same as the actual tag
* contained in the encoding.
* @param encoded The complete BER encoding of this value, including
* tag, form, length, and contents.
*/
public ANY(Tag tag, byte[] encoded) {
this.encoded = encoded;
this.tag = tag;
}
/**
* Creates an ANY value, which is just a generic ASN.1 value.
* @param encoded The complete BER encoding of this value, including
* tag, form, length, and contents.
*/
public ANY(byte[] encoded) throws InvalidBERException {
try {
this.encoded = encoded;
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
ASN1Header head = new ASN1Header(bis);
this.tag = head.getTag();
} catch(IOException e) {
throw new com.netscape.jss.util.AssertionException(
"IOException while creating ANY: "+e);
}
}
/**
* Returns the tag of this value.
*/
public Tag getTag() {
return tag;
}
/**
* Returns the complete encoding of header and contents, as passed into
* the constructor or read from a BER input stream.
*/
public byte[] getEncoded() {
return encoded;
}
/**
* Returns the ASN.1 header from the encoding.
*/
public ASN1Header getHeader() throws InvalidBERException, IOException {
if( header == null ) {
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
header = new ASN1Header(bis);
}
return header;
}
private ASN1Header header=null;
/**
* Strips out the header and returns just the contents octets of the
* encoding.
*/
private byte[] contents=null;
public byte[] getContents() throws InvalidBERException {
try {
if( contents==null ) {
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
header = new ASN1Header(bis);
contents = new byte[ bis.available() ];
if( (contents.length != header.getContentLength()) &&
( header.getContentLength() != -1 ) ) {
throw new InvalidBERException("Length of contents was not the "+
"same as the header predicted");
}
ASN1Util.readFully(contents, bis);
}
return contents;
} catch( IOException e ) {
Assert.notReached("IOException reading from byte array");
return null;
}
}
public void encode(OutputStream ostream) throws IOException {
ostream.write(encoded);
}
/**
* Decodes this ANY using the given template. This is useful if you
* originally decoded something as an ANY because you didn't know
* what it was, but now you know what it is supposed to be.
*
* @param template The template to use to decode this ANY.
* @return The output of the given template when it is fed the
* encoding of this ANY.
*/
public ASN1Value decodeWith(ASN1Template template)
throws InvalidBERException
{
try {
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
return template.decode(bis);
} catch( IOException e ) {
Assert.notReached("IOException while reading from byte array input"+
" stream");
return null;
}
}
/**
* Decodes this ANY using the given template. This is useful if you
* originally decoded something as an ANY because you didn't know
* what it was, but now you know what it is supposed to be.
*
* @param implicitTag The implicit tag for the encoding.
* @param template The template to use to decode this ANY.
* @return The output of the given template when it is fed the
* encoding of this ANY.
*/
public ASN1Value decodeWith(Tag implicitTag, ASN1Template template)
throws IOException, InvalidBERException
{
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
return template.decode(implicitTag, bis);
}
/**
* @param implicitTag <b>This parameter is ignored</b>, because
* ANY values cannot have implicit tags.
*/
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
if( ! implicitTag.equals(tag) ) {
Assert.notReached("No implicit tags allowed for ANY");
}
ostream.write(encoded);
}
/**
* Extracts the contents from the ANY and encodes them with
* the provided tag.
*/
public void encodeWithAlternateTag(Tag alternateTag, OutputStream ostream)
throws IOException, InvalidBERException
{
byte[] contents = getContents();
ASN1Header oldHead = getHeader();
Assert.assert( contents.length == oldHead.getContentLength() );
ASN1Header newHead = new ASN1Header( alternateTag, oldHead.getForm(),
contents.length);
newHead.encode(ostream);
ostream.write(contents);
}
/**
* Returns a singleton instance of a decoding template.
*/
public static Template getTemplate() {
return templateInstance;
}
private static Template templateInstance = new Template();
/**
* A class for decoding <code>ANY</code> values from BER.
*/
public static class Template implements ASN1Template {
public boolean tagMatch(Tag tag) {
return true; // wheeeeee...it's ANY!
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = ASN1Header.lookAhead(istream);
if( head.getContentLength() == -1 ) {
// indefinite length encoding
ByteArrayOutputStream recording = new ByteArrayOutputStream();
// eat the header off the input stream
head = new ASN1Header(istream);
// write the header to the recording stream
recording.write( head.encode() );
// write all objects from the input stream to the recording
// stream, until we hit an END-OF-CONTENTS tag
ANY any;
ANY.Template anyt = new ANY.Template();
int count=0;
do {
any = (ANY) anyt.decode(istream);
recording.write( any.getEncoded() );
} while( ! any.getTag().equals(Tag.EOC) );
return new ANY( head.getTag(), recording.toByteArray() );
} else {
// definite length encoding
byte[] data = new byte[ (int) head.getTotalLength() ];
ASN1Util.readFully(data, istream);
return new ANY(head.getTag(), data);
}
} catch( InvalidBERException e ) {
throw new InvalidBERException(e, "ANY");
}
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
throw new InvalidBERException("Implicit tag on ANY");
}
} // End of Template
}

411
security/jss/org/mozilla/jss/asn1/ASN1Header.java Normal file
Просмотреть файл

@ -0,0 +1,411 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.math.BigInteger;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import java.util.Vector;
import com.netscape.jss.util.Assert;
/**
* The portion of a BER encoding that precedes the contents octets. Consists
* of the tag, form, and length octets.
*/
public class ASN1Header {
// This is set by the the decoding constructor, and by the encode()
// method. If it is set by the decoding constructor, it is supposed
// to represent what was actually read from the input stream, so it
// must not be overwritten later by the output of encode(), which could
// be a different encoding (DER vs. BER, for example).
private byte[] cachedEncoding = null;
/**
* Returns the length of the header plus the length of the contents;
* the total length of the DER encoding of an ASN1 value. Returns
* -1 if indefinite length encoding was used.
*/
public long getTotalLength() {
if( contentLength == -1 ) {
return -1;
} else {
return encode().length + contentLength;
}
}
private Tag tag;
public Tag getTag() {
return tag;
}
// -1 means indefinite length encoding
private long contentLength;
/**
* Returns -1 for indefinite length encoding.
*/
public long getContentLength() {
return contentLength;
}
// PRIMITIVE or CONSTRUCTED
public static final Form PRIMITIVE = Form.PRIMITIVE;
public static final Form CONSTRUCTED = Form.CONSTRUCTED;
private Form form;
/**
* Returns the Form, PRIMITIVE or CONSTRUCTED.
*/
public Form getForm() {
return form;
}
// This is the maximum size of ASN1 Header we support.
// 32 bytes is pretty huge, I've never seen anything bigger than 7.
private static final int MAX_LOOK_AHEAD = 32;
/**
* Returns information about the next item in the stream, but does not
* consume any octets.
* @exception IOException If the input stream does not support look ahead.
*/
public static ASN1Header lookAhead(InputStream derStream)
throws IOException, InvalidBERException
{
if( ! derStream.markSupported() ) {
throw new IOException("Mark not supported on this input stream");
}
derStream.mark(MAX_LOOK_AHEAD);
ASN1Header info = new ASN1Header(derStream);
derStream.reset();
return info;
}
/**
* Gets info about the next item in the DER stream, consuming the
* identifier and length octets.
*/
public ASN1Header(InputStream istream)
throws InvalidBERException, IOException
{
// default BAOS size is 32 bytes, which is plenty
ByteArrayOutputStream encoding = new ByteArrayOutputStream();
int inInt = istream.read();
if( inInt == -1 ) {
throw new InvalidBERException("End-of-file reached while "+
"decoding ASN.1 header");
}
encoding.write(inInt);
byte byte1 = (byte) inInt;
Tag.Class tagClass;
//
// Get Tag Class
//
tagClass = Tag.Class.fromInt( (byte1 & 0xff) >>> 6 );
//
// Get form
//
if( (byte1 & 0x20) == 0x20 ) {
form = CONSTRUCTED;
} else {
form = PRIMITIVE;
}
//
// Get Tag Number
//
long tagNum;
if( (byte1 & 0x1f) == 0x1f ) {
// long form
//
// read all octets into a Vector of Bytes
//
byte next;
Vector bV = new Vector();
// last byte has MSB == 0.
do {
inInt = istream.read();
if( inInt == -1 ) {
throw new InvalidBERException("End-of-file reached while"
+" decoding ASN.1 header");
}
encoding.write(inInt);
next = (byte) inInt;
bV.addElement( new Byte(next) );
} while( (next & 0x80) == 0x80 );
Assert.assert( bV.size() > 0 );
//
// Copy Vector of 7-bit bytes into array of 8-bit bytes.
//
byte[] bA = new byte[ ( (bV.size()*7) + 7 ) / 8 ];
int v; // vector index
int a; // array index
// clear the target array
for( a = 0; a < bA.length; a++ ) {
bA[a] = 0;
}
int shift = 0; // the amount the Vector is shifted from the array
// copy bits from the Vector to the array, going from the
// end (LSB) to the beginning (MSB).
a = bA.length - 1;
for( v=bV.size()-1 ; v >= 0; v--) {
Assert.assert( v >= 0 );
Assert.assert( v < bV.size() );
Assert.assert( a >= 0 );
Assert.assert( a < bA.length );
// MSB is not part of the number
byte b = (byte) ( ((Byte)bV.elementAt(v)).byteValue() & 0x7f );
bA[a] |= b << shift;
if( shift > 1 ) {
// The byte from the Vector falls across a byte boundary
// in the array. We've already got the less-significant
// bits, now copy the more-significant bits into
// the next element of the array.
Assert.assert( a > 0 );
--a;
bA[a] |= b >>> (8-shift);
}
shift = (shift+7)%8; // update shift
}
// Create a new unsigned BigInteger from the byte array
tagNum = (new BigInteger( 1, bA )).longValue();
} else {
// short form
tagNum = byte1 & 0x1f;
}
tag = new Tag(tagClass, tagNum);
//
// Get Length
//
inInt = istream.read();
if(inInt == -1) {
throw new InvalidBERException("End-of-file reached while "+
"decoding ASN.1 header");
}
encoding.write(inInt);
byte lenByte = (byte) inInt;
if( (lenByte & 0x80) == 0 ) {
// short form
contentLength = lenByte;
} else {
// long form
if( (lenByte & 0x7f) == 0 ) {
// indefinite
contentLength = -1;
} else {
// definite
byte[] lenBytes = new byte[ lenByte & 0x7f ];
ASN1Util.readFully(lenBytes, istream);
encoding.write( lenBytes );
contentLength = (new BigInteger( 1, lenBytes )).longValue();
}
}
// save our encoding so we don't have to recompute it later
cachedEncoding = encoding.toByteArray();
}
/**
* This constructor is to be called when we are constructing an ASN1Value
* rather than decoding it.
* @param contentLength Must be >=0. Although indefinite length
* <i>decoding</i> is supported, indefinite length <i>encoding</i>
* is not.
*/
public ASN1Header( Tag tag, Form form, long contentLength)
{
this.tag = tag;
this.form = form;
Assert.assert(contentLength >= 0);
this.contentLength = contentLength;
}
public void encode( OutputStream ostream )
throws IOException
{
ostream.write( encode() );
}
public byte[] encode() {
// It's important that we not recompute the encoding if it was
// set by ASN1Header(InputStream), since in that case it represents
// the encoding that was actually read from the InputStream.
if( cachedEncoding != null ) {
return cachedEncoding;
}
ByteArrayOutputStream cache = new ByteArrayOutputStream();
//
// Identifier octet(s)
//
byte idOctet = 0;
idOctet |= tag.getTagClass().toInt() << 6;
if( form == CONSTRUCTED ) {
idOctet |= 0x20;
}
if( tag.getNum() <= 30 ) {
// short form
idOctet |= (tag.getNum() & 0x1f );
cache.write( idOctet );
} else {
// long form
idOctet |= 0x1f;
BigInteger tagNum = BigInteger.valueOf(tag.getNum());
cache.write( idOctet );
int bitlength = tagNum.bitLength();
int reps = (bitlength+6)/7;
for( reps = reps-1; reps > 0 ; reps--) {
long shifted = tag.getNum() >>> ( 7*reps );
cache.write( (((byte)shifted) & 0x7f) | 0x80 );
}
cache.write( ((byte)tag.getNum()) & 0x7f );
}
//
// Length Octets
//
if( contentLength == -1 ) {
// indefinite form
cache.write( (byte) 0x80 );
} else if( contentLength <= 127 ) {
// short form
cache.write( (byte) contentLength );
} else {
// long form
byte[] val = unsignedBigIntToByteArray(
BigInteger.valueOf(contentLength) );
cache.write( ((byte)val.length) | 0x80 );
cache.write( val, 0, val.length );
}
cachedEncoding = cache.toByteArray();
return cachedEncoding;
}
/**
* Converts an unsigned BigInteger to a minimal-length byte array.
* This is necessary because BigInteger.toByteArray() attaches an extra
* sign bit, which could cause the size of the byte representation to
* be bumped up by an extra byte.
*/
public static byte[] unsignedBigIntToByteArray(BigInteger bi) {
// make sure it is not negative
Assert.assert( bi.compareTo(BigInteger.valueOf(0)) != -1 );
// find minimal number of bytes to hold this value
int bitlen = bi.bitLength(); // minimal number of bits, without sign
int bytelen;
if( bitlen == 0 ) {
// special case, since bitLength() returns 0
bytelen = 1;
} else {
bytelen = (bitlen + 7) / 8;
}
byte[] withSign = bi.toByteArray();
if( bytelen == withSign.length ) {
return withSign;
} else {
// trim off extra byte at the beginning
Assert.assert( bytelen == withSign.length - 1 );
Assert.assert( withSign[0] == 0 );
byte[] without = new byte[bytelen];
System.arraycopy(withSign,1, without, 0, bytelen);
return without;
}
}
/**
* Verifies that this header has the given tag and form.
* @exception InvalidBERException If the header's tag or form
* differ from those passed in.
*/
public void validate(Tag expectedTag, Form expectedForm)
throws InvalidBERException
{
validate(expectedTag);
if( getForm() != expectedForm ) {
throw new InvalidBERException("Incorrect form: expected ["+
expectedForm+"], found ["+getForm());
}
}
/**
* Verifies that this head has the given tag.
* @exception InvalidBERException If the header's tag differs from that
* passed in.
*/
public void validate(Tag expectedTag) throws InvalidBERException {
if( ! getTag().equals( expectedTag ) ) {
throw new InvalidBERException("Incorrect tag: expected ["+
expectedTag+"], found ["+getTag()+"]");
}
}
/**
* Returns <code>true</code> if this is a BER end-of-contents marker.
*/
public boolean isEOC() {
return( tag.equals(Tag.EOC) );
}
}

73
security/jss/org/mozilla/jss/asn1/ASN1Template.java Normal file
Просмотреть файл

@ -0,0 +1,73 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.OutputStream;
import java.io.InputStream;
import java.io.IOException;
/**
* An interface for decoding ASN1Values from their BER encodings.
*
* @see ASN1Value
*/
public interface ASN1Template {
/**
* Determines whether the given tag will satisfy this template.
*/
public boolean tagMatch(Tag tag);
/**
* Decodes an ASN1Value from the InputStream without an implicit tag.
* @param istream Must support marking (markSupported() == true).
* For example, ByteArrayInputStream and BufferedInputStream
* support marking, but FileInputStream does not. If your source
* does not support marking, you can wrap it in a
* BufferedInputStream.
*/
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException;
/**
* Decodes an ASN1Value from the InputStream with the given implicit
* tag.
* @param istream Must support marking (markSupported() == true).
* For example, ByteArrayInputStream and BufferedInputStream
* support marking, but FileInputStream does not. If your source
* does not support marking, you can wrap it in a
* BufferedInputStream.
*/
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException;
}

114
security/jss/org/mozilla/jss/asn1/ASN1Util.java Normal file
Просмотреть файл

@ -0,0 +1,114 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.*;
import com.netscape.jss.asn1.InvalidBERException;
import com.netscape.jss.util.Assert;
public class ASN1Util {
public static byte[] encode(ASN1Value val) {
return encode(val.getTag(), val);
}
public static byte[] encode(Tag implicitTag, ASN1Value val)
{
try {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
val.encode(implicitTag, bos);
return bos.toByteArray();
} catch( IOException e ) {
Assert.notReached("Encoding to byte array gave IOException");
return null;
}
}
public static ASN1Value decode(ASN1Template template, byte[] encoded)
throws InvalidBERException
{
try {
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
return template.decode(bis);
} catch( IOException e ) {
Assert.notReached("Decoding from byte array gave IOException");
return null;
}
}
public static ASN1Value decode(Tag implicitTag, ASN1Template template,
byte[] encoded)
throws InvalidBERException
{
try {
ByteArrayInputStream bis = new ByteArrayInputStream(encoded);
return template.decode(implicitTag, bis);
} catch( IOException e ) {
Assert.notReached("Decoding from byte array gave IOException");
return null;
}
}
/**
* Fills a byte array with bytes from an input stream. This method
* keeps reading until the array is filled, an IOException occurs, or EOF
* is reached. The byte array will be completely filled unless an
* exception is thrown.
*
* @param bytes A byte array which will be filled up.
* @param istream The input stream from which to read the bytes.
* @exception IOException If an IOException occurs reading from the
* stream, or EOF is reached before the byte array is filled.
*/
public static void readFully(byte[] bytes, InputStream istream)
throws IOException
{
int numRead=0;
while(numRead < bytes.length) {
int nr = istream.read(bytes, numRead, bytes.length-numRead);
if( nr == -1 ) {
throw new EOFException();
}
numRead += nr;
}
}
}

63
security/jss/org/mozilla/jss/asn1/ASN1Value.java Normal file
Просмотреть файл

@ -0,0 +1,63 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.OutputStream;
import java.io.IOException;
/**
* A value that can be decoded from BER and encoded to DER.
*
* @see ASN1Template
*/
public interface ASN1Value {
/**
* Returns the base tag for this type, not counting any tags
* that may be imposed on it by its context.
*/
public Tag getTag();
/**
* Write this value's DER encoding to an output stream using
* its own base tag.
*/
public void encode(OutputStream ostream) throws IOException;
/**
* Write this value's DER encoding to an output stream using
* an implicit tag.
*/
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException;
}

257
security/jss/org/mozilla/jss/asn1/BIT_STRING.java Normal file
Просмотреть файл

@ -0,0 +1,257 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import com.netscape.jss.util.Assert;
import java.math.BigInteger;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import java.util.BitSet;
/**
* An ASN.1 <code>BIT STRING</code>, which is an ordered sequence of bits.
* The bits are stored the same way they are encoded in BER: as an array
* of bytes with 0-7 unused bits at the end.
*/
public class BIT_STRING implements ASN1Value {
private BIT_STRING() { }
private byte[] bits;
private int padCount;
/**
* @param bits The bits packed into an array of bytes, with padding
* at the end. The array may be empty (but not null), in which case
* <code>padCount</code> must be zero. The array is referenced,
* not cloned.
* @param padCount The number of padding bits at the end of the array.
* Must be in the range <code>[0,7]</code>.
* @exception NumberFormatException If <code>padCount</code> is not in
* the range <code>[0,7]</code>, or <code>bits</code> is
* empty and <code>padCount</code> is non-zero.
*/
public BIT_STRING(byte[] bits, int padCount)
throws NumberFormatException
{
if(padCount < 0 || padCount > 7) {
throw new NumberFormatException();
}
if(bits.length == 0 && padCount != 0) {
throw new NumberFormatException();
}
this.bits = bits;
this.padCount = padCount;
}
/**
* Constructs a BIT_STRING from a BitSet.
* @param bs A BitSet.
* @param numBits The number of bits to copy from the BitSet.
* This is necessary because the size of a BitSet is always padded
* up to a multiple of 64, but not all of these bits may
* be significant.
* @exception NumberFormatException If <code>numBits</code> is larger
* than <code>bs.size()</code> or less than zero.
*/
public BIT_STRING(BitSet bs, int numBits)
throws NumberFormatException
{
if( numBits < 0 || numBits > bs.size() ) {
throw new NumberFormatException();
}
// allocate enough bytes to hold all the bits
bits = new byte[(numBits+7) / 8];
padCount = bits.length - numBits;
Assert.assert( padCount >= 0 );
for(int i=0; i < numBits; i++) {
if( bs.get(i) ) {
bits[i/8] |= 0x80 >>> (i%8);
}
}
}
/**
* Returns the bits packed into an array of bytes, with padding
* at the end. The array may be empty (but not null), in which case
* <code>padCount</code> must be zero. The array is referenced,
* not cloned.
*/
public byte[] getBits() {
return bits;
}
/**
* Copies this BIT STRING into a Java BitSet. Note that BitSet.size()
* will not accurately reflect the number of bits in the BIT STRING,
* because the size of a BitSet is always rounded up to the next multiple
* of 64. The extra bits will be set to 0.
*/
public BitSet toBitSet() {
BitSet bs = new BitSet();
int numBits = (bits.length * 8) - padCount;
for( int i=0; i < numBits; i++) {
if( (bits[i/8] & (0x80 >>> (i%8))) != 0 ) {
bs.set(i);
} else {
bs.clear(i);
}
}
return bs;
}
/**
* Copies this BIT STRING into a boolean array. Each element of the array
* represents one bit with <code>true</code> for 1 and <code>false</code>
* for 0.
*/
public boolean[] toBooleanArray() {
boolean[] array = new boolean[(bits.length*8) - padCount];
// all elements are set to false by default
for(int i=0; i < array.length; i++) {
if( (bits[i/8] & (0x80 >>> (i%8))) != 0 ) {
array[i] = true;
}
}
return array;
}
/**
* Returns the number of padding bits at the end of the array.
* Must be in the range <code>[0,7]</code>.
*/
public int getPadCount() {
return padCount;
}
public static final Tag TAG = new Tag(Tag.UNIVERSAL, 3);
public static final Form FORM = Form.PRIMITIVE;
public Tag getTag() {
return TAG;
}
public void encode(OutputStream ostream) throws IOException {
encode(TAG, ostream);
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ASN1Header head = new ASN1Header(implicitTag, FORM, bits.length+1 );
head.encode(ostream);
ostream.write(padCount);
ostream.write(bits);
}
private static final Template templateInstance = new Template();
public static Template getTemplate() {
return templateInstance;
}
/**
* A class for decoding a <code>BIT_STRING</code> from its BER encoding.
*/
public static class Template implements ASN1Template {
public boolean tagMatch(Tag tag) {
return( TAG.equals(tag) );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(TAG, istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header( istream );
head.validate( implicitTag );
if( head.getContentLength() == -1 ) {
// indefinite length encoding
ByteArrayOutputStream bos = new ByteArrayOutputStream();
int padCount=0;
ASN1Header ahead;
do {
ahead = ASN1Header.lookAhead(istream);
if( ! ahead.isEOC() ) {
if(padCount != 0 ) {
throw new InvalidBERException("Element of constructed "+
"BIT STRING has nonzero unused bits, but is not\n"+
"the last element of the construction.");
}
BIT_STRING.Template bst = new BIT_STRING.Template();
BIT_STRING bs = (BIT_STRING) bst.decode(istream);
bos.write( bs.getBits() );
padCount = bs.getPadCount();
}
} while( ! ahead.isEOC() );
// consume the EOC
ahead = new ASN1Header(istream);
return new BIT_STRING( bos.toByteArray(), padCount );
}
// First octet is the number of unused bits in last octet
int padCount = istream.read();
if( padCount == -1 ) {
throw new InvalidBERException.EOF();
} else if( padCount < 0 || padCount > 7 ) {
throw new InvalidBERException("Unused bits not in range [0,7]");
}
// get the rest of the octets
byte[] bits = new byte[ (int) head.getContentLength() - 1];
ASN1Util.readFully(bits, istream);
return new BIT_STRING(bits, padCount);
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "BIT STRING");
}
}
} // end of Template
}

143
security/jss/org/mozilla/jss/asn1/BMPString.java Normal file
Просмотреть файл

@ -0,0 +1,143 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
import java.io.UnsupportedEncodingException;
import com.netscape.jss.util.Assert;
/**
* The ASN.1 type <i>BMPString</i>. BMPStrings use the Unicode character set.
* They are encoded and decoded in big-endian format using two octets.
*/
public class BMPString extends CharacterString implements ASN1Value {
/**
* Creates a new BMPString from an array of Java characters.
*/
public BMPString(char[] chars) throws CharConversionException {
super(chars);
}
/**
* Creates a new BMPString from a Java String.
*/
public BMPString(String s) throws CharConversionException {
super(s);
}
/**
* Returns the conversion object for converting between an encoded byte
* array an an array of Java characters.
*/
CharConverter getCharConverter() {
return converterInstance;
}
private static final BMPConverter converterInstance = new BMPConverter();
static final Tag TAG = new Tag( Tag.UNIVERSAL, 30 );
static final Form FORM = Form.PRIMITIVE;
public Tag getTag() {
return TAG;
}
/**
* Returns a singleton instance of BMPString.Template. This is more
* efficient than creating a new BMPString.Template.
*/
public static Template getTemplate() {
return templateInstance;
}
private static final Template templateInstance = new Template();
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected CharConverter getCharConverter() {
return new BMPConverter();
}
protected CharacterString generateInstance(char[] chars)
throws CharConversionException
{
return new BMPString(chars);
}
protected String typeName() {
return "BMPString";
}
}
private static class BMPConverter implements CharConverter {
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
try {
String s = new String(bytes, offset, len, "UnicodeBig");
return s.toCharArray();
} catch( UnsupportedEncodingException e ) {
String err = "Unable to find UnicodeBig encoding mechanism";
Assert.notReached(err);
throw new CharConversionException(err);
}
}
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
try {
// We don't want the byte-order mark
String s = new String(chars, offset, len);
return s.getBytes("UnicodeBigUnmarked");
} catch( UnsupportedEncodingException e ) {
String err = "Unable to find UnicodeBigUnmarked encoding mechanism";
Assert.notReached(err);
throw new CharConversionException(err);
}
}
} // end of char converter
}

147
security/jss/org/mozilla/jss/asn1/BOOLEAN.java Normal file
Просмотреть файл

@ -0,0 +1,147 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.OutputStream;
import java.io.IOException;
import java.io.InputStream;
/**
* An ASN.1 <code>BOOLEAN</code> value.
*/
public class BOOLEAN implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 1);
public static final Form FORM = Form.PRIMITIVE;
public Tag getTag() {
return TAG;
}
private ASN1Header getHeader() {
return getHeader(TAG);
}
private ASN1Header getHeader(Tag implicitTag) {
return new ASN1Header(implicitTag, FORM, 1 );
}
public void encode(OutputStream ostream) throws IOException {
encode(TAG, ostream);
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
getHeader(implicitTag).encode(ostream);
if( val ) {
ostream.write( 0xff );
} else {
ostream.write( 0x00 );
}
}
private BOOLEAN() { }
private boolean val;
/**
* Creates a <code>BOOLEAN</code> with the given value.
*/
public BOOLEAN(boolean val) {
this.val = val;
}
/**
* Returns the boolean value of this <code>BOOLEAN</code>.
*/
public boolean toBoolean() {
return val;
}
/**
* Returns "true" or "false".
*/
public String toString() {
if(val) {
return "true";
} else {
return "false";
}
}
private static final Template templateInstance = new Template();
public static Template getTemplate() {
return templateInstance;
}
/**
* A Class for decoding <code>BOOLEAN</code> values from their BER
* encodings.
*/
public static class Template implements ASN1Template {
public boolean tagMatch(Tag tag) {
return( tag.equals( BOOLEAN.TAG ) );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(TAG, istream);
}
public ASN1Value decode(Tag tag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
head.validate(tag, FORM);
int b = istream.read();
if( b == -1 ) {
throw new InvalidBERException("End-of-file reached while "+
"decoding BOOLEAN");
}
if( b == 0x00 ) {
return new BOOLEAN(false);
} else {
return new BOOLEAN(true);
}
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "BOOLEAN");
}
}
}
}

