geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ke...@apache.org
Subject svn commit: r617610 [12/13] - in /geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto: ./ asn1/ asn1/cryptopro/ asn1/misc/ asn1/oiw/ asn1/pkcs/ asn1/sec/ asn1/util/ asn1/x509/ asn1/x9/ crypto/ crypto/digests...
Date Fri, 01 Feb 2008 19:02:36 GMT
Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,428 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Hashtable;
+
+import javax.security.auth.x500.X500Principal;
+
+import org.apache.geronimo.crypto.asn1.ASN1InputStream;
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.ASN1Set;
+import org.apache.geronimo.crypto.asn1.DERBitString;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
+import org.apache.geronimo.crypto.asn1.pkcs.CertificationRequest;
+import org.apache.geronimo.crypto.asn1.pkcs.CertificationRequestInfo;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
+import org.apache.geronimo.crypto.asn1.x509.X509Name;
+import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
+
+/**
+ * A class for verifying and creating PKCS10 Certification requests.
+ * <pre>
+ * CertificationRequest ::= SEQUENCE {
+ *   certificationRequestInfo  CertificationRequestInfo,
+ *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+ *   signature                 BIT STRING
+ * }
+ *
+ * CertificationRequestInfo ::= SEQUENCE {
+ *   version             INTEGER { v1(0) } (v1,...),
+ *   subject             Name,
+ *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+ *   attributes          [0] Attributes{{ CRIAttributes }}
+ *  }
+ *
+ *  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
+ *
+ *  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
+ *    type    ATTRIBUTE.&id({IOSet}),
+ *    values  SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
+ *  }
+ * </pre>
+ */
+public class PKCS10CertificationRequest
+    extends CertificationRequest
+{
+    private static Hashtable            algorithms = new Hashtable();
+    private static Hashtable            oids = new Hashtable();
+
+    static
+    {
+        algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2"));
+        algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2"));
+        algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.1"));
+        algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("RIPEMD160WITHRSAENCRYPTION", new DERObjectIdentifier("1.3.36.3.3.1.2"));
+        algorithms.put("RIPEMD160WITHRSA", new DERObjectIdentifier("1.3.36.3.3.1.2"));
+        algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
+        algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
+
+        //
+        // reverse mappings
+        //
+        oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
+
+        oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
+        oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.1"), "MD5WIDHRSA");
+        oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "DSAWITHSHA1");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "DSAWITHSHA1");
+    }
+
+    private static ASN1Sequence toDERSequence(
+        byte[]  bytes)
+    {
+        try
+        {
+            ByteArrayInputStream    bIn = new ByteArrayInputStream(bytes);
+            ASN1InputStream         dIn = new ASN1InputStream(bIn);
+
+            return (ASN1Sequence)dIn.readObject();
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("badly encoded request", e);
+        }
+    }
+
+    /**
+     * construct a PKCS10 certification request from a DER encoded
+     * byte stream.
+     */
+    public PKCS10CertificationRequest(
+        byte[]  bytes)
+    {
+        super(toDERSequence(bytes));
+    }
+
+    public PKCS10CertificationRequest(
+        ASN1Sequence  sequence)
+    {
+        super(sequence);
+    }
+
+    /**
+     * create a PKCS10 certfication request using the BC provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X509Name            subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, subject, key, attributes, signingKey, null);
+    }
+
+    private static X509Name convertName(
+        X500Principal	name)
+    {
+        try
+        {
+            return new X509Principal(name.getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't convert name", e);
+        }
+    }
+
+    /**
+     * create a PKCS10 certfication request using the BC provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X500Principal       subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, null);
+    }
+
+    /**
+     * create a PKCS10 certfication request using the named provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X500Principal       subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey,
+        String              provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, provider);
+    }
+
+    /**
+     * create a PKCS10 certfication request using the named provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X509Name            subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey,
+        String              provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        DERObjectIdentifier sigOID = (DERObjectIdentifier)algorithms.get(signatureAlgorithm.toUpperCase());
+
+        if (sigOID == null)
+        {
+            throw new IllegalArgumentException("Unknown signature type requested");
+        }
+
+        if (subject == null)
+        {
+            throw new IllegalArgumentException("subject must not be null");
+        }
+
+        if (key == null)
+        {
+            throw new IllegalArgumentException("public key must not be null");
+        }
+
+        this.sigAlgId = new AlgorithmIdentifier(sigOID, null);
+
+        byte[]                  bytes = key.getEncoded();
+        ByteArrayInputStream    bIn = new ByteArrayInputStream(bytes);
+        ASN1InputStream         dIn = new ASN1InputStream(bIn);
+
+        try
+        {
+            this.reqInfo = new CertificationRequestInfo(subject, new SubjectPublicKeyInfo((ASN1Sequence)dIn.readObject()), attributes);
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't encode public key", e);
+        }
+
+        Signature sig = null;
+
+        try
+        {
+            if (provider == null) {
+                sig = Signature.getInstance(sigAlgId.getObjectId().getId());
+            }
+            else {
+                sig = Signature.getInstance(sigAlgId.getObjectId().getId(), provider);
+            }
+        }
+        catch (NoSuchAlgorithmException e)
+        {
+            if (provider == null) {
+                sig = Signature.getInstance(signatureAlgorithm);
+            }
+            else {
+                sig = Signature.getInstance(signatureAlgorithm, provider);
+            }
+        }
+
+        sig.initSign(signingKey);
+
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DEROutputStream         dOut = new DEROutputStream(bOut);
+
+            dOut.writeObject(reqInfo);
+
+            sig.update(bOut.toByteArray());
+        }
+        catch (Exception e)
+        {
+            throw new SecurityException("exception encoding TBS cert request - " + e.getMessage(), e);
+        }
+
+        this.sigBits = new DERBitString(sig.sign());
+    }
+
+    /**
+     * return the public key associated with the certification request -
+     * the public key is created using the BC provider.
