You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/25 09:46:47 UTC
[1/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Repository: directory-kerberos
Updated Branches:
refs/heads/master 5c70429db -> bc5c276ee
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/DateRMI.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/DateRMI.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/DateRMI.java
deleted file mode 100644
index d6248b9..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/DateRMI.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/rmi/DateRMI.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.rmi;
-
-import java.io.Serializable;
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.rmi.server.UnicastRemoteObject;
-import java.util.Date;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public class DateRMI extends UnicastRemoteObject
- implements Remote, Serializable, RemoteDate {
- private Date d;
-
- public DateRMI() throws RemoteException {
- super();
- this.d = new Date();
- }
-
- public Date getDate() throws RemoteException {
- return d;
- }
-
- public boolean equals(Object o) {
- RemoteDate rd = (RemoteDate) o;
- try {
- return d.equals(rd.getDate());
- }
- catch (RemoteException re) {
- return false;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/IntegerRMI.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/IntegerRMI.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/IntegerRMI.java
deleted file mode 100644
index a9c1237..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/IntegerRMI.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/rmi/IntegerRMI.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.rmi;
-
-import java.io.Serializable;
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.rmi.server.UnicastRemoteObject;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public class IntegerRMI extends UnicastRemoteObject
- implements Remote, Serializable, RemoteInteger {
- private int i;
-
- public IntegerRMI() throws RemoteException {
- super();
- this.i = (int) Math.round(Math.random() * 1000000.0);
- }
-
- public int getInt() throws RemoteException {
- return i;
- }
-
- public boolean equals(Object o) {
- RemoteInteger ri = (RemoteInteger) o;
- try {
- return i == ri.getInt();
- }
- catch (RemoteException re) {
- return false;
- }
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteDate.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteDate.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteDate.java
deleted file mode 100644
index 07bfaf8..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteDate.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/rmi/RemoteDate.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.rmi;
-
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.util.Date;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public interface RemoteDate extends Remote {
- public Date getDate() throws RemoteException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteInteger.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteInteger.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteInteger.java
deleted file mode 100644
index 8a0e5f7..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/RemoteInteger.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/rmi/RemoteInteger.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.rmi;
-
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public interface RemoteInteger extends Remote {
- public int getInt() throws RemoteException;
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/Test.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/Test.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/Test.java
deleted file mode 100644
index ba81efc..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/rmi/Test.java
+++ /dev/null
@@ -1,200 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/rmi/Test.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.rmi;
-
-import org.apache.commons.ssl.LogWrapper;
-import org.apache.commons.ssl.RMISocketFactoryImpl;
-
-import java.net.MalformedURLException;
-import java.rmi.Naming;
-import java.rmi.NotBoundException;
-import java.rmi.Remote;
-import java.rmi.RemoteException;
-import java.rmi.registry.LocateRegistry;
-import java.rmi.server.RMISocketFactory;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public class Test {
- private final static LogWrapper log = LogWrapper.getLogger(Test.class);
- private final static String TEST_DATE_NAME = "/org.apache.commons.ssl.rmi.testdate";
- private final static String TEST_INT_NAME = "/org.apache.commons.ssl.rmi.testint";
- protected final static int PORT;
- protected final static String URL;
-
- private static boolean rmiRunning = false;
-
- static {
- int port = 1099;
- String host = "127.0.0.1";
- PORT = port;
- // e.g. "rmi://localhost:1099/"
- URL = "rmi://" + host + ":" + port;
- }
-
- /**
- * <p/>
- * JNDI/RMI lookup wrapper. Appends "java:" if we expect
- * binding/lookup to occur in the same JVM. Otherwise, appends "rmi:".
- * </p>
- *
- * @param ref String reference.
- * @return Object Object previously bound with String reference.
- * @throws java.rmi.RemoteException rmi problem
- * @throws java.rmi.NotBoundException rmi problem
- * @throws java.net.MalformedURLException rmi problem
- */
- public static Object lookup(String ref)
- throws RemoteException, NotBoundException, MalformedURLException {
- return Naming.lookup(URL + ref);
- }
-
- /**
- * <p/>
- * JNDI/RMI rebind wrapper for the UCS. Appends "java:" if we expect
- * binding/lookup to occur in the same JVM. Otherwise, append "rmi:".
- * </p><p>
- * Also attempts to start a naming server on the localhost if one is
- * not already running. Currently we use RMI.
- * </p>
- *
- * @param ref String reference to bind with.
- * @param obj Object to bind.
- * @throws java.rmi.RemoteException rmi problem
- * @throws java.net.MalformedURLException rmi problem
- */
- public static void rebind(String ref, Remote obj)
- throws RemoteException, MalformedURLException {
- requireNameServer();
- String realRef = URL + ref;
- Naming.rebind(realRef, obj);
- try {
- Object o = lookup(ref);
- log.debug("Bound " + o.getClass().getName() + " to [" + realRef + "]");
- }
- catch (NotBoundException nbe) {
- log.debug("Error binding " + obj.getClass().getName() + " to [" + realRef + "]");
- }
- }
-
- private static void rebindTest() throws Exception {
- Remote remoteTest = new DateRMI();
- Naming.rebind(URL + TEST_DATE_NAME, remoteTest);
- Object o = Naming.lookup(URL + TEST_DATE_NAME);
- if (!remoteTest.equals(o)) {
- throw new RuntimeException("rmi: Test failed. Lookup != Rebind");
- }
- }
-
- /**
- * <p/>
- * Attempts to start a naming server on the localhost if one is not
- * already running.
- * </p>
- */
- private synchronized static void requireNameServer() {
- if (rmiRunning) {
- // We've already established that the name server is running.
- return;
- }
- try {
- // If this rebind works, then the naming server is running.
- rebindTest();
- rmiRunning = true;
- }
- catch (Exception e) {
- Test.tryToStartNameServer();
- try {
- // Okay, we've started our naming server. Now we must perform a
- // quick test to see that it's actually doing something.
- rebindTest();
- log.debug(Test.class.getName() + " successfully started.");
- rmiRunning = true;
- return;
- }
- catch (Exception e2) {
- e2.printStackTrace();
- log.error(e2.getMessage(), e2);
- }
-
- String msg = Test.class.getName() + " cannot start.";
- log.error(msg);
- throw new RuntimeException(msg);
- }
- }
-
- public static void tryToStartNameServer() {
- String className = Test.class.getName();
- log.debug(className + " probably not running. Trying to start one.");
- try {
- LocateRegistry.createRegistry(PORT);
- log.debug("registry on " + PORT + " started!");
- }
- catch (Exception problem) {
- // bah - no luck
- problem.printStackTrace();
- log.warn(problem, problem);
- }
- }
-
-
- public static void main(String[] args) throws Exception {
- System.setProperty(RMISocketFactoryImpl.RMI_HOSTNAME_KEY, "localhost");
- RMISocketFactoryImpl impl = new RMISocketFactoryImpl();
- RMISocketFactory.setSocketFactory(impl);
-
- if (args.length > 0) {
-
- } else {
- Test.requireNameServer();
- Test.rebindTest();
-
- IntegerRMI remoteInt = new IntegerRMI();
- Test.rebind(TEST_INT_NAME, remoteInt);
- }
-
- Object o = Test.lookup(TEST_DATE_NAME);
- RemoteDate rd = (RemoteDate) o;
- System.out.println("The remote-date is: " + rd.getDate());
-
- o = Test.lookup(TEST_INT_NAME);
- RemoteInteger ri = (RemoteInteger) o;
- System.out.println("The remote-int is: " + ri.getInt());
-
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/Hex.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/Hex.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/Hex.java
deleted file mode 100644
index 2acebd1..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/Hex.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/util/Hex.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl.util;
-
-/**
- * Utility class for dealing with hex-encoding of binary data.
