/************************************************************************
* *
* java.security *
* *
* Interfaces: *
* %Certificate PrivateKey *
* Key PublicKey *
* Principal *
* *
* #Guard #PrivilegedAction *
* #PrivilegedExceptionAction *
* *
* Classes: *
* DigestInputStream MessageDigest *
* DigestOutputStream Provider *
* %Identity SecureRandom *
* %IdentityScope Security *
* KeyPair Signature *
* KeyPairGenerator %Signer *
* *
* #AccessControlContext #KeyStoreSpi *
* #AccessController #MessageDigestSpi *
* #AlgorithmParameterGenerator #Permission *
* #AlgorithmParameterGeneratorSpi #PermissionCollection *
* #AlgorithmParameters #Permissions *
* #AlgorithmParametersSpi #Policy *
* #AllPermission #ProtectionDomain *
* #BasicPermission #SecureClassLoader *
* #CodeSource #SecureRandomSpi *
* #GuardedObject #SecurityPermission *
* #KeyFactory #SignatureSpi *
* #KeyFactorySpi #SignedObject *
* #KeyPairGeneratorSpi #UnresolvedPermission *
* #KeyStore *
* *
* Exceptions: *
* DigestException NoSuchAlgorithmException *
* InvalidKeyException NoSuchProviderException *
* InvalidParameterException ProviderException *
* KeyException SignatureException *
* KeyManagementException *
* *
* #AccessControlException #KeyStoreException *
* #GeneralSecurityException #PrivilegedActionException *
* #InvalidAlgorithmParameterExhception #UnrecoverableKeyException *
* *
************************************************************************/
package Test.Chris;
import java.security.*;
public class Java_security {
static char[] pswd = "zephod".toCharArray();
public static void main(String[] args) {
Java_security obj = new Java_security();
obj.exercise();
System.exit(0);
}
public void exercise() {
permission();
allpermission();
basicpermission();
unresolvedpermission();
permissioncollection();
permissions();
codesource();
policy();
protectiondomain();
accesscontroller();
accesscontrolcontext();
guardedobject();
guard();
security();
provider();
messagedigest();
messagedigestspi();
digestoutputstream();
digestinputstream();
key();
privatekey();
publickey();
keypair();
keypairgenerator();
securerandom();
securerandomspi();
algorithmparametergenerator();
algorithmparametergeneratorspi();
algorithmparameters();
algorithmparametersspi();
keyfactory();
keyfactoryspi();
principal();
identity();
identityscope();
signature();
signer();
keypairgeneratorspi();
keystore();
keystorespi();
secureclassloader();
securitypermission();
signaturespi();
signedobject();
certificate();
}
/*********************************************************************
* *
* #Permission: (Abstract) *
* *
* Desc: *
* *
* Methods: *
* checkGuard getName newPermissionCollection *
* equals hashCode toString *
* getActions implies *
* *
*********************************************************************/
class CMRPermission extends Permission {
String name;
String action;
public CMRPermission(String name) {
super(name);
this.name = name;
this.action = "";
}
public CMRPermission(String name, String action) {
super(name);
this.name = name;
this.action = action;
}
public int hashCode() {
return (name + action).hashCode();
}
public boolean equals(Object obj) {
if (obj instanceof CMRPermission) {
if (this.name.equals(((CMRPermission)obj).name)) return true;
}
return false;
}
public boolean implies(Permission p) {
if (p instanceof CMRPermission) {
if (this.name.equals(((CMRPermission)p).name)) return true;
}
return false;
}
public String getActions() {
return this.action;
}
}
void permission() {
/* Current Permission subclasses:
* java.security.SecurityPermission
* java.security.UnresolvedPermission
* java.security.AllPermission
* java.lang.RuntimePermission
* java.lang.reflect.ReflectPermission
* java.util.PropertyPermission
* java.io.FilePermission
* java.io.SerializablePermission
* java.awt.AWTPermission
* java.net.SocketPermission
* java.net.NetPermission
*/
int i;
String s;
boolean b;
PermissionCollection c;
Permission p = new CMRPermission("myPermit", "read");
Permission q = new CMRPermission("myPermit", "write");
s = p.getActions(); // actions as a String
s = p.getName(); // name of this Permission
b = p.equals(q); // checks two Permission objects for equality
b = p.implies(q); // checks if actions are "implied by" this object's actions
p.checkGuard(s); // implements the guard interface for a permission
c = p.newPermissionCollection(); // returns empty PermissionCollection
i = p.hashCode(); // hash code value
s = p.toString(); // string representation
}
/*********************************************************************
* *
* #AllPermission: *
* *
* Desc: *
* *
* Methods: *
* equals hashCode newPermissionCollection *
* getActions implies *
* *
*********************************************************************/
void allpermission() {
int i;
String s;
boolean b;
PermissionCollection c;
AllPermission p = new AllPermission();
AllPermission q = new AllPermission();
s = p.getActions(); // actions as a String
s = p.getName(); // name of this Permission
b = p.equals(q); // checks two Permission objects for equality
b = p.implies(q); // checks if actions are "implied by" this object's actions
p.checkGuard(s); // implements the guard interface for a permission
c = p.newPermissionCollection(); // returns empty PermissionCollection
i = p.hashCode(); // hash code value
s = p.toString(); // string representation
}
/*********************************************************************
* *
* #BasicPermission: *
* *
* Desc: *
* *
* Methods: *
* equals hashCode newPermissionCollection *
* getActions implies *
* *
*********************************************************************/
class CMRBasicPermission extends BasicPermission {
public CMRBasicPermission(String name) {
super(name);
}
public CMRBasicPermission(String name, String action) {
super(name);
}
}
void basicpermission() {
int i;
String s;
boolean b;
PermissionCollection c;
BasicPermission p = new CMRBasicPermission("myperm");
BasicPermission q = new CMRBasicPermission("myperm", "myaction");
s = p.getActions(); // actions as a String
s = p.getName(); // name of this Permission
b = p.equals(q); // checks two Permission objects for equality
b = p.implies(q); // checks if actions are "implied by" this object's actions
p.checkGuard(s); // implements the guard interface for a permission