+     */
+    public PublicKey getPublicKey()
+        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
+    {
+        return getPublicKey(null);
+    }
+
+    public PublicKey getPublicKey(
+        String  provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException
+    {
+        SubjectPublicKeyInfo    subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
+
+        try
+        {
+            X509EncodedKeySpec      xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getBytes());
+            AlgorithmIdentifier     keyAlg = subjectPKInfo.getAlgorithmId ();
+            try {
+
+                if (provider == null) {
+                    return KeyFactory.getInstance(keyAlg.getObjectId().getId ()).generatePublic(xspec);
+                }
+                else {
+                    return KeyFactory.getInstance(keyAlg.getObjectId().getId (), provider).generatePublic(xspec);
+                }
+
+            } catch (NoSuchAlgorithmException e) {
+                // if we can't resolve this via the OID, just as for the RSA algorithm.  This is all
+                // Geronimo requires anyway.
+                if (provider == null) {
+                    return KeyFactory.getInstance("RSA").generatePublic(xspec);
+                }
+                else {
+                    return KeyFactory.getInstance("RSA", provider).generatePublic(xspec);
+                }
+            }
+        }
+        catch (InvalidKeySpecException e)
+        {
+            throw (InvalidKeyException)new InvalidKeyException("error decoding public key").initCause(e);
+        }
+    }
+
+    /**
+     * verify the request using the BC provider.
+     */
+    public boolean verify()
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        return verify(null);
+    }
+
+    public boolean verify(
+        String provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        Signature   sig = null;
+
+        try
+        {
+            if (provider == null) {
+                sig = Signature.getInstance(sigAlgId.getObjectId().getId());
+            }
+            else {
+                sig = Signature.getInstance(sigAlgId.getObjectId().getId(), provider);
+            }
+        }
+        catch (NoSuchAlgorithmException e)
+        {
+            //
+            // try an alternate
+            //
+            if (oids.get(sigAlgId.getObjectId().getId()) != null)
+            {
+                String  signatureAlgorithm = (String)oids.get(sigAlgId.getObjectId().getId());
+
+                if (provider == null) {
+                    sig = Signature.getInstance(signatureAlgorithm);
+                }
+                else {
+                    sig = Signature.getInstance(signatureAlgorithm, provider);
+                }
+            }
+        }
+
+        sig.initVerify(this.getPublicKey(provider));
+
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DEROutputStream         dOut = new DEROutputStream(bOut);
+
+            dOut.writeObject(reqInfo);
+
+            sig.update(bOut.toByteArray());
+        }
+        catch (Exception e)
+        {
+            throw (SecurityException)new SecurityException("exception encoding TBS cert request - " + e.getMessage()).initCause(e);
+        }
+
+        return sig.verify(sigBits.getBytes());
+    }
+
+    /**
+     * return a DER encoded byte array representing this object
+     */
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+
+        try
+        {
+            dOut.writeObject(this);
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException(e.getMessage(), e);
+        }
+
+        return bOut.toByteArray();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/PKCS10CertificationRequest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,155 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import org.apache.geronimo.crypto.asn1.ASN1InputStream;
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.x509.X509Name;
+
+public class X509Principal
+    extends X509Name
+    implements Principal
+{
+    /**
+     * Constructor from an encoded byte array.
+     */
+    public X509Principal(
+        byte[]  bytes)
+        throws IOException
+    {
+        super((ASN1Sequence)(new ASN1InputStream(new ByteArrayInputStream(bytes)).readObject()));
+    }
+
+    /**
+     * Constructor from an X509Name object.
+     */
+    public X509Principal(
+        X509Name  name)
+    {
+        super((ASN1Sequence)name.getDERObject());
+    }
+
+    /**
+     * constructor from a table of attributes.
+     * <p>
+     * it's is assumed the table contains OID/String pairs.
