From 2017da526c1d50e7292ee9cd668c6c85d31b265f Mon Sep 17 00:00:00 2001 From: Warren Levy Date: Wed, 28 Jun 2000 11:24:05 +0000 Subject: [PATCH] Gnu.java: New file. * gnu/java/security/provider/Gnu.java: New file. * gnu/java/security/provider/SHA.java: New file. * gnu/java/security/provider/SHA1PRNG.java: New file. * Makefile.am: Added the above files. * Makefile.in: Rebuilt. * java/io/ObjectStreamClass.java (setUID): Use Gnu SHA instead of SHS. From-SVN: r34753 --- libjava/ChangeLog | 10 + libjava/Makefile.am | 3 + libjava/Makefile.in | 8 +- libjava/gnu/java/security/provider/Gnu.java | 79 ++++++ libjava/gnu/java/security/provider/SHA.java | 227 ++++++++++++++++++ .../gnu/java/security/provider/SHA1PRNG.java | 109 +++++++++ libjava/java/io/ObjectStreamClass.java | 16 +- 7 files changed, 444 insertions(+), 8 deletions(-) create mode 100644 libjava/gnu/java/security/provider/Gnu.java create mode 100644 libjava/gnu/java/security/provider/SHA.java create mode 100644 libjava/gnu/java/security/provider/SHA1PRNG.java diff --git a/libjava/ChangeLog b/libjava/ChangeLog index f2ba41e37d1..6c6bea8bf0a 100644 --- a/libjava/ChangeLog +++ b/libjava/ChangeLog @@ -1,3 +1,13 @@ +2000-06-28 Warren Levy + + * gnu/java/security/provider/Gnu.java: New file. + * gnu/java/security/provider/SHA.java: New file. + * gnu/java/security/provider/SHA1PRNG.java: New file. + * Makefile.am: Added the above files. + * Makefile.in: Rebuilt. + + * java/io/ObjectStreamClass.java (setUID): Use Gnu SHA instead of SHS. + 2000-06-28 Bryce McKinlay * ThreadGroup.java: Added synchronized flag to many methods. diff --git a/libjava/Makefile.am b/libjava/Makefile.am index 37fe66ab33a..01f7604fea4 100644 --- a/libjava/Makefile.am +++ b/libjava/Makefile.am @@ -615,6 +615,9 @@ gnu/java/io/ObjectIdentityWrapper.java \ gnu/java/lang/reflect/TypeSignature.java \ gnu/java/lang/ArrayHelper.java \ gnu/java/lang/ClassHelper.java \ +gnu/java/security/provider/Gnu.java \ +gnu/java/security/provider/SHA.java \ +gnu/java/security/provider/SHA1PRNG.java \ java/io/BufferedInputStream.java \ java/io/BufferedOutputStream.java \ java/io/BufferedReader.java \ diff --git a/libjava/Makefile.in b/libjava/Makefile.in index 16f72acb7e1..d7b7dc5621d 100644 --- a/libjava/Makefile.in +++ b/libjava/Makefile.in @@ -385,6 +385,9 @@ gnu/java/io/ObjectIdentityWrapper.java \ gnu/java/lang/reflect/TypeSignature.java \ gnu/java/lang/ArrayHelper.java \ gnu/java/lang/ClassHelper.java \ +gnu/java/security/provider/Gnu.java \ +gnu/java/security/provider/SHA.java \ +gnu/java/security/provider/SHA1PRNG.java \ java/io/BufferedInputStream.java \ java/io/BufferedOutputStream.java \ java/io/BufferedReader.java \ @@ -963,7 +966,10 @@ DEP_FILES = .deps/$(srcdir)/$(CONVERT_DIR)/gen-from-JIS.P \ .deps/gnu/java/io/NullOutputStream.P \ .deps/gnu/java/io/ObjectIdentityWrapper.P \ .deps/gnu/java/lang/ArrayHelper.P .deps/gnu/java/lang/ClassHelper.P \ -.deps/gnu/java/lang/reflect/TypeSignature.P .deps/interpret.P \ +.deps/gnu/java/lang/reflect/TypeSignature.P \ +.deps/gnu/java/security/provider/Gnu.P \ +.deps/gnu/java/security/provider/SHA.P \ +.deps/gnu/java/security/provider/SHA1PRNG.P .deps/interpret.P \ .deps/java/awt/AWTError.P .deps/java/awt/AWTEvent.P \ .deps/java/awt/AWTException.P .deps/java/awt/ActiveEvent.P \ .deps/java/awt/Adjustable.P .deps/java/awt/BorderLayout.P \ diff --git a/libjava/gnu/java/security/provider/Gnu.java b/libjava/gnu/java/security/provider/Gnu.java new file mode 100644 index 00000000000..f215bcd6a5c --- /dev/null +++ b/libjava/gnu/java/security/provider/Gnu.java @@ -0,0 +1,79 @@ +/* Gnu.java --- Gnu