mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 19:35:51 +00:00
landing DJN_MEKAB_WORK_BRANCH
This commit is contained in:
nicolson%netscape.com
parent
0a650ab098
commit
f8a8f075f6
@ -87,3 +87,4 @@ LINK_DLL += -LIBPATH:$(JAVA_HOME)/$(JAVA_LIBDIR)
|
||||
LINK_DLL += $(foreach file,$(LD_LIBS),-DEFAULTLIB:"$(notdir $(file))")
|
||||
endif
|
||||
|
||||
CFLAGS += -I$(JAVA_HOME)/include
|
||||
|
||||
@ -225,3 +225,10 @@ Java_org_mozilla_jss_ssl_SSLServerSocket_getReuseAddress;
|
||||
;+ local:
|
||||
;+ *;
|
||||
;+};
|
||||
;+JSS_3.2 { # JSS 3.2 release
|
||||
;+ global:
|
||||
Java_org_mozilla_jss_crypto_SecretDecoderRing_encrypt;
|
||||
Java_org_mozilla_jss_crypto_SecretDecoderRing_decrypt;
|
||||
;+ local:
|
||||
;+ *;
|
||||
;+};
|
||||
|
||||
@ -43,6 +43,4 @@ DIRS = org \
|
||||
lib \
|
||||
$(NULL)
|
||||
|
||||
PACKAGE_DIR = _TOP
|
||||
|
||||
RELEASE = jss
|
||||
|
||||
@ -84,6 +84,10 @@ public class INTEGER extends BigInteger implements ASN1Value {
|
||||
public INTEGER(long val) {
|
||||
super( BigInteger.valueOf(val).toByteArray() );
|
||||
}
|
||||
|
||||
public INTEGER(BigInteger bi) {
|
||||
super( bi.toByteArray() );
|
||||
}
|
||||
|
||||
public static final Tag TAG = new Tag(Tag.Class.UNIVERSAL, 2);
|
||||
public Tag getTag() {
|
||||
|
||||
@ -37,7 +37,9 @@ package org.mozilla.jss.crypto;
|
||||
* An exception of this type is thrown if an encoded private key
|
||||
* cannot be decoded.
|
||||
*/
|
||||
public class InvalidKeyFormatException extends Exception {
|
||||
public class InvalidKeyFormatException
|
||||
extends java.security.spec.InvalidKeySpecException
|
||||
{
|
||||
public InvalidKeyFormatException() {
|
||||
super();
|
||||
}
|
||||
|
||||
@ -33,6 +33,9 @@
|
||||
|
||||
package org.mozilla.jss.crypto;
|
||||
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Hashtable;
|
||||
|
||||
/**
|
||||
* Algorithms that can be used for keypair generation.
|
||||
*/
|
||||
@ -41,6 +44,7 @@ public class KeyPairAlgorithm extends Algorithm {
|
||||
protected KeyPairAlgorithm(int oidIndex, String name, Algorithm algFamily) {
|
||||
super(oidIndex, name);
|
||||
this.algFamily = algFamily;
|
||||
nameMap.put(name, this);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -56,6 +60,25 @@ public class KeyPairAlgorithm extends Algorithm {
|
||||
return algFamily;
|
||||
}
|
||||
|
||||
private static Hashtable nameMap = new Hashtable();
|
||||
|
||||
/**
|
||||
* Looks up a key pair generation algorithm from its name. The names
|
||||
* are those specified in the JCA spec. For example, "RSA" and "DSA".
|
||||
*
|
||||
* @throws NoSuchAlgorithmException If the name of the algorithm is not
|
||||
* recognized as a supported algorithm.
|
||||
*/
|
||||
public static KeyPairAlgorithm fromString(String algName)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
KeyPairAlgorithm alg = (KeyPairAlgorithm)nameMap.get(algName);
|
||||
if( alg == null ) {
|
||||
throw new NoSuchAlgorithmException();
|
||||
}
|
||||
return alg;
|
||||
}
|
||||
|
||||
protected Algorithm algFamily;
|
||||
|
||||
////////////////////////////////////////////////////////////////
|
||||
|
||||
@ -47,6 +47,7 @@ public interface PrivateKey extends java.security.PrivateKey
|
||||
|
||||
public static final Type RSA = Type.RSA;
|
||||
public static final Type DSA = Type.DSA;
|
||||
public static final Type DiffieHellman = Type.DiffieHellman;
|
||||
|
||||
/**
|
||||
* Returns the type (RSA or DSA) of this private key.
|
||||
@ -81,13 +82,15 @@ public interface PrivateKey extends java.security.PrivateKey
|
||||
public static final class Type {
|
||||
private OBJECT_IDENTIFIER oid;
|
||||
private String name;
|
||||
private int pkcs11Type;
|
||||
|
||||
private Type() { }
|
||||
|
||||
private Type(OBJECT_IDENTIFIER oid, String name) {
|
||||
private Type(OBJECT_IDENTIFIER oid, String name, int pkcs11Type) {
|
||||
this.oid = oid;
|
||||
this.name = name;
|
||||
Object old = oidMap.put(oid, this);
|
||||
this.pkcs11Type = pkcs11Type;
|
||||
Assert.assert( old == null );
|
||||
}
|
||||
|
||||
@ -115,10 +118,26 @@ public interface PrivateKey extends java.security.PrivateKey
|
||||
public OBJECT_IDENTIFIER toOID() {
|
||||
return oid;
|
||||
}
|
||||
|
||||
public int getPKCS11Type() {
|
||||
return pkcs11Type;
|
||||
}
|
||||
|
||||
// OID for DiffieHellman, from RFC 2459 7.3.2.