- *
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@gmail.com</a>
- * @since 13-Nov-2007
- */
-public class Hex {
-
- public static byte[] decode(String s) {
- byte[] b = new byte[s.length() / 2];
- for (int i = 0; i < b.length; i++) {
- String hex = s.substring(2 * i, 2 * (i + 1));
- b[i] = (byte) Integer.parseInt(hex, 16);
- }
- return b;
- }
-
- public static byte[] decode(byte[] hexString) {
- byte[] b = new byte[hexString.length / 2];
- char[] chars = new char[2];
- for (int i = 0; i < b.length; i++) {
- chars[0] = (char) hexString[2 * i];
- chars[1] = (char) hexString[2 * i + 1];
- String hex = new String(chars);
- b[i] = (byte) Integer.parseInt(hex, 16);
- }
- return b;
- }
-
- public static String encode(byte[] b) {
- return encode(b, 0, b.length);
- }
-
- public static String encode(byte[] b, int offset, int length) {
- StringBuffer buf = new StringBuffer();
- int len = Math.min(offset + length, b.length);
- for (int i = offset; i < len; i++) {
- int c = (int) b[i];
- if (c < 0) {
- c = c + 256;
- }
- if (c >= 0 && c <= 15) {
- buf.append('0');
- }
- buf.append(Integer.toHexString(c));
- }
- return buf.toString();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/UTF8.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/UTF8.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/UTF8.java
deleted file mode 100644
index 8fa771a..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/util/UTF8.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package org.apache.commons.ssl.util;
-
-import java.io.UnsupportedEncodingException;
-
-public class UTF8 {
-
- public static String toString(byte[] bytes) {
- try {
- return new String(bytes, "UTF-8");
- } catch (UnsupportedEncodingException uee) {
- throw new RuntimeException("UTF8 unavailable", uee);
- }
- }
-
- public static byte[] toBytes(String s) {
- try {
- return s.getBytes("UTF-8");
- } catch (UnsupportedEncodingException uee) {
- throw new RuntimeException("UTF8 unavailable", uee);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/httpclient/contrib/ssl/TestHttpclientContrib.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/httpclient/contrib/ssl/TestHttpclientContrib.java b/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/httpclient/contrib/ssl/TestHttpclientContrib.java
deleted file mode 100644
index 572dae6..0000000
--- a/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/httpclient/contrib/ssl/TestHttpclientContrib.java
+++ /dev/null
@@ -1,42 +0,0 @@
-package org.apache.commons.httpclient.contrib.ssl;
-
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
-
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
-
-import java.io.File;
-import java.net.URL;
-
-public class TestHttpclientContrib {
-
- @Test
- public void theTest() throws Exception {
- registerCerts();
- }
-
- public static void registerCerts() throws Exception {
- File keyFile = new File("samples/keystores/Sun.jks.ks");
- File trustFile = new File("samples/cacerts-with-78-entries.jks");
- URL ks = keyFile.toURI().toURL();
- URL ts = trustFile.toURI().toURL();
-
- AuthSSLProtocolSocketFactory sf;
- sf = new AuthSSLProtocolSocketFactory(ks, "changeit", ts, "changeit");
- sf.setCheckHostname(false);
-
- // There should be 78 certs in this trust-chain.
- assertEquals(78, sf.getTrustChain().getCertificates().size());
-
- TrustSSLProtocolSocketFactory tf;
- tf = new TrustSSLProtocolSocketFactory(trustFile.getAbsolutePath(), "changeit".toCharArray());
- tf.setCheckHostname(false);
-
- String scheme1 = "https-test1";
- Protocol.registerProtocol(scheme1, new Protocol(scheme1, (ProtocolSocketFactory) sf, 443));
- String scheme2 = "https-test2";
- Protocol.registerProtocol(scheme2, new Protocol(scheme2, (ProtocolSocketFactory) tf, 443));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/ssl/TestBase64.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/ssl/TestBase64.java b/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/ssl/TestBase64.java
index 4b29554..9bb9074 100644
--- a/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/ssl/TestBase64.java
+++ b/3rdparty/not-yet-commons-ssl/src/test/java/org/apache/commons/ssl/TestBase64.java
@@ -1,6 +1,9 @@
package org.apache.commons.ssl;
import static org.junit.Assert.assertTrue;
+
+import org.apache.kerby.util.Base64;
+import org.apache.kerby.util.Base64InputStream;
import org.junit.Test;
import java.io.ByteArrayInputStream;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64.java
new file mode 100644
index 0000000..0a49ccb
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64.java
@@ -0,0 +1,1046 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kerby.util;
+
+import java.math.BigInteger;
+
+/**
+ * Provides Base64 encoding and decoding as defined by RFC 2045.
+ *
+ * <p>
+ * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
+ * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
+ * </p>
+ * <p>
+ * The class can be parameterized in the following manner with various constructors:
+ * <ul>
+ * <li>URL-safe mode: Default off.</li>
+ * <li>Line length: Default 76. Line length that aren't multiples of 4 will still essentially end up being multiples of
+ * 4 in the encoded data.
+ * <li>Line separator: Default is CRLF ("\r\n")</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
+ * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
+ * </p>
+ *
+ * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
+ * @author Apache Software Foundation
+ * @since 1.0
+ * @version $Id: Base64.java 155 2009-09-17 21:00:58Z julius $
+ */
+public class Base64 {
+ private static final int DEFAULT_BUFFER_RESIZE_FACTOR = 2;
+
+ private static final int DEFAULT_BUFFER_SIZE = 8192;
+
+ /**
+ * Chunk size per RFC 2045 section 6.8.
+ *
+ * <p>
+ * The {@value} character limit does not count the trailing CRLF, but counts all other characters, including any
+ * equal signs.
+ * </p>
+ *
+ * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045 section 6.8</a>
+ */
+ static final int CHUNK_SIZE = 76;
+
+ /**
+ * Chunk separator per RFC 2045 section 2.1.
+ *
+ * <p>
+ * N.B. The next major release may break compatibility and make this field private.
+ * </p>
+ *
+ * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045 section 2.1</a>
+ */
+ static final byte[] CHUNK_SEPARATOR = {'\r', '\n'};
+
+ /**
+ * This array is a lookup table that translates 6-bit positive integer index values into their "Base64 Alphabet"
+ * equivalents as specified in Table 1 of RFC 2045.
+ *
+ * Thanks to "commons" project in ws.apache.org for this code.
+ * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
+ */
+ private static final byte[] STANDARD_ENCODE_TABLE = {
+ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+ 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+ 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
+ };
+
+ /**
+ * This is a copy of the STANDARD_ENCODE_TABLE above, but with + and /
+ * changed to - and _ to make the encoded Base64 results more URL-SAFE.
+ * This table is only used when the Base64's mode is set to URL-SAFE.
+ */
+ private static final byte[] URL_SAFE_ENCODE_TABLE = {
+ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+ 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+ 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'
+ };
+
+ /**
+ * Byte used to pad output.
+ */
+ private static final byte PAD = '=';
+
+ /**
+ * This array is a lookup table that translates Unicode characters drawn from the "Base64 Alphabet" (as specified in
+ * Table 1 of RFC 2045) into their 6-bit positive integer equivalents. Characters that are not in the Base64
+ * alphabet but fall within the bounds of the array are translated to -1.
