Chris Rathman / Chris.Rathman@tx.rr.com

/************************************************************************
 *                                                                      *
 * java.security                                                        *
 *                                                                      *
 *    Interfaces:                                                       *
 *      %Certificate                         PrivateKey                 *
 *       Key                                 PublicKey                  *
 *       Principal                                                      *
 *                                                                      *
 *      #Guard                              #PrivilegedAction           *
 *      #PrivilegedExceptionAction                                      *
 *                                                                      *
 *    Classes:                                                          *
 *       DigestInputStream                   MessageDigest              *
 *       DigestOutputStream                  Provider                   *
 *      %Identity                            SecureRandom               *
 *      %IdentityScope                       Security                   *
 *       KeyPair                             Signature                  *
 *       KeyPairGenerator                   %Signer                     *
 *                                                                      *
 *      #AccessControlContext               #KeyStoreSpi                *
 *      #AccessController                   #MessageDigestSpi           *
 *      #AlgorithmParameterGenerator        #Permission                 *
 *      #AlgorithmParameterGeneratorSpi     #PermissionCollection       *
 *      #AlgorithmParameters                #Permissions                *
 *      #AlgorithmParametersSpi             #Policy                     *
 *      #AllPermission                      #ProtectionDomain           *
 *      #BasicPermission                    #SecureClassLoader          *
 *      #CodeSource                         #SecureRandomSpi            *
 *      #GuardedObject                      #SecurityPermission         *
 *      #KeyFactory                         #SignatureSpi               *
 *      #KeyFactorySpi                      #SignedObject               *
 *      #KeyPairGeneratorSpi                #UnresolvedPermission       *
 *      #KeyStore                                                       *
 *                                                                      *
 *    Exceptions:                                                       *
 *       DigestException                     NoSuchAlgorithmException   *
 *       InvalidKeyException                 NoSuchProviderException    *
 *       InvalidParameterException           ProviderException          *
 *       KeyException                        SignatureException         *
 *       KeyManagementException                                         *
 *                                                                      *
 *      #AccessControlException              #KeyStoreException         *
 *      #GeneralSecurityException            #PrivilegedActionException *
 *      #InvalidAlgorithmParameterExhception #UnrecoverableKeyException *
 *                                                                      *
 ************************************************************************/
package Test.Chris;
import java.security.*;

public class Java_security {

   static char[] pswd = "zephod".toCharArray();

   public static void main(String[] args) {
      Java_security obj = new Java_security();
      obj.exercise();
      System.exit(0);
   }

   public void exercise() {
      permission();
      allpermission();
      basicpermission();
      unresolvedpermission();
      permissioncollection();
      permissions();
      codesource();
      policy();
      protectiondomain();
      accesscontroller();
      accesscontrolcontext();
      guardedobject();
      guard();
      security();
      provider();
      messagedigest();
      messagedigestspi();
      digestoutputstream();
      digestinputstream();
      key();
      privatekey();
      publickey();
      keypair();
      keypairgenerator();
      securerandom();
      securerandomspi();
      algorithmparametergenerator();
      algorithmparametergeneratorspi();
      algorithmparameters();
      algorithmparametersspi();
      keyfactory();
      keyfactoryspi();
      principal();

      identity();
      identityscope();
      signature();
      signer();
      keypairgeneratorspi();
      keystore();
      keystorespi();
      secureclassloader();
      securitypermission();
      signaturespi();
      signedobject();
      certificate();
   }

   /*********************************************************************
    *                                                                   *
    * #Permission:                                           (Abstract) *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       checkGuard           getName       newPermissionCollection  *
    *       equals               hashCode      toString                 *
    *       getActions           implies                                *
    *                                                                   *
    *********************************************************************/
   class CMRPermission extends Permission {
      String name;
      String action;
      public CMRPermission(String name) {
         super(name);
         this.name = name;
         this.action = "";
      }
      public CMRPermission(String name, String action) {
         super(name);
         this.name = name;
         this.action = action;
      }
      public int hashCode() {
         return (name + action).hashCode();
      }
      public boolean equals(Object obj) {
         if (obj instanceof CMRPermission) {
            if (this.name.equals(((CMRPermission)obj).name)) return true;
         }
         return false;
      }
      public boolean implies(Permission p) {
         if (p instanceof CMRPermission) {
            if (this.name.equals(((CMRPermission)p).name)) return true;
         }
         return false;
      }
      public String getActions() {
         return this.action;
      }
   }

   void permission() {
      /* Current Permission subclasses:
       *    java.security.SecurityPermission
       *    java.security.UnresolvedPermission
       *    java.security.AllPermission
       *    java.lang.RuntimePermission
       *    java.lang.reflect.ReflectPermission
       *    java.util.PropertyPermission
       *    java.io.FilePermission
       *    java.io.SerializablePermission
       *    java.awt.AWTPermission
       *    java.net.SocketPermission
       *    java.net.NetPermission
       */
      int i;
      String s;
      boolean b;
      PermissionCollection c;
      Permission p = new CMRPermission("myPermit", "read");
      Permission q = new CMRPermission("myPermit", "write");

      s = p.getActions();               // actions as a String
      s = p.getName();                  // name of this Permission
      b = p.equals(q);                  // checks two Permission objects for equality
      b = p.implies(q);                 // checks if actions are "implied by" this object's actions
      p.checkGuard(s);                  // implements the guard interface for a permission
      c = p.newPermissionCollection();  // returns empty PermissionCollection
      i = p.hashCode();                 // hash code value
      s = p.toString();                 // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #AllPermission:                                                   *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       equals             hashCode         newPermissionCollection *
    *       getActions         implies                                  *
    *                                                                   *
    *********************************************************************/
   void allpermission() {
      int i;
      String s;
      boolean b;
      PermissionCollection c;
      AllPermission p = new AllPermission();
      AllPermission q = new AllPermission();

      s = p.getActions();               // actions as a String
      s = p.getName();                  // name of this Permission
      b = p.equals(q);                  // checks two Permission objects for equality
      b = p.implies(q);                 // checks if actions are "implied by" this object's actions
      p.checkGuard(s);                  // implements the guard interface for a permission
      c = p.newPermissionCollection();  // returns empty PermissionCollection
      i = p.hashCode();                 // hash code value
      s = p.toString();                 // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #BasicPermission:                                                 *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       equals             hashCode         newPermissionCollection *
    *       getActions         implies                                  *
    *                                                                   *
    *********************************************************************/
   class CMRBasicPermission extends BasicPermission {
      public CMRBasicPermission(String name) {
         super(name);
      }
      public CMRBasicPermission(String name, String action) {
         super(name);
      }
   }

   void basicpermission() {
      int i;
      String s;
      boolean b;
      PermissionCollection c;
      BasicPermission p = new CMRBasicPermission("myperm");
      BasicPermission q = new CMRBasicPermission("myperm", "myaction");

      s = p.getActions();               // actions as a String
      s = p.getName();                  // name of this Permission
      b = p.equals(q);                  // checks two Permission objects for equality
      b = p.implies(q);                 // checks if actions are "implied by" this object's actions
      p.checkGuard(s);                  // implements the guard interface for a permission
      c = p.newPermissionCollection();  // returns empty PermissionCollection
      i = p.hashCode();                 // hash code value
      s = p.toString();                 // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #UnresolvedPermission:                                            *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       equals            hashCode         newPermissionCollection  *
    *       getActions        implies          toString                 *
    *                                                                   *
    *********************************************************************/
   void unresolvedpermission() {
      int i;
      String s;
      boolean b;
      PermissionCollection c;
      UnresolvedPermission p =
         new UnresolvedPermission("java.lang.AllPermission", "myperm", "myaction", null);
      UnresolvedPermission q =
         new UnresolvedPermission("java.lang.AllPermission", "myperm", "myaction", null);