285
security/jss/org/mozilla/jss/asn1/CHOICE.java Normal file
Просмотреть файл

@ -0,0 +1,285 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;
import com.netscape.jss.util.Assert;
/**
* Objects of this class are generated by CHOICE.Template.decode(). It is
* not necessary to use them to encode a CHOICE. Since the encoding of a
* CHOICE is simply the encoding of the chosen element, it is easier
* to just write out the chosen element.
*/
public class CHOICE implements ASN1Value {
private CHOICE() { }
private Tag tag;
private ASN1Value val;
/**
* Create a CHOICE whose chosen element has an implicit tag.
*/
public CHOICE(Tag implicitTag, ASN1Value val) {
tag = implicitTag;
this.val = val;
}
/**
* Create a CHOICE whose chosen element has no implicit tag.
*/
public CHOICE(ASN1Value val) {
this.tag = val.getTag();
this.val = val;
}
/**
* Returns the tag that the chosen element is encoded with, which is
* either the underlying tag of the element or an implicit tag.
*/
public Tag getTag() {
return tag;
}
/**
* Returns the chosen value.
*/
public ASN1Value getValue() {
return val;
}
public static CHOICE.Template getTemplate() {
return new CHOICE.Template();
}
/**
* Encodes this CHOICE. This merely consists of encoding the chosen
* element with an implicit tag, if one was given in the constructor,
* or with its own underlying tag.
*/
public void encode( OutputStream ostream ) throws IOException {
val.encode( tag, ostream );
}
/**
* Encodes this CHOICE. This merely consists of encoding the chosen
* element with an implicit tag, if one was given in the constructor,
* or with its own underlying tag.
*
* @param implicitTag <b>This value is ignored</b>. The tag of a CHOICE
* is merely the tag of the chosen element of the CHOICE. A
* CHOICE cannot itself have an implicit tag.
*/
public void encode( Tag implicitTag, OutputStream ostream )
throws IOException
{
Assert.assert(implicitTag.equals(tag));
val.encode( tag, ostream );
}
/**
* A Template for decoding ASN.1 <code>CHOICE</code>s
*/
public static class Template implements ASN1Template {
// The the various possibilities in this CHOICE
private Vector templates = new Vector();
/**
* Creates an empty CHOICE template
*/
public Template() { }
/**
* Adds a new sub-template to this CHOICE template with no implicit tag.
*/
public void addElement( ASN1Template template ) {
templates.addElement( new Element( template ) );
}
/**
* Adds a new sub-template to this CHOICE template with an implicit tag.
*/
public void addElement( Tag implicitTag, ASN1Template template) {
templates.addElement( new Element( implicitTag, template) );
}
/**
* Returns the number of elements in this CHOICE template.
*/
public int size() {
return templates.size();
}
/**
* Retrieves the element at the specified index.
*/
public ASN1Template elementAt(int index) {
return ((Element)templates.elementAt(index)).getTemplate();
}
/**
* Retrieves the implicit tag of the element at the specified index.
* Returns null if there is no implicit tag for this element.
*/
public Tag implicitTagAt(int index) {
return ((Element)templates.elementAt(index)).getImplicitTag();
}
/**
* Empties this CHOICE template.
*/
public void removeAllElements() {
templates.removeAllElements();
}
/**
* Removes the element at the specified index.
*/
public void removeElementAt(int index) {
templates.removeElementAt(index);
}
/**
* Determines whether the given tag will satisfy this template.
* For a CHOICE, this is true if the tag satisfies any sub-template.
*/
public boolean tagMatch(Tag t) {
int size = size();
for(int i = 0; i < size; i++) {
Tag impl = implicitTagAt(i);
if( impl != null ) {
// There is an implicit tag, if we match it we have a match
if( impl.equals(t) ) {
return true;
}
} else {
// no implicit tag, look at the sub-template itself
ASN1Template templ = elementAt(i);
if( templ.tagMatch(t) ) {
return true;
}
}
}
// none of the elements matched
return false;
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
ASN1Header head = ASN1Header.lookAhead(istream);
Tag tag = head.getTag();
// Loop over all the elements of the CHOICE template until we
// find one with a matching tag.
int size = size();
for(int i=0; i < size; i++) {
if( implicitTagAt(i) != null ) {
if( implicitTagAt(i).equals(tag) ) {
// match by implicit tag!
ASN1Value val = elementAt(i).decode( implicitTagAt(i),
istream );
//return elementAt(i).decode( implicitTagAt(i), istream );
return new CHOICE( implicitTagAt(i), val );
}
} else {
if( elementAt(i).tagMatch(tag) ) {
// match by base tag !
//return elementAt(i).decode(istream);
return new CHOICE( elementAt(i).decode(istream) );
}
}
}
// we didn't find any match
throw new InvalidBERException("Unable to decode CHOICE");
}
// Implicit tags are illegal for CHOICE (and ANY)
/**
* Decodes a CHOICE.
* @param implicitTag <b>This parameter is ignored.</b> A choice
* cannot have an implicit tag.
*/
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
return decode(istream);
}
/**
* An element in a CHOICE template, consisting of a nested template
* and, optionally, an implicit tag for that template.
*/
private static class Element {
private ASN1Template template;
private Tag implicitTag=null;
/**
* Creates a CHOICE template element with no implicit tag.
*/
public Element(ASN1Template template) {
this.template = template;
}
/**
* Creates a CHOICE template element with an implicit tag.
*/
public Element(Tag implicitTag, ASN1Template template) {
this.template = template;
this.implicitTag = implicitTag;
}
/**
* Returns the template of this CHOICE template element.
*/
public ASN1Template getTemplate() {
return template;
}
/**
* Returns the implicit tag for this CHOICE template element,
* if there is one. If not, returns null.
*/
public Tag getImplicitTag() {
return implicitTag;
}
}
}
}

45
security/jss/org/mozilla/jss/asn1/CharConverter.java Normal file
Просмотреть файл

@ -0,0 +1,45 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
interface CharConverter {
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException;
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException;
}

185
security/jss/org/mozilla/jss/asn1/CharacterString.java Normal file
Просмотреть файл

@ -0,0 +1,185 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.io.ByteArrayOutputStream;
/**
* An abstract base class for all character string types in ASN.1.
*/
public abstract class CharacterString implements ASN1Value {
abstract CharConverter getCharConverter();
public abstract Tag getTag();
static final Form FORM = Form.PRIMITIVE;
private char[] chars;
/**
* Converts this ASN.1 character string to a Java String.
*/
public String toString() {
return new String(chars);
}
/**
* Converts this ASN.1 character string to an array of Java characters.
*/
public char[] toCharArray() {
return chars;
}
protected CharacterString(char[] chars) throws CharConversionException {
this.chars = chars;
cachedContents = computeContents();
}
protected CharacterString(String s) throws CharConversionException {
this.chars = s.toCharArray();
cachedContents = computeContents();
}
private byte[] cachedContents;
private byte[] getEncodedContents() {
return cachedContents;
}
private byte[] computeContents() throws CharConversionException {
CharConverter converter = getCharConverter();
byte[] contents = converter.charToByte(chars, 0, chars.length);
return contents;
}
public void encode(OutputStream ostream) throws IOException {
encode( getTag(), ostream );
}
public void encode( Tag implicitTag, OutputStream ostream )
throws IOException
{
byte[] contents = getEncodedContents();
ASN1Header head = new ASN1Header( implicitTag, FORM, contents.length);
head.encode(ostream);
ostream.write( contents );
}
public abstract static class Template implements ASN1Template {
/**
* Must be overridden to return the tag for the subclass.
*/
protected abstract Tag getTag();
public abstract boolean tagMatch(Tag tag);
/**
* Must be overridden to return the correct character converter
* for the subclass.
*/
protected abstract CharConverter getCharConverter();
/**
* Must be overridden to create an instance of the subclass given
* a char array.
*/
protected abstract CharacterString generateInstance(char[] chars)
throws CharConversionException;
/**
* Must be overridden to provide the name of the subclass, for including
* into error messages.
*/
protected abstract String typeName();
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
head.validate(implicitTag);
byte[] raw; // raw bytes, not translated to chars yet
if( head.getContentLength() == -1 ) {
// indefinite length encoding
ASN1Header ahead;
ByteArrayOutputStream bos = new ByteArrayOutputStream();
do {
ahead = ASN1Header.lookAhead( istream );
if( ! ahead.isEOC() ) {
OCTET_STRING.Template ot = new OCTET_STRING.Template();
OCTET_STRING os = (OCTET_STRING) ot.decode(istream);
bos.write( os.toByteArray() );
}
} while( ! ahead.isEOC() );
// consume EOC
ahead = new ASN1Header(istream);
raw = bos.toByteArray();
} else {
// definite length
raw = new byte[ (int) head.getContentLength() ];
ASN1Util.readFully(raw, istream);
}
char[] chars = getCharConverter().byteToChar(raw, 0, raw.length);
return generateInstance(chars);
} catch( CharConversionException e ) {
throw new InvalidBERException(e.getMessage());
} catch( InvalidBERException e ) {
throw new InvalidBERException(e, typeName());
}
}
}
}

134
security/jss/org/mozilla/jss/asn1/CountingStream.java Normal file
Просмотреть файл

@ -0,0 +1,134 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.*;
/**
* This class keeps track of the number of bytes that have been read from
* a stream. It will be incremented by the number of bytes read or skipped.
* If the stream is marked and then reset, the number of bytes read will
* be reset as well.
*/
class CountingStream extends InputStream {
private int count=0;
private int markpos;
private InputStream source;
private static final boolean DEBUG = false;
private CountingStream() { }
public CountingStream(InputStream source) {
this.source = source;
}
public int available() throws IOException {
return source.available();
}
public void mark(int readlimit) {
source.mark(readlimit);
markpos = count;
if(DEBUG) {
System.out.println("Marked at position "+markpos);
}
}
public boolean markSupported() {
return source.markSupported();
}
public int read() throws IOException {
int n = source.read();
if( n != -1 ) {
count++;
if(DEBUG) {
System.out.println("read() 1 byte, count="+count);
}
}
return n;
}
public int read(byte[] buffer) throws IOException {
int n = source.read(buffer);
if( n != -1 ) {
count += n;
}
if(DEBUG) {
System.out.println("read([]) "+n+" bytes, count="+count);
}
return n;
}
public int read(byte[] buffer, int offset, int count) throws IOException {
int n = source.read(buffer, offset, count);
if( n != -1 ) {
this.count += n;
}
if(DEBUG) {
System.out.println("read(...) "+n+" bytes, count="+this.count);
}
return n;
}
public void reset() throws IOException {
source.reset();
if(DEBUG) {
System.out.println("reset from "+count+" to "+markpos);
}
count = markpos;
}
public long skip(long count) throws IOException {
this.count += count;
if(DEBUG) {
System.out.println("skipped "+count+", now at "+this.count);
}
return source.skip(count);
}
public int getNumRead() {
return count;
}
public void resetNumRead() {
count = 0;
markpos = 0;
if(DEBUG) {
System.out.println("resetting count to 0");
}
}
}

107
security/jss/org/mozilla/jss/asn1/ENUMERATED.java Normal file
Просмотреть файл

@ -0,0 +1,107 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.IOException;
import java.io.InputStream;
/**
* Represents an ASN.1 <code>ENUMERATED</code> value. This has the same
* interface as <code>INTEGER</code>
*/
public class ENUMERATED extends INTEGER implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 10);
public Tag getTag() {
return TAG;
}
/**
* Creates a new ENUMERATED value from a long.
*/
public ENUMERATED( long val ) {
super( val );
}
ENUMERATED( byte[] valBytes ) {
super( valBytes );
}
/**
* Returns the value as a long.
*/
public long getValue() {
return longValue();
}
/**
* A template for decoding ENUMERATED values from their BER encodings.
* The template reads the value as an INTEGER. It does not check that it
* is a valid value for the ENUMERATED type.
*/
public static class Template
extends INTEGER.Template implements ASN1Template
{
Tag getTag() {
return ENUMERATED.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals(ENUMERATED.TAG) );
}
public ASN1Value
decode(Tag tag, InputStream derStream)
throws InvalidBERException, IOException
{
try {
ASN1Header wrapper = new ASN1Header(derStream);
wrapper.validate(tag, FORM);
// Is length < 1 ?
if( wrapper.getContentLength() < 1 ) {
throw new InvalidBERException("Invalid 0 length for ENUMERATED");
}
byte[] valBytes = new byte[ (int) wrapper.getContentLength() ];
ASN1Util.readFully(valBytes, derStream);
return new ENUMERATED( valBytes );
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "ENUMERATED");
}
}
} // end of Template
}

175
security/jss/org/mozilla/jss/asn1/EXPLICIT.java Normal file
Просмотреть файл

@ -0,0 +1,175 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import com.netscape.jss.util.Assert;
/**
* An explicit tag.
*/
public class EXPLICIT implements ASN1Value {
public static final Form FORM = Form.CONSTRUCTED;
private ASN1Value content;
private Tag tag;
private EXPLICIT() { }
/**
* Creates an EXPLICIT tag wrapping some other ASN1Value. For example,
* for the following ASN.1 snippet:
* <pre>
* MyType [3] EXPLICIT INTEGER
* </pre>
* assuming a sample value of 5 for the INTEGER, a MyType could be
* created with:
* <pre>
* EXPLICIT myValue = new EXPLICIT( new Tag(3), new INTEGER(5) );
* </pre>
*/
public EXPLICIT( Tag tag, ASN1Value content ) {
Assert.assert(tag!=null && content!=null);
this.content = content;
this.tag = tag;
}
/**
* Returns the ASN1Value that is wrapped by this EXPLICIT tag.
*/
public ASN1Value getContent() {
return content;
}
/**
* Returns the Tag of this EXPLICIT tag.
*/
public Tag getTag() {
return tag;
}
public void encode(OutputStream ostream) throws IOException {
encode(tag, ostream);
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
content.encode(bos);
byte[] contentBytes = bos.toByteArray();
ASN1Header head = new ASN1Header(implicitTag, FORM,
contentBytes.length );
head.encode(ostream);
ostream.write(contentBytes);
}
public static Template getTemplate( Tag tag, ASN1Template content) {
return new Template(tag, content);
}
/**
* A template for decoding an object wrapped in an EXPLICIT tag.
*/
public static class Template implements ASN1Template {
private ASN1Template content;
private Tag tag;
private Template() { }
/**
* Creates a template for unwrapping an object wrapped in an explicit tag.
* For example, to decode:
* <pre>
* MyValue ::= [3] EXPLICIT INTEGER
* </pre>
* use:
* <pre>
* EXPLICIT.Template myTemplate = new EXPLICIT.Template( new Tag(3),
* new INTEGER.Template() );
* </pre>
*
* @param tag The tag value of the EXPLICIT tag.
* @param content The template for decoding the object that is wrapped
* in the explicit tag.
*/
public Template(Tag tag, ASN1Template content) {
this.content = content;
this.tag = tag;
}
public boolean tagMatch(Tag tag) {
return( this.tag.equals(tag) );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(tag, istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
head.validate( implicitTag, FORM.CONSTRUCTED );
ASN1Value val = content.decode(istream);
EXPLICIT e = new EXPLICIT(tag, val);
// if indefinite content length, consume the end-of-content marker
if( head.getContentLength() == -1 ) {
head = new ASN1Header(istream);
if( ! head.isEOC() ) {
throw new InvalidBERException("No end-of-contents marker");
}
}
return e;
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "EXPLICIT");
}
}
} // end of Template
}

48
security/jss/org/mozilla/jss/asn1/FieldNotPresentException.java Normal file
Просмотреть файл

@ -0,0 +1,48 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
/**
* An exception thrown when an optional field is not present.
*/
public class FieldNotPresentException extends java.lang.Exception
{
public FieldNotPresentException() {
super();
}
public FieldNotPresentException(String msg) {
super(msg);
}
}

54
security/jss/org/mozilla/jss/asn1/Form.java Normal file
Просмотреть файл

@ -0,0 +1,54 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
/**
* An enumerated type representing the forms of an ASN.1 value.
* The possibilities are PRIMITIVE and CONSTRUCTED.
*/
public class Form {
private String name;
private Form() { }
private Form(String name) {
this.name = name;
}
public static final Form PRIMITIVE = new Form("PRIMITIVE");
public static final Form CONSTRUCTED = new Form("CONSTRUCTED");
public String toString() {
return name;
}
}

92
security/jss/org/mozilla/jss/asn1/GeneralizedTime.java Normal file
Просмотреть файл

@ -0,0 +1,92 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import com.netscape.jss.util.Assert;
/**
* The ASN.1 type <code>GeneralizedTime</code>
*/
public class GeneralizedTime extends TimeBase implements ASN1Value {
public static final Tag TAG = new Tag(Tag.UNIVERSAL, 24);
public Tag getTag() {
return TAG;
}
/**
* Creates a <code>GeneralizedTime</code> from a Date.
*/
public GeneralizedTime(Date date) {
super(date);
}
protected boolean isUTC() {
return false;
}
private static final GeneralizedTime.Template templateInstance =
new GeneralizedTime.Template();
public static GeneralizedTime.Template getTemplate() {
return templateInstance;
}
/**
* A class for decoding <code>GeneralizedTime</code>s.
*/
public static class Template extends TimeBase.Template
implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected boolean isUTC() {
return false;
}
protected TimeBase generateInstance(Date date) {
return new GeneralizedTime(date);
}
}
}

127
security/jss/org/mozilla/jss/asn1/IA5String.java Normal file
Просмотреть файл

@ -0,0 +1,127 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
public class IA5String extends CharacterString implements ASN1Value {
public IA5String(char[] chars) throws CharConversionException {
super(chars);
}
public IA5String(String s) throws CharConversionException {
super(s);
}
CharConverter getCharConverter() {
return new IA5Converter();
}
public static final Tag TAG = new Tag( Tag.Class.UNIVERSAL, 22 );
public Tag getTag() {
return TAG;
}
public static Template getTemplate() {
return templateInstance;
}
private static final Template templateInstance = new Template();
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
public Tag getTag() {
return IA5String.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals( IA5String.TAG ));
}
protected CharConverter getCharConverter() {
return new IA5Converter();
}
protected CharacterString generateInstance(char[] chars)
throws CharConversionException
{
return new IA5String(chars);
}
protected String typeName() {
return "IA5String";
}
}
// nested class
private static class IA5Converter implements CharConverter {
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
char[] chars = new char[len];
int c; // char index
int b; // byte index
for(b = offset, c=0; c < len; b++, c++) {
if( (bytes[b] & 0x80) != 0 ) {
throw new CharConversionException("Invalid character: "+
bytes[b]);
}
chars[c] = (char) (bytes[b] & 0x7f);
}
return chars;
}
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
byte[] bytes = new byte[len];
int c; // char index
int b; // byte index
for(c = offset, b = 0; b < len; c++, b++) {
if( (chars[c] & 0x7f) != chars[c] ) {
throw new CharConversionException("Invalid character: "+
chars[c]);
}
bytes[b] = (byte) (chars[c] & 0x7f);
}
return bytes;
}
}
}

250
security/jss/org/mozilla/jss/asn1/INTEGER.java Normal file
Просмотреть файл

@ -0,0 +1,250 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.IOException;
import java.io.OutputStream;
import java.io.InputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.util.Random;
/**
* The ASN.1 type <code>INTEGER</code>. This class extends BigInteger.
*/
public class INTEGER extends BigInteger implements ASN1Value {
private byte[] encodedContents = null;
private byte[] getEncodedContents() {
if( encodedContents == null ) {
encodedContents = toByteArray();
}
return encodedContents;
}
private ASN1Header getHeader(Tag t) {
return new ASN1Header( t, FORM, getContentLength() );
}
public INTEGER(String s) throws NumberFormatException {
super(s);
}
public INTEGER(String s, int r) throws NumberFormatException {
super(s, r);
}
public INTEGER(byte[] bval) throws NumberFormatException {
super(bval);
}
public INTEGER(int sign, byte[] mag) throws NumberFormatException {
super(sign, mag);
}
public INTEGER(int numBits, Random rnd) throws NumberFormatException {
super(numBits, rnd);
}
public INTEGER(int bitLength, int certainty, Random rnd) {
super(bitLength, certainty, rnd);
}
public INTEGER(long val) {
super( BigInteger.valueOf(val).toByteArray() );
}
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 2);
public Tag getTag() {
return TAG;
}
public static final Form FORM = Form.PRIMITIVE;
public void encode(OutputStream outStream) throws IOException {
encode(getTag(), outStream);
}
public void encode(Tag implicitTag, OutputStream outStream)
throws IOException
{
// write header
getHeader(implicitTag).encode( outStream );
// write contents
outStream.write( getEncodedContents() );
}
public long getContentLength() {
return getEncodedContents().length;
}
public byte[] encode() throws IOException {
ByteArrayOutputStream b = new ByteArrayOutputStream();
encode(b);
return b.toByteArray();
}
private static final INTEGER.Template templateInstance =
new INTEGER.Template();
public static ASN1Template getTemplate() {
return templateInstance;
}
/**
* Tests the DER encoding and decoding of the INTEGER class.
*/
public static void main(String args[]) {
try {
int[] Is = new int[11];
int[][] Bs = new int[11][];
int i = 0;
Is[i] = 0;
Bs[i++] = new int[]{ 0x02, 0x01, 0x00 };
Is[i] = 1;
Bs[i++] = new int[]{ 0x02, 0x01, 0x01 };
Is[i] = -1;
Bs[i++] = new int[]{ 0x02, 0x01, 0xff };
Is[i] = 127;
Bs[i++] = new int[]{ 0x02, 0x01, 0x7f };
Is[i] = 128;
Bs[i++] = new int[]{ 0x02, 0x02, 0x00, 0x80 };
Is[i] = 255;
Bs[i++] = new int[]{ 0x02, 0x02, 0x00, 0xff };
Is[i] = 256;
Bs[i++] = new int[]{ 0x02, 0x02, 0x01, 0x00 };
Is[i] = -128;
Bs[i++] = new int[]{ 0x02, 0x01, 0x80 };
Is[i] = -129;
Bs[i++] = new int[]{ 0x02, 0x02, 0xff, 0x7f };
Is[i] = 43568;
Bs[i++] = new int[]{ 0x02, 0x03, 0x00, 0xaa, 0x30 };
Is[i] = -43568;
Bs[i++] = new int[]{ 0x02, 0x03, 0xff, 0x55, 0xd0 };
for( i = 0; i < Is.length; i++) {
INTEGER I = new INTEGER( Is[i] );
byte[] compare = I.encode();
if( ! arraysEqual(compare, Bs[i]) ) {
System.err.println("Encoding FAILED: "+Is[i]);
System.exit(-1);
}
ByteArrayInputStream bis = new ByteArrayInputStream(compare);
Template template = new Template();
INTEGER create = (INTEGER) template.decode(bis);
if( create.intValue() != Is[i] ) {
System.err.println("Decoding FAILED: "+Is[i]);
System.exit(-1);
}
}
System.out.println("PASS");
} catch( Exception e ) {
e.printStackTrace();
}
}
private static boolean arraysEqual(byte[] bytes, int[] ints) {
if(bytes == null || ints == null) {
return false;
}
if(bytes.length != ints.length) {
return false;
}
for( int i=0; i < bytes.length; i++) {
if( bytes[i] != (byte)ints[i] ) {
return false;
}
}
return true;
}
///////////////////////////////////////////////////////////////////////
// INTEGER.Template
// This is a nested class.
//
public static class Template implements ASN1Template {
Tag getTag() {
return INTEGER.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals(INTEGER.TAG));
}
public ASN1Value
decode(InputStream derStream)
throws InvalidBERException, IOException
{
return decode( getTag(), derStream );
}
public ASN1Value
decode(Tag tag, InputStream derStream)
throws InvalidBERException, IOException
{
try {
ASN1Header wrapper = new ASN1Header(derStream);
wrapper.validate(tag, FORM);
// Is length < 1 ?
if( wrapper.getContentLength() < 1 ) {
throw new InvalidBERException("Invalid 0 length for INTEGER");
}
byte[] valBytes = new byte[ (int) wrapper.getContentLength() ];
ASN1Util.readFully(valBytes, derStream);
return new INTEGER( valBytes );
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "INTEGER");
}
}
} // end of class Template
}

89
security/jss/org/mozilla/jss/asn1/InvalidBERException.java Normal file
Просмотреть файл

@ -0,0 +1,89 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
/**
* An exception thrown when BER decoding fails.
*/
public class InvalidBERException extends java.lang.Exception {
private InvalidBERException child=null;
public InvalidBERException(String mesg) {
super(mesg);
}
public InvalidBERException(InvalidBERException e, String mesg) {
super(mesg);
child = e;
}
/**
* Prints out the exception class and error message, including
* all the nested exceptions.
*/
public String toString() {
if(child != null) {
return (super.toString()+ " >> " + child.toStringNested());
} else {
return super.toString();
}
}
/**
* Prints out the error message of this exception, including all the
* nested exceptions.
*/
public String toStringNested() {
if(child != null) {
return ( getMessage() + " >> " + child.toStringNested());
} else {
return getMessage();
}
}
public static class EOF extends InvalidBERException {
public EOF() {
super("Unexpected end-of-file encountered");
}
}
public static class InvalidChar extends InvalidBERException {
public InvalidChar(byte b, int offset) {
super("Invalid character ("+b+") encountered at offset "+offset);
}
public InvalidChar(char c, int offset) {
super("Invalid character ("+c+") encountered at offset"+offset);
}
}
}

79
security/jss/org/mozilla/jss/asn1/Makefile Normal file
Просмотреть файл

@ -0,0 +1,79 @@
#! gmake
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/config.mk
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
#include config.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
run:
$(DEBUG_CMD) /share/builds/components/jdk/1.2.2_05a/SunOS/jre/bin/java -classpath $(JAVA_HOME)/lib/classes.zip:$(SOURCE_CLASSES_DIR)_DBG com.netscape.jss.asn1.SEQUENCE /tmp/p10

103
security/jss/org/mozilla/jss/asn1/NULL.java Normal file
Просмотреть файл

@ -0,0 +1,103 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.OutputStream;
import java.io.InputStream;
import java.io.IOException;
public class NULL implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 5);
public Tag getTag() {
return TAG;
}
public static final Form FORM = Form.PRIMITIVE;
public void encode(OutputStream ostream) throws IOException {
encode(TAG, ostream);
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ASN1Header head = new ASN1Header(implicitTag, FORM, 0);
head.encode(ostream);
}
private static final NULL instance = new NULL();
public static NULL getInstance() {
return instance;
}
private static final Template templateInstance = new Template();
public static Template getTemplate() {
return templateInstance;
}
public static class Template implements ASN1Template {
public Tag getTag() {
return NULL.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals(NULL.TAG) );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
head.validate(implicitTag, FORM);
if( head.getContentLength() != 0 ) {
throw new InvalidBERException("Invalid length ("+
head.getContentLength()+") for NULL; only 0 is permitted");
}
return new NULL();
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "NULL");
}
}
} // end of Template
}

514
security/jss/org/mozilla/jss/asn1/OBJECT_IDENTIFIER.java Normal file
Просмотреть файл

