Frames | No Frames |
1: /* GnuRSAPrivateKey.java -- 2: Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc. 3: 4: This file is a part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2 of the License, or (at 9: your option) any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; if not, write to the Free Software 18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19: USA 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package gnu.java.security.key.rsa; 40: 41: import gnu.java.security.Configuration; 42: import gnu.java.security.action.GetPropertyAction; 43: import gnu.java.security.Registry; 44: import gnu.java.security.key.IKeyPairCodec; 45: 46: import java.math.BigInteger; 47: import java.security.AccessController; 48: import java.security.PrivateKey; 49: import java.security.interfaces.RSAPrivateCrtKey; 50: import java.security.interfaces.RSAPrivateKey; 51: 52: /** 53: * An object that embodies an RSA private key. 54: * <p> 55: * References: 56: * <ol> 57: * <li><a 58: * href="http://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/rsa-pss.zip"> 59: * RSA-PSS Signature Scheme with Appendix, part B.</a><br> 60: * Primitive specification and supporting documentation.<br> 61: * Jakob Jonsson and Burt Kaliski.</li> 62: * </ol> 63: */ 64: public class GnuRSAPrivateKey 65: extends GnuRSAKey 66: implements PrivateKey, RSAPrivateCrtKey 67: { 68: /** The first prime divisor of the modulus. */ 69: private final BigInteger p; 70: 71: /** The second prime divisor of the modulus. */ 72: private final BigInteger q; 73: 74: /** The private exponent of an RSA private key. */ 75: private final BigInteger d; 76: 77: /** The first factor's exponent. */ 78: private final BigInteger dP; 79: 80: /** The second factor's exponent. */ 81: private final BigInteger dQ; 82: 83: /** The CRT (Chinese Remainder Theorem) coefficient. */ 84: private final BigInteger qInv; 85: 86: /** String representation of this key. Cached for speed. */ 87: private transient String str; 88: 89: /** 90: * Convenience constructor. Calls the constructor with 5 arguments passing 91: * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred 92: * encoding format. 93: * 94: * @param p the modulus first prime divisor. 95: * @param q the modulus second prime divisor. 96: * @param e the public exponent. 97: * @param d the private exponent. 98: */ 99: public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, BigInteger d) 100: { 101: this(Registry.RAW_ENCODING_ID, p, q, e, d); 102: } 103: 104: /** 105: * Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the 106: * designated arguments. 107: * 108: * @param preferredFormat the indetifier of the preferred encoding format to 109: * use when externalizing this key. 110: * @param p the modulus first prime divisor. 111: * @param q the modulus second prime divisor. 112: * @param e the public exponent. 113: * @param d the private exponent. 114: */ 115: public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q, 116: BigInteger e, BigInteger d) 117: { 118: this(preferredFormat, 119: p.multiply(q), 120: e, d, p, q, 121: e.modInverse(p.subtract(BigInteger.ONE)), 122: e.modInverse(q.subtract(BigInteger.ONE)), 123: q.modInverse(p)); 124: } 125: 126: /** 127: * Constructs a new instance of a <code>GnuRSAPrivateKey</code> given the 128: * designated arguments. 129: * 130: * @param preferredFormat the indetifier of the preferred encoding format to 131: * use when externalizing this key. 132: * @param n the public modulus, which is also the product of <code>p</code> 133: * and <code>q</code>. 134: * @param e the public exponent. 135: * @param d the private exponent. 136: * @param p the modulus first prime divisor. 137: * @param q the modulus second prime divisor. 138: * @param dP the first prime's exponen. A positive integer less than 139: * <code>p</code> and <code>q</code>, satisfying 140: * <code>e * dP = 1 (mod p-1)</code>. 141: * @param dQ the second prime's exponent. A positive integer less than 142: * <code>p</code> and <code>q</code>, satisfying 143: * <code>e * dQ = 1 (mod p-1)</code>. 144: * @param qInv the Chinese Remainder Theorem coefiicient. A positive integer 145: * less than <code>p</code>, satisfying 146: * <code>q * qInv = 1 (mod p)</code>. 147: */ 148: public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e, 149: BigInteger d, BigInteger p, BigInteger q, 150: BigInteger dP, BigInteger dQ, BigInteger qInv) 151: { 152: super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID 153: : preferredFormat, 154: n, e); 155: this.d = d; 156: this.p = p; 157: this.q = q; 158: // the exponents dP and dQ are positive integers less than p and q 159: // respectively satisfying 160: // e * dP = 1 (mod p-1); 161: // e * dQ = 1 (mod q-1), 162: this.dP = dP; 163: this.dQ = dQ; 164: // the CRT coefficient qInv is a positive integer less than p satisfying 165: // q * qInv = 1 (mod p). 166: this.qInv = qInv; 167: } 168: 169: /** 170: * A class method that takes the output of the <code>encodePrivateKey()</code> 171: * method of an RSA keypair codec object (an instance implementing 172: * {@link IKeyPairCodec} for RSA keys, and re-constructs an instance of this 173: * object. 174: * 175: * @param k the contents of a previously encoded instance of this object. 176: * @throws ArrayIndexOutOfBoundsException if there is not enough bytes, in 177: * <code>k</code>, to represent a valid encoding of an instance 178: * of this object. 179: * @throws IllegalArgumentException if the byte sequence does not represent a 180: * valid encoding of an instance of this object. 181: */ 182: public static GnuRSAPrivateKey valueOf(final byte[] k) 183: { 184: // try RAW codec 185: if (k[0] == Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]) 186: try 187: { 188: return (GnuRSAPrivateKey) new RSAKeyPairRawCodec().decodePrivateKey(k); 189: } 190: catch (IllegalArgumentException ignored) 191: { 192: } 193: // try PKCS#8 codec 194: return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k); 195: } 196: 197: public BigInteger getPrimeP() 198: { 199: return p; 200: } 201: 202: public BigInteger getPrimeQ() 203: { 204: return q; 205: } 206: 207: public BigInteger getPrimeExponentP() 208: { 209: return dP; 210: } 211: 212: public BigInteger getPrimeExponentQ() 213: { 214: return dQ; 215: } 216: 217: public BigInteger getCrtCoefficient() 218: { 219: return qInv; 220: } 221: 222: public BigInteger getPrivateExponent() 223: { 224: return d; 225: } 226: 227: /** 228: * Returns the encoded form of this private key according to the designated 229: * format. 230: * 231: * @param format the desired format identifier of the resulting encoding. 232: * @return the byte sequence encoding this key according to the designated 233: * format. 234: * @throws IllegalArgumentException if the format is not supported. 235: * @see RSAKeyPairRawCodec 236: * @see RSAKeyPairPKCS8Codec 237: */ 238: public byte[] getEncoded(int format) 239: { 240: final byte[] result; 241: switch (format) 242: { 243: case IKeyPairCodec.RAW_FORMAT: 244: result = new RSAKeyPairRawCodec().encodePrivateKey(this); 245: break; 246: case IKeyPairCodec.PKCS8_FORMAT: 247: result = new RSAKeyPairPKCS8Codec().encodePrivateKey(this); 248: break; 249: default: 250: throw new IllegalArgumentException("Unsupported encoding format: " 251: + format); 252: } 253: return result; 254: } 255: 256: /** 257: * Returns <code>true</code> if the designated object is an instance of this 258: * class and has the same RSA parameter values as this one. 259: * 260: * @param obj the other non-null RSA key to compare to. 261: * @return <code>true</code> if the designated object is of the same type 262: * and value as this one. 263: */ 264: public boolean equals(final Object obj) 265: { 266: if (obj == null) 267: return false; 268: 269: if (obj instanceof RSAPrivateKey) 270: { 271: final RSAPrivateKey that = (RSAPrivateKey) obj; 272: return super.equals(that) && d.equals(that.getPrivateExponent()); 273: } 274: if (obj instanceof RSAPrivateCrtKey) 275: { 276: final RSAPrivateCrtKey that = (RSAPrivateCrtKey) obj; 277: return super.equals(that) && p.equals(that.getPrimeP()) 278: && q.equals(that.getPrimeQ()) 279: && dP.equals(that.getPrimeExponentP()) 280: && dQ.equals(that.getPrimeExponentQ()) 281: && qInv.equals(that.getCrtCoefficient()); 282: } 283: return false; 284: } 285: 286: public String toString() 287: { 288: if (str == null) 289: { 290: String ls = (String) AccessController.doPrivileged 291: (new GetPropertyAction("line.separator")); 292: str = new StringBuilder(this.getClass().getName()).append("(") 293: .append(super.toString()).append(",").append(ls) 294: .append("d=0x").append(Configuration.DEBUG ? d.toString(16) 295: : "**...*").append(ls) 296: .append("p=0x").append(Configuration.DEBUG ? p.toString(16) 297: : "**...*").append(ls) 298: .append("q=0x").append(Configuration.DEBUG ? q.toString(16) 299: : "**...*").append(ls) 300: .append("dP=0x").append(Configuration.DEBUG ? dP.toString(16) 301: : "**...*").append(ls) 302: .append("dQ=0x").append(Configuration.DEBUG ? dQ.toString(16) 303: : "**...*").append(ls) 304: .append("qInv=0x").append(Configuration.DEBUG ? qInv.toString(16) 305: : "**...*").append(ls) 306: .append(")") 307: .toString(); 308: } 309: return str; 310: } 311: }