      s = p.getActions();               // actions as a String
      s = p.getName();                  // name of this Permission
//    b = p.equals(q);                  // checks two Permission objects for equality
      b = p.implies(q);                 // checks if actions are "implied by" this object's actions
      p.checkGuard(s);                  // implements the guard interface for a permission
      c = p.newPermissionCollection();  // returns empty PermissionCollection
      i = p.hashCode();                 // hash code value
      s = p.toString();                 // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #PermissionCollection:                                            *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       add                  implies              setReadOnly       *
    *       elements             isReadOnly           toString          *
    *                                                                   *
    *********************************************************************/
   class CMRPermissionCollection extends PermissionCollection {
      java.util.Vector perm = new java.util.Vector();
      CMRPermissionCollection() {
         super();
      }
      public void add(Permission p) {
         if (!(p instanceof CMRPermission)) throw new IllegalArgumentException("Wrong permission type");
         perm.add(p);
      }
      public java.util.Enumeration elements() {
         return perm.elements();
      }
      public boolean implies(Permission p) {
         if (!(p instanceof CMRPermission)) return false;
         String s = p.getName();
         java.util.Enumeration x = elements();
         while (x.hasMoreElements()) {
            if (s.equals(((Permission)x.nextElement()).getName())) return true;
         }
         return false;
      }
   }

   void permissioncollection() {
      int i;
      String s;
      boolean b;
      java.util.Enumeration x;
      Permission p = new CMRPermission("myperm");
      Permission q = new CMRPermission("myperm", "myaction");
      CMRPermissionCollection pc = new CMRPermissionCollection();

      pc.add(p);                        // adds a permission object to the current collection
      pc.add(q);
      x = pc.elements();                // enumeration of all the Permission objects in the collection
      while (x.hasMoreElements()) {
         q = (Permission)x.nextElement();
      }
      pc.setReadOnly();                 // marks PermissionCollection as "readonly"
      b = pc.isReadOnly();              // test if PermissionCollection marked as readonly
      b = pc.implies(p);                // checks if actions are "implied by" this object's actions
      s = pc.toString();                // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #Permissions:                                                     *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       add                  elements             implies           *
    *                                                                   *
    *********************************************************************/
   void permissions() {
      int i;
      String s;
      boolean b;
      java.util.Enumeration x;
      Permission p = new CMRPermission("myperm");
      Permission q = new CMRPermission("myperm", "myaction");
      Permissions pc = new Permissions();

      pc.add(p);                        // adds a permission object to the current collection
      pc.add(q);
      x = pc.elements();                // enumeration of all the Permission objects in the collection
      while (x.hasMoreElements()) {
         q = (Permission)x.nextElement();
      }
      pc.setReadOnly();                 // marks PermissionCollection as "readonly"
      b = pc.isReadOnly();              // test if PermissionCollection marked as readonly
      b = pc.implies(p);                // checks if actions are "implied by" this object's actions
      s = pc.toString();                // string representation
   }

   /*********************************************************************
    *                                                                   *
    * #CodeSource:                                                      *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       equals               getLocation          implies           *
    *       getCertificates      hashCode             toString          *
    *                                                                   *
    *********************************************************************/
   void codesource() {
      int i;
      String s;
      boolean b;
      java.net.URL url;
      java.security.cert.Certificate[] keys = null;
      CodeSource x;
      CodeSource y;

      try {
         url = new java.net.URL("http://rhcus/index.html");
         x = new CodeSource(url, keys);
         y = new CodeSource(url, keys);

         url = x.getLocation();         // location associated with this CodeSource.
         keys = x.getCertificates();    // certificates associated with this CodeSource
         b = x.equals(y);               // tests equality (url & keys)
         b = x.implies(y);              // tests object "implies" the specified CodeSource
         i = x.hashCode();              // hash code value
         s = x.toString();              // string representation

      } catch(java.net.MalformedURLException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #Policy:                                                          *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getPermissions       refresh              setPolicy         *
    *       getPolicy                                                   *
    *                                                                   *
    *********************************************************************/
   class CMRPolicy extends Policy {
      public CMRPolicy() {
         super();
      }
      public PermissionCollection getPermissions(CodeSource cs) {
         return null;
      }
      public void refresh() {
      }
   }

   void policy() {
      java.net.URL url;
      java.security.cert.Certificate[] keys = null;
      PermissionCollection pc;
      CodeSource cs;
      Policy p;

      try {
         url = new java.net.URL("http://rhcus/index.html");
         cs = new CodeSource(url, keys);
         p = new CMRPolicy();
         p = Policy.getPolicy();        // installed Policy object
         Policy.setPolicy(p);           // sets the system-wide Policy object
         pc = p.getPermissions(cs);     // set of permissions allowed for code
         p.refresh();                   // refreshes/reloads the policy configuration

      } catch(java.net.MalformedURLException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #ProtectionDomain:                                                *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getCodeSource        implies              toString          *
    *       getPermissions                                              *
    *                                                                   *
    *********************************************************************/
   void protectiondomain() {
      String s;
      boolean b;
      java.net.URL url;
      java.security.cert.Certificate[] keys = null;
      Permission p = new CMRPermission("myperm");
      PermissionCollection pc;
      CodeSource cs;
      ProtectionDomain pd;

      try {
         url = new java.net.URL("http://rhcus/index.html");
         cs = new CodeSource(url, keys);
         pc = Policy.getPolicy().getPermissions(cs);
         pd = new ProtectionDomain(cs, pc);

         cs = pd.getCodeSource();       // CodeSource of this domain.
         pc = pd.getPermissions();      // permissions of this domain.
         b = pd.implies(p);             // tests object "implies" the specified Permission
         s = pd.toString();             // string representation

      } catch(java.net.MalformedURLException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #AccessController:                                                *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       checkPermission      doPrivileged         getContext        *
    *                                                                   *
    *********************************************************************/
   void accesscontroller() {
      String s;
      Permission p = new java.util.PropertyPermission("java.version", "read");
      CMRPrivilegedAction pa = new CMRPrivilegedAction();
      CMRPrivilegedExceptionAction pe = new CMRPrivilegedExceptionAction();
      AccessControlContext ac;

      try {
         ac = AccessController.getContext();            // snapshot of current calling context
         AccessController.checkPermission(p);           // check access request
         s = (String)AccessController.doPrivileged(pa); // performs specified action with privileges enabled
         s = (String)AccessController.doPrivileged(pa, ac);
         s = (String)AccessController.doPrivileged(pe);
         s = (String)AccessController.doPrivileged(pe, ac);

      } catch(AccessControlException e) {
         System.out.println(e);
      } catch(PrivilegedActionException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #AccessControlContext:                                            *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       checkPermission      equals              hashCode           *
    *                                                                   *
    *********************************************************************/
   void accesscontrolcontext() {
      int i;
      boolean b;
      Permission p = new java.util.PropertyPermission("java.version", "read");
      AccessControlContext ac = AccessController.getContext();
      AccessControlContext ad = AccessController.getContext();

      try {
         ac.checkPermission(p);         // test permission
         b = ac.equals(ad);             // test AccessControlContext objects for equality
         i = ac.hashCode();             // hash code value

