src/java.base/share/classes/sun/security/provider/DSA.java
author weijun
Wed, 01 Aug 2018 13:35:08 +0800
changeset 51272 9d92ff04a29c
parent 51216 e429a304c97d
child 51508 f99640a44d75
permissions -rw-r--r--
8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer Reviewed-by: xuelei
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     1
/*
50204
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
     2
 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load
duke
parents:
diff changeset
     4
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
     5
 * This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load
duke
parents:
diff changeset
     6
 * under the terms of the GNU General Public License version 2 only, as
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
     7
 * published by the Free Software Foundation.  Oracle designates this
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     8
 * particular file as subject to the "Classpath" exception as provided
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
     9
 * by Oracle in the LICENSE file that accompanied this code.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    10
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    11
 * This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load
duke
parents:
diff changeset
    12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load
duke
parents:
diff changeset
    13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
90ce3da70b43 Initial load
duke
parents:
diff changeset
    14
 * version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load
duke
parents:
diff changeset
    15
 * accompanied this code).
90ce3da70b43 Initial load
duke
parents:
diff changeset
    16
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    17
 * You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load
duke
parents:
diff changeset
    18
 * 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load
duke
parents:
diff changeset
    19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    20
 *
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    22
 * or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 2
diff changeset
    23
 * questions.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    24
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    25
90ce3da70b43 Initial load
duke
parents:
diff changeset
    26
package sun.security.provider;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    27
90ce3da70b43 Initial load
duke
parents:
diff changeset
    28
import java.io.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    29
import java.util.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    30
import java.math.BigInteger;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    31
import java.nio.ByteBuffer;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    32
90ce3da70b43 Initial load
duke
parents:
diff changeset
    33
import java.security.*;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    34
import java.security.SecureRandom;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    35
import java.security.interfaces.*;
50204
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
    36
import java.security.spec.*;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    37
90ce3da70b43 Initial load
duke
parents:
diff changeset
    38
import sun.security.util.Debug;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    39
import sun.security.util.DerValue;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    40
import sun.security.util.DerInputStream;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    41
import sun.security.util.DerOutputStream;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    42
import sun.security.jca.JCAUtil;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    43
90ce3da70b43 Initial load
duke
parents:
diff changeset
    44
/**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    45
 * The Digital Signature Standard (using the Digital Signature
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    46
 * Algorithm), as described in fips186-3 of the National Instute of
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    47
 * Standards and Technology (NIST), using SHA digest algorithms
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    48
 * from FIPS180-3.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    49
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    50
 * This file contains both the signature implementation for the
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    51
 * commonly used SHA1withDSA (DSS), SHA224withDSA, SHA256withDSA,
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    52
 * as well as RawDSA, used by TLS among others. RawDSA expects
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    53
 * the 20 byte SHA-1 digest as input via update rather than the
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    54
 * original data like other signature implementations.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    55
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    56
 * @author Benjamin Renaud
90ce3da70b43 Initial load
duke
parents:
diff changeset
    57
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    58
 * @since   1.1
90ce3da70b43 Initial load
duke
parents:
diff changeset
    59
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    60
 * @see DSAPublicKey
90ce3da70b43 Initial load
duke
parents:
diff changeset
    61
 * @see DSAPrivateKey
90ce3da70b43 Initial load
duke
parents:
diff changeset
    62
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    63
abstract class DSA extends SignatureSpi {
90ce3da70b43 Initial load
duke
parents:
diff changeset
    64
90ce3da70b43 Initial load
duke
parents:
diff changeset
    65
    /* Are we debugging? */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    66
    private static final boolean debug = false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    67
45990
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    68
    /* The number of bits used in exponent blinding */
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    69
    private static final int BLINDING_BITS = 7;
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    70
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    71
    /* The constant component of the exponent blinding value */
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    72
    private static final BigInteger BLINDING_CONSTANT =
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    73
        BigInteger.valueOf(1 << BLINDING_BITS);
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
    74
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    75
    /* The parameter object */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    76
    private DSAParams params;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    77
90ce3da70b43 Initial load
duke
parents:
diff changeset
    78
    /* algorithm parameters */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    79
    private BigInteger presetP, presetQ, presetG;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    80
90ce3da70b43 Initial load
duke
parents:
diff changeset
    81
    /* The public key, if any */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    82
    private BigInteger presetY;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    83
90ce3da70b43 Initial load
duke
parents:
diff changeset
    84
    /* The private key, if any */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    85
    private BigInteger presetX;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    86
90ce3da70b43 Initial load
duke
parents:
diff changeset
    87
    /* The RNG used to output a seed for generating k */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    88
    private SecureRandom signingRandom;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    89
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    90
    /* The message digest object used */
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    91
    private final MessageDigest md;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
    92
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
    93
    /* The format. true for the IEEE P1363 format. false (default) for ASN.1 */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
    94
    private final boolean p1363Format;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
    95
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    96
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    97
     * Construct a blank DSA object. It must be
90ce3da70b43 Initial load
duke
parents:
diff changeset
    98
     * initialized before being usable for signing or verifying.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    99
     */
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   100
    DSA(MessageDigest md) {
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   101
        this(md, false);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   102
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   103
