8aa540d2f7
Imported GNU Classpath 0.90
* scripts/makemake.tcl: Set gnu/java/awt/peer/swing to ignore.
* gnu/classpath/jdwp/VMFrame.java (SIZE): New constant.
* java/lang/VMCompiler.java: Use gnu.java.security.hash.MD5.
* java/lang/Math.java: New override file.
* java/lang/Character.java: Merged from Classpath.
(start, end): Now 'int's.
(canonicalName): New field.
(CANONICAL_NAME, NO_SPACES_NAME, CONSTANT_NAME): New constants.
(UnicodeBlock): Added argument.
(of): New overload.
(forName): New method.
Updated unicode blocks.
(sets): Updated.
* sources.am: Regenerated.
* Makefile.in: Likewise.
From-SVN: r111942
128 lines
4.8 KiB
Java
128 lines
4.8 KiB
Java
/* RSAPSSSignatureX509Codec.java -- X.509 encoder/decoder for RSA signatures
|
|
Copyright (C) 2006 Free Software Foundation, Inc.
|
|
|
|
This file is part of GNU Classpath.
|
|
|
|
GNU Classpath is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2, or (at your option)
|
|
any later version.
|
|
|
|
GNU Classpath is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with GNU Classpath; see the file COPYING. If not, write to the
|
|
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
02110-1301 USA.
|
|
|
|
Linking this library statically or dynamically with other modules is
|
|
making a combined work based on this library. Thus, the terms and
|
|
conditions of the GNU General Public License cover the whole
|
|
combination.
|
|
|
|
As a special exception, the copyright holders of this library give you
|
|
permission to link this library with independent modules to produce an
|
|
executable, regardless of the license terms of these independent
|
|
modules, and to copy and distribute the resulting executable under
|
|
terms of your choice, provided that you also meet, for each linked
|
|
independent module, the terms and conditions of the license of that
|
|
module. An independent module is a module which is not derived from
|
|
or based on this library. If you modify this library, you may extend
|
|
this exception to your version of the library, but you are not
|
|
obligated to do so. If you do not wish to do so, delete this
|
|
exception statement from your version. */
|
|
|
|
|
|
package gnu.java.security.sig.rsa;
|
|
|
|
import gnu.java.security.Registry;
|
|
import gnu.java.security.sig.ISignatureCodec;
|
|
|
|
import java.security.InvalidParameterException;
|
|
|
|
/**
|
|
* An implementation of an {@link ISignatureCodec} that knows to encode and
|
|
* decode RSA PKCS1 (v1.5) signatures into the raw bytes which would constitute
|
|
* a DER-encoded form of the ASN.1 structure defined in RFC-2459, and RFC-2313
|
|
* as described in the next paragraphs.
|
|
* <p>
|
|
* Digital signatures when transmitted in an X.509 certificates are encoded
|
|
* in DER (Distinguished Encoding Rules) as a BIT STRING; i.e.
|
|
*
|
|
* <pre>
|
|
* Certificate ::= SEQUENCE {
|
|
* tbsCertificate TBSCertificate,
|
|
* signatureAlgorithm AlgorithmIdentifier,
|
|
* signature BIT STRING
|
|
* }
|
|
* </pre>
|
|
* <p>
|
|
* The output of the encoder, and the input of the decoder, of this codec are
|
|
* then the <i>raw</i> bytes of such a BIT STRING; i.e. not the DER-encoded
|
|
* form itself.
|
|
* <p>
|
|
* Our implementation of the RSA PKCS1 signature algorithm outputs a byte array
|
|
* as the result of generating a digital signature, in accordance with RFC-2313.
|
|
* As a consequence, the encoder and decoder of this codec, simply pass through
|
|
* such a byte array.
|
|
* <p>
|
|
* Client code that needs to build a DER BIT STRING <b>MUST</b> construct such
|
|
* an ASN.1 value. The following is an example of how to do this:
|
|
* <p>
|
|
* <pre>
|
|
* ...
|
|
* import gnu.java.security.der.BitString;
|
|
* import gnu.java.security.der.DER;
|
|
* import gnu.java.security.der.DERValue;
|
|
* ...
|
|
* DERValue bitString = new DERValue(DER.BIT_STRING, new BitString(sigBytes));
|
|
* ...
|
|
* </pre>
|
|
*/
|
|
public class RSAPKCS1V1_5SignatureX509Codec
|
|
implements ISignatureCodec
|
|
{
|
|
// default 0-arguments constructor
|
|
|
|
public int getFormatID()
|
|
{
|
|
return Registry.X509_ENCODING_ID;
|
|
}
|
|
|
|
/**
|
|
* Encodes an RSA Signature output as a <i>signature</i> BIT STRING as
|
|
* defined in the documentation of this class.
|
|
*
|
|
* @param signature the output of the RSA PKCS1 (v1.5) signature algorithm;
|
|
* i.e. the value returned by the invocation of
|
|
* {@link gnu.java.security.sig.ISignature#sign()} method. In the
|
|
* case of the RSA PKCS1 (v1.5) signature this is an array of bytes.
|
|
* @return the raw bytes of an RSA signature which could be then used as the
|
|
* contents of a BIT STRING as per rfc-2459.
|
|
*/
|
|
public byte[] encodeSignature(Object signature)
|
|
{
|
|
byte[] result = (byte[]) signature;
|
|
return result;
|
|
}
|
|
|
|
/**
|
|
* Decodes a <i>signature</i> as defined in the documentation of this class.
|
|
*
|
|
* @param input the byte array to unmarshall into a valid RSA PKCS1 (v1.5)
|
|
* signature instance; i.e. a byte array. MUST NOT be null.
|
|
* @return an array of raw bytes decoded from the designated input. In the
|
|
* case of RSA PKCS1 (v1.5) this is the same as the input.
|
|
* @throw InvalidParameterException if the <code>input</code> array is null.
|
|
*/
|
|
public Object decodeSignature(byte[] input)
|
|
{
|
|
if (input == null)
|
|
throw new InvalidParameterException("Input bytes MUST NOT be null");
|
|
|
|
return input;
|
|
}
|
|
}
|