diff --git a/mozilla/security/jss/build_java.pl b/mozilla/security/jss/build_java.pl index c2591f02d2b..469d2390726 100644 --- a/mozilla/security/jss/build_java.pl +++ b/mozilla/security/jss/build_java.pl @@ -6,7 +6,6 @@ use File::stat; use File::Copy; @excluded_sources = qw( -Debug_.*\.java provider\.new/ org/mozilla/jss/provider/java/security/KeyFactorySpi1_4\.java org/mozilla/jss/pkix/cert/X509Certificate\.java @@ -104,12 +103,12 @@ sub setup_vars { $class_dir = "$dist_dir/classes"; $class_release_dir .= "/$cmdline_vars{SOURCE_RELEASE_CLASSES_DIR}"; $javac_opt_flag = "-O"; - $debug_source_file = "org/mozilla/jss/util/Debug_ship.java"; + $debug_source_file = "org/mozilla/jss/util/Debug_ship.jnot"; } else { $class_dir = "$dist_dir/classes_DBG"; $class_release_dir .= "/$cmdline_vars{SOURCE_RELEASE_CLASSES_DBG_DIR}"; $javac_opt_flag = "-g"; - $debug_source_file = "org/mozilla/jss/util/Debug_debug.java"; + $debug_source_file = "org/mozilla/jss/util/Debug_debug.jnot"; } $jni_header_dir = "$dist_dir/private/jss/_jni"; diff --git a/mozilla/security/jss/org/mozilla/jss/JSSProvider.java b/mozilla/security/jss/org/mozilla/jss/JSSProvider.java index 8f2b0af2bb3..53277fffb22 100644 --- a/mozilla/security/jss/org/mozilla/jss/JSSProvider.java +++ b/mozilla/security/jss/org/mozilla/jss/JSSProvider.java @@ -60,6 +60,7 @@ public final class JSSProvider extends java.security.Provider { "org.mozilla.jss.provider.java.security.JSSSignatureSpi$SHA1RSA"); put("Alg.Alias.Signature.SHA1/RSA", "SHA-1/RSA"); + put("Alg.Alias.Signature.SHA1withRSA", "SHA-1/RSA"); ///////////////////////////////////////////////////////////// // Message Digesting diff --git a/mozilla/security/jss/org/mozilla/jss/asn1/SEQUENCE.java b/mozilla/security/jss/org/mozilla/jss/asn1/SEQUENCE.java index 3f7bb49cf3d..8ac43123f04 100644 --- a/mozilla/security/jss/org/mozilla/jss/asn1/SEQUENCE.java +++ b/mozilla/security/jss/org/mozilla/jss/asn1/SEQUENCE.java @@ -422,7 +422,8 @@ public static class Template implements ASN1Template { } if( remainingContent > 0 ) { - throw new InvalidBERException("SEQUENCE is longer than expected "+remainingContent+" expected"); + throw new InvalidBERException("SEQUENCE is " + remainingContent + + " bytes shorter than expected"); } Assert._assert( remainingContent == 0 || remainingContent == -1 ); diff --git a/mozilla/security/jss/org/mozilla/jss/tests/KeyFactoryTest.java b/mozilla/security/jss/org/mozilla/jss/tests/KeyFactoryTest.java new file mode 100644 index 00000000000..c99fd4703f7 --- /dev/null +++ b/mozilla/security/jss/org/mozilla/jss/tests/KeyFactoryTest.java @@ -0,0 +1,198 @@ +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is Netscape Security Services for Java. + * + * The Initial Developer of the Original Code is + * Netscape Communications Corporation. + * Portions created by the Initial Developer are Copyright (C) 2002 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ + +package org.mozilla.jss.tests; + +import java.security.*; +import java.security.spec.