      } catch(AccessControlException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #PrivilegedAction:                                                *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       run                                                         *
    *                                                                   *
    *********************************************************************/
   class CMRPrivilegedAction implements PrivilegedAction {
      public Object run() {             // Performs the computation
         return System.getProperty("user.name");
      }
   }

   /*********************************************************************
    *                                                                   *
    * #PrivilegedExceptionAction:                                       *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       run                                                         *
    *                                                                   *
    *********************************************************************/
   class CMRPrivilegedExceptionAction implements PrivilegedExceptionAction {
      public Object run() {             // Performs the computation
         return System.getProperty("java.version");
      }
   }

   /*********************************************************************
    *                                                                   *
    * #GuardedObject:                                                   *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getObject                                                   *
    *                                                                   *
    *********************************************************************/
   void guardedobject() {
      String s;
      Permission p = new CMRPermission("myperm");
      GuardedObject go = new GuardedObject(new String("GuardMe"), p);

      try {
         s = (String)go.getObject();      // retrieves the guarded object
      } catch(AccessControlException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #Guard:                                                           *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       checkGuard                                                  *
    *                                                                   *
    *********************************************************************/
   void guard() {
      Guard p = new CMRPermission("myPermit");
      p.checkGuard("myPermit");         // test access allowed to the guarded object object
   }

   /*********************************************************************
    *                                                                   *
    * Security:                                                         *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       addProvider          getProvider          removeProvider    *
    *      %getAlgorithmProperty getProviders         setProperty       *
    *       getProperty          insertProviderAt                       *
    *                                                                   *
    *********************************************************************/
   void security() {
      int i;
      String s;
      Provider p = new CMRProvider();
      Provider[] px;

      i = Security.addProvider(p);                       // adds a provider to the next position available
      //i = Security.insertProviderAt(p, 1);             // adds a new provider, at a specified position
      //Security.removeProvider("CMR");                  // removes provider with the specified name
      p = Security.getProvider("CMR");                   // provider installed with the specified name
      px = Security.getProviders();                      // all installed providers
      s = Security.getProperty("security.provider.1");   // Gets security property value
      Security.setProperty("security.provider.1", s);    // Sets security property value
   }

   /*********************************************************************
    *                                                                   *
    * Provider:                                                         *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getInfo              getVersion           toString          *
    *       getName                                                     *
    *                                                                   *
    *      #clear               #load                #remove            *
    *      #entrySet            #put                 #values            *
    *      #keySet              #putAll                                 *
    *                                                                   *
    *********************************************************************/
   class CMRProvider extends Provider {
      public CMRProvider() {
         super("CMR", 1.0, "CMR Security Provider v1.0");
         put("MessageDigest.CUS", "Test.Chris.Java_security$CMRMessageDigest");
         put("Alg.Alias.MessageDigest.CUS-1", "CUS");
      }
   }
   void provider() {
      String s;
      double d;
      java.util.Set x;
      java.util.Collection y;
      Provider p;

      p = Security.getProvider("CMR");
      s = p.getInfo();                          // description of the provider and its services
      s = p.getName();                          // name of this provider
      d = p.getVersion();                       // version number for this provider.
      s = p.toString();                         // string representation
      s = (String)p.put("aprop", "aval");       // sets key property to have the specified value
      s = (String)p.remove("aprop");            // removes the key property
      p.clear();                                // clears provider

   /* TO BE DETERMINED
      void load(InputStream inStream) // Reads a property list (key and element pairs) from the input stream
      void putAll(Map t)              // Copies all of the mappings from the specified Map to this provider
      x = p.keySet();                 // unmodifiable Set of the property keys
      x = p.entrySet();               // unmodifiable Set of the property entries
      y = p.values();
    */
   }

   /*********************************************************************
    *                                                                   *
    * MessageDigest:                                                    *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       clone               %engineUpdate         reset             *
    *       digest               getAlgorithm         toString          *
    *      %engineDigest         getInstance          update            *
    *      %engineReset          isEqual                                *
    *                                                                   *
    *      #getDigestLength     #getProvider                            *
    *                                                                   *
    *********************************************************************/
   class CMRMessageDigest extends MessageDigestSpi {
      private int hash;
      private int store;
      private int bytes;

      public CMRMessageDigest() {
         //super("CMR");            // use this if extend MessageDigest
         super();
         engineReset();
      }
      public void engineReset() {
         hash = 0;
         store = 0;
         bytes = 0;
      }
      public void engineUpdate(byte b) {
         switch (bytes) {
            case 0: store  = (b << 24) & 0xff000000; break;
            case 1: store |= (b << 16) & 0x00ff0000; break;
            case 2: store |= (b <<  8) & 0x0000ff00; break;
            case 3: store |= (b <<  0) & 0x000000ff; break;
         }
         bytes++;
         if (bytes == 4) {
            hash = hash^store;
            bytes = 0;
            store = 0;
         }
      }
      public void engineUpdate(byte b[], int offset, int length) {
         for (int i = 0; i < length; i++) engineUpdate(b[i + offset]);
      }
      public byte[] engineDigest() {
         while (bytes != 0) engineUpdate((byte)0);
         byte b[] = new byte[4];
         b[0] = (byte)(hash >>> 24);
         b[1] = (byte)(hash >>> 16);
         b[2] = (byte)(hash >>>  8);
         b[3] = (byte)(hash >>>  0);
         engineReset();
         return b;
      }
   }

   void messagedigest() {
      int i;
      String s;
      boolean b;
      byte[] x;
      byte[] y;
      Provider p;
      MessageDigest md;
      MessageDigest mx;

      try {
         md = MessageDigest.getInstance("SHA"); // get MessageDigest that implements the algorithm
         s = md.getAlgorithm();                 // string that identifies the algorithm
         p = md.getProvider();                  // provider of this message digest object
         md.reset();                            // resets the digest for further use
         md.update("hello".getBytes());         // updates the digest using bytes
         md.update((byte)0x20);                 // updates the digest using byte
         md.update("world".getBytes(), 3, 2);   // updates the digest using bytes (offset/length)
         mx = (MessageDigest)md.clone();        // clone the MessageDigest in current state
         i = md.getDigestLength();              // length of the digest in bytes
         x = md.digest();                       // completes hash computation
         y = mx.digest();
         b = MessageDigest.isEqual(x, y);       // Compares two digests for equality
         s = md.toString();                     // string representation

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(java.lang.CloneNotSupportedException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #MessageDigestSpi:                                                *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       clone             engineGetDigestLength   engineUpdate      *
    *       engineDigest      engineReset                               *
    *                                                                   *
    *********************************************************************/
   void messagedigestspi() {
      MessageDigestSpi md;
      MessageDigestSpi mc;

      try {
         md = MessageDigest.getInstance("SHA");
         mc = (MessageDigestSpi)md.clone();        // clone the object