+     */
+    public X509Principal(
+        Hashtable  attributes)
+    {
+        super(attributes);
+    }
+
+    /**
+     * constructor from a table of attributes and a vector giving the
+     * specific ordering required for encoding or conversion to a string.
+     * <p>
+     * it's is assumed the table contains OID/String pairs.
+     */
+    public X509Principal(
+        Vector      ordering,
+        Hashtable   attributes)
+    {
+        super(ordering, attributes);
+    }
+
+    /**
+     * constructor from a vector of attribute values and a vector of OIDs.
+     */
+    public X509Principal(
+        Vector      oids,
+        Vector      values)
+    {
+        super(oids, values);
+    }
+
+    /**
+     * takes an X509 dir name as a string of the format "C=AU,ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes.
+     */
+    public X509Principal(
+        String  dirName)
+    {
+        super(dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU,ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. If reverse
+     * is false the dir name will be encoded in the order of the (name, value) pairs
+     * presented, otherwise the encoding will start with the last (name, value) pair
+     * and work back.
+     */
+    public X509Principal(
+        boolean reverse,
+        String  dirName)
+    {
+        super(reverse, dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. lookUp
+     * should provide a table of lookups, indexed by lowercase only strings and
+     * yielding a DERObjectIdentifier, other than that OID. and numeric oids
+     * will be processed automatically.
+     * <p>
+     * If reverse is true, create the encoded version of the sequence starting
+     * from the last element in the string.
+     */
+    public X509Principal(
+        boolean     reverse,
+        Hashtable   lookUp,
+        String      dirName)
+    {
+        super(reverse, lookUp, dirName);
+    }
+
+    public String getName()
+    {
+        return this.toString();
+    }
+
+    /**
+     * return a DER encoded byte array representing this object
+     */
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+
+        try
+        {
+            dOut.writeObject(this);
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException(e.getMessage(), e);
+        }
+
+        return bOut.toByteArray();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509Principal.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,289 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.Hashtable;
+
+import org.apache.geronimo.crypto.asn1.ASN1EncodableVector;
+import org.apache.geronimo.crypto.asn1.ASN1InputStream;
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DERBitString;
+import org.apache.geronimo.crypto.asn1.DERInteger;
+import org.apache.geronimo.crypto.asn1.DERNull;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.DERSequence;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
+import org.apache.geronimo.crypto.asn1.x509.TBSCertificateStructure;
+import org.apache.geronimo.crypto.asn1.x509.Time;
+import org.apache.geronimo.crypto.asn1.x509.V1TBSCertificateGenerator;
+import org.apache.geronimo.crypto.asn1.x509.X509CertificateStructure;
+import org.apache.geronimo.crypto.asn1.x509.X509Name;
+import org.apache.geronimo.crypto.jce.provider.X509CertificateObject;
+
+/**
+ * class to produce an X.509 Version 1 certificate.
+ *
+ * @deprecated use the equivalent class in org.apache.geronimo.crypto.x509
+ */
+public class X509V1CertificateGenerator
+{
+    private V1TBSCertificateGenerator   tbsGen;
+    private DERObjectIdentifier         sigOID;
+    private AlgorithmIdentifier         sigAlgId;
+    private String                      signatureAlgorithm;
+
+    private static Hashtable            algorithms = new Hashtable();
+
+    static
+    {
+        algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2"));
+        algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2"));
+        algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("RIPEMD160WITHRSAENCRYPTION", new DERObjectIdentifier("1.3.36.3.3.1.2"));
+        algorithms.put("RIPEMD160WITHRSA", new DERObjectIdentifier("1.3.36.3.3.1.2"));
+        algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("SHA1WITHECDSA", new DERObjectIdentifier("1.2.840.10045.4.1"));
+        algorithms.put("ECDSAWITHSHA1", new DERObjectIdentifier("1.2.840.10045.4.1"));
+    }
+
+    public X509V1CertificateGenerator()
+    {
+        tbsGen = new V1TBSCertificateGenerator();
+    }
+
+    /**
+     * reset the generator
+     */
+    public void reset()
+    {
+        tbsGen = new V1TBSCertificateGenerator();
+    }
+
+    /**
+     * set the serial number for the certificate.
+     */
+    public void setSerialNumber(
+        BigInteger      serialNumber)
+    {
+        tbsGen.setSerialNumber(new DERInteger(serialNumber));
+    }
+
+    /**
+     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+     * certificate.
+     */
+    public void setIssuerDN(
+        X509Name   issuer)
+    {
+        tbsGen.setIssuer(issuer);
+    }
+
+    public void setNotBefore(
+        Date    date)
+    {
+        tbsGen.setStartDate(new Time(date));
+    }
+
+    public void setNotAfter(
+        Date    date)
+    {
+        tbsGen.setEndDate(new Time(date));
+    }
+
+    /**
+     * Set the subject distinguished name. The subject describes the entity associated with the public key.