|
||||
public static OBJECT_IDENTIFIER DH_OID =
|
||||
new OBJECT_IDENTIFIER( new long[] {1, 2, 840, 10046, 2, 1} );
|
||||
|
||||
// From PKCS #11
|
||||
private static int CKK_RSA = 0x0;
|
||||
private static int CKK_DSA = 0x1;
|
||||
private static int CKK_DH = 0x2;
|
||||
|
||||
public static final Type RSA = new Type(
|
||||
OBJECT_IDENTIFIER.PKCS1.subBranch(1), "RSA" );
|
||||
OBJECT_IDENTIFIER.PKCS1.subBranch(1), "RSA", CKK_RSA );
|
||||
public static final Type DSA = new Type(
|
||||
Algorithm.ANSI_X9_ALGORITHM.subBranch(1), "DSA" );
|
||||
Algorithm.ANSI_X9_ALGORITHM.subBranch(1), "DSA", CKK_DSA);
|
||||
public static final Type DiffieHellman = new Type(
|
||||
DH_OID, "DiffieHellman", CKK_DH );
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -42,4 +42,7 @@ package org.mozilla.jss.crypto;
|
||||
public interface TokenSupplier {
|
||||
public CryptoToken getInternalCryptoToken();
|
||||
public JSSSecureRandom getSecureRNG();
|
||||
|
||||
public CryptoToken getThreadToken();
|
||||
public void setThreadToken(CryptoToken token);
|
||||
}
|
||||
|
||||
@ -41,119 +41,13 @@ REQUIRES = nspr20 security
|
||||
|
||||
PACKAGE = org/mozilla/jss/crypto
|
||||
|
||||
JNI_GEN = \
|
||||
org.mozilla.jss.crypto.Algorithm \
|
||||
org.mozilla.jss.crypto.EncryptionAlgorithm \
|
||||
org.mozilla.jss.crypto.PQGParams \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_EXPORTS = \
|
||||
Algorithm.h \
|
||||
$(NULL)
|
||||
|
||||
CLASSES = \
|
||||
Algorithm \
|
||||
AlreadyInitializedException \
|
||||
BadPaddingException \
|
||||
Cipher \
|
||||
CryptoStore \
|
||||
CryptoToken \
|
||||
DigestAlgorithm \
|
||||
EncryptionAlgorithm \
|
||||
HMACAlgorithm \
|
||||
IllegalBlockSizeException \
|
||||
InvalidDERException \
|
||||
InvalidKeyFormatException \
|
||||
InternalCertificate \
|
||||
IVParameterSpec \
|
||||
KeyAlreadyImportedException \
|
||||
KeyGenAlgorithm \
|
||||
KeyGenerator \
|
||||
KeyPairAlgorithm \
|
||||
KeyPairGenerator \
|
||||
KeyPairGeneratorSpi \
|
||||
KeyWrapAlgorithm \
|
||||
KeyWrapper \
|
||||
JSSMessageDigest \
|
||||
NoSuchItemOnTokenException \
|
||||
NoSuchPaddingException \
|
||||
ObjectNotFoundException \
|
||||
PBEAlgorithm \
|
||||
PBEKeyGenParams \
|
||||
PrivateKey \
|
||||
PQGParams \
|
||||
PQGParamGenException \
|
||||
RSAParameterSpec \
|
||||
JSSSecureRandom \
|
||||
ShortBufferException \
|
||||
Signature \
|
||||
SignatureSpi \
|
||||
SignatureAlgorithm \
|
||||
SymmetricKey \
|
||||
TokenCertificate \
|
||||
TokenException \
|
||||
TokenSupplier \
|
||||
TokenSupplierManager \
|
||||
Tunnel \
|
||||
X509Certificate \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_CLASSES = \
|
||||
$(NULL)
|
||||
|
||||
JSRCS = \
|
||||
Algorithm.java \
|
||||
AlreadyInitializedException.java \
|
||||
BadPaddingException.java \
|
||||
Cipher.java \
|
||||
CryptoStore.java \
|
||||
CryptoToken.java \
|
||||
DigestAlgorithm.java \
|
||||
EncryptionAlgorithm.java \
|
||||
HMACAlgorithm.java \
|
||||
IllegalBlockSizeException.java \
|
||||
InvalidDERException.java \
|
||||
InvalidKeyFormatException.java \
|
||||
InternalCertificate.java \
|
||||
IVParameterSpec.java \
|
||||
KeyAlreadyImportedException.java \
|
||||
KeyGenAlgorithm.java \
|
||||
KeyGenerator.java \
|
||||
KeyPairAlgorithm.java \
|
||||
KeyPairGenerator.java \
|
||||
KeyPairGeneratorSpi.java \
|
||||
KeyWrapAlgorithm.java \
|
||||
KeyWrapper.java \
|
||||
JSSMessageDigest.java \
|
||||
NoSuchItemOnTokenException.java \
|
||||
NoSuchPaddingException.java \
|
||||
ObjectNotFoundException.java \
|
||||
PBEAlgorithm.java \
|
||||
PBEKeyGenParams.java \
|
||||
PrivateKey.java \
|
||||
PQGParams.java \
|
||||
PQGParamGenException.java \
|
||||
RSAParameterSpec.java \
|
||||
JSSSecureRandom.java \
|
||||
ShortBufferException.java \
|
||||
Signature.java \
|
||||
SignatureAlgorithm.java \
|
||||
SignatureSpi.java \
|
||||
SymmetricKey.java \
|
||||
TokenCertificate.java \
|
||||
TokenException.java \
|
||||
Tunnel.java \
|
||||
TokenSupplier.java \
|
||||
TokenSupplierManager.java \
|
||||
X509Certificate.java \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_JSRCS = \
|
||||
$(NULL)
|
||||
|
||||
|
||||
CSRCS = Algorithm.c \
|
||||
CSRCS = Algorithm.c \
|
||||
PQGParams.c \
|
||||
SecretDecoderRing.c \
|
||||
$(NULL)
|
||||
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ import org.mozilla.jss.CRLImportException;
|
||||
* Initialization is done with static methods, and must be done before
|
||||
* an instance can be created. All other operations are done with instance
|
||||
* methods.
|
||||
* @version $Revision: 1.9 $ $Date: 2001/09/12 18:55:03 $
|
||||
* @version $Revision: 1.10 $ $Date: 2002/01/08 20:10:48 $
|
||||
*/
|
||||
public final class CryptoManager implements TokenSupplier
|
||||
{
|
||||
@ -792,7 +792,7 @@ public final class CryptoManager implements TokenSupplier
|
||||
}
|
||||
if( values.installJSSProvider ) {
|
||||
int position = java.security.Security.insertProviderAt(
|
||||
new org.mozilla.jss.provider.Provider(),
|
||||
new JSSProvider(),
|
||||
1);
|
||||
if(position==-1) {
|
||||
Debug.trace(Debug.ERROR,
|
||||
@ -1222,14 +1222,6 @@ public final class CryptoManager implements TokenSupplier
|
||||
return new PK11SecureRandom();
|
||||
}
|
||||
|
||||
// Policy Type indices. These must be kept in sync with the
|
||||
// policy type array in CryptoManager.c.
|
||||
public static final int NULL_POLICY=0;
|
||||
public static final int DOMESTIC_POLICY=1;
|
||||
public static final int EXPORT_POLICY=2;
|
||||
public static final int FRANCE_POLICY=3;
|
||||
|
||||
|
||||
/********************************************************************/
|
||||
/* The following VERSION Strings should be updated in the following */
|
||||
/* files everytime a new release of JSS is generated: */
|
||||
@ -1277,4 +1269,48 @@ public final class CryptoManager implements TokenSupplier
|
||||
}
|
||||
static private boolean mNativeLibrariesLoaded = false;
|
||||
|
||||
// Hashtable is synchronized.
|
||||
private Hashtable perThreadTokenTable = new Hashtable();
|
||||
|
||||
/**
|
||||
* Sets the default token for the current thread. This token will
|
||||
* be used when JSS is called through the JCA interface, which has
|
||||
* no means of specifying which token to use.
|
||||
*
|
||||
* <p>If no token is set, the InternalCryptoToken will be used. Setting
|
||||
* this thread's token to <tt>null</tt> will also cause the
|
||||
* InternalCryptoToken to be used.
|
||||
*
|
||||
* @param The token to use for crypto operations. Specifying <tt>null</tt>
|
||||
* will cause the InternalCryptoToken to be used.
|
||||
*/
|
||||
public void setThreadToken(CryptoToken token) {
|
||||
if( token != null ) {
|
||||
perThreadTokenTable.put(Thread.currentThread(), token);
|
||||
} else {
|
||||
perThreadTokenTable.remove(Thread.currentThread());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the default token for the current thread. This token will
|
||||
* be used when JSS is called through the JCA interface, which has
|
||||
* no means of specifying which token to use.
|
||||
*
|
||||
* <p>If no token is set, the InternalCryptoToken will be used. Setting
|
||||
* this thread's token to <tt>null</tt> will also cause the
|
||||
* InternalCryptoToken to be used.
|
||||
*
|
||||
* @return The default token for this thread. If it has not been specified,
|
||||
* it will be the InternalCryptoToken.
