From 34e52cf538fab7786be6298de05d7a1ad0b652b7 Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Wed, 14 Aug 2019 14:38:39 -0400
Subject: [PATCH] Remove legacy DSA implementation
This is better suited for NSS via the Mozilla-JSS provider. This entire
provider could eventually be removed if we wished, but certain
functionality required by PKI transitively depends on it. It is never
explicitly added though, so I'm not convinced those places truly use it
via the intended APIs. However, various classes inside the provider are
used directly (such as RSAPublicKey and DSAPublicKey).
Signed-off-by: Alexander Scheel <ascheel@redhat.com>
---
.../jss/netscape/security/provider/DSA.java | 664 ------------------
.../provider/DSAKeyPairGenerator.java | 389 ----------
.../provider/DSAParameterGenerator.java | 298 --------
.../jss/netscape/security/provider/MD5.java | 378 ----------
.../jss/netscape/security/provider/SHA.java | 349 ---------
.../jss/netscape/security/provider/Sun.java | 43 --
6 files changed, 2121 deletions(-)
delete mode 100644 org/mozilla/jss/netscape/security/provider/DSA.java
delete mode 100644 org/mozilla/jss/netscape/security/provider/DSAKeyPairGenerator.java
delete mode 100644 org/mozilla/jss/netscape/security/provider/DSAParameterGenerator.java
delete mode 100644 org/mozilla/jss/netscape/security/provider/MD5.java
delete mode 100644 org/mozilla/jss/netscape/security/provider/SHA.java
diff --git a/org/mozilla/jss/netscape/security/provider/DSA.java b/org/mozilla/jss/netscape/security/provider/DSA.java
deleted file mode 100644
index abc320f4..00000000
--- a/org/mozilla/jss/netscape/security/provider/DSA.java
+++ /dev/null
@@ -1,664 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.mozilla.jss.netscape.security.provider;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.interfaces.DSAParams;
-
-import org.mozilla.jss.netscape.security.util.BigInt;
-import org.mozilla.jss.netscape.security.util.DerInputStream;
-import org.mozilla.jss.netscape.security.util.DerOutputStream;
-import org.mozilla.jss.netscape.security.util.DerValue;
-
-/**
- * The Digital Signature Standard (using the Digital Signature
- * Algorithm), as described in fips186 of the National Instute of
- * Standards and Technology (NIST), using fips180-1 (SHA-1).
- *
- * @author Benjamin Renaud
- *
- * @version 1.86, 97/09/17
- *
- * @see DSAPublicKey
- * @see DSAPrivateKey
- */
-
-public final class DSA extends Signature {
-
- /* Are we debugging? */
- private static boolean debug = false;
-
- /* The parameter object */
- @SuppressWarnings("unused")
- private DSAParams params;
-
- /* algorithm parameters */
- private BigInteger presetP, presetQ, presetG;
-
- /* The public key, if any */
- private BigInteger presetY;
-
- /* The private key, if any */
- private BigInteger presetX;
-
- /* The SHA hash for the data */
- private MessageDigest dataSHA;
-
- /* The random seed used to generate k */
- private int[] Kseed;
-
- /* The random seed used to generate k (specified by application) */
- private byte[] KseedAsByteArray;
-
- /*
- * The random seed used to generate k
- * (prevent the same Kseed from being used twice in a row
- */
- private int[] previousKseed;
-
- /* The RNG used to output a seed for generating k */
- private SecureRandom signingRandom;
-
- /**
- * Construct a blank DSA object. It can generate keys, but must be
- * initialized before being usable for signing or verifying.
- */
- public DSA() throws NoSuchAlgorithmException {
- super("SHA/DSA");
- dataSHA = MessageDigest.getInstance("SHA");
- }
-
- /**
- * Initialize the DSA object with a DSA private key.
- *
- * @param privateKey the DSA private key
- *
- * @exception InvalidKeyException if the key is not a valid DSA private
- * key.
- */
- protected void engineInitSign(PrivateKey privateKey)
- throws InvalidKeyException {
- if (!(privateKey instanceof java.security.interfaces.DSAPrivateKey)) {
- throw new InvalidKeyException("not a DSA private key: " +
- privateKey);
- }
- java.security.interfaces.DSAPrivateKey priv =
- (java.security.interfaces.DSAPrivateKey) privateKey;
-
- this.presetX = priv.getX();
- initialize(priv.getParams());
- }
-
- /**
- * Initialize the DSA object with a DSA public key.
- *
- * @param publicKey the DSA public key.
- *
- * @exception InvalidKeyException if the key is not a valid DSA public
- * key.
- */
- protected void engineInitVerify(PublicKey publicKey)
- throws InvalidKeyException {
- if (!(publicKey instanceof java.security.interfaces.DSAPublicKey)) {
- throw new InvalidKeyException("not a DSA public key: " +
- publicKey);
- }
- java.security.interfaces.DSAPublicKey pub =
- (java.security.interfaces.DSAPublicKey) publicKey;
- this.presetY = pub.getY();
- initialize(pub.getParams());
- }
-
- private void initialize(DSAParams params) {
- dataSHA.reset();
- setParams(params);
- }
-
- /**
- * Sign all the data thus far updated. The signature is formatted
- * according to the Canonical Encoding Rules, returned as a DER
- * sequence of Integer, r and s.
- *
- * @return a signature block formatted according to the Canonical
- * Encoding Rules.
- *
- * @exception SignatureException if the signature object was not
- * properly initialized, or if another exception occurs.
- *
- * @see org.mozilla.jss.netscape.security.provider.DSA#engineUpdate
- * @see org.mozilla.jss.netscape.security.provider.DSA#engineVerify
- */
- protected byte[] engineSign() throws SignatureException {
- BigInteger k = generateK(presetQ);
- BigInteger r = generateR(presetP, presetQ, presetG, k);
- BigInteger s = generateS(presetX, presetQ, r, k);
-
- // got to convert to BigInt...
- BigInt rAsBigInt = new BigInt(r.toByteArray());
- BigInt sAsBigInt = new BigInt(s.toByteArray());
-
- try (DerOutputStream outseq = new DerOutputStream(100)) {
- outseq.putInteger(rAsBigInt);
- outseq.putInteger(sAsBigInt);
- DerValue result = new DerValue(DerValue.tag_Sequence,
- outseq.toByteArray());
-
- return result.toByteArray();
-
- } catch (IOException e) {
- throw new SignatureException("error encoding signature");
- }
- }
-
- /**
- * Verify all the data thus far updated.
- *
- * @param signature the alledged signature, encoded using the
- * Canonical Encoding Rules, as a sequence of integers, r and s.
- *
- * @exception SignatureException if the signature object was not
- * properly initialized, or if another exception occurs.
- *
- * @see org.mozilla.jss.netscape.security.provider.DSA#engineUpdate
- * @see org.mozilla.jss.netscape.security.provider.DSA#engineSign
- */
- protected boolean engineVerify(byte[] signature)
- throws SignatureException {
-
- BigInteger r = null;
- BigInteger s = null;
- // first decode the signature.
- try {
- DerInputStream in = new DerInputStream(signature);
- DerValue[] values = in.getSequence(2);
-
- r = values[0].getInteger().toBigInteger();
- s = values[1].getInteger().toBigInteger();
-
- } catch (IOException e) {
- throw new SignatureException("invalid encoding for signature");
- }
- BigInteger w = generateW(presetP, presetQ, presetG, s);
- BigInteger v = generateV(presetY, presetP, presetQ, presetG, w, r);
-
- return v.equals(r);
- }
-
- BigInteger generateR(BigInteger p, BigInteger q, BigInteger g,
- BigInteger k) {
- BigInteger temp = g.modPow(k, p);
- return temp.remainder(q);
-
- }
-
- BigInteger generateS(BigInteger x, BigInteger q,
- BigInteger r, BigInteger k) {
-
- byte[] s2 = dataSHA.digest();
- BigInteger temp = new BigInteger(1, s2);
- BigInteger k1 = k.modInverse(q);
-
- BigInteger s = x.multiply(r);
- s = temp.add(s);
- s = k1.multiply(s);
- return s.remainder(q);
- }
-
- BigInteger generateW(BigInteger p, BigInteger q,
- BigInteger g, BigInteger s) {
- return s.modInverse(q);
- }
-
- BigInteger generateV(BigInteger y, BigInteger p,
- BigInteger q, BigInteger g,
- BigInteger w, BigInteger r) {
-
- byte[] s2 = dataSHA.digest();
- BigInteger temp = new BigInteger(1, s2);
-
- temp = temp.multiply(w);
- BigInteger u1 = temp.remainder(q);
-
- BigInteger u2 = (r.multiply(w)).remainder(q);
-
- BigInteger t1 = g.modPow(u1, p);
- BigInteger t2 = y.modPow(u2, p);
- BigInteger t3 = t1.multiply(t2);
- BigInteger t5 = t3.remainder(p);
- return t5.remainder(q);
- }
-
- /*
- * Please read bug report 4044247 for an alternative, faster,
- * NON-FIPS approved method to generate K
- */
- BigInteger generateK(BigInteger q) {
-
- BigInteger k = null;
-
- // The application specified a Kseed for us to use.