c = p.newPermissionCollection(); // returns empty PermissionCollection
i = p.hashCode(); // hash code value
s = p.toString(); // string representation
}
/*********************************************************************
* *
* #UnresolvedPermission: *
* *
* Desc: *
* *
* Methods: *
* equals hashCode newPermissionCollection *
* getActions implies toString *
* *
*********************************************************************/
void unresolvedpermission() {
int i;
String s;
boolean b;
PermissionCollection c;
UnresolvedPermission p =
new UnresolvedPermission("java.lang.AllPermission", "myperm", "myaction", null);
UnresolvedPermission q =
new UnresolvedPermission("java.lang.AllPermission", "myperm", "myaction", null);
s = p.getActions(); // actions as a String
s = p.getName(); // name of this Permission
// b = p.equals(q); // checks two Permission objects for equality
b = p.implies(q); // checks if actions are "implied by" this object's actions
p.checkGuard(s); // implements the guard interface for a permission
c = p.newPermissionCollection(); // returns empty PermissionCollection
i = p.hashCode(); // hash code value
s = p.toString(); // string representation
}
/*********************************************************************
* *
* #PermissionCollection: *
* *
* Desc: *
* *
* Methods: *
* add implies setReadOnly *
* elements isReadOnly toString *
* *
*********************************************************************/
class CMRPermissionCollection extends PermissionCollection {
java.util.Vector perm = new java.util.Vector();
CMRPermissionCollection() {
super();
}
public void add(Permission p) {
if (!(p instanceof CMRPermission)) throw new IllegalArgumentException("Wrong permission type");
perm.add(p);
}
public java.util.Enumeration elements() {
return perm.elements();
}
public boolean implies(Permission p) {
if (!(p instanceof CMRPermission)) return false;
String s = p.getName();
java.util.Enumeration x = elements();
while (x.hasMoreElements()) {
if (s.equals(((Permission)x.nextElement()).getName())) return true;
}
return false;
}
}
void permissioncollection() {
int i;
String s;
boolean b;
java.util.Enumeration x;
Permission p = new CMRPermission("myperm");
Permission q = new CMRPermission("myperm", "myaction");
CMRPermissionCollection pc = new CMRPermissionCollection();
pc.add(p); // adds a permission object to the current collection
pc.add(q);
x = pc.elements(); // enumeration of all the Permission objects in the collection
while (x.hasMoreElements()) {
q = (Permission)x.nextElement();
}
pc.setReadOnly(); // marks PermissionCollection as "readonly"
b = pc.isReadOnly(); // test if PermissionCollection marked as readonly
b = pc.implies(p); // checks if actions are "implied by" this object's actions
s = pc.toString(); // string representation
}
/*********************************************************************
* *
* #Permissions: *
* *
* Desc: *
* *
* Methods: *
* add elements implies *
* *
*********************************************************************/
void permissions() {
int i;
String s;
boolean b;
java.util.Enumeration x;
Permission p = new CMRPermission("myperm");
Permission q = new CMRPermission("myperm", "myaction");
Permissions pc = new Permissions();
pc.add(p); // adds a permission object to the current collection
pc.add(q);
x = pc.elements(); // enumeration of all the Permission objects in the collection
while (x.hasMoreElements()) {
q = (Permission)x.nextElement();
}
pc.setReadOnly(); // marks PermissionCollection as "readonly"
b = pc.isReadOnly(); // test if PermissionCollection marked as readonly
b = pc.implies(p); // checks if actions are "implied by" this object's actions
s = pc.toString(); // string representation
}
/*********************************************************************
* *
* #CodeSource: *
* *
* Desc: *
* *
* Methods: *
* equals getLocation implies *
* getCertificates hashCode toString *
* *
*********************************************************************/
void codesource() {
int i;
String s;
boolean b;
java.net.URL url;
java.security.cert.Certificate[] keys = null;
CodeSource x;
CodeSource y;
try {
url = new java.net.URL("http://rhcus/index.html");
x = new CodeSource(url, keys);
y = new CodeSource(url, keys);
url = x.getLocation(); // location associated with this CodeSource.
keys = x.getCertificates(); // certificates associated with this CodeSource
b = x.equals(y); // tests equality (url & keys)
b = x.implies(y); // tests object "implies" the specified CodeSource
i = x.hashCode(); // hash code value
s = x.toString(); // string representation
} catch(java.net.MalformedURLException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #Policy: *
* *
* Desc: *
* *
* Methods: *
* getPermissions refresh setPolicy *
* getPolicy *
* *
*********************************************************************/
class CMRPolicy extends Policy {
public CMRPolicy() {
super();
}
public PermissionCollection getPermissions(CodeSource cs) {
return null;
}
public void refresh() {
}
}
void policy() {
java.net.URL url;
java.security.cert.Certificate[] keys = null;
PermissionCollection pc;
CodeSource cs;
Policy p;
try {
url = new java.net.URL("http://rhcus/index.html");
cs = new CodeSource(url, keys);
p = new CMRPolicy();
p = Policy.getPolicy(); // installed Policy object
Policy.setPolicy(p); // sets the system-wide Policy object
pc = p.getPermissions(cs); // set of permissions allowed for code
p.refresh(); // refreshes/reloads the policy configuration
} catch(java.net.MalformedURLException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #ProtectionDomain: *
* *
* Desc: *
* *
* Methods: *
* getCodeSource implies toString *
* getPermissions *
* *
*********************************************************************/
void protectiondomain() {
String s;
boolean b;
java.net.URL url;
java.security.cert.Certificate[] keys = null;
Permission p = new CMRPermission("myperm");
PermissionCollection pc;
CodeSource cs;
ProtectionDomain pd;
try {
url = new java.net.URL("http://rhcus/index.html");
cs = new CodeSource(url, keys);
pc = Policy.getPolicy().getPermissions(cs);
pd = new ProtectionDomain(cs, pc);
cs = pd.getCodeSource(); // CodeSource of this domain.
pc = pd.getPermissions(); // permissions of this domain.