@ -0,0 +1,514 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import com.netscape.jss.util.Assert;
import java.util.Vector;
import java.util.StringTokenizer;
public class OBJECT_IDENTIFIER implements ASN1Value {
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// Standard object identifiers
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
/**
* The OID space for RSA Data Security, Inc.
*/
public static final OBJECT_IDENTIFIER RSADSI =
new OBJECT_IDENTIFIER( new long[]{1, 2, 840, 113549} );
/**
* The OID space for RSA's PKCS (public key cryptography standards).
*/
public static final OBJECT_IDENTIFIER PKCS =
RSADSI.subBranch(1);
/**
* The OID space for RSA's PKCS #1.
*/
public static final OBJECT_IDENTIFIER PKCS1 =
PKCS.subBranch(1);
/**
* The OID space for RSA's PKCS #2, which has since been folded into
* PKCS #1.
*/
public static final OBJECT_IDENTIFIER PKCS2 =
PKCS.subBranch(2);
/**
* The OID space for RSA's message digest algorithms.
*/
public static final OBJECT_IDENTIFIER RSA_DIGEST = RSADSI.subBranch(2);
/**
* The OID space for RSA's password-based encryption standard.
*/
public static final OBJECT_IDENTIFIER PKCS5 = PKCS.subBranch(5);
/**
* The OID space for RSA's Selected Attribute Types standard, PKCS #9.
*/
public static final OBJECT_IDENTIFIER PKCS9 = PKCS.subBranch(9);
/**
* The OID space for RSA's personal information exchange syntax standard.
*/
public static final OBJECT_IDENTIFIER PKCS12 = PKCS.subBranch(12);
/**
* The OID space for RSA's ciphers.
*/
public static final OBJECT_IDENTIFIER RSA_CIPHER = RSADSI.subBranch(3);
/**
* The OID space for FIPS standardized algorithms.
*/
public static final OBJECT_IDENTIFIER ALGORITHM =
new OBJECT_IDENTIFIER( new long[] { 1, 3, 14, 3, 2 } );
/**
* The OID space for PKIX.
*/
public static final OBJECT_IDENTIFIER PKIX =
new OBJECT_IDENTIFIER( new long[] { 1, 3, 6, 1, 5, 5, 7 } );
public static final OBJECT_IDENTIFIER
id_cmc = PKIX.subBranch( 7 );
/**
* CMC control attributes
*/
public static final OBJECT_IDENTIFIER
id_cmc_cMCStatusInfo = id_cmc.subBranch(1);
public static final OBJECT_IDENTIFIER
id_cmc_identification = id_cmc.subBranch(2);
public static final OBJECT_IDENTIFIER
id_cmc_identityProof = id_cmc.subBranch(3);
public static final OBJECT_IDENTIFIER
id_cmc_dataReturn = id_cmc.subBranch(4);
public static final OBJECT_IDENTIFIER
id_cmc_transactionId = id_cmc.subBranch(5);
public static final OBJECT_IDENTIFIER
id_cmc_senderNonce = id_cmc.subBranch(6);
public static final OBJECT_IDENTIFIER
id_cmc_recipientNonce = id_cmc.subBranch(7);
public static final OBJECT_IDENTIFIER
id_cmc_addExtensions = id_cmc.subBranch(8);
public static final OBJECT_IDENTIFIER
id_cmc_encryptedPOP = id_cmc.subBranch(9);
public static final OBJECT_IDENTIFIER
id_cmc_decryptedPOP = id_cmc.subBranch(10);
public static final OBJECT_IDENTIFIER
id_cmc_lraPOPWitness = id_cmc.subBranch(11);
public static final OBJECT_IDENTIFIER
id_cmc_getCert = id_cmc.subBranch(15);
public static final OBJECT_IDENTIFIER
id_cmc_getCRL = id_cmc.subBranch(16);
public static final OBJECT_IDENTIFIER
id_cmc_revokeRequest = id_cmc.subBranch(17);
public static final OBJECT_IDENTIFIER
id_cmc_regInfo = id_cmc.subBranch(18);
public static final OBJECT_IDENTIFIER
id_cmc_responseInfo = id_cmc.subBranch(19);
public static final OBJECT_IDENTIFIER
id_cmc_QueryPending = id_cmc.subBranch(21);
public static final OBJECT_IDENTIFIER
id_cmc_idPOPLinkRandom = id_cmc.subBranch(22);
public static final OBJECT_IDENTIFIER
id_cmc_idPOPLinkWitness = id_cmc.subBranch(23);
public static final OBJECT_IDENTIFIER
id_cmc_idConfirmCertAcceptance = id_cmc.subBranch(24);
public static final OBJECT_IDENTIFIER
id_cct = PKIX.subBranch( 12 );
public static final OBJECT_IDENTIFIER
id_cct_PKIData = id_cct.subBranch( 2 );
public static final OBJECT_IDENTIFIER
id_cct_PKIResponse = id_cct.subBranch( 3 );
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 6);
public Tag getTag() {
return TAG;
}
public static final Form FORM = Form.PRIMITIVE;
private long[] numbers;
/**
* Creates an OBJECT_IDENTIFIER from an array of longs, which constitute
* the numbers that make up the OBJECT IDENTIFIER.
*/
public OBJECT_IDENTIFIER( long[] numbers ) {
checkLongArray(numbers);
this.numbers = numbers;
}
/**
* Checks the given array of numbers to see if it is a valid OID.
* This is not an exhaustive test, it just looks for obvious problems.
* It will throw an assertion if a problem is found. With DEBUG turned
* off, it just checks for null.
*/
private static void checkLongArray(long[] numbers) {
Assert.assert(numbers != null);
if(numbers == null) {
throw new NullPointerException();
}
Assert.assert(numbers.length >= 2);
Assert.assert( numbers[0]==0 || numbers[0]==1 || numbers[0]==2 );
}
/**
* Creates an OBJECT_IDENTIFIER from a String version. The proper format
* for the OID string is dotted numbers, for example:
* "<code>3.2.456.53.23.64</code>".
*
* @exception NumberFormatException If the given string cannot be
* parsed into an OID.
*/
public OBJECT_IDENTIFIER( String dottedOID ) throws NumberFormatException {
if( dottedOID == null || dottedOID.length()==0 ) {
throw new NumberFormatException("OID string is zero-length");
}
StringTokenizer stok = new StringTokenizer(dottedOID, ".");
numbers = new long[ stok.countTokens() ];
int i = 0;
while(stok.hasMoreElements()) {
numbers[i++] = Long.parseLong( stok.nextToken() );
}
Assert.assert( i == numbers.length );
checkLongArray(numbers);
}
public long[] getNumbers() {
return numbers;
}
public int hashCode() {
int code = 1;
for(int i = 0; i < numbers.length; i++) {
code = (int) (code + numbers[i])*10;
}
return code;
}
/**
* Creates a new OBJECT_IDENTIFIER that is a sub-branch of this one.
* For example, if <code>OBJECT_IDENTIFIER oid</code> has the value
* { 1 3 5 6 },
* then calling <code>oid.subBranch(4)</code> would return a new
* OBJECT_IDENTIFIER with the value { 1 3 5 6 4 }.
*/
public OBJECT_IDENTIFIER subBranch(long num) {
long[] nums = new long[ numbers.length + 1];
System.arraycopy(numbers, 0, nums, 0, numbers.length);
nums[numbers.length] = num;
return new OBJECT_IDENTIFIER(nums);
}
/**
* Creates a new OBJECT_IDENTIFIER that is a sub-branch of this one.
* For example, if <code>OBJECT_IDENTIFIER oid</code> has the value
* { 1 3 5 6 },
* then calling <code>oid.subBranch(new long[]{ 4, 3})</code>
* would return a new
* OBJECT_IDENTIFIER with the value { 1 3 5 6 4 3}.
*/
public OBJECT_IDENTIFIER subBranch(long[] newNums) {
long[] nums = new long[ numbers.length + newNums.length];
System.arraycopy(numbers, 0, nums, 0, numbers.length);
System.arraycopy(newNums, 0, nums, numbers.length, newNums.length);
return new OBJECT_IDENTIFIER(nums);
}
public boolean equals(Object obj) {
if(obj == null || ! (obj instanceof OBJECT_IDENTIFIER)) {
return false;
}
long[] nums = ((OBJECT_IDENTIFIER)obj).numbers;
if( nums.length != numbers.length ) {
return false;
}
for(int i = 0; i < nums.length; i++) {
if( nums[i] != numbers[i] ) {
return false;
}
}
return true;
}
public String toString() {
String ret = "{" + String.valueOf(numbers[0]);
for(int i=1; i < numbers.length; i++) {
ret = ret + " " + numbers[i];
}
ret += "}";
return ret;
}
public void encode(OutputStream ostream) throws IOException {
encode(TAG, ostream);
}
private byte[] encodedContents = null;
/**
* Gets the encoding of the contents, or a cached copy.
* Since the content encoding is the same regardless of the Tag,
* this only needs to be computed once.
*/
private byte[] getEncodedContents() {
if( encodedContents == null ) {
encodedContents = computeEncodedContents();
}
return encodedContents;
}
// We cache our encoding for a given tag. 99% of the time, only
// one tag will be used for an instance, so we will get a cache hit.
// In the remaining 1%, we'll have to recompute the encoding.
byte[] cachedEncoding=null;
Tag tagForCache=null;
/**
* Returns the encoding for the given tag. If the encoding for
* this tag was previously computed (and no encoding for a different
* tag has since been computed), this method returns a cached copy.
* Otherwise, the encoding will be recomputed.
*/
private byte[] getEncoding(Tag tag) {
if( ! tag.equals(tagForCache) ) {
// recompute for new tag
ByteArrayOutputStream out = new ByteArrayOutputStream();
ASN1Header head = getHeader(tag);
try {
head.encode(out);
} catch( IOException e ) {
// should never happen on a byte array output stream
Assert.notReached("exception while encoding ASN.1 header");
}
out.write( getEncodedContents(), 0, getEncodedContents().length );
tagForCache = tag;
cachedEncoding = out.toByteArray();
}
return cachedEncoding;
}
/**
* Compute the ASN1 header for this tag.
*/
private ASN1Header getHeader(Tag implicitTag) {
return new ASN1Header( implicitTag, FORM, getEncodedContents().length );
}
/**
* Actually computes the encoding of this object identifier.
*/
private byte[] computeEncodedContents() {
ByteArrayOutputStream out = new ByteArrayOutputStream();
// handle first number
Assert.assert(numbers.length >= 2);
long n = numbers[0];
Assert.assert( n == 0 || n == 1 || n == 2 );
long outb = ( numbers[0] * 40 ) + numbers[1];
Assert.assert( ((byte)outb) == outb );
out.write( (byte)outb );
// handle consecutive numbers
for( int i = 2; i < numbers.length; i++ ) {
n = numbers[i];
Assert.assert( n >= 0 );
// array of output bytes, in reverse order. 10 bytes, at 7 bits
// per byte, is 70 bits, which is more than enough to handle
// the maximum value of a long, which takes up 63 bits.
byte[] rev = new byte[10];
int idx=0; // index into reversed bytes
// Create reversed byte list
do {
rev[idx++] = (byte) (n % 128);
n = n / 128;
} while( n > 0 );
idx--; // backup to point to last element
// now print them in reverse order
while( idx > 0 ) {
// all but last byte have MSB==1
out.write( rev[idx--] | 0x80 );
}
Assert.assert(idx == 0);
// last byte has MSB==0
out.write( rev[0] );
}
return out.toByteArray();
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ostream.write( getEncoding(implicitTag) );
}
private static final Template templateInstance = new Template();
public static Template getTemplate() {
return templateInstance;
}
///////////////////////////////////////////////////////////////////////
// OBJECT_IDENTIFIER.Template
//
public static class Template implements ASN1Template {
public Tag getTag() {
return OBJECT_IDENTIFIER.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals(OBJECT_IDENTIFIER.TAG) );
}
public Form getForm() {
return OBJECT_IDENTIFIER.FORM;
}
public boolean formMatch(Form form) {
return( form == OBJECT_IDENTIFIER.FORM );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
long remainingContent = head.getContentLength();
// Check the information gleaned from the header
if( ! head.getTag().equals( implicitTag ) ) {
throw new InvalidBERException("Incorrect tag for "+
"OBJECT IDENTIFIER: "+ head.getTag() );
}
if( head.getForm() != getForm() ) {
throw new InvalidBERException("Incorrect form for OBJECT "+
"IDENTIFIER");
}
if( remainingContent < 1 ) {
throw new InvalidBERException("Invalid 0 length for OBJECT"+
" IDENTIFIER");
}
Vector numberV = new Vector();
// handle first byte, which contains first two numbers
byte b = readByte(istream);
remainingContent--;
long num = b % 40;
numberV.addElement( new Long( b % 40 ) ); // second number
numberV.insertElementAt( new Long( b / 40 ), 0); // first number
// handle the rest of the numbers
while( remainingContent > 0 ) {
num = 0;
// keep reading until MSB == 0
int bitcount=0;
do {
if( (bitcount+=7) > 63 ) {
// we're about to overflow our long
throw new InvalidBERException("OBJECT IDENTIFIER "+
"element too long; max is 63 bits");
}
b = readByte(istream);
remainingContent--;
num <<= 7;
num |= (b & 0x7f);
} while( (b & 0x80) != 0 );
numberV.addElement( new Long( num ) );
}
// convert Vector to array
long numbers[] = new long[ numberV.size() ];
for(int i = 0; i < numbers.length; i++) {
numbers[i] = ((Long)numberV.elementAt(i)).longValue();
}
// create OBJECT_IDENTIFIER from array
return new OBJECT_IDENTIFIER(numbers);
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "OBJECT IDENTIFIER");
}
}
/**
* Reads in a byte from the stream, throws an InvalidBERException
* if EOF is reached.
*/
private static byte readByte(InputStream istream)
throws InvalidBERException, IOException
{
int n = istream.read();
if( n == -1 ) {
throw new InvalidBERException("End-of-file reached while "+
"decoding OBJECT IDENTIFIER");
}
Assert.assert( (n & 0xff) == n );
return (byte) n;
}
} // end of OBJECT_IDENTIFIER.Template
}

147
security/jss/org/mozilla/jss/asn1/OCTET_STRING.java Normal file
Просмотреть файл

@ -0,0 +1,147 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.io.ByteArrayOutputStream;
public class OCTET_STRING implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 4);
public Tag getTag() {
return TAG;
}
public static final Form FORM = Form.PRIMITIVE;
byte[] data;
private OCTET_STRING() { }
public OCTET_STRING( byte[] data ) {
this.data = data;
}
public byte[] toByteArray() {
return data;
}
public void encode(OutputStream ostream) throws IOException {
// use getTag() so we can be subclassed
encode(getTag(), ostream);
}
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ASN1Header head = new ASN1Header(implicitTag, FORM, data.length);
head.encode(ostream);
ostream.write(data);
}
private static final Template templateInstance = new Template();
public static Template getTemplate() {
return templateInstance;
}
public static class Template implements ASN1Template {
public Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return( TAG.equals(tag) );
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
// this can be overridden by subclasses
protected ASN1Value generateInstance(byte[] bytes) {
return new OCTET_STRING( bytes );
}
// this can be overridden by subclasses
protected String getName() {
return "OCTET_STRING";
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header head = new ASN1Header(istream);
head.validate(implicitTag);
byte[] data;
if( head.getContentLength() == -1 ) {
// indefinite length encoding
ASN1Header ahead;
ByteArrayOutputStream bos = new ByteArrayOutputStream();
do {
ahead = ASN1Header.lookAhead( istream );
if( ! ahead.isEOC() ) {
OCTET_STRING.Template ot = new OCTET_STRING.Template();
OCTET_STRING os = (OCTET_STRING) ot.decode(istream);
bos.write( os.toByteArray() );
}
} while( ! ahead.isEOC() );
// consume EOC
ahead = new ASN1Header(istream);
data = bos.toByteArray();
} else {
data = new byte[ (int) head.getContentLength() ];
ASN1Util.readFully(data, istream);
}
return generateInstance(data);
} catch( InvalidBERException e ) {
throw new InvalidBERException(e, getName());
}
}
} // end of Template
}

157
security/jss/org/mozilla/jss/asn1/PrintableString.java Normal file
Просмотреть файл

@ -0,0 +1,157 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
public class PrintableString extends CharacterString implements ASN1Value {
public PrintableString(char[] chars) throws CharConversionException {
super(chars);
}
public PrintableString(String s) throws CharConversionException {
super(s);
}
CharConverter getCharConverter() {
return new PrintableConverter();
}
public static final Tag TAG = new Tag( Tag.UNIVERSAL, 19 );
public static final Form FORM = Form.PRIMITIVE;
public Tag getTag() {
return TAG;
}
/**
* Returns a singleton instance of the decoding template for this class.
*/
public static Template getTemplate() {
return templateInstance;
}
private static final Template templateInstance = new Template();
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected CharConverter getCharConverter() {
return new PrintableConverter();
}
protected CharacterString generateInstance(char[] chars)
throws CharConversionException
{
return new PrintableString(chars);
}
protected String typeName() {
return "PrintableString";
}
}
private static class PrintableConverter implements CharConverter {
private static boolean[] isPrintable = new boolean[128];
static {
char b;
for(b='A'; b <= 'Z'; b++) {
isPrintable[b] = true;
}
for(b='a'; b <= 'z'; b++) {
isPrintable[b] = true;
}
for(b='0'; b <= '9'; b++) {
isPrintable[b] = true;
}
isPrintable[' '] = true;
isPrintable['\''] = true;
isPrintable['('] = true;
isPrintable[')'] = true;
isPrintable['+'] = true;
isPrintable[','] = true;
isPrintable['-'] = true;
isPrintable['.'] = true;
isPrintable['/'] = true;
isPrintable[':'] = true;
isPrintable['='] = true;
isPrintable['?'] = true;
}
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
char[] chars = new char[len];
int c; // char index
int b; // byte index
for(c=0, b=offset; c < len; b++, c++) {
if( (bytes[b] & 0x80) != 0 || !isPrintable[bytes[b]] ) {
/* fix for bug 359010 - don't throw, just skip
* throw new CharConversionException(bytes[b]+ " is not "+
* "a valid character for a PrintableString");
*/
} else {
chars[c] = (char) bytes[b];
}
}
return chars;
}
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
byte[] bytes = new byte[len];
int c; // char index
int b; // byte index
for(c=0, b=0; b < len; b++, c++) {
if( (chars[c] & 0xff80) != 0 || !isPrintable[chars[c]] ) {
throw new CharConversionException(chars[c]+ " is not "+
"a valid character for a PrintableString");
}
bytes[b] = (byte) (chars[c] & 0x7f);
}
return bytes;
}
} // end of char converter
}

725
security/jss/org/mozilla/jss/asn1/SEQUENCE.java Normal file
Просмотреть файл

@ -0,0 +1,725 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.io.FileInputStream;
import java.io.BufferedInputStream;
import java.util.Vector;
import com.netscape.jss.util.Assert;
import java.math.BigInteger;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
/**
* An ASN.1 SEQUENCE. This class is an ordered collection of ASN.1 values.
* It has an interface similar to a Java <code>Vector</code>.
* Null entries may be added; they will be skipped when encoded.
*/
public class SEQUENCE extends SET implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 16);
public Tag getTag() {
return TAG;
}
public static Template getTemplate() {
return new Template();
}
/**
* Writes the DER encoding to the given output stream,
* using the given implicit tag.
*/
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
BERencode(implicitTag, ostream);
}
// SET.Element and SEQUENCE.Element are identical types. We could
// have just reused SET.Element, but that would have been a bit
// confusing for users.
private static class Element extends SET.Element {
public Element( ASN1Value val ) {
super(val);
}
public Element( Tag implicitTag, ASN1Value val) {
super(implicitTag, val);
}
}
/**
* A class for constructing a <code>SEQUENCE</code> from its BER encoding.
* It is an ordered collection of sub-templates. Each sub-template can be
* marked optional, or a default value can be given.
*/
public static class Template implements ASN1Template {
private Vector elements = new Vector();
private void addElement(Element el) {
elements.addElement( el );
}
private void insertElementAt(Element e, int index) {
elements.insertElementAt(e, index);
}
/**
* Adds a sub-template to the end of this SEQUENCE template. For example,
* if the ASN.1 included:
* <pre>
* MySequence ::= SEQUENCE {
* item SubType,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addElement( new SubType.Template() );
* </pre>
*/
public void addElement( ASN1Template t ) {
addElement( new Element(null, t, false) );
}
/**
* Inserts the template at the given index.
*/
public void insertElementAt( ASN1Template t, int index )
{
insertElementAt( new Element(null, t, false), index );
}
/**
* Adds a sub-template to the end of this SEQUENCE template, with the
* given implicit tag. For example, if the ASN.1 were:
* <pre>
* MySequence ::= SEQUENCE {
* item [0] IMPLICIT SubType,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addElement( new Tag(0), new SubType.Template());
* </pre>
*/
public void addElement( Tag implicitTag, ASN1Template t ) {
addElement( new Element(implicitTag, t, false) );
}
/**
* Inserts the template with the given implicit tag at the given index.
*/
public void insertElementAt( Tag implicit, ASN1Template t,
int index )
{
insertElementAt( new Element(implicit, t, false), index );
}
/**
* Adds an optional sub-template. For example, if the ASN.1 were:
* <pre>
* MySequence ::= SEQUENCE {
* item SubType OPTIONAL,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addOptionalElement( new SubType.Template() );
* </pre>
*/
public void addOptionalElement( ASN1Template t ) {
addElement( new Element(null, t, true) );
}
/**
* Inserts the optional template at the given index.
*/
public void insertOptionalElementAt( ASN1Template t, int index )
{
insertElementAt( new Element(null, t, true), index );
}
/**
* Adds an optional sub-template with an implicit tag. For example,
* if the ASN.1 were:
* <pre>
* MySequence ::= SEQUENCE {
* item [0] IMPLICIT SubType OPTIONAL,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addOptionalElement( new SubType.Template() );
* </pre>
*/
public void addOptionalElement( Tag implicitTag, ASN1Template t ) {
addElement( new Element(implicitTag, t, true) );
}
/**
* Inserts the optional template with the given default
* value at the given index.
*/
public void insertOptionalElementAt( Tag implicit, ASN1Template t,
int index )
{
insertElementAt( new Element(implicit, t, true), index );
}
/**
* Adds a sub-template with a default value. For example,
* if the ASN.1 were:
* <pre>
* MySequence ::= SEQUENCE {
* version INTEGER DEFAULT 1,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addElement( new INTEGER.Template(), new INTEGER(1) );
* </pre>
* @param def The default value for this field, which will be used if
* no value is supplied by the encoded structure. It must be of
* the same type as what the template would produce.
*/
public void addElement( ASN1Template t, ASN1Value def ) {
addElement( new Element(null, t, def) );
}
/**
* Inserts the template with the given default
* value at the given index.
*/
public void insertElementAt( ASN1Template t, ASN1Value def, int index )
{
insertElementAt( new Element(null, t, def), index );
}
/**
* Adds a sub-template with a default value and an implicit tag.
* For example, if the ASN.1 were:
* <pre>
* MySequence ::= SEQUENCE {
* version [0] IMPLICIT INTEGER DEFAULT 1,
* ... }
* </pre>
* the "item" element would be added to the MySequence template with:
* <pre>
* mySequence.addElement( new Tag(0), new INTEGER.Template(),
* new INTEGER(1) );
* </pre>
* @param def The default value for this field, which will be used if
* no value is supplied by the encoded structure. It must be of
* the same type as what the template would produce.
*/
public void addElement( Tag implicitTag, ASN1Template t, ASN1Value def) {
addElement( new Element(implicitTag, t, def) );
}
/**
* Inserts the template with the given implicit tag and given default
* value at the given index.
*/
public void insertElementAt( Tag implicit, ASN1Template t, ASN1Value def,
int index )
{
insertElementAt( new Element(implicit, t, def), index );
}
/**
* Returns the implicit tag of the item stored at the given index.
* May be NULL if no implicit tag was specified.
*/
public Tag implicitTagAt( int index ) {
return ((Element)elements.elementAt(index)).getImplicitTag();
}
/**
* Returns the sub-template stored at the given index.
*/
public ASN1Template templateAt( int index ) {
return ((Element)elements.elementAt(index)).getTemplate();
}
/**
* Returns whether the sub-template at the given index is optional.
*/
public boolean isOptionalAt( int index ) {
return ((Element)elements.elementAt(index)).isOptional();
}
/**
* Returns the default value for the sub-template at the given index.
* May return NULL if no default value was specified.
*/
public ASN1Value defaultAt( int index ) {
return ((Element)elements.elementAt(index)).getDefault();
}
/**
* Returns the number of elements in this SEQUENCE template.
*/
public int size() {
return elements.size();
}
/**
* Removes all sub-templates from this SEQUENCE template.
*/
public void removeAllElements() {
elements.removeAllElements();
}
/**
* Removes the sub-template at the given index.
*/
public void removeElementAt(int index) {
elements.removeElementAt(index);
}
Tag getTag() {
return SEQUENCE.TAG;
}
public boolean tagMatch(Tag tag) {
return( tag.equals(SEQUENCE.TAG) );
}
/**
* Decodes a SEQUENCE from its BER encoding.
*/
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
/**
* Decodes a SEQUENCE from its BER encoding, where the SEQUENCE itself has
* an implicit tag.
*/
public ASN1Value decode(Tag tag, InputStream istream)
throws IOException, InvalidBERException
{
int index = 0;
try {
ASN1Header header = new ASN1Header(istream);
header.validate( tag, Form.CONSTRUCTED );
// will be -1 for indefinite encoding
long remainingContent = header.getContentLength();
boolean repeatableElement=false;
SEQUENCE seq = new SEQUENCE();
ASN1Header lookAhead=null;
// go through the whole template
for( index = 0; index < size(); index++ ) {
// find out about the next item
if( remainingContent == 0 ) {
lookAhead = null;
} else {
// remainingContent > 0 or remainingContent == -1, which means
// indefinite encoding.
lookAhead = ASN1Header.lookAhead(istream);
}
// skip over items that don't match. Hopefully they are
// optional or have a default. Otherwise, it's an error.
Element e = (Element) elements.elementAt(index);
if( (lookAhead == null) || lookAhead.isEOC() ||
! e.tagMatch( lookAhead.getTag() ) )
{
if( e.isRepeatable() ) {
repeatableElement = true;
} else if( e.isOptional() ) {
// put an empty entry into the SEQUENCE
SEQUENCE.Element se = new SEQUENCE.Element(null, null );
seq.addElement( null );
} else if( e.getDefault() != null ) {
// use the default
seq.addElement( e.getDefault() );
} else {
throw new InvalidBERException("Missing item #"+index+
" need tag " + lookAhead.getTag() + " element tag " + e.getImplicitTag() + " in SEQUENCE");
}
continue;
}
// Decode this element
ASN1Template t = e.getTemplate();
ASN1Value val;
CountingStream countstream = new CountingStream(istream);
if( e.getImplicitTag() == null ) {
val = t.decode(countstream);
} else {
val = t.decode(e.getImplicitTag(), countstream);
}
// Decrement remaining count
long len = countstream.getNumRead();
if( remainingContent != -1 ) {
if( remainingContent < len ) {
// this item went past the end of the SEQUENCE
throw new InvalidBERException("Item went "+
(len-remainingContent)+" bytes past the end of"+
" the SEQUENCE");
}
remainingContent -= len;
}
// Store this element in the SEQUENCE
if( e.getImplicitTag() == null ) {
// no implicit tag
seq.addElement( val );
} else {
// there is an implicit tag
seq.addElement( e.getImplicitTag(), val );
}
// If this element is repeatable, don't go on to the next element
if( e.isRepeatable() ) {
repeatableElement = true;
index--;
}
}
if( remainingContent > 0 ) {
throw new InvalidBERException("SEQUENCE is longer than expected "+remainingContent+" expected");
}
Assert.assert( remainingContent == 0 || remainingContent == -1 );
// If this was indefinite-length encoding, consume the end-of-contents
if( remainingContent == -1 ) {
lookAhead = new ASN1Header(istream);
if( ! lookAhead.isEOC() ) {
throw new InvalidBERException("No end-of-contents marker");
}
}
// Make sure we stayed in sync
if( ! repeatableElement ) {
Assert.assert(index == seq.size());
}
return seq;
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "SEQUENCE(item #"+index+")");
}
}
/**
* An element of a SEQUENCE template. For each sub-template, contains the
* template, its optionality, its implicit tag, and its default value.
*/
static class Element {
/**
* Creates a new element, which may or may not be optional.
*/
public Element(Tag implicitTag, ASN1Template type, boolean optional)
{
this.type = type;
defaultVal = null;
this.optional = optional;
this.implicitTag = implicitTag;
}
/**
* Creates a new element with a default value.
*/
public Element(Tag implicitTag, ASN1Template type, ASN1Value defaultVal)
{
this.type = type;
this.defaultVal = defaultVal;
optional = false;
this.implicitTag = implicitTag;
}
// repeatability is provided to allow for SEQUENCE OF SIZE
// constructs. It is package private.
private boolean repeatable;
void makeRepeatable() {
repeatable = true;
}
boolean isRepeatable() {
return repeatable;
}
private boolean optional;
public boolean isOptional() {
return optional;
}
private Tag implicitTag=null;
public Tag getImplicitTag() {
return implicitTag;
}
public boolean tagMatch(Tag tag) {
if( implicitTag != null ) {
return( implicitTag.equals(tag) );
} else {
return type.tagMatch(tag);
}
}
private ASN1Template type;
public ASN1Template getTemplate() {
return type;
}
private ASN1Value defaultVal=null;
public ASN1Value getDefault() {
return defaultVal;
}
}
} // End of SEQUENCE.Template
/**
* A Template for decoding SEQUENCE OF values. The main difference between
* a SEQUENCE.Template and a SEQUENCE.OF_Template is that a regular template
* specifies the exact ordering, number, and type of elements of the sequence,
* while
* an OF_Template has an indefinite number of elements, all the same type.
* For example, given:
* <pre>
* MyType ::= SEQUENCE OF Extension
* </pre>
* a MyType could be decoded with:
* <pre>
* SEQUENCE.OF_Template myTypeTemplate = new SEQUENCE.OF_Template( new
* Extension.Template) );
* SEQUENCE seq = (SEQUENCE) myTypeTemplate.decode(someInputStream);
* </pre>
* The number of <code>Extension</code>s actually decoded could be found
* with <code>seq.size()</code>.
*/
public static class OF_Template implements ASN1Template {
private OF_Template() { }
Template template; // a normal SEQUENCE template
public OF_Template(ASN1Template type) {
template = new Template();
Template.Element el = new Template.Element(null, type, true); //optional
el.makeRepeatable();
template.addElement( el );
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
/**
* Decodes a SEQUENCE OF from an input stream.
*/
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return template.decode(istream);
}
/**
* Decodes a SEQUENCE OF with an implicit tag from an input stream.
*/
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
return template.decode(implicitTag, istream);
}
}
public static void main(String args[]) {
try {
if(args.length > 0) {
// input
Template type = new Template();
type.addOptionalElement( new Tag(15), new INTEGER.Template() );
type.addElement( new Tag(16), new INTEGER.Template(),
new INTEGER(42) );
type.addElement( new INTEGER.Template() );
type.addElement( new BOOLEAN.Template() );
type.addElement( new INTEGER.Template() );
type.addOptionalElement( new Tag(12), new INTEGER.Template() );
type.addElement( new BOOLEAN.Template() );
type.addElement( new Tag(13), new INTEGER.Template(),
new INTEGER(53) );
type.addElement( new INTEGER.Template() );
type.addElement( new INTEGER.Template() );
type.addOptionalElement( new Tag(14), new INTEGER.Template() );
type.addElement( new OBJECT_IDENTIFIER.Template() );
type.addElement( new NULL.Template() );
type.addElement( new EXPLICIT.Template(
new Tag(27), new INTEGER.Template()));
type.addElement( new ENUMERATED.Template() );
type.addElement( new OCTET_STRING.Template() );
type.addElement( new IA5String.Template() );
CHOICE.Template choice = new CHOICE.Template();
choice.addElement( new Tag(23), new INTEGER.Template() );
choice.addElement( new BOOLEAN.Template() );
type.addElement( choice );
type.addElement( new BIT_STRING.Template() );
type.addElement( new ANY.Template() );
type.addElement( new PrintableString.Template() );
type.addElement( new OF_Template( new INTEGER.Template() ) );
type.addElement( new OF_Template( new INTEGER.Template() ) );
FileInputStream fin = new FileInputStream(args[0]);
System.out.println("Available: "+fin.available());
byte[] stuff = new byte[ fin.available() ];
ASN1Util.readFully(stuff, fin);
SEQUENCE s=null;
for( int i = 0; i < 1; i++) {
s = (SEQUENCE) type.decode( new ByteArrayInputStream(stuff) );
}
for(int i=0; i < s.size(); i ++ ) {
ASN1Value v = s.elementAt(i);
if(v instanceof ENUMERATED) {
ENUMERATED en = (ENUMERATED) v;
System.out.println("ENUMERATED: "+en);
} else if( v instanceof INTEGER ) {
INTEGER in = (INTEGER) v;
System.out.println("INTEGER: "+in);
} else if(v instanceof BOOLEAN ) {
BOOLEAN bo = (BOOLEAN) v;
System.out.println("BOOLEAN: "+bo);
} else if(v instanceof OBJECT_IDENTIFIER) {
OBJECT_IDENTIFIER oid = (OBJECT_IDENTIFIER) v;
System.out.println("OID: "+oid);
} else if(v instanceof NULL) {
NULL n = (NULL) v;
System.out.println("NULL");
} else if(v instanceof EXPLICIT) {
EXPLICIT ex = (EXPLICIT) v;
INTEGER in = (INTEGER) ex.getContent();
System.out.println("EXPLICIT ["+ex.getTag()+"]: "+
"INTEGER: "+in);
} else if(v instanceof OCTET_STRING) {
OCTET_STRING os = (OCTET_STRING) v;
byte[] bytes = os.toByteArray();
System.out.print("OCTET_STRING: ");
for(int j = 0; j < bytes.length; j++) {
System.out.print(bytes[j]+" ");
}
System.out.println("");
} else if( v instanceof CharacterString ) {
CharacterString cs = (CharacterString) v;
System.out.println("String: "+cs);
} else if( v instanceof BIT_STRING ) {
BIT_STRING bs = (BIT_STRING) v;
System.out.print("BIT_STRING: padCount="+
bs.getPadCount()+" : ");
byte[] bits = bs.getBits();
for(int j = 0; j < bits.length; j++) {
System.out.print(bits[j]+" ");
}
System.out.println("");
} else if( v instanceof ANY ) {
ANY any = (ANY) v;
Tag tag = any.getTag();
System.out.println("Got ANY, tag is "+tag);
ByteArrayInputStream bos =
new ByteArrayInputStream( any.getEncoded() );
INTEGER in = (INTEGER) new INTEGER.Template().decode(bos);
System.out.println(" INTEGER: "+in);
} else if(v instanceof SEQUENCE ) {
SEQUENCE seq = (SEQUENCE)v;
System.out.println("SEQUENCE: ");
for(int j=0; j < seq.size(); j++ ) {
INTEGER in = (INTEGER) seq.elementAt(j);
System.out.println(" INTEGER: "+in);
}
} else {
System.out.println("Unknown value");
}
}
} else {
// output
SEQUENCE seq = new SEQUENCE();
seq.addElement( new INTEGER(5) );
seq.addElement( new BOOLEAN(true) );
seq.addElement( new INTEGER(-322) );
seq.addElement( new BOOLEAN(false) );
seq.addElement( new INTEGER(0) );
seq.addElement( new INTEGER("2934293834242") );
seq.addElement( new OBJECT_IDENTIFIER(
new long[] { 1, 2, 127, 563, 1231982 } ) );
seq.addElement( new NULL() );
seq.addElement( new EXPLICIT( new Tag(27), new INTEGER(39) ));
seq.addElement( new ENUMERATED(983) );
seq.addElement( new OCTET_STRING( new byte[] {
(byte)0x0, (byte)0xff, (byte)0xcc} ) );
seq.addElement( new IA5String("foobar") );
seq.addElement( new Tag(23), new INTEGER(234) );
//seq.addElement( new BOOLEAN(false) );
byte[] bits = new byte[]{ (byte)0x80, (byte)0xff, (byte)0x0f };
seq.addElement( new BIT_STRING( bits, 3 ) );
seq.addElement( new INTEGER(82734) );
seq.addElement( new PrintableString("I'm printable??") );
SEQUENCE nested = new SEQUENCE();
nested.addElement( new INTEGER( 5 ) );
nested.addElement( new INTEGER( 6 ) );
seq.addElement( nested );
nested = new SEQUENCE();
seq.addElement( nested );
seq.encode(System.out);
System.out.flush();
}
} catch( Exception e) {
e.printStackTrace();
}
}
}