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(java.lang.CloneNotSupportedException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * DigestOutputStream:                                               *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #digest                                                      *
    *                                                                   *
    *    Methods:                                                       *
    *       getMessageDigest     setMessageDigest     write             *
    *       on                   toString                               *
    *                                                                   *
    *********************************************************************/
   void digestoutputstream() {
      String s;
      MessageDigest md;
      DigestOutputStream ios;

      try {
         md = MessageDigest.getInstance("SHA");
         ios = new DigestOutputStream(new java.io.FileOutputStream("io/Security_digest.txt"), md);

         md = ios.getMessageDigest();   // message digest associated with this stream
         ios.setMessageDigest(md);      // associates the specified message digest with this stream
         ios.on(true);                  // turns the digest function on or off
         s = ios.toString();            // string representation
         ios.write((byte)0x20);         // updates the digest using byte
         ios.write("hello".getBytes()); // updates the digest using bytes
         ios.close();

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * DigestInputStream:                                                *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #digest                                                      *
    *                                                                   *
    *    Methods:                                                       *
    *       getMessageDigest     read                 toString          *
    *       on                   setMessageDigest                       *
    *                                                                   *
    *********************************************************************/
   void digestinputstream() {
      int i;
      String s;
      byte[] b = new byte[10];
      MessageDigest md;
      DigestInputStream ios;

      try {
         md = MessageDigest.getInstance("SHA");
         ios = new DigestInputStream(new java.io.FileInputStream("io/Security_digest.txt"), md);

         md = ios.getMessageDigest();   // message digest associated with this stream
         ios.setMessageDigest(md);      // associates the specified message digest with this stream
         ios.on(true);                  // turns the digest function on or off
         i = ios.read();                // reads a byte, and updates the message digest
         i = ios.read(b, 0, 10);        // reads into a byte array, and updates the message digest
         s = ios.toString();            // string representation

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * Key Interface:                                                    *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #serialVersionUID                                            *
    *                                                                   *
    *    Methods:                                                       *
    *       getAlgorithm         getEncoded           getFormat         *
    *                                                                   *
    *********************************************************************/
   void key() {
      long uid;
      String s;
      byte[] b;
      KeyPair kp;
      KeyPairGenerator kpg;
      Key k;

      try {
         kpg = KeyPairGenerator.getInstance("DSA");
         kpg.initialize(512);
         kp = kpg.genKeyPair();
         k = kp.getPrivate();
         k = kp.getPublic();

         uid = Key.serialVersionUID;
         s = k.getAlgorithm();      // algorithm name for this key
         s = k.getFormat();         // name of the primary encoding format
         b = k.getEncoded();        // key in its primary encoding format

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * PrivateKey Interface:                                             *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #serialVersionUID                                            *
    *                                                                   *
    *********************************************************************/
   void privatekey() {
      long uid = PrivateKey.serialVersionUID;
   }

   /*********************************************************************
    *                                                                   *
    * PublicKey Interface:                                              *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #serialVersionUID                                            *
    *                                                                   *
    *********************************************************************/
   void publickey() {
      long uid = PublicKey.serialVersionUID;
   }

   /*********************************************************************
    *                                                                   *
    * KeyPair:                                                          *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getPrivate           getPublic                              *
    *                                                                   *
    *********************************************************************/
   void keypair() {
      KeyPair kp;
      KeyPairGenerator kpg;
      PrivateKey x;
      PublicKey y;

      try {
         kpg = KeyPairGenerator.getInstance("DSA");
         kpg.initialize(512);
         kp = kpg.genKeyPair();
         x = kp.getPrivate();           // private key component of key pair
         y = kp.getPublic();            // public key component of key pair

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * KeyPairGenerator:                                                 *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       generateKeyPair      getInstance          initialize        *
    *       getAlgorithm                                                *
    *                                                                   *
    *      #getProvider                                                 *
    *                                                                   *
    *********************************************************************/
   void keypairgenerator() {
      String s;
      Provider p;
      KeyPair kp;
      KeyPairGenerator kpg;

      try {
         kpg = KeyPairGenerator.getInstance("DSA");   // generates KeyPairGenerator with digest algorithm
         kpg = KeyPairGenerator.getInstance("DSA", "SUN");
         kpg.initialize(512);                         // initializes key pair generator with keysize
         s = kpg.getAlgorithm();                      // standard name of the algorithm
         p = kpg.getProvider();                       // provider of this key pair generator object
         kp = kpg.genKeyPair();                       // generates a key pair

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(NoSuchProviderException e) {
         System.out.println(e);
      }

   /* TO BE DETERMINED
      void initialize(AlgorithmParameterSpec params) // Initializes the key pair generator using the specified parameter set and the SecureRandom implementation of the highest-priority installed provider as the source of randomness
      void initialize(AlgorithmParameterSpec params, SecureRandom random) // Initializes the key pair generator with the given parameter set and source of randomness
    */
   }

   /*********************************************************************
    *                                                                   *
    * #KeyPairGeneratorSpi:                                             *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       generateKeyPair      initialize                             *
    *                                                                   *
    *********************************************************************/
   void keypairgeneratorspi() {
      SecureRandom r;
      KeyPairGeneratorSpi kpg;

      try {
         kpg = KeyPairGenerator.getInstance("DSA");   // generates KeyPairGenerator with digest algorithm
         r = SecureRandom.getInstance("SHA1PRNG");
         kpg.initialize(512, r);                      // initializes the key pair generator

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      }

   /* TO BE DETERMINED
      void initialize(AlgorithmParameterSpec params, SecureRandom random)  // Initializes the key pair generator using the specified parameter set and user-provided source of randomness.
   */
   }

   /*********************************************************************
    *                                                                   *
    * SecureRandom:                                                     *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getSeed              nextBytes            setSeed           *
    *       next                                                        *
    *                                                                   *
    *      #generateSeed        #getInstance         #getProvider       *
    *                                                                   *
    *********************************************************************/
   void securerandom() {
      Provider p;
      byte[] b;
      SecureRandom r;

      try {
         r = SecureRandom.getInstance("SHA1PRNG");          // Generates a SecureRandom object
         r = SecureRandom.getInstance("SHA1PRNG", "SUN");
         p = r.getProvider();                               // provider of this SecureRandom object
         b = SecureRandom.getSeed(10);                      // returns the given number of seed bytes
         b = r.generateSeed(10);                            // returns the given number of seed bytes
         r.setSeed(1234);                                   // reseeds this random object (long seed)
         r.setSeed(b);                                      // reseeds this random object
         r.nextBytes(b);                                    // generates specified number of random bytes

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(NoSuchProviderException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #SecureRandomSpi:                                                 *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       engineGenerateSeed   engineNextBytes      engineSetSeed     *
    *                                                                   *
    *********************************************************************/
   void securerandomspi() {
   /* TO BE DETERMINED
      protected abstract  byte[] engineGenerateSeed(int numBytes)    // Returns the given number of seed bytes.
      protected abstract  void engineNextBytes(byte[] bytes)         // Generates a user-specified number of random bytes.
      protected abstract  void engineSetSeed(byte[] seed)            // Reseeds this random object.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #AlgorithmParameterGenerator:                                     *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       generateParameters   getInstance          init              *
    *       getAlgorithm         getProvider                            *
    *                                                                   *
    *********************************************************************/
   void algorithmparametergenerator() {
   /* TO BE DETERMINED
      AlgorithmParameters generateParameters()        // Generates the parameters.
      String getAlgorithm()                           // Returns the standard name of the algorithm this parameter generator is associated with.
      static AlgorithmParameterGenerator getInstance(String algorithm)  // Generates an AlgorithmParameterGenerator object that implements the specified digest algorithm.
      static AlgorithmParameterGenerator getInstance(String algorithm, String provider)   // Generates an AlgorithmParameterGenerator object for the requested algorithm, as supplied from the specified provider, if such a parameter generator is available from the provider.
      Provider getProvider()                          // Returns the provider of this algorithm parameter generator object.
      void init(AlgorithmParameterSpec genParamSpec)  // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
      void init(AlgorithmParameterSpec genParamSpec, SecureRandom random) // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
      void init(int size)                             // Initializes this parameter generator for a certain size.
      void init(int size, SecureRandom random)        // Initializes this parameter generator for a certain size and source of randomness
   */
   }