+     */
+    public void setSubjectDN(
+        X509Name   subject)
+    {
+        tbsGen.setSubject(subject);
+    }
+
+    public void setPublicKey(
+        PublicKey       key)
+    {
+        try
+        {
+            tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
+                                new ByteArrayInputStream(key.getEncoded())).readObject()));
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("unable to process key - " + e.getMessage(), e);
+        }
+    }
+
+    public void setSignatureAlgorithm(
+        String  signatureAlgorithm)
+    {
+        this.signatureAlgorithm = signatureAlgorithm;
+
+        sigOID = (DERObjectIdentifier)algorithms.get(signatureAlgorithm.toUpperCase());
+
+        if (sigOID == null)
+        {
+            throw new IllegalArgumentException("Unknown signature type requested");
+        }
+
+        sigAlgId = new AlgorithmIdentifier(this.sigOID, new DERNull());
+
+        tbsGen.setSignature(sigAlgId);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider "BC".
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, null, null);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw (SecurityException)new SecurityException("JCE provider not installed!").initCause(e);
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider and the passed in source of randomness
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        SecureRandom    random)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, null, random);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw (SecurityException)new SecurityException("JCE provider not installed!").initCause(e);
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        return generateX509Certificate(key, provider, null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider,
+        SecureRandom    random)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        Signature sig = null;
+
+        try
+        {
+            if (provider == null) {
+                sig = Signature.getInstance(sigOID.getId());
+            }
+            else {
+                sig = Signature.getInstance(sigOID.getId(), provider);
+            }
+        }
+        catch (NoSuchAlgorithmException ex)
+        {
+            try
+            {
+                if (provider == null) {
+                    sig = Signature.getInstance(signatureAlgorithm);
+                }
+                else {
+                    sig = Signature.getInstance(signatureAlgorithm, provider);
+                }
+            }
+            catch (NoSuchAlgorithmException e)
+            {
+                throw (SecurityException)new SecurityException("exception creating signature: " + e.getMessage()).initCause(e);
+            }
+        }
+
+        if (random != null)
+        {
+            sig.initSign(key, random);
+        }
+        else
+        {
+            sig.initSign(key);
+        }
+
+        TBSCertificateStructure tbsCert = tbsGen.generateTBSCertificate();
+
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DEROutputStream         dOut = new DEROutputStream(bOut);
+
+            dOut.writeObject(tbsCert);
+
+            sig.update(bOut.toByteArray());
+        }
+        catch (Exception e)
+        {
+            throw (SecurityException)new SecurityException("exception encoding TBS cert - " + e.getMessage()).initCause(e);
+        }
+
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(tbsCert);
+        v.add(sigAlgId);
+        v.add(new DERBitString(sig.sign()));
+
+        return new X509CertificateObject(new X509CertificateStructure(new DERSequence(v)));
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/X509V1CertificateGenerator.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,38 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.interfaces;
+
+import java.util.Enumeration;
+
+import org.apache.geronimo.crypto.asn1.DEREncodable;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+
+/**
+ * allow us to set attributes on objects that can go into a PKCS12 store.
+ */
+public interface PKCS12BagAttributeCarrier
+{
+    public void setBagAttribute(
+        DERObjectIdentifier oid,
+        DEREncodable        attribute);
+
+    public DEREncodable getBagAttribute(
+        DERObjectIdentifier oid);
+
+    public Enumeration getBagAttributeKeys();
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/interfaces/PKCS12BagAttributeCarrier.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,184 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPrivateKeySpec;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DEREncodable;
+import org.apache.geronimo.crypto.asn1.DERInteger;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.DHParameter;
+import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
+import org.apache.geronimo.crypto.asn1.pkcs.PrivateKeyInfo;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.crypto.params.DHPrivateKeyParameters;
+import org.apache.geronimo.crypto.jce.interfaces.PKCS12BagAttributeCarrier;
+
+public class JCEDHPrivateKey
+    implements DHPrivateKey, PKCS12BagAttributeCarrier
+{
+    BigInteger      x;
+
+    DHParameterSpec dhSpec;
+
+    private Hashtable   pkcs12Attributes = new Hashtable();
+    private Vector      pkcs12Ordering = new Vector();
+
+    protected JCEDHPrivateKey()
+    {
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKey    key)
+    {
+        this.x = key.getX();
+        this.dhSpec = key.getParams();
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKeySpec    spec)
+    {
+        this.x = spec.getX();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+    }
+
+    JCEDHPrivateKey(
+        PrivateKeyInfo  info)
+    {
+        DHParameter     params = new DHParameter((ASN1Sequence)info.getAlgorithmId().getParameters());
+        DERInteger      derX = (DERInteger)info.getPrivateKey();
+
+        this.x = derX.getValue();
+        if (params.getL() != null)
+        {