|
||||
*/
|
||||
public CryptoToken getThreadToken() {
|
||||
CryptoToken tok =
|
||||
(CryptoToken) perThreadTokenTable.get(Thread.currentThread());
|
||||
if( tok == null ) {
|
||||
tok = getInternalCryptoToken();
|
||||
}
|
||||
return tok;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -42,7 +42,8 @@ public class JSSProvider extends java.security.Provider {
|
||||
// Signature
|
||||
/////////////////////////////////////////////////////////////
|
||||
|
||||
put("Signature.SHA1withDSA", "org.mozilla.jss.provider.DSASignature");
|
||||
put("Signature.SHA1withDSA",
|
||||
"org.mozilla.jss.provider.java.security.DSASignatureSpi");
|
||||
|
||||
put("Alg.Alias.Signature.DSA", "SHA1withDSA");
|
||||
put("Alg.Alias.Signature.DSS", "SHA1withDSA");
|
||||
@ -52,10 +53,12 @@ public class JSSProvider extends java.security.Provider {
|
||||
put("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
|
||||
put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA");
|
||||
|
||||
put("Signature.MD5/RSA", "org.mozilla.jss.provider.MD5RSASignature");
|
||||
put("Signature.MD2/RSA", "org.mozilla.jss.provider.MD2RSASignature");
|
||||
put("Signature.MD5/RSA",
|
||||
"org.mozilla.jss.provider.java.security.MD5RSASignatureSpi");
|
||||
put("Signature.MD2/RSA",
|
||||
"org.mozilla.jss.provider.java.security.MD2RSASignatureSpi");
|
||||
put("Signature.SHA-1/RSA",
|
||||
"org.mozilla.jss.provider.SHA1RSASignature");
|
||||
"org.mozilla.jss.provider.java.security.SHA1RSASignatureSpi");
|
||||
|
||||
put("Alg.Alias.Signature.SHA1/RSA", "SHA-1/RSA");
|
||||
|
||||
@ -64,11 +67,11 @@ public class JSSProvider extends java.security.Provider {
|
||||
/////////////////////////////////////////////////////////////
|
||||
|
||||
put("MessageDigest.SHA-1",
|
||||
"org.mozilla.jss.provider.SHA1MessageDigest");
|
||||
"org.mozilla.jss.provider.java.security.SHA1MessageDigestSpi");
|
||||
put("MessageDigest.MD2",
|
||||
"org.mozilla.jss.provider.MD2MessageDigest");
|
||||
"org.mozilla.jss.provider.java.security.MD2MessageDigestSpi");
|
||||
put("MessageDigest.MD5",
|
||||
"org.mozilla.jss.provider.MD5MessageDigest");
|
||||
"org.mozilla.jss.provider.java.security.MD5MessageDigestSpi");
|
||||
|
||||
put("Alg.Alias.MessageDigest.SHA1", "SHA-1");
|
||||
put("Alg.Alias.MessageDigest.SHA", "SHA-1");
|
||||
|
||||
@ -40,29 +40,6 @@ REQUIRES = nspr20 security
|
||||
|
||||
PACKAGE = org/mozilla/jss
|
||||
|
||||
JNI_GEN = \
|
||||
org.mozilla.jss.DatabaseCloser \
|
||||
org.mozilla.jss.CryptoManager \
|
||||
$(NULL)
|
||||
|
||||
CLASSES = \
|
||||
CertDatabaseException \
|
||||
CRLImportException \
|
||||
CryptoManager \
|
||||
KeyDatabaseException \
|
||||
NoSuchTokenException \
|
||||
DatabaseCloser \
|
||||
$(NULL)
|
||||
|
||||
JSRCS = \
|
||||
CertDatabaseException.java \
|
||||
CRLImportException.java \
|
||||
CryptoManager.java \
|
||||
KeyDatabaseException.java \
|
||||
NoSuchTokenException.java \
|
||||
DatabaseCloser.java \
|
||||
$(NULL)
|
||||
|
||||
CSRCS = \
|
||||
CryptoManager.c \
|
||||
PK11Finder.c \
|
||||
|
||||
@ -36,18 +36,9 @@ CORE_DEPTH = ../../../..
|
||||
MODULE = jss
|
||||
|
||||
DIRS = \
|
||||
policy \
|
||||
util \
|
||||
asn1 \
|
||||
crypto \
|
||||
pkcs11 \
|
||||
provider \
|
||||
manage \
|
||||
pkix/primitive \
|
||||
pkcs10 \
|
||||
pkix \
|
||||
pkcs7 \
|
||||
pkcs12 \
|
||||
ssl \
|
||||
tests \
|
||||
$(NULL)
|
||||
|
||||
@ -59,6 +59,7 @@ abstract class PK11Key {
|
||||
*/
|
||||
public byte[] getEncoded() {
|
||||
Assert.notYetImplemented("PK11Key.getEncoded");
|
||||
// !!!
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -68,6 +69,7 @@ abstract class PK11Key {
|
||||
*/
|
||||
public String getFormat() {
|
||||
Assert.notYetImplemented("PK11Key.getFormat");
|
||||
// !!!
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@ -469,3 +469,91 @@ JSS_PK11_getKeyType(JNIEnv *env, jobject keyTypeObj)
|
||||
finish:
|
||||
return nullKey;
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
* importPrivateKey
|
||||
*/
|
||||
JNIEXPORT jobject JNICALL
|
||||
Java_org_mozilla_jss_pkcs11_PK11PrivKey_fromPrivateKeyInfo
|
||||
( JNIEnv *env,
|
||||
jclass clazz,
|
||||
jbyteArray keyArray,
|
||||
jobject tokenObj
|
||||
)
|
||||
{
|
||||
SECItem derPK;
|
||||
jthrowable excep;
|
||||
SECStatus status;
|
||||
SECItem nickname;
|
||||
jobject keyObj = NULL;
|
||||
SECKEYPrivateKey* privk = NULL;
|
||||
PK11SlotInfo *slot = NULL;
|
||||
|
||||
/*
|
||||
* initialize so we can goto finish
|
||||
*/
|
||||
derPK.data = NULL;
|
||||
derPK.len = 0;
|
||||
|
||||
|
||||
PR_ASSERT(env!=NULL && clazz!=NULL);
|
||||
|
||||
if(keyArray == NULL) {
|
||||
JSS_throw(env, NULL_POINTER_EXCEPTION);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
* copy the java byte array into a local copy
|
||||
*/
|
||||
derPK.len = (*env)->GetArrayLength(env, keyArray);
|
||||
if(derPK.len <= 0) {
|
||||
JSS_throwMsg(env, INVALID_KEY_FORMAT_EXCEPTION, "Key array is empty");
|
||||
goto finish;
|
||||
}
|
||||
derPK.data = (unsigned char*)
|
||||
(*env)->GetByteArrayElements(env, keyArray, NULL);
|
||||
if(derPK.data == NULL) {
|
||||
ASSERT_OUTOFMEM(env);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
* get the slot
|
||||
*/
|
||||
if( JSS_PK11_getTokenSlotPtr(env, tokenObj, &slot) != PR_SUCCESS) {
|
||||
PR_ASSERT( (*env)->ExceptionOccurred(env) != NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
nickname.len = 0;
|
||||
nickname.data = NULL;
|
||||
|
||||
status = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, &derPK, &nickname,
|
||||
NULL /*public value*/, PR_FALSE /*isPerm*/,
|
||||
PR_TRUE /*isPrivate*/, 0 /*keyUsage*/, &privk, NULL /*wincx*/);
|
||||
if(status != SECSuccess) {
|
||||
JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to import private key info");
|
||||
goto finish;
|
||||
}
|
||||
|
||||
PR_ASSERT(privk != NULL);
|
||||
keyObj = JSS_PK11_wrapPrivKey(env, &privk);
|
||||
|
||||
finish:
|
||||
/* Save any exceptions */
|
||||
if( (excep=(*env)->ExceptionOccurred(env)) ) {
|
||||
(*env)->ExceptionClear(env);
|
||||
}
|
||||
if(derPK.data != NULL) {
|
||||
(*env)->ReleaseByteArrayElements( env,
|
||||
keyArray,
|
||||
(jbyte*) derPK.data,
|
||||
JNI_ABORT );
|
||||
}
|
||||
/* now re-throw the exception */
|
||||
if( excep ) {
|
||||
(*env)->Throw(env, excep);
|
||||
}
|
||||
return keyObj;
|
||||
}
|
||||
|
||||
@ -37,11 +37,14 @@ import org.mozilla.jss.crypto.Algorithm;
|
||||
import org.mozilla.jss.crypto.PrivateKey;
|
||||
import org.mozilla.jss.crypto.CryptoToken;
|
||||
import org.mozilla.jss.crypto.TokenException;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import org.mozilla.jss.util.*;
|
||||
|
||||
final class PK11PrivKey extends org.mozilla.jss.pkcs11.PK11Key
|
||||
public class PK11PrivKey extends org.mozilla.jss.pkcs11.PK11Key
|
||||
implements PrivateKey {
|
||||
|
||||
private PK11PrivKey() { }
|
||||
|
||||
protected PK11PrivKey(byte[] pointer) {
|
||||
Assert.assert(pointer!=null);
|
||||
keyProxy = new PrivateKeyProxy(pointer);
|
||||
@ -80,6 +83,29 @@ final class PK11PrivKey extends org.mozilla.jss.pkcs11.PK11Key
|
||||
* Returns -1 for other types of keys.