b = pd.implies(p); // tests object "implies" the specified Permission
s = pd.toString(); // string representation
} catch(java.net.MalformedURLException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #AccessController: *
* *
* Desc: *
* *
* Methods: *
* checkPermission doPrivileged getContext *
* *
*********************************************************************/
void accesscontroller() {
String s;
Permission p = new java.util.PropertyPermission("java.version", "read");
CMRPrivilegedAction pa = new CMRPrivilegedAction();
CMRPrivilegedExceptionAction pe = new CMRPrivilegedExceptionAction();
AccessControlContext ac;
try {
ac = AccessController.getContext(); // snapshot of current calling context
AccessController.checkPermission(p); // check access request
s = (String)AccessController.doPrivileged(pa); // performs specified action with privileges enabled
s = (String)AccessController.doPrivileged(pa, ac);
s = (String)AccessController.doPrivileged(pe);
s = (String)AccessController.doPrivileged(pe, ac);
} catch(AccessControlException e) {
System.out.println(e);
} catch(PrivilegedActionException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #AccessControlContext: *
* *
* Desc: *
* *
* Methods: *
* checkPermission equals hashCode *
* *
*********************************************************************/
void accesscontrolcontext() {
int i;
boolean b;
Permission p = new java.util.PropertyPermission("java.version", "read");
AccessControlContext ac = AccessController.getContext();
AccessControlContext ad = AccessController.getContext();
try {
ac.checkPermission(p); // test permission
b = ac.equals(ad); // test AccessControlContext objects for equality
i = ac.hashCode(); // hash code value
} catch(AccessControlException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #PrivilegedAction: *
* *
* Desc: *
* *
* Methods: *
* run *
* *
*********************************************************************/
class CMRPrivilegedAction implements PrivilegedAction {
public Object run() { // Performs the computation
return System.getProperty("user.name");
}
}
/*********************************************************************
* *
* #PrivilegedExceptionAction: *
* *
* Desc: *
* *
* Methods: *
* run *
* *
*********************************************************************/
class CMRPrivilegedExceptionAction implements PrivilegedExceptionAction {
public Object run() { // Performs the computation
return System.getProperty("java.version");
}
}
/*********************************************************************
* *
* #GuardedObject: *
* *
* Desc: *
* *
* Methods: *
* getObject *
* *
*********************************************************************/
void guardedobject() {
String s;
Permission p = new CMRPermission("myperm");
GuardedObject go = new GuardedObject(new String("GuardMe"), p);
try {
s = (String)go.getObject(); // retrieves the guarded object
} catch(AccessControlException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #Guard: *
* *
* Desc: *
* *
* Methods: *
* checkGuard *
* *
*********************************************************************/
void guard() {
Guard p = new CMRPermission("myPermit");
p.checkGuard("myPermit"); // test access allowed to the guarded object object
}
/*********************************************************************
* *
* Security: *
* *
* Desc: *
* *
* Methods: *
* addProvider getProvider removeProvider *
* %getAlgorithmProperty getProviders setProperty *
* getProperty insertProviderAt *
* *
*********************************************************************/
void security() {
int i;
String s;
Provider p = new CMRProvider();
Provider[] px;
i = Security.addProvider(p); // adds a provider to the next position available
//i = Security.insertProviderAt(p, 1); // adds a new provider, at a specified position
//Security.removeProvider("CMR"); // removes provider with the specified name
p = Security.getProvider("CMR"); // provider installed with the specified name
px = Security.getProviders(); // all installed providers
s = Security.getProperty("security.provider.1"); // Gets security property value
Security.setProperty("security.provider.1", s); // Sets security property value
}
/*********************************************************************
* *
* Provider: *
* *
* Desc: *
* *
* Methods: *
* getInfo getVersion toString *
* getName *
* *
* #clear #load #remove *
* #entrySet #put #values *
* #keySet #putAll *
* *
*********************************************************************/
class CMRProvider extends Provider {
public CMRProvider() {
super("CMR", 1.0, "CMR Security Provider v1.0");
put("MessageDigest.CUS", "Test.Chris.Java_security$CMRMessageDigest");
put("Alg.Alias.MessageDigest.CUS-1", "CUS");
}
}
void provider() {
String s;
double d;
java.util.Set x;
java.util.Collection y;
Provider p;
p = Security.getProvider("CMR");
s = p.getInfo(); // description of the provider and its services
s = p.getName(); // name of this provider
d = p.getVersion(); // version number for this provider.
s = p.toString(); // string representation
s = (String)p.put("aprop", "aval"); // sets key property to have the specified value
s = (String)p.remove("aprop"); // removes the key property
p.clear(); // clears provider
/* TO BE DETERMINED
void load(InputStream inStream) // Reads a property list (key and element pairs) from the input stream
void putAll(Map t) // Copies all of the mappings from the specified Map to this provider
x = p.keySet(); // unmodifiable Set of the property keys
x = p.entrySet(); // unmodifiable Set of the property entries
y = p.values();
*/
}
/*********************************************************************
* *
* MessageDigest: *
* *
* Desc: *
* *
* Methods: *
* clone %engineUpdate reset *
* digest getAlgorithm toString *
* %engineDigest getInstance update *
* %engineReset isEqual *
* *
* #getDigestLength #getProvider *
* *
*********************************************************************/
class CMRMessageDigest extends MessageDigestSpi {
private int hash;
private int store;
private int bytes;
public CMRMessageDigest() {
//super("CMR"); // use this if extend MessageDigest
super();
engineReset();
}
public void engineReset() {
hash = 0;
store = 0;
bytes = 0;
}
public void engineUpdate(byte b) {
switch (bytes) {
case 0: store = (b << 24) & 0xff000000; break;
case 1: store |= (b << 16) & 0x00ff0000; break;
case 2: store |= (b << 8) & 0x0000ff00; break;
case 3: store |= (b << 0) & 0x000000ff; break;
}
bytes++;
if (bytes == 4) {
hash = hash^store;
bytes = 0;
store = 0;
}
}
public void engineUpdate(byte b[], int offset, int length) {
for (int i = 0; i < length; i++) engineUpdate(b[i + offset]);
}
public byte[] engineDigest() {
while (bytes != 0) engineUpdate((byte)0);
byte b[] = new byte[4];
b[0] = (byte)(hash >>> 24);
b[1] = (byte)(hash >>> 16);
b[2] = (byte)(hash >>> 8);
b[3] = (byte)(hash >>> 0);
engineReset();
return b;
}
}
void messagedigest() {
int i;
String s;
boolean b;
byte[] x;
byte[] y;
Provider p;
MessageDigest md;
MessageDigest mx;
try {
md = MessageDigest.getInstance("SHA"); // get MessageDigest that implements the algorithm
s = md.getAlgorithm(); // string that identifies the algorithm
p = md.getProvider(); // provider of this message digest object
md.reset(); // resets the digest for further use
md.update("hello".getBytes()); // updates the digest using bytes
md.update((byte)0x20); // updates the digest using byte
md.update("world".getBytes(), 3, 2); // updates the digest using bytes (offset/length)
mx = (MessageDigest)md.clone(); // clone the MessageDigest in current state
i = md.getDigestLength(); // length of the digest in bytes
x = md.digest(); // completes hash computation
y = mx.digest();
b = MessageDigest.isEqual(x, y); // Compares two digests for equality
s = md.toString(); // string representation
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.lang.CloneNotSupportedException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #MessageDigestSpi: *
