1 /* |
1 /* |
2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
27 |
27 |
28 import java.io.IOException; |
28 import java.io.IOException; |
29 import java.math.BigInteger; |
29 import java.math.BigInteger; |
30 |
30 |
31 import java.security.*; |
31 import java.security.*; |
|
32 import java.security.spec.*; |
32 import java.security.interfaces.*; |
33 import java.security.interfaces.*; |
33 |
34 |
34 import sun.security.util.*; |
35 import sun.security.util.*; |
35 import sun.security.x509.X509Key; |
36 import sun.security.x509.X509Key; |
|
37 import sun.security.x509.AlgorithmId; |
|
38 |
|
39 import static sun.security.rsa.RSAUtil.KeyType; |
36 |
40 |
37 /** |
41 /** |
38 * Key implementation for RSA public keys. |
42 * RSA public key implementation for "RSA", "RSASSA-PSS" algorithms. |
39 * |
43 * |
40 * Note: RSA keys must be at least 512 bits long |
44 * Note: RSA keys must be at least 512 bits long |
41 * |
45 * |
42 * @see RSAPrivateCrtKeyImpl |
46 * @see RSAPrivateCrtKeyImpl |
|
47 * @see RSAPrivateKeyImpl |
43 * @see RSAKeyFactory |
48 * @see RSAKeyFactory |
44 * |
49 * |
45 * @since 1.5 |
50 * @since 1.5 |
46 * @author Andreas Sterbenz |
51 * @author Andreas Sterbenz |
47 */ |
52 */ |
51 private static final BigInteger THREE = BigInteger.valueOf(3); |
56 private static final BigInteger THREE = BigInteger.valueOf(3); |
52 |
57 |
53 private BigInteger n; // modulus |
58 private BigInteger n; // modulus |
54 private BigInteger e; // public exponent |
59 private BigInteger e; // public exponent |
55 |
60 |
56 /** |
61 // optional parameters associated with this RSA key |
57 * Construct a key from its components. Used by the |
62 // specified in the encoding of its AlgorithmId |
58 * RSAKeyFactory and the RSAKeyPairGenerator. |
63 // must be null for "RSA" keys. |
59 */ |
64 private AlgorithmParameterSpec keyParams; |
60 public RSAPublicKeyImpl(BigInteger n, BigInteger e) |
65 |
61 throws InvalidKeyException { |
66 /** |
|
67 * Generate a new RSAPublicKey from the specified encoding. |
|
68 * Used by SunPKCS11 provider. |
|
69 */ |
|
70 public static RSAPublicKey newKey(byte[] encoded) |
|
71 throws InvalidKeyException { |
|
72 return new RSAPublicKeyImpl(encoded); |
|
73 } |
|
74 |
|
75 /** |
|
76 * Generate a new RSAPublicKey from the specified type and components. |
|
77 * Used by SunPKCS11 provider. |
|
78 */ |
|
79 public static RSAPublicKey newKey(KeyType type, |
|
80 AlgorithmParameterSpec params, BigInteger n, BigInteger e) |
|
81 throws InvalidKeyException { |
|
82 AlgorithmId rsaId = RSAUtil.createAlgorithmId(type, params); |
|
83 return new RSAPublicKeyImpl(rsaId, n, e); |
|
84 } |
|
85 |
|
86 /** |
|
87 * Construct a RSA key from AlgorithmId and its components. Used by |
|
88 * RSAKeyFactory and RSAKeyPairGenerator. |
|
89 */ |
|
90 RSAPublicKeyImpl(AlgorithmId rsaId, BigInteger n, BigInteger e) |
|
91 throws InvalidKeyException { |
|
92 RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); |
|
93 checkExponentRange(n, e); |
|
94 |
62 this.n = n; |
95 this.n = n; |
63 this.e = e; |
96 this.e = e; |
64 RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); |
97 this.keyParams = RSAUtil.getParamSpec(rsaId); |
65 checkExponentRange(); |
98 |
66 // generate the encoding |
99 // generate the encoding |
67 algid = RSAPrivateCrtKeyImpl.rsaId; |
100 algid = rsaId; |
68 try { |
101 try { |
69 DerOutputStream out = new DerOutputStream(); |
102 DerOutputStream out = new DerOutputStream(); |
70 out.putInteger(n); |
103 out.putInteger(n); |
71 out.putInteger(e); |
104 out.putInteger(e); |
72 byte[] keyArray = |
105 byte[] keyArray = |
80 } |
113 } |
81 |