   /*********************************************************************
    *                                                                   *
    * #AlgorithmParameterGeneratorSpi:                                  *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       engineGenerateParameters          engineInit                *
    *                                                                   *
    *********************************************************************/
   void algorithmparametergeneratorspi() {
   /* TO BE DETERMINED
      protected abstract AlgorithmParameters engineGenerateParameters() // Generates the parameters.
      protected abstract void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) // Initializes this parameter generator with a set of algorithm-specific parameter generation values.
      protected abstract void engineInit(int size, SecureRandom random) // Initializes this parameter generator for a certain size and source of randomness
   */
   }

   /*********************************************************************
    *                                                                   *
    * #AlgorithmParameters:                                             *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getAlgorithm         getParameterSpec     toString          *
    *       getEncoded           getProvider                            *
    *       getInstance          init                                   *
    *                                                                   *
    *********************************************************************/
   void algorithmparameters() {
   /* TO BE DETERMINED
      String getAlgorithm()                   // Returns the name of the algorithm associated with this parameter object.
      byte[] getEncoded()                     // Returns the parameters in their primary encoding format.
      byte[] getEncoded(String format)        // Returns the parameters encoded in the specified scheme.
      static AlgorithmParameters getInstance(String algorithm)  // Generates a parameter object for the specified algorithm.
      static AlgorithmParameters getInstance(String algorithm, String provider)  // Generates a parameter object for the specified algorithm, as supplied by the specified provider, if such an algorithm is available from the provider.
      AlgorithmParameterSpec getParameterSpec(Class paramSpec)  // Returns a (transparent) specification of this parameter object.
      Provider getProvider()                                    // Returns the provider of this parameter object.
      void init(AlgorithmParameterSpec paramSpec)               // Initializes this parameter object using the parameters specified in paramSpec.
      void init(byte[] params)                                  // Imports the specified parameters and decodes them according to the primary decoding format for parameters.
      void init(byte[] params, String format)                   // Imports the parameters from params and decodes them according to the specified decoding scheme.
      String toString()                                         // Returns a formatted string describing the parameters.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #AlgorithmParametersSpi:                                          *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       engineGetEncoded               engineInit                   *
    *       engineGetParameterSpec         engineToString               *
    *                                                                   *
    *********************************************************************/
   void algorithmparametersspi() {
   /* TO BE DETERMINED
      protected abstract  byte[] engineGetEncoded()         // Returns the parameters in their primary encoding format.
      protected abstract  byte[] engineGetEncoded(String format)           // Returns the parameters encoded in the specified format.
      protected abstract  AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec)     // Returns a (transparent) specification of this parameters object.
      protected abstract  void engineInit(AlgorithmParameterSpec paramSpec)      // Initializes this parameters object using the parameters specified in paramSpec.
      protected abstract  void engineInit(byte[] params)    // Imports the specified parameters and decodes them according to the primary decoding format for parameters.
      protected abstract  void engineInit(byte[] params, String format)    // Imports the parameters from params and decodes them according to the specified decoding format.
      protected abstract  String engineToString()           // Returns a formatted string describing the parameters.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #KeyFactory:                                                      *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       generatePrivate      getInstance          translateKey      *
    *       generatePublic       getKeySpec                             *
    *       getAlgorithm         getProvider                            *
    *                                                                   *
    *********************************************************************/
   void keyfactory() {
      String s;
      Provider p;
      java.security.spec.KeySpec ks;
      Key k;
      KeyPair kp;
      KeyPairGenerator kpg;
      KeyFactory kf;

      try {
         kpg = KeyPairGenerator.getInstance("DSA");
         kpg.initialize(512);
         kp = kpg.generateKeyPair();

         kf = KeyFactory.getInstance("DSA");             // generates KeyFactory object
         kf = KeyFactory.getInstance("DSA", "SUN");      // generates KeyFactory object with provider
         s = kf.getAlgorithm();                          // algorithm associated with key factory
         p = kf.getProvider();                           // provider of this key factory object
         ks = kf.getKeySpec(kp.getPrivate(),
            java.security.spec.DSAPrivateKeySpec.class); // specification (key material) of the key
         k = kf.generatePrivate(ks);                     // generates a private key
         ks = kf.getKeySpec(kp.getPublic(),
            java.security.spec.DSAPublicKeySpec.class);
         k = kf.generatePublic(ks);                      // generates a public key
         k = kf.translateKey(k);                         // translates a key object

      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(NoSuchProviderException e) {
         System.out.println(e);
      } catch(InvalidKeyException e) {
         System.out.println(e);
      } catch(java.security.spec.InvalidKeySpecException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #KeyFactorySpi:                                                   *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       engineGeneratePrivate         engineGetKeySpec              *
    *       engineGeneratePublic          engineTranslateKey            *
    *                                                                   *
    *********************************************************************/
   void keyfactoryspi() {
   /* TO BE DETERMINED
      protected abstract PrivateKey engineGeneratePrivate(KeySpec keySpec)   // Generates a private key object from the provided key specification (key material).
      protected abstract PublicKey engineGeneratePublic(KeySpec keySpec)     // Generates a public key object from the provided key specification (key material).
      protected abstract KeySpec engineGetKeySpec(Key key, Class keySpec)    // Returns a specification (key material) of the given key object.
      protected abstract Key engineTranslateKey(Key key)                     // Translates a key object, whose provider may be unknown or potentially untrusted, into a corresponding key object of this key factory.
   */
   }

   /*********************************************************************
    *                                                                   *
    * %Identity:                                                        *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       addCertificate       getPublicKey         setInfo           *
    *       certificates         getScope             setPublicKey      *
    *       equals               hashCode             toString          *
    *       getInfo              identityEquals                         *
    *       getName              removeCertificate                      *
    *                                                                   *
    *********************************************************************/
   void identity() {
   /* deprecated
      IdentityScope is;
      Identity id;
      Key k;

      is = IdentityScope.getSystemScope();
      if (is != null) {
         k = is.getPublicKey();
         id = is.getIdentity("CRathman");
      }
   */

