1 files changed, 246 insertions, 0 deletions
diff --git a/gcc-4.4.3/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/gcc-4.4.3/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
new file mode 100644
index 000000000..c31cc4cc1
--- /dev/null
+++ b/gcc-4.4.3/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
@@ -0,0 +1,246 @@
+/* RSAKeyPairGenerator.java -- 
+   Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.  */
+
+
+package gnu.java.security.key.rsa;
+
+import gnu.java.security.Configuration;
+import gnu.java.security.Registry;
+import gnu.java.security.key.IKeyPairGenerator;
+import gnu.java.security.util.PRNG;
+
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.spec.RSAKeyGenParameterSpec;
+import java.util.Map;
+import java.util.logging.Logger;
+
+/**
+ * A key-pair generator for asymetric keys to use in conjunction with the RSA
+ * scheme.
+ * <p>
+ * Reference:
+ * <ol>
+ * <li><a
+ * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
+ * RSA-PSS Signature Scheme with Appendix</a>, part B. Primitive specification
+ * and supporting documentation. Jakob Jonsson and Burt Kaliski. </li>
+ * <li><a href="http://www.cacr.math.uwaterloo.ca/hac/">Handbook of Applied
+ * Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
+ * Vanstone. Section 11.3 RSA and related signature schemes.</li>
+ * </ol>
+ */
+public class RSAKeyPairGenerator
+    implements IKeyPairGenerator
+{
+  private static final Logger log = Logger.getLogger(RSAKeyPairGenerator.class.getName());
+
+  /** The BigInteger constant 1. */
+  private static final BigInteger ONE = BigInteger.ONE;
+
+  /** The BigInteger constant 2. */
+  private static final BigInteger TWO = BigInteger.valueOf(2L);
+
+  /** Property name of the length (Integer) of the modulus of an RSA key. */
+  public static final String MODULUS_LENGTH = "gnu.crypto.rsa.L";
+
+  /**
+   * Property name of an optional {@link SecureRandom} instance to use. The
+   * default is to use a classloader singleton from {@link PRNG}.
+   */
+  public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.rsa.prng";
+
+  /**
+   * Property name of an optional {@link RSAKeyGenParameterSpec} instance to use
+   * for this generator's <code>n</code>, and <code>e</code> values. The
+   * default is to generate <code>n</code> and use a fixed value for
+   * <code>e</.code> (Fermat's F4 number).
+   */
+  public static final String RSA_PARAMETERS = "gnu.crypto.rsa.params";
+
+  /**
+   * Property name of the preferred encoding format to use when externalizing
+   * generated instance of key-pairs from this generator. The property is taken
+   * to be an {@link Integer} that encapsulates an encoding format identifier.
+   */
+  public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.rsa.encoding";
+
+  /** Default value for the modulus length. */
+  private static final int DEFAULT_MODULUS_LENGTH = 1024;
+
+  /** Default encoding format to use when none was specified. */
+  private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID;
+
+  /** The desired bit length of the modulus. */
+  private int L;
+
+  /**
+   * This implementation uses, by default, Fermat's F4 number as the public
+   * exponent.
+   */
+  private BigInteger e = BigInteger.valueOf(65537L);
+
+  /** The optional {@link SecureRandom} instance to use. */
+  private SecureRandom rnd = null;
+
+  /** Our default source of randomness. */
+  private PRNG prng = null;
+
+  /** Preferred encoding format of generated keys. */
+  private int preferredFormat;
+
+  // implicit 0-arguments constructor
+
+  public String name()
+  {
+    return Registry.RSA_KPG;
+  }
+
+  /**
+   * Configures this instance.
+   * 
+   * @param attributes the map of name/value pairs to use.
+   * @exception IllegalArgumentException if the designated MODULUS_LENGTH value
+   *              is less than 1024.
+   */
+  public void setup(Map attributes)
+  {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "setup", attributes);
+    // do we have a SecureRandom, or should we use our own?
+    rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
+    // are we given a set of RSA params or we shall use our own?
+    RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) attributes.get(RSA_PARAMETERS);
+    // find out the modulus length
+    if (params != null)
+      {
+        L = params.getKeysize();
+        e = params.getPublicExponent();
+      }
+    else
+      {
+        Integer l = (Integer) attributes.get(MODULUS_LENGTH);
+        L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue());
+      }
+    if (L < 1024)
+      throw new IllegalArgumentException(MODULUS_LENGTH);
+
+    // what is the preferred encoding format
+    Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
+    preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
+                                       : formatID.intValue();
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "setup");
+  }
+
+  /**
+   * <p>
+   * The algorithm used here is described in <i>nessie-pss-B.pdf</i> document
+   * which is part of the RSA-PSS submission to NESSIE.
+   * </p>
+   * 
+   * @return an RSA keypair.
+   */
+  public KeyPair generate()
+  {
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "generate");
+    BigInteger p, q, n, d;
+    // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where
+    // M = CEILING(L/2), and such that GCD(p, e) = 1
+    int M = (L + 1) / 2;
+    BigInteger lower = TWO.pow(M - 1);
+    BigInteger upper = TWO.pow(M).subtract(ONE);
+    byte[] kb = new byte[(M + 7) / 8]; // enough bytes to frame M bits
+    step1: while (true)
+      {
+        nextRandomBytes(kb);
+        p = new BigInteger(1, kb).setBit(0);
+        if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0
+            && p.isProbablePrime(80) && p.gcd(e).equals(ONE))
+          break step1;
+      }
+    // 2. Generate a prime q such that the product of p and q is an L-bit
+    // number, and such that GCD(q, e) = 1
+    step2: while (true)
+      {
+        nextRandomBytes(kb);
+        q = new BigInteger(1, kb).setBit(0);
+        n = p.multiply(q);
+        if (n.bitLength() == L && q.isProbablePrime(80) && q.gcd(e).equals(ONE))
+          break step2;
+        // TODO: test for p != q
+      }
+    // TODO: ensure p < q
+    // 3. Put n = pq. The public key is (n, e).
+    // 4. Compute the parameters necessary for the private key K (see
+    // Section 2.2).
+    BigInteger phi = p.subtract(ONE).multiply(q.subtract(ONE));
+    d = e.modInverse(phi);
+    // 5. Output the public key and the private key.
+    PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e);
+    PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d);
+    KeyPair result = new KeyPair(pubK, secK);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "generate", result);
+    return result;
+  }
+
+  /**
+   * Fills the designated byte array with random data.
+   * 
+   * @param buffer the byte array to fill with random data.
+   */
+  private void nextRandomBytes(byte[] buffer)
+  {
+    if (rnd != null)
+      rnd.nextBytes(buffer);
+    else
+      getDefaultPRNG().nextBytes(buffer);
+  }
+
+  private PRNG getDefaultPRNG()
+  {
+    if (prng == null)
+      prng = PRNG.getInstance();
+
+    return prng;
+  }
+}