*; +import org.mozilla.jss.CryptoManager; +import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.util.ConsolePasswordCallback; +import java.util.Iterator; + +abstract class TestValues { + protected TestValues(String keyGenAlg, String sigAlg, Class keySpecClass, + String provider) + { + this.keyGenAlg = keyGenAlg; + this.sigAlg = sigAlg; + this.keySpecClass = keySpecClass; + this.provider = provider; + } + + public final String keyGenAlg; + public final String sigAlg; + public final Class keySpecClass; + public final String provider; +} + +class RSATestValues extends TestValues { + public RSATestValues() { + super("RSA", "SHA1withRSA", RSAPublicKeySpec.class, "SunRsaSign"); + } +} + +class DSATestValues extends TestValues { + public DSATestValues() { + super("DSA", "SHA1withDSA", DSAPublicKeySpec.class, "SUN"); + } +} + +public class KeyFactoryTest { + + public static void main(String argv[]) { + try { + + if( argv.length < 1 ) { + System.out.println("Usage: java KeyFactoryTest \n"); + System.exit(1); + } + CryptoManager.initialize(argv[0]); + CryptoToken tok = CryptoManager.getInstance().getInternalKeyStorageToken(); + tok.login( new ConsolePasswordCallback() ); + Provider []provs = Security.getProviders(); + for( int i=0; i < provs.length; ++i) { + System.out.println("======"); + System.out.println(provs[i].getName()); + provs[i].list(System.out); + System.out.println("======"); + } + + (new KeyFactoryTest()).doTest(); + + System.exit(0); + } catch(Throwable e) { + e.printStackTrace(); + System.exit(1); + } + } + + public void doTest() throws Throwable { + + // + // Generate private key from spec + // + genPrivKeyFromSpec(); + + // + // Generate public key from spec + // + genPubKeyFromSpec(new RSATestValues()); + genPubKeyFromSpec(new DSATestValues()); + + // + // Generate spec from private key + // + + // + // Generate spec from public key + // + + // + // translate key + // + } + + public void genPrivKeyFromSpec() throws Throwable { + + // generate the key pair + KeyPairGenerator kpg = + KeyPairGenerator.getInstance("RSA", "SunRsaSign"); + kpg.initialize(512); + KeyPair pair = kpg.generateKeyPair(); + + // get the private key spec + KeyFactory sunFact = KeyFactory.getInstance("RSA", "SunRsaSign"); + RSAPrivateKeySpec keySpec = (RSAPrivateKeySpec) + sunFact.getKeySpec(pair.getPrivate(), RSAPrivateCrtKeySpec.class); + + // import it into JSS + KeyFactory jssFact = KeyFactory.getInstance("RSA", + "Mozilla-JSS"); + PrivateKey jssPrivk = jssFact.generatePrivate(keySpec); + + signVerify("SHA1withRSA", jssPrivk, "Mozilla-JSS", + pair.getPublic(), "SunRsaSign"); + + System.out.println("Successfully generated a " + "RSA" + + " private key from a " + "RSAPrivatKeySpec"); + } + + public void signVerify(String sigAlg, PrivateKey privk, String signProv, + PublicKey pubk, String verifyProv) throws Throwable + { + Signature signSig = Signature.getInstance(sigAlg, signProv); + signSig.initSign(privk); + String toBeSigned = "blah blah blah sign me"; + signSig.update(toBeSigned.getBytes("UTF-8")); + byte[] signature = signSig.sign(); + + Signature verSig = Signature.getInstance(sigAlg, verifyProv); + verSig.initVerify(pubk); + verSig.update(toBeSigned.getBytes("UTF-8")); + if( ! verSig.verify(signature) ) { + throw new Exception( + "Private/public key mismatch: signing alg=" + sigAlg + + ", signing provider=" + signProv + ", verifying provider = " + + verifyProv); + } + } + + public void genPubKeyFromSpec(TestValues vals) throws Throwable { + // generate a key pair + KeyPairGenerator kpg = KeyPairGenerator.getInstance(vals.keyGenAlg, + vals.provider); + kpg.initialize(512); + KeyPair pair = kpg.generateKeyPair(); + + // get the public key spec + KeyFactory sunFact = KeyFactory.getInstance(vals.keyGenAlg, + vals.provider); + KeySpec keySpec = + sunFact.getKeySpec(pair.getPublic(), vals.keySpecClass); + + // import it into JSS + KeyFactory jssFact = KeyFactory.getInstance(vals.keyGenAlg, + "Mozilla-JSS"); + PublicKey jssPubk = jssFact.generatePublic(keySpec); + + signVerify(vals.sigAlg, pair.getPrivate(), vals.provider, + jssPubk, "Mozilla-JSS"); + + System.out.println("Successfully generated a " + vals.keyGenAlg + + " public key from a " + vals.keySpecClass.getName()); + } +} diff --git a/mozilla/security/jss/org/mozilla/jss/tests/TestKeyGen.java b/mozilla/security/jss/org/mozilla/jss/tests/TestKeyGen.java index b3e3b3753b2..2ee0e7fdb58 100644 --- a/mozilla/security/jss/org/mozilla/jss/tests/TestKeyGen.java +++ b/mozilla/security/jss/org/mozilla/jss/tests/TestKeyGen.java @@ -31,10 +31,6 @@ * GPL. */ -/* This file demonstrates the use of JSS api to generate RSA and - * DSA keys. The key pairs are stored in key3.db - */ - /** * Note: when this program is run, it must have a key3.db WITH A PASSWORD * SET in the directory specified by the argument. The first time the @@ -56,6 +52,7 @@ import org.mozilla.jss.pkcs11.*; import org.mozilla.jss.util.*; import org.mozilla.jss.crypto.*; import org.mozilla.jss.*; +import org.mozilla.jss.pkcs11.PK11KeyPairGenerator; import java.io.*; import java.awt.*; import java.security.cert.*; @@ -77,12 +74,8 @@ public class TestKeyGen { return; } - CryptoManager.InitializationValues vals = new - CryptoManager.InitializationValues( args[0] ); - CryptoManager.initialize(vals); + CryptoManager.initialize(args[0]); manager = CryptoManager.getInstance(); - manager.setPasswordCallback( - new Password( "netscape".toCharArray() )); java.util.Enumeration tokens = manager.getTokensSupportingAlgorithm(KeyPairAlgorithm.RSA); @@ -147,12 +140,12 @@ public class TestKeyGen { System.out.println("G: "+dsaParams.getG()); System.out.println("Y: "+dsaPubKey.getY()); - // 1024-bit DSA - kpg.initialize(1024); + // 1024-bit DSA, passing in PQG params + kpg.initialize(PK11KeyPairGenerator.PQG1024); keyPair = kpg.genKeyPair(); Assert._assert( keyPair.getPublic() instanceof DSAPublicKey); dsaPubKey = (DSAPublicKey) keyPair.getPublic(); - System.out.println("Generated 1024-bit DSA KeyPair!"); + System.out.println("Generated 1024-bit DSA KeyPair with PQG params!"); dsaParams = dsaPubKey.getParams(); System.out.println("P: "+dsaParams.getP()); System.out.println("Q: "+dsaParams.getQ()); diff --git a/mozilla/security/jss/org/mozilla/jss/util/Debug_debug.java b/mozilla/security/jss/org/mozilla/jss/util/Debug_debug.jnot similarity index 94% rename from mozilla/security/jss/org/mozilla/jss/util/Debug_debug.java rename to mozilla/security/jss/org/mozilla/jss/util/Debug_debug.jnot index c27f59598af..3eb656494e3 100644 --- a/mozilla/security/jss/org/mozilla/jss/util/Debug_debug.java +++ b/mozilla/security/jss/org/mozilla/jss/util/Debug_debug.jnot @@ -34,12 +34,10 @@ /********************************************************************** * --------------------------- W A R N I N G -------------------------- * - * This file is the same as Debug_ship.java, except the static final + * This file is the same as Debug_ship.jnot, except the static final * constants have been set to enable debugging and tracing. You must - * double-edit any changes in this file into Debug_ship.java, and + * double-edit any changes in this file into Debug_ship.jnot, and * vice-versa. - * See debug_tweak.mk for how one of these two files is copied into - * Debug.java during the build. **********************************************************************/ package org.mozilla.jss.util; @@ -49,7 +47,7 @@ package