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   104
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   105
     * Construct a blank DSA object that will use the specified
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   106
     * signature format. {@code p1363Format} should be {@code true} to
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   107
     * use the IEEE P1363 format. If {@code p1363Format} is {@code false},
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   108
     * the DER-encoded ASN.1 format will used. The DSA object must be
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   109
     * initialized before being usable for signing or verifying.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   110
     */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   111
    DSA(MessageDigest md, boolean p1363Format) {
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   112
        super();
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   113
        this.md = md;
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   114
        this.p1363Format = p1363Format;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   115
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   116
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   117
    private static void checkKey(DSAParams params, int digestLen, String mdAlgo)
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   118
        throws InvalidKeyException {
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   119
        // FIPS186-3 states in sec4.2 that a hash function which provides
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   120
        // a lower security strength than the (L, N) pair ordinarily should
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   121
        // not be used.
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   122
        int valueN = params.getQ().bitLength();
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   123
        if (valueN > digestLen) {
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   124
            throw new InvalidKeyException("The security strength of " +
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   125
                mdAlgo + " digest algorithm is not sufficient for this key size");
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   126
        }
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   127
    }
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   128
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   129
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   130
     * Initialize the DSA object with a DSA private key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   131
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   132
     * @param privateKey the DSA private key
90ce3da70b43 Initial load
duke
parents:
diff changeset
   133
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   134
     * @exception InvalidKeyException if the key is not a valid DSA private
90ce3da70b43 Initial load
duke
parents:
diff changeset
   135
     * key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   136
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   137
    protected void engineInitSign(PrivateKey privateKey)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   138
            throws InvalidKeyException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   139
        if (!(privateKey instanceof java.security.interfaces.DSAPrivateKey)) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   140
            throw new InvalidKeyException("not a DSA private key: " +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   141
                                          privateKey);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   142
        }
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   143
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   144
        java.security.interfaces.DSAPrivateKey priv =
90ce3da70b43 Initial load
duke
parents:
diff changeset
   145
            (java.security.interfaces.DSAPrivateKey)privateKey;
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   146
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   147
        // check for algorithm specific constraints before doing initialization
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   148
        DSAParams params = priv.getParams();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   149
        if (params == null) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   150
            throw new InvalidKeyException("DSA private key lacks parameters");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   151
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   152
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   153
        // check key size against hash output size for signing
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   154
        // skip this check for verification to minimize impact on existing apps
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   155
        if (md.getAlgorithm() != "NullDigest20") {
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   156
            checkKey(params, md.getDigestLength()*8, md.getAlgorithm());
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   157
        }
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   158
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   159
        this.params = params;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   160
        this.presetX = priv.getX();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   161
        this.presetY = null;
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   162
        this.presetP = params.getP();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   163
        this.presetQ = params.getQ();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   164
        this.presetG = params.getG();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   165
        this.md.reset();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   166
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   167
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   168
     * Initialize the DSA object with a DSA public key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   169
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   170
     * @param publicKey the DSA public key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   171
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   172
     * @exception InvalidKeyException if the key is not a valid DSA public
90ce3da70b43 Initial load
duke
parents:
diff changeset
   173
     * key.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   174
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   175
    protected void engineInitVerify(PublicKey publicKey)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   176
            throws InvalidKeyException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   177
        if (!(publicKey instanceof java.security.interfaces.DSAPublicKey)) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   178
            throw new InvalidKeyException("not a DSA public key: " +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   179
                                          publicKey);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   180
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   181
        java.security.interfaces.DSAPublicKey pub =
90ce3da70b43 Initial load
duke
parents:
diff changeset
   182
            (java.security.interfaces.DSAPublicKey)publicKey;
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   183
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   184
        // check for algorithm specific constraints before doing initialization
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   185
        DSAParams params = pub.getParams();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   186
        if (params == null) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   187
            throw new InvalidKeyException("DSA public key lacks parameters");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   188
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   189
        this.params = params;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   190
        this.presetY = pub.getY();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   191
        this.presetX = null;
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   192
        this.presetP = params.getP();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   193
        this.presetQ = params.getQ();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   194
        this.presetG = params.getG();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   195
        this.md.reset();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   196
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   197
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   198
    /**
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   199
     * Update a byte to be signed or verified.
