Source for gnu.java.security.key.rsa.GnuRSAPrivateKey

   1: /* GnuRSAPrivateKey.java -- 
   2:    Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.java.security.key.rsa;
  40: 
  41: import gnu.java.security.Configuration;
  42: import gnu.java.security.action.GetPropertyAction;
  43: import gnu.java.security.Registry;
  44: import gnu.java.security.key.IKeyPairCodec;
  45: 
  46: import java.math.BigInteger;
  47: import java.security.AccessController;
  48: import java.security.PrivateKey;
  49: import java.security.interfaces.RSAPrivateCrtKey;
  50: import java.security.interfaces.RSAPrivateKey;
  51: 
  52: /**
  53:  * An object that embodies an RSA private key.
  54:  * <p>
  55:  * References:
  56:  * <ol>
  57:  * <li><a
  58:  * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip">
  59:  * RSA-PSS Signature Scheme with Appendix, part B.</a><br>
  60:  * Primitive specification and supporting documentation.<br>
  61:  * Jakob Jonsson and Burt Kaliski.</li>
  62:  * </ol>
  63:  */
  64: public class GnuRSAPrivateKey
  65:     extends GnuRSAKey
  66:     implements PrivateKey, RSAPrivateCrtKey
  67: {
  68:   /** The first prime divisor of the modulus. */
  69:   private final BigInteger p;
  70: 
  71:   /** The second prime divisor of the modulus. */
  72:   private final BigInteger q;
  73: 
  74:   /** The private exponent of an RSA private key. */
  75:   private final BigInteger d;
  76: 
  77:   /** The first factor's exponent. */
  78:   private final BigInteger dP;
  79: 
  80:   /** The second factor's exponent. */
  81:   private final BigInteger dQ;
  82: 
  83:   /** The CRT (Chinese Remainder Theorem) coefficient. */
  84:   private final BigInteger qInv;
  85: 
  86:   /** String representation of this key. Cached for speed. */
  87:   private transient String str;
  88: 
  89:   /**
  90:    * Convenience constructor. Calls the constructor with 5 arguments passing
  91:    * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred
  92:    * encoding format.
  93:    * 
  94:    * @param p the modulus first prime divisor.
  95:    * @param q the modulus second prime divisor.
  96:    * @param e the public exponent.
  97:    * @param d the private exponent.
  98:    */
  99:   public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, BigInteger d)
 100:   {
 101:     this(Registry.RAW_ENCODING_ID, p, q, e, d);
 102:   }
 103: 
 104:   /**
 105:    * Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the
 106:    * designated arguments.
 107:    * 
 108:    * @param preferredFormat the indetifier of the preferred encoding format to
 109:    *          use when externalizing this key.
 110:    * @param p the modulus first prime divisor.
 111:    * @param q the modulus second prime divisor.
 112:    * @param e the public exponent.
 113:    * @param d the private exponent.
 114:    */
 115:   public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q,
 116:                           BigInteger e, BigInteger d)
 117:   {
 118:     this(preferredFormat,
 119:          p.multiply(q),
 120:          e, d, p, q,
 121:          e.modInverse(p.subtract(BigInteger.ONE)),
 122:          e.modInverse(q.subtract(BigInteger.ONE)),
 123:          q.modInverse(p));
 124:   }
 125: 
 126:   /**
 127:    * Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the
 128:    * designated arguments.
 129:    * 
 130:    * @param preferredFormat the indetifier of the preferred encoding format to
 131:    *          use when externalizing this key.
 132:    * @param n the public modulus, which is also the product of <code>p</code>
 133:    *          and <code>q</code>.
 134:    * @param e the public exponent.
 135:    * @param d the private exponent.
 136:    * @param p the modulus first prime divisor.
 137:    * @param q the modulus second prime divisor.
 138:    * @param dP the first prime's exponen. A positive integer less than
 139:    *          <code>p</code> and <code>q</code>, satisfying
 140:    *          <code>e * dP = 1 (mod p-1)</code>.
 141:    * @param dQ the second prime's exponent. A positive integer less than
 142:    *          <code>p</code> and <code>q</code>, satisfying
 143:    *          <code>e * dQ = 1 (mod p-1)</code>.
 144:    * @param qInv the Chinese Remainder Theorem coefiicient. A positive integer
 145:    *          less than <code>p</code>, satisfying
 146:    *          <code>q * qInv = 1 (mod p)</code>.
 147:    */
 148:   public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e,
 149:                           BigInteger d, BigInteger p, BigInteger q,
 150:                           BigInteger dP, BigInteger dQ, BigInteger qInv)
 151:   {
 152:     super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID
 153:                                                        : preferredFormat,
 154:           n, e);
 155:     this.d = d;
 156:     this.p = p;
 157:     this.q = q;
 158:     // the exponents dP and dQ are positive integers less than p and q
 159:     // respectively satisfying
 160:     // e * dP = 1 (mod p-1);
 161:     // e * dQ = 1 (mod q-1),
 162:     this.dP = dP;
 163:     this.dQ = dQ;
 164:     // the CRT coefficient qInv is a positive integer less than p satisfying
 165:     // q * qInv = 1 (mod p).
 166:     this.qInv = qInv;
 167:   }
 168: 
 169:   /**
 170:    * A class method that takes the output of the <code>encodePrivateKey()</code>
 171:    * method of an RSA keypair codec object (an instance implementing
 172:    * {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this
 173:    * object.
 174:    * 
 175:    * @param k the contents of a previously encoded instance of this object.
 176:    * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in
 177:    *           <code>k</code>, to represent a valid encoding of an instance
 178:    *           of this object.
 179:    * @throws IllegalArgumentException if the byte sequence does not represent a
 180:    *           valid encoding of an instance of this object.
 181:    */
 182:   public static GnuRSAPrivateKey valueOf(final byte[] k)
 183:   {
 184:     // try RAW codec
 185:     if (k[0] == Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0])
 186:       try
 187:         {
 188:           return (GnuRSAPrivateKey) new RSAKeyPairRawCodec().decodePrivateKey(k);
 189:         }
 190:       catch (IllegalArgumentException ignored)
 191:         {
 192:         }
 193:     // try PKCS#8 codec
 194:     return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k);
 195:   }
 196: 
 197:   public BigInteger getPrimeP()
 198:   {
 199:     return p;
 200:   }
 201: 
 202:   public BigInteger getPrimeQ()
 203:   {
 204:     return q;
 205:   }
 206: 
 207:   public BigInteger getPrimeExponentP()
 208:   {
 209:     return dP;
 210:   }
 211: 
 212:   public BigInteger getPrimeExponentQ()
 213:   {
 214:     return dQ;
 215:   }
 216: 
 217:   public BigInteger getCrtCoefficient()
 218:   {
 219:     return qInv;
 220:   }
 221: 
 222:   public BigInteger getPrivateExponent()
 223:   {
 224:     return d;
 225:   }
 226: 
 227:   /**
 228:    * Returns the encoded form of this private key according to the designated
 229:    * format.
 230:    * 
 231:    * @param format the desired format identifier of the resulting encoding.
 232:    * @return the byte sequence encoding this key according to the designated
 233:    *         format.
 234:    * @throws IllegalArgumentException if the format is not supported.
 235:    * @see RSAKeyPairRawCodec
 236:    * @see RSAKeyPairPKCS8Codec
 237:    */
 238:   public byte[] getEncoded(int format)
 239:   {
 240:     final byte[] result;
 241:     switch (format)
 242:       {
 243:       case IKeyPairCodec.RAW_FORMAT:
 244:         result = new RSAKeyPairRawCodec().encodePrivateKey(this);
 245:         break;
 246:       case IKeyPairCodec.PKCS8_FORMAT:
 247:         result = new RSAKeyPairPKCS8Codec().encodePrivateKey(this);
 248:         break;
 249:       default:
 250:         throw new IllegalArgumentException("Unsupported encoding format: "
 251:                                            + format);
 252:       }
 253:     return result;
 254:   }
 255: 
 256:   /**
 257:    * Returns <code>true</code> if the designated object is an instance of this
 258:    * class and has the same RSA parameter values as this one.
 259:    * 
 260:    * @param obj the other non-null RSA key to compare to.
 261:    * @return <code>true</code> if the designated object is of the same type
 262:    *         and value as this one.
 263:    */
 264:   public boolean equals(final Object obj)
 265:   {
 266:     if (obj == null)
 267:       return false;
 268: 
 269:     if (obj instanceof RSAPrivateKey)
 270:       {
 271:         final RSAPrivateKey that = (RSAPrivateKey) obj;
 272:         return super.equals(that) && d.equals(that.getPrivateExponent());
 273:       }
 274:     if (obj instanceof RSAPrivateCrtKey)
 275:       {
 276:         final RSAPrivateCrtKey that = (RSAPrivateCrtKey) obj;
 277:         return super.equals(that) && p.equals(that.getPrimeP())
 278:                && q.equals(that.getPrimeQ())
 279:                && dP.equals(that.getPrimeExponentP())
 280:                && dQ.equals(that.getPrimeExponentQ())
 281:                && qInv.equals(that.getCrtCoefficient());
 282:       }
 283:     return false;
 284:   }
 285: 
 286:   public String toString()
 287:   {
 288:     if (str == null)
 289:       {
 290:         String ls = (String) AccessController.doPrivileged
 291:             (new GetPropertyAction("line.separator"));
 292:         str = new StringBuilder(this.getClass().getName()).append("(")
 293:             .append(super.toString()).append(",").append(ls)
 294:             .append("d=0x").append(Configuration.DEBUG ? d.toString(16)
 295:                                                        : "**...*").append(ls)
 296:             .append("p=0x").append(Configuration.DEBUG ? p.toString(16)
 297:                                                        : "**...*").append(ls)
 298:             .append("q=0x").append(Configuration.DEBUG ? q.toString(16)
 299:                                                        : "**...*").append(ls)
 300:             .append("dP=0x").append(Configuration.DEBUG ? dP.toString(16)
 301:                                                         : "**...*").append(ls)
 302:             .append("dQ=0x").append(Configuration.DEBUG ? dQ.toString(16)
 303:                                                         : "**...*").append(ls)
 304:             .append("qInv=0x").append(Configuration.DEBUG ? qInv.toString(16)
 305:                                                           : "**...*").append(ls)
 306:             .append(")")
 307:             .toString();
 308:       }
 309:     return str;
 310:   }
 311: }