- // Note that we do not allow usage of the same Kseed twice in a row
- if (Kseed != null && compareSeeds(Kseed, previousKseed) != 0) {
- k = generateK(Kseed, q);
- if (k.signum() > 0 && k.compareTo(q) < 0) {
- previousKseed = new int[Kseed.length];
- System.arraycopy(Kseed, 0, previousKseed, 0, Kseed.length);
- return k;
- }
- }
-
- // The application did not specify a Kseed for us to use.
- // We'll generate a new Kseed by getting random bytes from
- // a SecureRandom object.
- SecureRandom random = getSigningRandom();
-
- while (true) {
- int[] seed = new int[5];
-
- for (int i = 0; i < 5; i++)
- seed[i] = random.nextInt();
- k = generateK(seed, q);
- if (k.signum() > 0 && k.compareTo(q) < 0) {
- previousKseed = new int[seed.length];
- System.arraycopy(seed, 0, previousKseed, 0, seed.length);
- return k;
- }
- }
- }
-
- // Use the application-specified SecureRandom Object if provided.
- // Otherwise, use our default SecureRandom Object.
- private SecureRandom getSigningRandom() {
- if (signingRandom == null) {
- if (appRandom != null)
- signingRandom = appRandom;
- else
- signingRandom = new SecureRandom();
- }
- return signingRandom;
- }
-
- /*
- * return 0 if equal
- * return 1 if not equal
- */
- private int compareSeeds(int[] seed1, int[] seed2) {
-
- if (seed1 == null || seed2 == null) {
- return 1;
- }
- if (seed1.length != seed2.length) {
- return 1;
- }
-
- for (int i = 0; i < seed1.length; i++) {
- if (seed1[i] != seed2[i])
- return 1;
- }
-
- return 0;
-
- }
-
- /**
- * Compute k for a DSA signature.
- *
- * @param seed the seed for generating k. This seed should be
- * secure. This is what is refered to as the KSEED in the DSA
- * specification.
- *
- * @param g the g parameter from the DSA key pair.
- */
- BigInteger generateK(int[] seed, BigInteger q) {
-
- // check out t in the spec.
- int[] t = { 0xEFCDAB89, 0x98BADCFE, 0x10325476,
- 0xC3D2E1F0, 0x67452301 };
- //
- int[] tmp = DSA.SHA_7(seed, t);
- byte[] tmpBytes = new byte[tmp.length * 4];
- for (int i = 0; i < tmp.length; i++) {
- int k = tmp[i];
- for (int j = 0; j < 4; j++) {
- tmpBytes[(i * 4) + j] = (byte) (k >>> (24 - (j * 8)));
- }
- }
- BigInteger k = new BigInteger(1, tmpBytes).mod(q);
- return k;
- }
-
- // Constants for each round
- private static final int round1_kt = 0x5a827999;
- private static final int round2_kt = 0x6ed9eba1;
- private static final int round3_kt = 0x8f1bbcdc;
- private static final int round4_kt = 0xca62c1d6;
-
- /**
- * Computes set 1 thru 7 of SHA-1 on m1.
- */
- static int[] SHA_7(int[] m1, int[] h) {
-
- int[] W = new int[80];
- System.arraycopy(m1, 0, W, 0, m1.length);
- int temp = 0;
-
- for (int t = 16; t <= 79; t++) {
- temp = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
- W[t] = ((temp << 1) | (temp >>> (32 - 1)));
- }
-
- int a = h[0], b = h[1], c = h[2], d = h[3], e = h[4];
- for (int i = 0; i < 20; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- ((b & c) | ((~b) & d)) + e + W[i] + round1_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 2
- for (int i = 20; i < 40; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- (b ^ c ^ d) + e + W[i] + round2_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 3
- for (int i = 40; i < 60; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- ((b & c) | (b & d) | (c & d)) + e + W[i] + round3_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 4
- for (int i = 60; i < 80; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- (b ^ c ^ d) + e + W[i] + round4_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
- int[] md = new int[5];
- md[0] = h[0] + a;
- md[1] = h[1] + b;
- md[2] = h[2] + c;
- md[3] = h[3] + d;
- md[4] = h[4] + e;
- return md;
- }
-
- /**
- * This implementation recognizes the following parameter:
- * <dl>
- *
- * <dt><code>Kseed</code>
- *
- * <dd>a byte array.
- *
- * </dl>
- *
- * @deprecated Replaced by engineSetParameter(AlgorithmParameterSpec params)
- */
- @Deprecated
- protected void engineSetParameter(String key, Object param) {
-
- if (key.equals("KSEED")) {
-
- if (param instanceof byte[]) {
-
- Kseed = byteArray2IntArray((byte[]) param);
- KseedAsByteArray = (byte[]) param;
-
- } else {
- debug("unrecognized param: " + key);
- throw new InvalidParameterException("Kseed not a byte array");
- }
-
- } else {
- throw new InvalidParameterException("invalid parameter");
- }
- }
-
- /**
- * Return the value of the requested parameter. Recognized
- * parameters are:
- *
- * <dl>
- *
- * <dt><code>Kseed</code>
- *
- * <dd>a byte array.
- *
- * </dl>
- *
- * @return the value of the requested parameter.
- *
- * @deprecated no replacent given
- * @see https://docs.oracle.com/javase/10/docs/api/java/security/SignatureSpi.html#engineGetParameter(java.lang.String)
- */
- @Deprecated
- protected Object engineGetParameter(String key) {
- if (key.equals("KSEED")) {
- return KseedAsByteArray;
- } else {
- return null;
- }
- }
-
- /**
- * Set the algorithm object.
- */
- private void setParams(DSAParams params) {
- this.params = params;
- this.presetP = params.getP();
- this.presetQ = params.getQ();
- this.presetG = params.getG();
- }
-
- /**
- * Update a byte to be signed or verified.
- *
- * @param b the byte to updated.
- */
- protected void engineUpdate(byte b) {
- dataSHA.update(b);
- }
-
- /**
- * Update an array of bytes to be signed or verified.
- *
- * @param data the bytes to be updated.
- */
- protected void engineUpdate(byte[] data, int off, int len) {
- dataSHA.update(data, off, len);
- }
-
- /**
- * Return a human readable rendition of the engine.