   /* TO BE DETERMINED
      void addCertificate(Certificate certificate)    // Deprecated. Adds a certificate for this identity.
      Certificate[] certificates()                    // Deprecated. Returns a copy of all the certificates for this identity.
      boolean equals(Object identity)                 // Deprecated. Tests for equality between the specified object and this identity.
      String getInfo()                                // Deprecated. Returns general information previously specified for this identity.
      String getName()                                // Deprecated. Returns this identity's name.
      PublicKey getPublicKey()                        // Deprecated. Returns this identity's public key.
      IdentityScope getScope()                        // Deprecated. Returns this identity's scope.
      int hashCode()                                  // Deprecated. Returns a hashcode for this identity.
      protected  boolean identityEquals(Identity identity)     // Deprecated. Tests for equality between the specified identity and this identity.
      void removeCertificate(Certificate certificate) // Deprecated. Removes a certificate from this identity.
      void setInfo(String info)                       // Deprecated. Specifies a general information string for this identity.
      void setPublicKey(PublicKey key)                // Deprecated. Sets this identity's public key.
      String toString()                               // Deprecated. Returns a short string describing this identity, telling its name and its scope (if any).
      String toString(boolean detailed)               // Deprecated. Returns a string representation of this identity, with optionally more details than that provided by the toString method without any arguments.
    */
   }

   /*********************************************************************
    *                                                                   *
    * %IdentityScope:                                                   *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       addIdentity          identities           size              *
    *       getIdentity          removeIdentity       toString          *
    *       getSystemScope       setSystemScope                         *
    *                                                                   *
    *********************************************************************/
   void identityscope() {
   /* TO BE DETERMINED
      abstract  void addIdentity(Identity identity)      // Deprecated. Adds an identity to this identity scope.
      Identity getIdentity(Principal principal)          // Deprecated. Retrieves the identity whose name is the same as that of the specified principal.
      abstract  Identity getIdentity(PublicKey key)      // Deprecated. Retrieves the identity with the specified public key.
      abstract  Identity getIdentity(String name)        // Deprecated. Returns the identity in this scope with the specified name (if any).
      static IdentityScope getSystemScope()              // Deprecated. Returns the system's identity scope.
      abstract  Enumeration identities()                 // Deprecated. Returns an enumeration of all identities in this identity scope.
      abstract  void removeIdentity(Identity identity)   // Deprecated. Removes an identity from this identity scope.
      protected static void setSystemScope(IdentityScope scope)      // Deprecated. Sets the system's identity scope.
      abstract  int size()                               // Deprecated. Returns the number of identities within this identity scope.
      String toString()                                  // Deprecated. Returns a string representation of this identity scope, including its name, its scope name, and the number of identities in this identity scope.
    */
   }

   /*********************************************************************
    *                                                                   *
    * #KeyStore:                                                        *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       aliases             getDefaultType      load                *
    *       containsAlias       getInstance         setCertificateEntry *
    *       deleteEntry         getKey              setKeyEntry         *
    *       getCertificate      getProvider         size                *
    *       getCertificateAlias getType             store               *
    *       getCertificateChain isCertificateEntry                      *
    *       getCreationDate     isKeyEntry                              *
    *                                                                   *
    *********************************************************************/
   void keystore() {
      int i;
      boolean b;
      String s;
      java.util.Date d;
      java.util.Enumeration x;
      java.io.FileInputStream ios;
      java.security.cert.Certificate c;
      java.security.cert.Certificate[] cx;
      Provider p;
      Key k;
      KeyStore ks;

      try {
         ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");

         ks = KeyStore.getInstance("JKS");         // generates a keystore object of the given type
         ks = KeyStore.getInstance("JKS", "SUN");  // generates a keystore object with specified provider
         ks.load(ios, null);                       // loads KeyStore from the given input stream
         s = KeyStore.getDefaultType();            // default keystore type
         s = ks.getType();                         // type of this keystore
         p = ks.getProvider();                     // provider of this keystore
         i = ks.size();                            // number of entries in this keystore
         b = ks.containsAlias("critter");          // checks if the given alias exists in this keystore
         b = ks.isKeyEntry("critter");             // test if entry (alias) is a key entry
         b = ks.isCertificateEntry("critter");     // test if entry (alias) is a trusted certificate entry
         cx = ks.getCertificateChain("critter");   // certificate chain associated with the alias
         x = ks.aliases();                         // lists all the alias names of this keystore
         k = ks.getKey("critter", pswd);           // key associated with the given alias
         c = ks.getCertificate("critter");         // certificate associated with the given alias
         s = ks.getCertificateAlias(c);            // alias name of the keystore entry
         d = ks.getCreationDate("critter");        // creation date of the entry

      } catch(KeyStoreException e) {
         System.out.println(e);
      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(NoSuchProviderException e) {
         System.out.println(e);
      } catch(UnrecoverableKeyException e) {
         System.out.println(e);
      } catch(java.security.cert.CertificateException e) {
         System.out.println(e);
      } catch(java.io.FileNotFoundException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      }

   /* TO BE DETERMINED
      void deleteEntry(String alias)                     // Deletes the entry identified by the given alias from this keystore.
      void setCertificateEntry(String alias, Certificate cert)             // Assigns the given certificate to the given alias.
      void setKeyEntry(String alias, byte[] key, Certificate[] chain)      // Assigns the given key (that has already been protected) to the given alias.
      void setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)    // Assigns the given key to the given alias, protecting it with the given password.
      void store(OutputStream stream, char[] password)   // Stores this keystore to the given output stream, and protects its integrity with the given password.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #KeyStoreSpi:                                                     *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       engineAliases                  engineIsCertificateEntry     *
    *       engineContainsAlias            engineIsKeyEntry             *
    *       engineDeleteEntry              engineLoad                   *
    *       engineGetCertificate           engineSetCertificateEntry    *
    *       engineGetCertificateAlias      engineSetKeyEntry            *
    *       engineGetCertificateChain      engineSize                   *
    *       engineGetCreationDate          engineStore                  *
    *       engineGetKey                                                *
    *                                                                   *
    *********************************************************************/
   void keystorespi() {
   /* TO BE DETERMINED
      abstract  Enumeration engineAliases()                             // Lists all the alias names of this keystore.
      abstract  boolean engineContainsAlias(String alias)               // Checks if the given alias exists in this keystore.
      abstract  void engineDeleteEntry(String alias)                    // Deletes the entry identified by the given alias from this keystore.
      abstract  Certificate engineGetCertificate(String alias)          // Returns the certificate associated with the given alias.
      abstract  String engineGetCertificateAlias(Certificate cert)      // Returns the (alias) name of the first keystore entry whose certificate matches the given certificate.
      abstract  Certificate[] engineGetCertificateChain(String alias)   // Returns the certificate chain associated with the given alias.
      abstract  Date engineGetCreationDate(String alias)                // Returns the creation date of the entry identified by the given alias.
      abstract  Key engineGetKey(String alias, char[] password)         // Returns the key associated with the given alias, using the given password to recover it.
      abstract  boolean engineIsCertificateEntry(String alias)          // Returns true if the entry identified by the given alias is a trusted certificate entry, and false otherwise.
      abstract  boolean engineIsKeyEntry(String alias)                  // Returns true if the entry identified by the given alias is a key entry, and false otherwise.
      abstract  void engineLoad(InputStream stream, char[] password)    // Loads the keystore from the given input stream.
      abstract  void engineSetCertificateEntry(String alias, Certificate cert)            // Assigns the given certificate to the given alias.
      abstract  void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain)     // Assigns the given key (that has already been protected) to the given alias.
      abstract  void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)      // Assigns the given key to the given alias, protecting it with the given password.
      abstract  int engineSize()                                        // Retrieves the number of entries in this keystore.
      abstract  void engineStore(OutputStream stream, char[] password)  // Stores this keystore to the given output stream, and protects its integrity with the given password.
   */
   }

