Menu
▾
▴
cryptix-commits — CVS commits for code inside this project.
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
(45) |
Mar
(7) |
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
(21) |
Sep
|
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
|
Mar
(3) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <gel...@mx...> - 2003-02-15 13:38:26
|
gelderen 03/02/15 08:46:32
Modified: jce/src/cryptix.jce.provider.elgamal PrecomputedParams.java
Log:
- Catch up with moved cryptix.jce.util.Group and
cryptix.jce.util.Precomputed.
Revision Changes Path
1.4 +5 -5 projects/jce/src/cryptix.jce.provider.elgamal/PrecomputedParams.java
Index: PrecomputedParams.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.elgamal/PrecomputedParams.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PrecomputedParams.java 10 Feb 2000 01:31:43 -0000 1.3
+++ PrecomputedParams.java 15 Feb 2003 13:46:31 -0000 1.4
@@ -1,4 +1,4 @@
-/* $Id: PrecomputedParams.java,v 1.3 2000/02/10 01:31:43 gelderen Exp $
+/* $Id: PrecomputedParams.java,v 1.4 2003/02/15 13:46:31 gelderen Exp $
*
* Copyright (C) 2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -14,12 +14,12 @@
import java.math.BigInteger;
import cryptix.jce.ElGamalParams;
-import cryptix.jce.util.Group;
-import cryptix.jce.util.Precomputed;
+import cryptix.jce.provider.util.Group;
+import cryptix.jce.provider.util.Precomputed;
/**
- * @version $Revision: 1.3 $
+ * @version $Revision: 1.4 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
/*package*/ final class PrecomputedParams
@@ -32,4 +32,4 @@
else
return new ElGamalParamsCryptix(g.getP(), g.getQ(), g.getG());
}
-}
\ No newline at end of file
+}
|
|
From: <gel...@mx...> - 2003-02-15 13:37:08
|
gelderen 03/02/15 08:45:14 Added: jce/src/cryptix.jce.test TestRC4.java Log: - Add test case for RC4. Revision Changes Path 1.1 projects/jce/src/cryptix.jce.test/TestRC4.java Index: TestRC4.java =================================================================== /* $Id: TestRC4.java,v 1.1 2003/02/15 13:45:14 gelderen Exp $ * * Copyright (C) 1995-1999 The Cryptix Foundation Limited. * All rights reserved. * * Use, modification, copying and distribution of this software is subject * the terms and conditions of the Cryptix General Licence. You should have * received a copy of the Cryptix General Licence along with this library; * if not, you can download a copy from http://www.cryptix.org/ . */ package cryptix.jce.test; final class TestRC4 extends CipherTest { private static final String NAME="RC4"; // // Values taken from // - draft-kaukonen-cipher-arcfour-03.txt // private static final String[][] TEST_VALUES = { {"0123456789ABCDEF", "0000000000000000","7494C2E7104B0879"}, {"618a63d2fb", "dcee4cf92c", "f13829c9de" } }; protected TestRC4() { super(NAME, true); } protected void doIt() throws Exception { testCipher(TEST_VALUES); } } |
|
From: <gel...@mx...> - 2003-02-15 13:36:20
|
gelderen 03/02/15 08:44:26
Modified: jce/src/cryptix.jce.provider.dh DHKeyPairGenerator.java
Log:
- Catch up with moved cryptix.jce.util.Group and
cryptix.jce.util.Precomputed.
Revision Changes Path
1.4 +3 -3 projects/jce/src/cryptix.jce.provider.dh/DHKeyPairGenerator.java
Index: DHKeyPairGenerator.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.dh/DHKeyPairGenerator.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- DHKeyPairGenerator.java 18 Feb 2000 19:47:36 -0000 1.3
+++ DHKeyPairGenerator.java 15 Feb 2003 13:44:26 -0000 1.4
@@ -1,4 +1,4 @@
-/* $Id: DHKeyPairGenerator.java,v 1.3 2000/02/18 19:47:36 gelderen Exp $
+/* $Id: DHKeyPairGenerator.java,v 1.4 2003/02/15 13:44:26 gelderen Exp $
*
* Copyright (C) 2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -11,8 +11,8 @@
package cryptix.jce.provider.dh;
-import cryptix.jce.util.Group;
-import cryptix.jce.util.Precomputed;
+import cryptix.jce.provider.util.Group;
+import cryptix.jce.provider.util.Precomputed;
import java.math.BigInteger;
|
|
From: <gel...@mx...> - 2003-02-15 13:35:06
|
gelderen 03/02/15 08:43:11
Modified: jce/src/cryptix.jce.test TestAlgorithmParameters.java
Log:
- Bandaid for the AlgorithmParameters test: explicitly limit ourselves
to the CryptixCrypto provider. This may or may not be the right
solution.
Revision Changes Path
1.5 +9 -8 projects/jce/src/cryptix.jce.test/TestAlgorithmParameters.java
Index: TestAlgorithmParameters.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.test/TestAlgorithmParameters.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- TestAlgorithmParameters.java 28 Jul 2000 20:06:11 -0000 1.4
+++ TestAlgorithmParameters.java 15 Feb 2003 13:43:11 -0000 1.5
@@ -1,4 +1,4 @@
-/* $Id: TestAlgorithmParameters.java,v 1.4 2000/07/28 20:06:11 gelderen Exp $
+/* $Id: TestAlgorithmParameters.java,v 1.5 2003/02/15 13:43:11 gelderen Exp $
*
* Copyright (C) 1995-1999 The Cryptix Foundation Limited.
* All rights reserved.
@@ -15,7 +15,7 @@
* using DES as algorithm as default</B>
*
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.4 $
+ * @version $Revision: 1.5 $
*/
import java.security.SecureRandom;
@@ -28,7 +28,7 @@
final class TestAlgorithmParameters
extends Test
{
-
+ private static final String PROVIDER = "CryptixCrypto";
private static final String name = "AlgorithmParameters";
private Cipher c;
private SecretKey sk;
@@ -66,11 +66,11 @@
private void init ()
throws Exception {
// Generate key
- KeyGenerator kg = KeyGenerator.getInstance(algo);
+ KeyGenerator kg = KeyGenerator.getInstance(algo, PROVIDER);
kg.init(KEY_SIZE);
sk = kg.generateKey();
- c = Cipher.getInstance(algo+"/CBC/NONE");
+ c = Cipher.getInstance(algo+"/CBC/NONE", PROVIDER);
c.init(Cipher.ENCRYPT_MODE, sk);
return;
@@ -82,7 +82,8 @@
byte [] iv = new byte[8];
new SecureRandom().nextBytes(iv);
- AlgorithmParameters ap1 = AlgorithmParameters.getInstance("DES");
+ AlgorithmParameters ap1 =
+ AlgorithmParameters.getInstance("DES", PROVIDER);
ap1.init(new IvParameterSpec(iv));
String a = ap1.getAlgorithm();
String ivs = ap1.toString();
@@ -106,7 +107,7 @@
String p = ap1.getProvider().getName();
byte [] enc = ap1.getEncoded();
- AlgorithmParameters ap2 = AlgorithmParameters.getInstance(algo);
+ AlgorithmParameters ap2 = AlgorithmParameters.getInstance(algo, PROVIDER);
ap2.init(enc);
return (a.equals(ap2.getAlgorithm()) &&
@@ -123,7 +124,7 @@
String ivs = ap1.toString();
String p = ap1.getProvider().getName();
- AlgorithmParameters ap2 = AlgorithmParameters.getInstance(algo);
+ AlgorithmParameters ap2 = AlgorithmParameters.getInstance(algo, PROVIDER);
ap2.init(new IvParameterSpec(iv));
return (a.equals(ap2.getAlgorithm()) &&
|
|
From: <gel...@mx...> - 2003-02-15 13:34:30
|
gelderen 03/02/15 08:42:36
Modified: jce/src/cryptix.jce.provider.cipher RC4.java
BlockCipher.java
Log:
- Add engineGetKeySize implementations to the symmetric ciphers.
Revision Changes Path
1.6 +19 -2 projects/jce/src/cryptix.jce.provider.cipher/RC4.java
Index: RC4.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/RC4.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- RC4.java 10 Feb 2000 20:58:20 -0000 1.5
+++ RC4.java 15 Feb 2003 13:42:36 -0000 1.6
@@ -1,4 +1,4 @@
-/* $Id: RC4.java,v 1.5 2000/02/10 20:58:20 gelderen Exp $
+/* $Id: RC4.java,v 1.6 2003/02/15 13:42:36 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -47,7 +47,7 @@
* John Wiley & Sons, 1996.
* </ul>
*
- * @version $Revision: 1.5 $
+ * @version $Revision: 1.6 $
* @author Raif S. Naffah
* @author David Hopwood
* @since Cryptix 2.2.2
@@ -123,6 +123,23 @@
public int engineGetBlockSize ()
{
return BLOCK_SIZE;
+ }
+
+
+ protected int engineGetKeySize(Key key)
+ throws InvalidKeyException
+ {
+ if( key==null )
+ throw new IllegalArgumentException("Key missing");
+
+ if( !key.getFormat().equalsIgnoreCase("RAW") )
+ throw new InvalidKeyException("Wrong format: RAW bytes needed");
+
+ byte[] userkey = key.getEncoded();
+ if(userkey == null)
+ throw new InvalidKeyException("RAW bytes missing");
+
+ return (userkey.length * 8);
}
1.15 +19 -2 projects/jce/src/cryptix.jce.provider.cipher/BlockCipher.java
Index: BlockCipher.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/BlockCipher.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- BlockCipher.java 3 Aug 2000 13:21:57 -0000 1.14
+++ BlockCipher.java 15 Feb 2003 13:42:36 -0000 1.15
@@ -1,4 +1,4 @@
-/* $Id: BlockCipher.java,v 1.14 2000/08/03 13:21:57 pw Exp $
+/* $Id: BlockCipher.java,v 1.15 2003/02/15 13:42:36 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -57,7 +57,7 @@
*
* @author Jeroen C. van Gelderen (gel...@cr...)