- */
- public String toString() {
- String printable = "DSA Signature";
- if (presetP != null && presetQ != null && presetG != null) {
- printable += "\n\tp: " + presetP.toString(16);
- printable += "\n\tq: " + presetQ.toString(16);
- printable += "\n\tg: " + presetG.toString(16);
- } else {
- printable += "\n\t P, Q or G not initialized.";
- }
- if (presetY != null) {
- printable += "\n\ty: " + presetY.toString(16);
- }
- if (presetY == null && presetX == null) {
- printable += "\n\tUNINIIALIZED";
- }
- return printable;
- }
-
- /*
- * Utility routine for converting a byte array into an int array
- */
- private int[] byteArray2IntArray(byte[] byteArray) {
-
- int j = 0;
- byte[] newBA;
- int mod = byteArray.length % 4;
-
- // guarantee that the incoming byteArray is a multiple of 4
- // (pad with 0's)
- switch (mod) {
- case 3:
- newBA = new byte[byteArray.length + 1];
- break;
- case 2:
- newBA = new byte[byteArray.length + 2];
- break;
- case 1:
- newBA = new byte[byteArray.length + 3];
- break;
- default:
- newBA = new byte[byteArray.length + 0];
- break;
- }
- System.arraycopy(byteArray, 0, newBA, 0, byteArray.length);
-
- // copy each set of 4 bytes in the byte array into an integer
- int[] newSeed = new int[newBA.length / 4];
- for (int i = 0; i < newBA.length; i += 4) {
- newSeed[j] = newBA[i + 3] & 0xFF;
- newSeed[j] |= (newBA[i + 2] << 8) & 0xFF00;
- newSeed[j] |= (newBA[i + 1] << 16) & 0xFF0000;
- newSeed[j] |= (newBA[i + 0] << 24) & 0xFF000000;
- j++;
- }
-
- return newSeed;
- }
-
- /* We include the test vectors from the DSA specification, FIPS
- 186, and the FIPS 186 Change No 1, which updates the test
- vector using SHA-1 instead of SHA (for both the G function and
- the message hash. */
-
- static void testDSA() throws Exception {
- PrintStream p = System.out;
-
- DSA dsa = new DSA();
- int[] Kseed = { 0x687a66d9, 0x0648f993, 0x867e121f,
- 0x4ddf9ddb, 0x1205584 };
- BigInteger k = dsa.generateK(Kseed, q512);
- p.println("k: " + k.toString(16));
- BigInteger r = dsa.generateR(p512, q512, g512, k);
- p.println("r: " + r.toString(16));
- byte[] abc = { 0x61, 0x62, 0x63 };
- dsa.dataSHA.update(abc);
- BigInteger s = dsa.generateS(x512, q512, r, k);
- p.println("s: " + s.toString(16));
-
- dsa.dataSHA.update(abc);
- BigInteger w = dsa.generateW(p512, q512, g512, s);
- p.println("w: " + w.toString(16));
- BigInteger v = dsa.generateV(y512, p512, q512, g512, w, r);
- p.println("v: " + v.toString(16));
- if (v.equals(r)) {
- p.println("signature verifies.");
- } else {
- p.println("signature does not verify.");
- }
- }
-
- /* Test vector: 512-bit keys generated by our key generator. */
-
- static BigInteger p512 =
- new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecb" +
- "cd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e1" +
- "2ed0899bcd132acd50d99151bdc43ee737592e17", 16);
-
- static BigInteger q512 =
- new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16);
-
- static BigInteger g512 =
- new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a43" +
- "4d6486931d2d14271b9e35030b71fd73da179069b32e" +
- "2935630e1c2062354d0da20a6c416e50be794ca4", 16);
-
- static BigInteger x512 =
- new BigInteger("3406c2d71b04b5fc0db62afcad58a6607d3de688", 16);
-
- static BigInteger y512 =
- new BigInteger("2d335d76b8ec9d610aa8f2cbb4b149fd96fdd" +
- "3a9a6e62bd6c2e01d406be4d1d72718a2fe08bea6d12f5e452474461f70f4" +
- "dea60508e9fe2eaec23d2ec5d1a866", 16);
-
- /* Official NIST 512-bit test keys */
-
- static String pString = "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0" +
- "cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec" +
- "0736ee31c80291";
-
- static BigInteger testP = new BigInteger(pString, 16);
-
- static String gString = "626d027839ea0a13413163a55b4cb500299d5522956ce" +
- "fcb3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9cc42e9f6f464b088cc5" +
- "72af53e6d78802";
-
- static BigInteger testG = new BigInteger(gString, 16);
-
- static BigInteger testQ = new BigInteger("c773218c737ec8ee993b4f2ded30" +
- "f48edace915f", 16);
-
- static BigInteger testX = new BigInteger("2070b3223dba372fde1c0ffc7b2e" +
- "3b498b260614", 16);
-
- static String yString = "19131871d75b1612a819f29d78d1b0d7346f7aa77" +
- "bb62a859bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74858fba33f44c06" +
- "699630a76b030ee333";
-
- static BigInteger testY = new BigInteger(yString, 16);
-
- /* End test vector values */
-
- private static void debug(String s) {
- if (debug) {
- System.err.println(s);
- }
- }
-
-}
diff --git a/org/mozilla/jss/netscape/security/provider/DSAKeyPairGenerator.java b/org/mozilla/jss/netscape/security/provider/DSAKeyPairGenerator.java
deleted file mode 100644
index c4942dea..00000000
--- a/org/mozilla/jss/netscape/security/provider/DSAKeyPairGenerator.java
+++ /dev/null
@@ -1,389 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.mozilla.jss.netscape.security.provider;
-
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGenerator;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.ProviderException;
-import java.security.SecureRandom;
-import java.security.interfaces.DSAParams;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-import java.util.Hashtable;
-
-import org.mozilla.jss.netscape.security.x509.AlgIdDSA;
-
-/**
- * This class generates DSA key parameters and public/private key
- * pairs according to the DSS standard NIST FIPS 186. It uses the
- * updated version of SHA, SHA-1 as described in FIPS 180-1.
- *
- * @author Benjamin Renaud
- *
- * @version 1.23, 97/12/10
- */
-
-public class DSAKeyPairGenerator extends KeyPairGenerator
- implements java.security.interfaces.DSAKeyPairGenerator {
-
- private static Hashtable<Integer, AlgIdDSA> precomputedParams;
-
- static {
-
- /* We support precomputed parameter for 512, 768 and 1024 bit
- moduli. In this file we provide both the seed and counter
- value of the generation process for each of these seeds,
- for validation purposes. We also include the test vectors
- from the DSA specification, FIPS 186, and the FIPS 186
- Change No 1, which updates the test vector using SHA-1
- instead of SHA (for both the G function and the message
- hash.
- */
-
- precomputedParams = new Hashtable<Integer, AlgIdDSA>();
-
- /*
- * L = 512
- * SEED = b869c82b35d70e1b1ff91b28e37a62ecdc34409b
- * counter = 123
- */
- BigInteger p512 =
- new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecb" +
- "cd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e1" +
- "2ed0899bcd132acd50d99151bdc43ee737592e17", 16);
-
- BigInteger q512 =
- new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16);
-
- BigInteger g512 =
- new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a43" +
- "4d6486931d2d14271b9e35030b71fd73da179069b32e" +
- "2935630e1c2062354d0da20a6c416e50be794ca4", 16);
-
- /*
- * L = 768
- * SEED = 77d0f8c4dad15eb8c4f2f8d6726cefd96d5bb399
- * counter = 263
- */
- BigInteger p768 =
- new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e" +
- "927b3a9670fbec5d890141922d2c3b3ad24800937" +
- "99869d1e846aab49fab0ad26d2ce6a22219d470bc" +
- "e7d777d4a21fbe9c270b57f607002f3cef8393694" +
- "cf45ee3688c11a8c56ab127a3daf", 16);
-
- BigInteger q768 =
- new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511",
- 16);
-
- BigInteger g768 =
- new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5fac" +
- "baecbe95f190aa7a31d23c4dbbcbe06174544401a" +
- "5b2c020965d8c2bd2171d3668445771f74ba084d2" +
- "029d83c1c158547f3a9f1a2715be23d51ae4d3e5a" +
- "1f6a7064f316933a346d3f529252", 16);
-
- /*
- * L = 1024
- * SEED = 8d5155894229d5e689ee01e6018a237e2cae64cd
- * counter = 92
- */
- BigInteger p1024 =
- new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523c" +
- "ef4400c31e3f80b6512669455d402251fb593d8d58" +
- "fabfc5f5ba30f6cb9b556cd7813b801d346ff26660" +
- "b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c6" +
- "1bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554" +
- "135a169132f675f3ae2b61d72aeff22203199dd148" +
- "01c7", 16);
-
- BigInteger q1024 =
- new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5",
- 16);
-
- BigInteger g1024 =
- new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa" +
- "3aea82f9574c0b3d0782675159578ebad4594fe671" +
- "07108180b449167123e84c281613b7cf09328cc8a6" +
- "e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f" +
- "0bfa213562f1fb627a01243bcca4f1bea8519089a8" +
- "83dfe15ae59f06928b665e807b552564014c3bfecf" +
- "492a", 16);
-
- try {
- AlgIdDSA alg512 = new AlgIdDSA(p512, q512, g512);
- AlgIdDSA alg768 = new AlgIdDSA(p768, q768, g768);
- AlgIdDSA alg1024 = new AlgIdDSA(p1024, q1024, g1024);
-
- precomputedParams.put(Integer.valueOf(512), alg512);
- precomputedParams.put(Integer.valueOf(768), alg768);
- precomputedParams.put(Integer.valueOf(1024), alg1024);
-
- } catch (Exception e) {
- throw new InternalError("initializing precomputed " +
- "algorithm parameters for Sun DSA");
- }
- }
-
- /* The modulus length */
- private int modlen = 1024;
-
- /* Generate new parameters, even if we have precomputed ones. */
- boolean generateNewParameters = false;
-
- /* preset algorithm parameters. */
- private BigInteger presetP, presetQ, presetG;
-
- /* The source of random bits to use */
- SecureRandom random;
-
- public DSAKeyPairGenerator() {
- super("DSA");
- }
-
- public void initialize(int strength, SecureRandom random) {
- if ((strength < 512) || (strength > 1024) || (strength % 64 != 0)) {
- throw new InvalidParameterException("Modulus size must range from 512 to 1024 "
- + "and be a multiple of 64");
- }
-
- /* Set the random */
- this.random = random;
- if (this.random == null) {
- this.random = new SecureRandom();
- }
-
- this.modlen = strength;
- DSAParams params = null;
-
- /* Find the precomputed parameters, if any */
- if (!generateNewParameters) {
- Integer mod = Integer.valueOf(this.modlen);
- params = precomputedParams.get(mod);
- }
- if (params != null) {
- setParams(params);
- }
- }
-
- /**
- * Initializes the DSA key pair generator. If <code>genParams</code> is false, a set of pre-computed parameters is
- * used. In this case, <code>modelen</code> must be 512, 768, or 1024.