+ *
+ * Note: '+' and '-' both decode to 62. '/' and '_' both decode to 63. This means decoder seamlessly handles both
+ * URL_SAFE and STANDARD base64. (The encoder, on the other hand, needs to know ahead of time what to emit).
+ *
+ * Thanks to "commons" project in ws.apache.org for this code.
+ * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
+ */
+ private static final byte[] DECODE_TABLE = {
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, 52, 53, 54,
+ 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4,
+ 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
+ 24, 25, -1, -1, -1, -1, 63, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
+ 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51
+ };
+
+ /** Mask used to extract 6 bits, used when encoding */
+ private static final int MASK_6BITS = 0x3f;
+
+ /** Mask used to extract 8 bits, used in decoding base64 bytes */
+ private static final int MASK_8BITS = 0xff;
+
+ // The static final fields above are used for the original static byte[] methods on Base64.
+ // The private member fields below are used with the new streaming approach, which requires
+ // some state be preserved between calls of encode() and decode().
+
+ /**
+ * Encode table to use: either STANDARD or URL_SAFE. Note: the DECODE_TABLE above remains static because it is able
+ * to decode both STANDARD and URL_SAFE streams, but the encodeTable must be a member variable so we can switch
+ * between the two modes.
+ */
+ private final byte[] encodeTable;
+
+ /**
+ * Line length for encoding. Not used when decoding. A value of zero or less implies no chunking of the base64
+ * encoded data.
+ */
+ private final int lineLength;
+
+ /**
+ * Line separator for encoding. Not used when decoding. Only used if lineLength > 0.
+ */
+ private final byte[] lineSeparator;
+
+ /**
+ * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
+ * <code>decodeSize = 3 + lineSeparator.length;</code>
+ */
+ private final int decodeSize;
+
+ /**
+ * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
+ * <code>encodeSize = 4 + lineSeparator.length;</code>
+ */
+ private final int encodeSize;
+
+ /**
+ * Buffer for streaming.
+ */
+ private byte[] buffer;
+
+ /**
+ * Position where next character should be written in the buffer.
+ */
+ private int pos;
+
+ /**
+ * Position where next character should be read from the buffer.
+ */
+ private int readPos;
+
+ /**
+ * Variable tracks how many characters have been written to the current line. Only used when encoding. We use it to
+ * make sure each encoded line never goes beyond lineLength (if lineLength > 0).
+ */
+ private int currentLinePos;
+
+ /**
+ * Writes to the buffer only occur after every 3 reads when encoding, an every 4 reads when decoding. This variable
+ * helps track that.
+ */
+ private int modulus;
+
+ /**
+ * Boolean flag to indicate the EOF has been reached. Once EOF has been reached, this Base64 object becomes useless,
+ * and must be thrown away.
+ */
+ private boolean eof;
+
+ /**
+ * Place holder for the 3 bytes we're dealing with for our base64 logic. Bitwise operations store and extract the
+ * base64 encoding or decoding from this variable.
+ */
+ private int x;
+
+ /**
+ * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
+ * <p>
+ * When encoding the line length is 76, the line separator is CRLF, and the encoding table is STANDARD_ENCODE_TABLE.
+ * </p>
+ *
+ * <p>
+ * When decoding all variants are supported.
+ * </p>
+ */
+ public Base64() {
+ this(false);
+ }
+
+ /**
+ * Creates a Base64 codec used for decoding (all modes) and encoding in the given URL-safe mode.
+ * <p>
+ * When encoding the line length is 76, the line separator is CRLF, and the encoding table is STANDARD_ENCODE_TABLE.
+ * </p>
+ *
+ * <p>
+ * When decoding all variants are supported.
+ * </p>
+ *
+ * @param urlSafe
+ * if <code>true</code>, URL-safe encoding is used. In most cases this should be set to
+ * <code>false</code>.
+ * @since 1.4
+ */
+ public Base64(boolean urlSafe) {
+ this(CHUNK_SIZE, CHUNK_SEPARATOR, urlSafe);
+ }
+
+ /**
+ * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
+ * <p>
+ * When encoding the line length is given in the constructor, the line separator is CRLF, and the encoding table is
+ * STANDARD_ENCODE_TABLE.
+ * </p>
+ * <p>
+ * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
+ * </p>
+ * <p>
+ * When decoding all variants are supported.
+ * </p>
+ *
+ * @param lineLength
+ * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
+ * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
+ * @since 1.4
+ */
+ public Base64(int lineLength) {
+ this(lineLength, CHUNK_SEPARATOR);
+ }
+
+ /**
+ * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
+ * <p>
+ * When encoding the line length and line separator are given in the constructor, and the encoding table is
+ * STANDARD_ENCODE_TABLE.
+ * </p>
+ * <p>
+ * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
+ * </p>
+ * <p>
+ * When decoding all variants are supported.
+ * </p>
+ *
+ * @param lineLength
+ * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
+ * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
+ * @param lineSeparator
+ * Each line of encoded data will end with this sequence of bytes.
+ * @throws IllegalArgumentException
+ * Thrown when the provided lineSeparator included some base64 characters.
+ * @since 1.4
+ */
+ public Base64(int lineLength, byte[] lineSeparator) {
+ this(lineLength, lineSeparator, false);
+ }
+
+ /**
+ * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
+ * <p>
+ * When encoding the line length and line separator are given in the constructor, and the encoding table is
+ * STANDARD_ENCODE_TABLE.
+ * </p>
+ * <p>
+ * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
+ * </p>
+ * <p>
+ * When decoding all variants are supported.
+ * </p>
+ *
+ * @param lineLength
+ * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
+ * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
+ * @param lineSeparator
+ * Each line of encoded data will end with this sequence of bytes.
+ * @param urlSafe
+ * Instead of emitting '+' and '/' we emit '-' and '_' respectively. urlSafe is only applied to encode
+ * operations. Decoding seamlessly handles both modes.
+ * @throws IllegalArgumentException
+ * The provided lineSeparator included some base64 characters. That's not going to work!
+ * @since 1.4
+ */
+ public Base64(int lineLength, byte[] lineSeparator, boolean urlSafe) {
+ if (lineSeparator == null) {
+ lineLength = 0; // disable chunk-separating
+ lineSeparator = CHUNK_SEPARATOR; // this just gets ignored
+ }
+ this.lineLength = lineLength > 0 ? (lineLength / 4) * 4 : 0;
+ this.lineSeparator = new byte[lineSeparator.length];
+ System.arraycopy(lineSeparator, 0, this.lineSeparator, 0, lineSeparator.length);
+ if (lineLength > 0) {
+ this.encodeSize = 4 + lineSeparator.length;
+ } else {
+ this.encodeSize = 4;
+ }
+ this.decodeSize = this.encodeSize - 1;
+ if (containsBase64Byte(lineSeparator)) {
+ String sep = UTF8.toString(lineSeparator);
+ throw new IllegalArgumentException("lineSeperator must not contain base64 characters: [" + sep + "]");
+ }
+ this.encodeTable = urlSafe ? URL_SAFE_ENCODE_TABLE : STANDARD_ENCODE_TABLE;
+ }
+
+ /**
+ * Returns our current encode mode. True if we're URL-SAFE, false otherwise.
+ *
+ * @return true if we're in URL-SAFE mode, false otherwise.
+ * @since 1.4
+ */
+ public boolean isUrlSafe() {
+ return this.encodeTable == URL_SAFE_ENCODE_TABLE;
+ }
+
+ /**
+ * Returns true if this Base64 object has buffered data for reading.