* *
* Desc: *
* *
* Methods: *
* clone engineGetDigestLength engineUpdate *
* engineDigest engineReset *
* *
*********************************************************************/
void messagedigestspi() {
MessageDigestSpi md;
MessageDigestSpi mc;
try {
md = MessageDigest.getInstance("SHA");
mc = (MessageDigestSpi)md.clone(); // clone the object
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.lang.CloneNotSupportedException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* DigestOutputStream: *
* *
* Desc: *
* *
* Fields: *
* #digest *
* *
* Methods: *
* getMessageDigest setMessageDigest write *
* on toString *
* *
*********************************************************************/
void digestoutputstream() {
String s;
MessageDigest md;
DigestOutputStream ios;
try {
md = MessageDigest.getInstance("SHA");
ios = new DigestOutputStream(new java.io.FileOutputStream("io/Security_digest.txt"), md);
md = ios.getMessageDigest(); // message digest associated with this stream
ios.setMessageDigest(md); // associates the specified message digest with this stream
ios.on(true); // turns the digest function on or off
s = ios.toString(); // string representation
ios.write((byte)0x20); // updates the digest using byte
ios.write("hello".getBytes()); // updates the digest using bytes
ios.close();
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* DigestInputStream: *
* *
* Desc: *
* *
* Fields: *
* #digest *
* *
* Methods: *
* getMessageDigest read toString *
* on setMessageDigest *
* *
*********************************************************************/
void digestinputstream() {
int i;
String s;
byte[] b = new byte[10];
MessageDigest md;
DigestInputStream ios;
try {
md = MessageDigest.getInstance("SHA");
ios = new DigestInputStream(new java.io.FileInputStream("io/Security_digest.txt"), md);
md = ios.getMessageDigest(); // message digest associated with this stream
ios.setMessageDigest(md); // associates the specified message digest with this stream
ios.on(true); // turns the digest function on or off
i = ios.read(); // reads a byte, and updates the message digest
i = ios.read(b, 0, 10); // reads into a byte array, and updates the message digest
s = ios.toString(); // string representation
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* Key Interface: *
* *
* Desc: *
* *
* Fields: *
* #serialVersionUID *
* *
* Methods: *
* getAlgorithm getEncoded getFormat *
* *
*********************************************************************/
void key() {
long uid;
String s;
byte[] b;
KeyPair kp;
KeyPairGenerator kpg;
Key k;
try {
kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512);
kp = kpg.genKeyPair();
k = kp.getPrivate();
k = kp.getPublic();
uid = Key.serialVersionUID;
s = k.getAlgorithm(); // algorithm name for this key
s = k.getFormat(); // name of the primary encoding format
b = k.getEncoded(); // key in its primary encoding format
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* PrivateKey Interface: *
* *
* Desc: *
* *
* Fields: *
* #serialVersionUID *
* *
*********************************************************************/
void privatekey() {
long uid = PrivateKey.serialVersionUID;
}
/*********************************************************************
* *
* PublicKey Interface: *
* *
* Desc: *
* *
* Fields: *
* #serialVersionUID *
* *
*********************************************************************/
void publickey() {
long uid = PublicKey.serialVersionUID;
}
/*********************************************************************
* *
* KeyPair: *
* *
* Desc: *
* *
* Methods: *
* getPrivate getPublic *
* *
*********************************************************************/
void keypair() {
KeyPair kp;
KeyPairGenerator kpg;
PrivateKey x;
PublicKey y;
try {
kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512);
kp = kpg.genKeyPair();
x = kp.getPrivate(); // private key component of key pair
y = kp.getPublic(); // public key component of key pair
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* KeyPairGenerator: *
* *
* Desc: *
* *
* Methods: *
* generateKeyPair getInstance initialize *
* getAlgorithm *
* *
* #getProvider *
* *
*********************************************************************/
void keypairgenerator() {
String s;
Provider p;
KeyPair kp;
KeyPairGenerator kpg;
try {
kpg = KeyPairGenerator.getInstance("DSA"); // generates KeyPairGenerator with digest algorithm
kpg = KeyPairGenerator.getInstance("DSA", "SUN");
kpg.initialize(512); // initializes key pair generator with keysize
s = kpg.getAlgorithm(); // standard name of the algorithm
p = kpg.getProvider(); // provider of this key pair generator object
kp = kpg.genKeyPair(); // generates a key pair
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(NoSuchProviderException e) {
System.out.println(e);
}
/* TO BE DETERMINED
void initialize(AlgorithmParameterSpec params) // Initializes the key pair generator using the specified parameter set and the SecureRandom implementation of the highest-priority installed provider as the source of randomness
void initialize(AlgorithmParameterSpec params, SecureRandom random) // Initializes the key pair generator with the given parameter set and source of randomness
*/
}
/*********************************************************************
* *
* #KeyPairGeneratorSpi: *
* *
* Desc: *
* *
* Methods: *
* generateKeyPair initialize *
* *
*********************************************************************/
void keypairgeneratorspi() {
SecureRandom r;
KeyPairGeneratorSpi kpg;
try {
kpg = KeyPairGenerator.getInstance("DSA"); // generates KeyPairGenerator with digest algorithm
r = SecureRandom.getInstance("SHA1PRNG");
kpg.initialize(512, r); // initializes the key pair generator
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
}
/* TO BE DETERMINED
void initialize(AlgorithmParameterSpec params, SecureRandom random) // Initializes the key pair generator using the specified parameter set and user-provided source of randomness.
*/
}
/*********************************************************************
* *
* SecureRandom: *
* *
* Desc: *
* *
* Methods: *
* getSeed nextBytes setSeed *
* next *
* *
* #generateSeed #getInstance #getProvider *
* *
*********************************************************************/
void securerandom() {
Provider p;
byte[] b;
SecureRandom r;
try {
r = SecureRandom.getInstance("SHA1PRNG"); // Generates a SecureRandom object
r = SecureRandom.getInstance("SHA1PRNG", "SUN");
p = r.getProvider(); // provider of this SecureRandom object
b = SecureRandom.getSeed(10); // returns the given number of seed bytes
b = r.generateSeed(10); // returns the given number of seed bytes
r.setSeed(1234); // reseeds this random object (long seed)
r.setSeed(b); // reseeds this random object
r.nextBytes(b); // generates specified number of random bytes
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(NoSuchProviderException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #SecureRandomSpi: *
* *
* Desc: *
* *
* Methods: *
* engineGenerateSeed engineNextBytes engineSetSeed *
* *
*********************************************************************/
void securerandomspi() {
/* TO BE DETERMINED
protected abstract byte[] engineGenerateSeed(int numBytes) // Returns the given number of seed bytes.
protected abstract void engineNextBytes(byte[] bytes) // Generates a user-specified number of random bytes.
protected abstract void engineSetSeed(byte[] seed) // Reseeds this random object.
*/
}
/*********************************************************************
* *
* #AlgorithmParameterGenerator: *
* *
* Desc: *
* *
* Methods: *
* generateParameters getInstance init *
* getAlgorithm getProvider *
* *
*********************************************************************/
void algorithmparametergenerator() {
/* TO BE DETERMINED
AlgorithmParameters generateParameters() // Generates the parameters.
