1 /* DHKeyPairX509Codec.java -- X.509 DER encoder/decoder for DH keys
2 Copyright (C) 2006 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package gnu.javax.crypto.key.dh;
41 import java.io.ByteArrayOutputStream;
42 import java.io.IOException;
43 import java.math.BigInteger;
44 import java.security.InvalidParameterException;
45 import java.security.PrivateKey;
46 import java.security.PublicKey;
47 import java.util.ArrayList;
49 import gnu.java.security.OID;
50 import gnu.java.security.Registry;
51 import gnu.java.security.der.BitString;
52 import gnu.java.security.der.DER;
53 import gnu.java.security.der.DERReader;
54 import gnu.java.security.der.DERValue;
55 import gnu.java.security.der.DERWriter;
56 import gnu.java.security.key.IKeyPairCodec;
57 import gnu.java.security.util.DerUtil;
59 public class DHKeyPairX509Codec
60 implements IKeyPairCodec
62 private static final OID DH_ALG_OID = new OID(Registry.DH_OID_STRING);
64 // implicit 0-arguments constructor
66 public int getFormatID()
72 * Returns the DER-encoded form of the X.509 ASN.1 <i>SubjectPublicKeyInfo</i>
73 * representation of a DH public key. The ASN.1 specification, as defined in
74 * RFC-3280, and RFC-2459, is as follows:
77 * SubjectPublicKeyInfo ::= SEQUENCE {
78 * algorithm AlgorithmIdentifier,
79 * subjectPublicKey BIT STRING
82 * AlgorithmIdentifier ::= SEQUENCE {
83 * algorithm OBJECT IDENTIFIER,
84 * parameters ANY DEFINED BY algorithm OPTIONAL
87 * DhParams ::= SEQUENCE {
88 * p INTEGER, -- odd prime, p=jq +1
89 * g INTEGER, -- generator, g
90 * q INTEGER -- factor of p-1
94 * <p>The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the
95 * DER-encoded form of the DH public key as an INTEGER.</p>
98 * DHPublicKey ::= INTEGER -- public key, y = g^x mod p
101 * <b>IMPORTANT</b>: with RI's {@link javax.crypto.spec.DHGenParameterSpec}
102 * and {@link javax.crypto.spec.DHParameterSpec} classes, we may end up with
103 * Diffie-Hellman keys that have a <code>null</code> for the <code>q</code>
104 * parameter. RFC-2631 DOES NOT allow for an <i>optional</i> value for that
105 * parameter, hence we replace such null values with <code>0</code>, and do
106 * the reverse in the corresponding decode method.
108 * @param key the {@link PublicKey} instance to encode. MUST be an instance of
109 * {@link GnuDHPublicKey}.
110 * @return the DER-encoded form of the ASN.1 representation of the
111 * <i>SubjectPublicKeyInfo</i> in an X.509 certificate.
112 * @throw InvalidParameterException if <code>key</code> is not an instance
113 * of {@link GnuDHPublicKey} or if an exception occurs during the
114 * marshalling process.
116 public byte[] encodePublicKey(PublicKey key)
118 if (! (key instanceof GnuDHPublicKey))
119 throw new InvalidParameterException("Wrong key type");
121 DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DH_ALG_OID);
123 GnuDHPublicKey dhKey = (GnuDHPublicKey) key;
124 BigInteger p = dhKey.getParams().getP();
125 BigInteger g = dhKey.getParams().getG();
126 BigInteger q = dhKey.getQ();
129 BigInteger y = dhKey.getY();
131 DERValue derP = new DERValue(DER.INTEGER, p);
132 DERValue derG = new DERValue(DER.INTEGER, g);
133 DERValue derQ = new DERValue(DER.INTEGER, q);
135 ArrayList params = new ArrayList(3);
139 DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
141 ArrayList algorithmID = new ArrayList(2);
142 algorithmID.add(derOID);
143 algorithmID.add(derParams);
144 DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
147 DERValue derDHPublicKey = new DERValue(DER.INTEGER, y);
148 byte[] yBytes = derDHPublicKey.getEncoded();
149 DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes));
151 ArrayList spki = new ArrayList(2);
152 spki.add(derAlgorithmID);
154 DERValue derSPKI = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, spki);
157 ByteArrayOutputStream baos = new ByteArrayOutputStream();
160 DERWriter.write(baos, derSPKI);
161 result = baos.toByteArray();
163 catch (IOException x)
165 InvalidParameterException e = new InvalidParameterException();
174 * @throws InvalidParameterException ALWAYS.
176 public byte[] encodePrivateKey(PrivateKey key)
178 throw new InvalidParameterException("Wrong format for private keys");
182 * @param input the byte array to unmarshall into a valid DH
183 * {@link PublicKey} instance. MUST NOT be null.
184 * @return a new instance of a {@link GnuDHPublicKey} decoded from the
185 * <i>SubjectPublicKeyInfo</i> material in an X.509 certificate.
186 * @throw InvalidParameterException if an exception occurs during the
187 * unmarshalling process.
189 public PublicKey decodePublicKey(byte[] input)
192 throw new InvalidParameterException("Input bytes MUST NOT be null");
194 BigInteger p, g, q, y;
195 DERReader der = new DERReader(input);
198 DERValue derSPKI = der.read();
199 DerUtil.checkIsConstructed(derSPKI, "Wrong SubjectPublicKeyInfo field");
201 DERValue derAlgorithmID = der.read();
202 DerUtil.checkIsConstructed(derAlgorithmID, "Wrong AlgorithmIdentifier field");
204 DERValue derOID = der.read();
205 if (! (derOID.getValue() instanceof OID))
206 throw new InvalidParameterException("Wrong Algorithm field");
208 OID algOID = (OID) derOID.getValue();
209 if (! algOID.equals(DH_ALG_OID))
210 throw new InvalidParameterException("Unexpected OID: " + algOID);
212 DERValue derParams = der.read();
213 DerUtil.checkIsConstructed(derParams, "Wrong DH Parameters field");
215 DERValue val = der.read();
216 DerUtil.checkIsBigInteger(val, "Wrong P field");
217 p = (BigInteger) val.getValue();
219 DerUtil.checkIsBigInteger(val, "Wrong G field");
220 g = (BigInteger) val.getValue();
222 DerUtil.checkIsBigInteger(val, "Wrong Q field");
223 q = (BigInteger) val.getValue();
224 if (q.compareTo(BigInteger.ZERO) == 0)
228 if (! (val.getValue() instanceof BitString))
229 throw new InvalidParameterException("Wrong SubjectPublicKey field");
231 byte[] yBytes = ((BitString) val.getValue()).toByteArray();
233 DERReader dhPub = new DERReader(yBytes);
235 DerUtil.checkIsBigInteger(val, "Wrong Y field");
236 y = (BigInteger) val.getValue();
238 catch (IOException x)
240 InvalidParameterException e = new InvalidParameterException();
245 return new GnuDHPublicKey(Registry.X509_ENCODING_ID, q, p, g, y);
249 * @throws InvalidParameterException ALWAYS.
251 public PrivateKey decodePrivateKey(byte[] input)
253 throw new InvalidParameterException("Wrong format for private keys");
OSDN Git Service