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.14 $
+ * @version $Revision: 1.15 $
*/
public abstract class BlockCipher
extends CipherSpi
@@ -165,6 +165,23 @@
protected final int engineGetBlockSize()
{
return padding.getBlockSize();
+ }
+
+
+ protected int engineGetKeySize(Key key)
+ throws InvalidKeyException
+ {
+ if( key==null )
+ throw new IllegalArgumentException("Key missing");
+
+ if( !key.getFormat().equalsIgnoreCase("RAW") )
+ throw new InvalidKeyException("Wrong format: RAW bytes needed");
+
+ byte[] userkey = key.getEncoded();
+ if(userkey == null)
+ throw new InvalidKeyException("RAW bytes missing");
+
+ return (userkey.length * 8);
}
|
|
From: <gel...@mx...> - 2003-02-15 13:33:21
|
gelderen 03/02/15 08:41:21
Added: jce/src/cryptix.jce.provider.util Group.java
Precomputed.java
Removed: jce/src/cryptix.jce.util Group.java Precomputed.java
Log:
- Moved cryptix.jce.util.Group and cryptix.jce.util.Precomputed to
cryptix.jce.provider.util. This allows DH and ElGamal to function
when cryptix-jce-api.jar is not in the CLASSPATH.
I'm too lazy for a repo-copy.
Revision Changes Path
1.1 projects/jce/src/cryptix.jce.provider.util/Group.java
Index: Group.java
===================================================================
/* $Id: Group.java,v 1.1 2003/02/15 13:41:21 gelderen Exp $
*
* Copyright (C) 2000 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.util;
import java.math.BigInteger;
/**
* Immutable.
*
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public final class Group
{
private BigInteger
p,
q,
g;
/*package*/ Group(BigInteger p, BigInteger q, BigInteger g)
{
this.p = p;
this.q = q;
this.g = g;
}
public BigInteger getP()
{
return this.p;
}
public BigInteger getQ()
{
return this.q;
}
public BigInteger getG()
{
return this.g;
}
}
1.1 projects/jce/src/cryptix.jce.provider.util/Precomputed.java
Index: Precomputed.java
===================================================================
/* $Id: Precomputed.java,v 1.1 2003/02/15 13:41:21 gelderen Exp $
*
* Copyright (C) 2000 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.util;
import java.math.BigInteger;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public final class Precomputed
{
/**
* Precomputed OAKLEY groups.
*
* P_00768: OAKLEY Well-Known Group 1, a 768 bit prime.
* P_01024: OAKLEY Well-Known Group 2, a 1024 bit prime.
* P_01536: OAKLEY Well-Known Group 5, a 1536 bit prime.
*
* See: RFC 2412
*/
private static final Group
OAKLEY_0768 = new Group(
new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B" +
"80DC1CD129024E088A67CC74020BBEA63B139B22514A087" +
"98E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE135" +
"6D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFF" +
"FFFFFFFFFFF", 16),
new BigInteger("7FFFFFFFFFFFFFFFE487ED5110B4611A62633145" +
"C06E0E68948127044533E63A0105DF531D89CD9128A5043" +
"CC71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09A" +
"B6B6A8E122F242DABB312F3F637A262174D31D1B107FFFF" +
"FFFFFFFFFFF", 16),
new BigInteger("2", 16) ),
OAKLEY_1024 = new Group(
new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B" +
"80DC1CD129024E088A67CC74020BBEA63B139B22514A0879" +
"8E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D" +
"6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6" +
"F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651" +
"ECE65381FFFFFFFFFFFFFFFF", 16),
new BigInteger("7FFFFFFFFFFFFFFFE487ED5110B4611A62633145" +
"C06E0E68948127044533E63A0105DF531D89CD9128A5043C" +
"C71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09AB6" +
"B6A8E122F242DABB312F3F637A262174D31BF6B585FFAE5B" +
"7A035BF6F71C35FDAD44CFD2D74F9208BE258FF324943328" +
"F67329C0FFFFFFFFFFFFFFFF", 16),
new BigInteger("2", 16) ),
OAKLEY_1536 = new Group(
new BigInteger("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B" +
"80DC1CD129024E088A67CC74020BBEA63B139B22514A0879" +
"8E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D" +
"6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6" +
"F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651" +
"ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" +
"FD24CF5F83655D23DCA3AD961C62F356208552BB9ED52907" +
"7096966D670C354E4ABC9804F1746C08CA237327FFFFFFFF" +
"FFFFFFFF", 16),
new BigInteger("7FFFFFFFFFFFFFFFE487ED5110B4611A62633145" +
"C06E0E68948127044533E63A0105DF531D89CD9128A5043C" +
"C71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09AB6" +
"B6A8E122F242DABB312F3F637A262174D31BF6B585FFAE5B" +
"7A035BF6F71C35FDAD44CFD2D74F9208BE258FF324943328" +
"F6722D9EE1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD4" +
"7E9267AFC1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483" +
"B84B4B36B3861AA7255E4C0278BA36046511B993FFFFFFFF" +
"FFFFFFFF", 16),
new BigInteger("2", 16) );
/**
* Precomputed SKIP groups.
*
* See: http://skip.incog.com/spec/numbers.html
*/
private static final Group
SKIP_0512 = new Group(
new BigInteger("F52AFF3CE1B1294018118D7C84A70A72D686C40319C80729" +
"7ACA950CD9969FABD00A509B0246D3083D66A45D419F9C7C" +
"BD894B221926BAABA25EC355E92A055F", 16),
null,
new BigInteger("2", 16) ),
SKIP_1024 = new Group(
new BigInteger("F488FD584E49DBCD20B49DE49107366B336C380D451D0F7C" +
"88B31C7C5B2D8EF6F3C923C043F0A55B188D8EBB558CB85D" +
"38D334FD7C175743A31D186CDE33212CB52AFF3CE1B12940" +
"18118D7C84A70A72D686C40319C807297ACA950CD9969FAB" +
"D00A509B0246D3083D66A45D419F9C7CBD894B221926BAAB" +
"A25EC355E92F78C7", 16),
null,
new BigInteger("2", 16) ),
SKIP_2048 = new Group(
new BigInteger("F64257B7087F081772A2BAD6A942F305E8F95311394FB6F1" +
"6EB94B3820DA01A756A314E98F4055F3D007C6CB43A994AD" +
"F74C648649F80C83BD65E917D4A1D350F8F5595FDC76524F" +
"3D3D8DDBCE99E1579259CDFDB8AE744FC5FC76BC83C54730" +
"61CE7CC966FF15F9BBFD915EC701AAD35B9E8DA0A5723AD4" +
"1AF0BF4600582BE5F488FD584E49DBCD20B49DE49107366B" +
"336C380D451D0F7C88B31C7C5B2D8EF6F3C923C043F0A55B" +
"188D8EBB558CB85D38D334FD7C175743A31D186CDE33212C" +
"B52AFF3CE1B1294018118D7C84A70A72D686C40319C80729" +
"7ACA950CD9969FABD00A509B0246D3083D66A45D419F9C7C" +
"BD894B221926BAABA25EC355E9320B3B", 16),
null,
new BigInteger("2", 16) ),
SKIP_4096 = new Group(
new BigInteger("FA147252C14DE15A49D4EF092DC0A8FD55ABD7D937042809" +
"E2E93E77E2A17A18DD46A34337239097F30EC903507D65CF" +
"7862A63A622283A12FFE79BA35FF59D81D61DD1E211317FE" +
"CD38879EF54F7910618DD422F35AED5DEA21E9336B48120A" +
"2077D4256061DEF6B44F1C63408B3A21938B7953512CCAB3" +
"7B2956A8C7F8F47B085EA6DCA2451256DD4192F2DD5B8F23" +
"F0F3EFE43B0A44DDED9684F1A83246A3DB4ABE3D45BA4EF8" +
"03E5DD6B590D841ECA165A8CC8DF7C5444C427A73B2A97CE" +
"A37D269CADF4C2AC374BC3AD68847F99A617EF6B463A7A36" +
"7A114392ADE99CFB446C3D8249CC5C6A5242F842FB44F939" +
"73FB60793BC29E0BDCD4A667F7663FFC423B1BDB4F66DCA5" +
"8F66F9EAC1ED31FB48A1827DF8E0CCB1C703E4F8B3FEB7A3" +
"1373A67BC10E39C7944826008579FC6F7AAFC5523575D775" +
"A440FA14746116F2EB67116F04433D11144CA7942A39A1C9" +
"90CF83C6FF028FA32AAC26DF0B8BBE644AF1A1DCEEBAC803" +
"82F6622C5DB6BB13196E86C55B2B5E3AF3B3286B70713A8E" +
"FF5C15E602A4CEED5956CC155107791A0F25262730A915B2" +
"C8D45CCC30E81BD8D50F19A880A4C701AA8BBA53BB47C21F" +
"6B54B01760ED792195B6058437C803A4DDD106698F4C39E0" +
"C85D831DBE6A9A99F39F0B4529D4CB2966EE1E7E3DD7134E" +
"DB909058CB5E9BCD2E2B0FA94E78AC05117FE39E27D499E1" +
"B9BD78E18441A0DF", 16),
null,
new BigInteger("2", 16) );
public static Group getElGamalGroup(int keysize)
{
return getStrongGroup(keysize);
}
public static Group getStrongGroup(int keysize)
{
switch(keysize)
{
case 512:
return SKIP_0512;
case 768:
return OAKLEY_0768;
case 1024:
return OAKLEY_1024;
case 1536:
return OAKLEY_1536;
case 2048:
return SKIP_2048;
case 4096:
return SKIP_4096;
default:
return null; // we don't have any
}
}
}
|
|
From: <ed...@mx...> - 2003-02-14 12:29:44
|
edwin 03/02/14 07:37:32
Modified: openpgp CHANGELOG.TXT
openpgp/src/cryptix/openpgp/provider PGPKeyBundleImpl.java
Log:
- Fix the clone() method of PGPKeyBundleImpl
Revision Changes Path
1.18 +1 -0 projects/openpgp/CHANGELOG.TXT
Index: CHANGELOG.TXT
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- CHANGELOG.TXT 9 Feb 2003 21:23:27 -0000 1.17
+++ CHANGELOG.TXT 14 Feb 2003 12:37:31 -0000 1.18
@@ -2,6 +2,7 @@
- Snapshots are now compiled on JDK 1.2, so that they continue to work on that
version of the JDK. Due to a Sun API change, a library compiled on JDK 1.3 or
higher would not work on JDK 1.2.