   /*********************************************************************
    *                                                                   *
    * Principal Interface:                                              *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       equals               hashCode             toString          *
    *       getName                                                     *
    *                                                                   *
    *********************************************************************/
   void principal() {
      int i;
      String s;
      boolean b;
      java.io.FileInputStream ios;
      java.security.cert.X509Certificate c;
      KeyStore ks;
      Principal p;
      Principal q;

      try {
         ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
         ks = KeyStore.getInstance("JKS");
         ks.load(ios, null);
         c = (java.security.cert.X509Certificate)ks.getCertificate("critter");
         p = c.getIssuerDN();
         q = c.getSubjectDN();

         b = p.equals(q);               // compares this principal to the specified object
         s = p.getName();               // name of this principal
         s = p.toString();              // string representation of this principal
         i = p.hashCode();              // hashcode for this principal

         ios.close();

      } catch(KeyStoreException e) {
         System.out.println(e);
      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(java.security.cert.CertificateException e) {
         System.out.println(e);
      } catch(java.io.FileNotFoundException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * #SecureClassLoader:                                               *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       defineClass          getPermissions                         *
    *                                                                   *
    *********************************************************************/
   void secureclassloader() {
   /* TO BE DETERMINED
      protected  Class defineClass(String name, byte[] b, int off, int len, CodeSource cs)      // Converts an array of bytes into an instance of class Class, with an optional CodeSource.
      protected  PermissionCollection getPermissions(CodeSource codesource)                     // Returns the permissions for the given codesource object.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #SecurityPermission:                                              *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *********************************************************************/
   void securitypermission() {
   /* TO BE DETERMINED
      getPolicy Retrieval of the system-wide security policy (specifically, of the currently-installed Policy object) This allows someone to query the policy via the getPermissions call, which discloses which permissions would be granted to a given CodeSource. While revealing the policy does not compromise the security of the system, it does provide malicious code with additional information which it may use to better aim an attack. It is wise not to divulge more information than necessary.
      setPolicy Setting of the system-wide security policy (specifically, the Policy object) Granting this permission is extremely dangerous, as malicious code may grant itself all the necessary permissions it needs to successfully mount an attack on the system.
      getProperty.{key} Retrieval of the security property with the specified key Depending on the particular key for which access has been granted, the code may have access to the list of security providers, as well as the location of the system-wide and user security policies. while revealing this information does not compromise the security of the system, it does provide malicious code with additional information which it may use to better aim an attack.
      setProperty.{key} Setting of the security property with the specified key This could include setting a security provider or defining the location of the the system-wide security policy. Malicious code that has permission to set a new security provider may set a rogue provider that steals confidential information such as cryptographic private keys. In addition, malicious code with permission to set the location of the system-wide security policy may point it to a security policy that grants the attacker all the necessary permissions it requires to successfully mount an attack on the system.
      insertProvider.{provider name} Addition of a new provider, with the specified name This would allow somebody to introduce a possibly malicious provider (e.g., one that discloses the private keys passed to it) as the highest-priority provider. This would be possible because the Security object (which manages the installed providers) currently does not check the integrity or authenticity of a provider before attaching it.
      removeProvider.{provider name} Removal of the specified provider This may change the behavior or disable execution of other parts of the program. If a provider subsequently requested by the program has been removed, execution may fail. Also, if the removed provider is not explicitly requested by the rest of the program, but it would normally be the provider chosen when a cryptography service is requested (due to its previous order in the list of providers), a different provider will be chosen instead, or no suitable provider will be found, thereby resulting in program failure.
      setSystemScope Setting of the system identity scope This would allow an attacker to configure the system identity scope with certificates that should not be trusted, thereby granting applet or application code signed with those certificates privileges that would have been denied by the system's original identity scope
      setIdentityPublicKey Setting of the public key for an Identity If the identity is marked as "trusted", this allows an attacker to introduce a different public key (e.g., its own) that is not trusted by the system's identity scope, thereby granting applet or application code signed with that public key privileges that would have been denied otherwise.
      setIdentityInfo Setting of a general information string for an Identity This allows attackers to set the general description for an identity. This may trick applications into using a different identity than intended or may prevent applications from finding a particular identity.
      addIdentityCertificate Addition of a certificate for an Identity This allows attackers to set a certificate for an identity's public key. This is dangerous because it affects the trust relationship across the system. This public key suddenly becomes trusted to a wider audience than it otherwise would be.
      removeIdentityCertificate Removal of a certificate for an Identity This allows attackers to remove a certificate for an identity's public key. This is dangerous because it affects the trust relationship across the system. This public key suddenly becomes considered less trustworthy than it otherwise would be.
      printIdentity Viewing the name of a principal and optionally the scope in which it is used, and whether or not it is considered "trusted" in that scope The scope that is printed out may be a filename, in which case it may convey local system information. For example, here's a sample printout of an identity named "carol", who is marked not trusted in the user's identity database:
      carol[/home/luehe/identitydb.obj][not trusted]
      clearProviderProperties.{provider name} "Clearing" of a Provider so that it no longer contains the properties used to look up services implemented by the provider This disables the lookup of services implemented by the provider. This may thus change the behavior or disable execution of other parts of the program that would normally utilize the Provider, as described under the "removeProvider.{provider name}" permission.
      putProviderProperty.{provider name} Setting of properties for the specified Provider The provider properties each specify the name and location of a particular service implemented by the provider. By granting this permission, you let code replace the service specification with another one, thereby specifying a different implementation.
      removeProviderProperty.{provider name} Removal of properties from the specified Provider This disables the lookup of services implemented by the provider. They are no longer accessible due to removal of the properties specifying their names and locations. This may change the behavior or disable execution of other parts of the program that would normally utilize the Provider, as described under the "removeProvider.{provider name}" permission.
      getSignerPrivateKey Retrieval of a Signer's private key It is very dangerous to allow access to a private key; private keys are supposed to be kept secret. Otherwise, code can use the private key to sign various files and claim the signature came from the Signer.
      setSignerKeyPair Setting of the key pair (public key and private key) for a Signer This would allow an attacker to replace somebody else's (the "target's") keypair with a possibly weaker keypair (e.g., a keypair of a smaller keysize). This also would allow the attacker to listen in on encrypted communication between the target and its peers. The target's peers might wrap an encryption session key under the target's "new" public key, which would allow the attacker (who possesses the corresponding private key) to unwrap the session key and decipher the communication data encrypted under that session key.
   */
   }

   /*********************************************************************
    *                                                                   *
    * #SignatureSpi:                                                    *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *       appRandom                                                   *
    *                                                                   *
    *    Methods:                                                       *
    *       clone                engineInitVerify     engineSign        *
    *       engineGetParameter   engineSetParameter   engineUpdate      *
    *       engineInitSign       engineSetParameter   engineVerify      *
    *                                                                   *
    *********************************************************************/
   void signaturespi() {
   /* TO BE DETERMINED
      protected  SecureRandom appRandom      // Application-specified source of randomness