114 |
82 /** |
115 /** |
83 * Construct a key from its encoding. Used by RSAKeyFactory. |
116 * Construct a key from its encoding. Used by RSAKeyFactory. |
84 */ |
117 */ |
85 public RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException { |
118 RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException { |
86 decode(encoded); |
119 decode(encoded); // this sets n and e value |
87 RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); |
120 RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); |
88 checkExponentRange(); |
121 checkExponentRange(n, e); |
89 } |
122 |
90 |
123 try { |
91 private void checkExponentRange() throws InvalidKeyException { |
124 // this will check the validity of params |
|
125 this.keyParams = RSAUtil.getParamSpec(algid); |
|
126 } catch (ProviderException e) { |
|
127 throw new InvalidKeyException(e); |
|
128 } |
|
129 } |
|
130 |
|
131 // pkg private utility method for checking RSA modulus and public exponent |
|
132 static void checkExponentRange(BigInteger mod, BigInteger exp) |
|
133 throws InvalidKeyException { |
92 // the exponent should be smaller than the modulus |
134 // the exponent should be smaller than the modulus |
93 if (e.compareTo(n) >= 0) { |
135 if (exp.compareTo(mod) >= 0) { |
94 throw new InvalidKeyException("exponent is larger than modulus"); |
136 throw new InvalidKeyException("exponent is larger than modulus"); |
95 } |
137 } |
96 |
138 |
97 // the exponent should be at least 3 |
139 // the exponent should be at least 3 |
98 if (e.compareTo(THREE) < 0) { |
140 if (exp.compareTo(THREE) < 0) { |
99 throw new InvalidKeyException("exponent is smaller than 3"); |
141 throw new InvalidKeyException("exponent is smaller than 3"); |
100 } |
142 } |
101 } |
143 } |
102 |
144 |
103 // see JCA doc |
145 // see JCA doc |
|
146 @Override |
104 public String getAlgorithm() { |
147 public String getAlgorithm() { |
105 return "RSA"; |
148 return algid.getName(); |
106 } |
149 } |
107 |
150 |
108 // see JCA doc |
151 // see JCA doc |
|
152 @Override |
109 public BigInteger getModulus() { |
153 public BigInteger getModulus() { |
110 return n; |
154 return n; |
111 } |
155 } |
112 |
156 |
113 // see JCA doc |
157 // see JCA doc |
|
158 @Override |
114 public BigInteger getPublicExponent() { |
159 public BigInteger getPublicExponent() { |
115 return e; |
160 return e; |
|
161 } |
|
162 |
|
163 // see JCA doc |
|
164 @Override |
|
165 public AlgorithmParameterSpec getParams() { |
|
166 return keyParams; |
116 } |
167 } |
117 |
168 |
118 /** |
169 /** |
119 * Parse the key. Called by X509Key. |
170 * Parse the key. Called by X509Key. |
120 */ |
171 */ |
135 throw new InvalidKeyException("Invalid RSA public key", e); |
186 throw new InvalidKeyException("Invalid RSA public key", e); |
136 } |
187 } |
137 } |
188 } |
138 |
189 |
139 // return a string representation of this key for debugging |
190 // return a string representation of this key for debugging |
|
191 @Override |
140 public String toString() { |
192 public String toString() { |
141 return "Sun RSA public key, " + n.bitLength() + " bits\n modulus: " |
193 return "Sun " + getAlgorithm() + " public key, " + n.bitLength() |
142 + n + "\n public exponent: " + e; |
194 + " bits" + "\n params: " + keyParams + "\n modulus: " + n |
|
195 + "\n public exponent: " + e; |
143 } |
196 } |
144 |
197 |
145 protected Object writeReplace() throws java.io.ObjectStreamException { |
198 protected Object writeReplace() throws java.io.ObjectStreamException { |
146 return new KeyRep(KeyRep.Type.PUBLIC, |
199 return new KeyRep(KeyRep.Type.PUBLIC, |
147 getAlgorithm(), |
200 getAlgorithm(), |