930
security/jss/org/mozilla/jss/asn1/SET.java Normal file
Просмотреть файл

@ -0,0 +1,930 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.math.BigInteger;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;
import com.netscape.jss.util.Assert;
import java.io.FileInputStream;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
/**
* An ASN.1 SET, which is an unordered collection of ASN.1 values.
* It has an interface like a Java Vector, but the ordering is arbitrary.
* Null entries may be added; they will be skipped when encoding.
*/
public class SET implements ASN1Value {
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 17);
public Tag getTag() {
return TAG;
}
protected static final Form FORM = Form.CONSTRUCTED;
// The elements of the set
protected Vector elements = new Vector();
private void addElement( Element e ) {
elements.addElement(e);
}
private void insertElementAt( Element e, int index ) {
elements.insertElementAt(e, index);
}
/**
* Adds an element to this SET.
*/
public void addElement( ASN1Value v ) {
addElement( new Element(v) );
}
/**
* Adds an element to this SET with the given implicit tag. For example,
* if the ASN.1 were:
* <pre>
* MyType ::= SET {
* item [0] IMPLICIT INTEGER,
* ... }
* </pre>
* then the "item" element could be added (with a sample value of 45)
* to the SET with:
* <pre>
* myTypeInstance.addElement( new Tag(0), new INTEGER(45) );
* </pre>
*/
public void addElement( Tag implicitTag, ASN1Value v ) {
addElement( new Element(implicitTag, v) );
}
/**
* Inserts an element at the given index.
*/
public void insertElementAt( ASN1Value v, int index ) {
insertElementAt( new Element(v), index );
}
/**
* Inserts an element with the given implicit tag at the given index.
*/
public void insertElementAt( Tag implicitTag, ASN1Value v, int index ) {
insertElementAt( new Element(implicitTag, v), index );
}
/**
* Returns the element at the given index in the SET.
*/
public ASN1Value elementAt( int index ) {
return ((Element)elements.elementAt(index)).getValue();
}
/**
* Returns the tag of the element at the given index. If the element
* has an implicit tag, that is returned. Otherwise, the tag of the
* underlying type is returned.
*/
public Tag tagAt( int index ) {
Tag implicit = ((Element)elements.elementAt(index)).getImplicitTag();
if( implicit != null ) {
return implicit;
} else {
return elementAt(index).getTag();
}
}
/**
* Returns the element with the given Tag, or null if no element exists
* with the given tag.
*/
public ASN1Value elementWithTag( Tag tag ) {
// hmmm...linear search for now, should use hashtable later
int size = elements.size();
for( int i=0; i < size; i++ ) {
Element e = (Element) elements.elementAt(i);
if( e.getTag().equals(tag) ) {
return e.getValue();
}
}
return null;
}
/**
* Returns the number of elements in this SET.
*/
public int size() {
return elements.size();
}
/**
* Removes all elements from this SET.
*/
public void removeAllElements() {
elements.removeAllElements();
}
/**
* Removes the element from the specified index.
*/
public void removeElementAt(int index) {
elements.removeElementAt(index);
}
/**
* Writes the DER encoding to the given output stream.
*/
public void encode(OutputStream ostream)
throws IOException
{
encode(getTag(), ostream);
}
/**
* Writes the DER encoding to the given output stream,
* using the given implicit tag. To satisfy DER encoding rules,
* the elements will be re-ordered either by tag or lexicographically.
*/
public void encode(Tag implicitTag, OutputStream ostream)
throws IOException
{
// what ordering method?
boolean lexOrdering;
if( elements.size() < 2 ) {
// doesn't matter, only one element
lexOrdering = true;
} else if( tagAt(0).equals(tagAt(1)) ) {
// tags are the same, lexicographic ordering
lexOrdering = true;
} else {
// tags are different, order by tag
lexOrdering = false;
}
// compute and order contents
int numElements = elements.size();
int totalBytes = 0;
Vector encodings = new Vector(numElements);
Vector tags = new Vector(numElements);
int i;
for(i = 0; i < numElements; i++ ) {
// if an entry is null, just skip it
if( elementAt(i) != null ) {
byte[] enc = ASN1Util.encode(tagAt(i), elementAt(i));
totalBytes += enc.length;
if( lexOrdering ) {
insertInOrder(encodings, enc);
} else {
insertInOrder(encodings, enc, tags, (int) tagAt(i).getNum());
}
}
}
// write header
ASN1Header header = new ASN1Header( implicitTag, FORM, totalBytes );
header.encode(ostream);
// write contents in order
for(i=0; i < numElements; i++ ) {
ostream.write( (byte[]) encodings.elementAt(i) );
}
}
/**
* Encodes this SET without re-ordering it. This may violate
* DER, but it is within BER.
*/
public void BERencode(Tag implicitTag, OutputStream ostream)
throws IOException
{
ByteArrayOutputStream bos = new ByteArrayOutputStream();
// compute contents
int size = elements.size();
for(int i = 0; i < size; i++ ) {
ASN1Value el = elementAt(i);
if(el!=null) {
el.encode(tagAt(i), bos);
}
}
byte[] bytes = bos.toByteArray();
// write header
ASN1Header header = new ASN1Header( implicitTag, FORM, bytes.length );
header.encode(ostream);
// write contents
ostream.write(bytes);
}
// performs ascending lexicographic ordering
// linear search, but number of items is usually going to be small.
private static void insertInOrder(Vector encs, byte[] enc) {
int size = encs.size();
// find the lowest item that we are less than or equal to
int i;
for(i=0; i < size; i++) {
if( compare(enc, (byte[])encs.elementAt(i)) < 1 ) {
break;
}
}
// insert ourself before this item
encs.insertElementAt(enc, i);
}
// performs ascending ordering by tag
// linear search, but number of items is usually going to be small.
private static void insertInOrder(Vector encs, byte[] enc, Vector tags,
int tag)
{
int size = encs.size();
// find the lowest item that we are less than or equal to
int i;
for(i = 0; i < size; i++) {
if( tag <= ((Integer)tags.elementAt(i)).intValue() ) {
break;
}
}
// insert ourself before this item
encs.insertElementAt(enc, i);
tags.insertElementAt(new Integer(i), i );
}
// compares two byte arrays
// returns 1 if left > right, -1 if left < right, 0 if left == right
private static int compare(byte[] left, byte[] right) {
int min = (left.length < right.length) ? left.length : right.length;
for(int i=0; i < min; i++) {
if( (left[i]&0xff) < (right[i]&0xff) ) {
return -1;
} else if( (left[i]&0xff) > (right[i]&0xff) ) {
return 1;
}
}
// equal up to the minimal endpoint
if( left.length > min ) {
Assert.assert(right.length==min);
return 1;
}
if( right.length > min ) {
Assert.assert(left.length==min);
return -1;
}
return 0;
}
/**
* An element of a SET
*/
static class Element {
/**
* Makes a new SET element from the given value.
*/
public Element( ASN1Value val ) {
this.val = val;
}
/**
* Makes a new SET element from the given value with the given
* implicit tag.
*/
public Element( Tag implicitTag, ASN1Value val )
{
this.val = val;
this.implicitTag = implicitTag;
}
private ASN1Value val;
/**
* Returns the value of this SET element.
*/
public ASN1Value getValue() {
return val;
}
/**
* Returns the tag that actually shows up in the encoding.
* If there is an implicit tag, it will be used. Otherwise,
* it will be the base tag for the value.
*/
public Tag getTag() {
if(implicitTag!=null) {
return implicitTag;
} else {
return val.getTag();
}
}
private Tag implicitTag=null;
/**
* Returns the implicit tag for this value, if there is one.
* If not, returns null.
*/
public Tag getImplicitTag() {
return implicitTag;
}
}
/**
* SET.Template
* This class is used for decoding DER-encoded SETs.
*/
public static class Template implements ASN1Template {
private Vector elements = new Vector();
private void addElement( Element e ) {
elements.addElement(e);
}
private void insertElementAt( Element e, int index ) {
elements.insertElementAt(e, index);
}
/**
* Adds a sub-template to the end of this SET template. For example,
* if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item SubType,
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addElement( new SubType.Template() );
* </pre>
*/
public void addElement( ASN1Template t ) {
addElement( new Element(TAG, t, false) );
}
/**
* Inserts the template at the given index.
*/
public void insertElementAt( ASN1Template t, int index )
{
insertElementAt( new Element(TAG, t, false), index );
}
/**
* Adds a sub-template with the given implicit tag to the end of this
* SET template. For example, if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item [0] IMPLICIT SubType,
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addElement( new Tag(0), new SubType.Template() );
* </pre>
*/
public void addElement( Tag implicit, ASN1Template t ) {
addElement( new Element(implicit, t, false) );
}
/**
* Inserts the template with the given implicit tag at the given index.
*/
public void insertElementAt( Tag implicit, ASN1Template t,
int index )
{
insertElementAt( new Element(implicit, t, false), index );
}
/**
* Adds an optional sub-template to the end
* of this SET template. For example, if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item SubType OPTIONAL,
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addOptionalElement( new SubType.Template() );
* </pre>
*/
public void addOptionalElement( ASN1Template t ) {
addElement( new Element(TAG, t, true) );
}
/**
* Inserts the optional template at the given index.
*/
public void insertOptionalElementAt( ASN1Template t, int index )
{
insertElementAt( new Element(null, t, true), index );
}
/**
* Adds an optional sub-template with the given implicit tag to the end
* of this SET template. For example, if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item [0] IMPLICIT SubType OPTIONAL,
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addOptionalElement( new Tag(0), new SubType.Template() );
* </pre>
*/
public void addOptionalElement( Tag implicit, ASN1Template t ) {
addElement( new Element(implicit, t, true) );
}
/**
* Inserts the optional template with the given default
* value at the given index.
*/
public void insertOptionalElementAt( Tag implicit, ASN1Template t,
int index )
{
insertElementAt( new Element(implicit, t, true), index );
}
/**
* Adds a sub-template with the given default value to the end
* of this SET template. For example, if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item INTEGER DEFAULT (5),
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addElement( new SubType.Template(), new INTEGER(5) );
* </pre>
*/
public void addElement( ASN1Template t, ASN1Value def ) {
addElement( new Element(TAG, t, def) );
}
/**
* Inserts the template with the given default
* value at the given index.
*/
public void insertElementAt( ASN1Template t, ASN1Value def, int index )
{
insertElementAt( new Element(null, t, def), index );
}
/**
* Adds a sub-template with the given default value and implicit tag to
* the end of this SET template. For example, if the ASN.1 included:
* <pre>
* MySet ::= SET {
* item [0] IMPLICIT INTEGER DEFAULT (5),
* ... }
* </pre>
* the "item" element would be added to the MySet template with:
* <pre>
* mySet.addElement( new Tag(0), new SubType.Template(), new INTEGER(5) );
* </pre>
*/
public void addElement( Tag implicit, ASN1Template t, ASN1Value def ) {
addElement( new Element(implicit, t, def) );
}
/**
* Inserts the template with the given implicit tag and given default
* value at the given index.
*/
public void insertElementAt( Tag implicit, ASN1Template t, ASN1Value def,
int index )
{
insertElementAt( new Element(implicit, t, def), index );
}
/**
* Returns the implicit tag of the item stored at the given index.
* May be NULL if no implicit tag was specified.
*/
public Tag implicitTagAt(int index) {
return ((Element)elements.elementAt(index)).getImplicitTag();
}
/**
* Returns the sub-template stored at the given index.
*/
public ASN1Template templateAt(int index) {
return ((Element)elements.elementAt(index)).getTemplate();
}
/**
* Returns <code>true</code> if the sub-template at the given index
* is optional.
*/
public boolean isOptionalAt(int index) {
return ((Element)elements.elementAt(index)).isOptional();
}
private boolean isRepeatableAt(int index) {
return ((Element)elements.elementAt(index)).isRepeatable();
}
/**
* Returns the default value for the sub-template at the given index.
* May return NULL if no default value was specified.
*/
public ASN1Value defaultAt(int index) {
return ((Element)elements.elementAt(index)).getDefault();
}
/**
* Returns the number of elements in the SET.
*/
public int size() {
return elements.size();
}
public void removeAllElements() {
elements.removeAllElements();
}
public void removeElementAt(int index) {
elements.removeElementAt(index);
}
private Tag getTag() {
return SET.TAG;
}
/**
* Determines whether the given tag satisfies this template.
*/
public boolean tagMatch(Tag tag) {
return( tag.equals(SET.TAG) );
}
/**
* Decodes the input stream into a SET value.
*/
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
/**
* Decodes the input stream into a SET value with the given implicit
* tag.
*/
public ASN1Value decode(Tag tag, InputStream istream)
throws IOException, InvalidBERException
{
try {
ASN1Header header = new ASN1Header(istream);
header.validate( tag, Form.CONSTRUCTED );
// remainingContent will be -1 for indefinite length encoding
long remainingContent = header.getContentLength();
SET set = new SET();
ASN1Header lookAhead;
boolean[] found = new boolean[ elements.size() ];
// while content remains, try to decode it
while( remainingContent > 0 || remainingContent == -1) {
// find out about the next item
lookAhead = ASN1Header.lookAhead(istream);
// if we found the end-of-content marker, we're done
if( lookAhead.isEOC() ) {
if( remainingContent != -1 ) {
throw new InvalidBERException("Unexpected end-of-content"+
"marker");
}
lookAhead = new ASN1Header(istream);
break;
}
// Find the element with the matching tag
int index = findElementByTag( lookAhead.getTag() );
if( index == -1 ) {
// element not found
throw new InvalidBERException("Unexpected Tag in SET: "+
lookAhead.getTag() );
}
Element e = (Element) elements.elementAt(index);
if( found[index] && ! e.isRepeatable() ) {
// element already found, and it's not repeatable
throw new InvalidBERException("Duplicate Tag in SET: "+
lookAhead.getTag() );
}
// mark this element as found
found[index] = true;
// Decode this element
ASN1Template t = e.getTemplate();
ASN1Value val;
CountingStream countstream = new CountingStream(istream);
if( e.getImplicitTag() == null ) {
val = t.decode(countstream);
} else {
val = t.decode(e.getImplicitTag(), countstream);
}
// Decrement remaining count
long len = countstream.getNumRead();
if( remainingContent != -1 ) {
if( remainingContent < len ) {
// this item went past the end of the SET
throw new InvalidBERException("Item went "+
(len-remainingContent)+" bytes past the end of"+
" the SET");
}
remainingContent -= len;
}
// Store this element in the SET
SET.Element se;
if( e.getImplicitTag() == null ) {
// no implicit tag
se = new SET.Element(val);
} else {
// there is an implicit tag
se = new SET.Element( e.getImplicitTag(), val );
}
set.addElement(se);
}
// We check for this after we read in each item, so this shouldn't
// happen
Assert.assert( remainingContent == 0 || remainingContent == -1);
// Deal with elements that weren't present.
int size = elements.size();
for(int i = 0; i < size; i++) {
if( !found[i] ) {
if( isOptionalAt(i) || isRepeatableAt(i) ) {
// no problem
} else if( defaultAt(i) != null ) {
set.addElement( new SET.Element(defaultAt(i)) );
} else {
throw new InvalidBERException("Field not found in SET");
}
}
}
return set;
} catch(InvalidBERException e) {
throw new InvalidBERException(e, "SET");
}
}
/**
* Returns the index in the vector of the type with this tag and class,
* or -1 if not found.
* lame linear search - but we're dealing with small numbers of elements,
* so it's probably not worth it to use a hashtable
*/
private int findElementByTag(Tag tag) {
int size = elements.size();
for( int i = 0; i < size ; i++ ) {
Element e = (Element) elements.elementAt(i);
if( e.tagMatch( tag ) ) {
// match!
return i;
}
}
// no match
return -1;
}
/**
* An element of a SET template.
*/
public static class Element {
public Element(Tag implicitTag, ASN1Template type, boolean optional)
{
this.type = type;
defaultVal = null;
this.optional = optional;
this.implicitTag = implicitTag;
}
public Element(Tag implicitTag, ASN1Template type, ASN1Value defaultVal)
{
this.type = type;
this.defaultVal = defaultVal;
optional = false;
this.implicitTag = implicitTag;
}
// Repeatability is used for SET OF. It is package private.
private boolean repeatable;
void makeRepeatable() {
repeatable = true;
}
boolean isRepeatable() {
return repeatable;
}
private boolean optional;
public boolean isOptional() {
return optional;
}
private Tag implicitTag=null;
public Tag getImplicitTag() {
return implicitTag;
}
/**
* Determines whether the given tag satisfies this SET element.
*/
public boolean tagMatch(Tag tag) {
if( implicitTag != null ) {
return( implicitTag.equals(tag) );
} else {
return type.tagMatch(tag);
}
}
private ASN1Template type;
/**
* Returns the template for this element.
*/
public ASN1Template getTemplate() {
return type;
}
private ASN1Value defaultVal=null;
/**
* Returns the default value for this element, if one exists.
* Otherwise, returns null.
*/
public ASN1Value getDefault() {
return defaultVal;
}
}
} // End of SET.Template
/**
* A Template for decoding SET OF values.
* Use this if you have a SIZE qualifier on your SET OF.
* The SET will consume as many instances of type as it can, rather than
* stopping after the first one. This is equivalent to SIZE (0..MAX).
* If you need something more restrictive, you can look at what gets parsed
* and decide whether it's OK or not yourself.
*/
public static class OF_Template implements ASN1Template {
private OF_Template() { }
private Template template; // a normal SET template
/**
* Creates an OF_Template with the given type. For example:
* <pre>
* MySet ::= SET OF INTEGER;
* </pre>
* A <code>MySet</code> template would be constructed with:
* <pre>
* SET.OF_Template mySetTemplate = new SET.OF_Template( new
* INTEGER.Template() );
* </pre>
*/
public OF_Template(ASN1Template type) {
template = new Template();
Template.Element el = new Template.Element( null, type, false );
el.makeRepeatable();
template.addElement( el );
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
/**
* Decodes a <code>SET OF</code> from its BER encoding.
*/
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return template.decode(istream);
}
/**
* Decodes a <code>SET OF</code> with an implicit tag from its BER
* encoding.
*/
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
return template.decode(implicitTag, istream);
}
}
// Test driver for SET
public static void main(String args[]) {
try {
if(args.length > 0) {
FileInputStream fin = new FileInputStream( args[0] );
Template t = new SET.Template();
t.addElement(new Tag(0), new INTEGER.Template() );
t.addElement( new Tag(3), new INTEGER.Template() );
t.addOptionalElement( new Tag(4), new INTEGER.Template() );
t.addElement( new Tag(5), new INTEGER.Template(), new INTEGER(67) );
t.addElement( new Tag(29), new BOOLEAN.Template() );
t.addElement( new Tag(30), new BOOLEAN.Template(), new BOOLEAN(false) );
t.addElement( new Tag(1), new INTEGER.Template() );
t.addElement( new Tag(2), new INTEGER.Template() );
SET st = (SET) t.decode(new BufferedInputStream(fin) );
for(int i=0; i < st.size(); i++) {
ASN1Value v = st.elementAt(i);
if( v instanceof INTEGER ) {
INTEGER in = (INTEGER) st.elementAt(i);
System.out.println("INTEGER: "+in);
} else if( v instanceof BOOLEAN ) {
BOOLEAN bo = (BOOLEAN) st.elementAt(i);
System.out.println("BOOLEAN: "+bo);
} else {
System.out.println("Unknown value");
}
}
} else {
SET s = new SET();
s.addElement( new Tag(0), new INTEGER(255) );
s.addElement( new Tag(29), new BOOLEAN(true) );
s.addElement( new Tag(1), new INTEGER(-322) );
s.addElement( new Tag(2), new INTEGER(0) );
s.addElement( new Tag(3), new INTEGER("623423948273") );
s.encode(System.out);
}
} catch( Exception e ) {
e.printStackTrace();
}
}
}

211
security/jss/org/mozilla/jss/asn1/Tag.java Normal file
Просмотреть файл

@ -0,0 +1,211 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.math.BigInteger;
/**
* Represents an ASN.1 Tag. A tag consists of a class and a number.
*/
public class Tag {
private long num;
/**
* Returns the tag number.
*/
public long getNum() {
return num;
}
private Class tClass;
/**
* Returns the tag class.
*/
public Class getTagClass() {
return tClass;
}
private Tag() { }
/**
* A tag class.
*/
public static final Class UNIVERSAL = Class.UNIVERSAL;
/**
* A tag class.
*/
public static final Class APPLICATION = Class.APPLICATION;
/**
* A tag class.
*/
public static final Class CONTEXT_SPECIFIC = Class.CONTEXT_SPECIFIC;
/**
* A tag class.
*/
public static final Class PRIVATE = Class.PRIVATE;
/**
* The end-of-contents marker for indefinite length encoding.
* It is encoded the same as an ASN.1 header whose tag is [UNIVERSAL 0].
*/
public static final Tag END_OF_CONTENTS = new Tag( UNIVERSAL, 0 );
/**
* An alias for END_OF_CONTENTS.
*/
public static final Tag EOC = END_OF_CONTENTS;
/**
* Creates a tag with the given class and number.
* @param clazz The class of the tag.
* @param num The tag number.
*/
public Tag(Class clazz, long num) {
tClass = clazz;
this.num = num;
}
/**
* Creates a CONTEXT-SPECIFIC tag with the given tag number.
* @param num The tag number.
*/
public Tag(long num) {
this(Class.CONTEXT_SPECIFIC, num);
}
///////////////////////////////////////////////////////////////////////
// Tag Instances
//
// Since grabbing a context-specific tag is a very common operation,
// let's make singletons of the most frequently used tags.
///////////////////////////////////////////////////////////////////////
private static final int numTagInstances = 10;
private static Tag tagInstances[] = new Tag[numTagInstances];
static {
for(int i=0; i < numTagInstances; i++) {
tagInstances[i] = new Tag(i);
}
}
/**
* Returns an instance of a context-specific tag with the given number.
* The returned instance may be singleton. It is usually more efficient to
* call this method than create your own context-specific tag.
*/
public static Tag get(long num) {
if( num >= 0 && num < numTagInstances ) {
return tagInstances[(int)num];
} else {
return new Tag(num);
}
}
public int hashCode() {
return (tClass.toInt() * 131) + (int)num;
}
/**
* Compares two tags for equality. Tags are equal if they have
* the same class and tag number.
*/
public boolean equals(Object obj) {
if(obj == null) {
return false;
}
if(! (obj instanceof Tag) ) {
return false;
}
Tag t = (Tag) obj;
if( num == t.num && tClass == t.tClass ) {
return true;
} else {
return false;
}
}
/**
* Returns a String representation of the tag. For example, a tag
* whose class was UNIVERSAL and whose number was 16 would return
* "UNIVERSAL 16".
*/
public String toString() {
return tClass+" "+num;
}
/**
* An enumeration of the ASN.1 tag classes.
*/
public static class Class {
private Class() { }
private Class(int enc, String name) {
encoding = enc;
this.name = name;
}
private int encoding;
private String name;
public static final Class UNIVERSAL = new Class(0, "UNIVERSAL");
public static final Class APPLICATION = new Class(1, "APPLICATION");
public static final Class CONTEXT_SPECIFIC =
new Class(2, "CONTEXT-SPECIFIC");
public static final Class PRIVATE = new Class(3, "PRIVATE");
public int toInt() {
return encoding;
}
public String toString() {
return name;
}
/**
* @exception InvalidBERException If the given int does not correspond
* to any tag class.
*/
public static Class fromInt(int i) throws InvalidBERException {
if( i == 0 ) {
return UNIVERSAL;
} else if(i == 1) {
return APPLICATION;
} else if(i == 2) {
return CONTEXT_SPECIFIC;
} else if(i == 3) {
return PRIVATE;
} else {
throw new InvalidBERException("Invalid tag class: " + i);
}
}
}
}

127
security/jss/org/mozilla/jss/asn1/TeletexString.java Normal file
Просмотреть файл

@ -0,0 +1,127 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
/**
* The ASN.1 type <i>TeletexString</i>.
*/
public class TeletexString extends CharacterString implements ASN1Value {
public static final Tag TAG = new Tag(Tag.UNIVERSAL, 20);
public Tag getTag() {
return TAG;
}
public TeletexString(char[] chars) throws CharConversionException {
super(chars);
}
public TeletexString(String s) throws CharConversionException {
super(s);
}
CharConverter getCharConverter() {
return new TeletexConverter();
}
/**
* Returns a singleton instance of the decoding template for this class.
*/
public static Template getTemplate() {
return templateInstance;
}
private static final Template templateInstance = new Template();
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected CharConverter getCharConverter() {
return new TeletexConverter();
}
protected CharacterString generateInstance(char[] bytes)
throws CharConversionException
{
return new TeletexString( bytes );
}
protected String typeName() {
return "TeletexString";
}
} // end of Template
private static class TeletexConverter implements CharConverter {
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
char[] chars = new char[len];
int b;
int c;
for(b=offset, c=0; c < len; b++, c++) {
chars[c] = (char) (bytes[b] & 0xff);
}
return chars;
}
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
byte[] bytes = new byte[len];
int b;
int c;
for(b=0, c=offset; b < len; b++, c++) {
if( (chars[c]&0xff00) != 0 ) {
throw new CharConversionException("Invalid character for"+
" TeletexString");
}
bytes[b] = (byte) (chars[c] & 0xff);
}
return bytes;
}
}
}