+- Fixed the clone() method of PGPKeyBundleImpl
20030205 snapshot
- API change: added cryptix.pki.ExtendedCertificate, which adds a few common
1.3 +5 -3 projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java
Index: PGPKeyBundleImpl.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- PGPKeyBundleImpl.java 3 Feb 2003 15:04:00 -0000 1.2
+++ PGPKeyBundleImpl.java 14 Feb 2003 12:37:32 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Id: PGPKeyBundleImpl.java,v 1.2 2003/02/03 15:04:00 edwin Exp $
+/* $Id: PGPKeyBundleImpl.java,v 1.3 2003/02/14 12:37:32 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -58,6 +58,7 @@
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
+import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Vector;
@@ -67,7 +68,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public class PGPKeyBundleImpl extends PGPKeyBundle {
@@ -208,7 +209,8 @@
Iterator entries = principalsToCertificates.entrySet().iterator();
while (keys.hasNext()) {
- p2cClone.put(keys.next(), ((Vector)entries.next()).clone());
+ p2cClone.put(keys.next(),
+ ((Vector)((Map.Entry)entries.next()).getValue()).clone());
}
return new PGPKeyBundleImpl(mainkey, privpkt,
|
|
From: <ed...@mx...> - 2003-02-09 21:15:20
|
edwin 03/02/09 16:23:27 Modified: openpgp CHANGELOG.TXT Log: JDK 1.2 compat. Revision Changes Path 1.17 +5 -0 projects/openpgp/CHANGELOG.TXT Index: CHANGELOG.TXT =================================================================== RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- CHANGELOG.TXT 9 Feb 2003 19:49:43 -0000 1.16 +++ CHANGELOG.TXT 9 Feb 2003 21:23:27 -0000 1.17 @@ -1,3 +1,8 @@ +???????? snapshot +- Snapshots are now compiled on JDK 1.2, so that they continue to work on that + version of the JDK. Due to a Sun API change, a library compiled on JDK 1.3 or + higher would not work on JDK 1.2. + 20030205 snapshot - API change: added cryptix.pki.ExtendedCertificate, which adds a few common methods for certificates. New additions are: the ability to check if a |
|
From: <ed...@mx...> - 2003-02-09 21:15:06
|
edwin 03/02/09 16:23:08
Modified: openpgp README.TXT
Log:
Update with new sourceforge mailing list.
Also minor other mods.
Revision Changes Path
1.8 +12 -34 projects/openpgp/README.TXT
Index: README.TXT
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/README.TXT,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- README.TXT 31 Jan 2003 00:51:16 -0000 1.7
+++ README.TXT 9 Feb 2003 21:23:08 -0000 1.8
@@ -36,7 +36,7 @@
Cryptix OpenPGP needs:
- Cryptix JCE (see section A below for other JCE's)
- - JDK 1.3 or JDK 1.4 (see section B below for JDK 1.1 / JDK 1.2)
+ - JDK 1.2, 1.3 or 1.4 (see section B below for JDK 1.1)
2. Classpath
@@ -56,18 +56,19 @@
see section A below).
-4. Installing the providers
+3. Installing the providers
You need to add the following two lines to your java.security file (which
lives usually somewhere near $JAVA_HOME/jre/lib/security):
- security.provider.1=cryptix.jce.provider.CryptixCrypto
- security.provider.2=cryptix.openpgp.provider.CryptixOpenPGP
+ security.provider.x=cryptix.jce.provider.CryptixCrypto
+ security.provider.y=cryptix.openpgp.provider.CryptixOpenPGP
- Replace x and y by two numbers, as
+ Replace x and y by two numbers, so that all providers have sequential
+ numbers.
-5. Documentation
+4. Documentation
In the released versions, documentation can be found in doc/
There are several javadoc trees there:
@@ -80,12 +81,12 @@
Example programs can be found in examples/
-6. Support
+5. Support
A mailing list is available for getting support: the cryptix-users list.
Subscription instructions are available at:
- http://lists.cryptix.org/mailman/listinfo/cryptix-users/
+ http://lists.sourceforge.net/lists/listinfo/cryptix-users
Here is a list of things to include in your question. This should help in
getting a faster and better response:
@@ -140,7 +141,7 @@
to get it working, but fortunately these are relatively easy.
-B. JDK 1.1 / JDK 1.2
+B. JDK 1.1
Cryptix OpenPGP does not work on JDK 1.1, because it uses (part of) the
Collection framework that was added to JDK 1.2.
@@ -154,15 +155,6 @@
volunteer will decide to do this and contribute it back to Cryptix.
- The reason Cryptix OpenPGP does not work on JDK 1.2 is due to a compiler
- issue. When both Cryptix JCE and Cryptix OpenPGP are compiled with JDK 1.3
- or higher, they will not work anymore with JDK 1.2, due to the fact that
- Sun added an interface somewhere (java.security.interfaces.RSAKey).
-
- Fortunately, getting it to work on JDK 1.2 is as simple as using JDK 1.2 to
- compile both Cryptix JCE and Cryptix OpenPGP.
-
-
C. What's this 'Cryptix PKI API'?
The Cryptix PKI API contain extensions on some of the PKI/Certificate
@@ -209,19 +201,5 @@
F. Contributing
- If you want to contribute to Cryptix OpenPGP, here are a few guidelines.
-
- First of all, please read the previous section on anonymous CVS to get the
- real source and use that as the basis for development. That way you can be
- sure that you will always be working on the most recent sources, which may
- be different than the latest release.
-
- Discussion takes place on the cryptix-team list. Subscribe instructions can
- be found at: http://lists.cryptix.org/mailman/listinfo/cryptix-team
-
- Important note: this is NOT a list for support questions, see section 6 on
- the cryptix-users list for that. Only post on the cryptix-team list if you
- are seriously thinking about contributing. For example: a bugreport without
- a patch goes on the cryptix-user list, a bugreport with patch is welcome on
- the cryptix-team list.
-
+ If you have anything to contribute, please use the cryptix-users list
+ (see section 5) or mail me privately: ed...@cr...
|
|
From: <ed...@mx...> - 2003-02-09 20:34:45
|
edwin 03/02/09 15:42:50 Modified: openpgp/lib cryptix-jce-api.jar cryptix-jce-provider.jar Log: New versions from the 20030207 snapshot. |
|
From: <ed...@mx...> - 2003-02-09 19:41:53
|
edwin 03/02/09 14:49:43 Modified: openpgp CHANGELOG.TXT Log: Oops, forgot to commit this one for the new snapshot. Revision Changes Path 1.16 +1 -1 projects/openpgp/CHANGELOG.TXT Index: CHANGELOG.TXT =================================================================== RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- CHANGELOG.TXT 4 Feb 2003 13:25:00 -0000 1.15 +++ CHANGELOG.TXT 9 Feb 2003 19:49:43 -0000 1.16 @@ -1,4 +1,4 @@ -???????? snapshot +20030205 snapshot - API change: added cryptix.pki.ExtendedCertificate, which adds a few common methods for certificates. New additions are: the ability to check if a certificate is self signed and the ability to verify the cert with a |
|
From: <gel...@mx...> - 2003-02-07 15:07:54
|
gelderen 03/02/07 10:16:01
Modified: jce/src/cryptix.jce.provider CryptixCrypto.java
Log:
- Add entries for RSAES-OAEP with various hashes.
- Bump version to 1.3.
Revision Changes Path
1.8 +26 -4 projects/jce/src/cryptix.jce.provider/CryptixCrypto.java
Index: CryptixCrypto.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider/CryptixCrypto.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- CryptixCrypto.java 10 Oct 2001 02:08:41 -0000 1.7
+++ CryptixCrypto.java 7 Feb 2003 15:16:01 -0000 1.8
@@ -1,4 +1,4 @@
-/* $Id: CryptixCrypto.java,v 1.7 2001/10/10 02:08:41 gelderen Exp $
+/* $Id: CryptixCrypto.java,v 1.8 2003/02/07 15:16:01 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -23,7 +23,7 @@
/**
* The Cryptix JCE Strong Crypto Provider.
*
- * @version $Revision: 1.7 $
+ * @version $Revision: 1.8 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public final class CryptixCrypto extends Provider
@@ -36,7 +36,7 @@
NAME = "CryptixCrypto",
INFO = "Cryptix JCE Strong Crypto Provider";
private static final double
- VERSION = 1.2; //FIXME: set our VERSION later?? (pw)
+ VERSION = 1.3; //FIXME: set our VERSION later?? (pw)
// Constructor
@@ -262,9 +262,31 @@
"cryptix.jce.provider.rsa.RSAKeyFactory");
put("KeyPairGenerator.RSA",
"cryptix.jce.provider.rsa.RSAKeyPairGenerator");
+
+ put("Cipher.RSAES-OAEP-MD2",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_MD2");
+ put("Cipher.RSAES-OAEP-MD4",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_MD4");
+ put("Cipher.RSAES-OAEP-MD5",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_MD5");
+ put("Cipher.RSAES-OAEP-RIPEMD128",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_RIPEMD128");
+ put("Cipher.RSAES-OAEP-RIPEMD160",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_RIPEMD160");
+ put("Cipher.RSAES-OAEP-SHA1",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_SHA1");
+ put("Cipher.RSAES-OAEP-SHA256",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_SHA256");
+ put("Cipher.RSAES-OAEP-SHA384",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_SHA384");
+ put("Cipher.RSAES-OAEP-SHA512",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_SHA512");
+ put("Cipher.RSAES-OAEP-Tiger",
+ "cryptix.jce.provider.rsa.RSACipher_OAEP_Tiger");
put("Cipher.RSA/ECB/PKCS#1",
"cryptix.jce.provider.rsa.RSACipher_ECB_PKCS1");
-
+
+ // ElGamal
put("KeyPairGenerator.ElGamal",
"cryptix.jce.provider.elgamal.ElGamalKeyPairGenerator");
|
|
From: <gel...@mx...> - 2003-02-07 15:06:49
|
gelderen 03/02/07 10:14:55
Modified: jce/src/cryptix.jce.provider.elgamal ElGamalCipher.java
Log:
Fix: Attempt to decrypt with wrong key can produce an
ArrayIndexOutofBoundsException.