|
||||
*/
|
||||
public native int getStrength();
|
||||
|
||||
/**
|
||||
* Imports a PrivateKeyInfo, storing it as a temporary PrivateKey
|
||||
* on the given token.
|
||||
* The key will be a temporary (session) key until it is imported
|
||||
* into a KeyStore, at which point it will be made a permanent (token)
|
||||
* object.
|
||||
*/
|
||||
public static PK11PrivKey
|
||||
fromPrivateKeyInfo(PKCS8EncodedKeySpec spec, CryptoToken token)
|
||||
{
|
||||
return fromPrivateKeyInfo(spec.getEncoded(), token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Imports a PrivateKeyInfo, storing it as a temporary PrivateKey
|
||||
* on the given token.
|
||||
* The key will be a temporary (session) key until it is imported
|
||||
* into a KeyStore, at which point it will be made a permanent (token)
|
||||
* object.
|
||||
*/
|
||||
public static native PK11PrivKey
|
||||
fromPrivateKeyInfo(byte[] pki, CryptoToken token);
|
||||
}
|
||||
|
||||
class PrivateKeyProxy extends KeyProxy {
|
||||
|
||||
@ -480,7 +480,7 @@ pubkFromRaw(JNIEnv *env, CK_KEY_TYPE type, jbyteArray rawBA)
|
||||
SECItem *pubkDER=NULL;
|
||||
|
||||
/* validate args */
|
||||
PR_ASSERT(env!=NULL && (type == CKK_RSA || type == CKK_DSA));
|
||||
PR_ASSERT(env!=NULL);
|
||||
if( rawBA == NULL ) {
|
||||
JSS_throw(env, NULL_POINTER_EXCEPTION);
|
||||
goto finish;
|
||||
@ -511,10 +511,22 @@ finish:
|
||||
}
|
||||
return pubkObj;
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
*
|
||||
* PK11PubKey.fromRawNative
|
||||
*/
|
||||
JNIEXPORT jobject JNICALL
|
||||
Java_org_mozilla_jss_pkcs11_PK11PubKey_fromRawNative
|
||||
(JNIEnv *env, jclass clazz, jint type, jbyteArray rawBA)
|
||||
{
|
||||
return pubkFromRaw(env, type, rawBA);
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
*
|
||||
* PK11PubKey.RSAfromRaw
|
||||
* Deprecated: call fromRawNative instead.
|
||||
*/
|
||||
JNIEXPORT jobject JNICALL
|
||||
Java_org_mozilla_jss_pkcs11_PK11PubKey_RSAFromRaw
|
||||
@ -525,7 +537,8 @@ Java_org_mozilla_jss_pkcs11_PK11PubKey_RSAFromRaw
|
||||
|
||||
/***********************************************************************
|
||||
*
|
||||
* PK11PubKey.RSAfromRaw
|
||||
* PK11PubKey.DSAfromRaw
|
||||
* Deprecated: call fromRawNative instead.
|
||||
*/
|
||||
JNIEXPORT jobject JNICALL
|
||||
Java_org_mozilla_jss_pkcs11_PK11PubKey_DSAFromRaw
|
||||
@ -572,3 +585,61 @@ finish:
|
||||
}
|
||||
return encodedBA;
|
||||
}
|
||||
|
||||
JNIEXPORT jobject JNICALL
|
||||
Java_org_mozilla_jss_pkcs11_PK11PubKey_fromSPKI
|
||||
(JNIEnv *env, jobject this, jbyteArray spkiBA)
|
||||
{
|
||||
jobject pubkObj = NULL;
|
||||
SECItem *spkiItem = NULL;
|
||||
CERTSubjectPublicKeyInfo *spki = NULL;
|
||||
SECKEYPublicKey *pubk = NULL;
|
||||
|
||||
/*
|
||||
* convert byte array to SECItem
|
||||
*/
|
||||
spkiItem = JSS_ByteArrayToSECItem(env, spkiBA);
|
||||
if( spkiItem == NULL ) {
|
||||
/* exception was thrown */
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
* convert SECItem to SECKEYPublicKey
|
||||
*/
|
||||
spki = SECKEY_DecodeDERSubjectPublicKeyInfo(spkiItem);
|
||||
if( spki == NULL ) {
|
||||
JSS_throwMsg(env, INVALID_KEY_FORMAT_EXCEPTION,
|
||||
"Unable to decode DER-encoded SubjectPublicKeyInfo: "
|
||||
"invalid DER encoding");
|
||||
goto finish;
|
||||
}
|
||||
pubk = SECKEY_ExtractPublicKey(spki);
|
||||
if( pubk == NULL ) {
|
||||
JSS_throwMsg(env, INVALID_KEY_FORMAT_EXCEPTION,
|
||||
"Unable to decode SubjectPublicKeyInfo: DER encoding problem, or"
|
||||
" unrecognized key type ");
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*
|
||||
* put a Java wrapper around it
|
||||
*/
|
||||
pubkObj = JSS_PK11_wrapPubKey(env, &pubk); /* this clears pubk */
|
||||
if( pubkObj == NULL ) {
|
||||
/* exception was thrown */
|
||||
goto finish;
|
||||
}
|
||||
|
||||
finish:
|
||||
if( spkiItem != NULL ) {
|
||||
SECITEM_FreeItem(spkiItem, PR_TRUE /*freeit*/);
|
||||
}
|
||||
if( spki != NULL ) {
|
||||
SECKEY_DestroySubjectPublicKeyInfo(spki);
|
||||
}
|
||||
if( pubk != NULL ) {
|
||||
SECKEY_DestroyPublicKey(pubk);
|
||||
}
|
||||
return pubkObj;
|
||||
}
|
||||
|
||||
@ -67,15 +67,33 @@ public class PK11PubKey extends org.mozilla.jss.pkcs11.PK11Key
|
||||
public static PK11PubKey fromRaw(PrivateKey.Type type, byte[] rawKey)
|
||||
throws InvalidKeyFormatException
|
||||
{
|
||||
if( type == PrivateKey.RSA ) {
|
||||
return RSAFromRaw(rawKey);
|
||||
} else {
|
||||
Assert.assert( type == PrivateKey.DSA );
|
||||
return DSAFromRaw(rawKey);
|
||||
}
|
||||
return fromRawNative( type.getPKCS11Type(), rawKey );
|
||||
}
|
||||
|
||||
/**
|
||||
* param type The PKCS #11 type of the key (CKK_).
|
||||
*/
|
||||
private static native PK11PubKey fromRawNative(int type, byte[] rawKey)
|
||||
throws InvalidKeyFormatException;
|
||||
|
||||
/**
|
||||
* Creates a PK11PubKey from a SubjectPublicKeyInfo.
|
||||
*
|
||||
* @param spki The BER-encoded SubjectPublicKeyInfo.
|
||||
* @exception InvalidKeyFormatException If the SPKI could not be
|
||||
* decoded.
|
||||
*/
|
||||
public static native PK11PubKey fromSPKI(byte[] spki)
|
||||
throws InvalidKeyFormatException;
|
||||
|
||||
/**
|
||||
* deprecated Use fromRawNative instead.
|
||||
*/
|
||||
private static native PK11PubKey RSAFromRaw(byte[] rawKey);
|
||||
|
||||
/**
|
||||
* deprecated Use fromRawNative instead.