317
security/jss/org/mozilla/jss/asn1/TimeBase.java Normal file
Просмотреть файл

@ -0,0 +1,317 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import com.netscape.jss.util.Assert;
public abstract class TimeBase implements ASN1Value {
public static final Form FORM = Form.PRIMITIVE;
abstract public Tag getTag();
private Date date;
public Date toDate() {
return date;
}
abstract protected boolean isUTC();
private TimeBase() { }
public TimeBase(Date date) {
this.date = date;
}
public void encode(OutputStream ostream) throws IOException {
encode(getTag(), ostream);
}
/**
* Write the DER-encoding of this TimeBase.
*/
public void encode(Tag implicit, OutputStream ostream) throws IOException {
if( isUTC() ) {
// length will always be 13
(new ASN1Header(implicit, FORM, 13)).encode(ostream);
} else {
// length will always be 15
(new ASN1Header(implicit, FORM, 15)).encode(ostream);
}
int i=0, val;
// DER-encoding mandates GMT time zone
Calendar cal = Calendar.getInstance( TimeZone.getTimeZone("GMT") );
cal.setTime( date );
if( isUTC() ) {
val = cal.get(Calendar.YEAR);
ostream.write( ((val % 100) / 10) + '0' );
ostream.write( (val % 10) + '0' );
} else {
val = cal.get(Calendar.YEAR);
ostream.write( ((val % 10000) / 1000) + '0' );
ostream.write( ((val % 1000) / 100) + '0' );
ostream.write( ((val % 100) / 10) + '0' );
ostream.write( (val % 10) + '0' );
}
val = cal.get(Calendar.MONTH) + 1;
Assert.assert( val >= 1 && val <= 12 );
ostream.write( (val / 10) + '0' );
ostream.write( (val % 10) + '0' );
val = cal.get(Calendar.DAY_OF_MONTH);
Assert.assert( val >=1 && val <= 31 );
ostream.write( (val / 10) + '0' );
ostream.write( (val % 10) + '0' );
val = cal.get(Calendar.HOUR_OF_DAY);
Assert.assert( val >= 0 && val <= 23 );
ostream.write( (val / 10) + '0' );
ostream.write( (val % 10) + '0' );
val = cal.get(Calendar.MINUTE);
Assert.assert( val >=0 && val <= 59 );
ostream.write( (val / 10) + '0' );
ostream.write( (val % 10) + '0' );
val = cal.get(Calendar.SECOND);
Assert.assert( val >= 0 && val <= 59 );
ostream.write( (val / 10) + '0' );
ostream.write( (val % 10) + '0' );
ostream.write('Z');
}
public abstract static class Template {
protected abstract boolean isUTC();
protected abstract Tag getTag();
protected abstract TimeBase generateInstance(Date date);
public boolean tagMatch(Tag tag) {
return getTag().equals(tag);
}
public ASN1Value decode(InputStream istream)
throws IOException, InvalidBERException
{
return decode(getTag(), istream);
}
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
{
PrintableString.Template pst = new PrintableString.Template();
PrintableString ps = (PrintableString)
pst.decode(implicitTag, istream);
char[] chars = ps.toCharArray();
int i=0;
int year, month, day, hour, minute, second, hourOff, minOff;
//////////////////////////////////////////
// Get year
//
if( isUTC() ) {
checkBounds(i, 2, chars.length);
year = (chars[i] - '0') * 10;
year += chars[i+1] - '0';
// Y2K HACK!!!!! But this is what the spec says to do.
// The range is 1970 to 2069
if( year < 70 ) {
year += 2000;
} else {
year += 1900;
}
i += 2;
} else {
checkBounds(i, 4, chars.length);
year = (chars[i] - '0') * 1000;
year += (chars[i+1] - '0') * 100;
year += (chars[i+2] - '0') * 10;
year += (chars[i+3] - '0');
checkRange(year, 0, 9999, "year");
i += 4;
}
//////////////////////////////////////////
// get month
//
month = 0;
checkBounds(i, 2, chars.length);
month = (chars[i] - '0') * 10;
month += chars[i+1] - '0';
checkRange(month, 1, 12, "month");
month--; // Java months start at 0
i += 2;
//////////////////////////////////////////
// get day
//
checkBounds(i, 2, chars.length);
day = (chars[i] - '0') * 10;
day += chars[i+1] - '0';
checkRange(day, 1, 31, "day");
i += 2;
//////////////////////////////////////////
// get hour
//
checkBounds(i, 2, chars.length);
hour = (chars[i] - '0') * 10;
hour += chars[i+1] - '0';
checkRange(hour, 0, 23, "hour");
i += 2;
//////////////////////////////////////////
// get minute
//
checkBounds(i, 2, chars.length);
minute = (chars[i] - '0') * 10;
minute += chars[i+1] - '0';
checkRange(minute, 0, 59, "minute");
i += 2;
//////////////////////////////////////////
// get second, if it's there
//
if( i < chars.length && chars[i] >= '0' && chars[i] <= '9' ) {
checkBounds(i, 2, chars.length);
second = (chars[i] - '0') * 10;
second += chars[i+1] - '0';
checkRange(second, 0, 59, "second");
i += 2;
} else {
second = 0;
}
//////////////////////////////////////////
// Skip milliseconds for GeneralizedTime. There are no
// milliseconds in UTCTime.
//
if( ! isUTC() ) {
while( i < chars.length &&
chars[i] != '+' &&
chars[i] != '-' &&
chars[i] != 'Z' )
{
i++;
}
}
//////////////////////////////////////////
// get time zone
//
TimeZone tz;
if( i < chars.length ) {
checkBounds(i, 1, chars.length);
if( chars[i] == '+' || chars[i] == '-') {
checkBounds(i+1, 4, chars.length);
hourOff = (chars[i+1] - '0') * 10;
hourOff += chars[i+2] - '0';
minOff = (chars[i+3] - '0') * 10;
minOff += chars[i+4] - '0';
i += 5;
checkRange(hourOff, 0, 23, "hour offset");
checkRange(minOff, 0, 59, "minute offset");
if( chars[i] == '-' ) {
hourOff = -hourOff;
minOff = -minOff;
}
tz = (TimeZone) TimeZone.getTimeZone("GMT").clone();
tz.setRawOffset( ((hourOff*60)+minOff)*60*1000 );
} else if( chars[i] == 'Z' ) {
i += 1;
hourOff = minOff = 0;
tz = (TimeZone) TimeZone.getTimeZone("GMT").clone();
} else {
throw new InvalidBERException("Invalid character "+
chars[i]);
}
} else {
if( isUTC() ) {
// Only UTC requires timezone
throw new InvalidBERException("no timezone specified for"+
" UTCTime");
}
// No timezone specified, use local time.
// This is generally a bad idea, because who knows what the
// local timezone is? But the spec allows it.
tz = TimeZone.getDefault();
}
// make sure we ate all the characters, there were no stragglers
// at the end
if( i != chars.length ) {
throw new InvalidBERException("Extra characters at end");
}
// Create a calendar object from the date and time zone.
Calendar cal = Calendar.getInstance( tz );
cal.set(year, month, day, hour, minute, second);
return generateInstance(cal.getTime());
}
private static void
checkRange(int val, int low, int high, String field)
throws InvalidBERException
{
if( val < low || val > high ) {
throw new InvalidBERException("Invalid "+field);
}
}
private static void
checkBounds(int index, int increment, int bound)
throws InvalidBERException
{
if(index+increment > bound) {
throw new InvalidBERException("Too few characters in " +
"TimeBase");
}
}
}
}

78
security/jss/org/mozilla/jss/asn1/UTCTime.java Normal file
Просмотреть файл

@ -0,0 +1,78 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.IOException;
import java.util.Date;
public class UTCTime extends TimeBase implements ASN1Value {
public static final Tag TAG = new Tag(Tag.UNIVERSAL, 23);
public Tag getTag() {
return TAG;
}
public UTCTime(Date date) {
super(date);
}
protected boolean isUTC() {
return true;
}
private static final UTCTime.Template templateInstance =
new UTCTime.Template();
public static UTCTime.Template getTemplate() {
return templateInstance;
}
public static class Template extends TimeBase.Template
implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected boolean isUTC() {
return true;
}
protected TimeBase generateInstance(Date date) {
return new UTCTime(date);
}
}
}

129
security/jss/org/mozilla/jss/asn1/UTF8String.java Normal file
Просмотреть файл

@ -0,0 +1,129 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
import java.io.UnsupportedEncodingException;
import com.netscape.jss.util.Assert;
public class UTF8String extends CharacterString implements ASN1Value {
public UTF8String(char[] chars) throws CharConversionException {
super(chars);
}
public UTF8String(String s) throws CharConversionException {
super(s);
}
CharConverter getCharConverter() {
return new UTF8Converter();
}
public static final Tag TAG = new Tag( Tag.UNIVERSAL, 12 );
public static final Form FORM = Form.PRIMITIVE;
public Tag getTag() {
return TAG;
}
private static final Template templateInstance = new Template();
/**
* Returns a singleton instance of UTF8String.Template. This is more
* efficient than creating a new UTF8String.Template.
*/
public static Template getTemplate() {
return templateInstance;
}
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected CharConverter getCharConverter() {
return new UTF8Converter();
}
protected CharacterString generateInstance(char[] chars)
throws CharConversionException
{
return new UTF8String(chars);
}
protected String typeName() {
return "UTF8String";
}
}
private static class UTF8Converter implements CharConverter {
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
try {
String s = new String(bytes, offset, len, "UTF8");
return s.toCharArray();
} catch( UnsupportedEncodingException e ) {
String err = "Unable to find UTF8 encoding mechanism";
Assert.notReached(err);
throw new CharConversionException(err);
}
}
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
try {
String s = new String(chars, offset, len);
return s.getBytes("UTF8");
} catch( UnsupportedEncodingException e ) {
String err = "Unable to find UTF8 encoding mechanism";
Assert.notReached(err);
throw new CharConversionException(err);
}
}
} // end of char converter
}

229
security/jss/org/mozilla/jss/asn1/UniversalString.java Normal file
Просмотреть файл

@ -0,0 +1,229 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.asn1;
import java.io.CharConversionException;
import java.io.CharArrayWriter;
import java.io.ByteArrayOutputStream;
/**
* A UCS4 string.
*/
public class UniversalString extends CharacterString implements ASN1Value {
public static final Tag TAG = new Tag(Tag.UNIVERSAL, 28);
public Tag getTag() {
return TAG;
}
public UniversalString(char[] chars) throws CharConversionException {
super(chars);
}
public UniversalString(String s) throws CharConversionException {
super(s);
}
CharConverter getCharConverter() {
return new UniversalConverter();
}
/**
* Returns a singleton instance of the decoding template for this class.
*/
public static Template getTemplate() {
return templateInstance;
}
private static final Template templateInstance = new Template();
// nested class
public static class Template
extends CharacterString.Template implements ASN1Template
{
protected Tag getTag() {
return TAG;
}
public boolean tagMatch(Tag tag) {
return TAG.equals(tag);
}
protected CharConverter getCharConverter() {
return new UniversalConverter();
}
protected CharacterString generateInstance(char[] chars)
throws CharConversionException
{
return new UniversalString( chars );
}
protected String typeName() {
return "UniversalString";
}
} // end of Template
/**
* A class for converting between Unicode and UCS4.
*/
private static class UniversalConverter implements CharConverter {
// This is the maximum a UCS4 character can be if it has
// straight Unicode inside it.
public static final int MAX_UNICODE = 0x0000ffff;
// This is the maximum a UCS4 character can be if it is UTF-16
// encoded. UTF-16 encoding allows UCS4 chars to be stored across
// two Unicode chars.
public static final int MAX_UTF16 = 0x0010ffff;
// This Unicode character is used to represent an unknown character
// in some other encoding. We use it for UCS4 characters that
// are not a part of normal Unicode and also cannot be encoded
// across two Unicode chars with UTF-16.
public static final char REPLACEMENT_CHAR = 0xfffd;
// This is the base for UCS4 characters that can be mapped with UTF16.
public static final int UTF16_BASE = 0x00100000;
// In UTF16 encoding, each Unicode character has 10 bits of
// information.
public static final int HALF_SHIFT = 10;
// The lowest 10 bits
public static final int HALF_MASK = 0x3ff;
public static final int UTF16_HIGH_START = 0xd800;
public static final int UTF16_HIGH_END = 0xdcff;
public static final int UTF16_LOW_START = 0xdc00;
public static final int UTF16_LOW_END = 0xdfff;
/**
* Turns big-endian UCS4 characters into Unicode Java characters
*/
public char[] byteToChar(byte[] bytes, int offset, int len)
throws CharConversionException
{
// Each UCS4 character is 4 bytes. Most UCS4 characters will
// map to one Unicode character. The exception is UTF-16
// characters, which map to two Unicode characters.
CharArrayWriter out = new CharArrayWriter( len / 4 );
int end = offset + len;
while( offset < end ) {
// eat 4 bytes and make a UCS4 char
if( end - offset < 4 ) {
throw new CharConversionException("input exhausted");
}
int ucs4 = (bytes[offset++] & 0xff) << 24;
ucs4 += (bytes[offset++] & 0xff) << 16;
ucs4 += (bytes[offset++] & 0xff) << 8;
ucs4 += bytes[offset++] & 0xff;
// convert UCS4 to Unicode
if( ucs4 <= MAX_UNICODE ) {
// Unicode is a subset of UCS4, and this char is
// in the common subset. Just chop off the unused top
// two bytes.
out.write( ucs4 & 0xffff );
} else if( ucs4 <= MAX_UTF16 ) {
// This UCS4 char is not in Unicode, but can be encoded
// into two Unicode chars using UTF16.
ucs4 -= UTF16_BASE;
out.write( (ucs4 >>> HALF_SHIFT) + UTF16_HIGH_START );
out.write( (ucs4 & HALF_MASK) + UTF16_LOW_START );
} else {
// This character is not in Unicode or UTF16. We can't
// provide a suitable translation, so use the Unicode
// replacement char.
out.write( REPLACEMENT_CHAR );
}
}
return out.toCharArray();
}
// Convert Unicode chars to UCS4 chars
public byte[] charToByte(char[] chars, int offset, int len)
throws CharConversionException
{
ByteArrayOutputStream out = new ByteArrayOutputStream(len * 4);
int end = offset + len;
while( offset < end ) {
char c = chars[offset++];
int ucs4;
if( c >= UTF16_HIGH_START && c <= UTF16_HIGH_END ) {
// This is the beginning of a UTF16 char
if( offset == end ) {
throw new CharConversionException("input exhausted");
}
char low = chars[offset++];
// make sure the next char is the low half of a UTF16 char
if( low < UTF16_LOW_START || low > UTF16_LOW_END ) {
throw new CharConversionException("UTF16 high "+
"character not followed by a UTF16 low character");
}
ucs4 = UTF16_BASE;
ucs4 += (c - UTF16_HIGH_START) << HALF_SHIFT;
ucs4 += low - UTF16_LOW_START;
} else {
// this is a normal Unicode char
ucs4 = (c & 0x0000ffff);
}
out.write( (ucs4 & 0xff000000) >>> 24 );
out.write( (ucs4 & 0x00ff0000) >>> 16 );
out.write( (ucs4 & 0x0000ff00) >>> 8 );
out.write( (ucs4 & 0x000000ff) );
}
return out.toByteArray();
}
}
}

110
security/jss/org/mozilla/jss/asn1/manifest.mn Normal file
Просмотреть файл

@ -0,0 +1,110 @@
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
CORE_DEPTH = ../../../../..
MODULE = ninja
NS_USE_JDK = 1
PACKAGE = com/netscape/jss/asn1
CLASSES = \
ANY \
ASN1Header \
ASN1Template \
ASN1Util \
ASN1Value \
BIT_STRING \
BMPString \
BOOLEAN \
CharacterString \
CharConverter \
CHOICE \
CountingStream \
ENUMERATED \
EXPLICIT \
FieldNotPresentException \
Form \
GeneralizedTime \
IA5String \
INTEGER \
InvalidBERException \
NULL \
OBJECT_IDENTIFIER \
OCTET_STRING \
PrintableString \
SEQUENCE \
SET \
Tag \
TeletexString \
TimeBase \
UniversalString \
UTCTime \
UTF8String \
$(NULL)
JSRCS = \
ANY.java \
ASN1Header.java \
ASN1Template.java \
ASN1Util.java \
ASN1Value.java \
BIT_STRING.java \
BMPString.java \
BOOLEAN.java \
CharacterString.java \
CharConverter.java \
CHOICE.java \
CountingStream.java \
ENUMERATED.java \
EXPLICIT.java \
FieldNotPresentException.java \
Form.java \
GeneralizedTime.java \
IA5String.java \
INTEGER.java \
InvalidBERException.java \
NULL.java \
OBJECT_IDENTIFIER.java \
OCTET_STRING.java \
PrintableString.java \
SEQUENCE.java \
SET.java \
Tag.java \
TeletexString.java \
TimeBase.java \
UniversalString.java \
UTCTime.java \
UTF8String.java \
$(NULL)

37
security/jss/org/mozilla/jss/asn1/package.html Normal file
Просмотреть файл

@ -0,0 +1,37 @@
<html>
<!--
- The contents of this file are subject to the Mozilla Public
- License Version 1.1 (the "License"); you may not use this file
- except in compliance with the License. You may obtain a copy of
- the License at http://www.mozilla.org/MPL/
-
- Software distributed under the License is distributed on an "AS
- IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- implied. See the License for the specific language governing
- rights and limitations under the License.
-
- The Original Code is the Netscape Security Services for Java.
-
- The Initial Developer of the Original Code is Netscape
- Communications Corporation. Portions created by Netscape are
- Copyright (C) 1998-2000 Netscape Communications Corporation. All
- Rights Reserved.
-
- Contributor(s):
-
- Alternatively, the contents of this file may be used under the
- terms of the GNU General Public License Version 2 or later (the
- "GPL"), in which case the provisions of the GPL are applicable
- instead of those above. If you wish to allow use of your
- version of this file only under the terms of the GPL and not to
- allow others to use your version of this file under the MPL,
- indicate your decision by deleting the provisions above and
- replace them with the notice and other provisions required by
- the GPL. If you do not delete the provisions above, a recipient
- may use your version of this file under either the MPL or the
- GPL.
-->
<body>
ASN.1 structures, BER decoding, and DER encoding.
</body>
</html>

523
security/jss/org/mozilla/jss/crypto/Algorithm.c Normal file
Просмотреть файл

@ -0,0 +1,523 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
#include <seccomon.h>
#include <secoidt.h>
#include <pkcs11t.h>
#include <secmodt.h>
#include <nspr.h>
#include <jni.h>
#include <java_ids.h>
#include <pk11func.h>
#include <jssutil.h>
#include "_jni/com_netscape_jss_crypto_Algorithm.h"
#include "Algorithm.h"
static PRStatus
getAlgInfo(JNIEnv *env, jobject alg, JSS_AlgInfo *info);
/***********************************************************************
**
** Algorithm indices. This must be kept in sync with the algorithm
** tags in the Algorithm class.
** We only store CKMs as a last resort if there is no corresponding
** SEC_OID.
**/
JSS_AlgInfo JSS_AlgTable[NUM_ALGS] = {
/* 0 */ {SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, SEC_OID_TAG},
/* 1 */ {SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, SEC_OID_TAG},
/* 2 */ {SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, SEC_OID_TAG},
/* 3 */ {SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST, SEC_OID_TAG},
/* 4 */ {SEC_OID_PKCS1_RSA_ENCRYPTION, SEC_OID_TAG},
/* 5 */ {CKM_RSA_PKCS_KEY_PAIR_GEN, PK11_MECH},
/* 6 */ {CKM_DSA_KEY_PAIR_GEN, PK11_MECH},
/* 7 */ {SEC_OID_ANSIX9_DSA_SIGNATURE, SEC_OID_TAG},
/* 8 */ {SEC_OID_RC4, SEC_OID_TAG},
/* 9 */ {SEC_OID_DES_ECB, SEC_OID_TAG},
/* 10 */ {SEC_OID_DES_CBC, SEC_OID_TAG},
/* 11 */ {CKM_DES_CBC_PAD, PK11_MECH},
/* 12 */ {CKM_DES3_ECB, PK11_MECH},
/* 13 */ {SEC_OID_DES_EDE3_CBC, SEC_OID_TAG},
/* 14 */ {CKM_DES3_CBC_PAD, PK11_MECH},
/* 15 */ {CKM_DES_KEY_GEN, PK11_MECH},
/* 16 */ {CKM_DES3_KEY_GEN, PK11_MECH},
/* 17 */ {CKM_RC4_KEY_GEN, PK11_MECH},
/* 18 */ {SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC, SEC_OID_TAG},
/* 19 */ {SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC, SEC_OID_TAG},
/* 20 */ {SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC, SEC_OID_TAG},
/* 21 */ {SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4, SEC_OID_TAG},
/* 22 */ {SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4, SEC_OID_TAG},
/* 23 */ {SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
SEC_OID_TAG},
/* 24 */ {SEC_OID_MD2, SEC_OID_TAG},
/* 25 */ {SEC_OID_MD5, SEC_OID_TAG},
/* 26 */ {SEC_OID_SHA1, SEC_OID_TAG},
/* 27 */ {CKM_SHA_1_HMAC, PK11_MECH},
/* 28 */ {SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC, SEC_OID_TAG},
/* 29 */ {SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC, SEC_OID_TAG},
/* 30 */ {SEC_OID_RC2_CBC, SEC_OID_TAG},
/* 31 */ {CKM_PBA_SHA1_WITH_SHA1_HMAC, PK11_MECH}
/* REMEMBER TO UPDATE NUM_ALGS!!! */
};
/***********************************************************************
*
* A l g o r i t h m . g e t A l l A l g o r i t h m I n d i c e s
*
* INPUTS
* jUsage
* An enum corresponding to a unique usage.
* RETURNS
* An object containing all algorithms supported by this object.
*/
JNIEXPORT jlongArray JNICALL
Java_com_netscape_jss_crypto_Algorithm_getAllAlgorithmIndices
( JNIEnv *env, jclass this, jobject jUsage )
{
/* "JNI" data members */
jlongArray javatable;
jlong* table;
jmethodID jGetID;
jint usage;
jthrowable jExcep;
/* Perform initial assertions */
PR_ASSERT( env != NULL );
/* Create a new java table for the algorithms */
javatable = (*env)->NewLongArray( env, NUM_ALGS );
/* Create a new "C" table for the algorithms */
table = (*env)->GetLongArrayElements( env, javatable, NULL );
/* Lookup java method ID */
jGetID = ( *env )->GetMethodID( env, jUsage, "getID", "I" );
if( jGetID == NULL ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call java method */
usage = ( *env )->CallIntMethod( env, jUsage, jGetID );
if( usage == 0 ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call the appropriate jUsage routine */
switch( usage ) {
case JSS_CERT_SIGNING:
JSS_GetAllAlgorithmIndicesForCertSigning( table );
break;
case JSS_SSL_KEY_EXCHANGE:
JSS_GetAllAlgorithmIndicesForSSLKeyExchange( table );
break;
case JSS_CRS_KEY_WRAP:
JSS_GetAllAlgorithmIndicesForCRSKeyWrap( table );
break;
case JSS_CRS_BULK_ENCRYPTION:
JSS_GetAllAlgorithmIndicesForCRSBulkEncryption( table );
break;
case JSS_PASSWORD_ENCRYPTION:
JSS_GetAllAlgorithmIndicesForPasswordEncryption( table );
break;
case JSS_KRA_TRANSPORT:
JSS_GetAllAlgorithmIndicesForKRATransport( table );
break;
case JSS_KRA_STORAGE:
JSS_GetAllAlgorithmIndicesForKRAStorage( table );
break;
case JSS_KRA_PKCS_12:
JSS_GetAllAlgorithmIndicesForKRAPKCS12( table );
break;
default:
return NULL;
}
/* Copy the contents of the "C" table into the "java" table */
(*env)->ReleaseLongArrayElements( env, javatable, table, 0 );
return javatable;
loser:
/* Save the java exception and rethrow it */
jExcep = ( *env )->ExceptionOccurred( env );
PR_ASSERT( jExcep != NULL );
/* Return from exception */
return( NULL );
}
/***********************************************************************
*
* A l g o r i t h m . g e t S t r o n g e s t K e y S i z e
*
* INPUTS
* jUsage
* An enum corresponding to a unique usage. Must not be NULL.
* alg
* An algorithm corresponding to one listed in Algorithm.java.
* RETURNS
* A byte array containing the maximum key size supported by
* this object, or NULL if not supported by this object.
* NOTE
* All unusable key sizes are stored as 0L.
*/
JNIEXPORT jint JNICALL
Java_com_netscape_jss_crypto_Algorithm_getStrongestKeySize
( JNIEnv *env, jclass this, jobject jUsage, jint alg )
{
/* "JNI" data members */
jmethodID jGetID;
jint usage;
jthrowable jExcep;
jclass usageClass;
/* "C" data members */
unsigned long maxkeysize;
/* Perform initial assertions */
PR_ASSERT( env != NULL && alg < NUM_ALGS );
/* Lookup java method ID */
usageClass = (*env)->GetObjectClass(env, jUsage);
jGetID = ( *env )->GetMethodID( env, usageClass, "getID", "()I" );
if( jGetID == NULL ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call java method */
usage = ( *env )->CallIntMethod( env, jUsage, jGetID );
if( usage == 0 ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call the appropriate jUsage routine */
switch( usage ) {
case JSS_CERT_SIGNING:
maxkeysize = JSS_GetStrongestKeySizeFromCertSigning( alg );
break;
case JSS_SSL_KEY_EXCHANGE:
maxkeysize = JSS_GetStrongestKeySizeFromSSLKeyExchange( alg );
break;
case JSS_CRS_KEY_WRAP:
maxkeysize = JSS_GetStrongestKeySizeFromCRSKeyWrap( alg );
break;
case JSS_CRS_BULK_ENCRYPTION:
maxkeysize = JSS_GetStrongestKeySizeFromCRSBulkEncryption( alg );
break;
case JSS_PASSWORD_ENCRYPTION:
maxkeysize = JSS_GetStrongestKeySizeFromPasswordEncryption( alg );
break;
case JSS_KRA_TRANSPORT:
maxkeysize = JSS_GetStrongestKeySizeFromKRATransport( alg );
break;
case JSS_KRA_STORAGE:
maxkeysize = JSS_GetStrongestKeySizeFromKRAStorage( alg );
break;
case JSS_KRA_PKCS_12:
maxkeysize = JSS_GetStrongestKeySizeFromKRAPKCS12( alg );
break;
default:
return 0;
}
/* Assert that key size will never be larger than 32 bits */
PR_ASSERT( maxkeysize == ( maxkeysize & 0x7fffffffL ) );
/* Return */
return ( jint ) maxkeysize;
loser:
/* Save the java exception and rethrow it */
jExcep = ( *env )->ExceptionOccurred( env );
PR_ASSERT( jExcep != NULL );
/* Return from exception */
return( 0 );
}
/***********************************************************************
*
* A l g o r i t h m . i s A l l o w e d
*
* INPUTS
* jUsage
* An enum corresponding to a unique usage. Must not be NULL.
* alg
* An algorithm corresponding to one listed in Algorithm.java.
* RETURNS
* A boolean denoting whether or not the algorithm is allowed.
*/
JNIEXPORT jboolean JNICALL
Java_com_netscape_jss_crypto_Algorithm_isAllowed
( JNIEnv *env, jclass this, jobject jUsage, jint alg )
{
/* "JNI" data members */
jmethodID jGetID;
jint usage;
jthrowable jExcep;
jclass usageClass;
/* "C" data members */
PRBool result;
/* Perform initial assertions */
PR_ASSERT( env != NULL && alg < NUM_ALGS );
/* Lookup java method ID */
usageClass = (*env)->GetObjectClass(env, jUsage);
jGetID = ( *env )->GetMethodID( env, usageClass, "getID", "()I" );
if( jGetID == NULL ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call java method */
usage = ( *env )->CallIntMethod( env, jUsage, jGetID );
if( usage == 0 ) {
ASSERT_OUTOFMEM( env );
goto loser;
}
/* Call the appropriate jUsage routine */
switch( usage ) {
case JSS_CERT_SIGNING:
result = JSS_isAllowedFromCertSigning( alg );
break;
case JSS_SSL_KEY_EXCHANGE:
result = JSS_isAllowedFromSSLKeyExchange( alg );
break;
case JSS_CRS_KEY_WRAP:
result = JSS_isAllowedFromCRSKeyWrap( alg );
break;
case JSS_CRS_BULK_ENCRYPTION:
result = JSS_isAllowedFromCRSBulkEncryption( alg );
break;
case JSS_PASSWORD_ENCRYPTION:
result = JSS_isAllowedFromPasswordEncryption( alg );
break;
case JSS_KRA_TRANSPORT:
result = JSS_isAllowedFromKRATransport( alg );
break;
case JSS_KRA_STORAGE:
result = JSS_isAllowedFromKRAStorage( alg );
break;
case JSS_KRA_PKCS_12:
result = JSS_isAllowedFromKRAPKCS12( alg );
break;
default:
return 0;
}
/* Return a java boolean */
if( result != PR_TRUE ) {
return JNI_FALSE;
}
return JNI_TRUE;
loser:
/* Save the java exception and rethrow it */
jExcep = ( *env )->ExceptionOccurred( env );
PR_ASSERT( jExcep != NULL );
/* Return from exception */
return( JNI_FALSE );
}
/***********************************************************************
*
* J S S _ g e t P K 1 1 M e c h F r o m A l g
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* RETURNS
* CK_MECHANISM_TYPE corresponding to this algorithm, or
* CKM_INVALID_MECHANISM if none exists.
*/
PR_IMPLEMENT( CK_MECHANISM_TYPE )
JSS_getPK11MechFromAlg(JNIEnv *env, jobject alg)
{
JSS_AlgInfo info;
if( getAlgInfo(env, alg, &info) != PR_SUCCESS) {
return CKM_INVALID_MECHANISM;
}
if( info.type == PK11_MECH ) {
return (CK_MECHANISM_TYPE) info.val;
} else {
PR_ASSERT( info.type == SEC_OID_TAG );
return PK11_AlgtagToMechanism( (SECOidTag) info.val);
}
}
/***********************************************************************
*
* J S S _ g e t O i d T a g F r o m A l g
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* RETURNS
* SECOidTag corresponding to this algorithm, or SEC_OID_UNKNOWN
* if none was found.
*/
PR_IMPLEMENT( SECOidTag )
JSS_getOidTagFromAlg(JNIEnv *env, jobject alg)
{
JSS_AlgInfo info;
if( getAlgInfo(env, alg, &info) != PR_SUCCESS) {
return SEC_OID_UNKNOWN;
}
if( info.type == SEC_OID_TAG ) {
return (SECOidTag) info.val;
} else {
PR_ASSERT( info.type == PK11_MECH );
/* We only store things as PK11 mechanisms as a last resort if
* there is no corresponding sec oid tag. */
return SEC_OID_UNKNOWN;
}
}
/***********************************************************************
*
* J S S _ g e t A l g I n d e x
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* RETURNS
* The index obtained from the algorithm, or -1 if an exception was
* thrown.
*/
static jshort
getAlgIndex(JNIEnv *env, jobject alg)
{
jclass algClass;
jshort index=-1;
jfieldID indexField;
PR_ASSERT(env!=NULL && alg!=NULL);
algClass = (*env)->GetObjectClass(env, alg);
#ifdef DEBUG
/* Make sure this really is an Algorithm. */
{
jclass realClass = ((*env)->FindClass(env, ALGORITHM_CLASS_NAME));
PR_ASSERT( (*env)->IsInstanceOf(env, alg, realClass) );
}
#endif
indexField = (*env)->GetFieldID(
env,
algClass,
OID_INDEX_FIELD_NAME,
OID_INDEX_FIELD_SIG);
if(indexField==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
index = (*env)->GetShortField(env, alg, indexField);
PR_ASSERT( (index >= 0) && (index < NUM_ALGS) );
finish:
return index;
}
/***********************************************************************
*
* J S S _ g e t E n u m F r o m A l g
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* OUTPUTS
* info
* Pointer to a JSS_AlgInfo which will get the information about
* this algorithm, if it is found. Must not be NULL.
* RETURNS
* PR_SUCCESS if the enum was found, otherwise PR_FAILURE.
*/
static PRStatus
getAlgInfo(JNIEnv *env, jobject alg, JSS_AlgInfo *info)
{
jshort index;
PRStatus status;
PR_ASSERT(env!=NULL && alg!=NULL && info!=NULL);
index = getAlgIndex(env, alg);
if( index == -1 ) {
goto finish;
}
*info = JSS_AlgTable[index];
status = PR_SUCCESS;
finish:
return status;
}
/***********************************************************************
*
* EncryptionAlgorithm.getIVLength
*
*/
JNIEXPORT jint JNICALL
Java_com_netscape_jss_crypto_EncryptionAlgorithm_getIVLength
(JNIEnv *env, jobject this)
{
CK_MECHANISM_TYPE mech;
mech = JSS_getPK11MechFromAlg(env, this);
if( mech == CKM_INVALID_MECHANISM ) {
PR_ASSERT(PR_FALSE);
return 0;
} else {
return PK11_GetIVLength(mech);
}
}