+ *
+ * @return true if there is Base64 object still available for reading.
+ */
+ boolean hasData() {
+ return this.buffer != null;
+ }
+
+ /**
+ * Returns the amount of buffered data available for reading.
+ *
+ * @return The amount of buffered data available for reading.
+ */
+ int avail() {
+ return buffer != null ? pos - readPos : 0;
+ }
+
+ /** Doubles our buffer. */
+ private void resizeBuffer() {
+ if (buffer == null) {
+ buffer = new byte[DEFAULT_BUFFER_SIZE];
+ pos = 0;
+ readPos = 0;
+ } else {
+ byte[] b = new byte[buffer.length * DEFAULT_BUFFER_RESIZE_FACTOR];
+ System.arraycopy(buffer, 0, b, 0, buffer.length);
+ buffer = b;
+ }
+ }
+
+ /**
+ * Extracts buffered data into the provided byte[] array, starting at position bPos, up to a maximum of bAvail
+ * bytes. Returns how many bytes were actually extracted.
+ *
+ * @param b
+ * byte[] array to extract the buffered data into.
+ * @param bPos
+ * position in byte[] array to start extraction at.
+ * @param bAvail
+ * amount of bytes we're allowed to extract. We may extract fewer (if fewer are available).
+ * @return The number of bytes successfully extracted into the provided byte[] array.
+ */
+ int readResults(byte[] b, int bPos, int bAvail) {
+ if (buffer != null) {
+ int len = Math.min(avail(), bAvail);
+ if (buffer != b) {
+ System.arraycopy(buffer, readPos, b, bPos, len);
+ readPos += len;
+ if (readPos >= pos) {
+ buffer = null;
+ }
+ } else {
+ // Re-using the original consumer's output array is only
+ // allowed for one round.
+ buffer = null;
+ }
+ return len;
+ }
+ return eof ? -1 : 0;
+ }
+
+ /**
+ * Sets the streaming buffer. This is a small optimization where we try to buffer directly to the consumer's output
+ * array for one round (if the consumer calls this method first) instead of starting our own buffer.
+ *
+ * @param out
+ * byte[] array to buffer directly to.
+ * @param outPos
+ * Position to start buffering into.
+ * @param outAvail
+ * Amount of bytes available for direct buffering.
+ */
+ void setInitialBuffer(byte[] out, int outPos, int outAvail) {
+ // We can re-use consumer's original output array under
+ // special circumstances, saving on some System.arraycopy().
+ if (out != null && out.length == outAvail) {
+ buffer = out;
+ pos = outPos;
+ readPos = outPos;
+ }
+ }
+
+ /**
+ * <p>
+ * Encodes all of the provided data, starting at inPos, for inAvail bytes. Must be called at least twice: once with
+ * the data to encode, and once with inAvail set to "-1" to alert encoder that EOF has been reached, so flush last
+ * remaining bytes (if not multiple of 3).
+ * </p>
+ * <p>
+ * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
+ * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
+ * </p>
+ *
+ * @param in
+ * byte[] array of binary data to base64 encode.
+ * @param inPos
+ * Position to start reading data from.
+ * @param inAvail
+ * Amount of bytes available from input for encoding.
+ */
+ void encode(byte[] in, int inPos, int inAvail) {
+ if (eof) {
+ return;
+ }
+ // inAvail < 0 is how we're informed of EOF in the underlying data we're
+ // encoding.
+ if (inAvail < 0) {
+ eof = true;
+ if (buffer == null || buffer.length - pos < encodeSize) {
+ resizeBuffer();
+ }
+ switch (modulus) {
+ case 1 :
+ buffer[pos++] = encodeTable[(x >> 2) & MASK_6BITS];
+ buffer[pos++] = encodeTable[(x << 4) & MASK_6BITS];
+ // URL-SAFE skips the padding to further reduce size.
+ if (encodeTable == STANDARD_ENCODE_TABLE) {
+ buffer[pos++] = PAD;
+ buffer[pos++] = PAD;
+ }
+ break;
+
+ case 2 :
+ buffer[pos++] = encodeTable[(x >> 10) & MASK_6BITS];
+ buffer[pos++] = encodeTable[(x >> 4) & MASK_6BITS];
+ buffer[pos++] = encodeTable[(x << 2) & MASK_6BITS];
+ // URL-SAFE skips the padding to further reduce size.
+ if (encodeTable == STANDARD_ENCODE_TABLE) {
+ buffer[pos++] = PAD;
+ }
+ break;
+ }
+ if (lineLength > 0 && pos > 0) {
+ System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
+ pos += lineSeparator.length;
+ }
+ } else {
+ for (int i = 0; i < inAvail; i++) {
+ if (buffer == null || buffer.length - pos < encodeSize) {
+ resizeBuffer();
+ }
+ modulus = (++modulus) % 3;
+ int b = in[inPos++];
+ if (b < 0) {
+ b += 256;
+ }
+ x = (x << 8) + b;
+ if (0 == modulus) {
+ buffer[pos++] = encodeTable[(x >> 18) & MASK_6BITS];
+ buffer[pos++] = encodeTable[(x >> 12) & MASK_6BITS];
+ buffer[pos++] = encodeTable[(x >> 6) & MASK_6BITS];
+ buffer[pos++] = encodeTable[x & MASK_6BITS];
+ currentLinePos += 4;
+ if (lineLength > 0 && lineLength <= currentLinePos) {
+ System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
+ pos += lineSeparator.length;
+ currentLinePos = 0;
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * <p>
+ * Decodes all of the provided data, starting at inPos, for inAvail bytes. Should be called at least twice: once
+ * with the data to decode, and once with inAvail set to "-1" to alert decoder that EOF has been reached. The "-1"
+ * call is not necessary when decoding, but it doesn't hurt, either.
+ * </p>
+ * <p>
+ * Ignores all non-base64 characters. This is how chunked (e.g. 76 character) data is handled, since CR and LF are
+ * silently ignored, but has implications for other bytes, too. This method subscribes to the garbage-in,
+ * garbage-out philosophy: it will not check the provided data for validity.
+ * </p>
+ * <p>
+ * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
+ * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
+ * </p>
+ *
+ * @param in
+ * byte[] array of ascii data to base64 decode.
+ * @param inPos
+ * Position to start reading data from.
+ * @param inAvail
+ * Amount of bytes available from input for encoding.
+ */
+ void decode(byte[] in, int inPos, int inAvail) {
+ if (eof) {
+ return;
+ }
+ if (inAvail < 0) {
+ eof = true;
+ }
+ for (int i = 0; i < inAvail; i++) {
+ if (buffer == null || buffer.length - pos < decodeSize) {
+ resizeBuffer();
+ }
+ byte b = in[inPos++];
+ if (b == PAD) {
+ // We're done.
+ eof = true;
+ break;
+ } else {
+ if (b >= 0 && b < DECODE_TABLE.length) {
+ int result = DECODE_TABLE[b];
+ if (result >= 0) {
+ modulus = (++modulus) % 4;
+ x = (x << 6) + result;
+ if (modulus == 0) {
+ buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
+ buffer[pos++] = (byte) ((x >> 8) & MASK_8BITS);
+ buffer[pos++] = (byte) (x & MASK_8BITS);
+ }
+ }
+ }
+ }
+ }
+
+ // Two forms of EOF as far as base64 decoder is concerned: actual
+ // EOF (-1) and first time '=' character is encountered in stream.
+ // This approach makes the '=' padding characters completely optional.