Submitted-By: Kevin Dana <kd...@ag...>
Revision Changes Path
1.9 +21 -14 projects/jce/src/cryptix.jce.provider.elgamal/ElGamalCipher.java
Index: ElGamalCipher.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.elgamal/ElGamalCipher.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- ElGamalCipher.java 15 Jan 2003 21:07:50 -0000 1.8
+++ ElGamalCipher.java 7 Feb 2003 15:14:55 -0000 1.9
@@ -1,4 +1,4 @@
-/* $Id: ElGamalCipher.java,v 1.8 2003/01/15 21:07:50 gelderen Exp $
+/* $Id: ElGamalCipher.java,v 1.9 2003/02/07 15:14:55 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -42,7 +42,8 @@
* Expirimental ElGamal implementation.
*
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.8 $
+ * @author Kevin Dana, Agorics Inc. (Agorics mod: 16273)
+ * @version $Revision: 1.9 $
*/
public final class ElGamalCipher extends CipherSpi {
@@ -391,19 +392,25 @@
throws BadPaddingException {
int bt = input[inOffset + 1];
int padLen = 1;
- switch (bt) {
- case 0x00:
- for (;; padLen++)
- if (input[inOffset + padLen + 1] != (byte)0x00) break;
- break;
- case 0x01:
- case 0x02:
- for (;; padLen++)
- if (input[inOffset + padLen] == (byte)0x00) break;
- break;
- default:
- throw new BadPaddingException("Wrong block type!");
+ try {
+ switch (bt) {
+ case 0x00:
+ for (;; padLen++)
+ if (input[inOffset + padLen + 1] != (byte)0x00) break;
+ break;
+ case 0x01:
+ case 0x02:
+ for (;; padLen++)
+ if (input[inOffset + padLen] == (byte)0x00) break;
+ break;
+ default:
+ throw new BadPaddingException("Wrong block type!");
+ }
+ } catch (ArrayIndexOutOfBoundsException ex) {
+ throw new BadPaddingException(
+ "Cannot unpad: padding incorrect for PKCS#1 block type "+bt);
}
+
padLen++;
int len = inputLen - inOffset - padLen;
|
|
From: <gel...@mx...> - 2003-02-07 15:05:20
|
gelderen 03/02/07 10:13:27 Added: jce/doc ChangeLog.txt Log: Initial version. Revision Changes Path 1.1 projects/jce/doc/ChangeLog.txt Index: ChangeLog.txt =================================================================== Change Log 2003 01 05 - Fix IllegalStateException from RawKeyGenerator.engineGenerateKey() when trying to generate a SecretKey with the default length. (Kevin Dana / Agorics Inc.) - Fix ClassCastException from CoreInit() method of Mode instance when using RC2 cipher algorithm. (Kevin Dana / Agorics Inc.) 2003 01 07 - ElGamal: Attempt to decrypt with wrong key can produce an ArrayIndexOutofBoundsException. (Kevin Dana / Agorics Inc.) - Added implementation of RSAES-OAEP. (Jeroen C. van Gelderen / Cryptix) - Added partial implementation of InscureRandom, a fixed-sequence implementation of the SecureRandom interface. |
|
From: <gel...@mx...> - 2003-02-07 15:03:30
|
gelderen 03/02/07 10:11:36
Added: jce/src/cryptix.jce.test InsecureRandom.java
Log:
Add partially function fixed-sequence implementation of SecureRandom.
This is useful to make randomized algorithms behave deterministically.
Revision Changes Path
1.1 projects/jce/src/cryptix.jce.test/InsecureRandom.java
Index: InsecureRandom.java
===================================================================
package cryptix.jce.test;
import java.security.SecureRandom;
/*package*/ final class InsecureRandom extends SecureRandom {
private final byte[] _stream;
private int _streamOff;
public InsecureRandom(byte[] stream) {
_stream = stream;
_streamOff = 0;
}
public void nextBytes(byte[] buf) {
if(buf.length > (_stream.length - _streamOff))
throw new Error("Out of fixed bytes!");
System.arraycopy(_stream, _streamOff, buf, 0, buf.length);
System.out.println("nextBytes yields: " + Util.toString(buf));
}
}
|
|
From: <gel...@mx...> - 2003-02-07 15:00:27
|
gelderen 03/02/07 10:08:32
Added: jce/src/cryptix.jce.provider.rsa RSACipher_OAEP.java
RSACipher_OAEP_MD2.java RSACipher_OAEP_MD4.java
RSACipher_OAEP_MD5.java
RSACipher_OAEP_RIPEMD128.java
RSACipher_OAEP_RIPEMD160.java
RSACipher_OAEP_SHA1.java RSACipher_OAEP_SHA256.java
RSACipher_OAEP_SHA384.java
RSACipher_OAEP_SHA512.java
RSACipher_OAEP_Tiger.java
Log:
Add our RSAES-OAEP implementation.
Revision Changes Path
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP.java
Index: RSACipher_OAEP.java
===================================================================
/* $Id: RSACipher_OAEP.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.interfaces.RSAPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
import cryptix.jce.provider.util.Util;
/**
* @author Jeroen C. van Gelderen (gel...@cr...)
* @version $Revision: 1.1 $
*/
public abstract class RSACipher_OAEP extends CipherSpi {
private final MessageDigest _md;
private final int _hLen;
private final byte[] _lHash;
private SecureRandom _rng;
private BigInteger _n, _exp, _p, _q, _u;
/** Byte-length of modulus (n), excluding sign bit. */
private int _k;
private int _mode;
public RSACipher_OAEP(String hashName) {
try {
_md = MessageDigest.getInstance(hashName);
_hLen = _md.getDigestLength();
// a. If the label L is not provided, let L be the empty string.
// Let lHash = Hash(L), an octet string of length hLen.
_lHash = _md.digest();
} catch(NoSuchAlgorithmException ex) {
// we should have the given hash in our provider so this should
// be unreachable
throw new InternalError(
"MessageDigest not found! (" + hashName + "): " +
ex.toString());
}
}
protected final void
engineSetMode(String mode)
throws NoSuchAlgorithmException {
// if (!mode.equalsIgnoreCase("ECB"))
throw new NoSuchAlgorithmException("Wrong mode type!");
}
protected final void
engineSetPadding(String padding)
throws NoSuchPaddingException {
}
protected final int
engineGetBlockSize() {
throw new IllegalArgumentException();
}
protected final int
engineGetOutputSize(int inputLen) {
throw new IllegalArgumentException();
}
protected final byte[]
engineGetIV() {
return null;
}
protected final AlgorithmParameters
engineGetParameters() {
return null;
}
protected final void
engineInit(int opmode, Key key, SecureRandom random)
throws InvalidKeyException {
if (!(key instanceof RSAPrivateKey) && !(key instanceof RSAPublicKey))
throw new InvalidKeyException(
"Key must be instance of either RSAPublicKey or RSAPrivateKey!");
_mode = opmode;
_rng = random;
if (_mode == Cipher.DECRYPT_MODE) {
_n = ((RSAPrivateKey)key).getModulus();
_exp = ((RSAPrivateKey)key).getPrivateExponent();
} else if(_mode == Cipher.ENCRYPT_MODE) {
_n = ((RSAPublicKey)key).getModulus();
_exp = ((RSAPublicKey)key).getPublicExponent();
} else {
throw new IllegalArgumentException("opmode not supported.");
}
if (key instanceof RSAPrivateCrtKey) {
_p = ((RSAPrivateCrtKey)key).getPrimeP();
_q = ((RSAPrivateCrtKey)key).getPrimeQ();
_u = ((RSAPrivateCrtKey)key).getCrtCoefficient();
} else {
_p = _q = _u = null;
}
// round up to nearest multiple of eight bits
_k = (_n.bitLength() + 7) / 8;
// c. If k < 2hLen + 2, output "decryption error" and stop.
if(_k < 2*_hLen +2)
throw new InvalidKeyException("Modulus too short.");
}
protected final void
engineInit(int opmode, Key key, AlgorithmParameterSpec params,
SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
if(params != null)
throw new InvalidAlgorithmParameterException(
"This cipher do not support AlgorithmParameterSpecs");
engineInit(opmode, key, random);
}
protected final void
engineInit(int opmode, Key key, AlgorithmParameters params,
SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
if(params != null)
throw new InvalidAlgorithmParameterException(
"This cipher do not support AlgorithmParameters");
engineInit(opmode, key, random);
}
protected final byte[]
engineUpdate(byte[] input, int inputOffset, int inputLen) {
throw new RuntimeException("You can't do an update when using OAEP!");
}
protected final int
engineUpdate(byte[] input, int inputOffset, int inputLen,
byte[] output, int outputOffset)
throws ShortBufferException {
throw new RuntimeException("You can't do an update when using OAEP!");
}
protected final byte[]
engineDoFinal(byte[] input, int inputOffset, int inputLen)
throws IllegalBlockSizeException, BadPaddingException {
if(_mode == Cipher.ENCRYPT_MODE) {
byte[] M = new byte[inputLen];
System.arraycopy(input, inputOffset, M, 0, inputLen);
byte[] C = RSAES_OAEP_ENCRYPT(M);
return C;
} else {
byte[] C = new byte[inputLen];
System.arraycopy(input, inputOffset, C, 0, inputLen);
byte[] M = RSAES_OAEP_DECRYPT(C);
return M;
}
}
protected final int
engineDoFinal(byte[] input, int inputOffset, int inputLen,
byte[] output, int outputOffset)
throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
{
byte[] M = new byte[inputLen];
System.arraycopy(input, inputOffset, M, 0, inputLen);
byte[] C = RSAES_OAEP_ENCRYPT(M);
int outputLen = output.length - outputOffset;
if(C.length > outputLen)
throw new ShortBufferException();
System.arraycopy(C, 0, output, outputOffset, C.length);
return C.length;
}
protected int engineGetKeySize(Key key) throws InvalidKeyException {
if(key instanceof RSAPublicKey)
return ((RSAPublicKey)key).getModulus().bitLength();
else if(key instanceof RSAPrivateKey)
return ((RSAPrivateKey)key).getModulus().bitLength();
else
throw new InvalidKeyException("Not an RSA key.");
}
private byte[] RSAES_OAEP_DECRYPT(byte[] C)
throws BadPaddingException, IllegalBlockSizeException
{
// 1. Length checking:
// a. If the length of L is greater than the input limitation for
// the hash function, output "decryption error" and stop.