181
security/jss/org/mozilla/jss/crypto/Algorithm.h Normal file
Просмотреть файл

@ -0,0 +1,181 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/* These headers must be included before this header:
#include <secoidt.h>
#include <pkcs11t.h>
#include <jni.h>
#include <Policy.h>
*/
#ifndef JSS_ALGORITHM_H
#define JSS_ALGORITHM_H
PR_BEGIN_EXTERN_C
typedef enum JSS_AlgType {
PK11_MECH, /* CK_MECHANISM_TYPE */
SEC_OID_TAG /* SECOidTag */
} JSS_AlgType;
typedef struct JSS_AlgInfoStr {
unsigned long val; /* either a CK_MECHANISM_TYPE or a SECOidTag */
JSS_AlgType type;
} JSS_AlgInfo;
#define NUM_ALGS 32
extern JSS_AlgInfo JSS_AlgTable[];
/*
* The following definitions relate to the export control policy
*/
enum {
JSS_CERT_SIGNING=1,
JSS_SSL_KEY_EXCHANGE,
JSS_CRS_KEY_WRAP,
JSS_CRS_BULK_ENCRYPTION,
JSS_PASSWORD_ENCRYPTION,
JSS_KRA_TRANSPORT,
JSS_KRA_STORAGE,
JSS_KRA_PKCS_12
};
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForCertSigning( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForSSLKeyExchange( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForCRSKeyWrap( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForCRSBulkEncryption( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForPasswordEncryption( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForKRATransport( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForKRAStorage( jlong* table );
PR_EXTERN( void )
JSS_GetAllAlgorithmIndicesForKRAPKCS12( jlong* table );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromCertSigning( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromSSLKeyExchange( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromCRSKeyWrap( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromCRSBulkEncryption( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromPasswordEncryption( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromKRATransport( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromKRAStorage( jint alg );
PR_EXTERN( unsigned long )
JSS_GetStrongestKeySizeFromKRAPKCS12( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromCertSigning( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromSSLKeyExchange( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromCRSKeyWrap( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromCRSBulkEncryption( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromPasswordEncryption( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromKRATransport( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromKRAStorage( jint alg );
PR_EXTERN( PRBool )
JSS_isAllowedFromKRAPKCS12( jint alg );
/***********************************************************************
*
* J S S _ g e t O i d T a g F r o m A l g
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* RETURNS
* SECOidTag corresponding to this algorithm, or SEC_OID_UNKNOWN
* if none was found.
*/
PR_EXTERN( SECOidTag )
JSS_getOidTagFromAlg(JNIEnv *env, jobject alg);
/***********************************************************************
*
* J S S _ g e t P K 1 1 M e c h F r o m A l g
*
* INPUTS
* alg
* An com.netscape.jss.Algorithm object. Must not be NULL.
* RETURNS
* CK_MECHANISM_TYPE corresponding to this algorithm, or
* CKM_INVALID_MECHANISM if none was found.
*/
PR_EXTERN( CK_MECHANISM_TYPE )
JSS_getPK11MechFromAlg(JNIEnv *env, jobject alg);
PR_END_EXTERN_C
#endif

208
security/jss/org/mozilla/jss/crypto/Algorithm.java Normal file
Просмотреть файл

@ -0,0 +1,208 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.asn1.OBJECT_IDENTIFIER;
import java.security.NoSuchAlgorithmException;
/**
* Represents a cryptographic algorithm.
* @see EncryptionAlgorithm
* @see SignatureAlgorithm
*/
public class Algorithm {
private Algorithm() { }
/**
* @param oidIndex Index of the oid that this algorithm represents.
* @param name A String representation of the Algorithm.
*/
protected Algorithm(int oidIndex, String name) {
this.oidIndex = oidIndex;
this.name = name;
}
/**
* @param oidIndex Index of the oid that this algorithm represents.
* @param name A String representation of the Algorithm.
* @param oid The object identifier for this Algorithm.
*/
protected Algorithm(int oidIndex, String name, OBJECT_IDENTIFIER oid) {
this(oidIndex, name);
this.oid = oid;
}
protected Algorithm(int oidIndex, String name, OBJECT_IDENTIFIER oid,
Class paramClass)
{
this(oidIndex, name, oid);
this.parameterClass = paramClass;
}
/**
* Returns a String representation of the algorithm.
*/
public String toString() {
return name;
}
/**
* Returns the object identifier for this algorithm.
* @exception NoSuchAlgorithmException If no OID is registered for this
* algorithm.
*/
public OBJECT_IDENTIFIER toOID() throws NoSuchAlgorithmException {
if( oid == null ) {
throw new NoSuchAlgorithmException();
} else {
return oid;
}
}
/**
* The type of parameter that this algorithm expects. Returns
* <code>null</code> if this algorithm does not take any parameters.
*/
public Class getParameterClass() {
return parameterClass;
}
/**
* This method is used to report all algorithms associated with
* the requested usage.
* @param usage the designated export control policy
*/
protected static native long[] getAllAlgorithmIndices( Usage usage );
/**
* This method is used to retrieve the maximum key size allowed for
* this algorithm.
* @param usage the designated export control policy
*/
public int getStrongestKeySize( Usage usage ) {
return getStrongestKeySize( usage, oidIndex );
}
/**
* This method is used to determine whether or not this algorithm
* may be used.
* @param usage the designated export control policy
*/
public boolean isAllowed( Usage usage ) {
return isAllowed( usage, oidIndex );
}
private static native int getStrongestKeySize( Usage usage, int alg );
private static native boolean isAllowed( Usage usage, int alg );
/**
* Index into the SECOidTag array in Algorithm.c.
*/
protected int oidIndex;
String name;
protected OBJECT_IDENTIFIER oid;
private Class parameterClass=null;
//////////////////////////////////////////////////////////////
// Algorithm OIDs
//////////////////////////////////////////////////////////////
static final OBJECT_IDENTIFIER ANSI_X9_ALGORITHM =
new OBJECT_IDENTIFIER( new long[] { 1, 2, 840, 10040, 4 } );
// Algorithm indices. These must be kept in sync with the
// algorithm array in Algorithm.c.
protected static final short SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION=0;
protected static final short SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION=1;
protected static final short SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION=2;
protected static final short SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST=3;
protected static final short SEC_OID_PKCS1_RSA_ENCRYPTION=4;
protected static final short CKM_RSA_PKCS_KEY_PAIR_GEN=5;
protected static final short CKM_DSA_KEY_PAIR_GEN=6;
protected static final short SEC_OID_ANSIX9_DSA_SIGNATURE=7;
protected static final short SEC_OID_RC4=8;
protected static final short SEC_OID_DES_ECB=9;
protected static final short SEC_OID_DES_CBC=10;
protected static final short CKM_DES_CBC_PAD=11;
protected static final short CKM_DES3_ECB=12;
protected static final short SEC_OID_DES_EDE3_CBC=13;
protected static final short CKM_DES3_CBC_PAD=14;
protected static final short CKM_DES_KEY_GEN=15;
protected static final short CKM_DES3_KEY_GEN=16;
protected static final short CKM_RC4_KEY_GEN=17;
protected static final short SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC=18;
protected static final short SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC=19;
protected static final short SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC=20;
protected static final short
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4=21;
protected static final short
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4=22;
protected static final short
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC=23;
protected static final short SEC_OID_MD2=24;
protected static final short SEC_OID_MD5=25;
protected static final short SEC_OID_SHA1=26;
protected static final short CKM_SHA_1_HMAC=27;
protected static final short
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC=28;
protected static final short
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC=29;
protected static final short SEC_OID_RC2_CBC=30;
protected static final short CKM_PBA_SHA1_WITH_SHA1_HMAC=31;
// These must correspond one-to-one with "../Algorithm.h" enum values
public static final class Usage
{
private int id;
private Usage( int index ) {
id = index;
}
public int getID() {
return id;
}
public static final Usage JAVA_CERT_SIGNING = new Usage( 1 );
public static final Usage JAVA_SSL_KEY_EXCHANGE = new Usage( 2 );
public static final Usage JAVA_CRS_KEY_WRAP = new Usage( 3 );
public static final Usage JAVA_CRS_BULK_ENCRYPTION = new Usage( 4 );
public static final Usage JAVA_PASSWORD_ENCRYPTION = new Usage( 5 );
public static final Usage JAVA_KRA_TRANSPORT = new Usage( 6 );
public static final Usage JAVA_KRA_STORAGE = new Usage( 7 );
public static final Usage JAVA_KRA_PKCS_12 = new Usage( 8 );
}
}

45
security/jss/org/mozilla/jss/crypto/AlreadyInitializedException.java Normal file
Просмотреть файл

@ -0,0 +1,45 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* This exception is thrown if an initialization operation
* is attempted on something that is already initialized.
*/
public class AlreadyInitializedException extends java.lang.Exception {
public AlreadyInitializedException() {}
public AlreadyInitializedException(String mesg) {
super(mesg);
}
}

42
security/jss/org/mozilla/jss/crypto/BadPaddingException.java Normal file
Просмотреть файл

@ -0,0 +1,42 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
public class BadPaddingException extends Exception {
public BadPaddingException() {
super();
}
public BadPaddingException(String msg) {
super(msg);
}
}

226
security/jss/org/mozilla/jss/crypto/Cipher.java Normal file
Просмотреть файл

@ -0,0 +1,226 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.InvalidKeyException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import com.netscape.jss.util.Assert;
/**
* A context for performing symmetric encryption and decryption.
* First, the context must be initialized. Then, it can be updated
* with input through zero or more calls to <code>update</code>. Finally,
* <code>doFinal</code> is called to finalize the operation. Note that
* it is not necessary to call <code>update</code> if all of the data is
* available at once. In this case, all of the input can be processed with one
* call to <code>doFinal</code>.
*/
public abstract class Cipher {
/**
* Initializes a encryption context with a symmetric key.
*/
public abstract void initEncrypt(SymmetricKey key)
throws InvalidKeyException, InvalidAlgorithmParameterException,
TokenException;
/**
* Initializes a decryption context with a symmetric key.
*/
public abstract void initDecrypt(SymmetricKey key)
throws InvalidKeyException, InvalidAlgorithmParameterException,
TokenException;
/**
* Initializes an encryption context with a symmetric key and
* algorithm parameters.
*/
public abstract void
initEncrypt(SymmetricKey key, AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException,
TokenException;
/**
* Initializes a decryption context with a symmetric key and
* algorithm parameters.
*/
public abstract void
initDecrypt(SymmetricKey key, AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException,
TokenException;
/**
* Updates the encryption context with additional input.
* @param bytes Bytes of plaintext (if encrypting) or ciphertext (if
* decrypting).
* @return Bytes of ciphertext (if encrypting) or plaintext (if decrypting).
*/
public abstract byte[] update(byte[] bytes)
throws IllegalStateException, TokenException;
/**
* Updates the encryption context with additional plaintext.
* @param bytes Bytes of plaintext (if encrypting) or ciphertext (if
* decrypting).
* @param offset The index in <code>bytes</code> at which to begin reading.
* @param length The number of bytes from <code>bytes</code> to read.
* @return Bytes of ciphertext (if encrypting) or plaintext (if decrypting).
*/
public abstract byte[] update(byte[] bytes, int offset, int length)
throws IllegalStateException, TokenException;
/**
* Completes an cipher operation. This can be called directly after
* the context is initialized, or <code>update</code> may be called
* any number of times before calling <code>final</code>.
* @param bytes Bytes of plaintext (if encrypting) or ciphertext (if
* decrypting).
* @return The last of the output.
*/
public abstract byte[] doFinal(byte[] bytes)
throws IllegalStateException, IllegalBlockSizeException,
BadPaddingException, TokenException;
/**
* Completes an cipher operation.
* @param bytes Bytes of plaintext (if encrypting) or ciphertext (if
* decrypting).
* @param offset The index in <code>bytes</code> at which to begin reading.
* @param length The number of bytes from <code>bytes</code> to read.
* @return The last of the output.
*/
public abstract byte[] doFinal(byte[] bytes, int offset, int length)
throws IllegalStateException, IllegalBlockSizeException,
BadPaddingException, TokenException;
/**
* Completes an cipher operation.
* @return The last of the output.
*/
public abstract byte[] doFinal()
throws IllegalStateException, IllegalBlockSizeException,
BadPaddingException, TokenException;
/**
* Pads a byte array so that its length is a multiple of the given
* blocksize. The method of padding is the one defined in the RSA
* PKCS standards. If <i>M</i> is the length of the data and
* <i>B</i> is the block size, the padding string consists of
* <i>B</i> - (<i>M</i> mod <i>B</i>) octets, each having the value
* <i>B</i> - (<i>M</i> mod <i>B</i>).
* @param The block size of the encryption algorithm. Must be greater
* than zero.
* @see #unPad
*/
public static byte[]
pad(byte[] toBePadded, int blockSize) {
Assert.assert(blockSize > 0);
// the padOctet is also the number of pad octets
byte padOctet = (byte) (blockSize - (toBePadded.length % blockSize));
byte[] padded = new byte[toBePadded.length + padOctet];
System.arraycopy(toBePadded, 0, padded, 0, toBePadded.length);
for(int i = toBePadded.length; i < padded.length; i++) {
padded[i] = padOctet;
}
return padded;
}
/**
* Un-pads a byte array that is padded with PKCS padding.
*
* @param blockSize The block size of the encryption algorithm. This
* is only used for error checking: if the pad size is not
* between 1 and blockSize, a BadPaddingException is thrown.
*
* @see #pad
*/
public static byte[]
unPad(byte[] padded, int blockSize) throws BadPaddingException {
if(padded.length == 0) {
return new byte[0];
}
if( padded.length < blockSize ) {
throw new BadPaddingException("Length of padded array is less than"+
" one block");
}
byte padOctet = padded[padded.length-1];
if(padOctet > blockSize) {
throw new BadPaddingException("Padding octet ("+padOctet+") is "+
"larger than block size ("+blockSize+")");
}
if(padOctet < 1) {
throw new BadPaddingException("Padding octet is less than 1");
}
byte[] unpadded = new byte[padded.length - padOctet];
System.arraycopy(padded, 0, unpadded, 0, unpadded.length);
return unpadded;
}
/**
* Un-pads a byte array that is padded with PKCS padding. Since
* this version does not take block size as a parameter, it cannot
* error check.
* @see #pad
*/
public static byte[]
unPad(byte[] padded) throws BadPaddingException {
if(padded.length == 0) {
return new byte[0];
}
byte padOctet = padded[padded.length-1];
if(padOctet < 1) {
throw new BadPaddingException("Padding octet is less than 1");
} else if(padOctet >= padded.length) {
throw new BadPaddingException("Padding is larger than entire"+
" array");
}
byte[] unpadded = new byte[padded.length - padOctet];
System.arraycopy(padded, 0, unpadded, 0, unpadded.length);
return unpadded;
}
}

193
security/jss/org/mozilla/jss/crypto/CryptoStore.java Normal file
Просмотреть файл

@ -0,0 +1,193 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.util.*;
import java.security.*;
import java.security.cert.CertificateEncodingException;
import java.io.Serializable;
/**
* This is an interface for a permanent repository of cryptographic objects,
* such as keys, certs, and passwords.
*/
public interface CryptoStore {
////////////////////////////////////////////////////////////
// Private Keys
////////////////////////////////////////////////////////////
/**
* Imports an encoded, encrypted private key into this token.
*
* @param encodedKey The encoded, encrypted private key. These bytes
* are expected to be a DER-encoded PKCS #8 EncryptedKeyInfo.
* Currently, the only encryption algorithm is RC4.
* @param password The password that encodes this key. The password
* will be cleared by this method. This password,
* together with the salt, are used to construct the decrypting key.
* @param salt The password salt.
* @exception InvalidKeyFormatException If the key cannot be decoded.
* This may be caused by supplying an incorrect password, or
* it may be due to corrupted data.
* @exception TokenException If the key cannot be imported to this token.
* @deprecated A key type should be specified so that the correct usages
* can be enabled on the key.
*/
public void
importEncryptedPrivateKey( byte[] encodedKey,
Password password,
byte[] salt,
byte[] globalSalt )
throws InvalidKeyFormatException, TokenException;
/**
* Imports an encoded, encrypted private key into this token.
*
* @param encodedKey The encoded, encrypted private key. These bytes
* are expected to be a DER-encoded PKCS #8 EncryptedKeyInfo.
* Currently, the only encryption algorithm is RC4.
* @param password The password that encodes this key. The password
* will be cleared by this method. This password,
* together with the salt, are used to construct the decrypting key.
* @param salt The password salt.
* @param type The type of the private key. This is used to enable the
* right operations for the key.
* @exception InvalidKeyFormatException If the key cannot be decoded.
* This may be caused by supplying an incorrect password, or
* it may be due to corrupted data.
* @exception TokenException If the key cannot be imported to this token.
* @deprecated Use importPrivateKey instead.
*/
public void
importEncryptedPrivateKey( byte[] encodedKey,
Password password,
byte[] salt,
byte[] globalSalt,
PrivateKey.Type type )
throws InvalidKeyFormatException, TokenException;
/**
* Imports a raw private key into this token.
*
* @param key The private key.
* @exception TokenException If the key cannot be imported to this token.
* @exception KeyAlreadyImportedException If the key already exists on this token.
*/
public void
importPrivateKey( byte[] key,
PrivateKey.Type type )
throws TokenException, KeyAlreadyImportedException;
/**
* Imports an encoded, encrypted private key into this token, and stores
* it as a temporary (session) object. The key will be deleted
* when it is garbage collected.
*
* @param encodedKey The encoded, encrypted private key. These bytes
* are expected to be a DER-encoded PKCS #8 EncryptedKeyInfo.
* Currently, the only encryption algorithm is RC4.
* @param password The password that encodes this key. The password
* will be cleared by this method. This password,
* together with the salt, are used to construct the decrypting key.
* @param salt The password salt.
* @param type The type of the private key. This is used to enable the
* right operations for the key.
* @exception InvalidKeyFormatException If the key cannot be decoded.
* This may be caused by supplying an incorrect password, or
* it may be due to corrupted data.
* @exception TokenException If the key cannot be imported to this token.
*/
public void
importTemporaryEncryptedPrivateKey( byte[] encodedKey,
Password password,
byte[] salt,
byte[] globalSalt,
PrivateKey.Type type )
throws InvalidKeyFormatException, TokenException;
/**
* Returns all private keys stored on this token.
*
* @return An array of all private keys stored on this token.
* @exception TokenException If an error occurs on the token while
* gathering the keys.
*/
public PrivateKey[]
getPrivateKeys() throws TokenException;
/**
* Deletes the given PrivateKey from the CryptoToken.
* This is a very dangerous call: it deletes the key from the underlying
* token. After calling this, the PrivateKey passed in must no longer
* be used, or a TokenException will occur.
*
* @param key A PrivateKey to be permanently deleted. It must reside
* on this token.
* @exception NoSuchItemOnTokenException If the given privae key does
* not reside on this token.
* @exception TokenException If an error occurs on the token while
* deleting the key.
*/
public void deletePrivateKey(com.netscape.jss.crypto.PrivateKey key)
throws NoSuchItemOnTokenException, TokenException;
////////////////////////////////////////////////////////////
// Certs
////////////////////////////////////////////////////////////
/**
* Returns all user certificates stored on this token. A user certificate
* is one that has a matching private key.
*
* @return An array of all user certificates present on this token.
* @exception TokenException If an error occurs on the token while
* gathering the certificates.
*/
public X509Certificate[]
getCertificates() throws TokenException;
/**
* Deletes a certificate from a token.
*
* @param cert A certificate to be deleted from this token. The cert
* must actually reside on this token.
* @exception NoSuchItemOnTokenException If the given cert does not
* reside on this token.
* @exception TokenException If an error occurred on the token while
* deleting the certificate.
*/
public void deleteCert(X509Certificate cert)
throws NoSuchItemOnTokenException, TokenException;
}

328
security/jss/org/mozilla/jss/crypto/CryptoToken.java Normal file
Просмотреть файл

@ -0,0 +1,328 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.util.*;
import java.security.*;
/**
* A CryptoToken performs cryptographic operations and stores
* cryptographic items, such as keys and certs. It corresponds to a
* Cryptographic Service Provider (CSP) in CDSA, and to a PKCS #11 token.
* <p>Instances of CryptoToken are obtained from CryptoManager.
* @see com.netscape.jss.CryptoManager
*/
public interface CryptoToken {
//
// SERVICES
//
/**
* Creates a Signature object, which can perform signing and signature
* verification. Signing and verification cryptographic operations will
* take place on this token. The signing key must be located on this
* token.
*
* @param algorithm The algorithm used for the signing/verification.
* @exception java.security.NoSuchAlgorithmException If the given
* algorithm is not supported by this provider.
*/
public abstract com.netscape.jss.crypto.Signature
getSignatureContext(SignatureAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, TokenException;
/**
* Creates a Digest object. Digesting cryptographic operations will
* take place on this token.
*
* @param algorithm The algorithm used for digesting.
* @exception java.security.NoSuchAlgorithmException If this provider
* does not support the given algorithm.
*/
public abstract JSSMessageDigest
getDigestContext(DigestAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, DigestException;
// !!! MAC ???
/**
* Creates a Cipher object, which can be used for encryption and
* decryption. Cryptographic operations will take place on this token.
* The keys used in the operations must be located on this token.
*
* @param algorithm The algorithm used for encryption/decryption.
* @exception java.security.NoSuchAlgorithmException If this provider
* does not support the given algorithm.
*/
public abstract Cipher
getCipherContext(EncryptionAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, TokenException;
public abstract KeyWrapper
getKeyWrapper(KeyWrapAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, TokenException;
/**
* Returns a Random Number Generator implemented on this token.
*
* @exception com.netscape.jss.crypto.ServiceNotProvidedException If this token
* does not perform random number generation
*/
/*
public abstract SecureRandom getRandomGenerator()
throws NotImplementedException, TokenException;
*/
// !!! Derive Keys ???
/**
* Creates a KeyGenerator object, which can be used to generate
* symmetric encryption keys. Any keys generated with this KeyGenerator
* will be generated on this token.
*
* @param algorithm The algorithm that the keys will be used with.
* @exception java.security.NoSuchAlgorithmException If this token does not
* support the given algorithm.
*/
public abstract KeyGenerator
getKeyGenerator(KeyGenAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, TokenException;
/**
* Clones a SymmetricKey from a different token onto this token.
*
* @exception SymmetricKey.NotExtractableException If the key material
* cannot be extracted from the current token.
* @exception InvalidKeyException If the owning token cannot process
* the key to be cloned.
*/
public SymmetricKey cloneKey(SymmetricKey key)
throws SymmetricKey.NotExtractableException,
InvalidKeyException, TokenException;
/**
* Creates a KeyPairGenerator object, which can be used to generate
* key pairs. Any keypairs generated with this generator will be generated
* on this token.
*
* @param algorithm The algorithm that the keys will be used with (RSA,
* DSA, etc.)
* @exception java.security.NoSuchAlgorithmException If this token does
* not support the given algorithm.
*/
public abstract KeyPairGenerator
getKeyPairGenerator(KeyPairAlgorithm algorithm)
throws java.security.NoSuchAlgorithmException, TokenException;
/**
* Generates a b64 encoded PKCS10 blob used for making cert
* request. Begin/End brackets included.
* @param subject subject dn of the certificate
* @param keysize size of the key
* @param keyType "rsa" or "dsa"
* @param P The DSA prime parameter
* @param Q The DSA sub-prime parameter
* @param G The DSA base parameter
* @return base64 encoded pkcs10 certificate request with
* Begin/end brackets
*/
public abstract String generateCertRequest(String subject, int
keysize,
String keyType,
byte[] P, byte[] Q,
byte[] G)
throws TokenException, InvalidParameterException,
PQGParamGenException;
/**
* Determines whether this token supports the given algorithm.
*
* @param alg A JSS algorithm. Note that for Signature, a token may
* fail to support a specific SignatureAlgorithm (such as
* RSASignatureWithMD5Digest) even though it does support the
* generic algorithm (RSASignature). In this case, the signature
* operation will be performed on that token, but the digest
* operation will be performed on the internal token.
* @return true if the token supports the algorithm.
*/
public boolean doesAlgorithm(Algorithm alg);
/**
* Login to the token. If a token is logged in, it will not trigger
* password callbacks.
*
* @param password The password for this token.
* @exception IncorrectPasswordException If the supplied password is
* incorrect.
* @see #setLoginMode
* @see com.netscape.jss.CryptoManager#setPasswordCallback
*/
public abstract void login(PasswordCallback pwcb)
throws IncorrectPasswordException, TokenException;
/**
* Logout of the token.
*
*/
public abstract void logout() throws TokenException;
/**
* Login once, never need to re-enter the password until you log out.
*/
public static final int ONE_TIME=0;
/**
* Need to re-login after a period of time.
* @see com.netscape.jss.crypto.CryptoToken#setLoginTimeoutMinutes
*/
public static final int TIMEOUT=1;
/**
* Need to provide a password before each crypto operation.
*/
public static final int EVERY_TIME=2;
/**
* Returns the login mode of this token: ONE_TIME, TIMEOUT, or
* EVERY_TIME. The default is ONE_TIME.
* @see #getLoginTimeoutMinutes
* @exception TokenException If an error occurs on the token.
*/
public abstract int getLoginMode() throws TokenException;
/**
* Sets the login mode of this token.
*
* @param mode ONE_TIME, TIMEOUT, or EVERY_TIME
* @exception TokenException If this mode is not supported by this token,
* or an error occurs on the token.
* @see #login
* @see #setLoginTimeoutMinutes
*/
public abstract void setLoginMode(int mode) throws TokenException;
/**
* Returns the login timeout period. The timeout is only used if the
* login mode is TIMEOUT.
*
* @see #getLoginMode
* @exception TokenException If an error occurs on the token.
*/
public abstract int getLoginTimeoutMinutes() throws TokenException;
/**
* Sets the timeout period for logging in. This will only be used
* if the login mode is TIMEOUT.
*
* @exception TokenException If timeouts are not supported by this
* token, or an error occurs on the token.
* @see #setLoginMode
*/
public abstract void setLoginTimeoutMinutes(int timeoutMinutes)
throws TokenException;
/**
* Find out if the token is currently logged in.
*
* @see #login
* @see #logout
*/
public boolean isLoggedIn() throws TokenException;
/**
* Initialize the password of this token.
*
* @param securityOfficerPW A callback to obtain the password of the
* SecurityOfficer. Pass in a NullPasswordCallback if there is
* no security officer password. Must not be null.
* @param userPW A callback to obtain the new password for this token.
* Must not be null.
* @exception IncorrectPasswordException If the supplied security officer
* password is incorrect.
* @exception AlreadyInitializedException If the token only allows one
* password initialization, and it has already occurred.
* @exception TokenException If an error occurs on the token.
*/
public abstract void
initPassword(PasswordCallback securityOfficerPW, PasswordCallback userPW)
throws IncorrectPasswordException, AlreadyInitializedException,
TokenException;
/**
* Determine whether the password has been initialized yet. Some tokens
* (such as the Netscape Internal Key Token) don't allow initializing
* the PIN more than once.
*
* @exception TokenException If an error occurs on the token.
*/
public abstract boolean
passwordIsInitialized() throws TokenException;
/**
* Change the password of this token.
*
* @exception IncorrectPasswordException If the supplied old password is
* incorrect.
* @param oldpw A callback (which could be just a Password) to retrieve
* the current password.
* @param newpw A callback (which could be just a Password) to retrieve
* the new password.
*/
public abstract void
changePassword(PasswordCallback oldpw, PasswordCallback newpw)
throws IncorrectPasswordException, TokenException;
/**
* Obtain the nickname, or label, of this token.
*
* @exception TokenException If an error occurs on the token.
*/
public abstract String getName() throws TokenException;
/**
* Get the CryptoStore interface to this token's objects.
*/
public abstract CryptoStore getCryptoStore();
/**
* Deep comparison operation. Use this, rather than ==, to determine
* whether two CryptoTokens are the same.
*/
public boolean equals(Object object);
/**
* Determines whether this token is currently present.
* This could return false if the token is a smart card that was
* removed from its slot.
*/
public boolean isPresent();
}