org.mozilla.jss.util; * trace statements to standard output. * * @see org.mozilla.jss.util.Assert - * @version $Revision: 1.2 $ $Date: 2000-12-19 06:18:56 $ + * @version $Revision: 1.1 $ $Date: 2002-05-23 18:29:03 $ */ public class Debug { diff --git a/mozilla/security/jss/org/mozilla/jss/util/Debug_ship.java b/mozilla/security/jss/org/mozilla/jss/util/Debug_ship.jnot similarity index 94% rename from mozilla/security/jss/org/mozilla/jss/util/Debug_ship.java rename to mozilla/security/jss/org/mozilla/jss/util/Debug_ship.jnot index cdcb4039ae3..fbe782a5a55 100644 --- a/mozilla/security/jss/org/mozilla/jss/util/Debug_ship.java +++ b/mozilla/security/jss/org/mozilla/jss/util/Debug_ship.jnot @@ -34,12 +34,10 @@ /********************************************************************** * --------------------------- W A R N I N G -------------------------- * - * This file is the same as Debug_debug.java, except the static final + * This file is the same as Debug_debug.jnot, except the static final * constants have been set to disable debugging and tracing. You must - * double-edit any changes in this file into Debug_debug.java, and + * double-edit any changes in this file into Debug_debug.jnot, and * vice-versa. - * See debug_tweak.mk for how one of these two files is copied into - * Debug.java during the build. **********************************************************************/ @@ -50,7 +48,7 @@ package org.mozilla.jss.util; * trace statements to standard output. * * @see org.mozilla.jss.util.Assert - * @version $Revision: 1.2 $ $Date: 2000-12-19 06:18:56 $ + * @version $Revision: 1.1 $ $Date: 2002-05-23 18:29:04 $ */ public class Debug { diff --git a/mozilla/security/jss/org/mozilla/jss/util/Makefile b/mozilla/security/jss/org/mozilla/jss/util/Makefile index 68815077e65..39cff0155c7 100644 --- a/mozilla/security/jss/org/mozilla/jss/util/Makefile +++ b/mozilla/security/jss/org/mozilla/jss/util/Makefile @@ -62,8 +62,6 @@ ALL_TRASH += Debug.java # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### -include debug_tweak.mk - include $(CORE_DEPTH)/coreconf/rules.mk ####################################################################### diff --git a/mozilla/security/jss/org/mozilla/jss/util/debug_tweak.mk b/mozilla/security/jss/org/mozilla/jss/util/debug_tweak.mk deleted file mode 100644 index 6e58e7598c6..00000000000 --- a/mozilla/security/jss/org/mozilla/jss/util/debug_tweak.mk +++ /dev/null @@ -1,59 +0,0 @@ - -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape Security Services for Java. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# Since Java doesn't support preprocessing, we need to make two versions -# of Debug.java: one has debugging enabled, the other has debugging -# disabled. Since the class is called Debug, the file must be called -# Debug.java. So we actually have two versions of the file, and we -# copy one of them to Debug.java depending on whether we are building -# debuggable or not. A hack, to be sure, and I'm open to better ideas. -# (nicolson) - -ifdef BUILD_OPT - JSS_DEBUG_SOURCE_FILE = Debug_ship.java -else - JSS_DEBUG_SOURCE_FILE = Debug_debug.java -endif - -# Since we're introducing new rules before the global rules.mk, we will -# wipe out the default rule. So put this here to keep "all" the default. -jss_util_all: all - -export:: - @echo "Copying $(JSS_DEBUG_SOURCE_FILE) to Debug.java" - cp $(JSS_DEBUG_SOURCE_FILE) Debug.java - chmod 0644 Debug.java - -clean:: - rm -f Debug.java