1 /*
2 * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
32
33 import java.security.*;
34 import java.security.SecureRandom;
35 import java.security.interfaces.*;
36 import java.security.spec.*;
37
38 import sun.security.util.Debug;
39 import sun.security.util.DerValue;
40 import sun.security.util.DerInputStream;
41 import sun.security.util.DerOutputStream;
42 import sun.security.jca.JCAUtil;
43
44 /**
45 * The Digital Signature Standard (using the Digital Signature
46 * Algorithm), as described in fips186-3 of the National Instute of
47 * Standards and Technology (NIST), using SHA digest algorithms
48 * from FIPS180-3.
49 *
50 * This file contains both the signature implementation for the
51 * commonly used SHA1withDSA (DSS), SHA224withDSA, SHA256withDSA,
52 * as well as RawDSA, used by TLS among others. RawDSA expects
53 * the 20 byte SHA-1 digest as input via update rather than the
54 * original data like other signature implementations.
55 *
56 * @author Benjamin Renaud
57 *
58 * @since 1.1
59 *
60 * @see DSAPublicKey
61 * @see DSAPrivateKey
62 */
63 abstract class DSA extends SignatureSpi {
64
65 /* Are we debugging? */
66 private static final boolean debug = false;
67
68 /* The number of bits used in exponent blinding */
69 private static final int BLINDING_BITS = 7;
70
71 /* The constant component of the exponent blinding value */
72 private static final BigInteger BLINDING_CONSTANT =
73 BigInteger.valueOf(1 << BLINDING_BITS);
74
487 * Return a human readable rendition of the engine.
488 */
489 public String toString() {
490 String printable = "DSA Signature";
491 if (presetP != null && presetQ != null && presetG != null) {
492 printable += "\n\tp: " + Debug.toHexString(presetP);
493 printable += "\n\tq: " + Debug.toHexString(presetQ);
494 printable += "\n\tg: " + Debug.toHexString(presetG);
495 } else {
496 printable += "\n\t P, Q or G not initialized.";
497 }
498 if (presetY != null) {
499 printable += "\n\ty: " + Debug.toHexString(presetY);
500 }
501 if (presetY == null && presetX == null) {
502 printable += "\n\tUNINIIALIZED";
503 }
504 return printable;
505 }
506
507 /**
508 * Standard SHA224withDSA implementation as defined in FIPS186-3.
509 */
510 public static final class SHA224withDSA extends DSA {
511 public SHA224withDSA() throws NoSuchAlgorithmException {
512 super(MessageDigest.getInstance("SHA-224"));
513 }
514 }
515
516 /**
517 * SHA224withDSA implementation that uses the IEEE P1363 format.
518 */
519 public static final class SHA224withDSAinP1363Format extends DSA {
520 public SHA224withDSAinP1363Format() throws NoSuchAlgorithmException {
521 super(MessageDigest.getInstance("SHA-224"), true);
522 }
523 }
524
525 /**
526 * Standard SHA256withDSA implementation as defined in FIPS186-3.
527 */
528 public static final class SHA256withDSA extends DSA {
529 public SHA256withDSA() throws NoSuchAlgorithmException {
530 super(MessageDigest.getInstance("SHA-256"));
531 }
532 }
533
534 /**
535 * SHA256withDSA implementation that uses the IEEE P1363 format.
536 */
537 public static final class SHA256withDSAinP1363Format extends DSA {
538 public SHA256withDSAinP1363Format() throws NoSuchAlgorithmException {
539 super(MessageDigest.getInstance("SHA-256"), true);
540 }
541 }
542
543 /**
544 * Standard SHA1withDSA implementation.
545 */
546 public static final class SHA1withDSA extends DSA {
547 public SHA1withDSA() throws NoSuchAlgorithmException {
548 super(MessageDigest.getInstance("SHA-1"));
549 }
550 }
551
552 /**
553 * SHA1withDSA implementation that uses the IEEE P1363 format.