99
security/jss/org/mozilla/jss/crypto/DigestAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,99 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.util.Hashtable;
import java.security.NoSuchAlgorithmException;
import com.netscape.jss.asn1.*;
public class DigestAlgorithm extends Algorithm {
// The size in bytes of the output of this hash.
private int outputSize;
protected DigestAlgorithm(int oidIndex, String name,
OBJECT_IDENTIFIER oid, int outputSize)
{
super(oidIndex, name, oid);
this.outputSize = outputSize;
// only store the first algorithm for a given oid. More than one
// alg might share the same oid, such as from child classes.
if( oid != null && oidMap.get(oid)==null ) {
oidMap.put(oid, this);
}
}
///////////////////////////////////////////////////////////////////////
// OID mapping
///////////////////////////////////////////////////////////////////////
private static Hashtable oidMap = new Hashtable();
public static DigestAlgorithm fromOID(OBJECT_IDENTIFIER oid)
throws NoSuchAlgorithmException
{
Object alg = oidMap.get(oid);
if( alg == null ) {
throw new NoSuchAlgorithmException();
} else {
return (DigestAlgorithm) alg;
}
}
/**
* Returns the output size in bytes for this algorithm.
*/
public int getOutputSize() {
return outputSize;
}
/**
* The MD2 digest algorithm, from RSA.
*/
public static final DigestAlgorithm MD2 = new DigestAlgorithm
(SEC_OID_MD2, "MD2", OBJECT_IDENTIFIER.RSA_DIGEST.subBranch(2), 16 );
/**
* The MD5 digest algorithm, from RSA.
*/
public static final DigestAlgorithm MD5 = new DigestAlgorithm
(SEC_OID_MD5, "MD5", OBJECT_IDENTIFIER.RSA_DIGEST.subBranch(5), 16 );
/**
* The SHA-1 digest algorithm, from Uncle Sam.
*/
public static final DigestAlgorithm SHA1 = new DigestAlgorithm
(SEC_OID_SHA1, "SHA-1", OBJECT_IDENTIFIER.ALGORITHM.subBranch(26), 20);
}

187
security/jss/org/mozilla/jss/crypto/EncryptionAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,187 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.util.Hashtable;
import java.security.NoSuchAlgorithmException;
import com.netscape.jss.asn1.*;
/**
* An algorithm for performing symmetric encryption.
*/
public class EncryptionAlgorithm extends Algorithm {
protected EncryptionAlgorithm(int oidTag, String name, Class paramClass,
int blockSize, boolean padded, OBJECT_IDENTIFIER oid)
{
super(oidTag, name, oid, paramClass);
this.blockSize = blockSize;
this.padded = padded;
if(oid!=null) {
oidMap.put(oid, this);
}
}
private int blockSize;
private boolean padded;
///////////////////////////////////////////////////////////////////////
// OID mapping
///////////////////////////////////////////////////////////////////////
private static Hashtable oidMap = new Hashtable();
public static EncryptionAlgorithm fromOID(OBJECT_IDENTIFIER oid)
throws NoSuchAlgorithmException
{
Object alg = oidMap.get(oid);
if( alg == null ) {
throw new NoSuchAlgorithmException();
} else {
return (EncryptionAlgorithm) alg;
}
}
/**
* The blocksize of the algorithm in bytes. Stream algorithms (such as
* RC4) have a blocksize of 1.
*/
public int getBlockSize() {
return blockSize;
}
/**
* Returns <code>true</code> if this algorithm performs padding.
*/
public boolean isPadded() {
return padded;
}
/**
* Returns the number of bytes that this algorithm expects in
* its initialization vector.
*
* @return The size in bytes of the IV for this algorithm. A size of
* 0 means this algorithm does not take an IV.
*/
public native int getIVLength();
public static final EncryptionAlgorithm
RC4 = new EncryptionAlgorithm(SEC_OID_RC4, "RC4", null, 1, false,
OBJECT_IDENTIFIER.RSA_CIPHER.subBranch(4) );
public static final EncryptionAlgorithm
DES_ECB = new EncryptionAlgorithm(SEC_OID_DES_ECB, "DES/ECB", null,
8, false, OBJECT_IDENTIFIER.ALGORITHM.subBranch(6) );
public static final EncryptionAlgorithm
DES_CBC = new EncryptionAlgorithm(SEC_OID_DES_CBC, "DES/CBC",
IVParameterSpec.class, 8, false,
OBJECT_IDENTIFIER.ALGORITHM.subBranch(7) );
public static final EncryptionAlgorithm
DES_CBC_PAD = new EncryptionAlgorithm(CKM_DES_CBC_PAD, "DES/CBC/Pad",
IVParameterSpec.class, 8, true, null); // no oid
public static final EncryptionAlgorithm
DES3_ECB = new EncryptionAlgorithm(CKM_DES3_ECB, "DES3/ECB", null, 8,
false, null); // no oid
public static final EncryptionAlgorithm
DES3_CBC = new EncryptionAlgorithm(SEC_OID_DES_EDE3_CBC, "DES3/CBC",
IVParameterSpec.class, 8, false,
OBJECT_IDENTIFIER.RSA_CIPHER.subBranch(7) );
public static final EncryptionAlgorithm
DES3_CBC_PAD = new EncryptionAlgorithm(CKM_DES3_CBC_PAD, "DES3/CBC/Pad",
IVParameterSpec.class, 8, true, null); // no oid
public static final EncryptionAlgorithm
RC2_CBC = new EncryptionAlgorithm(SEC_OID_RC2_CBC, "RC2/CBC",
IVParameterSpec.class, 8, false,
OBJECT_IDENTIFIER.RSA_CIPHER.subBranch(2) );
///////////////////////////////////////////////////////////////////////
// Export control code
///////////////////////////////////////////////////////////////////////
private static final int NUMBER_OF_ALGORITHMS = 8;
public EncryptionAlgorithm[] getAllAlgorithms( Usage usage ) {
EncryptionAlgorithm[] algs = new
EncryptionAlgorithm[NUMBER_OF_ALGORITHMS];
long[] indices = getAllAlgorithmIndices( usage );
int j = 0;
for( int i = 0; i <= indices.length; i++ ) {
switch( ( int ) indices[i] ) {
case SEC_OID_RC4:
algs[j] = RC4;
j++;
break;
case SEC_OID_DES_ECB:
algs[j] = DES_ECB;
j++;
break;
case SEC_OID_DES_CBC:
algs[j] = DES_CBC;
j++;
break;
case CKM_DES_CBC_PAD:
algs[j] = DES_CBC_PAD;
j++;
break;
case CKM_DES3_ECB:
algs[j] = DES3_ECB;
j++;
break;
case SEC_OID_DES_EDE3_CBC:
algs[j] = DES3_CBC;
j++;
break;
case CKM_DES3_CBC_PAD:
algs[j] = DES3_CBC_PAD;
j++;
break;
case SEC_OID_RC2_CBC:
algs[j] = RC2_CBC;
j++;
break;
default:
continue;
}
}
return algs;
}
}

85
security/jss/org/mozilla/jss/crypto/HMACAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,85 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.util.Hashtable;
import com.netscape.jss.asn1.*;
import java.security.NoSuchAlgorithmException;
/**
* Algorithms for performing HMACs. These can be used to create
* MessageDigests.
*/
public class HMACAlgorithm extends DigestAlgorithm {
protected HMACAlgorithm(int oidIndex, String name, OBJECT_IDENTIFIER oid,
int outputSize) {
super(oidIndex, name, oid, outputSize);
if( oid!=null && oidMap.get(oid)==null) {
oidMap.put(oid, this);
}
}
///////////////////////////////////////////////////////////////////////
// OID mapping
///////////////////////////////////////////////////////////////////////
private static Hashtable oidMap = new Hashtable();
/**
* Looks up the HMAC algorithm with the given OID.
*
* @exception NoSuchAlgorithmException If no registered HMAC algorithm
* has the given OID.
*/
public static DigestAlgorithm fromOID(OBJECT_IDENTIFIER oid)
throws NoSuchAlgorithmException
{
Object alg = oidMap.get(oid);
if( alg == null ) {
throw new NoSuchAlgorithmException();
} else {
return (HMACAlgorithm) alg;
}
}
/**
* SHA-1 HMAC. This is a Message Authentication Code that uses a
* symmetric key together with SHA-1 digesting to create a form of
* signature.
*/
public static final HMACAlgorithm SHA1 = new HMACAlgorithm
(CKM_SHA_1_HMAC, "SHA-1-HMAC",
OBJECT_IDENTIFIER.ALGORITHM.subBranch(26), 20);
}

57
security/jss/org/mozilla/jss/crypto/IVParameterSpec.java Normal file
Просмотреть файл

@ -0,0 +1,57 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.spec.AlgorithmParameterSpec;
/**
* An algorithm parameter that consists of an initialization vector (IV).
*/
public class IVParameterSpec implements AlgorithmParameterSpec {
private byte[] iv;
private IVParameterSpec() { }
public IVParameterSpec(byte[] iv) {
this.iv = iv;
}
/**
* Returns a reference to an internal copy of the initialization vector.
*/
public byte[] getIV() {
return iv;
}
}

35
security/jss/org/mozilla/jss/crypto/IllegalBlockSizeException.java Normal file
Просмотреть файл

@ -0,0 +1,35 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
public class IllegalBlockSizeException extends Exception { }

100
security/jss/org/mozilla/jss/crypto/InternalCertificate.java Normal file
Просмотреть файл

@ -0,0 +1,100 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* Certificates residing in the internal database. Their trust flags
* can be viewed and modified. Other types of certificates do not
* have trust flags.
*/
public interface InternalCertificate extends X509Certificate
{
////////////////////////////////////////////////////
// Trust manipulation
////////////////////////////////////////////////////
public static final int VALID_PEER = (1<<0);
public static final int TRUSTED_PEER = (1<<1); // CERTDB_TRUSTED
public static final int VALID_CA = (1<<3);
public static final int TRUSTED_CA = (1<<4);
public static final int USER = (1<<6);
public static final int TRUSTED_CLIENT_CA = (1<<7);
/**
* Set the SSL trust flags for this certificate.
*
* @param trust A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract void setSSLTrust(int trust);
/**
* Set the email (S/MIME) trust flags for this certificate.
*
* @param trust A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract void setEmailTrust(int trust);
/**
* Set the object signing trust flags for this certificate.
*
* @param trust A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract void setObjectSigningTrust(int trust);
/**
* Get the SSL trust flags for this certificate.
*
* @return A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract int getSSLTrust();
/**
* Get the email (S/MIME) trust flags for this certificate.
*
* @return A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract int getEmailTrust();
/**
* Get the object signing trust flags for this certificate.
*
* @return A bitwise OR of the trust flags VALID_PEER, VALID_CA,
* TRUSTED_CA, USER, and TRUSTED_CLIENT_CA.
*/
public abstract int getObjectSigningTrust();
}

42
security/jss/org/mozilla/jss/crypto/InvalidDERException.java Normal file
Просмотреть файл

@ -0,0 +1,42 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* This exception is thrown when we encounter a bogus DER blob.
*/
public class InvalidDERException extends Exception {
public InvalidDERException() { super(); }
public InvalidDERException(String mesg) { super(mesg); }
}

47
security/jss/org/mozilla/jss/crypto/InvalidKeyFormatException.java Normal file
Просмотреть файл

@ -0,0 +1,47 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* An exception of this type is thrown if an encoded private key
* cannot be decoded.
*/
public class InvalidKeyFormatException extends Exception {
public InvalidKeyFormatException() {
super();
}
public InvalidKeyFormatException(String mesg) {
super(mesg);
}
}

143
security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java Normal file
Просмотреть файл

@ -0,0 +1,143 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.DigestException;
import java.security.InvalidKeyException;
/**
* A class for performing message digesting (hashing) and MAC operations.
*/
public abstract class JSSMessageDigest {
/**
* Initializes an HMAC digest with the given symmetric key. This also
* has the effect of resetting the digest.
*
* @exception DigestException If this algorithm is not an HMAC algorithm.
* @exception InvalidKeyException If the given key is not valid.
*/
public abstract void initHMAC(SymmetricKey key)
throws DigestException, InvalidKeyException;
/**
* Updates the digest with a single byte of input.
*/
public void update(byte input) throws DigestException {
byte[] in = { input };
update(in, 0, 1);
}
/**
* Updates the digest with a portion of an array.
*
* @param input An array from which to update the digest.
* @param offset The index in the array at which to start digesting.
* @param len The number of bytes to digest.
* @exception DigestException If an error occurs while digesting.
*/
public abstract void update(byte[] input, int offset, int len)
throws DigestException;
/**
* Updates the digest with an array.
*
* @param input An array to feed to the digest.
* @exception DigestException If an error occurs while digesting.
*/
public void update(byte[] input) throws DigestException {
update(input, 0, input.length);
}
/**
* Completes digestion.
*
* @return The, ahem, output of the digest operation.
* @param If an error occurs while digesting.
*/
public byte[] digest() throws DigestException {
byte[] output = new byte[getOutputSize()];
digest(output, 0, output.length);
return output;
}
/**
* Completes digesting, storing the result into the provided array.
*
* @param buf The buffer in which to place the digest output.
* @param offset The offset in the buffer at which to store the output.
* @param len The amount of space available in the buffer for the
* digest output.
* @return The number of bytes actually stored into buf.
* @exception DigestException If the provided space is too small for
* the digest, or an error occurs with the digest.
*/
public abstract int digest(byte[] buf, int offset, int len)
throws DigestException;
/**
* Provides final data to the digest, then completes it and returns the
* output.
*
* @param input The digest's last meal.
* @return The completed digest.
* @exception DigestException If an error occurs while digesting.
*/
public byte[] digest(byte[] input) throws DigestException {
update(input);
return digest();
}
/**
* Resets this digest for further use. This clears all input and
* output streams. If this is an HMAC digest, the HMAC key is not
* cleared.
*/
public abstract void reset() throws DigestException;
/**
* Returns the algorithm that this digest uses.
*/
public abstract DigestAlgorithm getAlgorithm();
/**
* Returns the length of the digest created by this digest's
* digest algorithm.
*
* @return The size in bytes of the output of this digest.
*/
public int getOutputSize() {
return getAlgorithm().getOutputSize();
}
}

58
security/jss/org/mozilla/jss/crypto/JSSSecureRandom.java Normal file
Просмотреть файл

@ -0,0 +1,58 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* An interface for secure random numbers. This should be replaced with
* java.security.SecureRandom when we move to JDK 1.2. In JDK 1.1,
* SecureRandom is implemented by a Sun class. In JDK 1.2, it uses a
* provider architecture.
*/
public interface JSSSecureRandom {
/**
* Seed the RNG with the given seed bytes.
*/
public void setSeed(byte[] seed);
/**
* Seed the RNG with the eight bytes contained in <code>seed</code>.
*/
public void setSeed(long seed);
/**
* Retrieves random bytes and stores them in the given array.
*/
public void nextBytes(byte bytes[]);
}

45
security/jss/org/mozilla/jss/crypto/KeyAlreadyImportedException.java Normal file
Просмотреть файл

@ -0,0 +1,45 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* This exception is thrown if the user tries to import a
* key which is already in the specified token
*/
public class KeyAlreadyImportedException extends java.lang.Exception {
public KeyAlreadyImportedException() {}
public KeyAlreadyImportedException(String mesg) {
super(mesg);
}
}

151
security/jss/org/mozilla/jss/crypto/KeyGenAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,151 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.asn1.OBJECT_IDENTIFIER;
import java.util.Hashtable;
import java.security.NoSuchAlgorithmException;
/**
* Algorithms that can be used for generating symmetric keys.
*/
public class KeyGenAlgorithm extends Algorithm {
protected KeyGenAlgorithm(int oidTag, String name, int validStrength,
OBJECT_IDENTIFIER oid, Class paramClass)
{
super(oidTag, name, oid, paramClass);
this.validStrength = validStrength;
if(oid!=null) {
oidMap.put(oid, this);
}
}
///////////////////////////////////////////////////////////////////////
// OIDs
///////////////////////////////////////////////////////////////////////
private static final OBJECT_IDENTIFIER PKCS5 = OBJECT_IDENTIFIER.PKCS5;
private static final OBJECT_IDENTIFIER PKCS12_PBE =
OBJECT_IDENTIFIER.PKCS12.subBranch(1);
///////////////////////////////////////////////////////////////////////
// OID mapping
///////////////////////////////////////////////////////////////////////
private static Hashtable oidMap = new Hashtable();
public static KeyGenAlgorithm fromOID(OBJECT_IDENTIFIER oid)
throws NoSuchAlgorithmException
{
Object alg = oidMap.get(oid);
if( alg == null ) {
throw new NoSuchAlgorithmException(oid.toString());
} else {
return (KeyGenAlgorithm) alg;
}
}
// The valid strength (key size in bits) for keys of this algorithm.
// A value of -1 means all strengths are valid (such as for RC4).
private int validStrength;
/**
* Returns <code>true</code> if the given strength is valid for this
* key generation algorithm. Note that PBE algorithms require
* PBEParameterSpecs rather than strengths. It is the responsibility
* of the caller to verify this.
*/
public boolean isValidStrength(int strength) {
if( validStrength == -1 ) {
return true;
} else {
return strength == validStrength;
}
}
//////////////////////////////////////////////////////////////
public static final KeyGenAlgorithm
DES = new KeyGenAlgorithm(CKM_DES_KEY_GEN, "DES", 56, null, null);
//////////////////////////////////////////////////////////////
public static final KeyGenAlgorithm
DES3 = new KeyGenAlgorithm(CKM_DES3_KEY_GEN, "DES3", 168, null, null);
//////////////////////////////////////////////////////////////
public static final KeyGenAlgorithm
RC4 = new KeyGenAlgorithm(CKM_RC4_KEY_GEN, "RC4", -1, null, null);
//////////////////////////////////////////////////////////////
public static final KeyGenAlgorithm
PBA_SHA1_HMAC = new KeyGenAlgorithm(
CKM_PBA_SHA1_WITH_SHA1_HMAC,
"PBA/SHA1/HMAC", 160, null, PBEKeyGenParams.class );
//////////////////////////////////////////////////////////////
// Export control code
//////////////////////////////////////////////////////////////
private static final int NUMBER_OF_ALGORITHMS = 4;
public KeyGenAlgorithm[] getAllAlgorithms( Usage usage ) {
KeyGenAlgorithm[] algs = new KeyGenAlgorithm[NUMBER_OF_ALGORITHMS];
long[] indices = getAllAlgorithmIndices( usage );
int j = 0;
for( int i = 0; i <= indices.length; i++ ) {
switch( ( int ) indices[i] ) {
case CKM_DES_KEY_GEN:
algs[j] = DES;
j++;
break;
case CKM_DES3_KEY_GEN:
algs[j] = DES3;
j++;
break;
case CKM_RC4_KEY_GEN:
algs[j] = RC4;
j++;
break;
case CKM_PBA_SHA1_WITH_SHA1_HMAC:
algs[j] = PBA_SHA1_HMAC;
j++;
break;
default:
continue;
}
}
return algs;
}
}

111
security/jss/org/mozilla/jss/crypto/KeyGenerator.java Normal file
Просмотреть файл

@ -0,0 +1,111 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.spec.AlgorithmParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.io.CharConversionException;
/**
* Generates symmetric keys for encryption and decryption.
*/
public interface KeyGenerator {
/**
* @param strength Key size in bits. Must be evenly divisible by 8.
*/
public void initialize(int strength)
throws InvalidAlgorithmParameterException;
public void initialize(AlgorithmParameterSpec parameters)
throws InvalidAlgorithmParameterException;
public SymmetricKey generate()
throws IllegalStateException, TokenException, CharConversionException;
/**
* Generates an Initialization Vector using a PBE algorithm.
* In order to call this method, the algorithm must be a PBE algorithm,
* and the KeyGenerator must have been initialized with an instance
* of <code>PBEKeyGenParams</code>.
*
* @return The initialization vector derived from the password and salt
* using the PBE algorithm.
* @exception IllegalStateException If the algorithm is not a PBE
* algorithm, or the KeyGenerator has not been initialized with
* an instance of <code>PBEKeyGenParams</code>.
* @exception TokenException If an error occurs on the CryptoToken while
* generating the IV.
*/
public byte[] generatePBE_IV()
throws IllegalStateException, TokenException, CharConversionException;
/**
* Allows a SymmetricKey to be cloned on a different token.
*
* @exception SymmetricKey.NotExtractableException If the key material
* cannot be extracted from the current token.
* @exception InvalidKeyException If the owning token cannot process
* the key to be cloned.
*/
public SymmetricKey clone(SymmetricKey key)
throws SymmetricKey.NotExtractableException,
InvalidKeyException, TokenException;
/**
* An interface for converting a password of Java characters into an array
* of bytes. This conversion must be performed to provide a byte array
* to the low-level crypto engine. The default conversion is UTF8.
* Null-termination is not necessary, and indeed is usually incorrect,
* since the password is passed to the crypto engine as a byte array, not
* a C string.
*/
public static interface CharToByteConverter {
/**
* Converts a password of Java characters into a password of
* bytes, using some encoding scheme. The input char array must
* not be modified.
*/
public byte[] convert(char[] chars) throws CharConversionException;
}
/**
* Sets the character to byte converter for passwords. The default
* conversion is UTF8 with no null termination.
*/
public void setCharToByteConverter(CharToByteConverter charToByte);
}

105
security/jss/org/mozilla/jss/crypto/KeyPairAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,105 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* Algorithms that can be used for keypair generation.
*/
public class KeyPairAlgorithm extends Algorithm {
protected KeyPairAlgorithm(int oidIndex, String name, Algorithm algFamily) {
super(oidIndex, name);
this.algFamily = algFamily;
}
/**
* Returns the algorithm family for a given key pair generation algorithm.
* If a token supports a family and is writable, we can do keypair gen
* on the token even if it doesn't support the keypair gen algorithm.
* We do this by doing the keypair gen on the internal module and then
* moving the key out to the other token.
*/
public Algorithm
getAlgFamily()
{
return algFamily;
}
protected Algorithm algFamily;
////////////////////////////////////////////////////////////////
// Key-Pair Generation Algorithms
////////////////////////////////////////////////////////////////
public static final Algorithm
RSAFamily = new Algorithm(SEC_OID_PKCS1_RSA_ENCRYPTION, "RSA");
public static final Algorithm
DSAFamily = new Algorithm(SEC_OID_ANSIX9_DSA_SIGNATURE, "DSA");
public static final KeyPairAlgorithm
RSA = new KeyPairAlgorithm(CKM_RSA_PKCS_KEY_PAIR_GEN, "RSA", RSAFamily);
public static final KeyPairAlgorithm
DSA = new KeyPairAlgorithm(CKM_DSA_KEY_PAIR_GEN, "DSA", DSAFamily);
////////////////////////////////////////////////////////////////
// Export control code
////////////////////////////////////////////////////////////////
private static final int NUMBER_OF_ALGORITHMS = 4;
public KeyPairAlgorithm[] getAllAlgorithms( Usage usage ) {
KeyPairAlgorithm[] algs = new KeyPairAlgorithm[NUMBER_OF_ALGORITHMS];
long[] indices = getAllAlgorithmIndices( usage );
int j = 0;
for( int i = 0; i <= indices.length; i++ ) {
switch( ( int ) indices[i] ) {
case CKM_RSA_PKCS_KEY_PAIR_GEN:
algs[j] = RSA;
j++;
break;
case CKM_DSA_KEY_PAIR_GEN:
algs[j] = DSA;
j++;
break;
default:
continue;
}
}
return algs;
}
}

165
security/jss/org/mozilla/jss/crypto/KeyPairGenerator.java Normal file
Просмотреть файл

@ -0,0 +1,165 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.*;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
/**
* Generates RSA and DSA key pairs. Each CryptoToken provides a
* KeyPairGenerator, which can be used to generate key pairs on that token.
* A given token may not support all algorithms, and some tokens may not
* support any key pair generation. If a token does not support key pair
* generation, the Netscape internal token may do it instead. Call
* <code>keygenOnInternalToken</code> to find out if this is happening.
*
* @see com.netscape.jss.crypto.CryptoToken#getKeyPairGenerator
*/
public class KeyPairGenerator {
/**
* Creates a new key pair generator. KeyPairGenerators should
* be obtained by calling <code>CryptoToken.getKeyPairGenerator</code>
* instead of calling this constructor.
*
* @param algorithm The type of keys that the generator will be
* used to generate.
* @param engine The engine object that provides the implementation for
* the class.
*/
public KeyPairGenerator(KeyPairAlgorithm algorithm,
KeyPairGeneratorSpi engine) {
this.algorithm = algorithm;
this.engine = engine;
}
/**
* Generates a new key pair.
*
* @return A new key pair. The keys reside on the CryptoToken that
* provided this <code>KeyPairGenerator</code>.
* @exception TokenException If an error occurs on the CryptoToken
* in the process of generating the key pair.
*/
public java.security.KeyPair
genKeyPair() throws TokenException {
return engine.generateKeyPair();
}
/**
* @return The type of key that this generator generates.
*/
public KeyPairAlgorithm getAlgorithm() {
return algorithm;
}
/**
* Initializes the generator with algorithm-specific parameters.
*
* @param params Algorithm-specific parameters for the key pair generation.
* @param random This parameter is ignored.
* @exception InvalidAlgorithmParameterException If the parameters are
* inappropriate for the type of key pair that is being generated,
* or they are not supported by this generator.
* @see com.netscape.jss.crypto.RSAParameterSpec
* @see java.security.spec.DSAParameterSpec
*/
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
throws InvalidAlgorithmParameterException
{
engine.initialize(params, random);
}
/**
* Initializes the generator with algorithm-specific parameters.
*
* @param params Algorithm-specific parameters for the key pair generation.
* @exception InvalidAlgorithmParameterException If the parameters are
* inappropriate for the type of key pair that is being generated,
* or they are not supported by this generator.
* @see com.netscape.jss.crypto.RSAParameterSpec
* @see java.security.spec.DSAParameterSpec
*/
public void initialize(AlgorithmParameterSpec params)
throws InvalidAlgorithmParameterException
{
engine.initialize(params, null);
}
/**
* Initializes the generator with the strength of the keys.
*
* @param strength The strength of the keys that will be generated.
* Usually this is the length of the key in bits.
* @param random This parameter is ignored.
*/
public void initialize(int strength, SecureRandom random) {
engine.initialize(strength, random);
}
/**
* Initializes the generator with the strength of the keys.
*
* @param strength The strength of the keys that will be generated.
* Usually this is the length of the key in bits.
*/
public void initialize(int strength) {
engine.initialize(strength, null);
}
/**
* @return true if the keypair generation will take place on the
* internal token rather than the current token. This will
* happen if the token does not support keypair generation
* but does support this algorithm and is writable. In this
* case the keypair will be generated on the Netscape internal
* token and then moved to this token.
*/
public boolean keygenOnInternalToken() {
return engine.keygenOnInternalToken();
}
/**
* Tells the generator to generate temporary, rather than permanent,
* keypairs. Temporary keys are not written permanently to the token.
* They are destroyed by the garbage collector.
*/
public void temporaryPairs(boolean temp) {
engine.temporaryPairs(temp);
}
protected KeyPairAlgorithm algorithm;
protected KeyPairGeneratorSpi engine;
}

56
security/jss/org/mozilla/jss/crypto/KeyPairGeneratorSpi.java Normal file
Просмотреть файл

@ -0,0 +1,56 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.*;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
public abstract class KeyPairGeneratorSpi {
public KeyPairGeneratorSpi() {
}
public abstract void initialize(int strength, SecureRandom random);
public abstract void initialize(AlgorithmParameterSpec params,
SecureRandom random)
throws InvalidAlgorithmParameterException;
public abstract KeyPair generateKeyPair() throws TokenException;
public abstract void temporaryPairs(boolean temp);
public abstract boolean keygenOnInternalToken();
}

137
security/jss/org/mozilla/jss/crypto/KeyWrapAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,137 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
*
*/
public class KeyWrapAlgorithm extends Algorithm {
protected KeyWrapAlgorithm(int oidTag, String name, Class paramClass,
boolean padded) {
super(oidTag, name);
parameterClass = paramClass;
this.padded = padded;
}
private Class parameterClass;
private boolean padded;
/**
* The type of parameter that this algorithm expects. Returns
* <code>null</code> if this algorithm does not take any parameters.
*/
public Class getParameterClass() {
return parameterClass;
}
public boolean isPadded() {
return padded;
}
public static final KeyWrapAlgorithm
DES_ECB = new KeyWrapAlgorithm(SEC_OID_DES_ECB, "DES/ECB", null, false);
public static final KeyWrapAlgorithm
DES_CBC = new KeyWrapAlgorithm(SEC_OID_DES_CBC, "DES/CBC",
IVParameterSpec.class, false);
public static final KeyWrapAlgorithm
DES_CBC_PAD = new KeyWrapAlgorithm(CKM_DES_CBC_PAD, "DES/CBC/Pad",
IVParameterSpec.class, true);
public static final KeyWrapAlgorithm
DES3_ECB = new KeyWrapAlgorithm(CKM_DES3_ECB, "DES3/ECB", null, false);
public static final KeyWrapAlgorithm
DES3_CBC = new KeyWrapAlgorithm(SEC_OID_DES_EDE3_CBC, "DES3/CBC",
IVParameterSpec.class, false);
public static final KeyWrapAlgorithm
DES3_CBC_PAD = new KeyWrapAlgorithm(CKM_DES3_CBC_PAD, "DES3/CBC/Pad",
IVParameterSpec.class, true);
public static final KeyWrapAlgorithm
RSA = new KeyWrapAlgorithm(SEC_OID_PKCS1_RSA_ENCRYPTION, "RSA", null,
false);
///////////////////////////////////////////////////////////////////////
// Export control code
///////////////////////////////////////////////////////////////////////
private static final int NUMBER_OF_ALGORITHMS = 7;
public KeyWrapAlgorithm[] getAllAlgorithms( Usage usage ) {
KeyWrapAlgorithm[] algs = new KeyWrapAlgorithm[NUMBER_OF_ALGORITHMS];
long[] indices = getAllAlgorithmIndices( usage );
int j = 0;
for( int i = 0; i <= indices.length; i++ ) {
switch( ( int ) indices[i] ) {
case SEC_OID_DES_ECB:
algs[j] = DES_ECB;
j++;
break;
case SEC_OID_DES_CBC:
algs[j] = DES_CBC;
j++;
break;
case CKM_DES_CBC_PAD:
algs[j] = DES_CBC_PAD;
j++;
break;
case CKM_DES3_ECB:
algs[j] = DES3_ECB;
j++;
break;
case SEC_OID_DES_EDE3_CBC:
algs[j] = DES3_CBC;
j++;
break;
case CKM_DES3_CBC_PAD:
algs[j] = DES3_CBC_PAD;
j++;
break;
case SEC_OID_PKCS1_RSA_ENCRYPTION:
algs[j] = RSA;
j++;
break;
default:
continue;
}
}
return algs;
}
}