provider main class + Copyright (C) 1999 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +As a special exception, if you link this library with other files to +produce an executable, this library does not by itself cause the +resulting executable to be covered by the GNU General Public License. +This exception does not however invalidate any other reasons why the +executable file might be covered by the GNU General Public License. */ + + +package gnu.java.security.provider; +import java.security.Provider; + +public final class Gnu extends Provider +{ + public Gnu() + { + super( "GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA"); + + // Signature + put("Signature.SHA1withDSA", "gnu.java.security.provider.DSASignature"); + + put("Alg.Alias.Signature.DSS", "SHA1withDSA"); + put("Alg.Alias.Signature.DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAwithSHA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA-1/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA1/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "SHA1withDSA"); + put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA1withDSA"); + + // Key Pair Generator + put("KeyPairGenerator.DSA", "gnu.java.security.provider.DSAKeyPairGenerator"); + + put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); + + // Message Digests + put("MessageDigest.SHA", "gnu.java.security.provider.SHA"); + put("MessageDigest.MD5", "gnu.java.security.provider.MD5"); + + // Format "Alias", "Actual Name" + put("Alg.Alias.MessageDigest.SHA1", "SHA"); + put("Alg.Alias.MessageDigest.SHA-1", "SHA"); + + // Algorithm Parameters + put("AlgorithmParameters.DSA", "gnu.java.security.provider.DSAAlgorithmParameters"); + + // Algorithm Parameter Generator + put("AlgorithmParameterGenerator.DSA", "gnu.java.security.provider.DSAAlgorithmParameterGenerator"); + + // SecureRandom + put("SecureRandom.SHA1PRNG", "gnu.java.security.provider.SHA1PRNG"); + + + } +} diff --git a/libjava/gnu/java/security/provider/SHA.java b/libjava/gnu/java/security/provider/SHA.java new file mode 100644 index 00000000000..cb3d3bf5d09 --- /dev/null +++ b/libjava/gnu/java/security/provider/SHA.java @@ -0,0 +1,227 @@ +/* SHA.java -- Class implementing the SHA-1 algorithm as specified in [1]. + Copyright (C) 1999 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +As a special exception, if you link this library with other files to +produce an executable, this library does not by itself cause the +resulting executable to be covered by the GNU General Public License. +This exception does not however invalidate any other reasons why the +executable file might be covered by the GNU General Public License. */ + + +package gnu.java.security.provider; + +import java.security.MessageDigest; + +/** + This class implements the SHA-1 algorithm as described in [1]. + + [1] Federal Information Processing Standards Publication 180-1. + Specifications for the Secure Hash Standard. April 17, 1995. + + @see java.security.MessageDigest +*/ +public class SHA extends MessageDigest implements Cloneable +{ + public SHA () + { + super("SHA"); + engineReset (); + } + + public int engineGetDigestLength() + { + return 16; + } + + public void engineUpdate (byte b) + { + int i = (int)bytecount % 64; + int shift = (3 - i % 4) * 8; + int idx = i / 4; + + // if you could index ints, this would be: W[idx][shift/8] = b + W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); + + // if we've filled up a block, then process it + if ((++ bytecount) % 64 == 0) + munch (); + } + + // This could be optimized. + public void engineUpdate (byte bytes[], int