554 */
555 public static final class SHA1withDSAinP1363Format extends DSA {
556 public SHA1withDSAinP1363Format() throws NoSuchAlgorithmException {
557 super(MessageDigest.getInstance("SHA-1"), true);
558 }
559 }
560
561 /**
562 * Raw DSA.
|
1 /*
2 * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
32
33 import java.security.*;
34 import java.security.SecureRandom;
35 import java.security.interfaces.*;
36 import java.security.spec.*;
37
38 import sun.security.util.Debug;
39 import sun.security.util.DerValue;
40 import sun.security.util.DerInputStream;
41 import sun.security.util.DerOutputStream;
42 import sun.security.jca.JCAUtil;
43
44 /**
45 * The Digital Signature Standard (using the Digital Signature
46 * Algorithm), as described in fips186-3 of the National Instute of
47 * Standards and Technology (NIST), using SHA digest algorithms
48 * from FIPS180-3.
49 *
50 * This file contains both the signature implementation for the
51 * commonly used SHA1withDSA (DSS), SHA224withDSA, SHA256withDSA,
52 * SHA384withDSA, SHA512withDSA, SHA3-224withDSA, SHA3-256withDSA,
53 * SHA3-384withDSA, SHA3-512withDSA, as well as RawDSA, used by
54 * TLS among others. RawDSA expects the 20 byte SHA-1 digest as
55 * input via update rather than the original data like other signature
56 * implementations.
57 *
58 * @author Benjamin Renaud
59 *
60 * @since 1.1
61 *
62 * @see DSAPublicKey
63 * @see DSAPrivateKey
64 */
65 abstract class DSA extends SignatureSpi {
66
67 /* Are we debugging? */
68 private static final boolean debug = false;
69
70 /* The number of bits used in exponent blinding */
71 private static final int BLINDING_BITS = 7;
72
73 /* The constant component of the exponent blinding value */
74 private static final BigInteger BLINDING_CONSTANT =
75 BigInteger.valueOf(1 << BLINDING_BITS);
76
489 * Return a human readable rendition of the engine.
490 */
491 public String toString() {
492 String printable = "DSA Signature";
493 if (presetP != null && presetQ != null && presetG != null) {
494 printable += "\n\tp: " + Debug.toHexString(presetP);
495 printable += "\n\tq: " + Debug.toHexString(presetQ);
496 printable += "\n\tg: " + Debug.toHexString(presetG);
497 } else {
498 printable += "\n\t P, Q or G not initialized.";
499 }
500 if (presetY != null) {
501 printable += "\n\ty: " + Debug.toHexString(presetY);
502 }
503 if (presetY == null && presetX == null) {
504 printable += "\n\tUNINIIALIZED";
505 }
506 return printable;
507 }
508
509 public static final class SHA3_224withDSA extends DSA {
510 public SHA3_224withDSA() throws NoSuchAlgorithmException {
511 super(MessageDigest.getInstance("SHA3-224"));
512 }
513 }
514 public static final class SHA3_224withDSAinP1363Format extends DSA {
515 public SHA3_224withDSAinP1363Format() throws NoSuchAlgorithmException {
516 super(MessageDigest.getInstance("SHA3-224"), true);
517 }
518 }
519
520 public static final class SHA3_256withDSA extends DSA {
521 public SHA3_256withDSA() throws NoSuchAlgorithmException {
522 super(MessageDigest.getInstance("SHA3-256"));
523 }
524 }
525 public static final class SHA3_256withDSAinP1363Format extends DSA {
526 public SHA3_256withDSAinP1363Format() throws NoSuchAlgorithmException {
527 super(MessageDigest.getInstance("SHA3-256"), true);
528 }
529 }
530
531 public static final class SHA3_384withDSA extends DSA {
532 public SHA3_384withDSA() throws NoSuchAlgorithmException {
533 super(MessageDigest.getInstance("SHA3-384"));
534 }
535 }
536 public static final class SHA3_384withDSAinP1363Format extends DSA {
537 public SHA3_384withDSAinP1363Format() throws NoSuchAlgorithmException {
538 super(MessageDigest.getInstance("SHA3-384"), true);
539 }
540 }
541
542 public static final class SHA3_512withDSA extends DSA {
543 public SHA3_512withDSA() throws NoSuchAlgorithmException {
544 super(MessageDigest.getInstance("SHA3-512"));
545 }
546 }
547 public static final class SHA3_512withDSAinP1363Format extends DSA {
548 public SHA3_512withDSAinP1363Format() throws NoSuchAlgorithmException {
549 super(MessageDigest.getInstance("SHA3-512"), true);
550 }
551 }
552
553 /**
554 * Standard SHA224withDSA implementation as defined in FIPS186-3.