// -- we use the empty label
// b. If the length of the ciphertext C is not k octets, output
// "decryption error" and stop.
if(C.length != _k)
throw new IllegalBlockSizeException();
// c. If k < 2hLen + 2, output "decryption error" and stop.
// -- we check for this in engineInit
// 2. RSA decryption:
// a. Convert the ciphertext C to an integer ciphertext
// representative c = OS2IP (C) .
BigInteger c = new BigInteger(1, C);
// b. Apply the RSADP decryption primitive to the RSA private
// key K and the ciphertext representative c to produce an
// integer message representative m = RSADP (K, c) .
// If RSADP outputs "ciphertext representative out of range"
// (meaning that c >= n), output "decryption error" and stop.
BigInteger m = RSAAlgorithm.rsa(c, _n, _exp, _p, _q, _u);
// XXX: handle errors (bad key)
// c. Convert the message representative m to an encoded message
// EM of length k octets: EM = I2OSP (m, k) .
byte[] EM = Util.toFixedLenByteArray(m, _k);
// XXX: handle m too long (bad key)
// 3. EME-OAEP decoding:
// a. If the label L is not provided, let L be the empty string.
// Let lHash = Hash(L), an octet string of length hLen.
// -- done in ctor
// b. Separate the encoded message EM into a single octet Y, an
// octet string maskedSeed of length hLen, and an octet string
// maskedDB of length k - hLen - 1 as
// EM = Y || maskedSeed || maskedDB .
if(EM[0] != 0x00)
throw new BadPaddingException();
byte[] maskedSeed = new byte[_hLen];
System.arraycopy(EM, 1, maskedSeed, 0, maskedSeed.length);
byte[] maskedDB = new byte[_k - _hLen -1];
System.arraycopy(EM, 1 + _hLen, maskedDB, 0, maskedDB.length);
// c. Let seedMask = MGF (maskedDB, hLen).
byte[] seedMask = mgf1(maskedDB, _hLen);
// d. Let seed = maskedSeed ^ seedMask.
byte[] seed = xor(maskedSeed, seedMask);
// e. Let dbMask = MGF (seed, k - hLen - 1).
byte[] dbMask = mgf1(seed, _k - _hLen -1);
// f. Let DB = maskedDB ^ dbMask.
byte[] DB = xor(maskedDB, dbMask);
// g. Separate DB into an octet string lHash' of length hLen,
// a (possibly empty) padding string PS consisting of octets
// with hexadecimal value 0x00, and a message M as
// DB = lHash' || PS || 0x01 || M .
// If there is no octet with hexadecimal value 0x01 to separate
// PS from M, if lHash does not equal lHash', or if Y is
// nonzero, output "decryption error" and stop.
byte[] lHash1 = new byte[_hLen];
System.arraycopy(DB, 0, lHash1, 0, lHash1.length);
if(!Util.equals(_lHash, lHash1))
throw new BadPaddingException();
int i = _hLen;
for( ; i < DB.length; i++)
if(DB[i] != 0x00)
break;
if(DB[i++] != 0x01)
throw new BadPaddingException();
// 4. Output the message M.
int mLen = DB.length - i;
byte[] M = new byte[mLen];
System.arraycopy(DB, i, M, 0, mLen);
return M;
}
private byte[] RSAES_OAEP_ENCRYPT(byte[] M)
throws IllegalBlockSizeException
{
int mLen = M.length;
// 1. Length checking:
// a. If the length of L is greater than the input limitation for
// the hash function, output "label too long" and stop.
// -- we use zero-length L so this check is not necessary
// b. If mLen > k-2hLen-2, output "message too long" and stop.
if(mLen > _k - 2*_hLen - 2)
throw new IllegalBlockSizeException();
//
// 2. EME-OAEP encoding
// a. If the label L is not provided, let L be the empty string.
// Let lHash = Hash(L), an octet string of length hLen.
// -- see constructor, value in _lHash
// b. Generate an octet string PS consisting of k-mLen-2hLen-2
// zero octets. The length of PS may be zero.
byte[] PS = new byte[_k - mLen - 2*_hLen -2];
// c. Concatenate lHash, PS, a single octet with hexadecimal
// value 0x01, and the message M to form a data block DB of
// length k-hLen-1 octets as DB = lHash || PS || 0x01 || M .
byte[] DB = concat(_lHash, PS, new byte[]{ 0x01 }, M);
// d. Generate a random octet string seed of length hLen.
byte[] seed = new byte[_hLen];
_rng.nextBytes(seed);
// e. Let dbMask = MGF (seed, _k - hLen - 1)
byte[] dbMask = mgf1(seed, _k - _hLen - 1);
// f. Let maskedDB = DB ^ dbMask.
byte[] maskedDB = xor(DB, dbMask);
// g. Let seedMask = MGF (maskedDB, hLen).
byte[] seedMask = mgf1(maskedDB, _hLen);
// h. Let maskedSeed = seed ^ seedMask.
byte[] maskedSeed = xor(seed, seedMask);
// i. Concatenate a single octet with hexadecimal value 0x00,
// maskedSeed, and maskedDB to form an encoded message EM of
// length k octets as EM = 0x00 || maskedSeed || maskedDB.
byte[] EM = concat(new byte[]{ 0x00 }, maskedSeed, maskedDB);
// 3. RSA encryption:
// a. Convert the encoded message EM to an integer message
// representative m = OS2IP (EM) .
BigInteger m = new BigInteger(1, EM);
// b. Apply the RSAEP encryption primitive to the RSA public
// key (n, e) and the message representative m to produce an
// integer ciphertext representative c: c = RSAEP ((n, e), m) .
BigInteger c = RSAAlgorithm.rsa(m, _n, _exp, _p, _q, _u);
// XXX: handle error (bad key)
// c. Convert the ciphertext representative c to a ciphertext C
// of length k octets C = I2OSP (c, k) .
byte[] C = Util.toFixedLenByteArray(c, _k);
// XXX: handle error (bad key)
// 4. Output the ciphertext C.
return C;
}
private static byte[] xor(byte[] a, byte[] b) {
if( a.length != b.length )
throw new InternalError("a.len != b.len");
byte[] res = new byte[a.length];
for(int i=0; i<res.length; i++)
res[i] = (byte)(a[i] ^ b[i]);
return res;
}
// T = T || Hash (Z || C)
private byte[] mgf1(byte[] seed, int len) {
int hashCount = (len + _hLen - 1) / _hLen; // ceil(len / hLen)
byte[] mask = new byte[0];
for(int i=0; i<hashCount; i++)
mask = concat(mask, mgf1Hash(seed, (byte)i));
byte[] res = new byte[len];
System.arraycopy(mask, 0, res, 0, res.length);
return res;
}
private byte[] mgf1Hash(byte[] seed, byte c) {
_md.update(seed);
_md.update(new byte[3]);
_md.update(c);
return _md.digest();
}
private byte[] concat(byte[] a, byte[] b) {
byte[] res = new byte[a.length + b.length];
System.arraycopy(a, 0, res, 0, a.length);
System.arraycopy(b, 0, res, a.length, b.length);
return res;
}
private byte[] concat(byte[] a, byte[] b, byte[] c) {
return concat(a, concat(b, c));
}
private byte[] concat(byte[] a, byte[] b, byte[] c, byte[] d) {
return concat(a, concat(b, concat(c, d)));
}
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_MD2.java
Index: RSACipher_OAEP_MD2.java
===================================================================
/* $Id: RSACipher_OAEP_MD2.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_MD2 extends RSACipher_OAEP {
public RSACipher_OAEP_MD2() { super("MD2"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_MD4.java
Index: RSACipher_OAEP_MD4.java
===================================================================
/* $Id: RSACipher_OAEP_MD4.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_MD4 extends RSACipher_OAEP {
public RSACipher_OAEP_MD4() { super("MD4"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_MD5.java
Index: RSACipher_OAEP_MD5.java
===================================================================
/* $Id: RSACipher_OAEP_MD5.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_MD5 extends RSACipher_OAEP {
public RSACipher_OAEP_MD5() { super("MD5"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_RIPEMD128.java
Index: RSACipher_OAEP_RIPEMD128.java
===================================================================
/* $Id: RSACipher_OAEP_RIPEMD128.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_RIPEMD128 extends RSACipher_OAEP {
public RSACipher_OAEP_RIPEMD128() { super("RIPEMD128"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_RIPEMD160.java
Index: RSACipher_OAEP_RIPEMD160.java
===================================================================
/* $Id: RSACipher_OAEP_RIPEMD160.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_RIPEMD160 extends RSACipher_OAEP {
public RSACipher_OAEP_RIPEMD160() { super("RIPEMD160"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_SHA1.java