      Object clone()                                                       // Returns a clone if the implementation is cloneable.
      protected abstract  Object engineGetParameter(String param)          // Deprecated.
      protected abstract  void engineInitSign(PrivateKey privateKey)       // Initializes this signature object with the specified private key for signing operations.
      protected  void engineInitSign(PrivateKey privateKey, SecureRandom random)    // Initializes this signature object with the specified private key and source of randomness for signing operations.
      protected abstract  void engineInitVerify(PublicKey publicKey)       // Initializes this signature object with the specified public key for verification operations.
      protected  void engineSetParameter(AlgorithmParameterSpec params)    // Initializes this signature engine with the specified parameter set.
      protected abstract  void engineSetParameter(String param, Object value)    // Deprecated. Replaced by engineSetParameter.
      protected abstract  byte[] engineSign()                              // Returns the signature bytes of all the data updated so far.
      protected  int engineSign(byte[] outbuf, int offset, int len)        // Finishes this signature operation and stores the resulting signature bytes in the provided buffer outbuf, starting at offset.
      protected abstract  void engineUpdate(byte b)                        // Updates the data to be signed or verified using the specified byte.
      protected abstract  void engineUpdate(byte[] b, int off, int len)    // Updates the data to be signed or verified, using the specified array of bytes, starting at the specified offset.
      protected abstract  boolean engineVerify(byte[] sigBytes)            // Verifies the passed-in signature.
   */
   }

   /*********************************************************************
    *                                                                   *
    * Signature:                                                        *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Fields:                                                        *
    *      #SIGN                #UNINITIALIZED     #VERIFY              *
    *      #state                                                       *
    *                                                                   *
    *    Methods:                                                       *
    *       clone               %engineUpdate         initVerify        *
    *      %engineGetParameter  %engineVerify         setParameter      *
    *      %engineInitSign       getAlgorithm         sign              *
    *      %engineInitVerify     getInstance          toString          *
    *      %engineSetParameter  %getParameter         update            *
    *      %engineSign           initSign             verify            *
    *                                                                   *
    *      #getProvider                                                 *
    *********************************************************************/
   void signature() {
      int i;
      boolean b;
      byte[] bx;
      String s;
      java.io.FileInputStream ios;
      PrivateKey k;
      PublicKey pk;
      KeyStore ks;
      Provider p;
      SecureRandom r;
      Signature x;
      Signature y;

      try {
         r = SecureRandom.getInstance("SHA1PRNG");
         ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
         ks = KeyStore.getInstance("JKS");
         ks.load(ios, null);
         k = (PrivateKey)ks.getKey("critter", pswd);
         pk = ks.getCertificate("critter").getPublicKey();

         x = Signature.getInstance("DSA");         // generates a Signature object
         x = Signature.getInstance("DSA", "SUN");
         p = x.getProvider();                      // provider of signature object
         s = x.getAlgorithm();                     // name of the algorithm
         s = x.toString();                         // string representation
         //y = (Signature)x.clone();               // clone the Signature (not supported?)

         x.initSign(k);                            // initialize object for signing
         x.initSign(k, r);
         x.update("hello".getBytes());             // updates the digest using bytes
         x.update((byte)0x20);                     // updates the digest using byte
         x.update("world".getBytes(), 3, 2);       // updates the digest using bytes (offset/length)
         bx = x.sign();                            // signature bytes of all the data updated
         //i = x.sign("hi".getBytes(), 0, 2);      // update and sign

         x.initVerify(pk);                         // initializes object for verification
         b = x.verify(bx);                         // verifies the passed-in signature.

         ios.close();

      } catch(KeyStoreException e) {
         System.out.println(e);
      } catch(SignatureException e) {
         System.out.println(e);
      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(NoSuchProviderException e) {
         System.out.println(e);
      } catch(UnrecoverableKeyException e) {
         System.out.println(e);
      } catch(InvalidKeyException e) {
         System.out.println(e);
      } catch(java.security.cert.CertificateException e) {
         System.out.println(e);
      } catch(java.io.FileNotFoundException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      //} catch(java.lang.CloneNotSupportedException e) {
      }

   /* TO BE DETERMINED
      void setParameter(AlgorithmParameterSpec params)   // Initializes this signature engine with the specified parameter set.
      Object getParameter(String param);                  // Deprecated.
      void setParameter(String param, Object value)      // Deprecated. Use setParameter.
    */
   }

   /*********************************************************************
    *                                                                   *
    * #SignedObject:                                                    *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getAlgorithm         getSignature         verify            *
    *       getObject                                                   *
    *                                                                   *
    *********************************************************************/
   void signedobject() {
      boolean b;
      String s = "an object";
      byte[] bx;
      java.io.FileInputStream ios;
      PrivateKey k;
      PublicKey pk;
      KeyStore ks;
      Signature x;
      SignedObject xo;

      try {
         ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
         ks = KeyStore.getInstance("JKS");
         ks.load(ios, null);
         k = (PrivateKey)ks.getKey("critter", pswd);
         pk = ks.getCertificate("critter").getPublicKey();
         x = Signature.getInstance("DSA");

         xo = new SignedObject(s, k, x);
         s = xo.getAlgorithm();           // name of the signature algorithm
         s = (String)xo.getObject();      // retrieves the encapsulated object
         bx = xo.getSignature();          // retrieves the signature
         b = xo.verify(pk, x);            // verifies the signature

      } catch(KeyStoreException e) {
         System.out.println(e);
      } catch(SignatureException e) {
         System.out.println(e);
      } catch(NoSuchAlgorithmException e) {
         System.out.println(e);
      } catch(UnrecoverableKeyException e) {
         System.out.println(e);
      } catch(InvalidKeyException e) {
         System.out.println(e);
      } catch(java.security.cert.CertificateException e) {
         System.out.println(e);
      } catch(java.lang.ClassNotFoundException e) {
         System.out.println(e);
      } catch(java.io.FileNotFoundException e) {
         System.out.println(e);
      } catch(java.io.IOException e) {
         System.out.println(e);
      }
   }

   /*********************************************************************
    *                                                                   *
    * %Signer:                                                          *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       getPrivateKey        setKeyPair           toString          *
    *                                                                   *
    *********************************************************************/
   void signer() {
   /* TO BE DETERMINED
      PrivateKey getPrivateKey()       // Deprecated. Returns this signer's private key.
      void setKeyPair(KeyPair pair)    // Deprecated. Sets the key pair (public key and private key) for this signer.
      String toString()                // Deprecated. Returns a string of information about the signer.
    */
   }

   /*********************************************************************
    *                                                                   *
    * %Certificate Interface:                                           *
    *                                                                   *
    *    Desc:                                                          *
    *                                                                   *
    *    Methods:                                                       *
    *       decode               getGuarantor         getPublicKey      *
    *       encode               getPrincipal         toString          *
    *       getFormat                                                   *
    *                                                                   *
    *********************************************************************/
   void certificate() {
   /* TO BE DETERMINED
      void decode(InputStream stream)     // Deprecated. Decodes a certificate from an input stream.
      void encode(OutputStream stream)    // Deprecated. Encodes the certificate to an output stream in a format that can be decoded by the decode method.
      String getFormat()                  // Deprecated. Returns the name of the coding format.
      Principal getGuarantor()            // Deprecated. Returns the guarantor of the certificate, that is, the principal guaranteeing that the public key associated with this certificate is that of the principal associated with this certificate.
      Principal getPrincipal()            // Deprecated. Returns the principal of the principal-key pair being guaranteed by the guarantor.
      PublicKey getPublicKey()            // Deprecated. Returns the key of the principal-key pair being guaranteed by the guarantor.
      String toString(boolean detailed)   // Deprecated. Returns a string that represents the contents of the certificate.
   */
   }
}

Chris Rathman / Chris.Rathman@tx.rr.com