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   200
     */
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   201
    protected void engineUpdate(byte b) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   202
        md.update(b);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   203
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   204
90ce3da70b43 Initial load
duke
parents:
diff changeset
   205
    /**
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   206
     * Update an array of bytes to be signed or verified.
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   207
     */
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   208
    protected void engineUpdate(byte[] data, int off, int len) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   209
        md.update(data, off, len);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   210
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   211
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   212
    protected void engineUpdate(ByteBuffer b) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   213
        md.update(b);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   214
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   215
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   216
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   217
    /**
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   218
     * Sign all the data thus far updated. The signature format is
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   219
     * determined by {@code p1363Format}. If {@code p1363Format} is
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   220
     * {@code false} (the default), then the signature is formatted
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   221
     * according to the Canonical Encoding Rules, returned as a DER
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   222
     * sequence of Integers, r and s. If {@code p1363Format} is
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   223
     * {@code false}, the signature is returned in the IEEE P1363
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   224
     * format, which is the concatenation or r and s.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   225
     *
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   226
     * @return a signature block formatted according to the format
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   227
     * indicated by {@code p1363Format}
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   228
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   229
     * @exception SignatureException if the signature object was not
90ce3da70b43 Initial load
duke
parents:
diff changeset
   230
     * properly initialized, or if another exception occurs.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   231
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   232
     * @see sun.security.DSA#engineUpdate
90ce3da70b43 Initial load
duke
parents:
diff changeset
   233
     * @see sun.security.DSA#engineVerify
90ce3da70b43 Initial load
duke
parents:
diff changeset
   234
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   235
    protected byte[] engineSign() throws SignatureException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   236
        BigInteger k = generateK(presetQ);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   237
        BigInteger r = generateR(presetP, presetQ, presetG, k);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   238
        BigInteger s = generateS(presetX, presetQ, r, k);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   239
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   240
        if (p1363Format) {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   241
            // Return the concatenation of r and s
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   242
            byte[] rBytes = r.toByteArray();
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   243
            byte[] sBytes = s.toByteArray();
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   244
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   245
            int size = presetQ.bitLength() / 8;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   246
            byte[] outseq = new byte[size * 2];
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   247
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   248
            int rLength = rBytes.length;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   249
            int sLength = sBytes.length;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   250
            int i;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   251
            for (i = rLength; i > 0 && rBytes[rLength - i] == 0; i--);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   252
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   253
            int j;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   254
            for (j = sLength;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   255
                    j > 0 && sBytes[sLength - j] == 0; j--);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   256
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   257
            System.arraycopy(rBytes, rLength - i, outseq, size - i, i);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   258
            System.arraycopy(sBytes, sLength - j, outseq, size * 2 - j, j);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   259
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   260
            return outseq;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   261
        } else {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   262
            // Return the DER-encoded ASN.1 form
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   263
            try {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   264
                DerOutputStream outseq = new DerOutputStream(100);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   265
                outseq.putInteger(r);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   266
                outseq.putInteger(s);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   267
                DerValue result = new DerValue(DerValue.tag_Sequence,
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   268
                        outseq.toByteArray());
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   269
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   270
                return result.toByteArray();
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   271
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   272
            } catch (IOException e) {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   273
                throw new SignatureException("error encoding signature");
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   274
            }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   275
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   276
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   277
90ce3da70b43 Initial load
duke
parents:
diff changeset
   278
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   279
     * Verify all the data thus far updated.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   280
     *
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   281
     * @param signature the alleged signature, encoded using the
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   282
     * Canonical Encoding Rules, as a sequence of integers, r and s.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   283
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   284
     * @exception SignatureException if the signature object was not
90ce3da70b43 Initial load
duke
parents:
diff changeset
   285
     * properly initialized, or if another exception occurs.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   286
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   287
     * @see sun.security.DSA#engineUpdate
90ce3da70b43 Initial load
duke
parents:
diff changeset
   288
     * @see sun.security.DSA#engineSign
90ce3da70b43 Initial load
duke
parents:
diff changeset
   289
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   290
    protected boolean engineVerify(byte[] signature)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   291
            throws SignatureException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   292
        return engineVerify(signature, 0, signature.length);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   293