Index: RSACipher_OAEP_SHA1.java
===================================================================
/* $Id: RSACipher_OAEP_SHA1.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_SHA1 extends RSACipher_OAEP {
public RSACipher_OAEP_SHA1() { super("SHA1"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_SHA256.java
Index: RSACipher_OAEP_SHA256.java
===================================================================
/* $Id: RSACipher_OAEP_SHA256.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_SHA256 extends RSACipher_OAEP {
public RSACipher_OAEP_SHA256() { super("SHA256"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_SHA384.java
Index: RSACipher_OAEP_SHA384.java
===================================================================
/* $Id: RSACipher_OAEP_SHA384.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_SHA384 extends RSACipher_OAEP {
public RSACipher_OAEP_SHA384() { super("SHA384"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_SHA512.java
Index: RSACipher_OAEP_SHA512.java
===================================================================
/* $Id: RSACipher_OAEP_SHA512.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_SHA512 extends RSACipher_OAEP {
public RSACipher_OAEP_SHA512() { super("SHA512"); }
}
1.1 projects/jce/src/cryptix.jce.provider.rsa/RSACipher_OAEP_Tiger.java
Index: RSACipher_OAEP_Tiger.java
===================================================================
/* $Id: RSACipher_OAEP_Tiger.java,v 1.1 2003/02/07 15:08:32 gelderen Exp $
*
* Copyright (C) 2002, 2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General Licence along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.jce.provider.rsa;
/**
* @version $Revision: 1.1 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public class RSACipher_OAEP_Tiger extends RSACipher_OAEP {
public RSACipher_OAEP_Tiger() { super("Tiger"); }
}
|
|
From: <gel...@mx...> - 2003-02-07 14:59:36
|
gelderen 03/02/07 10:07:42 Added: jce/src/cryptix.jce.test TestRSA_OAEP.java Log: Add test for RSAES-OAEP. Not really functional for now. Revision Changes Path 1.1 projects/jce/src/cryptix.jce.test/TestRSA_OAEP.java Index: TestRSA_OAEP.java =================================================================== /* $Id: TestRSA_OAEP.java,v 1.1 2003/02/07 15:07:42 gelderen Exp $ * * Copyright (C) 1995-2000 The Cryptix Foundation Limited. * All rights reserved. * * Use, modification, copying and distribution of this software is subject * the terms and conditions of the Cryptix General Licence. You should have * received a copy of the Cryptix General Licence along with this library; * if not, you can download a copy from http://www.cryptix.org/ . */ package cryptix.jce.test; import java.math.BigInteger; import java.security.*; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import javax.crypto.KeyGenerator; import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.CipherInputStream; import javax.crypto.CipherOutputStream; import cryptix.jce.provider.rsa.*; /** */ public final class TestRSA_OAEP extends Test { private static final String PROVIDER = "CryptixCrypto"; private static final String KALG = "RSA"; private static final String ALG = "RSAES-OAEP-SHA1"; private static int SIZE = 768; private static final String N = "a8b3b284af8eb50b387034a860f146c4" + "919f318763cd6c5598c8ae4811a1e0ab" + "c4c7e0b082d693a5e7fced675cf46685" + "12772c0cbc64a742c6c630f533c8cc72" + "f62ae833c40bf25842e984bb78bdbf97" + "c0107d55bdb662f5c4e0fab9845cb514" + "8ef7392dd3aaff93ae1e6b667bb3d424" + "7616d4f5ba10d4cfd226de88d39f16fb", E = "010001", D = "53339cfdb79fc8466a655c7316aca85c" + "55fd8f6dd898fdaf119517ef4f52e8fd" + "8e258df93fee180fa0e4ab29693cd83b" + "152a553d4ac4d1812b8b9fa5af0e7f55" + "fe7304df41570926f3311f15c4d65a73" + "2c483116ee3d3d2d0af3549ad9bf7cbf" + "b78ad884f84d5beb04724dc7369b31de" + "f37d0cf539e9cfcdd3de653729ead5d1", P = "d32737e7267ffe1341b2d5c0d150a81b" + "586fb3132bed2f8d5262864a9cb9f30a" + "f38be448598d413a172efb802c21acf1" + "c11c520c2f26a471dcad212eac7ca39d", Q = "cc8853d1d54da630fac004f471f281c7" + "b8982d8224a490edbeb33d3e3d5cc93c" + "4765703d1dd791642f1f116a0dd852be" + "2419b2af72bfe9a030e860b0288b5d77", dP= "0e12bf1718e9cef5599ba1c3882fe804" + "6a90874eefce8f2ccc20e4f2741fb0a3" + "3a3848aec9c9305fbecbd2d76819967d" + "4671acc6431e4037968db37878e695c1", dQ= "95297b0f95a2fa67d00707d609dfd4fc" + "05c89dafc2ef6d6ea55bec771ea33373" + "4d9251e79082ecda866efef13c459e1a" + "631386b7e354c899f5f112ca85d71583", qI= "4f456c502493bdc0ed2ab756a3a6ed4d" + "67352a697d4216e93212b127a63d5411" + "ce6fa98d5dbefd73263e372814274381" + "8166ed7dd63687dd2a8ca1d2f4fbd8e1", PT = "6628194e12073db03ba94cda9ef95323" + "97d50dba79b987004afefe34", SD = "18b776ea21069d69776a33e96bad48e1" + "dda0a5ef", CT = "354fe67b4a126d5d35fe36c777791a3f" + "7ba13def484e2d3908aff722fad468fb" + "21696de95d0be911c2d3174f8afcc201" + "035f7b6d8e69402de5451618c21a535f" + "a9d7bfc5b8dd9fc243f8cf927db31322" + "d6e881eaa91a996170e657a05a266426" + "d98c88003f8477c1227094a0d9fa1e8c" + "4024309ce1ecccb5210035d47ac72e8a"; public TestRSA_OAEP() { super("RSAES-OAEP"); } protected void doIt() throws Exception { beginTest("Begin"); RSAPublicKey pub = new RSAPublicKey() { public BigInteger getModulus() { return new BigInteger(1, Util.hexFromString(N)); } public BigInteger getPublicExponent() { return new BigInteger(1, Util.hexFromString(E)); } public String getAlgorithm() { return "RSA"; } public String getFormat() { return "RSA"; } public byte[] getEncoded() { return null; } }; RSAPrivateKey priv = new RSAPrivateKey() { public BigInteger getModulus() { return new BigInteger(1, Util.hexFromString(N)); } public BigInteger getPrivateExponent() { return new BigInteger(1, Util.hexFromString(D)); } public String getAlgorithm() { return "RSA"; } public String getFormat() { return "RSA"; } public byte[] getEncoded() { return null; } }; SecureRandom rng = new InsecureRandom(Util.hexFromString(SD)); byte[] pt = Util.hexFromString(PT); Cipher c = Cipher.getInstance(ALG, PROVIDER); c.init(Cipher.ENCRYPT_MODE, pub, rng); byte[] ct = c.doFinal(pt); System.out.println(Util.toString(ct)); c.init(Cipher.DECRYPT_MODE, priv, rng); byte[] pt1 = c.doFinal(ct); System.out.println(Util.toString(pt1)); /* KeyPairGenerator kpg = KeyPairGenerator.getInstance(KALG, PROVIDER); kpg.initialize(SIZE); KeyPair kp = kpg.genKeyPair(); RSAPrivateKey priv = (RSAPrivateKey)kp.getPrivate(); RSAPublicKey pub = (RSAPublicKey)kp.getPublic(); Cipher c = Cipher.getInstance(ALG, PROVIDER); c.init(Cipher.ENCRYPT_MODE, pub); byte[] ct = c.doFinal(PT); passIf(true); */ passIf(true); } } |
|
From: <gel...@mx...> - 2003-02-07 14:58:18
|
gelderen 03/02/07 10:06:24
Modified: jce/src/cryptix.jce.provider.util Util.java
Log:
Add boolean equals(byte[], byte[]).
Revision Changes Path
1.3 +24 -2 projects/jce/src/cryptix.jce.provider.util/Util.java
Index: Util.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.util/Util.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Util.java 18 Nov 2001 02:28:16 -0000 1.2
+++ Util.java 7 Feb 2003 15:06:24 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Id: Util.java,v 1.2 2001/11/18 02:28:16 gelderen Exp $
+/* $Id: Util.java,v 1.3 2003/02/07 15:06:24 gelderen Exp $
*
* Copyright (C) 2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -17,7 +17,7 @@
/**
* Misc utility methods.
*
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
public final class Util
@@ -69,5 +69,27 @@
int res_off = resultByteLen-x_len;
System.arraycopy(x_bytes, x_off, res_bytes, res_off, x_len);
return res_bytes;
+ }
+
+
+ /**
+ * Compare two byte[] for equality. byte[]s are considered equal if they
+ * have the same length and the same contents (same elems, same order).
+ * Additionally, two null arguments compare equal too.