off, int len) + { + if (len < 0) + throw new ArrayIndexOutOfBoundsException (); + + int end = off + len; + while (off < end) + engineUpdate (bytes[off++]); + } + + public void engineReset () + { + bytecount = 0; + // magic numbers from [1] p. 10. + H0 = 0x67452301; + H1 = 0xefcdab89; + H2 = 0x98badcfe; + H3 = 0x10325476; + H4 = 0xc3d2e1f0; + } + + public byte[] engineDigest () + { + long bitcount = bytecount * 8; + engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding + + // add the rest of the padding to fill this block out, but leave 8 + // bytes to put in the original bytecount + while ((int)bytecount % 64 != 56) + engineUpdate ((byte)0); + + // add the length of the original, unpadded block to the end of + // the padding + W[14] = (int)(bitcount >>> 32); + W[15] = (int)bitcount; + bytecount += 8; + + // digest the fully padded block + munch (); + + byte[] result + = new byte[] {(byte)(H0 >>> 24), (byte)(H0 >>> 16), + (byte)(H0 >>> 8), (byte)H0, + (byte)(H1 >>> 24), (byte)(H1 >>> 16), + (byte)(H1 >>> 8), (byte)H1, + (byte)(H2 >>> 24), (byte)(H2 >>> 16), + (byte)(H2 >>> 8), (byte)H2, + (byte)(H3 >>> 24), (byte)(H3 >>> 16), + (byte)(H3 >>> 8), (byte)H3, + (byte)(H4 >>> 24), (byte)(H4 >>> 16), + (byte)(H4 >>> 8), (byte)H4}; + + engineReset (); + return result; + } + + // Process a single block. This is pretty much copied verbatim from + // [1] pp. 9, 10. + private void munch () + { + for (int t = 16; t < 80; ++ t) + { + int Wt = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; + W[t] = Wt << 1 | Wt >>> 31; + } + + int A = H0; + int B = H1; + int C = H2; + int D = H3; + int E = H4; + + for (int t = 0; t < 20; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + ((B & C) | (~B & D)) // f_t(B,C,D) + + E + W[t] + + 0x5a827999; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 20; t < 40; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B ^ C ^ D) // f_t(B,C,D) + + E + W[t] + + 0x6ed9eba1; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 40; t < 60; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B & C | B & D | C & D) // f_t(B,C,D) + + E + W[t] + + 0x8f1bbcdc; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + for (int t = 60; t < 80; ++ t) + { + int TEMP = (A << 5 | A >>> 27) // S^5(A) + + (B ^ C ^ D) // f_t(B,C,D) + + E + W[t] + + 0xca62c1d6; // K_t + + E = D; + D = C; + C = B << 30 | B >>> 2; // S^30(B) + B = A; + A = TEMP; + } + + H0 += A; + H1 += B; + H2 += C; + H3 += D; + H4 += E; + } + + public Object clone () + { + return new SHA (this); + } + + private SHA (SHA copy) + { + this (); + bytecount = copy.bytecount; + H0 = copy.H0; + H1 = copy.H1; + H2 = copy.H2; + H3 = copy.H3; + H4 = copy.H4; + System.arraycopy (copy.W, 0, W, 0, 80); + } + + private final int W[] = new int[80]; + private long bytecount; + private int H0; + private int H1; + private int H2; + private int H3; + private int H4; +} diff --git a/libjava/gnu/java/security/provider/SHA1PRNG.java b/libjava/gnu/java/security/provider/SHA1PRNG.java new file mode 100644 index 00000000000..3aaf652bb46 --- /dev/null +++ b/libjava/gnu/java/security/provider/SHA1PRNG.java @@ -0,0 +1,109 @@ +/* SHA1PRNG.java --- Secure Random SPI SHA1PRNG + Copyright (C) 1999 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +As a special exception, if you link this library with other files to +produce an executable, this library does not by itself cause the +resulting executable to be covered by the GNU General Public License. +This exception does not however invalidate any other reasons why the +executable file might be covered by the GNU General Public License. */ + + +package gnu.java.security.provider; + +import java.util.Random; +// import java.security.SecureRandomSpi; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.io.Serializable; + +// public class SHA1PRNG extends SecureRandomSpi implements Serializable +public class SHA1PRNG implements Serializable +{ + MessageDigest digest; + byte seed[]; + byte data[]; + int seedpos; + int datapos; + + public SHA1PRNG() + { + try { + digest = MessageDigest.getInstance("SHA"); + } catch ( NoSuchAlgorithmException nsae) { + System.out.println("Failed to find SHA Message Digest: " + nsae); + nsae.printStackTrace(); + } + + seed = new byte[20]; + seedpos = 0; + data = new byte[40]; + datapos = 0; + + new Random().nextBytes(seed); + + byte digestdata[]; + digestdata = digest.digest( data ); + System.arraycopy( digestdata, 0, data, 0, 20); + + } + + public void engineSetSeed(byte[] seed) + { + for(int i = 0; i < seed.length; i++) + this.seed[seedpos++ % 20] ^= seed[i]; + seedpos %= 20; + + } + + public void engineNextBytes(byte[] bytes) + { + + if( bytes.length < (20 - datapos) ) { + System.arraycopy( bytes, 0, data, datapos, bytes.length); + datapos += bytes.length; + return; + } + + int i, blen = bytes.length, bpos = 0; + byte digestdata[]; + while( bpos < blen ) { + i = 20 - datapos; + System.arraycopy( bytes, bpos, data, datapos, i); + bpos += i; + datapos += i; + if( datapos >= 20) { + //System.out.println( (0 + 20) + "\n" + (20 + 20) ); + System.arraycopy( seed, 0, data, 20, 20); + digestdata = digest.digest( data ); + System.arraycopy( digestdata, 0, data, 0, 20); + datapos = 0; + } + } + + } + + public byte[] engineGenerateSeed(int numBytes) + { + byte tmp[] = new byte[numBytes]; + + engineNextBytes( tmp ); + return tmp; + } +} diff --git a/libjava/java/io/ObjectStreamClass.java b/libjava/java/io/ObjectStreamClass.java index f799b4f498e..c43112d7a61 100644 --- a/libjava/java/io/ObjectStreamClass.java +++ b/libjava/java/io/ObjectStreamClass.java @@ -36,13 +36,14 @@ import java.lang.reflect.Modifier; import java.security.DigestOutputStream; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.security.Security; import java.util.Arrays; import java.util.Comparator; import java.util.Hashtable; import java.util.Vector; import gnu.java.io.NullOutputStream; import gnu.java.lang.reflect.TypeSignature; -import gnu.gcj.io.SimpleSHSStream; +import gnu.java.security.provider.Gnu; public class ObjectStreamClass implements Serializable @@ -420,20 +421,21 @@ public class ObjectStreamClass implements Serializable MessageDigest md = null; DigestOutputStream digest_out = null; DataOutputStream data_out = null; - SimpleSHSStream simple = null; try { md = MessageDigest.getInstance ("SHA"); - digest_out = new DigestOutputStream (nullOutputStream, md); - data_out = new DataOutputStream (digest_out); } catch (NoSuchAlgorithmException e) { - simple = new SimpleSHSStream (nullOutputStream); - data_out = new DataOutputStream (simple); + // If a provider already provides SHA, use it; otherwise, use this. + Gnu gnuProvider = new Gnu(); + Security.addProvider(gnuProvider); + md = MessageDigest.getInstance ("SHA"); } + digest_out = new DigestOutputStream (nullOutputStream, md); + data_out = new DataOutputStream (digest_out); data_out.writeUTF (cl.getName ()); int modifiers = cl.getModifiers (); @@ -522,7 +524,7 @@ public class ObjectStreamClass implements Serializable } data_out.close (); - byte[] sha = md != null ? md.digest () : simple.digest (); + byte[] sha = md.digest (); long result = 0; int len = sha.length < 8 ? sha.length : 8; for (int i=0; i < len; i++) -- 2.30.2