|
||||
*/
|
||||
private static native PK11PubKey DSAFromRaw(byte[] rawKey);
|
||||
|
||||
/**
|
||||
|
||||
@ -476,114 +476,6 @@ finish:
|
||||
|
||||
#define DER_DEFAULT_CHUNKSIZE (2048)
|
||||
|
||||
/***********************************************************************
|
||||
* passwordToSecitem
|
||||
*
|
||||
* Converts a Java Password object to a SECItem, first hashing with
|
||||
* global salt. The Java Password object will be cleared.
|
||||
* Returns NULL iff an exception was thrown.
|
||||
*/
|
||||
static SECItem*
|
||||
passwordToSecitem(JNIEnv *env, jobject pwObject, jbyteArray globalSaltArray)
|
||||
{
|
||||
jclass passwordClass;
|
||||
jmethodID getByteCopyMethod;
|
||||
jmethodID clearMethod;
|
||||
jbyteArray pwArray;
|
||||
SECItem *ret=NULL;
|
||||
jbyte *pwChars;
|
||||
jthrowable excep;
|
||||
SECItem *salt = NULL;
|
||||
|
||||
PR_ASSERT(env!=NULL && pwObject!=NULL);
|
||||
|
||||
ret = (SECItem*) PR_NEW(SECItem);
|
||||
if(ret == NULL) {
|
||||
JSS_throw(env, OUT_OF_MEMORY_ERROR);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*****************************************
|
||||
* Get Password class and methods
|
||||
*****************************************/
|
||||
passwordClass = (*env)->GetObjectClass(env, pwObject);
|
||||
if(passwordClass == NULL) {
|
||||
goto finish;
|
||||
}
|
||||
getByteCopyMethod = (*env)->GetMethodID(
|
||||
env,
|
||||
passwordClass,
|
||||
PW_GET_BYTE_COPY_NAME,
|
||||
PW_GET_BYTE_COPY_SIG);
|
||||
clearMethod = (*env)->GetMethodID( env,
|
||||
passwordClass,
|
||||
PW_CLEAR_NAME,
|
||||
PW_CLEAR_SIG);
|
||||
if(getByteCopyMethod==NULL || clearMethod==NULL) {
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/***************************************************
|
||||
* Get the salt
|
||||
***************************************************/
|
||||
salt = PR_NEW(SECItem);
|
||||
if( salt == NULL ) {
|
||||
JSS_throw(env, OUT_OF_MEMORY_ERROR);
|
||||
goto finish;
|
||||
}
|
||||
salt->len = (*env)->GetArrayLength(env, globalSaltArray);
|
||||
PR_ASSERT(salt->len > 0);
|
||||
salt->data = (unsigned char*)
|
||||
(*env)->GetByteArrayElements(env, globalSaltArray, NULL);
|
||||
if( salt->data == NULL ) {
|
||||
ASSERT_OUTOFMEM(env);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/************************************************
|
||||
* Get the bytes from the password, then clear it
|
||||
***********************************************/
|
||||
pwArray = (*env)->CallObjectMethod( env, pwObject, getByteCopyMethod);
|
||||
(*env)->CallVoidMethod(env, pwObject, clearMethod);
|
||||
if(pwArray == NULL) {
|
||||
ASSERT_OUTOFMEM(env);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
/*************************************************************
|
||||
* Copy the characters out of the byte array,
|
||||
*************************************************************/
|
||||
pwChars = (*env)->GetByteArrayElements(env, pwArray, NULL);
|
||||
if(pwChars == NULL) {
|
||||
ASSERT_OUTOFMEM(env);
|
||||
goto finish;
|
||||
}
|
||||
/* hash the password into a SECItem */
|
||||
ret = SECKEY_HashPassword( (char*) pwChars, salt);
|
||||
|
||||
/***************************************************
|
||||
* Clear the array.
|
||||
***************************************************/
|
||||
memset(pwChars, 0, ret->len);
|
||||
(*env)->ReleaseByteArrayElements(env, pwArray, pwChars, 0);
|
||||
|
||||
finish:
|
||||
if( (excep=(*env)->ExceptionOccurred(env)) ) {
|
||||
(*env)->ExceptionClear(env);
|
||||
}
|
||||
if(salt) {
|
||||
if(salt->data) {
|
||||
(*env)->ReleaseByteArrayElements(env, globalSaltArray,
|
||||
(jbyte*) salt->data, JNI_ABORT);
|
||||
}
|
||||
PR_Free(salt);
|
||||
}
|
||||
if( excep ) {
|
||||
(*env)->Throw(env, excep);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
int PK11_NumberObjectsFor(PK11SlotInfo*, CK_ATTRIBUTE*, int);
|
||||
|
||||
/***********************************************************************
|
||||
@ -675,6 +567,7 @@ finish:
|
||||
}
|
||||
}
|
||||
|
||||
extern const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[];
|
||||
|
||||
/***********************************************************************
|
||||
* PK11Store.importdPrivateKey
|
||||
|
||||
@ -47,107 +47,6 @@ PRIVATE_EXPORTS = pk11util.h \
|
||||
secmodti.h \
|
||||
$(NULL)
|
||||
|
||||
JNI_GEN = \
|
||||
org.mozilla.jss.pkcs11.CertProxy \
|
||||
org.mozilla.jss.pkcs11.CipherContextProxy \
|
||||
org.mozilla.jss.pkcs11.PK11Module \
|
||||
org.mozilla.jss.pkcs11.ModuleProxy \
|
||||
org.mozilla.jss.pkcs11.PK11Cert \
|
||||
org.mozilla.jss.pkcs11.PK11Cipher \
|
||||
org.mozilla.jss.pkcs11.PK11KeyWrapper \
|
||||
org.mozilla.jss.pkcs11.PK11MessageDigest \
|
||||
org.mozilla.jss.pkcs11.PK11PrivKey \
|
||||
org.mozilla.jss.pkcs11.PK11PubKey \
|
||||
org.mozilla.jss.pkcs11.PK11SymKey \
|
||||
org.mozilla.jss.pkcs11.PK11KeyPairGenerator \
|
||||
org.mozilla.jss.pkcs11.PK11KeyGenerator \
|
||||
org.mozilla.jss.pkcs11.PrivateKeyProxy \
|
||||
org.mozilla.jss.pkcs11.PublicKeyProxy \
|
||||
org.mozilla.jss.pkcs11.SymKeyProxy \
|
||||
org.mozilla.jss.pkcs11.KeyProxy \
|
||||
org.mozilla.jss.pkcs11.PK11Token \
|
||||
org.mozilla.jss.pkcs11.TokenProxy \
|
||||
org.mozilla.jss.pkcs11.PK11Signature \
|
||||
org.mozilla.jss.pkcs11.PK11Store \
|
||||
org.mozilla.jss.pkcs11.PK11KeyPairGenerator \
|
||||
org.mozilla.jss.pkcs11.SigContextProxy \
|
||||
org.mozilla.jss.pkcs11.PK11RSAPublicKey \
|
||||
org.mozilla.jss.pkcs11.PK11DSAPublicKey \
|
||||
org.mozilla.jss.pkcs11.PK11SecureRandom \
|
||||
$(NULL)
|
||||
|
||||
CLASSES = \
|
||||
CertProxy \
|
||||
CipherContextProxy \
|
||||
KeyProxy \
|
||||
KeyType \
|
||||
ModuleProxy \
|
||||
PK11Cert \
|
||||
PK11Cipher \
|
||||
PK11InternalCert \
|
||||
PK11TokenCert \
|
||||
PK11InternalTokenCert \
|
||||
PK11DSAPublicKey \
|
||||
PK11Key \
|
||||
PK11KeyGenerator \
|
||||
PK11KeyPairGenerator \
|
||||
PK11KeyWrapper \
|
||||
PK11MessageDigest \
|
||||
PK11Module \
|
||||
PK11PrivKey \
|
||||
PK11PubKey \
|
||||
PK11RSAPublicKey \
|
||||
PK11Signature \
|
||||
PK11SymKey \
|
||||
PK11Store \
|
||||
PK11Token \
|
||||
PK11SecureRandom \
|
||||
PrivateKeyProxy \
|
||||
PublicKeyProxy \
|
||||
SigContextProxy \
|
||||
SymKeyProxy \
|
||||
TokenCallbackInfo \
|
||||
TokenProxy \
|
||||
Tunnel \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_CLASSES = \
|
||||
pwcb \
|
||||
$(NULL)
|
||||
|
||||
|
||||
JSRCS = \
|
||||
CipherContextProxy.java \
|
||||
KeyProxy.java \
|
||||
KeyType.java \
|
||||
ModuleProxy.java \
|
||||
PK11Cert.java \
|
||||
PK11Cipher.java \
|
||||
PK11DSAPublicKey.java \
|
||||
PK11InternalCert.java \
|
||||
PK11InternalTokenCert.java \
|
||||
PK11Key.java \
|
||||
PK11KeyGenerator.java \
|
||||
PK11KeyPairGenerator.java \
|
||||
PK11KeyWrapper.java \
|
||||
PK11MessageDigest.java \
|
||||
PK11Module.java \
|
||||
PK11PrivKey.java \
|
||||
PK11PubKey.java \
|
||||
PK11RSAPublicKey.java \
|
||||
PK11SecureRandom.java \
|
||||
PK11Signature.java \
|
||||
PK11Store.java \
|
||||
PK11SymKey.java \
|
||||
PK11Token.java \
|
||||
PK11TokenCert.java \
|
||||
TokenProxy.java \
|
||||
Tunnel.java \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_JSRCS =
|
||||
|
||||
|
||||
CSRCS = \
|
||||
PK11Cert.c \
|
||||
PK11Cipher.c \
|
||||
|
||||
@ -1,91 +0,0 @@
|
||||
/*
|
||||
* The contents of this file are subject to the Mozilla Public
|
||||
* License Version 1.1 (the "License"); you may not use this file
|
||||
* except in compliance with the License. You may obtain a copy of
|
||||
* the License at http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS
|
||||
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
||||
* implied. See the License for the specific language governing
|
||||
* rights and limitations under the License.