String getAlgorithm() // Returns the standard name of the algorithm this parameter generator is associated with.
static AlgorithmParameterGenerator getInstance(String algorithm) // Generates an AlgorithmParameterGenerator object that implements the specified digest algorithm.
static AlgorithmParameterGenerator getInstance(String algorithm, String provider) // Generates an AlgorithmParameterGenerator object for the requested algorithm, as supplied from the specified provider, if such a parameter generator is available from the provider.
Provider getProvider() // Returns the provider of this algorithm parameter generator object.
void init(AlgorithmParameterSpec genParamSpec) // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
void init(AlgorithmParameterSpec genParamSpec, SecureRandom random) // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
void init(int size) // Initializes this parameter generator for a certain size.
void init(int size, SecureRandom random) // Initializes this parameter generator for a certain size and source of randomness
*/
}
/*********************************************************************
* *
* #AlgorithmParameterGeneratorSpi: *
* *
* Desc: *
* *
* Methods: *
* engineGenerateParameters engineInit *
* *
*********************************************************************/
void algorithmparametergeneratorspi() {
/* TO BE DETERMINED
protected abstract AlgorithmParameters engineGenerateParameters() // Generates the parameters.
protected abstract void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
protected abstract void engineInit(int size, SecureRandom random) // Initializes this parameter generator for a certain size and source of randomness
*/
}
/*********************************************************************
* *
* #AlgorithmParameters: *
* *
* Desc: *
* *
* Methods: *
* getAlgorithm getParameterSpec toString *
* getEncoded getProvider *
* getInstance init *
* *
*********************************************************************/
void algorithmparameters() {
/* TO BE DETERMINED
String getAlgorithm() // Returns the name of the algorithm associated with this parameter object.
byte[] getEncoded() // Returns the parameters in their primary encoding format.
byte[] getEncoded(String format) // Returns the parameters encoded in the specified scheme.
static AlgorithmParameters getInstance(String algorithm) // Generates a parameter object for the specified algorithm.
static AlgorithmParameters getInstance(String algorithm, String provider) // Generates a parameter object for the specified algorithm, as supplied by the specified provider, if such an algorithm is available from the provider.
AlgorithmParameterSpec getParameterSpec(Class paramSpec) // Returns a (transparent) specification of this parameter object.
Provider getProvider() // Returns the provider of this parameter object.
void init(AlgorithmParameterSpec paramSpec) // Initializes this parameter object using the parameters specified in paramSpec.
void init(byte[] params) // Imports the specified parameters and decodes them according to the primary decoding format for parameters.
void init(byte[] params, String format) // Imports the parameters from params and decodes them according to the specified decoding scheme.
String toString() // Returns a formatted string describing the parameters.
*/
}
/*********************************************************************
* *
* #AlgorithmParametersSpi: *
* *
* Desc: *
* *
* Methods: *
* engineGetEncoded engineInit *
* engineGetParameterSpec engineToString *
* *
*********************************************************************/
void algorithmparametersspi() {
/* TO BE DETERMINED
protected abstract byte[] engineGetEncoded() // Returns the parameters in their primary encoding format.
protected abstract byte[] engineGetEncoded(String format) // Returns the parameters encoded in the specified format.
protected abstract AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) // Returns a (transparent) specification of this parameters object.
protected abstract void engineInit(AlgorithmParameterSpec paramSpec) // Initializes this parameters object using the parameters specified in paramSpec.
protected abstract void engineInit(byte[] params) // Imports the specified parameters and decodes them according to the primary decoding format for parameters.
protected abstract void engineInit(byte[] params, String format) // Imports the parameters from params and decodes them according to the specified decoding format.
protected abstract String engineToString() // Returns a formatted string describing the parameters.
*/
}
/*********************************************************************
* *
* #KeyFactory: *
* *
* Desc: *
* *
* Methods: *
* generatePrivate getInstance translateKey *
* generatePublic getKeySpec *
* getAlgorithm getProvider *
* *
*********************************************************************/
void keyfactory() {
String s;
Provider p;
java.security.spec.KeySpec ks;
Key k;
KeyPair kp;
KeyPairGenerator kpg;
KeyFactory kf;
try {
kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512);
kp = kpg.generateKeyPair();
kf = KeyFactory.getInstance("DSA"); // generates KeyFactory object
kf = KeyFactory.getInstance("DSA", "SUN"); // generates KeyFactory object with provider
s = kf.getAlgorithm(); // algorithm associated with key factory
p = kf.getProvider(); // provider of this key factory object
ks = kf.getKeySpec(kp.getPrivate(),
java.security.spec.DSAPrivateKeySpec.class); // specification (key material) of the key
k = kf.generatePrivate(ks); // generates a private key
ks = kf.getKeySpec(kp.getPublic(),
java.security.spec.DSAPublicKeySpec.class);
k = kf.generatePublic(ks); // generates a public key
k = kf.translateKey(k); // translates a key object
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(NoSuchProviderException e) {
System.out.println(e);
} catch(InvalidKeyException e) {
System.out.println(e);
} catch(java.security.spec.InvalidKeySpecException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #KeyFactorySpi: *
* *
* Desc: *
* *
* Methods: *
* engineGeneratePrivate engineGetKeySpec *
* engineGeneratePublic engineTranslateKey *
* *
*********************************************************************/
void keyfactoryspi() {
/* TO BE DETERMINED
protected abstract PrivateKey engineGeneratePrivate(KeySpec keySpec) // Generates a private key object from the provided key specification (key material).
protected abstract PublicKey engineGeneratePublic(KeySpec keySpec) // Generates a public key object from the provided key specification (key material).
protected abstract KeySpec engineGetKeySpec(Key key, Class keySpec) // Returns a specification (key material) of the given key object.
protected abstract Key engineTranslateKey(Key key) // Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this key factory.
*/
}
/*********************************************************************
* *
* %Identity: *
* *
* Desc: *
* *
* Methods: *
* addCertificate getPublicKey setInfo *
* certificates getScope setPublicKey *
* equals hashCode toString *
* getInfo identityEquals *
* getName removeCertificate *
* *
*********************************************************************/
void identity() {
/* deprecated
IdentityScope is;
Identity id;
Key k;
is = IdentityScope.getSystemScope();
if (is != null) {
k = is.getPublicKey();
id = is.getIdentity("CRathman");
}
*/
/* TO BE DETERMINED
void addCertificate(Certificate certificate) // Deprecated. Adds a certificate for this identity.
Certificate[] certificates() // Deprecated. Returns a copy of all the certificates for this identity.
boolean equals(Object identity) // Deprecated. Tests for equality between the specified object and this identity.
String getInfo() // Deprecated. Returns general information previously specified for this identity.
String getName() // Deprecated. Returns this identity's name.
PublicKey getPublicKey() // Deprecated. Returns this identity's public key.
IdentityScope getScope() // Deprecated. Returns this identity's scope.
int hashCode() // Deprecated. Returns a hashcode for this identity.
protected boolean identityEquals(Identity identity) // Deprecated. Tests for equality between the specified identity and this identity.
void removeCertificate(Certificate certificate) // Deprecated. Removes a certificate from this identity.
void setInfo(String info) // Deprecated. Specifies a general information string for this identity.
void setPublicKey(PublicKey key) // Deprecated. Sets this identity's public key.
String toString() // Deprecated. Returns a short string describing this identity, telling its name and its scope (if any).
String toString(boolean detailed) // Deprecated. Returns a string representation of this identity, with optionally more details than that provided by the toString method without any arguments.
*/
}
/*********************************************************************
* *
* %IdentityScope: *
* *
* Desc: *
* *
* Methods: *
* addIdentity identities size *
* getIdentity removeIdentity toString *
* getSystemScope setSystemScope *
* *
*********************************************************************/
void identityscope() {
/* TO BE DETERMINED
abstract void addIdentity(Identity identity) // Deprecated. Adds an identity to this identity scope.
Identity getIdentity(Principal principal) // Deprecated. Retrieves the identity whose name is the same as that of the specified principal.
abstract Identity getIdentity(PublicKey key) // Deprecated. Retrieves the identity with the specified public key.
abstract Identity getIdentity(String name) // Deprecated. Returns the identity in this scope with the specified name (if any).
static IdentityScope getSystemScope() // Deprecated. Returns the system's identity scope.
abstract Enumeration identities() // Deprecated. Returns an enumeration of all identities in this identity scope.
abstract void removeIdentity(Identity identity) // Deprecated. Removes an identity from this identity scope.
protected static void setSystemScope(IdentityScope scope) // Deprecated. Sets the system's identity scope.
abstract int size() // Deprecated. Returns the number of identities within this identity scope.
String toString() // Deprecated. Returns a string representation of this identity scope, including its name, its scope name, and the number of identities in this identity scope.
*/
}
/*********************************************************************
* *
* #KeyStore: *
* *
* Desc: *
* *
* Methods: *
* aliases getDefaultType load *
* containsAlias getInstance setCertificateEntry *
* deleteEntry getKey setKeyEntry *
* getCertificate getProvider size *
* getCertificateAlias getType store *
* getCertificateChain isCertificateEntry *
* getCreationDate isKeyEntry *
* *
*********************************************************************/
void keystore() {
int i;
boolean b;
String s;
java.util.Date d;
java.util.Enumeration x;
java.io.FileInputStream ios;
java.security.cert.Certificate c;
java.security.cert.Certificate[] cx;
Provider p;
Key k;
KeyStore ks;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = KeyStore.getInstance("JKS"); // generates a keystore object of the given type
ks = KeyStore.getInstance("JKS", "SUN"); // generates a keystore object with specified provider
ks.load(ios, null); // loads KeyStore from the given input stream
s = KeyStore.getDefaultType(); // default keystore type
s = ks.getType(); // type of this keystore
p = ks.getProvider(); // provider of this keystore
i = ks.size(); // number of entries in this keystore
b = ks.containsAlias("critter"); // checks if the given alias exists in this keystore
b = ks.isKeyEntry("critter"); // test if entry (alias) is a key entry
b = ks.isCertificateEntry("critter"); // test if entry (alias) is a trusted certificate entry
cx = ks.getCertificateChain("critter"); // certificate chain associated with the alias
x = ks.aliases(); // lists all the alias names of this keystore
k = ks.getKey("critter", pswd); // key associated with the given alias
c = ks.getCertificate("critter"); // certificate associated with the given alias
s = ks.getCertificateAlias(c); // alias name of the keystore entry
d = ks.getCreationDate("critter"); // creation date of the entry
} catch(KeyStoreException e) {
System.out.println(e);
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(NoSuchProviderException e) {
System.out.println(e);
} catch(UnrecoverableKeyException e) {
System.out.println(e);
} catch(java.security.cert.CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
/* TO BE DETERMINED
void deleteEntry(String alias) // Deletes the entry identified by the given alias from this keystore.
void setCertificateEntry(String alias, Certificate cert) // Assigns the given certificate to the given alias.
void setKeyEntry(String alias, byte[] key, Certificate[] chain) // Assigns the given key (that has already been protected) to the given alias.
void setKeyEntry(String alias, Key key, char[] password, Certificate[] chain) // Assigns the given key to the given alias, protecting it with the given password.
void store(OutputStream stream, char[] password) // Stores this keystore to the given output stream, and protects its integrity with the given password.
*/
}
/*********************************************************************
* *
* #KeyStoreSpi: *
* *
* Desc: *
* *
* Methods: *
* engineAliases engineIsCertificateEntry *
* engineContainsAlias engineIsKeyEntry *
* engineDeleteEntry engineLoad *
* engineGetCertificate engineSetCertificateEntry *
* engineGetCertificateAlias engineSetKeyEntry *
* engineGetCertificateChain engineSize *
* engineGetCreationDate engineStore *
* engineGetKey *
* *
*********************************************************************/
void keystorespi() {
/* TO BE DETERMINED
abstract Enumeration engineAliases() // Lists all the alias names of this keystore.
abstract boolean engineContainsAlias(String alias) // Checks if the given alias exists in this keystore.
abstract void engineDeleteEntry(String alias) // Deletes the entry identified by the given alias from this keystore.
abstract Certificate engineGetCertificate(String alias) // Returns the certificate associated with the given alias.
abstract String engineGetCertificateAlias(Certificate cert) // Returns the (alias) name of the first keystore entry whose certificate matches the given certificate.
abstract Certificate[] engineGetCertificateChain(String alias) // Returns the certificate chain associated with the given alias.
abstract Date engineGetCreationDate(String alias) // Returns the creation date of the entry identified by the given alias.
abstract Key engineGetKey(String alias, char[] password) // Returns the key associated with the given alias, using the given password to recover it.
abstract boolean engineIsCertificateEntry(String alias) // Returns true if the entry identified by the given alias is a trusted certificate entry, and false otherwise.
abstract boolean engineIsKeyEntry(String alias) // Returns true if the entry identified by the given alias is a key entry, and false otherwise.
abstract void engineLoad(InputStream stream, char[] password) // Loads the keystore from the given input stream.
abstract void engineSetCertificateEntry(String alias, Certificate cert) // Assigns the given certificate to the given alias.
abstract void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) // Assigns the given key (that has already been protected) to the given alias.
abstract void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) // Assigns the given key to the given alias, protecting it with the given password.
abstract int engineSize() // Retrieves the number of entries in this keystore.
abstract void engineStore(OutputStream stream, char[] password) // Stores this keystore to the given output stream, and protects its integrity with the given password.
*/
}
/*********************************************************************
* *
* Principal Interface: *
* *
* Desc: *
* *
* Methods: *
* equals hashCode toString *
* getName *
* *
*********************************************************************/
void principal() {
int i;
String s;
boolean b;
java.io.FileInputStream ios;
java.security.cert.X509Certificate c;
KeyStore ks;
Principal p;
Principal q;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = KeyStore.getInstance("JKS");
ks.load(ios, null);
c = (java.security.cert.X509Certificate)ks.getCertificate("critter");
p = c.getIssuerDN();
q = c.getSubjectDN();
b = p.equals(q); // compares this principal to the specified object
s = p.getName(); // name of this principal
s = p.toString(); // string representation of this principal
i = p.hashCode(); // hashcode for this principal
ios.close();
} catch(KeyStoreException e) {
System.out.println(e);
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.security.cert.CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* #SecureClassLoader: *
* *
* Desc: *
* *
* Methods: *
* defineClass getPermissions *
* *
*********************************************************************/
void secureclassloader() {
/* TO BE DETERMINED
protected Class defineClass(String name, byte[] b, int off, int len, CodeSource cs) // Converts an array of bytes into an instance of class Class, with an optional CodeSource.
protected PermissionCollection getPermissions(CodeSource codesource) // Returns the permissions for the given codesource object.
*/
}
/*********************************************************************
* *
* #SecurityPermission: *
* *
* Desc: *
* *
*********************************************************************/
void securitypermission() {
/* TO BE DETERMINED
getPolicy Retrieval of the system-wide security policy (specifically, of the currently-installed Policy object) This allows someone to query the policy via the getPermissions call, which discloses which permissions would be granted to a given CodeSource. While revealing the policy does not compromise the security of the system, it does provide malicious code with additional information which it may use to better aim an attack. It is wise not to divulge more information than necessary.
setPolicy Setting of the system-wide security policy (specifically, the Policy object) Granting this permission is extremely dangerous, as malicious code may grant itself all the necessary permissions it needs to successfully mount an attack on the system.
getProperty.{key} Retrieval of the security property with the specified key Depending on the particular key for which access has been granted, the code may have access to the list of security providers, as well as the location of the system-wide and user security policies. while revealing this information does not compromise the security of the system, it does provide malicious code with additional information which it may use to better aim an attack.
setProperty.{key} Setting of the security property with the specified key This could include setting a security provider or defining the location of the the system-wide security policy. Malicious code that has permission to set a new security provider may set a rogue provider that steals confidential information such as cryptographic private keys. In addition, malicious code with permission to set the location of the system-wide security policy may point it to a security policy that grants the attacker all the necessary permissions it requires to successfully mount an attack on the system.
insertProvider.{provider name} Addition of a new provider, with the specified name This would allow somebody to introduce a possibly malicious provider (e.g., one that discloses the private keys passed to it) as the highest-priority provider. This would be possible because the Security object (which manages the installed providers) currently does not check the integrity or authenticity of a provider before attaching it.
removeProvider.{provider name} Removal of the specified provider This may change the behavior or disable execution of other parts of the program. If a provider subsequently requested by the program has been removed, execution may fail. Also, if the removed provider is not explicitly requested by the rest of the program, but it would normally be the provider chosen when a cryptography service is requested (due to its previous order in the list of providers), a different provider will be chosen instead, or no suitable provider will be found, thereby resulting in program failure.
setSystemScope Setting of the system identity scope This would allow an attacker to configure the system identity scope with certificates that should not be trusted, thereby granting applet or application code signed with those certificates privileges that would have been denied by the system's original identity scope
setIdentityPublicKey Setting of the public key for an Identity If the identity is marked as "trusted", this allows an attacker to introduce a different public key (e.g., its own) that is not trusted by the system's identity scope, thereby granting applet or application code signed with that public key privileges that would have been denied otherwise.
setIdentityInfo Setting of a general information string for an Identity This allows attackers to set the general description for an identity. This may trick applications into using a different identity than intended or may prevent applications from finding a particular identity.
addIdentityCertificate Addition of a certificate for an Identity This allows attackers to set a certificate for an identity's public key. This is dangerous because it affects the trust relationship across the system. This public key suddenly becomes trusted to a wider audience than it otherwise would be.
removeIdentityCertificate Removal of a certificate for an Identity This allows attackers to remove a certificate for an identity's public key. This is dangerous because it affects the trust relationship across the system. This public key suddenly becomes considered less trustworthy than it otherwise would be.
printIdentity Viewing the name of a principal and optionally the scope in which it is used, and whether or not it is considered "trusted" in that scope The scope that is printed out may be a filename, in which case it may convey local system information. For example, here's a sample printout of an identity named "carol", who is marked not trusted in the user's identity database:
carol[/home/luehe/identitydb.obj][not trusted]
clearProviderProperties.{provider name} "Clearing" of a Provider so that it no longer contains the properties used to look up services implemented by the provider This disables the lookup of services implemented by the provider. This may thus change the behavior or disable execution of other parts of the program that would normally utilize the Provider, as described under the "removeProvider.{provider name}" permission.
putProviderProperty.{provider name} Setting of properties for the specified Provider The provider properties each specify the name and location of a particular service implemented by the provider. By granting this permission, you let code replace the service specification with another one, thereby specifying a different implementation.
removeProviderProperty.{provider name} Removal of properties from the specified Provider This disables the lookup of services implemented by the provider. They are no longer accessible due to removal of the properties specifying their names and locations. This may change the behavior or disable execution of other parts of the program that would normally utilize the Provider, as described under the "removeProvider.{provider name}" permission.
getSignerPrivateKey Retrieval of a Signer's private key It is very dangerous to allow access to a private key; private keys are supposed to be kept secret. Otherwise, code can use the private key to sign various files and claim the signature came from the Signer.
setSignerKeyPair Setting of the key pair (public key and private key) for a Signer This would allow an attacker to replace somebody else's (the "target's") keypair with a possibly weaker keypair (e.g., a keypair of a smaller keysize). This also would allow the attacker to listen in on encrypted communication between the target and its peers. The target's peers might wrap an encryption session key under the target's "new" public key, which would allow the attacker (who possesses the corresponding private key) to unwrap the session key and decipher the communication data encrypted under that session key.