105
security/jss/org/mozilla/jss/crypto/KeyWrapper.java Normal file
Просмотреть файл

@ -0,0 +1,105 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.spec.AlgorithmParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.PublicKey;
import java.security.InvalidKeyException;
public interface KeyWrapper {
public void initWrap(SymmetricKey wrappingKey,
AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException;
public void initWrap(PublicKey wrappingKey,
AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException;
public void initUnwrap(SymmetricKey unwrappingKey,
AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException;
public void initUnwrap(PrivateKey unwrappingKey,
AlgorithmParameterSpec parameters)
throws InvalidKeyException, InvalidAlgorithmParameterException;
public byte[] wrap(PrivateKey toBeWrapped)
throws InvalidKeyException, IllegalStateException, TokenException;
public byte[] wrap(SymmetricKey toBeWrapped)
throws InvalidKeyException, IllegalStateException, TokenException;
/**
* Unwraps a private key, creating a permanent private key object.
* A permanent private key object resides on a token until it is
* explicitly deleted from the token.
*
* @publicKey Used to calculate the key identifier that must be stored
* with the private key. Must be a <code>RSAPublicKey</code> or a
* <code>DSAPublicKey</code>.
* @exception InvalidKeyException If the type of the public key does not
* match the type of the private key to be unwrapped.
*/
public PrivateKey unwrapPrivate(byte[] wrapped, PrivateKey.Type type,
PublicKey publicKey)
throws TokenException, InvalidKeyException, IllegalStateException;
/**
* Unwraps a private key, creating a temporary private key object.
* A temporary
* private key is one that does not permanently reside on a token.
* As soon as it is garbage-collected, it is gone forever.
*
* @publicKey Used to calculate the key identifier that must be stored
* with the private key. Must be a <code>RSAPublicKey</code> or a
* <code>DSAPublicKey</code>.
* @exception InvalidKeyException If the type of the public key does not
* match the type of the private key to be unwrapped.
*/
public PrivateKey unwrapTemporaryPrivate(byte[] wrapped,
PrivateKey.Type type, PublicKey publicKey)
throws TokenException, InvalidKeyException, IllegalStateException;
/**
* @param keyLength The expected length of the key in bytes. This is
* only used for variable-length keys (RC4) and non-padding
* algorithms. Otherwise, it can be set to anything(like 0).
*/
public SymmetricKey unwrapSymmetric(byte[] wrapped, SymmetricKey.Type type,
int keyLength)
throws TokenException, IllegalStateException,
InvalidAlgorithmParameterException;
}

72
security/jss/org/mozilla/jss/crypto/Makefile Normal file
Просмотреть файл

@ -0,0 +1,72 @@
#! gmake
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Netscape Security Services for Java.
#
# The Initial Developer of the Original Code is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1998-2000 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the
# terms of the GNU General Public License Version 2 or later (the
# "GPL"), in which case the provisions of the GPL are applicable
# instead of those above. If you wish to allow use of your
# version of this file only under the terms of the GPL and not to
# allow others to use your version of this file under the MPL,
# indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by
# the GPL. If you do not delete the provisions above, a recipient
# may use your version of this file under either the MPL or the
# GPL.
#
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/$(MODULE)/config/config.mk
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include config.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################

49
security/jss/org/mozilla/jss/crypto/NoSuchItemOnTokenException.java Normal file
Просмотреть файл

@ -0,0 +1,49 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* Thrown if a cryptographic item does not exist on the token it is
* trying to be used on.
*/
public class NoSuchItemOnTokenException extends Exception {
public
NoSuchItemOnTokenException() {}
public
NoSuchItemOnTokenException( String message ) {
super( message );
}
}

39
security/jss/org/mozilla/jss/crypto/NoSuchPaddingException.java Normal file
Просмотреть файл

@ -0,0 +1,39 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* This class is a stub for javax.crypto.NoSuchPaddingException until we
* move to JDK 1.2.
*/
public class NoSuchPaddingException extends Exception { }

42
security/jss/org/mozilla/jss/crypto/ObjectNotFoundException.java Normal file
Просмотреть файл

@ -0,0 +1,42 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
/**
* This exception is thrown whenever something isn't implemented.
*/
public class ObjectNotFoundException extends Exception {
public ObjectNotFoundException() { super(); }
public ObjectNotFoundException(String mesg) { super(mesg); }
}

197
security/jss/org/mozilla/jss/crypto/PBEAlgorithm.java Normal file
Просмотреть файл

@ -0,0 +1,197 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.asn1.OBJECT_IDENTIFIER;
import java.util.Hashtable;
import java.security.NoSuchAlgorithmException;
/**
* Algorithms that can be used for generating symmetric keys from passwords.
*/
public class PBEAlgorithm extends KeyGenAlgorithm {
private EncryptionAlgorithm encAlg;
private int saltLength;
protected PBEAlgorithm(int oidTag, String name, int validStrength,
OBJECT_IDENTIFIER oid, EncryptionAlgorithm encAlg, int saltLength)
{
super(oidTag, name, validStrength, oid, PBEKeyGenParams.class);
this.encAlg = encAlg;
this.saltLength = saltLength;
}
/**
* Returns the EncryptionAlgorithm that should be used with keys
* generated with this PBEAlgorithm. For example,
* <code>PBE_MD2_DES_CBC.getEncryptionAlg()</code> returns
* <code>EncryptionAlgorithm.DES_CBC</code>.
*/
public EncryptionAlgorithm getEncryptionAlg() {
return encAlg;
}
/**
* Returns the number of bytes of salt that should be supplied when
* generating keys with this algorithm.
*
* <p>PKCS #5 algorithms require exactly 8 bytes of salt. PKCS #12
* algorithms take
* a variable length, but recommend that the salt length be at least
* as long as the output of the hash function. For SHA-1, the output
* length is 20 bytes.
*/
public int getSaltLength() {
return saltLength;
}
///////////////////////////////////////////////////////////////////////
// OIDs
///////////////////////////////////////////////////////////////////////
private static final OBJECT_IDENTIFIER PKCS5 = OBJECT_IDENTIFIER.PKCS5;
private static final OBJECT_IDENTIFIER PKCS12_PBE =
OBJECT_IDENTIFIER.PKCS12.subBranch(1);
///////////////////////////////////////////////////////////////////////
// OID mapping
///////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_MD2_DES_CBC = new PBEAlgorithm(
SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC, "PBE/MD2/DES/CBC", 56,
PKCS5.subBranch(1), EncryptionAlgorithm.DES_CBC, 8 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_MD5_DES_CBC = new PBEAlgorithm(
SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC, "PBE/MD5/DES/CBC", 56,
PKCS5.subBranch(3), EncryptionAlgorithm.DES_CBC, 8 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_DES_CBC = new PBEAlgorithm(
SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC, "PBE/SHA1/DES/CBC", 56,
PKCS5.subBranch(10), EncryptionAlgorithm.DES_CBC, 8 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_RC4_128 = new PBEAlgorithm(
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
"PBE/SHA1/RC4-128", 128, PKCS12_PBE.subBranch(1),
EncryptionAlgorithm.RC4, 20 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_RC4_40 = new PBEAlgorithm(
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
"PBE/SHA1/RC4-40", 40, PKCS12_PBE.subBranch(2),
EncryptionAlgorithm.RC4, 20 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_DES3_CBC = new PBEAlgorithm(
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
"PBE/SHA1/DES3/CBC", 168, PKCS12_PBE.subBranch(3),
EncryptionAlgorithm.DES3_CBC, 20 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_RC2_128_CBC = new PBEAlgorithm(
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
"PBE/SHA1/RC2-128", 128, PKCS12_PBE.subBranch(5),
EncryptionAlgorithm.RC2_CBC, 20 );
//////////////////////////////////////////////////////////////
public static final PBEAlgorithm
PBE_SHA1_RC2_40_CBC = new PBEAlgorithm(
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
"PBE/SHA1/RC2-40", 40, PKCS12_PBE.subBranch(6),
EncryptionAlgorithm.RC2_CBC, 20 );
//////////////////////////////////////////////////////////////
// Export control code
//////////////////////////////////////////////////////////////
private static final int NUMBER_OF_ALGORITHMS = 8;
public KeyGenAlgorithm[] getAllAlgorithms( Usage usage ) {
KeyGenAlgorithm[] algs = new KeyGenAlgorithm[NUMBER_OF_ALGORITHMS];
long[] indices = getAllAlgorithmIndices( usage );
int j = 0;
for( int i = 0; i <= indices.length; i++ ) {
switch( ( int ) indices[i] ) {
case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
algs[j] = PBE_MD2_DES_CBC;
j++;
break;
case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
algs[j] = PBE_MD5_DES_CBC;
j++;
break;
case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
algs[j] = PBE_SHA1_DES_CBC;
j++;
break;
case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
algs[j] = PBE_SHA1_RC4_128;
j++;
break;
case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
algs[j] = PBE_SHA1_RC4_40;
j++;
break;
case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
algs[j] = PBE_SHA1_DES3_CBC;
j++;
break;
case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
algs[j] = PBE_SHA1_RC2_128_CBC;
j++;
break;
case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
algs[j] = PBE_SHA1_RC2_40_CBC;
j++;
break;
default:
continue;
}
}
return algs;
}
}

102
security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java Normal file
Просмотреть файл

@ -0,0 +1,102 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.security.spec.AlgorithmParameterSpec;
import com.netscape.jss.util.Password;
public class PBEKeyGenParams implements AlgorithmParameterSpec {
private Password pass;
private byte[] salt;
private int iterations;
private PBEKeyGenParams() { }
static private final int DEFAULT_SALT_LENGTH = 8;
static private final int DEFAULT_ITERATIONS = 1;
/**
* Creates PBE parameters.
*
* @param pass The password. It will be cloned, so the
* caller is still responsible for clearing it. It must not be null.
* @param salt The salt for the PBE algorithm. Will <b>not</b> be cloned.
* Must not be null. It is the responsibility of the caller to
* use the right salt length for the algorithm. Most algorithms
* use 8 bytes of salt.
* @param The iteration count for the PBE algorithm.
*/
public PBEKeyGenParams(Password pass, byte[] salt, int iterations) {
if(pass==null || salt==null) {
throw new NullPointerException();
}
this.pass = (Password) pass.clone();
this.salt = salt;
this.iterations = iterations;
}
/**
* Returns a <b>reference</b> to the password, not a copy.
*/
public Password getPassword() {
return pass;
}
/**
* Returns a <b>reference</b> to the salt.
*/
public byte[] getSalt() {
return salt;
}
/**
* Returns the iteration count.
*/
public int getIterations() {
return iterations;
}
/**
* Clears the password. This should be called when this object is no
* longer needed so the password is not left around in memory.
*/
public void clear() {
pass.clear();
}
protected void finalize() throws Throwable {
pass.clear();
}
}

39
security/jss/org/mozilla/jss/crypto/PQGParamGenException.java Normal file
Просмотреть файл

@ -0,0 +1,39 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
public class PQGParamGenException extends Exception {
public PQGParamGenException() {}
public PQGParamGenException(String msg) { super(msg); }
}

389
security/jss/org/mozilla/jss/crypto/PQGParams.c Normal file
Просмотреть файл

@ -0,0 +1,389 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
#include "_jni/com_netscape_jss_crypto_PQGParams.h"
#include <nspr.h>
#include <plarena.h>
#include <secitem.h>
#include <secoidt.h>
#include <keyt.h> /* for PQGParams */
#include <pqggen.h>
#include <jss_bigint.h>
#include <jssutil.h>
#include <jss_exceptions.h>
#include <java_ids.h>
static jobject
generate(JNIEnv *env, jclass PQGParamsClass, jint keySize, jint seedBytes);
/**********************************************************************
* P Q G P a r a m s . g e n e r a t e ( keysize )
*
*/
JNIEXPORT jobject JNICALL
Java_com_netscape_jss_crypto_PQGParams_generateNative__I
(JNIEnv *env, jclass PQGParamsClass, jint keySize)
{
return generate(env, PQGParamsClass, keySize, 0);
}
/**********************************************************************
* P Q G P a r a m s . g e n e r a t e ( keysize, seedBytes )
*
*/
JNIEXPORT jobject JNICALL
Java_com_netscape_jss_crypto_PQGParams_generateNative__II
(JNIEnv *env, jclass PQGParamsClass, jint keySize, jint seedBytes)
{
if(seedBytes < 20 || seedBytes > 255) {
JSS_throwMsg(env, INVALID_PARAMETER_EXCEPTION,
"Number of bytes in seed must be in range [20,255]");
return NULL;
}
return generate(env, PQGParamsClass, keySize, seedBytes);
}
#define ZERO_SECITEM(item) (item).data=NULL; (item).len=0;
/**********************************************************************
*
* g e n e r a t e
*
* INPUTS
* env
* The JNI environment.
* this
* Reference to a Java PQGGenerator object.
* keySize
* The size of the key, which is actually the size of P in bits.
* seedBytes
* The length of the seed in bytes, or 0 to let the algorithm
* figure it out.
* RETURNS
* A new PQGParams object.
*/
static jobject
generate(JNIEnv *env, jclass PQGParamsClass, jint keySize, jint seedBytes)
{
int keySizeIndex;
jobject newObject = NULL;
SECStatus status;
PQGParams *pParams=NULL;
PQGVerify *pVfy=NULL;
jbyteArray bytes;
jclass BigIntegerClass;
jmethodID BigIntegerConstructor;
jmethodID PQGParamsConstructor;
/*----PQG parameters and friends----*/
SECItem P; /* prime */
SECItem Q; /* subPrime */
SECItem G; /* base */
SECItem H;
SECItem seed;
unsigned int counter;
/*----Java versions of the PQG parameters----*/
jobject jP;
jobject jQ;
jobject jG;
jobject jH;
jint jcounter;
jobject jSeed;
/* basic argument validation */
PR_ASSERT(env!=NULL && PQGParamsClass!=NULL);
/* clear the SECItems so we can free them indiscriminately at the end */
ZERO_SECITEM(P);
ZERO_SECITEM(Q);
ZERO_SECITEM(G);
ZERO_SECITEM(H);
ZERO_SECITEM(seed);
/***********************************************************************
* PQG_ParamGen doesn't take a key size, it takes an index that points to
* a valid key size.
*/
keySizeIndex = PQG_PBITS_TO_INDEX(keySize);
if(keySizeIndex == -1 || keySize<512 || keySize>1024) {
JSS_throwMsg(env, INVALID_PARAMETER_EXCEPTION,
"DSA key size must be a multiple of 64 between 512 "
"and 1024, inclusive");
goto finish;
}
/***********************************************************************
* Do the actual parameter generation.
*/
if(seedBytes == 0) {
status = PQG_ParamGen(keySizeIndex, &pParams, &pVfy);
} else {
status = PQG_ParamGenSeedLen(keySizeIndex, seedBytes, &pParams, &pVfy);
}
if(status != SECSuccess) {
JSS_throw(env, PQG_PARAM_GEN_EXCEPTION);
goto finish;
}
/**********************************************************************
* NOTE: the new PQG parameters will be verified at the Java level.
*/
/**********************************************************************
* Get ready for the BigIntegers
*/
BigIntegerClass = (*env)->FindClass(env, BIG_INTEGER_CLASS_NAME);
if(BigIntegerClass == NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
BigIntegerConstructor = (*env)->GetMethodID(env,
BigIntegerClass,
BIG_INTEGER_CONSTRUCTOR_NAME,
BIG_INTEGER_CONSTRUCTOR_SIG);
if(BigIntegerConstructor == NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/***********************************************************************
* Convert the parameters to Java types.
*/
if( PQG_GetPrimeFromParams( pParams, &P) ||
PQG_GetSubPrimeFromParams( pParams, &Q) ||
PQG_GetBaseFromParams( pParams, &G) ||
PQG_GetHFromVerify( pVfy, &H) ||
PQG_GetSeedFromVerify( pVfy, &seed) )
{
JSS_throw(env, PQG_PARAM_GEN_EXCEPTION);
goto finish;
}
counter = PQG_GetCounterFromVerify(pVfy);
/*
* construct P
*/
bytes = JSS_OctetStringToByteArray(env, &P);
if(bytes==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
jP = (*env)->NewObject(env, BigIntegerClass, BigIntegerConstructor, bytes);
if(jP==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/*
* construct Q
*/
bytes = JSS_OctetStringToByteArray(env, &Q);
if(bytes==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
jQ = (*env)->NewObject(env, BigIntegerClass, BigIntegerConstructor, bytes);
if(jQ==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/*
* construct G
*/
bytes = JSS_OctetStringToByteArray(env, &G);
if(bytes==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
jG = (*env)->NewObject(env, BigIntegerClass, BigIntegerConstructor, bytes);
if(jG==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/*
* construct seed
*/
bytes = JSS_OctetStringToByteArray(env, &seed);
if(bytes==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
jSeed = (*env)->NewObject(env, BigIntegerClass, BigIntegerConstructor,
bytes);
if(jSeed==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/*
* construct H
*/
bytes = JSS_OctetStringToByteArray(env, &H);
if(bytes==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
jH = (*env)->NewObject(env, BigIntegerClass, BigIntegerConstructor, bytes);
if(jH==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
/*
* construct counter
*/
jcounter = counter;
/**********************************************************************
* Construct the PQGParams object
*/
PQGParamsConstructor = (*env)->GetMethodID(
env,
PQGParamsClass,
PQG_PARAMS_CONSTRUCTOR_NAME,
PQG_PARAMS_CONSTRUCTOR_SIG);
if(PQGParamsConstructor==NULL) {
ASSERT_OUTOFMEM(env);
goto finish;
}
newObject = (*env)->NewObject( env,
PQGParamsClass,
PQGParamsConstructor,
jP,
jQ,
jG,
jSeed,
jcounter,
jH);
finish:
if(pParams!=NULL) {
PQG_DestroyParams(pParams);
}
if(pVfy!=NULL) {
PQG_DestroyVerify(pVfy);
}
SECITEM_FreeItem(&P, PR_FALSE /*don't free P itself*/);
SECITEM_FreeItem(&Q, PR_FALSE);
SECITEM_FreeItem(&G, PR_FALSE);
SECITEM_FreeItem(&H, PR_FALSE);
SECITEM_FreeItem(&seed, PR_FALSE);
return newObject;
}
/**********************************************************************
*
* P Q G P a r a m s . p a r a m s A r e V a l i d
*
*/
JNIEXPORT jboolean JNICALL
Java_com_netscape_jss_crypto_PQGParams_paramsAreValidNative
(JNIEnv *env, jobject this, jbyteArray jP, jbyteArray jQ, jbyteArray jG,
jbyteArray jSeed, jint jCounter, jbyteArray jH)
{
jboolean valid=JNI_FALSE;
PQGParams *pParams=NULL;
PQGVerify *pVfy=NULL;
SECStatus verifyResult;
/*---PQG and verification params in C---*/
SECItem P;
SECItem Q;
SECItem G;
SECItem seed;
SECItem H;
unsigned int counter;
PR_ASSERT(env!=NULL && this!=NULL);
/* clear the secitems so we can free them indiscriminately later */
ZERO_SECITEM(P);
ZERO_SECITEM(Q);
ZERO_SECITEM(G);
ZERO_SECITEM(seed);
ZERO_SECITEM(H);
/**********************************************************************
* Extract the Java parameters
*/
if( JSS_ByteArrayToOctetString(env, jP, &P) ||
JSS_ByteArrayToOctetString(env, jQ, &Q) ||
JSS_ByteArrayToOctetString(env, jG, &G) ||
JSS_ByteArrayToOctetString(env, jSeed, &seed) ||
JSS_ByteArrayToOctetString(env, jH, &H) )
{
goto finish;
}
counter = jCounter;
/***********************************************************************
* Construct PQGParams and PQGVerify structures.
*/
pParams = PQG_NewParams(&P, &Q, &G);
pVfy = PQG_NewVerify(counter, &seed, &H);
if(pParams==NULL || pVfy==NULL) {
JSS_throw(env, OUT_OF_MEMORY_ERROR);
goto finish;
}
/***********************************************************************
* Perform the verification.
*/
if( PQG_VerifyParams(pParams, pVfy, &verifyResult) != PR_SUCCESS) {
JSS_throw(env, OUT_OF_MEMORY_ERROR);
goto finish;
}
if(verifyResult == SECSuccess) {
valid = JNI_TRUE;
}
finish:
SECITEM_FreeItem(&P, PR_FALSE /*don't free P itself*/);
SECITEM_FreeItem(&Q, PR_FALSE);
SECITEM_FreeItem(&G, PR_FALSE);
SECITEM_FreeItem(&seed, PR_FALSE);
SECITEM_FreeItem(&H, PR_FALSE);
PQG_DestroyParams(pParams);
PQG_DestroyVerify(pVfy);
return valid;
}

243
security/jss/org/mozilla/jss/crypto/PQGParams.java Normal file
Просмотреть файл

@ -0,0 +1,243 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import java.math.BigInteger;
import java.security.spec.DSAParameterSpec;
import com.netscape.jss.util.Assert;
/**
* PQG parameters for DSA key generation, along with the seed, counter,
* and H values for verification.
* <p>This class has two main purposes:
* generating PQG parameters and verifying PQG parameters. To generate
* PQG parameters, call one of the static <code>generate</code> methods.
* They will return a new set of PQG paramters. To verify existing PQG
* parameters, create a new <code>PQGParams</code> object with the
* constructor and call <code>paramsAreValid</code> on the object.
*
* <p>It is necessary to call <code>CryptoManager.initialize</code> before
* using this class.
*
*/
public class PQGParams extends DSAParameterSpec {
/**
* Creates a PQGParams object from a set of pre-computed DSA
* parameters.
*
* @param P The DSA prime parameter.
* @param Q The DSA sub-prime parameter.
* @param G The DSA base parameter.
* @param seed The Seed used to calculate P, Q, and G.
* @param counter The Counter (C) used to calculate P, Q, and G.
* @param H The H value used to generate P, Q, and G.
*/
public PQGParams(BigInteger P, BigInteger Q, BigInteger G,
BigInteger seed, int counter, BigInteger H)
{
super(P, Q, G);
this.seed = seed;
this.counter = counter;
this.H = H;
}
/**
* Generates P, Q, and G parameters for DSA key generation. Also
* provides the seed, counter, and H values for verification of the
* P, Q, and G. The parameters are generated and then verified
* before being returned. The length of the Seed will equal the
* length of P.
*
* It is necessary to call one of the
* <code>CryptoManager.initialize</code> functions before calling
* this method.
*
* @param keySize The size of P in bits. Keys generated by these P,
* Q, and G values will have this length. Valid key sizes
* are multiples of 64 in the closed interval [512,1024].
* This also dictates the length of H and Seed.
* @return A new set of P, Q, and G parameters, along with the Seed,
* Counter, and H values used to generate them.
* @exception java.security.InvalidParameterException If the keySize
* is outside the bounds described by the DSA key pair
* generation algorithm.
* @exception com.netscape.jss.crypto.PQGParamGenException If an error
* occurs during the generation process.
* @see com.netscape.jss.CryptoManager#initialize
*/
public static PQGParams
generate(int keySize)
throws java.security.InvalidParameterException,
PQGParamGenException
{
PQGParams pqg = generateNative(keySize);
if( ! pqg.paramsAreValid() ) {
throw new PQGParamGenException(
"Generated parameters did not verify correctly");
}
return pqg;
}
/**
* Does the actual work of generation, but does not verify.
*/
private static native PQGParams
generateNative(int keySize)
throws java.security.InvalidParameterException,
PQGParamGenException;
/**
* Generates P, Q, and G parameters for DSA key generation. Also
* provides the seed, counter, and H values for verification of the
* P, Q, and G. The parameters are generated and then verified
* before being returned.
*
* It is necessary to call one of the
* <code>CryptoManager.initialize</code> functions before calling
* this method.
*
* @param keySize The size of P in bits. Keys generated by these P,
* Q, and G values will have this length. Valid key sizes
* are multiples of 64 in the closed interval [512,1024].
* This also dictates the length of H.
* @param seedBytes The number of bytes in the Seed value used to
* generate P, Q, and G. <code>seedBytes</code> must be
* from the closed interval [20,255].
* @return A new set of P, Q, and G parameters, along with the Seed,
* Counter, and H values used to generate them.
* @exception java.security.InvalidParameterException If the keySize
* or number of seed bytes is outside the bounds described by the
* DSA key pair generation algorithm.
* @exception com.netscape.jss.crypto.PQGParamGenException If an error
* occurs during the generation process.
* @see com.netscape.jss.CryptoManager#initialize
*/
public static PQGParams
generate(int keySize, int seedBytes)
throws java.security.InvalidParameterException,
PQGParamGenException
{
PQGParams pqg = generateNative(keySize, seedBytes);
if( ! pqg.paramsAreValid() ) {
throw new PQGParamGenException(
"Generated parameters did not verify correctly");
}
return pqg;
}
/**
* Does the actual work of generation, but does not verify.
*/
private static native PQGParams
generateNative(int keySize, int seedBytes)
throws java.security.InvalidParameterException,
PQGParamGenException;
/**
* Produces an unsigned byte-array representation of a BigInteger.
*
* <p>BigInteger adds an extra sign bit to the beginning of its byte
* array representation. In some cases this will cause the size
* of the byte array to increase, which may be unacceptable for some
* applications. This function returns a minimal byte array representing
* the BigInteger without extra sign bits.
*
* @return An unsigned, big-endian byte array representation
* of a BigInteger.
*/
public static byte[] BigIntegerToUnsignedByteArray(BigInteger big) {
byte[] ret;
// big must not be negative
Assert.assert(big.signum() != -1);
// bitLength is the size of the data without the sign bit. If
// it exactly fills an integral number of bytes, that means a whole
// new byte will have to be added to accomodate the sign bit. In
// this case we need to remove the first byte.
if(big.bitLength() % 8 == 0) {
byte[] array = big.toByteArray();
// The first byte should just be sign bits
Assert.assert( array[0] == 0 );
ret = new byte[array.length-1];
System.arraycopy(array, 1, ret, 0, ret.length);
} else {
ret = big.toByteArray();
}
return ret;
}
/**
* Verifies the PQG parameters using the seed, counter, and H values.
* @return true if the parameters verified correctly, false if they
* did not verify.
*/
public boolean paramsAreValid() {
return paramsAreValidNative(BigIntegerToUnsignedByteArray( getP() ),
BigIntegerToUnsignedByteArray( getQ() ),
BigIntegerToUnsignedByteArray( getG() ),
BigIntegerToUnsignedByteArray( seed ),
counter,
BigIntegerToUnsignedByteArray( H ));
}
private native boolean paramsAreValidNative(byte[] P, byte[] Q, byte[]G,
byte[] seed, int counter, byte[] H);
/**
* @return The Seed used to generate P, Q, and G.
*/
public BigInteger getSeed() {
return seed;
}
/**
* @return The Counter (C) used to generate P, Q, and G.
*/
public int getCounter() {
return counter;
}
/**
* @return The H value used to generate P, Q, and G.
*/
public BigInteger getH() {
return H;
}
private BigInteger seed;
private int counter;
private BigInteger H;
}

120
security/jss/org/mozilla/jss/crypto/PrivateKey.java Normal file
Просмотреть файл

@ -0,0 +1,120 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package com.netscape.jss.crypto;
import com.netscape.jss.asn1.OBJECT_IDENTIFIER;
import java.util.Hashtable;
import com.netscape.jss.util.Assert;
import java.security.NoSuchAlgorithmException;
/**
* Private Keys used by JSS. All the private keys handled by JSS are
* of this type, which is a subtype of java.security.PrivateKey.
*/
public interface PrivateKey extends java.security.PrivateKey
{
public static final Type RSA = Type.RSA;
public static final Type DSA = Type.DSA;
/**
* Returns the type (RSA or DSA) of this private key.
*/
public Type getType();
/**
* Returns the unique ID of this key. Unique IDs can be used to match
* certificates to keys.
*
* @see com.netscape.jss.crypto.TokenCertificate#getUniqueID
*/
public byte[] getUniqueID() throws TokenException;
/**
* Returns the size, in bits, of the modulus of an RSA key.
* Returns -1 for other types of keys.
*/
public int getStrength();
/**
* Returns the CryptoToken that owns this private key. Cryptographic
* operations with this key may only be performed on the token that
* owns the key.
*/
public CryptoToken getOwningToken();
public static final class Type {
private OBJECT_IDENTIFIER oid;
private String name;
private Type() { }
private Type(OBJECT_IDENTIFIER oid, String name) {
this.oid = oid;
this.name = name;
Object old = oidMap.put(oid, this);
Assert.assert( old == null );
}
private static Hashtable oidMap = new Hashtable();
public static Type fromOID(OBJECT_IDENTIFIER oid)
throws NoSuchAlgorithmException
{
Object obj = oidMap.get(oid);
if( obj == null ) {
throw new NoSuchAlgorithmException();
}
return (Type) obj;
}
/**
* Returns a string representation of the algorithm, such as
* "RSA" or "DSA".
*/
public String toString() {
return name;
}
public OBJECT_IDENTIFIER toOID() {
return oid;
}
public static final Type RSA = new Type(
OBJECT_IDENTIFIER.PKCS1.subBranch(1), "RSA" );
public static final Type DSA = new Type(
Algorithm.ANSI_X9_ALGORITHM.subBranch(1), "DSA" );
}
}

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше