You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by sm...@apache.org on 2006/10/06 10:30:33 UTC
svn commit: r453526 - in
/incubator/harmony/enhanced/classlib/trunk/modules/security/src:
main/java/common/org/apache/harmony/security/x509/
test/impl/java/org/apache/harmony/security/tests/provider/cert/
Author: smishura
Date: Fri Oct 6 01:30:32 2006
New Revision: 453526
URL: http://svn.apache.org/viewvc?view=rev&rev=453526
Log:
Apply patch for HARMONY-1738 ([classlib][security] Enable unemployed X.509 Certificate/CRL extensions)
Modified:
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/AlternativeName.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/CRLDistributionPoints.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/Extension.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralNames.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralSubtrees.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/NameConstraints.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/PolicyInformation.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertFactoryPerfTest.java
incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertImplTest.java
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/AlternativeName.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/AlternativeName.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/AlternativeName.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/AlternativeName.java Fri Oct 6 01:30:32 2006
@@ -86,16 +86,11 @@
* Places the string representation of extension value
* into the StringBuffer object.
*/
- public void dumpValue(StringBuffer buffer) {
- buffer.append((which) ? "Subject" : "Issuer")
- .append(" Alternative Names [\n");
- for (Iterator it=alternativeNames.generalNames.iterator();
- it.hasNext();) {
- buffer.append(" ");
- buffer.append(it.next());
- buffer.append("\n");
- }
- buffer.append("]\n");
+ public void dumpValue(StringBuffer buffer, String prefix) {
+ buffer.append(prefix).append((which) ? "Subject" : "Issuer") //$NON-NLS-1$ //$NON-NLS-2$
+ .append(" Alternative Names [\n"); //$NON-NLS-1$
+ alternativeNames.dumpValue(buffer, prefix + " "); //$NON-NLS-1$
+ buffer.append(prefix).append("]\n"); //$NON-NLS-1$
}
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/CRLDistributionPoints.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/CRLDistributionPoints.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/CRLDistributionPoints.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/CRLDistributionPoints.java Fri Oct 6 01:30:32 2006
@@ -22,7 +22,8 @@
package org.apache.harmony.security.x509;
-import java.util.ArrayList;
+import java.io.IOException;
+import java.util.Iterator;
import java.util.Collection;
import java.util.List;
@@ -33,7 +34,7 @@
/**
* The class incapsulates the ASN.1 DER encoding/decoding work
- * with the CRL Distribution Points which is the part of X.509 CRL
+ * with the CRL Distribution Points which is the part of X.509 Certificate
* (as specified in RFC 3280 -
* Internet X.509 Public Key Infrastructure.
* Certificate and Certificate Revocation List (CRL) Profile.
@@ -94,7 +95,13 @@
}
return encoding;
}
-
+
+ public static CRLDistributionPoints decode(byte[] encoding)
+ throws IOException {
+ CRLDistributionPoints cdp = (CRLDistributionPoints) ASN1.decode(encoding);
+ return cdp;
+ }
+
/**
* Custom X.509 decoder.
*/
@@ -108,9 +115,7 @@
public Collection getValues(Object object) {
CRLDistributionPoints dps = (CRLDistributionPoints) object;
- return (dps.distributionPoints == null)
- ? new ArrayList()
- : dps.distributionPoints;
+ return dps.distributionPoints;
}
};
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/Extension.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/Extension.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/Extension.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/Extension.java Fri Oct 6 01:30:32 2006
@@ -91,9 +91,11 @@
// crl extensions:
public static final int[] ISSUING_DISTR_POINT = {2, 5, 29, 28};
// crl entry extensions:
+ public static final int[] CRL_NUMBER = {2, 5, 29, 20};
public static final int[] CERTIFICATE_ISSUER = {2, 5, 29, 29};
public static final int[] INVALIDITY_DATE = {2, 5, 29, 24};
public static final int[] REASON_CODE = {2, 5, 29, 21};
+ public static final int[] ISSUING_DISTR_POINTS = {2, 5, 29, 28};
// the value of extnID field of the structure
private final int[] extnID;
@@ -297,6 +299,8 @@
AlternativeName.SUBJECT, extnValue);
} else if (oidEquals(extnID, BASIC_CONSTRAINTS)) {
extnValueObject = new BasicConstraints(extnValue);
+ } else if (oidEquals(extnID, NAME_CONSTRAINTS)) {
+ extnValueObject = NameConstraints.decode(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_POLICIES)) {
extnValueObject = CertificatePolicies.decode(extnValue);
} else if (oidEquals(extnID, AUTH_KEY_ID)) {
@@ -309,8 +313,18 @@
extnValueObject = new InhibitAnyPolicy(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_ISSUER)) {
extnValueObject = new CertificateIssuer(extnValue);
+ } else if (oidEquals(extnID, CRL_DISTR_POINTS)) {
+ extnValueObject = CRLDistributionPoints.decode(extnValue);
} else if (oidEquals(extnID, CERTIFICATE_ISSUER)) {
extnValueObject = new ReasonCode(extnValue);
+ } else if (oidEquals(extnID, INVALIDITY_DATE)) {
+ extnValueObject = new InvalidityDate(extnValue);
+ } else if (oidEquals(extnID, REASON_CODE)) {
+ extnValueObject = new ReasonCode(extnValue);
+ } else if (oidEquals(extnID, CRL_NUMBER)) {
+ extnValueObject = new CRLNumber(extnValue);
+ } else if (oidEquals(extnID, ISSUING_DISTR_POINTS)) {
+ extnValueObject = IssuingDistributionPoint.decode(extnValue);
}
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralNames.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralNames.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralNames.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralNames.java Fri Oct 6 01:30:32 2006
@@ -51,7 +51,7 @@
public class GeneralNames {
// the values of GeneralName
- protected List generalNames;
+ private List generalNames;
// the ASN.1 encoded form of GeneralNames
private byte[] encoding;
@@ -147,6 +147,21 @@
encoding = ASN1.encode(this);
}
return encoding;
+ }
+
+ /**
+ * Places the string representation of extension value
+ * into the StringBuffer object.
+ */
+ public void dumpValue(StringBuffer buffer, String prefix) {
+ if (generalNames == null) {
+ return;
+ }
+ for (Iterator it=generalNames.iterator(); it.hasNext();) {
+ buffer.append(prefix);
+ buffer.append(it.next());
+ buffer.append('\n');
+ }
}
/**
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralSubtrees.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralSubtrees.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralSubtrees.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/GeneralSubtrees.java Fri Oct 6 01:30:32 2006
@@ -80,12 +80,13 @@
* @param subtree: GeneralSubtree
* @return
*/
- public void addSubtree(GeneralSubtree subtree) {
+ public GeneralSubtrees addSubtree(GeneralSubtree subtree) {
encoding = null;
if (generalSubtrees == null) {
generalSubtrees = new ArrayList();
}
generalSubtrees.add(subtree);
+ return this;
}
/**
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/NameConstraints.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/NameConstraints.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/NameConstraints.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/NameConstraints.java Fri Oct 6 01:30:32 2006
@@ -57,7 +57,7 @@
* @see org.apache.harmony.security.x509.GeneralSubtree
* @see org.apache.harmony.security.x509.GeneralName
*/
-public class NameConstraints {
+public class NameConstraints extends ExtensionValue {
// the value of permittedSubtrees field of the structure
private final GeneralSubtrees permittedSubtrees;
@@ -113,6 +113,10 @@
this(permittedSubtrees, excludedSubtrees);
this.encoding = encoding;
}
+
+ public static NameConstraints decode(byte[] encoding) throws IOException {
+ return (NameConstraints) ASN1.decode(encoding);
+ }
/**
* Returns ASN.1 encoded form of this X.509 NameConstraints value.
@@ -267,7 +271,7 @@
}
return true;
}
-
+
/**
* X.509 NameConstraints encoder/decoder.
*/
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/PolicyInformation.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/PolicyInformation.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/PolicyInformation.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/org/apache/harmony/security/x509/PolicyInformation.java Fri Oct 6 01:30:32 2006
@@ -22,6 +22,7 @@
package org.apache.harmony.security.x509;
+import org.apache.harmony.security.asn1.ASN1Any;
import org.apache.harmony.security.asn1.ASN1Oid;
import org.apache.harmony.security.asn1.ASN1Sequence;
import org.apache.harmony.security.asn1.ASN1Type;
@@ -86,7 +87,10 @@
* ASN.1 DER X.509 PolicyInformation encoder/decoder class.
*/
public static final ASN1Sequence ASN1 = new ASN1Sequence(
- new ASN1Type[] { ASN1Oid.getInstance() }) {
+ new ASN1Type[] { ASN1Oid.getInstance(), ASN1Any.getInstance() }) {
+ {
+ setOptional(1);
+ }
protected Object getDecodedObject(BerInputStream in) {
Object[] values = (Object[]) in.content;
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertFactoryPerfTest.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertFactoryPerfTest.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertFactoryPerfTest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertFactoryPerfTest.java Fri Oct 6 01:30:32 2006
@@ -110,6 +110,7 @@
ObjectIdentifier.toIntArray("1.3.6.1.4.1.311.10.3.3"), // MS Server Gated Cryptography
ObjectIdentifier.toIntArray("2.16.840.1.113730.4.1"), // Netscape Server Gated Cryptography
});
+ static NameConstraints nameConstraints;
static int extnBCLen = 5;
static GeneralNames extnSANames;
static GeneralNames extnIANames;
@@ -125,10 +126,27 @@
new GeneralName(7, "255.255.255.0"),
new GeneralName(8, "1.2.3.4444.55555")
}));
+ GeneralSubtrees permittedNames = new GeneralSubtrees()
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(1, "rfc@822.Name"), 1, 2))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(2, "dNSName")))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(8, "1.2.3.4444.55555"), 2));
+ GeneralSubtrees excludedNames = new GeneralSubtrees()
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(1, "rfc@822.BadName"), 1, 2))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(2, "BadDNSName")))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(8, "2.3.4.4444.222"), 2));
+ nameConstraints =
+ new NameConstraints(permittedNames, excludedNames);
} catch (IOException e) {
// should not be thrown
e.printStackTrace();
extnSANames = new GeneralNames();
+ nameConstraints = new NameConstraints();
}
extnIANames = extnSANames;
@@ -163,8 +181,7 @@
new Extension("2.5.29.17", true,
new AlternativeName(AlternativeName.SUBJECT, extnSANames)),
// Name Constraints
- new Extension("2.5.29.30", true,
- new NameConstraints().getEncoded()),
+ new Extension("2.5.29.30", true, nameConstraints),
// Policy Constraints
new Extension("2.5.29.36", true, new PolicyConstraints(1, 2)),
// Extended Key Usage
@@ -183,10 +200,13 @@
new AlternativeName(AlternativeName.ISSUER, extnSANames)),
// CRL Distribution Points
new Extension("2.5.29.31", false,
- new ASN1Sequence(new ASN1Type[] {}) {
- protected void getValues(Object object, Object[] values) {
- }
- }.encode(null)),
+ new CRLDistributionPoints(Arrays.asList(new DistributionPoint[] {
+ new DistributionPoint(
+ new DistributionPointName(extnSANames),
+ new ReasonFlags(extnKeyUsage),
+ extnSANames
+ ),
+ }))),
// Authority Key Identifier
new Extension("2.5.29.35", false,
new AuthorityKeyIdentifier(
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertImplTest.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertImplTest.java?view=diff&rev=453526&r1=453525&r2=453526
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertImplTest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CertImplTest.java Fri Oct 6 01:30:32 2006
@@ -112,6 +112,7 @@
ObjectIdentifier.toIntArray("1.3.6.1.4.1.311.10.3.3"), // MS Server Gated Cryptography
ObjectIdentifier.toIntArray("2.16.840.1.113730.4.1"), // Netscape Server Gated Cryptography
});
+ static NameConstraints nameConstraints;
int extnBCLen = 5;
static GeneralNames extnSANames;
static GeneralNames extnIANames;
@@ -127,10 +128,27 @@
new GeneralName(7, "255.255.255.0"),
new GeneralName(8, "1.2.3.4444.55555")
}));
+ GeneralSubtrees permittedNames = new GeneralSubtrees()
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(1, "rfc@822.Name"), 1, 2))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(2, "dNSName")))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(8, "1.2.3.4444.55555"), 2));
+ GeneralSubtrees excludedNames = new GeneralSubtrees()
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(1, "rfc@822.BadName"), 1, 2))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(2, "BadDNSName")))
+ .addSubtree(new GeneralSubtree(
+ new GeneralName(8, "2.3.4.4444.222"), 2));
+ nameConstraints =
+ new NameConstraints(permittedNames, excludedNames);
} catch (IOException e) {
// should not be thrown
e.printStackTrace();
extnSANames = new GeneralNames();
+ nameConstraints = new NameConstraints();
}
extnIANames = extnSANames;
@@ -162,8 +180,7 @@
new Extension("2.5.29.17", true,
new AlternativeName(AlternativeName.SUBJECT, extnSANames)),
// Name Constraints
- new Extension("2.5.29.30", true,
- new NameConstraints().getEncoded()),
+ new Extension("2.5.29.30", true, nameConstraints),
// Policy Constraints
new Extension("2.5.29.36", true, new PolicyConstraints(1, 2)),
// Extended Key Usage
@@ -184,10 +201,13 @@
new AlternativeName(AlternativeName.ISSUER, extnSANames)),
// CRL Distribution Points
new Extension("2.5.29.31", false,
- new ASN1Sequence(new ASN1Type[] {}) {
- protected void getValues(Object object, Object[] values) {
- }
- }.encode(null)),
+ new CRLDistributionPoints(Arrays.asList(new DistributionPoint[] {
+ new DistributionPoint(
+ new DistributionPointName(extnSANames),
+ new ReasonFlags(extnKeyUsage),
+ extnSANames
+ ),
+ }))),
// Authority Key Identifier
new Extension("2.5.29.35", false,
new AuthorityKeyIdentifier(