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   294
90ce3da70b43 Initial load
duke
parents:
diff changeset
   295
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   296
     * Verify all the data thus far updated.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   297
     *
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   298
     * @param signature the alleged signature, encoded using the
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   299
     * format indicated by {@code p1363Format}. If {@code p1363Format}
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   300
     * is {@code false} (the default), then the signature is formatted
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   301
     * according to the Canonical Encoding Rules, as a DER sequence of
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   302
     * Integers, r and s. If {@code p1363Format} is {@code false},
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   303
     * the signature is in the IEEE P1363 format, which is the
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   304
     * concatenation or r and s.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   305
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   306
     * @param offset the offset to start from in the array of bytes.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   307
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   308
     * @param length the number of bytes to use, starting at offset.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   309
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   310
     * @exception SignatureException if the signature object was not
90ce3da70b43 Initial load
duke
parents:
diff changeset
   311
     * properly initialized, or if another exception occurs.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   312
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   313
     * @see sun.security.DSA#engineUpdate
90ce3da70b43 Initial load
duke
parents:
diff changeset
   314
     * @see sun.security.DSA#engineSign
90ce3da70b43 Initial load
duke
parents:
diff changeset
   315
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   316
    protected boolean engineVerify(byte[] signature, int offset, int length)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   317
            throws SignatureException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   318
90ce3da70b43 Initial load
duke
parents:
diff changeset
   319
        BigInteger r = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   320
        BigInteger s = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   321
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   322
        if (p1363Format) {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   323
            if ((length & 1) == 1) {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   324
                // length of signature byte array should be even
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   325
                throw new SignatureException("invalid signature format");
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   326
            }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   327
            int mid = length/2;
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   328
            r = new BigInteger(Arrays.copyOfRange(signature, 0, mid));
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   329
            s = new BigInteger(Arrays.copyOfRange(signature, mid, length));
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   330
        } else {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   331
            // first decode the signature.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   332
            try {
43214
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   333
                // Enforce strict DER checking for signatures
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   334
                DerInputStream in =
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   335
                    new DerInputStream(signature, offset, length, false);
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   336
                DerValue[] values = in.getSequence(2);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   337
43214
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   338
                // check number of components in the read sequence
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   339
                // and trailing data
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   340
                if ((values.length != 2) || (in.available() != 0)) {
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   341
                    throw new IOException("Invalid encoding for signature");
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   342
                }
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   343
                r = values[0].getBigInteger();
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   344
                s = values[1].getBigInteger();
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   345
            } catch (IOException e) {
43214
3dd7af9b9e05 8168714: Tighten ECDSA validation
valeriep
parents: 43212
diff changeset
   346
                throw new SignatureException("Invalid encoding for signature", e);
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   347
            }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   348
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   349
90ce3da70b43 Initial load
duke
parents:
diff changeset
   350
        // some implementations do not correctly encode values in the ASN.1
90ce3da70b43 Initial load
duke
parents:
diff changeset
   351
        // 2's complement format. force r and s to be positive in order to
90ce3da70b43 Initial load
duke
parents:
diff changeset
   352
        // to validate those signatures
90ce3da70b43 Initial load
duke
parents:
diff changeset
   353
        if (r.signum() < 0) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   354
            r = new BigInteger(1, r.toByteArray());
90ce3da70b43 Initial load
duke
parents:
diff changeset
   355
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   356
        if (s.signum() < 0) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   357
            s = new BigInteger(1, s.toByteArray());
90ce3da70b43 Initial load
duke
parents:
diff changeset
   358
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   359
90ce3da70b43 Initial load
duke
parents:
diff changeset
   360
        if ((r.compareTo(presetQ) == -1) && (s.compareTo(presetQ) == -1)) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   361
            BigInteger w = generateW(presetP, presetQ, presetG, s);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   362
            BigInteger v = generateV(presetY, presetP, presetQ, presetG, w, r);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   363
            return v.equals(r);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   364
        } else {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   365
            throw new SignatureException("invalid signature: out of range values");
90ce3da70b43 Initial load
duke
parents:
diff changeset
   366
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   367
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   368
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   369
    @Deprecated
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   370
    protected void engineSetParameter(String key, Object param) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   371
        throw new InvalidParameterException("No parameter accepted");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   372
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   373
50204
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   374
    @Override
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   375
    protected void engineSetParameter(AlgorithmParameterSpec params)
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   376
            throws InvalidAlgorithmParameterException {
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   377
        if (params != null) {
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   378
            throw new InvalidAlgorithmParameterException("No parameter accepted");
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   379
        }
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   380
    }
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   381
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   382
    @Deprecated