- */
- public void initialize(int modlen, boolean genParams, SecureRandom random)
- throws InvalidParameterException {
- if (genParams == false && modlen != 512 && modlen != 768
- && modlen != 1024) {
- throw new InvalidParameterException("No precomputed parameters for requested modulus size "
- + "available");
- }
- this.generateNewParameters = genParams;
- initialize(modlen, random);
- }
-
- /**
- * Initializes the DSA object using a DSA parameter object.
- *
- * @param params a fully initialized DSA parameter object.
- */
- public void initialize(DSAParams params, SecureRandom random)
- throws InvalidParameterException {
- initialize(params.getP().bitLength(), random);
- setParams(params);
- }
-
- /**
- * Initializes the DSA object using a parameter object.
- *
- * @param params the parameter set to be used to generate
- * the keys.
- * @param random the source of randomness for this generator.
- *
- * @exception InvalidAlgorithmParameterException if the given parameters
- * are inappropriate for this key pair generator
- */
- public void initialize(AlgorithmParameterSpec params, SecureRandom random)
- throws InvalidAlgorithmParameterException {
- if (!(params instanceof DSAParameterSpec)) {
- throw new InvalidAlgorithmParameterException("Inappropriate parameter");
- }
- initialize(((DSAParameterSpec) params).getP().bitLength(),
- random);
- setParams((DSAParameterSpec) params);
- }
-
- /**
- * Generates a pair of keys usable by any JavaSecurity compliant
- * DSA implementation.
- *
- * @param rnd the source of random bits from which the random key
- * generation parameters are drawn. In particular, this includes
- * the XSEED parameter.
- *
- * @exception InvalidParameterException if the modulus is not
- * between 512 and 1024.
- */
- public KeyPair generateKeyPair() {
-
- // set random if initialize() method has been skipped
- if (this.random == null) {
- this.random = new SecureRandom();
- }
-
- if (presetP == null || presetQ == null || presetG == null ||
- generateNewParameters) {
-
- AlgorithmParameterGenerator dsaParamGen;
-
- try {
- dsaParamGen = AlgorithmParameterGenerator.getInstance("DSA",
- "SUN");
- } catch (NoSuchAlgorithmException e) {
- // this should never happen, because we provide it
- throw new RuntimeException(e.getMessage());
- } catch (NoSuchProviderException e) {
- // this should never happen, because we provide it
- throw new RuntimeException(e.getMessage());
- }
-
- dsaParamGen.init(modlen, random);
-
- DSAParameterSpec dsaParamSpec;
- try {
- dsaParamSpec = dsaParamGen.generateParameters().getParameterSpec
- (DSAParameterSpec.class);
- } catch (InvalidParameterSpecException e) {
- // this should never happen
- throw new RuntimeException(e.getMessage());
- }
- presetP = dsaParamSpec.getP();
- presetQ = dsaParamSpec.getQ();
- presetG = dsaParamSpec.getG();
- }
-
- return generateKeyPair(presetP, presetQ, presetG, random);
- }
-
- public KeyPair generateKeyPair(BigInteger p, BigInteger q, BigInteger g,
- SecureRandom random) {
-
- BigInteger x = generateX(random, q);
- BigInteger y = generateY(x, p, g);
-
- try {
- DSAPublicKey pub = new DSAPublicKey(y, p, q, g);
- DSAPrivateKey priv = new DSAPrivateKey(x, p, q, g);
-
- KeyPair pair = new KeyPair(pub, priv);
- return pair;
-
- } catch (InvalidKeyException e) {
- throw new ProviderException(e.getMessage());
- }
- }
-
- /**
- * Generate the private key component of the key pair using the
- * provided source of random bits. This method uses the random but
- * source passed to generate a seed and then calls the seed-based
- * generateX method.
- */
- private BigInteger generateX(SecureRandom random, BigInteger q) {
- BigInteger x = null;
- while (true) {
- int[] seed = new int[5];
- for (int i = 0; i < 5; i++) {
- seed[i] = random.nextInt();
- }
- x = generateX(seed, q);
- if (x.signum() > 0 && (x.compareTo(q) < 0)) {
- break;
- }
- }
- return x;
- }
-
- /**
- * Given a seed, generate the private key component of the key
- * pair. In the terminology used in the DSA specification
- * (FIPS-186) seed is the XSEED quantity.
- *
- * @param seed the seed to use to generate the private key.
- */
- BigInteger generateX(int[] seed, BigInteger q) {
-
- /* Test vector
- int[] tseed = { 0xbd029bbe, 0x7f51960b, 0xcf9edb2b,
- 0x61f06f0f, 0xeb5a38b6 };
- seed = tseed;
- */
- // check out t in the spec.
- int[] t = { 0x67452301, 0xEFCDAB89, 0x98BADCFE,
- 0x10325476, 0xC3D2E1F0 };
- //
-
- int[] tmp = DSA.SHA_7(seed, t);
- byte[] tmpBytes = new byte[tmp.length * 4];
- for (int i = 0; i < tmp.length; i++) {
- int k = tmp[i];
- for (int j = 0; j < 4; j++) {
- tmpBytes[(i * 4) + j] = (byte) (k >>> (24 - (j * 8)));
- }
- }
- BigInteger x = new BigInteger(1, tmpBytes).mod(q);
- return x;
- }
-
- /**
- * Generate the public key component y of the key pair.
- *
- * @param x the private key component.
- *
- * @param p the base parameter.
- */
- BigInteger generateY(BigInteger x, BigInteger p, BigInteger g) {
- BigInteger y = g.modPow(x, p);
- return y;
- }
-
- /**
- * Set the parameters.
- */
- private void setParams(DSAParams params) {
- presetP = params.getP();
- presetQ = params.getQ();
- presetG = params.getG();
- }
-
- /**
- * Set the parameters.