+            this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+        }
+        else
+        {
+            this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+        }
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKeyParameters  params)
+    {
+        this.x = params.getX();
+        this.dhSpec = new DHParameterSpec(params.getParameters().getP(), params.getParameters().getG());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.dhKeyAgreement, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL()).getDERObject()), new DERInteger(getX()));
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding DH private key", e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        x = (BigInteger)in.readObject();
+
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.writeObject(this.getX());
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+
+    public void setBagAttribute(
+        DERObjectIdentifier oid,
+        DEREncodable        attribute)
+    {
+        pkcs12Attributes.put(oid, attribute);
+        pkcs12Ordering.addElement(oid);
+    }
+
+    public DEREncodable getBagAttribute(
+        DERObjectIdentifier oid)
+    {
+        return (DEREncodable)pkcs12Attributes.get(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return pkcs12Ordering.elements();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPrivateKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,157 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPublicKeySpec;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DERInteger;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.DHParameter;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
+import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
+import org.apache.geronimo.crypto.crypto.params.DHPublicKeyParameters;
+
+public class JCEDHPublicKey
+    implements DHPublicKey
+{
+    private BigInteger              y;
+    private DHParameterSpec         dhSpec;
+
+    JCEDHPublicKey(
+        DHPublicKeySpec    spec)
+    {
+        this.y = spec.getY();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+    }
+
+    JCEDHPublicKey(
+        DHPublicKey    key)
+    {
+        this.y = key.getY();
+        this.dhSpec = key.getParams();
+    }
+
+    JCEDHPublicKey(
+        DHPublicKeyParameters  params)
+    {
+        this.y = params.getY();
+        this.dhSpec = new DHParameterSpec(params.getParameters().getP(), params.getParameters().getG(), 0);
+    }
+
+    JCEDHPublicKey(
+        BigInteger        y,
+        DHParameterSpec   dhSpec)
+    {
+        this.y = y;
+        this.dhSpec = dhSpec;
+    }
+
+    JCEDHPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+        DHParameter             params = new DHParameter((ASN1Sequence)info.getAlgorithmId().getParameters());
+        DERInteger              derY = null;
+
+        try
+        {
+            derY = (DERInteger)info.getPublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DH public key", e);
+        }
+
+        this.y = derY.getValue();
+        if (params.getL() != null)
+        {
+            this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+        }
+        else
+        {
+            this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.dhpublicnumber, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL()).getDERObject()), new DERInteger(y));
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding DH public key", e);
+        }
+
+        return bOut.toByteArray();
+
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        this.y = (BigInteger)in.readObject();
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.writeObject(this.getY());
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCEDHPublicKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,264 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.spec.RSAPrivateCrtKeySpec;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DERNull;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
+import org.apache.geronimo.crypto.asn1.pkcs.PrivateKeyInfo;
+import org.apache.geronimo.crypto.asn1.pkcs.RSAPrivateKeyStructure;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.crypto.params.RSAPrivateCrtKeyParameters;
+
+/**
+ * A provider representation for a RSA private key, with CRT factors included.
+ */
+public class JCERSAPrivateCrtKey
+    extends JCERSAPrivateKey
+    implements RSAPrivateCrtKey
+{
+    private BigInteger  publicExponent;
+    private BigInteger  primeP;
+    private BigInteger  primeQ;
+    private BigInteger  primeExponentP;
+    private BigInteger  primeExponentQ;
+    private BigInteger  crtCoefficient;
+
+    /**
+     * construct a private key from it's org.apache.geronimo.crypto.crypto equivalent.
+     *
+     * @param key the parameters object representing the private key.
+     */
+    JCERSAPrivateCrtKey(
+        RSAPrivateCrtKeyParameters key)
+    {
+        super(key);
+
+        this.publicExponent = key.getPublicExponent();
+        this.primeP = key.getP();
+        this.primeQ = key.getQ();
+        this.primeExponentP = key.getDP();
+        this.primeExponentQ = key.getDQ();
+        this.crtCoefficient = key.getQInv();
+    }
+
+    /**
+     * construct a private key from an RSAPrivateCrtKeySpec
+     *
+     * @param spec the spec to be used in construction.
+     */
+    JCERSAPrivateCrtKey(
+        RSAPrivateCrtKeySpec spec)
+    {
+        this.modulus = spec.getModulus();
+        this.publicExponent = spec.getPublicExponent();
+        this.privateExponent = spec.getPrivateExponent();
+        this.primeP = spec.getPrimeP();
+        this.primeQ = spec.getPrimeQ();
+        this.primeExponentP = spec.getPrimeExponentP();
+        this.primeExponentQ = spec.getPrimeExponentQ();
+        this.crtCoefficient = spec.getCrtCoefficient();
+    }
+
+    /**
+     * construct a private key from another RSAPrivateCrtKey.
+     *
+     * @param key the object implementing the RSAPrivateCrtKey interface.