+ */
+ public static boolean equals(byte[] a, byte[] b) {
+
+ if( a==null && b==null ) return true;
+
+ if( a==null ^ b==null ) return false;
+
+ int aLen = a.length;
+ int bLen = b.length;
+ if( aLen != bLen ) return false;
+
+ for(int i=0; i<aLen; i++)
+ if( a[i] != b[i] ) return false;
+
+ return true;
}
}
|
|
From: <gel...@mx...> - 2003-02-07 14:57:48
|
gelderen 03/02/07 10:05:25 Modified: jce/doc README.TXT Log: Various fixes. Revision Changes Path 1.9 +24 -9 projects/jce/doc/README.TXT Index: README.TXT =================================================================== RCS file: /home/cryptix-cvs/cvsroot/projects/jce/doc/README.TXT,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- README.TXT 3 Feb 2003 10:47:11 -0000 1.8 +++ README.TXT 7 Feb 2003 15:05:25 -0000 1.9 @@ -20,8 +20,14 @@ Digital Signatures: - RSASSA-PSS (with MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, SHA-256, - SHA-384, SHA-512 or Tiger) + RSASSA-PSS (with choice of MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, + SHA-256, SHA-384, SHA-512 or Tiger hash algorithms) + + NOTE: The hash function you choose when you instantiate RSASSA-PSS is used + for both message hashing and for the Mask Generation Function (MGF1). + It is presently not possible to use one hash function for message + hashing and another for MGF1. + RSASSA-PKCS1 (with MD4, MD5, RIPEMD-128, RIPEMD-160 or SHA-1) Hash Functions: @@ -40,7 +46,9 @@ Public Key Crypto: - RSASSA-OAEP + RSASSA-OAEP (with choice of MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-1, + SHA-256, SHA-384, SHA-512 or Tiger hash algorithms) + RSASSA-PKCS1 Secure Random Numbers (RNG) @@ -48,6 +56,10 @@ On UNIX systems with the CryptixRandom provider installed, SecureRandom makes use of the system RNG (/dev/random) if present. This is essential because the RNG built into the JVM is slow and possibly not as secure. + + Note that Apple got it right on their port of the 1.3 JVM on OS X. The Apple + port uses /dev/random by default. This functionality can be managed by + changing the securerandom.source property in the java.security file. Symmetric Ciphers: @@ -68,7 +80,7 @@ RC4 yes n/a RC6 NO 128/192/256 128 Rijndael yes 128/192/256 128 Now known as AES - SKIPJACK yes 80 64 + SKIPJACK yes 80 64 Formerly classified. Serpent yes 128/192/256 128 Very high security margin Square yes TripleDES yes 168 64 @@ -80,9 +92,8 @@ Various companies hold various patents for various algorithms in various locations around the world. _YOU_ are responsible for ensuring that your use -of any algorithms is legal by checking if there are any patents in your -country. The file contains some of the patents that we know about or are -rumoured to exist. This is not a definitive list. +of any algorithms is legal by checking if there exist any patents enforcable +in your jurisdiction. The following it a partial list: RSA Security holds software patents on the RC5 algorithm. If you intend to use this cipher, you must contact RSA Security for @@ -106,12 +117,16 @@ JDK 1.4 (Java 2 version 1.4) Cryptix JCE works out-of-the-box on JDK 1.4 but its functionality is - restricted to the what Sun allows trough their Jurisdiction Policy Files. + restricted to what Sun allows trough their Jurisdiction Policy Files. + In practice this means that you are limited to what the French government + allows in terms of key sizes. Why Sun forces the French policy on the + rest of the world, and especially the USA, is an open question. If you require using Cryptix without any restrictions whatsoever, you must have the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" installed. At the time of writing they can be - found at: http://java.sun.com/j2se/1.4/ . + found at: http://java.sun.com/j2se/1.4/ . Installing these is non-trivial + for casual users. JDK 1.2 and JDK 1.3 (Java 2 version 1.2/1.3) |
|
From: <gel...@mx...> - 2003-02-04 18:30:26
|
gelderen 03/02/04 13:38:31
Modified: jce/src/cryptix.jce.provider.cipher Mode.java ModeCBC.java
ModeCFB.java ModeOFB.java
Log:
2) ClassCastException from CoreInit() method of Mode instance when
using RC2 cipher algorithm.
Submitted-By: Kevin Dana <kd...@ag...>
Revision Changes Path
1.18 +52 -18 projects/jce/src/cryptix.jce.provider.cipher/Mode.java
Index: Mode.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/Mode.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- Mode.java 6 Aug 2001 18:06:50 -0000 1.17
+++ Mode.java 4 Feb 2003 18:38:31 -0000 1.18
@@ -1,4 +1,4 @@
-/* $Id: Mode.java,v 1.17 2001/08/06 18:06:50 edwin Exp $
+/* $Id: Mode.java,v 1.18 2003/02/04 18:38:31 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -16,6 +16,10 @@
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.RC2ParameterSpec;
+import javax.crypto.spec.RC5ParameterSpec;
+
/**
* <p>
@@ -45,9 +49,10 @@
*
* @author Jeroen C. van Gelderen (gel...@cr...)
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.17 $
+ * @author Kevin Dana, Agorics Inc. (Agorics mod: 16164)
+ * @version $Revision: 1.18 $
*/
-abstract class Mode
+/*package*/ abstract class Mode
{
/** Underlying block cipher */
protected final BlockCipher cipher;
@@ -65,13 +70,13 @@
protected int bufCount;
- Mode(BlockCipher cipher) {
+ /*package*/ Mode(BlockCipher cipher) {
this.cipher = cipher;
CIPHER_BLOCK_SIZE = cipher.coreGetBlockSize();
}
- static Mode getInstance(String mode, BlockCipher cipher)
+ /*package*/ static Mode getInstance(String mode, BlockCipher cipher)
throws NoSuchAlgorithmException
{
try {
@@ -101,8 +106,9 @@
}
- void init(boolean decrypt, Key key, AlgorithmParameterSpec params,
- SecureRandom random)
+ /*package*/ void init(boolean decrypt, Key key,
+ AlgorithmParameterSpec params,
+ SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
this.decrypt = decrypt;
@@ -110,44 +116,72 @@
}
- final byte[] getIV() {
+ /*package*/ final byte[] getIV() {
return coreGetIV();
}
- final AlgorithmParameterSpec getParamSpec() {
+ /*package*/ final AlgorithmParameterSpec getParamSpec() {
return coreGetParamSpec();
}
- final int getOutputSize(int inputLen) {
+
+ /*package*/ final int getOutputSize(int inputLen) {
return coreGetOutputSize(inputLen);
}
- final int getBlockSize() {
+ /*package*/ final int getBlockSize() {
return CIPHER_BLOCK_SIZE;
}
- final int update(byte[] input, int inputOffset, int inputLen,
- byte[] output, int outputOffset) {
+ /*package*/ final int update(byte[] input, int inputOffset, int inputLen,
+ byte[] output, int outputOffset) {
return coreUpdate(input, inputOffset, inputLen, output, outputOffset);
}
- final int getBufSize() {
+ /*package*/ final int getBufSize() {
return bufCount;
- }
-
+ }
- protected byte [] generateIV() {
+ protected byte [] generateIV() {
byte [] b = new byte[CIPHER_BLOCK_SIZE];
SecureRandom sr = new SecureRandom();
sr.nextBytes(b);
return b;
- }
+ }
+
+ protected final byte[] extractIV(AlgorithmParameterSpec params)
+ throws InvalidAlgorithmParameterException
+ {
+ /*
+ * -- AlgorithmParameterSpec is a blank interface
+ * and the Java JCE does not provide a common superinterface
+ * for AlgorithmParameterSpec subclasses that provide
+ * initialization vector (IV) byte arrays,
+ * so test for each known type that has a "getIV()" method
+ *
+ * -- The current API creates a combinatorial explosion. The JCE
+ * API should be amended with a composite AlgorithmParameterSpec
+ * class so that the getIV functionality doesn't have to be
+ * replicated in each ParameterSpec.
+ */
+ if (params instanceof IvParameterSpec) {
+ return ((IvParameterSpec)params).getIV();
+ } else if (params instanceof RC2ParameterSpec) {
+ return ((RC2ParameterSpec)params).getIV();
+ } else if (params instanceof RC5ParameterSpec) {
+ return ((RC5ParameterSpec)params).getIV();
+ } else {
+ throw new InvalidAlgorithmParameterException(
+ "Don't know how to get an IV from a " +
+ params.getClass().getName());
+ }
+ }
// Abstract methods
//............................................................................
1.13 +7 -10 projects/jce/src/cryptix.jce.provider.cipher/ModeCBC.java
Index: ModeCBC.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/ModeCBC.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- ModeCBC.java 6 Aug 2001 18:06:50 -0000 1.12
+++ ModeCBC.java 4 Feb 2003 18:38:31 -0000 1.13
@@ -1,4 +1,4 @@
-/* $Id: ModeCBC.java,v 1.12 2001/08/06 18:06:50 edwin Exp $
+/* $Id: ModeCBC.java,v 1.13 2003/02/04 18:38:31 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -22,13 +22,14 @@
*
* @author Jeroen C. van Gelderen (gel...@cr...)
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.12 $
+ * @author Kevin Dana, Agorics Inc. (Agorics mod: 16164)
+ * @version $Revision: 1.13 $
*/
final class ModeCBC extends Mode
{
/** buffers incomplete blocks */
- private final byte[] buf; // we count the buffer with bufCount from Mode.java
+ private final byte[] buf; // we count the buf with bufCount from Mode.java
/** previous ciphertext block (during decryption only) */
@@ -54,21 +55,17 @@
final void coreInit(boolean decrypt, Key key, AlgorithmParameterSpec params,
- SecureRandom random)
+ SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
cipher.coreInit(key, decrypt);
+ // set IV
+ IV = extractIV(params);
if(decrypt) {
- // set IV
- IvParameterSpec iv = (IvParameterSpec)params;
- IV = iv.getIV();
System.arraycopy(IV, 0, prevBlock, 0, CIPHER_BLOCK_SIZE);
bufCount = 0;
} else {
- // set IV
- IvParameterSpec iv = (IvParameterSpec)params;
- IV = iv.getIV();
System.arraycopy(IV, 0, buf, 0, CIPHER_BLOCK_SIZE);
bufCount = 0;
}
1.5 +5 -5 projects/jce/src/cryptix.jce.provider.cipher/ModeCFB.java
Index: ModeCFB.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/ModeCFB.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ModeCFB.java 6 Aug 2001 18:06:50 -0000 1.4
+++ ModeCFB.java 4 Feb 2003 18:38:31 -0000 1.5
@@ -1,4 +1,4 @@
-/* $Id: ModeCFB.java,v 1.4 2001/08/06 18:06:50 edwin Exp $
+/* $Id: ModeCFB.java,v 1.5 2003/02/04 18:38:31 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -21,7 +21,8 @@
/**
* @author Jeroen C. van Gelderen (gel...@cr...)