- */
- private void setParams(DSAParameterSpec params) {
- presetP = params.getP();
- presetQ = params.getQ();
- presetG = params.getG();
- }
-}
diff --git a/org/mozilla/jss/netscape/security/provider/DSAParameterGenerator.java b/org/mozilla/jss/netscape/security/provider/DSAParameterGenerator.java
deleted file mode 100644
index 5cd86c79..00000000
--- a/org/mozilla/jss/netscape/security/provider/DSAParameterGenerator.java
+++ /dev/null
@@ -1,298 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.mozilla.jss.netscape.security.provider;
-
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGeneratorSpi;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-/*
- * This class generates parameters for the DSA algorithm. It uses a default
- * prime modulus size of 1024 bits, which can be overwritten during
- * initialization.
- *
- * @author Jan Luehe
- *
- * @version 1.4, 97/12/10
- *
- * @see java.security.AlgorithmParameters
- * @see java.security.spec.AlgorithmParameterSpec
- * @see DSAParameters
- *
- * @since JDK1.2
- */
-
-public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi {
-
- // the modulus length
- private int modLen = 1024; // default
-
- // the source of randomness
- private SecureRandom random;
-
- // useful constants
- private static final BigInteger ONE = BigInteger.valueOf(1);
- private static final BigInteger TWO = BigInteger.valueOf(2);
-
- // Make a SHA-1 hash function
- private SHA sha;
-
- public DSAParameterGenerator() {
- this.sha = new SHA();
- }
-
- /**
- * Initializes this parameter generator for a certain strength
- * and source of randomness.
- *
- * @param strength the strength (size of prime) in bits
- * @param random the source of randomness
- */
- protected void engineInit(int strength, SecureRandom random) {
- /*
- * Bruce Schneier, "Applied Cryptography", 2nd Edition,
- * Description of DSA:
- * [...] The algorithm uses the following parameter:
- * p=a prime number L bits long, when L ranges from 512 to 1024 and is
- * a multiple of 64. [...]
- */
- if ((strength < 512) || (strength > 1024) || (strength % 64 != 0)) {
- throw new InvalidParameterException("Prime size must range from 512 to 1024 "
- + "and be a multiple of 64");
- }
- this.modLen = strength;
- this.random = random;
- }
-
- /**
- * Initializes this parameter generator with a set of
- * algorithm-specific parameter generation values.
- *
- * @param params the set of algorithm-specific parameter generation values
- * @param random the source of randomness
- *
- * @exception InvalidAlgorithmParameterException if the given parameter
- * generation values are inappropriate for this parameter generator
- */
- protected void engineInit(AlgorithmParameterSpec genParamSpec,
- SecureRandom random)
- throws InvalidAlgorithmParameterException {
- throw new InvalidAlgorithmParameterException("Invalid parameter");
- }
-
- /**
- * Generates the parameters.
- *
- * @return the new AlgorithmParameters object
- */
- protected AlgorithmParameters engineGenerateParameters() {
- AlgorithmParameters algParams = null;
- try {
- if (this.random == null) {
- this.random = new SecureRandom();
- }
-
- BigInteger[] pAndQ = generatePandQ(this.random, this.modLen);
- BigInteger paramP = pAndQ[0];
- BigInteger paramQ = pAndQ[1];
- BigInteger paramG = generateG(paramP, paramQ);
-
- DSAParameterSpec dsaParamSpec = new DSAParameterSpec(paramP,
- paramQ,
- paramG);
- algParams = AlgorithmParameters.getInstance("DSA", "SUN");
- algParams.init(dsaParamSpec);
- } catch (InvalidParameterSpecException e) {
- // this should never happen
- throw new RuntimeException(e.getMessage());
- } catch (NoSuchAlgorithmException e) {
- // this should never happen, because we provide it
- throw new RuntimeException(e.getMessage());
- } catch (NoSuchProviderException e) {
- // this should never happen, because we provide it
- throw new RuntimeException(e.getMessage());
- }
-
- return algParams;
- }
-
- /*
- * Generates the prime and subprime parameters for DSA,
- * using the provided source of randomness.
- * This method will generate new seeds until a suitable
- * seed has been found.
- *
- * @param random the source of randomness to generate the
- * seed
- * @param L the size of <code>p</code>, in bits.
- *
- * @return an array of BigInteger, with <code>p</code> at index 0 and
- * <code>q</code> at index 1.
- */
- BigInteger[] generatePandQ(SecureRandom random, int L) {
- BigInteger[] result = null;
- byte[] seed = new byte[20];
-
- while (result == null) {
- for (int i = 0; i < 20; i++) {
- seed[i] = (byte) random.nextInt();
- }
- result = generatePandQ(seed, L);
- }
- return result;
- }
-
- /*
- * Generates the prime and subprime parameters for DSA.
- *
- * <p>The seed parameter corresponds to the <code>SEED</code> parameter
- * referenced in the FIPS specification of the DSA algorithm,
- * and L is the size of <code>p</code>, in bits.
- *
- * @param seed the seed to generate the parameters
- * @param L the size of <code>p</code>, in bits.
- *
- * @return an array of BigInteger, with <code>p</code> at index 0,
- * <code>q</code> at index 1, the seed at index 2, and the counter value
- * at index 3, or null if the seed does not yield suitable numbers.
- */
- BigInteger[] generatePandQ(byte[] seed, int L) {
-
- /* Useful variables */
- int g = seed.length * 8;
- int n = (L - 1) / 160;
- int b = (L - 1) % 160;
-
- BigInteger SEED = new BigInteger(1, seed);
- BigInteger TWOG = TWO.pow(2 * g);
-
- /* Step 2 (Step 1 is getting seed). */
- byte[] U1 = SHA(seed);
- byte[] U2 = SHA(toByteArray((SEED.add(ONE)).mod(TWOG)));
-
- xor(U1, U2);
- byte[] U = U1;
-
- /* Step 3: For q by setting the msb and lsb to 1 */
- U[0] |= 0x80;
- U[19] |= 1;
- BigInteger q = new BigInteger(1, U);
-
- /* Step 5 */
- if (!q.isProbablePrime(40)) {
- return null;
-
- } else {
- BigInteger V[] = new BigInteger[n + 1];
- BigInteger offset = TWO;
-
- /* Step 6 */
- for (int counter = 0; counter < 4096; counter++) {
-
- /* Step 7 */
- for (int k = 0; k <= n; k++) {
- BigInteger K = BigInteger.valueOf(k);
- BigInteger tmp = (SEED.add(offset).add(K)).mod(TWOG);
- V[k] = new BigInteger(1, SHA(toByteArray(tmp)));
- }
-
- /* Step 8 */
- BigInteger W = V[0];
- for (int i = 1; i < n; i++) {
- W = W.add(V[i].multiply(TWO.pow(i * 160)));
- }
- W = W.add((V[n].mod(TWO.pow(b))).multiply(TWO.pow(n * 160)));
-
- BigInteger TWOLm1 = TWO.pow(L - 1);
- BigInteger X = W.add(TWOLm1);
-
- /* Step 9 */
- BigInteger c = X.mod(q.multiply(TWO));
- BigInteger p = X.subtract(c.subtract(ONE));
-
- /* Step 10 - 13 */
- if (p.compareTo(TWOLm1) > -1 && p.isProbablePrime(15)) {
- BigInteger[] result = { p, q, SEED,
- BigInteger.valueOf(counter) };
- return result;
- }
- offset = offset.add(BigInteger.valueOf(n)).add(ONE);
- }
- return null;
- }
- }
-
- /*
- * Generates the <code>g</code> parameter for DSA.
- *
- * @param p the prime, <code>p</code>.
- * @param q the subprime, <code>q</code>.
- *
- * @param the <code>g</code>
- */
- BigInteger generateG(BigInteger p, BigInteger q) {
- BigInteger h = ONE;
- BigInteger pMinusOneOverQ = (p.subtract(ONE)).divide(q);
- BigInteger g = ONE;
- while (g.compareTo(TWO) < 0) {
- g = h.modPow(pMinusOneOverQ, p);
- h = h.add(ONE);
- }
- return g;
- }
-
- /*
- * Returns the SHA-1 digest of some data
- */
- private byte[] SHA(byte[] array) {
- sha.engineReset();
- sha.engineUpdate(array, 0, array.length);
- return sha.engineDigest();
- }
-
- /*
- * Converts the result of a BigInteger.toByteArray call to an exact
- * signed magnitude representation for any positive number.