+ if (eof && modulus != 0) {
+ x = x << 6;
+ switch (modulus) {
+ case 2 :
+ x = x << 6;
+ buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
+ break;
+ case 3 :
+ buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
+ buffer[pos++] = (byte) ((x >> 8) & MASK_8BITS);
+ break;
+ }
+ }
+ }
+
+ /**
+ * Returns whether or not the <code>octet</code> is in the base 64 alphabet.
+ *
+ * @param octet
+ * The value to test
+ * @return <code>true</code> if the value is defined in the the base 64 alphabet, <code>false</code> otherwise.
+ * @since 1.4
+ */
+ public static boolean isBase64(byte octet) {
+ return octet == PAD || (octet >= 0 && octet < DECODE_TABLE.length && DECODE_TABLE[octet] != -1);
+ }
+
+ /**
+ * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet. Currently the
+ * method treats whitespace as valid.
+ *
+ * @param arrayOctet
+ * byte array to test
+ * @return <code>true</code> if all bytes are valid characters in the Base64 alphabet or if the byte array is empty;
+ * false, otherwise
+ */
+ public static boolean isArrayByteBase64(byte[] arrayOctet) {
+ for (int i = 0; i < arrayOctet.length; i++) {
+ if (!isBase64(arrayOctet[i]) && !isWhiteSpace(arrayOctet[i])) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ /**
+ * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet.
+ *
+ * @param arrayOctet
+ * byte array to test
+ * @return <code>true</code> if any byte is a valid character in the Base64 alphabet; false herwise
+ */
+ private static boolean containsBase64Byte(byte[] arrayOctet) {
+ for (int i = 0; i < arrayOctet.length; i++) {
+ if (isBase64(arrayOctet[i])) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm but does not chunk the output.
+ *
+ * @param binaryData
+ * binary data to encode
+ * @return byte[] containing Base64 characters in their UTF-8 representation.
+ */
+ public static byte[] encodeBase64(byte[] binaryData) {
+ return encodeBase64(binaryData, false);
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm into 76 character blocks separated by CRLF.
+ *
+ * @param binaryData
+ * binary data to encode
+ * @return String containing Base64 characters.
+ * @since 1.4
+ */
+ public static String encodeBase64String(byte[] binaryData) {
+ return UTF8.toString(encodeBase64(binaryData, true));
+ }
+
+ /**
+ * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
+ * url-safe variation emits - and _ instead of + and / characters.
+ *
+ * @param binaryData
+ * binary data to encode
+ * @return byte[] containing Base64 characters in their UTF-8 representation.
+ * @since 1.4
+ */
+ public static byte[] encodeBase64URLSafe(byte[] binaryData) {
+ return encodeBase64(binaryData, false, true);
+ }
+
+ /**
+ * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
+ * url-safe variation emits - and _ instead of + and / characters.
+ *
+ * @param binaryData
+ * binary data to encode
+ * @return String containing Base64 characters
+ * @since 1.4
+ */
+ public static String encodeBase64URLSafeString(byte[] binaryData) {
+ return UTF8.toString(encodeBase64(binaryData, false, true));
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm and chunks the encoded output into 76 character blocks
+ *
+ * @param binaryData
+ * binary data to encode
+ * @return Base64 characters chunked in 76 character blocks
+ */
+ public static byte[] encodeBase64Chunked(byte[] binaryData) {
+ return encodeBase64(binaryData, true);
+ }
+
+ /**
+ * Decodes an Object using the base64 algorithm. This method is provided in order to satisfy the requirements of the
+ * Decoder interface, and will throw a DecoderException if the supplied object is not of type byte[] or String.
+ *
+ * @param pObject
+ * Object to decode
+ * @return An object (of type byte[]) containing the binary data which corresponds to the byte[] or String supplied.
+ */
+ public Object decode(Object pObject) {
+ if (pObject instanceof byte[]) {
+ return decode((byte[]) pObject);
+ } else if (pObject instanceof String) {
+ return decode((String) pObject);
+ } else {
+ throw new IllegalArgumentException("Parameter supplied to Base64 decode is not a byte[] or a String");
+ }
+ }
+
+ /**
+ * Decodes a String containing containing characters in the Base64 alphabet.
+ *
+ * @param pArray
+ * A String containing Base64 character data
+ * @return a byte array containing binary data
+ * @since 1.4
+ */
+ public byte[] decode(String pArray) {
+ return decode(UTF8.toBytes(pArray));
+ }
+
+ /**
+ * Decodes a byte[] containing containing characters in the Base64 alphabet.
+ *
+ * @param pArray
+ * A byte array containing Base64 character data
+ * @return a byte array containing binary data
+ */
+ public byte[] decode(byte[] pArray) {
+ reset();
+ if (pArray == null || pArray.length == 0) {
+ return pArray;
+ }
+ long len = (pArray.length * 3) / 4;
+ byte[] buf = new byte[(int) len];
+ setInitialBuffer(buf, 0, buf.length);
+ decode(pArray, 0, pArray.length);
+ decode(pArray, 0, -1); // Notify decoder of EOF.
+
+ // Would be nice to just return buf (like we sometimes do in the encode
+ // logic), but we have no idea what the line-length was (could even be
+ // variable). So we cannot determine ahead of time exactly how big an
+ // array is necessary. Hence the need to construct a 2nd byte array to
+ // hold the final result:
+
+ byte[] result = new byte[pos];
+ readResults(result, 0, result.length);
+ return result;
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
+ *
+ * @param binaryData
+ * Array containing binary data to encode.
+ * @param isChunked
+ * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
+ * @return Base64-encoded data.
+ * @throws IllegalArgumentException
+ * Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
+ */
+ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) {
+ return encodeBase64(binaryData, isChunked, false);
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
+ *
+ * @param binaryData
+ * Array containing binary data to encode.
+ * @param isChunked
+ * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
+ * @param urlSafe
+ * if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
+ * @return Base64-encoded data.
+ * @throws IllegalArgumentException
+ * Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
+ * @since 1.4
+ */
+ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe) {
+ return encodeBase64(binaryData, isChunked, urlSafe, Integer.MAX_VALUE);
+ }
+
+ /**
+ * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
+ *
+ * @param binaryData
+ * Array containing binary data to encode.
+ * @param isChunked
+ * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
+ * @param urlSafe
+ * if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
+ * @param maxResultSize
+ * The maximum result size to accept.
+ * @return Base64-encoded data.
+ * @throws IllegalArgumentException
+ * Thrown when the input array needs an output array bigger than maxResultSize
+ * @since 1.4
+ */
+ public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe, int maxResultSize) {
+ if (binaryData == null || binaryData.length == 0) {
+ return binaryData;
+ }
+
+ long len = getEncodeLength(binaryData, CHUNK_SIZE, CHUNK_SEPARATOR);
+ if (len > maxResultSize) {
+ throw new IllegalArgumentException("Input array too big, the output array would be bigger (" +
+ len +
+ ") than the specified maxium size of " +
+ maxResultSize);
+ }
+
+ Base64 b64 = isChunked ? new Base64(urlSafe) : new Base64(0, CHUNK_SEPARATOR, urlSafe);
+ return b64.encode(binaryData);
+ }
+
+ /**
+ * Decodes a Base64 String into octets
+ *
+ * @param base64String
+ * String containing Base64 data
+ * @return Array containing decoded data.
+ * @since 1.4
+ */
+ public static byte[] decodeBase64(String base64String) {
+ return new Base64().decode(base64String);
+ }
+
+ /**
+ * Decodes Base64 data into octets
+ *
+ * @param base64Data
+ * Byte array containing Base64 data
+ * @return Array containing decoded data.