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   383
    protected Object engineGetParameter(String key) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   384
        return null;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   385
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   386
50204
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   387
    @Override
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   388
    protected AlgorithmParameters engineGetParameters() {
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   389
        return null;
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   390
    }
3195a713e24d 8146293: Add support for RSASSA-PSS Signature algorithm
valeriep
parents: 48080
diff changeset
   391
45990
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   392
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   393
    private BigInteger generateR(BigInteger p, BigInteger q, BigInteger g,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   394
                         BigInteger k) {
45990
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   395
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   396
        // exponent blinding to hide information from timing channel
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   397
        SecureRandom random = getSigningRandom();
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   398
        // start with a random blinding component
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   399
        BigInteger blindingValue = new BigInteger(BLINDING_BITS, random);
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   400
        // add the fixed blinding component
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   401
        blindingValue = blindingValue.add(BLINDING_CONSTANT);
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   402
        // replace k with a blinded value that is congruent (mod q)
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   403
        k = k.add(q.multiply(blindingValue));
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   404
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   405
        BigInteger temp = g.modPow(k, p);
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   406
        return temp.mod(q);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   407
    }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   408
90ce3da70b43 Initial load
duke
parents:
diff changeset
   409
    private BigInteger generateS(BigInteger x, BigInteger q,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   410
            BigInteger r, BigInteger k) throws SignatureException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   411
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   412
        byte[] s2;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   413
        try {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   414
            s2 = md.digest();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   415
        } catch (RuntimeException re) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   416
            // Only for RawDSA due to its 20-byte length restriction
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   417
            throw new SignatureException(re.getMessage());
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   418
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   419
        // get the leftmost min(N, outLen) bits of the digest value
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   420
        int nBytes = q.bitLength()/8;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   421
        if (nBytes < s2.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   422
            s2 = Arrays.copyOfRange(s2, 0, nBytes);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   423
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   424
        BigInteger z = new BigInteger(1, s2);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   425
        BigInteger k1 = k.modInverse(q);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   426
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   427
        return x.multiply(r).add(z).multiply(k1).mod(q);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   428
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   429
90ce3da70b43 Initial load
duke
parents:
diff changeset
   430
    private BigInteger generateW(BigInteger p, BigInteger q,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   431
                         BigInteger g, BigInteger s) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   432
        return s.modInverse(q);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   433
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   434
90ce3da70b43 Initial load
duke
parents:
diff changeset
   435
    private BigInteger generateV(BigInteger y, BigInteger p,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   436
             BigInteger q, BigInteger g, BigInteger w, BigInteger r)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   437
             throws SignatureException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   438
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   439
        byte[] s2;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   440
        try {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   441
            s2 = md.digest();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   442
        } catch (RuntimeException re) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   443
            // Only for RawDSA due to its 20-byte length restriction
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   444
            throw new SignatureException(re.getMessage());
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   445
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   446
        // get the leftmost min(N, outLen) bits of the digest value
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   447
        int nBytes = q.bitLength()/8;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   448
        if (nBytes < s2.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   449
            s2 = Arrays.copyOfRange(s2, 0, nBytes);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   450
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   451
        BigInteger z = new BigInteger(1, s2);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   452
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   453
        BigInteger u1 = z.multiply(w).mod(q);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   454
        BigInteger u2 = (r.multiply(w)).mod(q);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   455
90ce3da70b43 Initial load
duke
parents:
diff changeset
   456
        BigInteger t1 = g.modPow(u1,p);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   457
        BigInteger t2 = y.modPow(u2,p);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   458
        BigInteger t3 = t1.multiply(t2);
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   459
        BigInteger t5 = t3.mod(p);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   460
        return t5.mod(q);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   461
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   462
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   463
    protected BigInteger generateK(BigInteger q) {
43212
5aa719c66677 8168728: DSA signing improvments
xuelei
parents: 39771
diff changeset
   464
        // Implementation defined in FIPS 186-4 AppendixB.2.1.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   465
        SecureRandom random = getSigningRandom();
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   466
        byte[] kValue = new byte[(q.bitLength() + 7)/8 + 8];
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   467
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   468
        random.nextBytes(kValue);
45990
ba8bfbb9d633 8175106: Higher quality DSA operations
apetcher
parents: 43214
diff changeset
   469
        return new BigInteger(1, kValue).mod(
43212
5aa719c66677 8168728: DSA signing improvments
xuelei
parents: 39771
diff changeset
   470
                q.subtract(BigInteger.ONE)).add(BigInteger.ONE);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   471
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   472
90ce3da70b43 Initial load
duke
parents:
diff changeset
   473
    // Use the application-specified SecureRandom Object if provided.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   474
    // Otherwise, use our default SecureRandom Object.