*/
}
/*********************************************************************
* *
* #SignatureSpi: *
* *
* Desc: *
* *
* Fields: *
* appRandom *
* *
* Methods: *
* clone engineInitVerify engineSign *
* engineGetParameter engineSetParameter engineUpdate *
* engineInitSign engineSetParameter engineVerify *
* *
*********************************************************************/
void signaturespi() {
/* TO BE DETERMINED
protected SecureRandom appRandom // Application-specified source of randomness
Object clone() // Returns a clone if the implementation is cloneable.
protected abstract Object engineGetParameter(String param) // Deprecated.
protected abstract void engineInitSign(PrivateKey privateKey) // Initializes this signature object with the specified private key for signing operations.
protected void engineInitSign(PrivateKey privateKey, SecureRandom random) // Initializes this signature object with the specified private key and source of randomness for signing operations.
protected abstract void engineInitVerify(PublicKey publicKey) // Initializes this signature object with the specified public key for verification operations.
protected void engineSetParameter(AlgorithmParameterSpec params) // Initializes this signature engine with the specified parameter set.
protected abstract void engineSetParameter(String param, Object value) // Deprecated. Replaced by engineSetParameter.
protected abstract byte[] engineSign() // Returns the signature bytes of all the data updated so far.
protected int engineSign(byte[] outbuf, int offset, int len) // Finishes this signature operation and stores the resulting signature bytes in the provided buffer outbuf, starting at offset.
protected abstract void engineUpdate(byte b) // Updates the data to be signed or verified using the specified byte.
protected abstract void engineUpdate(byte[] b, int off, int len) // Updates the data to be signed or verified, using the specified array of bytes, starting at the specified offset.
protected abstract boolean engineVerify(byte[] sigBytes) // Verifies the passed-in signature.
*/
}
/*********************************************************************
* *
* Signature: *
* *
* Desc: *
* *
* Fields: *
* #SIGN #UNINITIALIZED #VERIFY *
* #state *
* *
* Methods: *
* clone %engineUpdate initVerify *
* %engineGetParameter %engineVerify setParameter *
* %engineInitSign getAlgorithm sign *
* %engineInitVerify getInstance toString *
* %engineSetParameter %getParameter update *
* %engineSign initSign verify *
* *
* #getProvider *
*********************************************************************/
void signature() {
int i;
boolean b;
byte[] bx;
String s;
java.io.FileInputStream ios;
PrivateKey k;
PublicKey pk;
KeyStore ks;
Provider p;
SecureRandom r;
Signature x;
Signature y;
try {
r = SecureRandom.getInstance("SHA1PRNG");
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = KeyStore.getInstance("JKS");
ks.load(ios, null);
k = (PrivateKey)ks.getKey("critter", pswd);
pk = ks.getCertificate("critter").getPublicKey();
x = Signature.getInstance("DSA"); // generates a Signature object
x = Signature.getInstance("DSA", "SUN");
p = x.getProvider(); // provider of signature object
s = x.getAlgorithm(); // name of the algorithm
s = x.toString(); // string representation
//y = (Signature)x.clone(); // clone the Signature (not supported?)
x.initSign(k); // initialize object for signing
x.initSign(k, r);
x.update("hello".getBytes()); // updates the digest using bytes
x.update((byte)0x20); // updates the digest using byte
x.update("world".getBytes(), 3, 2); // updates the digest using bytes (offset/length)
bx = x.sign(); // signature bytes of all the data updated
//i = x.sign("hi".getBytes(), 0, 2); // update and sign
x.initVerify(pk); // initializes object for verification
b = x.verify(bx); // verifies the passed-in signature.
ios.close();
} catch(KeyStoreException e) {
System.out.println(e);
} catch(SignatureException e) {
System.out.println(e);
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(NoSuchProviderException e) {
System.out.println(e);
} catch(UnrecoverableKeyException e) {
System.out.println(e);
} catch(InvalidKeyException e) {
System.out.println(e);
} catch(java.security.cert.CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
//} catch(java.lang.CloneNotSupportedException e) {
}
/* TO BE DETERMINED
void setParameter(AlgorithmParameterSpec params) // Initializes this signature engine with the specified parameter set.
Object getParameter(String param); // Deprecated.
void setParameter(String param, Object value) // Deprecated. Use setParameter.
*/
}
/*********************************************************************
* *
* #SignedObject: *
* *
* Desc: *
* *
* Methods: *
* getAlgorithm getSignature verify *
* getObject *
* *
*********************************************************************/
void signedobject() {
boolean b;
String s = "an object";
byte[] bx;
java.io.FileInputStream ios;
PrivateKey k;
PublicKey pk;
KeyStore ks;
Signature x;
SignedObject xo;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = KeyStore.getInstance("JKS");
ks.load(ios, null);
k = (PrivateKey)ks.getKey("critter", pswd);
pk = ks.getCertificate("critter").getPublicKey();
x = Signature.getInstance("DSA");
xo = new SignedObject(s, k, x);
s = xo.getAlgorithm(); // name of the signature algorithm
s = (String)xo.getObject(); // retrieves the encapsulated object
bx = xo.getSignature(); // retrieves the signature
b = xo.verify(pk, x); // verifies the signature
} catch(KeyStoreException e) {
System.out.println(e);
} catch(SignatureException e) {
System.out.println(e);
} catch(NoSuchAlgorithmException e) {
System.out.println(e);
} catch(UnrecoverableKeyException e) {
System.out.println(e);
} catch(InvalidKeyException e) {
System.out.println(e);
} catch(java.security.cert.CertificateException e) {
System.out.println(e);
} catch(java.lang.ClassNotFoundException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* %Signer: *
* *
* Desc: *
* *
* Methods: *
* getPrivateKey setKeyPair toString *
* *
*********************************************************************/
void signer() {
/* TO BE DETERMINED
PrivateKey getPrivateKey() // Deprecated. Returns this signer's private key.
void setKeyPair(KeyPair pair) // Deprecated. Sets the key pair (public key and private key) for this signer.
String toString() // Deprecated. Returns a string of information about the signer.
*/
}
/*********************************************************************
* *
* %Certificate Interface: *
* *
* Desc: *
* *
* Methods: *
* decode getGuarantor getPublicKey *
* encode getPrincipal toString *
* getFormat *
* *
*********************************************************************/
void certificate() {
/* TO BE DETERMINED
void decode(InputStream stream) // Deprecated. Decodes a certificate from an input stream.
void encode(OutputStream stream) // Deprecated. Encodes the certificate to an output stream in a format that can be decoded by the decode method.
String getFormat() // Deprecated. Returns the name of the coding format.
Principal getGuarantor() // Deprecated. Returns the guarantor of the certificate, that is, the principal guaranteeing that the public key associated with this certificate is that of the principal associated with this certificate.
Principal getPrincipal() // Deprecated. Returns the principal of the principal-key pair being guaranteed by the guarantor.
PublicKey getPublicKey() // Deprecated. Returns the key of the principal-key pair being guaranteed by the guarantor.
String toString(boolean detailed) // Deprecated. Returns a string that represents the contents of the certificate.
*/
}
}