+ */
+ public static byte[] decodeBase64(byte[] base64Data) {
+ return new Base64().decode(base64Data);
+ }
+
+ /**
+ * Discards any whitespace from a base-64 encoded block.
+ *
+ * @param data
+ * The base-64 encoded data to discard the whitespace from.
+ * @return The data, less whitespace (see RFC 2045).
+ * @deprecated This method is no longer needed
+ */
+ static byte[] discardWhitespace(byte[] data) {
+ byte groomedData[] = new byte[data.length];
+ int bytesCopied = 0;
+ for (int i = 0; i < data.length; i++) {
+ switch (data[i]) {
+ case ' ' :
+ case '\n' :
+ case '\r' :
+ case '\t' :
+ break;
+ default :
+ groomedData[bytesCopied++] = data[i];
+ }
+ }
+ byte packedData[] = new byte[bytesCopied];
+ System.arraycopy(groomedData, 0, packedData, 0, bytesCopied);
+ return packedData;
+ }
+
+ /**
+ * Checks if a byte value is whitespace or not.
+ *
+ * @param byteToCheck
+ * the byte to check
+ * @return true if byte is whitespace, false otherwise
+ */
+ private static boolean isWhiteSpace(byte byteToCheck) {
+ switch (byteToCheck) {
+ case ' ' :
+ case '\n' :
+ case '\r' :
+ case '\t' :
+ return true;
+ default :
+ return false;
+ }
+ }
+
+ // Implementation of the Encoder Interface
+
+ /**
+ * Encodes an Object using the base64 algorithm. This method is provided in order to satisfy the requirements of the
+ * Encoder interface, and will throw an EncoderException if the supplied object is not of type byte[].
+ *
+ * @param pObject
+ * Object to encode
+ * @return An object (of type byte[]) containing the base64 encoded data which corresponds to the byte[] supplied.
+ */
+ public Object encode(Object pObject) {
+ if (!(pObject instanceof byte[])) {
+ throw new IllegalArgumentException("Parameter supplied to Base64 encode is not a byte[]");
+ }
+ return encode((byte[]) pObject);
+ }
+
+ /**
+ * Encodes a byte[] containing binary data, into a String containing characters in the Base64 alphabet.
+ *
+ * @param pArray
+ * a byte array containing binary data
+ * @return A String containing only Base64 character data
+ * @since 1.4
+ */
+ public String encodeToString(byte[] pArray) {
+ return UTF8.toString(encode(pArray));
+ }
+
+ /**
+ * Encodes a byte[] containing binary data, into a byte[] containing characters in the Base64 alphabet.
+ *
+ * @param pArray
+ * a byte array containing binary data
+ * @return A byte array containing only Base64 character data
+ */
+ public byte[] encode(byte[] pArray) {
+ reset();
+ if (pArray == null || pArray.length == 0) {
+ return pArray;
+ }
+ long len = getEncodeLength(pArray, lineLength, lineSeparator);
+ byte[] buf = new byte[(int) len];
+ setInitialBuffer(buf, 0, buf.length);
+ encode(pArray, 0, pArray.length);
+ encode(pArray, 0, -1); // Notify encoder of EOF.
+ // Encoder might have resized, even though it was unnecessary.
+ if (buffer != buf) {
+ readResults(buf, 0, buf.length);
+ }
+ // In URL-SAFE mode we skip the padding characters, so sometimes our
+ // final length is a bit smaller.
+ if (isUrlSafe() && pos < buf.length) {
+ byte[] smallerBuf = new byte[pos];
+ System.arraycopy(buf, 0, smallerBuf, 0, pos);
+ buf = smallerBuf;
+ }
+ return buf;
+ }
+
+ /**
+ * Pre-calculates the amount of space needed to base64-encode the supplied array.
+ *
+ * @param pArray byte[] array which will later be encoded
+ * @param chunkSize line-length of the output (<= 0 means no chunking) between each
+ * chunkSeparator (e.g. CRLF).
+ * @param chunkSeparator the sequence of bytes used to separate chunks of output (e.g. CRLF).
+ *
+ * @return amount of space needed to encoded the supplied array. Returns
+ * a long since a max-len array will require Integer.MAX_VALUE + 33%.
+ */
+ private static long getEncodeLength(byte[] pArray, int chunkSize, byte[] chunkSeparator) {
+ // base64 always encodes to multiples of 4.
+ chunkSize = (chunkSize / 4) * 4;
+
+ long len = (pArray.length * 4) / 3;
+ long mod = len % 4;
+ if (mod != 0) {
+ len += 4 - mod;
+ }
+ if (chunkSize > 0) {
+ boolean lenChunksPerfectly = len % chunkSize == 0;
+ len += (len / chunkSize) * chunkSeparator.length;
+ if (!lenChunksPerfectly) {
+ len += chunkSeparator.length;
+ }
+ }
+ return len;
+ }
+
+ // Implementation of integer encoding used for crypto
+ /**
+ * Decodes a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
+ *
+ * @param pArray
+ * a byte array containing base64 character data
+ * @return A BigInteger
+ * @since 1.4
+ */
+ public static BigInteger decodeInteger(byte[] pArray) {
+ return new BigInteger(1, decodeBase64(pArray));
+ }
+
+ /**
+ * Encodes to a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
+ *
+ * @param bigInt
+ * a BigInteger
+ * @return A byte array containing base64 character data
+ * @throws NullPointerException
+ * if null is passed in
+ * @since 1.4
+ */
+ public static byte[] encodeInteger(BigInteger bigInt) {
+ if (bigInt == null) {
+ throw new NullPointerException("encodeInteger called with null parameter");
+ }
+ return encodeBase64(toIntegerBytes(bigInt), false);
+ }
+
+ /**
+ * Returns a byte-array representation of a <code>BigInteger</code> without sign bit.
+ *
+ * @param bigInt
+ * <code>BigInteger</code> to be converted
+ * @return a byte array representation of the BigInteger parameter
+ */
+ static byte[] toIntegerBytes(BigInteger bigInt) {
+ int bitlen = bigInt.bitLength();
+ // round bitlen
+ bitlen = ((bitlen + 7) >> 3) << 3;
+ byte[] bigBytes = bigInt.toByteArray();
+
+ if (((bigInt.bitLength() % 8) != 0) && (((bigInt.bitLength() / 8) + 1) == (bitlen / 8))) {
+ return bigBytes;
+ }
+ // set up params for copying everything but sign bit
+ int startSrc = 0;
+ int len = bigBytes.length;
+
+ // if bigInt is exactly byte-aligned, just skip signbit in copy
+ if ((bigInt.bitLength() % 8) == 0) {
+ startSrc = 1;
+ len--;
+ }
+ int startDst = bitlen / 8 - len; // to pad w/ nulls as per spec
+ byte[] resizedBytes = new byte[bitlen / 8];
+ System.arraycopy(bigBytes, startSrc, resizedBytes, startDst, len);
+ return resizedBytes;
+ }
+
+ /**
+ * Resets this Base64 object to its initial newly constructed state.
+ */
+ private void reset() {
+ buffer = null;
+ pos = 0;
+ readPos = 0;
+ currentLinePos = 0;
+ modulus = 0;
+ eof = false;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64InputStream.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64InputStream.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64InputStream.java
new file mode 100644
index 0000000..de145ea
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64InputStream.java
@@ -0,0 +1,174 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kerby.util;
+
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * Provides Base64 encoding and decoding in a streaming fashion (unlimited size). When encoding the default lineLength
+ * is 76 characters and the default lineEnding is CRLF, but these can be overridden by using the appropriate
+ * constructor.