+     */
+    JCERSAPrivateCrtKey(
+        RSAPrivateCrtKey key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+        this.privateExponent = key.getPrivateExponent();
+        this.primeP = key.getPrimeP();
+        this.primeQ = key.getPrimeQ();
+        this.primeExponentP = key.getPrimeExponentP();
+        this.primeExponentQ = key.getPrimeExponentQ();
+        this.crtCoefficient = key.getCrtCoefficient();
+    }
+
+    /**
+     * construct an RSA key from a private key info object.
+     */
+    JCERSAPrivateCrtKey(
+        PrivateKeyInfo  info)
+    {
+        this(new RSAPrivateKeyStructure((ASN1Sequence)info.getPrivateKey()));
+    }
+
+    /**
+     * construct an RSA key from a ASN.1 RSA private key object.
+     */
+    JCERSAPrivateCrtKey(
+        RSAPrivateKeyStructure  key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+        this.privateExponent = key.getPrivateExponent();
+        this.primeP = key.getPrime1();
+        this.primeQ = key.getPrime2();
+        this.primeExponentP = key.getExponent1();
+        this.primeExponentQ = key.getExponent2();
+        this.crtCoefficient = key.getCoefficient();
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the encoding format we produce in getEncoded().
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPrivateKeyStructure(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient()).getDERObject());
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding RSA public key", e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * return the public exponent.
+     *
+     * @return the public exponent.
+     */
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    /**
+     * return the prime P.
+     *
+     * @return the prime P.
+     */
+    public BigInteger getPrimeP()
+    {
+        return primeP;
+    }
+
+    /**
+     * return the prime Q.
+     *
+     * @return the prime Q.
+     */
+    public BigInteger getPrimeQ()
+    {
+        return primeQ;
+    }
+
+    /**
+     * return the prime exponent for P.
+     *
+     * @return the prime exponent for P.
+     */
+    public BigInteger getPrimeExponentP()
+    {
+        return primeExponentP;
+    }
+
+    /**
+     * return the prime exponent for Q.
+     *
+     * @return the prime exponent for Q.
+     */
+    public BigInteger getPrimeExponentQ()
+    {
+        return primeExponentQ;
+    }
+
+    /**
+     * return the CRT coefficient.
+     *
+     * @return the CRT coefficient.
+     */
+    public BigInteger getCrtCoefficient()
+    {
+        return crtCoefficient;
+    }
+
+    public boolean equals(Object o)
+    {
+        if ( !(o instanceof RSAPrivateCrtKey) )
+        {
+            return false;
+        }
+
+        if ( o == this )
+        {
+            return true;
+        }
+
+        RSAPrivateCrtKey key = (RSAPrivateCrtKey)o;
+
+        return this.getModulus().equals(key.getModulus())
+         && this.getPublicExponent().equals(key.getPublicExponent())
+         && this.getPrivateExponent().equals(key.getPrivateExponent())
+         && this.getPrimeP().equals(key.getPrimeP())
+         && this.getPrimeQ().equals(key.getPrimeQ())
+         && this.getPrimeExponentP().equals(key.getPrimeExponentP())
+         && this.getPrimeExponentQ().equals(key.getPrimeExponentQ())
+         && this.getCrtCoefficient().equals(key.getCrtCoefficient());
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = System.getProperty("line.separator");
+
+        buf.append("RSA Private CRT Key" + nl);
+        buf.append("            modulus: " + this.getModulus().toString(16) + nl);
+        buf.append("    public exponent: " + this.getPublicExponent().toString(16) + nl);
+        buf.append("   private exponent: " + this.getPrivateExponent().toString(16) + nl);
+        buf.append("             primeP: " + this.getPrimeP().toString(16) + nl);
+        buf.append("             primeQ: " + this.getPrimeQ().toString(16) + nl);
+        buf.append("     primeExponentP: " + this.getPrimeExponentP().toString(16) + nl);
+        buf.append("     primeExponentQ: " + this.getPrimeExponentQ().toString(16) + nl);
+        buf.append("     crtCoefficient: " + this.getCrtCoefficient().toString(16) + nl);
+
+        return buf.toString();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateCrtKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,198 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.RSAPrivateKeySpec;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import org.apache.geronimo.crypto.asn1.ASN1InputStream;
+import org.apache.geronimo.crypto.asn1.ASN1OutputStream;
+import org.apache.geronimo.crypto.asn1.DEREncodable;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+import org.apache.geronimo.crypto.crypto.params.RSAKeyParameters;
+import org.apache.geronimo.crypto.jce.interfaces.PKCS12BagAttributeCarrier;
+
+public class JCERSAPrivateKey
+    implements RSAPrivateKey, PKCS12BagAttributeCarrier
+{
+    protected BigInteger modulus;
+    protected BigInteger privateExponent;
+