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   475
    protected SecureRandom getSigningRandom() {
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   476
        if (signingRandom == null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   477
            if (appRandom != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   478
                signingRandom = appRandom;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   479
            } else {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   480
                signingRandom = JCAUtil.getSecureRandom();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   481
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   482
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   483
        return signingRandom;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   484
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   485
90ce3da70b43 Initial load
duke
parents:
diff changeset
   486
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   487
     * Return a human readable rendition of the engine.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   488
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   489
    public String toString() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   490
        String printable = "DSA Signature";
90ce3da70b43 Initial load
duke
parents:
diff changeset
   491
        if (presetP != null && presetQ != null && presetG != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   492
            printable += "\n\tp: " + Debug.toHexString(presetP);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   493
            printable += "\n\tq: " + Debug.toHexString(presetQ);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   494
            printable += "\n\tg: " + Debug.toHexString(presetG);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   495
        } else {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   496
            printable += "\n\t P, Q or G not initialized.";
90ce3da70b43 Initial load
duke
parents:
diff changeset
   497
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   498
        if (presetY != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   499
            printable += "\n\ty: " + Debug.toHexString(presetY);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   500
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   501
        if (presetY == null && presetX == null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   502
            printable += "\n\tUNINIIALIZED";
90ce3da70b43 Initial load
duke
parents:
diff changeset
   503
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   504
        return printable;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   505
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   506
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   507
    /**
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   508
     * Standard SHA224withDSA implementation as defined in FIPS186-3.
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   509
     */
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   510
    public static final class SHA224withDSA extends DSA {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   511
        public SHA224withDSA() throws NoSuchAlgorithmException {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   512
            super(MessageDigest.getInstance("SHA-224"));
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   513
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   514
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   515
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   516
    /**
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   517
     * SHA224withDSA implementation that uses the IEEE P1363 format.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   518
     */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   519
    public static final class SHA224withDSAinP1363Format extends DSA {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   520
        public SHA224withDSAinP1363Format() throws NoSuchAlgorithmException {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   521
            super(MessageDigest.getInstance("SHA-224"), true);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   522
        }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   523
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   524
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   525
    /**
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   526
     * Standard SHA256withDSA implementation as defined in FIPS186-3.
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   527
     */
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   528
    public static final class SHA256withDSA extends DSA {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   529
        public SHA256withDSA() throws NoSuchAlgorithmException {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   530
            super(MessageDigest.getInstance("SHA-256"));
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   531
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   532
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   533
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   534
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   535
     * SHA256withDSA implementation that uses the IEEE P1363 format.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   536
     */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   537
    public static final class SHA256withDSAinP1363Format extends DSA {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   538
        public SHA256withDSAinP1363Format() throws NoSuchAlgorithmException {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   539
            super(MessageDigest.getInstance("SHA-256"), true);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   540
        }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   541
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   542
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   543
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   544
     * Standard SHA1withDSA implementation.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   545
     */
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   546
    public static final class SHA1withDSA extends DSA {
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   547
        public SHA1withDSA() throws NoSuchAlgorithmException {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   548
            super(MessageDigest.getInstance("SHA-1"));
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   549
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   550
    }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   551
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   552
    /**
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   553
     * SHA1withDSA implementation that uses the IEEE P1363 format.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   554
     */
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   555
    public static final class SHA1withDSAinP1363Format extends DSA {
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   556
        public SHA1withDSAinP1363Format() throws NoSuchAlgorithmException {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   557
            super(MessageDigest.getInstance("SHA-1"), true);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   558
        }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   559
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   560
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   561
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   562
     * Raw DSA.