+ * <p>
+ * The default behaviour of the Base64InputStream is to DECODE, whereas the default behaviour of the Base64OutputStream
+ * is to ENCODE, but this behaviour can be overridden by using a different constructor.
+ * </p>
+ * <p>
+ * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
+ * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
+ * </p>
+ * <p>
+ * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
+ * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
+ * </p>
+ *
+ * @author Apache Software Foundation
+ * @version $Id: Base64InputStream.java 155 2009-09-17 21:00:58Z julius $
+ * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
+ * @since 1.4
+ */
+public class Base64InputStream extends FilterInputStream {
+
+ private final boolean doEncode;
+
+ private final Base64 base64;
+
+ private final byte[] singleByte = new byte[1];
+
+ /**
+ * Creates a Base64InputStream such that all data read is Base64-decoded from the original provided InputStream.
+ *
+ * @param in
+ * InputStream to wrap.
+ */
+ public Base64InputStream(InputStream in) {
+ this(in, false);
+ }
+
+ /**
+ * Creates a Base64InputStream such that all data read is either Base64-encoded or Base64-decoded from the original
+ * provided InputStream.
+ *
+ * @param in
+ * InputStream to wrap.
+ * @param doEncode
+ * true if we should encode all data read from us, false if we should decode.
+ */
+ public Base64InputStream(InputStream in, boolean doEncode) {
+ super(in);
+ this.doEncode = doEncode;
+ this.base64 = new Base64();
+ }
+
+ /**
+ * Creates a Base64InputStream such that all data read is either Base64-encoded or Base64-decoded from the original
+ * provided InputStream.
+ *
+ * @param in
+ * InputStream to wrap.
+ * @param doEncode
+ * true if we should encode all data read from us, false if we should decode.
+ * @param lineLength
+ * If doEncode is true, each line of encoded data will contain lineLength characters (rounded down to
+ * nearest multiple of 4). If lineLength <=0, the encoded data is not divided into lines. If doEncode is
+ * false, lineLength is ignored.
+ * @param lineSeparator
+ * If doEncode is true, each line of encoded data will be terminated with this byte sequence (e.g. \r\n).
+ * If lineLength <= 0, the lineSeparator is not used. If doEncode is false lineSeparator is ignored.
+ */
+ public Base64InputStream(InputStream in, boolean doEncode, int lineLength, byte[] lineSeparator) {
+ super(in);
+ this.doEncode = doEncode;
+ this.base64 = new Base64(lineLength, lineSeparator);
+ }
+
+ /**
+ * Reads one <code>byte</code> from this input stream.
+ *
+ * @return the byte as an integer in the range 0 to 255. Returns -1 if EOF has been reached.
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ */
+ public int read() throws IOException {
+ int r = read(singleByte, 0, 1);
+ while (r == 0) {
+ r = read(singleByte, 0, 1);
+ }
+ if (r > 0) {
+ return singleByte[0] < 0 ? 256 + singleByte[0] : singleByte[0];
+ }
+ return -1;
+ }
+
+ /**
+ * Attempts to read <code>len</code> bytes into the specified <code>b</code> array starting at <code>offset</code>
+ * from this InputStream.
+ *
+ * @param b
+ * destination byte array
+ * @param offset
+ * where to start writing the bytes
+ * @param len
+ * maximum number of bytes to read
+ *
+ * @return number of bytes read
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ * @throws NullPointerException
+ * if the byte array parameter is null
+ * @throws IndexOutOfBoundsException
+ * if offset, len or buffer size are invalid
+ */
+ public int read(byte b[], int offset, int len) throws IOException {
+ if (b == null) {
+ throw new NullPointerException();
+ } else if (offset < 0 || len < 0) {
+ throw new IndexOutOfBoundsException();
+ } else if (offset > b.length || offset + len > b.length) {
+ throw new IndexOutOfBoundsException();
+ } else if (len == 0) {
+ return 0;
+ } else {
+ if (!base64.hasData()) {
+ byte[] buf = new byte[doEncode ? 4096 : 8192];
+ int c = in.read(buf);
+ // A little optimization to avoid System.arraycopy()
+ // when possible.
+ if (c > 0 && b.length == len) {
+ base64.setInitialBuffer(b, offset, len);
+ }
+ if (doEncode) {
+ base64.encode(buf, 0, c);
+ } else {
+ base64.decode(buf, 0, c);
+ }
+ }
+ return base64.readResults(b, offset, len);
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ *
+ * @return false
+ */
+ public boolean markSupported() {
+ return false; // not an easy job to support marks
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64OutputStream.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64OutputStream.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64OutputStream.java
new file mode 100644
index 0000000..dd38c32
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/Base64OutputStream.java
@@ -0,0 +1,198 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.kerby.util;
+
+import java.io.FilterOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Provides Base64 encoding and decoding in a streaming fashion (unlimited size). When encoding the default lineLength
+ * is 76 characters and the default lineEnding is CRLF, but these can be overridden by using the appropriate
+ * constructor.
+ * <p>
+ * The default behaviour of the Base64OutputStream is to ENCODE, whereas the default behaviour of the Base64InputStream
+ * is to DECODE. But this behaviour can be overridden by using a different constructor.
+ * </p>
+ * <p>
+ * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
+ * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
+ * </p>
+ * <p>
+ * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
+ * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
+ * </p>
+ *
+ * @author Apache Software Foundation
+ * @version $Id$
+ * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
+ * @since 1.4
+ */
+public class Base64OutputStream extends FilterOutputStream {
+ private final boolean doEncode;
+
+ private final Base64 base64;
+
+ private final byte[] singleByte = new byte[1];
+
+ /**
+ * Creates a Base64OutputStream such that all data written is Base64-encoded to the original provided OutputStream.
+ *
+ * @param out
+ * OutputStream to wrap.
+ */
+ public Base64OutputStream(OutputStream out) {
+ this(out, true);
+ }
+
+ /**
+ * Creates a Base64OutputStream such that all data written is either Base64-encoded or Base64-decoded to the
+ * original provided OutputStream.
+ *
+ * @param out
+ * OutputStream to wrap.
+ * @param doEncode
+ * true if we should encode all data written to us, false if we should decode.
+ */
+ public Base64OutputStream(OutputStream out, boolean doEncode) {
+ super(out);
+ this.doEncode = doEncode;
+ this.base64 = new Base64();
+ }
+
+ /**
+ * Creates a Base64OutputStream such that all data written is either Base64-encoded or Base64-decoded to the
+ * original provided OutputStream.
+ *
+ * @param out
+ * OutputStream to wrap.
+ * @param doEncode
+ * true if we should encode all data written to us, false if we should decode.
+ * @param lineLength
+ * If doEncode is true, each line of encoded data will contain lineLength characters (rounded down to
+ * nearest multiple of 4). If lineLength <=0, the encoded data is not divided into lines. If doEncode is
+ * false, lineLength is ignored.
+ * @param lineSeparator
+ * If doEncode is true, each line of encoded data will be terminated with this byte sequence (e.g. \r\n).
+ * If lineLength <= 0, the lineSeparator is not used. If doEncode is false lineSeparator is ignored.
+ */
+ public Base64OutputStream(OutputStream out, boolean doEncode, int lineLength, byte[] lineSeparator) {
+ super(out);
+ this.doEncode = doEncode;
+ this.base64 = new Base64(lineLength, lineSeparator);
+ }
+
+ /**
+ * Writes the specified <code>byte</code> to this output stream.