+    private Hashtable   pkcs12Attributes = new Hashtable();
+    private Vector      pkcs12Ordering = new Vector();
+
+    protected JCERSAPrivateKey()
+    {
+    }
+
+    JCERSAPrivateKey(
+        RSAKeyParameters key)
+    {
+        this.modulus = key.getModulus();
+        this.privateExponent = key.getExponent();
+    }
+
+    JCERSAPrivateKey(
+        RSAPrivateKeySpec spec)
+    {
+        this.modulus = spec.getModulus();
+        this.privateExponent = spec.getPrivateExponent();
+    }
+
+    JCERSAPrivateKey(
+        RSAPrivateKey key)
+    {
+        this.modulus = key.getModulus();
+        this.privateExponent = key.getPrivateExponent();
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPrivateExponent()
+    {
+        return privateExponent;
+    }
+
+    public String getAlgorithm()
+    {
+        return "RSA";
+    }
+
+    public String getFormat()
+    {
+        return "NULL";
+    }
+
+    public byte[] getEncoded()
+    {
+        return null;
+    }
+
+    public boolean equals(Object o)
+    {
+        if ( !(o instanceof RSAPrivateKey) )
+        {
+            return false;
+        }
+
+        if ( o == this )
+        {
+            return true;
+        }
+
+        RSAPrivateKey key = (RSAPrivateKey)o;
+
+        return getModulus().equals(key.getModulus())
+            && getPrivateExponent().equals(key.getPrivateExponent());
+    }
+
+    public void setBagAttribute(
+        DERObjectIdentifier oid,
+        DEREncodable        attribute)
+    {
+        pkcs12Attributes.put(oid, attribute);
+        pkcs12Ordering.addElement(oid);
+    }
+
+    public DEREncodable getBagAttribute(
+        DERObjectIdentifier oid)
+    {
+        return (DEREncodable)pkcs12Attributes.get(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return pkcs12Ordering.elements();
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        this.modulus = (BigInteger)in.readObject();
+
+        Object  obj = in.readObject();
+
+        if (obj instanceof Hashtable)
+        {
+            this.pkcs12Attributes = (Hashtable)obj;
+            this.pkcs12Ordering = (Vector)in.readObject();
+        }
+        else
+        {
+            this.pkcs12Attributes = new Hashtable();
+            this.pkcs12Ordering = new Vector();
+
+            ByteArrayInputStream    bIn = new ByteArrayInputStream((byte[])obj);
+            ASN1InputStream         aIn = new ASN1InputStream(bIn);
+
+            DERObjectIdentifier    oid;
+
+            while ((oid = (DERObjectIdentifier)aIn.readObject()) != null)
+            {
+                this.setBagAttribute(oid, aIn.readObject());
+            }
+        }
+
+        this.privateExponent = (BigInteger)in.readObject();
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.writeObject(modulus);
+
+        if (pkcs12Ordering.size() == 0)
+        {
+            out.writeObject(pkcs12Attributes);
+            out.writeObject(pkcs12Ordering);
+        }
+        else
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
+
+            Enumeration             e = this.getBagAttributeKeys();
+
+            while (e.hasMoreElements())
+            {
+                DEREncodable    oid = (DEREncodable)e.nextElement();
+
+                aOut.writeObject(oid);
+                aOut.writeObject(pkcs12Attributes.get(oid));
+            }
+
+            out.writeObject(bOut.toByteArray());
+        }
+
+        out.writeObject(privateExponent);
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPrivateKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,157 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAPublicKeySpec;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DERNull;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.RSAPublicKeyStructure;
+import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
+import org.apache.geronimo.crypto.crypto.params.RSAKeyParameters;
+
+public class JCERSAPublicKey
+    implements RSAPublicKey
+{
+    private BigInteger modulus;
+    private BigInteger publicExponent;
+
+    JCERSAPublicKey(
+        RSAKeyParameters key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getExponent();
+    }
+
+    JCERSAPublicKey(
+        RSAPublicKeySpec spec)
+    {
+        this.modulus = spec.getModulus();
+        this.publicExponent = spec.getPublicExponent();
+    }
+
+    JCERSAPublicKey(
+        RSAPublicKey key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+    }
+
+    JCERSAPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+        try
+        {
+            RSAPublicKeyStructure   pubKey = new RSAPublicKeyStructure((ASN1Sequence)info.getPublicKey());
+
+            this.modulus = pubKey.getModulus();
+            this.publicExponent = pubKey.getPublicExponent();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in RSA public key", e);
+        }
+    }
+
+    /**
+     * return the modulus.
+     *
+     * @return the modulus.
+     */
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    /**
+     * return the public exponent.
+     *
+     * @return the public exponent.