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   563
     *
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   564
     * Raw DSA requires the data to be exactly 20 bytes long. If it is
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   565
     * not, a SignatureException is thrown when sign()/verify() is called
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   566
     * per JCA spec.
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   567
     */
37580
46b10ab97043 8138593: Make DSA more fair
valeriep
parents: 28974
diff changeset
   568
    static class Raw extends DSA {
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   569
        // Internal special-purpose MessageDigest impl for RawDSA
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   570
        // Only override whatever methods used
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   571
        // NOTE: no clone support
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   572
        public static final class NullDigest20 extends MessageDigest {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   573
            // 20 byte digest buffer
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   574
            private final byte[] digestBuffer = new byte[20];
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   575
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   576
            // offset into the buffer; use Integer.MAX_VALUE to indicate
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   577
            // out-of-bound condition
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   578
            private int ofs = 0;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   579
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   580
            protected NullDigest20() {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   581
                super("NullDigest20");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   582
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   583
            protected void engineUpdate(byte input) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   584
                if (ofs == digestBuffer.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   585
                    ofs = Integer.MAX_VALUE;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   586
                } else {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   587
                    digestBuffer[ofs++] = input;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   588
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   589
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   590
            protected void engineUpdate(byte[] input, int offset, int len) {
51216
e429a304c97d 8204196: integer cleanup
ascarpino
parents: 50204
diff changeset
   591
                if (len > (digestBuffer.length - ofs)) {
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   592
                    ofs = Integer.MAX_VALUE;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   593
                } else {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   594
                    System.arraycopy(input, offset, digestBuffer, ofs, len);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   595
                    ofs += len;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   596
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   597
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   598
            protected final void engineUpdate(ByteBuffer input) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   599
                int inputLen = input.remaining();
51216
e429a304c97d 8204196: integer cleanup
ascarpino
parents: 50204
diff changeset
   600
                if (inputLen > (digestBuffer.length - ofs)) {
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   601
                    ofs = Integer.MAX_VALUE;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   602
                } else {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   603
                    input.get(digestBuffer, ofs, inputLen);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   604
                    ofs += inputLen;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   605
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   606
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   607
            protected byte[] engineDigest() throws RuntimeException {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   608
                if (ofs != digestBuffer.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   609
                    throw new RuntimeException
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   610
                        ("Data for RawDSA must be exactly 20 bytes long");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   611
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   612
                reset();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   613
                return digestBuffer;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   614
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   615
            protected int engineDigest(byte[] buf, int offset, int len)
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   616
                throws DigestException {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   617
                if (ofs != digestBuffer.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   618
                    throw new DigestException
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   619
                        ("Data for RawDSA must be exactly 20 bytes long");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   620
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   621
                if (len < digestBuffer.length) {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   622
                    throw new DigestException
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   623
                        ("Output buffer too small; must be at least 20 bytes");
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   624
                }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   625
                System.arraycopy(digestBuffer, 0, buf, offset, digestBuffer.length);
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   626
                reset();
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   627
                return digestBuffer.length;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   628
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   629
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   630
            protected void engineReset() {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   631
                ofs = 0;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   632
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   633
            protected final int engineGetDigestLength() {
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   634
                return digestBuffer.length;
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   635
            }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   636
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   637
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   638
        private Raw(boolean p1363Format) throws NoSuchAlgorithmException {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   639
            super(new NullDigest20(), p1363Format);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   640
        }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   641
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   642
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   643
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   644
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   645
     * Standard Raw DSA implementation.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   646
     */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   647
    public static final class RawDSA extends Raw {
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   648
        public RawDSA() throws NoSuchAlgorithmException {
28974
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   649
            super(false);
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   650
        }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   651
    }
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   652
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   653
    /**
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   654
     * Raw DSA implementation that uses the IEEE P1363 format.
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   655
     */
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   656
    public static final class RawDSAinP1363Format extends Raw {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   657
        public RawDSAinP1363Format() throws NoSuchAlgorithmException {
71fe221460f5 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents: 28262
diff changeset
   658
            super(true);
13672
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   659
        }
604588823b5a 7044060: Need to support NSA Suite B Cryptography algorithms
valeriep
parents: 5506
diff changeset
   660
    }
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   661
}