harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ndbe...@apache.org
Subject svn commit: r725568 - /harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
Date Thu, 11 Dec 2008 04:08:53 GMT
Author: ndbeyer
Date: Wed Dec 10 20:08:53 2008
New Revision: 725568

URL: http://svn.apache.org/viewvc?rev=725568&view=rev
Log:
Clean up DigitalSignature, in part for HARMONY-6040

Modified:
    harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java

Modified: harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java?rev=725568&r1=725567&r2=725568&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
(original)
+++ harmony/enhanced/classlib/trunk/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
Wed Dec 10 20:08:53 2008
@@ -21,19 +21,24 @@
  */
 package org.apache.harmony.xnet.provider.jsse;
 
-import org.apache.harmony.xnet.provider.jsse.AlertException;
-
+import java.security.DigestException;
+import java.security.InvalidKeyException;
 import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.Signature;
+import java.security.SignatureException;
 import java.security.cert.Certificate;
 import java.util.Arrays;
 
+import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
 import javax.net.ssl.SSLException;
 
 /**
- * This class represents Signature type, as descrybed in TLS v 1.0 Protocol
+ * This class represents Signature type, as described in TLS v 1.0 Protocol
  * specification, 7.4.3. It allow to init, update and sign hash. Hash algorithm
  * depends on SignatureAlgorithm.
  * 
@@ -56,10 +61,10 @@
  */
 public class DigitalSignature {
 
-    private MessageDigest md5 = null;
-    private MessageDigest sha = null;
-    private Signature signature = null;
-    private Cipher cipher = null;
+    private final MessageDigest md5;
+    private final MessageDigest sha;
+    private final Signature signature;
+    private final Cipher cipher;
     
     private byte[] md5_hash;
     private byte[] sha_hash;
@@ -69,33 +74,35 @@
      * @param keyExchange
      */
     public DigitalSignature(int keyExchange) {
-        try { 
+        try {
+            sha = MessageDigest.getInstance("SHA-1");
+            
             if (keyExchange == CipherSuite.KeyExchange_RSA_EXPORT ||
                     keyExchange == CipherSuite.KeyExchange_RSA ||
                     keyExchange == CipherSuite.KeyExchange_DHE_RSA ||
                     keyExchange == CipherSuite.KeyExchange_DHE_RSA_EXPORT) {
                 // SignatureAlgorithm is rsa
                 md5 = MessageDigest.getInstance("MD5");
-                sha = MessageDigest.getInstance("SHA-1");
                 cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+                signature = null;
             } else if (keyExchange == CipherSuite.KeyExchange_DHE_DSS ||
                     keyExchange == CipherSuite.KeyExchange_DHE_DSS_EXPORT ) {
                 // SignatureAlgorithm is dsa
-                sha = MessageDigest.getInstance("SHA-1");
                 signature = Signature.getInstance("NONEwithDSA");
-// The Signature should be empty in case of anonimous signature algorithm:
-//            } else if (keyExchange == CipherSuite.KeyExchange_DH_anon ||
-//                    keyExchange == CipherSuite.KeyExchange_DH_anon_EXPORT) {          
 
-//
-            }
-        } catch (Exception e) {
-            throw new AlertException(
-                    AlertProtocol.INTERNAL_ERROR,
-                    new SSLException(
-                            "INTERNAL ERROR: Unexpected exception on digital signature",
-                            e));
-        }    
-            
+                cipher = null;
+                md5 = null;
+            } else {
+                cipher = null;
+                signature = null;
+                md5 = null;
+            }
+        } catch (NoSuchAlgorithmException e) {
+            // this should never happen
+            throw new AssertionError(e);
+        } catch (NoSuchPaddingException e) {
+            // this should never happen
+            throw new AssertionError(e);
+        }
     }
     
     /**
@@ -109,8 +116,9 @@
             } else if (cipher != null) {
                 cipher.init(Cipher.ENCRYPT_MODE, key);
             }
-        } catch (Exception e){
-            e.printStackTrace();
+        } catch (InvalidKeyException e){
+            throw new AlertException(AlertProtocol.BAD_CERTIFICATE,
+                    new SSLException("init - invalid private key", e));
         }
     }
     
@@ -125,8 +133,9 @@
             } else if (cipher != null) {
                 cipher.init(Cipher.DECRYPT_MODE, cert);
             }
-        } catch (Exception e){
-            e.printStackTrace();
+        } catch (InvalidKeyException e){
+            throw new AlertException(AlertProtocol.BAD_CERTIFICATE,
+                    new SSLException("init - invalid certificate", e));
         }
     }
     
@@ -135,16 +144,12 @@
      * @param data
      */
     public void update(byte[] data) {
-        try {
-            if (sha != null) {
-                sha.update(data);
-            }
-            if (md5 != null) {
-                md5.update(data);
-            }
-        } catch (Exception e){
-            e.printStackTrace();
-        }        
+        if (sha != null) {
+            sha.update(data);
+        }
+        if (md5 != null) {
+            md5.update(data);
+        }
     }
     
     /**
@@ -197,10 +202,15 @@
                 return cipher.doFinal();
             } 
             return new byte[0];
-        } catch (Exception e){
-            e.printStackTrace();
+        } catch (DigestException e){
+            return new byte[0];
+        } catch (SignatureException e){
+            return new byte[0];
+        } catch (BadPaddingException e){
+            return new byte[0];
+        } catch (IllegalBlockSizeException e){
             return new byte[0];
-        }    
+        }
     }
 
     /**
@@ -209,34 +219,40 @@
      * @return true if verified
      */
     public boolean verifySignature(byte[] data) {
-        try {
-            if (signature != null) {
+        if (signature != null) {
+            try {
                 return signature.verify(data);
-            } else if (cipher != null) {
-                byte[] decrypt = cipher.doFinal(data);
-                byte[] md5_sha;
-                if (md5_hash != null && sha_hash != null) {
-                    md5_sha = new byte[md5_hash.length + sha_hash.length];
-                    System.arraycopy(md5_hash, 0, md5_sha, 0, md5_hash.length);
-                    System.arraycopy(sha_hash, 0, md5_sha, md5_hash.length, sha_hash.length);
-                } else if (md5_hash != null) {
-                    md5_sha = md5_hash;
-                } else {
-                    md5_sha = sha_hash;
-                }
-                if (Arrays.equals(decrypt, md5_sha)) {
-                    return true;
-                } else {
-                    return false;
-                }
-            } else if (data == null || data.length == 0) {
-                return true;
-            } else {
+            } catch (SignatureException e) {
                 return false;
             }
-        } catch (Exception e){
-                e.printStackTrace();
+        }
+        
+        if (cipher != null) {
+            final byte[] decrypt;
+            try {
+                decrypt = cipher.doFinal(data);
+            } catch (IllegalBlockSizeException e) {
+                return false;
+            } catch (BadPaddingException e) {
                 return false;
+            }
+            
+            final byte[] md5_sha;
+            if (md5_hash != null && sha_hash != null) {
+                md5_sha = new byte[md5_hash.length + sha_hash.length];
+                System.arraycopy(md5_hash, 0, md5_sha, 0, md5_hash.length);
+                System.arraycopy(sha_hash, 0, md5_sha, md5_hash.length, sha_hash.length);
+            } else if (md5_hash != null) {
+                md5_sha = md5_hash;
+            } else {
+                md5_sha = sha_hash;
+            }
+            
+            return Arrays.equals(decrypt, md5_sha);
+        } else if (data == null || data.length == 0) {
+            return true;
+        } else {
+            return false;
         }
     }
 



Mime
View raw message