|
||||
*
|
||||
* The Original Code is the Netscape Security Services for Java.
|
||||
*
|
||||
* The Initial Developer of the Original Code is Netscape
|
||||
* Communications Corporation. Portions created by Netscape are
|
||||
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
|
||||
* Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the
|
||||
* terms of the GNU General Public License Version 2 or later (the
|
||||
* "GPL"), in which case the provisions of the GPL are applicable
|
||||
* instead of those above. If you wish to allow use of your
|
||||
* version of this file only under the terms of the GPL and not to
|
||||
* allow others to use your version of this file under the MPL,
|
||||
* indicate your decision by deleting the provisions above and
|
||||
* replace them with the notice and other provisions required by
|
||||
* the GPL. If you do not delete the provisions above, a recipient
|
||||
* may use your version of this file under either the MPL or the
|
||||
* GPL.
|
||||
*/
|
||||
|
||||
package org.mozilla.jss.pkcs12;
|
||||
|
||||
import java.io.*;
|
||||
import java.text.*;
|
||||
import java.util.*;
|
||||
import org.mozilla.jss.util.*;
|
||||
|
||||
/**
|
||||
* A PKCS #12 "virtual token". Currently, these extend
|
||||
* tokens found in the PK11Token class.
|
||||
*
|
||||
* @author mharmsen
|
||||
* @version $Revision: 1.2 $ $Date: 2000/12/19 06:18:19 $
|
||||
* @see org.mozilla.jss.pkcs11.PK11Token
|
||||
*/
|
||||
public class SelfTest
|
||||
{
|
||||
////////////////////////////////////////////////////
|
||||
// exceptions
|
||||
////////////////////////////////////////////////////
|
||||
|
||||
|
||||
////////////////////////////////////////////////////
|
||||
// public methods
|
||||
////////////////////////////////////////////////////
|
||||
|
||||
public static void TestPK12TokenConstructor()
|
||||
{
|
||||
PK12Token p1 = PK12Token.makePK12Token( "test0.p12", PK12Token.Flag.FILE_EXISTS );
|
||||
PK12Token p2 = PK12Token.makePK12Token( "test1.p12", PK12Token.Flag.CREATE_FILE );
|
||||
PK12Token p3 = PK12Token.makePK12Token( "test2.p12", PK12Token.Flag.CREATE_FILE );
|
||||
PK12Token p5 = PK12Token.makePK12Token( "", PK12Token.Flag.FILE_EXISTS );
|
||||
}
|
||||
|
||||
public static void main(String[] args)
|
||||
{
|
||||
TestPK12TokenConstructor();
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////////
|
||||
// private methods
|
||||
////////////////////////////////////////////////////
|
||||
|
||||
|
||||
////////////////////////////////////////////////////
|
||||
// construction and finalization
|
||||
////////////////////////////////////////////////////
|
||||
|
||||
|
||||
//////////////////////////////////////////////////
|
||||
// Public Data
|
||||
//////////////////////////////////////////////////
|
||||
|
||||
|
||||
//////////////////////////////////////////////////
|
||||
// Private Data
|
||||
//////////////////////////////////////////////////
|
||||
}
|
||||
@ -56,7 +56,8 @@ import java.io.FileInputStream;
|
||||
/**
|
||||
* An X.509 signed certificate.
|
||||
*/
|
||||
public class Certificate implements ASN1Value {
|
||||
public class Certificate implements ASN1Value
|
||||
{
|
||||
|
||||
private CertificateInfo info;
|
||||
private byte[] infoEncoding;
|
||||
@ -152,7 +153,7 @@ public class Certificate implements ASN1Value {
|
||||
*/
|
||||
public void verify()
|
||||
throws InvalidKeyException, CryptoManager.NotInitializedException,
|
||||
NoSuchAlgorithmException, CertificateException, TokenException,
|
||||
NoSuchAlgorithmException, CertificateException,
|
||||
SignatureException, InvalidKeyFormatException
|
||||
{
|
||||
verify( info.getSubjectPublicKeyInfo().toPublicKey() );
|
||||
@ -163,12 +164,16 @@ public class Certificate implements ASN1Value {
|
||||
* Does not indicate the certificate is valid at any specific time.
|
||||
*/
|
||||
public void verify(PublicKey key)
|
||||
throws InvalidKeyException, CryptoManager.NotInitializedException,
|
||||
NoSuchAlgorithmException, CertificateException, TokenException,
|
||||
throws InvalidKeyException,
|
||||
NoSuchAlgorithmException, CertificateException,
|
||||
SignatureException
|
||||
{
|
||||
try {
|
||||
CryptoManager cm = CryptoManager.getInstance();
|
||||
verify(key, cm.getInternalCryptoToken());
|
||||
} catch( CryptoManager.NotInitializedException e ) {
|
||||
throw new SignatureException("CryptoManager not initialized");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -177,9 +182,10 @@ public class Certificate implements ASN1Value {
|
||||
* any specific time.