- */
- private byte[] toByteArray(BigInteger bigInt) {
- byte[] result = bigInt.toByteArray();
- if (result[0] == 0) {
- byte[] tmp = new byte[result.length - 1];
- System.arraycopy(result, 1, tmp, 0, tmp.length);
- result = tmp;
- }
- return result;
- }
-
- /*
- * XORs U2 into U1
- */
- private void xor(byte[] U1, byte[] U2) {
- for (int i = 0; i < U1.length; i++) {
- U1[i] ^= U2[i];
- }
- }
-}
diff --git a/org/mozilla/jss/netscape/security/provider/MD5.java b/org/mozilla/jss/netscape/security/provider/MD5.java
deleted file mode 100644
index d46da4fc..00000000
--- a/org/mozilla/jss/netscape/security/provider/MD5.java
+++ /dev/null
@@ -1,378 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.mozilla.jss.netscape.security.provider;
-
-import java.security.DigestException;
-import java.security.MessageDigestSpi;
-
-/**
- * The MD5 class is used to compute an MD5 message digest over a given
- * buffer of bytes. It is an implementation of the RSA Data Security Inc
- * MD5 algorithim as described in internet RFC 1321.
- *
- * @version 1.24 97/12/10
- * @author Chuck McManis
- * @author Benjamin Renaud
- */
-
-public final class MD5 extends MessageDigestSpi implements Cloneable {
-
- /** contains the computed message digest */
- private byte[] digestBits;
-
- private int state[];
- private long count; // bit count AND buffer[] index aid
- private byte buffer[];
- private int transformBuffer[];
-
- private static final int S11 = 7;
- private static final int S12 = 12;
- private static final int S13 = 17;
- private static final int S14 = 22;
- private static final int S21 = 5;
- private static final int S22 = 9;
- private static final int S23 = 14;
- private static final int S24 = 20;
- private static final int S31 = 4;
- private static final int S32 = 11;
- private static final int S33 = 16;
- private static final int S34 = 23;
- private static final int S41 = 6;
- private static final int S42 = 10;
- private static final int S43 = 15;
- private static final int S44 = 21;
-
- private static final int MD5_LENGTH = 16;
-
- /**
- * Standard constructor, creates a new MD5 instance, allocates its
- * buffers from the heap.
- */
- public MD5() {
- init();
- }
-
- /* **********************************************************
- * The MD5 Functions. These are copied verbatim from
- * the RFC to insure accuracy. The results of this
- * implementation were checked against the RSADSI version.
- * **********************************************************
- */
-
- private int F(int x, int y, int z) {
- return ((x & y) | ((~x) & z));
- }
-
- private int G(int x, int y, int z) {
- return ((x & z) | (y & (~z)));
- }
-
- private int H(int x, int y, int z) {
- return ((x ^ y) ^ z);
- }
-
- private int I(int x, int y, int z) {
- return (y ^ (x | (~z)));
- }
-
- private int rotateLeft(int a, int n) {
- return ((a << n) | (a >>> (32 - n)));
- }
-
- private int FF(int a, int b, int c, int d, int x, int s, int ac) {
- a += F(b, c, d) + x + ac;
- a = rotateLeft(a, s);
- a += b;
- return a;
- }
-
- private int GG(int a, int b, int c, int d, int x, int s, int ac) {
- a += G(b, c, d) + x + ac;
- a = rotateLeft(a, s);
- a += b;
- return a;
- }
-
- private int HH(int a, int b, int c, int d, int x, int s, int ac) {
- a += H(b, c, d) + x + ac;
- a = rotateLeft(a, s);
- a += b;
- return a;
- }
-
- private int II(int a, int b, int c, int d, int x, int s, int ac) {
- a += I(b, c, d) + x + ac;
- a = rotateLeft(a, s);
- a += b;
- return a;
- }
-
- /**
- * This is where the functions come together as the generic MD5
- * transformation operation, it is called by update() which is
- * synchronized (to protect transformBuffer). It consumes sixteen
- * bytes from the buffer, beginning at the specified offset.
- */
- void transform(byte buf[], int offset) {
- int a, b, c, d;
- int x[] = transformBuffer;
-
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
-
- for (int i = 0; i < 16; i++) {
- x[i] = buf[i * 4 + offset] & 0xff;
- for (int j = 1; j < 4; j++) {
- x[i] += (buf[i * 4 + j + offset] & 0xff) << (j * 8);
- }
- }
-
- /* Round 1 */
- a = FF(a, b, c, d, x[0], S11, 0xd76aa478); /* 1 */
- d = FF(d, a, b, c, x[1], S12, 0xe8c7b756); /* 2 */
- c = FF(c, d, a, b, x[2], S13, 0x242070db); /* 3 */
- b = FF(b, c, d, a, x[3], S14, 0xc1bdceee); /* 4 */
- a = FF(a, b, c, d, x[4], S11, 0xf57c0faf); /* 5 */
- d = FF(d, a, b, c, x[5], S12, 0x4787c62a); /* 6 */
- c = FF(c, d, a, b, x[6], S13, 0xa8304613); /* 7 */
- b = FF(b, c, d, a, x[7], S14, 0xfd469501); /* 8 */
- a = FF(a, b, c, d, x[8], S11, 0x698098d8); /* 9 */
- d = FF(d, a, b, c, x[9], S12, 0x8b44f7af); /* 10 */
- c = FF(c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
- b = FF(b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
- a = FF(a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
- d = FF(d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
- c = FF(c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
- b = FF(b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-
- /* Round 2 */
- a = GG(a, b, c, d, x[1], S21, 0xf61e2562); /* 17 */
- d = GG(d, a, b, c, x[6], S22, 0xc040b340); /* 18 */
- c = GG(c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
- b = GG(b, c, d, a, x[0], S24, 0xe9b6c7aa); /* 20 */
- a = GG(a, b, c, d, x[5], S21, 0xd62f105d); /* 21 */
- d = GG(d, a, b, c, x[10], S22, 0x2441453); /* 22 */
- c = GG(c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
- b = GG(b, c, d, a, x[4], S24, 0xe7d3fbc8); /* 24 */
- a = GG(a, b, c, d, x[9], S21, 0x21e1cde6); /* 25 */
- d = GG(d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
- c = GG(c, d, a, b, x[3], S23, 0xf4d50d87); /* 27 */
- b = GG(b, c, d, a, x[8], S24, 0x455a14ed); /* 28 */
- a = GG(a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
- d = GG(d, a, b, c, x[2], S22, 0xfcefa3f8); /* 30 */
- c = GG(c, d, a, b, x[7], S23, 0x676f02d9); /* 31 */
- b = GG(b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-
- /* Round 3 */
- a = HH(a, b, c, d, x[5], S31, 0xfffa3942); /* 33 */
- d = HH(d, a, b, c, x[8], S32, 0x8771f681); /* 34 */
- c = HH(c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
- b = HH(b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
- a = HH(a, b, c, d, x[1], S31, 0xa4beea44); /* 37 */
- d = HH(d, a, b, c, x[4], S32, 0x4bdecfa9); /* 38 */
- c = HH(c, d, a, b, x[7], S33, 0xf6bb4b60); /* 39 */
- b = HH(b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
- a = HH(a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
- d = HH(d, a, b, c, x[0], S32, 0xeaa127fa); /* 42 */
- c = HH(c, d, a, b, x[3], S33, 0xd4ef3085); /* 43 */
- b = HH(b, c, d, a, x[6], S34, 0x4881d05); /* 44 */
- a = HH(a, b, c, d, x[9], S31, 0xd9d4d039); /* 45 */
- d = HH(d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
- c = HH(c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
- b = HH(b, c, d, a, x[2], S34, 0xc4ac5665); /* 48 */
-
- /* Round 4 */
- a = II(a, b, c, d, x[0], S41, 0xf4292244); /* 49 */
- d = II(d, a, b, c, x[7], S42, 0x432aff97); /* 50 */
- c = II(c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
- b = II(b, c, d, a, x[5], S44, 0xfc93a039); /* 52 */
- a = II(a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
- d = II(d, a, b, c, x[3], S42, 0x8f0ccc92); /* 54 */
- c = II(c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
- b = II(b, c, d, a, x[1], S44, 0x85845dd1); /* 56 */
- a = II(a, b, c, d, x[8], S41, 0x6fa87e4f); /* 57 */
- d = II(d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
- c = II(c, d, a, b, x[6], S43, 0xa3014314); /* 59 */
- b = II(b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
- a = II(a, b, c, d, x[4], S41, 0xf7537e82); /* 61 */
- d = II(d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
- c = II(c, d, a, b, x[2], S43, 0x2ad7d2bb); /* 63 */
- b = II(b, c, d, a, x[9], S44, 0xeb86d391); /* 64 */
-
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
- }
-
- /**
- * Initialize the MD5 state information and reset the bit count
- * to 0. Given this implementation you are constrained to counting
- * 2^64 bits.