+     */
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    public String getAlgorithm()
+    {
+        return "RSA";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPublicKeyStructure(getModulus(), getPublicExponent()).getDERObject());
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding RSA public key", e);
+        }
+
+        return bOut.toByteArray();
+
+    }
+
+    public boolean equals(Object o)
+    {
+        if ( !(o instanceof RSAPublicKey) )
+        {
+            return false;
+        }
+
+        if ( o == this )
+        {
+            return true;
+        }
+
+        RSAPublicKey key = (RSAPublicKey)o;
+
+        return getModulus().equals(key.getModulus())
+            && getPublicExponent().equals(key.getPublicExponent());
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = System.getProperty("line.separator");
+
+        buf.append("RSA Public Key" + nl);
+        buf.append("            modulus: " + this.getModulus().toString(16) + nl);
+        buf.append("    public exponent: " + this.getPublicExponent().toString(16) + nl);
+
+        return buf.toString();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JCERSAPublicKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,155 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPrivateKeySpec;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DEREncodable;
+import org.apache.geronimo.crypto.asn1.DERInteger;
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.pkcs.PrivateKeyInfo;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.DSAParameter;
+import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
+import org.apache.geronimo.crypto.crypto.params.DSAPrivateKeyParameters;
+import org.apache.geronimo.crypto.jce.interfaces.PKCS12BagAttributeCarrier;
+
+public class JDKDSAPrivateKey
+    implements DSAPrivateKey, PKCS12BagAttributeCarrier
+{
+    BigInteger          x;
+    DSAParams           dsaSpec;
+
+    private Hashtable   pkcs12Attributes = new Hashtable();
+    private Vector      pkcs12Ordering = new Vector();
+
+    protected JDKDSAPrivateKey()
+    {
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKey    key)
+    {
+        this.x = key.getX();
+        this.dsaSpec = key.getParams();
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKeySpec    spec)
+    {
+        this.x = spec.getX();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+    }
+
+    JDKDSAPrivateKey(
+        PrivateKeyInfo  info)
+    {
+        DSAParameter    params = new DSAParameter((ASN1Sequence)info.getAlgorithmId().getParameters());
+        DERInteger      derX = (DERInteger)info.getPrivateKey();
+
+        this.x = derX.getValue();
+        this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKeyParameters  params)
+    {
+        this.x = params.getX();
+        this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()).getDERObject()), new DERInteger(getX()));
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding DSA private key", e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    public void setBagAttribute(
+        DERObjectIdentifier oid,
+        DEREncodable        attribute)
+    {
+        pkcs12Attributes.put(oid, attribute);
+        pkcs12Ordering.addElement(oid);
+    }
+
+    public DEREncodable getBagAttribute(
+        DERObjectIdentifier oid)
+    {
+        return (DEREncodable)pkcs12Attributes.get(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return pkcs12Ordering.elements();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPrivateKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,141 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPublicKeySpec;
+
+import org.apache.geronimo.crypto.asn1.ASN1Sequence;
+import org.apache.geronimo.crypto.asn1.DERInteger;
+import org.apache.geronimo.crypto.asn1.DEROutputStream;
+import org.apache.geronimo.crypto.asn1.x509.AlgorithmIdentifier;
+import org.apache.geronimo.crypto.asn1.x509.DSAParameter;
+import org.apache.geronimo.crypto.asn1.x509.SubjectPublicKeyInfo;
+import org.apache.geronimo.crypto.asn1.x9.X9ObjectIdentifiers;
+import org.apache.geronimo.crypto.crypto.params.DSAPublicKeyParameters;
+
+public class JDKDSAPublicKey
+    implements DSAPublicKey
+{
+    private BigInteger      y;
+    private DSAParams       dsaSpec;
+
+    JDKDSAPublicKey(
+        DSAPublicKeySpec    spec)
+    {
+        this.y = spec.getY();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+    }
+
+    JDKDSAPublicKey(
+        DSAPublicKey    key)
+    {
+        this.y = key.getY();
+        this.dsaSpec = key.getParams();
+    }
+
+    JDKDSAPublicKey(
+        DSAPublicKeyParameters  params)
+    {
+        this.y = params.getY();
+        this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+    }
+
+    JDKDSAPublicKey(
+        BigInteger        y,
+        DSAParameterSpec  dsaSpec)
+    {
+        this.y = y;
+        this.dsaSpec = dsaSpec;
+    }
+
+    JDKDSAPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+        DSAParameter             params = new DSAParameter((ASN1Sequence)info.getAlgorithmId().getParameters());
+        DERInteger              derY = null;
+
+        try
+        {
+            derY = (DERInteger)info.getPublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DSA public key", e);
+        }
+
+        this.y = derY.getValue();
+        this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+        DEROutputStream         dOut = new DEROutputStream(bOut);
+        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()).getDERObject()), new DERInteger(y));
+
+        try
+        {
+            dOut.writeObject(info);
+            dOut.close();
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding DSA public key", e);
+        }
+
+        return bOut.toByteArray();
+
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = System.getProperty("line.separator");
+
+        buf.append("DSA Public Key" + nl);
+        buf.append("            y: " + this.getY().toString(16) + nl);
+
+        return buf.toString();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/jce/provider/JDKDSAPublicKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain



Mime
View raw message