- * @version $Revision: 1.4 $
+ * @author Kevin Dana, Agorics Inc. (Agorics mod: 16164)
+ * @version $Revision: 1.5 $
*/
/*package*/ class ModeCFB extends Mode {
@@ -157,7 +158,7 @@
void coreInit(boolean decrypt, Key key, AlgorithmParameterSpec params,
- SecureRandom random)
+ SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
// always use cipher in encrypt mode
@@ -166,8 +167,7 @@
this.decrypt = decrypt;
// set IV
- IvParameterSpec iv = (IvParameterSpec)params;
- iVec = iv.getIV();
+ iVec = extractIV(params);
int iVecLen = iVec.length;
if(iVecLen != CIPHER_BLOCK_SIZE)
throw new InvalidAlgorithmParameterException(
1.13 +4 -4 projects/jce/src/cryptix.jce.provider.cipher/ModeOFB.java
Index: ModeOFB.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.cipher/ModeOFB.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- ModeOFB.java 6 Aug 2001 18:06:50 -0000 1.12
+++ ModeOFB.java 4 Feb 2003 18:38:31 -0000 1.13
@@ -1,4 +1,4 @@
-/* $Id: ModeOFB.java,v 1.12 2001/08/06 18:06:50 edwin Exp $
+/* $Id: ModeOFB.java,v 1.13 2003/02/04 18:38:31 gelderen Exp $
*
* Copyright (C) 1995-2000 The Cryptix Foundation Limited.
* All rights reserved.
@@ -23,7 +23,8 @@
*
* @author Jeroen C. van Gelderen (gel...@cr...)
* @author Paul Waserbrot (pw...@cr...)
- * @version $Revision: 1.12 $
+ * @author Kevin Dana, Agorics Inc. (Agorics mod: 16164)
+ * @version $Revision: 1.13 $
*/
final class ModeOFB extends Mode
@@ -60,8 +61,7 @@
cipher.coreInit(key, false);
// set IV and crypt once to generate initial key stream bytes
- IvParameterSpec iv = (IvParameterSpec)params;
- IV = iv.getIV();
+ IV = extractIV(params);
System.arraycopy(IV, 0, keyStreamBuf, 0, CIPHER_BLOCK_SIZE);
cipher.coreCrypt(keyStreamBuf, 0, keyStreamBuf, 0);
keyStreamBufOffset = 0;
|
|
From: <gel...@mx...> - 2003-02-04 18:28:45
|
gelderen 03/02/04 13:36:50
Modified: jce/src/cryptix.jce.provider.key RawKeyGenerator.java
Log:
1) IllegalStateException from RawKeyGenerator.engineGenerateKey()
when trying to generate a SecretKey with the default length.
Submitted-By: Kevin Dana <kd...@ag...>
Revision Changes Path
1.8 +3 -3 projects/jce/src/cryptix.jce.provider.key/RawKeyGenerator.java
Index: RawKeyGenerator.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/jce/src/cryptix.jce.provider.key/RawKeyGenerator.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- RawKeyGenerator.java 31 Jul 2000 00:55:45 -0000 1.7
+++ RawKeyGenerator.java 4 Feb 2003 18:36:50 -0000 1.8
@@ -1,4 +1,4 @@
-/* $Id: RawKeyGenerator.java,v 1.7 2000/07/31 00:55:45 gelderen Exp $
+/* $Id: RawKeyGenerator.java,v 1.8 2003/02/04 18:36:50 gelderen Exp $
*
* Copyright (C) 1995-1999 The Cryptix Foundation Limited.
* All rights reserved.
@@ -21,7 +21,7 @@
/**
*
- * @version $Revision: 1.7 $
+ * @version $Revision: 1.8 $
* @author Jeroen C. van Gelderen (gel...@cr...)
*/
abstract class RawKeyGenerator extends KeyGeneratorSpi
@@ -70,7 +70,7 @@
protected SecretKey engineGenerateKey()
{
if(random==null)
- throw new IllegalStateException("KeyGenerator not initialized.");
+ random = new SecureRandom();
byte[] keyBytes = new byte[(strengthToBits(this.keySize)+7)/8];
do {
|
|
From: <ed...@mx...> - 2003-02-04 14:26:24
|
edwin 03/02/04 09:34:29
Modified: openpgp/src/cryptix/openpgp/algorithm
PGPAlgorithmFactory.java
Log:
Fix SHA1 identifier to the correct value.
(Thi value only worked with cryptix JCE)
Revision Changes Path
1.19 +2 -2 projects/openpgp/src/cryptix/openpgp/algorithm/PGPAlgorithmFactory.java
Index: PGPAlgorithmFactory.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/algorithm/PGPAlgorithmFactory.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- PGPAlgorithmFactory.java 31 Jan 2003 00:52:24 -0000 1.18
+++ PGPAlgorithmFactory.java 4 Feb 2003 14:34:29 -0000 1.19
@@ -1,4 +1,4 @@
-/* $Id: PGPAlgorithmFactory.java,v 1.18 2003/01/31 00:52:24 edwin Exp $
+/* $Id: PGPAlgorithmFactory.java,v 1.19 2003/02/04 14:34:29 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -123,7 +123,7 @@
private static final int[] defaultHashIDs = {
1, 2, 3, 4, 5, 6, 7 };
private static final String[] defaultHashStrings = {
- "MD5", "SHA-1", "RIPEMD160", "DW SHA", "MD2", "Tiger", "HAVAL" };
+ "MD5", "SHA1", "RIPEMD160", "DW SHA", "MD2", "Tiger", "HAVAL" };
private static final String[] defaultHashTextNames = {
"MD5", "SHA1", "RIPEMD160", null, "MD2", "TIGER192", "HAVAL-5-160" };
|
|
From: <ed...@mx...> - 2003-02-04 13:16:53
|
edwin 03/02/04 08:25:00 Modified: openpgp CHANGELOG.TXT Log: Changes. Revision Changes Path 1.15 +3 -0 projects/openpgp/CHANGELOG.TXT Index: CHANGELOG.TXT =================================================================== RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- CHANGELOG.TXT 3 Feb 2003 15:04:00 -0000 1.14 +++ CHANGELOG.TXT 4 Feb 2003 13:25:00 -0000 1.15 @@ -3,6 +3,9 @@ methods for certificates. New additions are: the ability to check if a certificate is self signed and the ability to verify the cert with a keybundle. +- Fix a few errors related to reading properties of a PGPCertificate. +- Fix decoding armoured data when it is surrounded by other data. +- Make the dashprotect methods in PGPArmoury public. 20030131 snapshot - Added support for encryption with keys without subkeys (like legacy RSA keys). |
|
From: <ed...@mx...> - 2003-02-04 13:15:25
|
edwin 03/02/04 08:23:31
Modified: openpgp/src/cryptix/openpgp/util PGPArmoury.java
Log:
Make dashprotect methods public.
Revision Changes Path
1.21 +4 -4 projects/openpgp/src/cryptix/openpgp/util/PGPArmoury.java
Index: PGPArmoury.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/util/PGPArmoury.java,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- PGPArmoury.java 30 Jan 2003 13:11:38 -0000 1.20
+++ PGPArmoury.java 4 Feb 2003 13:23:30 -0000 1.21
@@ -1,4 +1,4 @@
-/* $Id: PGPArmoury.java,v 1.20 2003/01/30 13:11:38 edwin Exp $
+/* $Id: PGPArmoury.java,v 1.21 2003/02/04 13:23:30 edwin Exp $
*
* Copyright (C) 1995-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -26,7 +26,7 @@
/**
* Methods for armouring and dearmouring of messages and other objects.
*
- * @version $Revision: 1.20 $
+ * @version $Revision: 1.21 $
* @author Jill Baker
* @author Ian Brown
* @author Gary Howland
@@ -472,7 +472,7 @@
* @param s text to be encoded
* @return dash-proteced text
*/
- static String dashProtect(String s)
+ public static String dashProtect(String s)
{
int startPos = 0;
int len = s.length();
@@ -501,7 +501,7 @@
* @param s dash-proteced text to be decoded
* @return text with dash-protection removed
*/
- static String undashProtect(String s)
+ public static String undashProtect(String s)
{
int startPos = (s.startsWith("- ")) ? 2 : 0;
int len = s.length();
|
|
From: <ed...@mx...> - 2003-02-04 13:14:50
|
edwin 03/02/04 08:22:56
Modified: openpgp/src/cryptix/openpgp/provider PGPMessageFactory.java
Log:
Fix errors when parsing armoured data surrounded by other data.
Revision Changes Path
1.3 +18 -8 projects/openpgp/src/cryptix/openpgp/provider/PGPMessageFactory.java
Index: PGPMessageFactory.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPMessageFactory.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- PGPMessageFactory.java 27 Dec 2001 15:01:31 -0000 1.2
+++ PGPMessageFactory.java 4 Feb 2003 13:22:56 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Id: PGPMessageFactory.java,v 1.2 2001/12/27 15:01:31 edwin Exp $
+/* $Id: PGPMessageFactory.java,v 1.3 2003/02/04 13:22:56 edwin Exp $
*
* Copyright (C) 2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -53,7 +53,7 @@
* Service provider interface for MessageFactory
*
* @author Edwin Woudt <ed...@cr...>
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public class PGPMessageFactory extends MessageFactorySpi {
@@ -88,20 +88,26 @@
PGPArmoury armoury;
Vector result = new Vector();
- while (br.ready()) {
+ String line = br.readLine();
- String line = br.readLine();
- buf.append(line);
- buf.append(CRLF);
+ while (br.ready()) {
- if ((line.startsWith("-----BEGIN")) && (br.ready())) {
+ if (line.startsWith("-----BEGIN")) {
+ buf.append(line);
+ buf.append(CRLF);
+
while (! line.startsWith("-----END")) {
line = br.readLine();
buf.append(line);
buf.append(CRLF);
}
+
+ if (br.ready())
+ line = br.readLine();
+ else
+ line = "";
try {
@@ -156,15 +162,19 @@
while ((! line.startsWith("-----BEGIN")) && (br.ready())) {
- line = br.readLine();
buf.append(line);
buf.append(CRLF);
+ line = br.readLine();
}
PGPLiteralDataPacket ldp = new PGPLiteralDataPacket();
ldp.setData(buf.toString());
PGPLiteralMessageImpl lm = new PGPLiteralMessageImpl(ldp);
+
+ result.add(lm);
}
+
+ buf = new StringBuffer();
}
return result;
|