- */
- public void init() {
- state = new int[4];
- transformBuffer = new int[16];
- synchronized (this) {
- buffer = new byte[64];
- }
- digestBits = new byte[16];
- count = 0;
- // Load magic initialization constants.
- state[0] = 0x67452301;
- state[1] = 0xefcdab89;
- state[2] = 0x98badcfe;
- state[3] = 0x10325476;
- for (int i = 0; i < digestBits.length; i++)
- digestBits[i] = 0;
- }
-
- protected void engineReset() {
- init();
- }
-
- /**
- * Return the digest length in bytes
- */
- protected int engineGetDigestLength() {
- return (MD5_LENGTH);
- }
-
- /**
- * Update adds the passed byte to the digested data.
- */
- protected synchronized void engineUpdate(byte b) {
- int index;
-
- index = (int) ((count >>> 3) & 0x3f);
- count += 8;
- buffer[index] = b;
- if (index >= 63) {
- transform(buffer, 0);
- }
- }
-
- /**
- * Update adds the selected part of an array of bytes to the digest.
- * This version is more efficient than the byte-at-a-time version;
- * it avoids data copies and reduces per-byte call overhead.
- */
- protected synchronized void engineUpdate(byte input[], int offset,
- int len) {
- int i;
-
- for (i = offset; len > 0;) {
- int index = (int) ((count >>> 3) & 0x3f);
-
- if (index == 0 && len > 64) {
- count += (64 * 8);
- transform(input, i);
- len -= 64;
- i += 64;
- } else {
- count += 8;
- buffer[index] = input[i];
- if (index >= 63)
- transform(buffer, 0);
- i++;
- len--;
- }
- }
- }
-
- /**
- * Perform the final computations, any buffered bytes are added
- * to the digest, the count is added to the digest, and the resulting
- * digest is stored. After calling final you will need to call
- * init() again to do another digest.
- */
- private void finish() {
- byte bits[] = new byte[8];
- byte padding[];
- int i, index, padLen;
-
- for (i = 0; i < 8; i++) {
- bits[i] = (byte) ((count >>> (i * 8)) & 0xff);
- }
-
- index = (int) (count >> 3) & 0x3f;
- padLen = (index < 56) ? (56 - index) : (120 - index);
- padding = new byte[padLen];
- padding[0] = (byte) 0x80;
- engineUpdate(padding, 0, padding.length);
- engineUpdate(bits, 0, bits.length);
-
- for (i = 0; i < 4; i++) {
- for (int j = 0; j < 4; j++) {
- digestBits[i * 4 + j] = (byte) ((state[i] >>> (j * 8)) & 0xff);
- }
- }
- }
-
- /**
- */
- protected byte[] engineDigest() {
- finish();
-
- byte[] result = new byte[MD5_LENGTH];
- System.arraycopy(digestBits, 0, result, 0, MD5_LENGTH);
-
- init();
-
- return result;
- }
-
- /**
- */
- protected int engineDigest(byte[] buf, int offset, int len)
- throws DigestException {
- finish();
-
- if (len < MD5_LENGTH)
- throw new DigestException("partial digests not returned");
- if (buf.length - offset < MD5_LENGTH)
- throw new DigestException("insufficient space in the output " +
- "buffer to store the digest");
-
- System.arraycopy(digestBits, 0, buf, offset, MD5_LENGTH);
-
- init();
-
- return MD5_LENGTH;
- }
-
- /*
- * Clones this object.
- */
- public Object clone() {
- MD5 that = null;
- try {
- that = (MD5) super.clone();
- that.state = this.state.clone();
- that.transformBuffer = this.transformBuffer.clone();
- that.buffer = this.buffer.clone();
- that.digestBits = this.digestBits.clone();
- that.count = this.count;
- return that;
- } catch (CloneNotSupportedException e) {
- }
- return that;
- }
-}
diff --git a/org/mozilla/jss/netscape/security/provider/SHA.java b/org/mozilla/jss/netscape/security/provider/SHA.java
deleted file mode 100644
index a911e386..00000000
--- a/org/mozilla/jss/netscape/security/provider/SHA.java
+++ /dev/null
@@ -1,349 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package org.mozilla.jss.netscape.security.provider;
-
-import java.security.DigestException;
-import java.security.MessageDigestSpi;
-
-/**
- * This class implements the Secure Hash Algorithm (SHA) developed by
- * the National Institute of Standards and Technology along with the
- * National Security Agency. This is the updated version of SHA
- * fip-180 as superseded by fip-180-1.
- *
- * <p>
- * It implement JavaSecurity MessageDigest, and can be used by in the Java Security framework, as a pluggable
- * implementation, as a filter for the digest stream classes.
- *
- * @version 1.30 97/12/10
- * @author Roger Riggs
- * @author Benjamin Renaud
- */
-
-public class SHA extends MessageDigestSpi implements Cloneable {
-
- /* This private hookm controlled by the appropriate constructor,
- causes this class to implement the first version of SHA,
- as defined in FIPS 180, as opposed to FIPS 180-1. This was
- useful for DSA testing. */
- private int version = 1;
-
- private static final int SHA_LENGTH = 20;
-
- // Buffer of int's and count of characters accumulated
- // 64 bytes are included in each hash block so the low order
- // bits of count are used to know how to pack the bytes into ints
- // and to know when to compute the block and start the next one.
- private int W[] = new int[80];
- private long count = 0;
- private final int countmax = 64;
- private final int countmask = (countmax - 1);
-
- private int AA, BB, CC, DD, EE;
-
- SHA(int version) {
- this();
- this.version = version;
- }
-
- /**
- * Creates a new SHA object.
- */
- public SHA() {
- init();
- }
-
- /**
- * Return the length of the digest in bytes
- */
- protected int engineGetDigestLength() {
- return (SHA_LENGTH);
- }
-
- public void engineUpdate(byte b) {
- engineUpdate((int) b);
- }
-
- /**
- * Update a byte.
- *
- * @param b the byte
- */
- private void engineUpdate(int b) {
- int word;
- int offset;
-
- /* compute word offset and bit offset within word the low bits
- of count are inverted to make put the bytes in the write
- order */
- word = ((int) count & countmask) >>> 2;
- offset = (~(int) count & 3) << 3;
-
- W[word] = (W[word] & ~(0xff << offset)) | ((b & 0xff) << offset);
-
- /* If this is the last byte of a block, compute the partial hash */
- if (((int) count & countmask) == countmask) {
- computeBlock();
- }
- count++;
- }
-
- /**
- * Update a buffer.
- *
- * @param b the data to be updated.
- * @param off the start offset in the data
- * @param len the number of bytes to be updated.
- */
- public void engineUpdate(byte b[], int off, int len) {
- int word;
-
- if ((off < 0) || (len < 0) || (off + len > b.length))
- throw new ArrayIndexOutOfBoundsException();
-
- // Use single writes until integer aligned
- while ((len > 0) &&
- ((int) count & 3) != 0) {
- engineUpdate(b[off]);
- off++;
- len--;
- }
-
- /* Assemble groups of 4 bytes to be inserted in integer array */
- for (; len >= 4; len -= 4, off += 4) {
-
- word = ((int) count & countmask) >> 2;
-
- W[word] = ((b[off] & 0xff) << 24) |
- ((b[off + 1] & 0xff) << 16) |
- ((b[off + 2] & 0xff) << 8) |
- ((b[off + 3] & 0xff));
-
- count += 4;
- if (((int) count & countmask) == 0) {
- computeBlock();
- }
- }
-
- /* Use single writes for last few bytes */
- for (; len > 0; len--, off++) {
- engineUpdate(b[off]);
- }
- }
-
- /**
- * Resets the buffers and hash value to start a new hash.