555 */
556 public static final class SHA224withDSA extends DSA {
557 public SHA224withDSA() throws NoSuchAlgorithmException {
558 super(MessageDigest.getInstance("SHA-224"));
559 }
560 }
561
562 /**
563 * SHA224withDSA implementation that uses the IEEE P1363 format.
564 */
565 public static final class SHA224withDSAinP1363Format extends DSA {
566 public SHA224withDSAinP1363Format() throws NoSuchAlgorithmException {
567 super(MessageDigest.getInstance("SHA-224"), true);
568 }
569 }
570
571 /**
572 * Standard SHA256withDSA implementation as defined in FIPS186-3.
573 */
574 public static final class SHA256withDSA extends DSA {
575 public SHA256withDSA() throws NoSuchAlgorithmException {
576 super(MessageDigest.getInstance("SHA-256"));
577 }
578 }
579
580 /**
581 * SHA256withDSA implementation that uses the IEEE P1363 format.
582 */
583 public static final class SHA256withDSAinP1363Format extends DSA {
584 public SHA256withDSAinP1363Format() throws NoSuchAlgorithmException {
585 super(MessageDigest.getInstance("SHA-256"), true);
586 }
587 }
588
589 /**
590 * Standard SHA384withDSA implementation as defined in FIPS186-3.
591 */
592 public static final class SHA384withDSA extends DSA {
593 public SHA384withDSA() throws NoSuchAlgorithmException {
594 super(MessageDigest.getInstance("SHA-384"));
595 }
596 }
597
598 /**
599 * SHA384withDSA implementation that uses the IEEE P1363 format.
600 */
601 public static final class SHA384withDSAinP1363Format extends DSA {
602 public SHA384withDSAinP1363Format() throws NoSuchAlgorithmException {
603 super(MessageDigest.getInstance("SHA-384"), true);
604 }
605 }
606
607 /**
608 * Standard SHA512withDSA implementation as defined in FIPS186-3.
609 */
610 public static final class SHA512withDSA extends DSA {
611 public SHA512withDSA() throws NoSuchAlgorithmException {
612 super(MessageDigest.getInstance("SHA-512"));
613 }
614 }
615
616 /**
617 * SHA512withDSA implementation that uses the IEEE P1363 format.
618 */
619 public static final class SHA512withDSAinP1363Format extends DSA {
620 public SHA512withDSAinP1363Format() throws NoSuchAlgorithmException {
621 super(MessageDigest.getInstance("SHA-512"), true);
622 }
623 }
624
625 /**
626 * Standard SHA1withDSA implementation.
627 */
628 public static final class SHA1withDSA extends DSA {
629 public SHA1withDSA() throws NoSuchAlgorithmException {
630 super(MessageDigest.getInstance("SHA-1"));
631 }
632 }
633
634 /**
635 * SHA1withDSA implementation that uses the IEEE P1363 format.
636 */
637 public static final class SHA1withDSAinP1363Format extends DSA {
638 public SHA1withDSAinP1363Format() throws NoSuchAlgorithmException {
639 super(MessageDigest.getInstance("SHA-1"), true);
640 }
641 }
642
643 /**
644 * Raw DSA.
|