|
||||
*/
|
||||
public void verify(PublicKey key, CryptoToken token)
|
||||
throws NoSuchAlgorithmException, CertificateException, TokenException,
|
||||
throws NoSuchAlgorithmException, CertificateException,
|
||||
SignatureException, InvalidKeyException
|
||||
{
|
||||
try {
|
||||
Signature sig = token.getSignatureContext(
|
||||
SignatureAlgorithm.fromOID( info.getSignatureAlgId().getOID() ) );
|
||||
|
||||
@ -188,6 +194,9 @@ public class Certificate implements ASN1Value {
|
||||
if( ! sig.verify(signature) ) {
|
||||
throw new CertificateException("Signature is invalid");
|
||||
}
|
||||
} catch(TokenException e) {
|
||||
throw new SignatureException("PKCS #11 token error: " + e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -37,7 +37,6 @@ import java.io.*;
|
||||
import org.mozilla.jss.asn1.*;
|
||||
import org.mozilla.jss.util.Assert;
|
||||
import org.mozilla.jss.pkix.primitive.*;
|
||||
import org.mozilla.jss.pkix.cert.*;
|
||||
import org.mozilla.jss.crypto.*;
|
||||
import java.util.Vector;
|
||||
import java.math.BigInteger;
|
||||
@ -47,6 +46,8 @@ import java.security.SignatureException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.MessageDigest;
|
||||
import org.mozilla.jss.crypto.*;
|
||||
import org.mozilla.jss.crypto.X509Certificate;
|
||||
import org.mozilla.jss.pkix.cert.*;
|
||||
import org.mozilla.jss.*;
|
||||
import java.security.PublicKey;
|
||||
|
||||
|
||||
@ -47,7 +47,7 @@ import org.mozilla.jss.pkcs11.PK11PubKey;
|
||||
* A <i>SubjectPublicKeyInfo</i>, which stores information about a public key.
|
||||
* This class implements <code>java.security.PublicKey</code>.
|
||||
*/
|
||||
public class SubjectPublicKeyInfo
|
||||
public class SubjectPublicKeyInfo extends java.security.spec.X509EncodedKeySpec
|
||||
implements ASN1Value, java.security.PublicKey {
|
||||
|
||||
private AlgorithmIdentifier algorithm;
|
||||
@ -62,10 +62,6 @@ public class SubjectPublicKeyInfo
|
||||
}
|
||||
}
|
||||
|
||||
public String getFormat() {
|
||||
return "X.509";
|
||||
}
|
||||
|
||||
public byte[] getEncoded() {
|
||||
if( subjectPublicKey.getPadCount() != 0 ) {
|
||||
Assert.notReached("public key is not an integral number of bytes");
|
||||
@ -83,11 +79,12 @@ public class SubjectPublicKeyInfo
|
||||
return subjectPublicKey;
|
||||
}
|
||||
|
||||
private SubjectPublicKeyInfo() { }
|
||||
private SubjectPublicKeyInfo() { super(null);}
|
||||
|
||||
public SubjectPublicKeyInfo(AlgorithmIdentifier algorithm,
|
||||
BIT_STRING subjectPublicKey)
|
||||
{
|
||||
super( null );
|
||||
this.algorithm = algorithm;
|
||||
this.subjectPublicKey = subjectPublicKey;
|
||||
}
|
||||
@ -95,6 +92,7 @@ public class SubjectPublicKeyInfo
|
||||
public SubjectPublicKeyInfo(PublicKey pubk)
|
||||
throws InvalidBERException, IOException
|
||||
{
|
||||
super( null );
|
||||
SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo)
|
||||
ASN1Util.decode( getTemplate(), pubk.getEncoded() );
|
||||
algorithm = spki.algorithm;
|
||||
|
||||
@ -1,74 +0,0 @@
|
||||
/* ***** BEGIN LICENSE BLOCK *****
|
||||
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
||||
*
|
||||
* The contents of this file are subject to the Mozilla Public License Version
|
||||
* 1.1 (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
* http://www.mozilla.org/MPL/
|
||||
*
|
||||
* Software distributed under the License is distributed on an "AS IS" basis,
|
||||
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
||||
* for the specific language governing rights and limitations under the
|
||||
* License.
|
||||
*
|
||||
* The Original Code is Network Security Services for Java.
|
||||
*
|
||||
* The Initial Developer of the Original Code is
|
||||
* Netscape Communications Corporation.
|
||||
* Portions created by the Initial Developer are Copyright (C) 2001
|
||||
* the Initial Developer. All Rights Reserved.
|
||||
*
|
||||
* Contributor(s):
|
||||
*
|
||||
* Alternatively, the contents of this file may be used under the terms of
|
||||
* either the GNU General Public License Version 2 or later (the "GPL"), or
|
||||
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
||||
* in which case the provisions of the GPL or the LGPL are applicable instead
|
||||
* of those above. If you wish to allow use of your version of this file only
|
||||
* under the terms of either the GPL or the LGPL, and not to allow others to
|
||||
* use your version of this file under the terms of the MPL, indicate your
|
||||
* decision by deleting the provisions above and replace them with the notice
|
||||
* and other provisions required by the GPL or the LGPL. If you do not delete
|
||||
* the provisions above, a recipient may use your version of this file under
|
||||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
|
||||
package org.mozilla.jss.provider.java.security;
|
||||
|
||||
|
||||
class GenericKeyPairGeneratorSpi
|
||||
extends java.security.KeyPairGeneratorSpi
|
||||
{
|
||||
|
||||
private KeyPairGenerator kpg;
|
||||
|
||||
private GenericKeyPairGeneratorSpi() { super(); }
|
||||
|
||||
public GenericKeyPairGeneratorSpi(String algName)
|
||||
throws java.security.NoSuchAlgorithmException
|
||||
{
|
||||
super();
|
||||
this(KeyPairAlgorithm.fromString(algName));
|
||||
}
|
||||
|
||||
public GenericKeyPairGeneratorSpi(KeyPairAlgorithm alg) {
|
||||
super();
|
||||
CryptoToken token =
|
||||
TokenSupplierManager.getTokenSupplier().getThreadToken();
|
||||
kpg = token.getKeyPairGenerator(alg)
|
||||
}
|
||||
|
||||
public void initialize(AlgorithmParameterSpec params,
|
||||
SecureRandom random) throws InvalidAlgorithmParameterSpecException
|
||||
{
|
||||
kpg.initialize(params, random);
|
||||
}
|
||||
|
||||
public void initialize(int keysize, SecureRandom random) {
|
||||
kpg.initialize(keysize, random);
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
@ -39,7 +39,7 @@ NS_USE_JDK = 1
|
||||
|
||||
REQUIRES = nspr20 security
|
||||
|
||||
PACKAGE = org/mozilla/jss/
|
||||
PACKAGE = org/mozilla/jss/provider/java/security
|
||||
|
||||
JNI_GEN = \
|
||||
$(NULL)
|
||||
@ -49,6 +49,9 @@ PRIVATE_EXPORTS = \
|
||||
|
||||
CLASSES = \
|
||||
org.mozilla.jss.provider.java.security.KeyFactorySpi1_2 \
|
||||
org.mozilla.jss.provider.java.security.GenericKeyPairGeneratorSpi \
|
||||
org.mozilla.jss.provider.java.security.RSAKeyPairGeneratorSpi \
|
||||
org.mozilla.jss.provider.java.security.DSAKeyPairGeneratorSpi \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_CLASSES = \