- */
- public void init() {
- AA = 0x67452301;
- BB = 0xefcdab89;
- CC = 0x98badcfe;
- DD = 0x10325476;
- EE = 0xc3d2e1f0;
-
- for (int i = 0; i < 80; i++)
- W[i] = 0;
- count = 0;
- }
-
- /**
- * Resets the buffers and hash value to start a new hash.
- */
- public void engineReset() {
- init();
- }
-
- /**
- * Computes the final hash and returns the final value as a
- * byte[20] array. The object is reset to be ready for further
- * use, as specified in the JavaSecurity MessageDigest
- * specification.
- */
- public byte[] engineDigest() {
- byte hashvalue[] = new byte[SHA_LENGTH];
-
- try {
- engineDigest(hashvalue, 0, hashvalue.length);
- } catch (DigestException e) {
- throw new InternalError("");
- }
- return hashvalue;
- }
-
- /**
- * Computes the final hash and returns the final value as a
- * byte[20] array. The object is reset to be ready for further
- * use, as specified in the JavaSecurity MessageDigest
- * specification.
- */
- public int engineDigest(byte[] hashvalue, int offset, int len)
- throws DigestException {
-
- if (len < SHA_LENGTH)
- throw new DigestException("partial digests not returned");
- if (hashvalue.length - offset < SHA_LENGTH)
- throw new DigestException("insufficient space in the output " +
- "buffer to store the digest");
-
- /* The number of bits before padding occurs */
- long bits = count << 3;
-
- engineUpdate(0x80);
-
- /* Pad with zeros until length is a multiple of 448 (the last two
- 32 ints are used a holder for bits (see above). */
- while ((int) (count & countmask) != 56) {
- engineUpdate(0);
- }
-
- W[14] = (int) (bits >>> 32);
- W[15] = (int) (bits & 0xffffffff);
-
- count += 8;
- computeBlock();
-
- // Copy out the result
- hashvalue[offset + 0] = (byte) (AA >>> 24);
- hashvalue[offset + 1] = (byte) (AA >>> 16);
- hashvalue[offset + 2] = (byte) (AA >>> 8);
- hashvalue[offset + 3] = (byte) (AA >>> 0);
-
- hashvalue[offset + 4] = (byte) (BB >>> 24);
- hashvalue[offset + 5] = (byte) (BB >>> 16);
- hashvalue[offset + 6] = (byte) (BB >>> 8);
- hashvalue[offset + 7] = (byte) (BB >>> 0);
-
- hashvalue[offset + 8] = (byte) (CC >>> 24);
- hashvalue[offset + 9] = (byte) (CC >>> 16);
- hashvalue[offset + 10] = (byte) (CC >>> 8);
- hashvalue[offset + 11] = (byte) (CC >>> 0);
-
- hashvalue[offset + 12] = (byte) (DD >>> 24);
- hashvalue[offset + 13] = (byte) (DD >>> 16);
- hashvalue[offset + 14] = (byte) (DD >>> 8);
- hashvalue[offset + 15] = (byte) (DD >>> 0);
-
- hashvalue[offset + 16] = (byte) (EE >>> 24);
- hashvalue[offset + 17] = (byte) (EE >>> 16);
- hashvalue[offset + 18] = (byte) (EE >>> 8);
- hashvalue[offset + 19] = (byte) (EE >>> 0);
-
- engineReset(); // remove the evidence
-
- return SHA_LENGTH;
- }
-
- // Constants for each round
- private final int round1_kt = 0x5a827999;
- private final int round2_kt = 0x6ed9eba1;
- private final int round3_kt = 0x8f1bbcdc;
- private final int round4_kt = 0xca62c1d6;
-
- /**
- * Compute a the hash for the current block.
- *
- * This is in the same vein as Peter Gutmann's algorithm listed in
- * the back of Applied Cryptography, Compact implementation of
- * "old" NIST Secure Hash Algorithm.
- *
- */
- private void computeBlock() {
- int temp, a, b, c, d, e;
-
- // The first 16 ints have the byte stream, compute the rest of
- // the buffer
- for (int t = 16; t <= 79; t++) {
- if (version == 0) {
- W[t] = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
- } else {
- temp = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
- W[t] = ((temp << 1) | (temp >>> (32 - 1)));
- }
- }
-
- a = AA;
- b = BB;
- c = CC;
- d = DD;
- e = EE;
-
- // Round 1
- for (int i = 0; i < 20; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- ((b & c) | ((~b) & d)) + e + W[i] + round1_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 2
- for (int i = 20; i < 40; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- (b ^ c ^ d) + e + W[i] + round2_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 3
- for (int i = 40; i < 60; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- ((b & c) | (b & d) | (c & d)) + e + W[i] + round3_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
-
- // Round 4
- for (int i = 60; i < 80; i++) {
- temp = ((a << 5) | (a >>> (32 - 5))) +
- (b ^ c ^ d) + e + W[i] + round4_kt;
- e = d;
- d = c;
- c = ((b << 30) | (b >>> (32 - 30)));
- b = a;
- a = temp;
- }
- AA += a;
- BB += b;
- CC += c;
- DD += d;
- EE += e;
- }
-
- /*
- * Clones this object.
- */
- public Object clone() {
- SHA that = null;
- try {
- that = (SHA) super.clone();
- that.W = new int[80];
- System.arraycopy(this.W, 0, that.W, 0, W.length);
- return that;
- } catch (CloneNotSupportedException e) {
- }
- return that;
- }
-}
diff --git a/org/mozilla/jss/netscape/security/provider/Sun.java b/org/mozilla/jss/netscape/security/provider/Sun.java
index 94e72ef4..dd12d26d 100644
--- a/org/mozilla/jss/netscape/security/provider/Sun.java
+++ b/org/mozilla/jss/netscape/security/provider/Sun.java
@@ -68,54 +68,11 @@ public final class Sun extends Provider {
// AccessController.beginPrivileged();
- /*
- * Signature engines
- */
- put("Signature.DSA", "org.mozilla.jss.netscape.security.provider.DSA");
-
- put("Alg.Alias.Signature.SHA/DSA", "DSA");
- put("Alg.Alias.Signature.SHA1/DSA", "DSA");
- put("Alg.Alias.Signature.SHA-1/DSA", "DSA");
- put("Alg.Alias.Signature.DSS", "DSA");
- put("Alg.Alias.Signature.OID.1.3.14.3.2.13", "DSA");
- put("Alg.Alias.Signature.OID.1.3.14.3.2.27", "DSA");
- put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "DSA");
- // the following are not according to our formal spec but
- // are still supported
- put("Alg.Alias.Signature.1.3.14.3.2.13", "DSA");
- put("Alg.Alias.Signature.1.3.14.3.2.27", "DSA");
- put("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
- put("Alg.Alias.Signature.SHAwithDSA", "DSA");
- put("Alg.Alias.Signature.SHA1withDSA", "DSA");
-
- /*
- * Key Pair Generator engines
- */
- put("KeyPairGenerator.DSA",
- "org.mozilla.jss.netscape.security.provider.DSAKeyPairGenerator");
-
- put("Alg.Alias.KeyPairGenerator.OID.1.3.14.3.2.12", "DSA");
- put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA");
// the following are not according to our formal spec but
// are still supported
put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA");
put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA");
- /*
- * Digest engines
- */
- put("MessageDigest.MD5", "org.mozilla.jss.netscape.security.provider.MD5");
- put("MessageDigest.SHA-1", "org.mozilla.jss.netscape.security.provider.SHA");
-
- put("Alg.Alias.MessageDigest.SHA", "SHA-1");
- put("Alg.Alias.MessageDigest.SHA1", "SHA-1");
-
- /*
- * Algorithm Parameter Generator engines
- */
- put("AlgorithmParameterGenerator.DSA",
- "org.mozilla.jss.netscape.security.provider.DSAParameterGenerator");
-
/*
* Algorithm Parameter engines
*/
--
2.21.0