|
||||
@ -56,6 +59,9 @@ PRIVATE_CLASSES = \
|
||||
|
||||
JSRCS = \
|
||||
KeyFactorySpi1_2.java \
|
||||
GenericKeyPairGeneratorSpi.java \
|
||||
RSAKeyPairGeneratorSpi.java \
|
||||
DSAKeyPairGeneratorSpi.java \
|
||||
$(NULL)
|
||||
|
||||
ifdef JDK_1_4
|
||||
|
||||
@ -68,3 +68,7 @@ JSRCS = \
|
||||
SHA1RSASignature.java \
|
||||
PKCS11SecureRandom.java \
|
||||
$(NULL)
|
||||
|
||||
DIRS = \
|
||||
java \
|
||||
$(NULL)
|
||||
|
||||
@ -48,21 +48,7 @@ JAVADOC_TARGETS= \
|
||||
org.mozilla.jss.provider \
|
||||
org.mozilla.jss.ssl \
|
||||
org.mozilla.jss.tests \
|
||||
org.mozilla.jss.util.Assert \
|
||||
org.mozilla.jss.util.AssertionException \
|
||||
org.mozilla.jss.util.Base64OutputStream \
|
||||
org.mozilla.jss.util.ConsolePasswordCallback \
|
||||
org.mozilla.jss.util.IncorrectPasswordException \
|
||||
org.mozilla.jss.util.InvalidNicknameException \
|
||||
org.mozilla.jss.util.NativeProxy \
|
||||
org.mozilla.jss.util.NotImplementedException \
|
||||
org.mozilla.jss.util.NullPasswordCallback \
|
||||
org.mozilla.jss.util.Password \
|
||||
org.mozilla.jss.util.PasswordCallback \
|
||||
org.mozilla.jss.util.PasswordCallbackInfo \
|
||||
org.mozilla.jss.util.Tunnel \
|
||||
org.mozilla.jss.util.UTF8Converter \
|
||||
util/Debug.java \
|
||||
org.mozilla.jss.util \
|
||||
$(NULL)
|
||||
|
||||
ifneq ($(HTML_HEADER),)
|
||||
|
||||
@ -87,6 +87,7 @@ public interface SSLCertificateApprovalCallback {
|
||||
|
||||
class ValidityStatus {
|
||||
|
||||
public static final int EXPIRED_CERTIFICATE = -8192 + 11;
|
||||
public static final int REVOKED_CERTIFICATE = -8192 + 12;
|
||||
public static final int INADEQUATE_KEY_USAGE = -8192 + 90;
|
||||
public static final int INADEQUATE_CERT_TYPE = -8192 + 91;
|
||||
|
||||
@ -383,7 +383,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getPort(JNIEnv *env,
|
||||
PRNetAddr addr;
|
||||
|
||||
if( JSSL_getSockAddr(env, self, &addr, PEER_SOCK) == PR_SUCCESS ) {
|
||||
return addr.inet.port;
|
||||
return ntohs(addr.inet.port);
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -433,7 +433,7 @@ Java_org_mozilla_jss_ssl_SocketBase_getLocalPortNative(JNIEnv *env,
|
||||
PRNetAddr addr;
|
||||
|
||||
if( JSSL_getSockAddr(env, self, &addr, LOCAL_SOCK) == PR_SUCCESS ) {
|
||||
return addr.inet.port;
|
||||
return ntohs(addr.inet.port);
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -41,66 +41,6 @@ REQUIRES = security
|
||||
|
||||
PACKAGE = org/mozilla/jss/ssl
|
||||
|
||||
JNI_GEN = \
|
||||
org.mozilla.jss.ssl.SSLSocket \
|
||||
org.mozilla.jss.ssl.SSLServerSocket \
|
||||
org.mozilla.jss.ssl.SocketBase \
|
||||
$(NULL)
|
||||
|
||||
JSRCS = \
|
||||
SocketProxy.java \
|
||||
SocketBase.java \
|
||||
SSLHandshakeCompletedEvent.java \
|
||||
SSLSecurityStatus.java \
|
||||
SSLHandshakeCompletedListener.java \
|
||||
SSLServerSocket.java \
|
||||
SSLSocket.java \
|
||||
SSLInputStream.java \
|
||||
SSLOutputStream.java \
|
||||
PrintOutputStreamWriter.java \
|
||||
SSLCertificateApprovalCallback.java \
|
||||
SSLClientCertificateSelectionCallback.java \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_JSRCS = \
|
||||
SSLClient.java \
|
||||
SSLServer.java \
|
||||
SSLTest.java \
|
||||
TestCertApprovalCallback.java \
|
||||
TestClientCertificateSelectionCallback.java \
|
||||
$(NULL)
|
||||
|
||||
#PRIVATE_JSRCS = SSLServer.java \
|
||||
#SSLClient.java \
|
||||
#TestCertApprovalCallback.java \
|
||||
#TestClientCertificateSelectionCallback.java \
|
||||
#$(NULL)
|
||||
|
||||
CLASSES = SSLHandshakeCompletedEvent \
|
||||
SSLSecurityStatus \
|
||||
SSLHandshakeCompletedListener \
|
||||
SSLServerSocket \
|
||||
SSLSocket \
|
||||
SSLOutputStream \
|
||||
PrintOutputStreamWriter \
|
||||
SSLCertificateApprovalCallback \
|
||||
SSLClientCertificateSelectionCallback \
|
||||
SocketBase \
|
||||
SocketProxy \
|
||||
SSLInputStream \
|
||||
$(NULL)
|
||||
|
||||
PRIVATE_CLASSES = \
|
||||
SSLServer \
|
||||
SSLClient \
|
||||
SSLTest \
|
||||
$(NULL)
|
||||
|
||||
#SSLClient \
|
||||
#ServerHandshakeCB \
|
||||
#ClientHandshakeCB \
|
||||
#$(NULL)
|
||||
|
||||
CSRCS = SSLSocket.c \
|
||||
callbacks.c \
|
||||
SSLServerSocket.c \
|
||||
|
||||
@ -781,7 +781,6 @@ jbyteArray
|
||||
JSS_SECItemToByteArray(JNIEnv *env, SECItem *item)
|
||||
{
|
||||
jbyteArray array=NULL;
|
||||
jbyte* bytes=NULL;
|
||||
|
||||
PR_ASSERT(env!=NULL && item!=NULL);
|
||||
PR_ASSERT(item->len >= 0);
|
||||
@ -793,19 +792,9 @@ JSS_SECItemToByteArray(JNIEnv *env, SECItem *item)
|
||||
goto finish;
|
||||
}
|
||||
|
||||
bytes = (*env)->GetByteArrayElements(env, array, NULL);
|
||||
if(bytes == NULL) {
|
||||
ASSERT_OUTOFMEM(env);
|
||||
array = NULL; /* so the caller knows there was an error */
|
||||
goto finish;
|
||||
}
|
||||
|
||||
memcpy(bytes, item->data, item->len);
|
||||
(*env)->SetByteArrayRegion(env, array, 0, item->len, item->data);
|
||||
|
||||
finish:
|
||||
if(bytes!=NULL) {
|
||||
(*env)->ReleaseByteArrayElements(env, array, bytes, 0);
|
||||
}
|
||||
return array;
|
||||
}
|
||||
/***********************************************************************
|
||||
|
||||
@ -48,49 +48,6 @@ PRIVATE_EXPORTS = jssutil.h \
|
||||
jssver.h \
|
||||
$(NULL)
|
||||
|
||||
JNI_GEN = \
|
||||
org.mozilla.jss.util.Debug \
|
||||
org.mozilla.jss.util.Password \
|
||||
$(NULL)
|
||||
|
||||
JSRCS = \
|
||||
Assert.java \
|
||||
AssertionException.java \
|
||||
Base64OutputStream.java \
|
||||
ConsolePasswordCallback.java \
|
||||
Debug.java \
|
||||
IncorrectPasswordException.java \
|
||||
InvalidDERException.java \
|
||||
InvalidNicknameException.java \
|
||||
NativeProxy.java \
|
||||
NotImplementedException.java \
|
||||
NullPasswordCallback.java \
|
||||
ObjectNotFoundException.java \
|
||||
Password.java \
|
||||
PasswordCallback.java \
|
||||
PasswordCallbackInfo.java \
|
||||
Tunnel.java \
|
||||
UTF8Converter.java \
|
||||
$(NULL)
|
||||
|
||||
CLASSES = \
|
||||
Assert \
|
||||
AssertionException \
|
||||
Base64OutputStream \
|
||||
ConsolePasswordCallback \
|
||||
Debug \
|
||||
IncorrectPasswordException \
|
||||
InvalidNicknameException \
|
||||
NativeProxy \
|
||||
NotImplementedException \
|
||||
NullPasswordCallback \
|
||||
Password \
|
||||
PasswordCallback \
|
||||
PasswordCallbackInfo \
|
||||
Tunnel \
|
||||
UTF8Converter \
|
||||
$(NULL)
|
||||
|
||||
CSRCS = jssutil.c \
|
||||
jssver.c \
|
||||
errstrings.c \
|
||||
|
||||
Loading…
Reference in New Issue
Block a user