+ *
+ * @param i
+ * source byte
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ */
+ public void write(int i) throws IOException {
+ singleByte[0] = (byte) i;
+ write(singleByte, 0, 1);
+ }
+
+ /**
+ * Writes <code>len</code> bytes from the specified <code>b</code> array starting at <code>offset</code> to this
+ * output stream.
+ *
+ * @param b
+ * source byte array
+ * @param offset
+ * where to start reading the bytes
+ * @param len
+ * maximum number of bytes to write
+ *
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ * @throws NullPointerException
+ * if the byte array parameter is null
+ * @throws IndexOutOfBoundsException
+ * if offset, len or buffer size are invalid
+ */
+ public void write(byte b[], int offset, int len) throws IOException {
+ if (b == null) {
+ throw new NullPointerException();
+ } else if (offset < 0 || len < 0) {
+ throw new IndexOutOfBoundsException();
+ } else if (offset > b.length || offset + len > b.length) {
+ throw new IndexOutOfBoundsException();
+ } else if (len > 0) {
+ if (doEncode) {
+ base64.encode(b, offset, len);
+ } else {
+ base64.decode(b, offset, len);
+ }
+ flush(false);
+ }
+ }
+
+ /**
+ * Flushes this output stream and forces any buffered output bytes to be written out to the stream. If propogate is
+ * true, the wrapped stream will also be flushed.
+ *
+ * @param propogate
+ * boolean flag to indicate whether the wrapped OutputStream should also be flushed.
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ */
+ private void flush(boolean propogate) throws IOException {
+ int avail = base64.avail();
+ if (avail > 0) {
+ byte[] buf = new byte[avail];
+ int c = base64.readResults(buf, 0, avail);
+ if (c > 0) {
+ out.write(buf, 0, c);
+ }
+ }
+ if (propogate) {
+ out.flush();
+ }
+ }
+
+ /**
+ * Flushes this output stream and forces any buffered output bytes to be written out to the stream.
+ *
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ */
+ public void flush() throws IOException {
+ flush(true);
+ }
+
+ /**
+ * Closes this output stream and releases any system resources associated with the stream.
+ *
+ * @throws java.io.IOException
+ * if an I/O error occurs.
+ */
+ public void close() throws IOException {
+ // Notify encoder of EOF (-1).
+ if (doEncode) {
+ base64.encode(singleByte, 0, -1);
+ } else {
+ base64.decode(singleByte, 0, -1);
+ }
+ flush();
+ out.close();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/lib/kerby-util/src/main/java/org/apache/kerby/util/Hex.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/Hex.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/Hex.java
new file mode 100644
index 0000000..ec61298
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/Hex.java
@@ -0,0 +1,77 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.kerby.util;
+
+/**
+ * Utility class for dealing with hex-encoding of binary data.
+ *
+ * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@gmail.com</a>
+ * @since 13-Nov-2007
+ */
+public class Hex {
+
+ public static byte[] decode(String s) {
+ byte[] b = new byte[s.length() / 2];
+ for (int i = 0; i < b.length; i++) {
+ String hex = s.substring(2 * i, 2 * (i + 1));
+ b[i] = (byte) Integer.parseInt(hex, 16);
+ }
+ return b;
+ }
+
+ public static byte[] decode(byte[] hexString) {
+ byte[] b = new byte[hexString.length / 2];
+ char[] chars = new char[2];
+ for (int i = 0; i < b.length; i++) {
+ chars[0] = (char) hexString[2 * i];
+ chars[1] = (char) hexString[2 * i + 1];
+ String hex = new String(chars);
+ b[i] = (byte) Integer.parseInt(hex, 16);
+ }
+ return b;
+ }
+
+ public static String encode(byte[] b) {
+ return encode(b, 0, b.length);
+ }
+
+ public static String encode(byte[] b, int offset, int length) {
+ StringBuffer buf = new StringBuffer();
+ int len = Math.min(offset + length, b.length);
+ for (int i = offset; i < len; i++) {
+ int c = (int) b[i];
+ if (c < 0) {
+ c = c + 256;
+ }
+ if (c >= 0 && c <= 15) {
+ buf.append('0');
+ }
+ buf.append(Integer.toHexString(c));
+ }
+ return buf.toString();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/lib/kerby-util/src/main/java/org/apache/kerby/util/UTF8.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/UTF8.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/UTF8.java
new file mode 100644
index 0000000..ddbeab1
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/UTF8.java
@@ -0,0 +1,22 @@
+package org.apache.kerby.util;
+
+import java.io.UnsupportedEncodingException;
+
+public class UTF8 {
+
+ public static String toString(byte[] bytes) {
+ try {
+ return new String(bytes, "UTF-8");
+ } catch (UnsupportedEncodingException uee) {
+ throw new RuntimeException("UTF8 unavailable", uee);
+ }
+ }
+
+ public static byte[] toBytes(String s) {
+ try {
+ return s.getBytes("UTF-8");
+ } catch (UnsupportedEncodingException uee) {
+ throw new RuntimeException("UTF8 unavailable", uee);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index c89e94e..c3d3729 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,6 +49,7 @@
<dependencyManagement>
<dependencies>
<dependency>
+ <scope>test</scope>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
[5/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/pkcs8.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/pkcs8.html b/3rdparty/not-yet-commons-ssl/docs/pkcs8.html
deleted file mode 100644
index 2119983..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/pkcs8.html
+++ /dev/null
@@ -1,156 +0,0 @@
-<html>
-<head>
-<title>Decrypting PKCS #8 and OpenSSL Private Keys with Java</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<span class="hl" href="pkcs8.html">pkcs8</span> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>PKCS #8 / OpenSSL Encrypted Keys</em></h2>
-<br/>
-<h3>Java 1.3 Compatible! (with <a href="http://java.sun.com/products/jce/index-122.html">jce1_2_2.jar</a>) (or <a href="http://bouncycastle.org/latest_releases.html">bcprov-jdk13.jar</a>)</h3>
-<p>Commons-SSL includes support for extracting private keys from PKCS #8 files.
-We also support the OpenSSL formats ("traditional SSLeay"). The private keys can be in PEM (base64)
-or DER (raw ASN.1 - a binary format).
-</p>
-<p>The code works with Java 1.3 (+JCE), 1.4, 5.0, 6.0, but not all of the ciphers and hashes are available
-until Java 5.0 (unless you use BouncyCastle). Fortunately the most common formats [OpenSSL MD5 with 3DES], [PKCS #8 V1.5 MD5 with DES], [PKCS #8 V2.0 HmacSHA1 with 3DES]
-work with all versions of Java, including Java 1.3.</p>
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>pkcs8 example:</b></u>
-
-FileInputStream in = new FileInputStream( "/path/to/pkcs8_private_key.der" );
-
-<em style="color: green;">// If the provided InputStream is encrypted, we need a password to decrypt</em>
-<em style="color: green;">// it. If the InputStream is not encrypted, then the password is ignored</em>
-<em style="color: green;">// (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64).</em>
-PKCS8Key pkcs8 = new PKCS8Key( in, "changeit".toCharArray() );
-
-<em style="color: green;">// If an unencrypted PKCS8 key was provided, then this actually returns</em>
-<em style="color: green;">// exactly what was originally passed in (with no changes). If an OpenSSL</em>
-<em style="color: green;">// key was provided, it gets reformatted as PKCS #8 first, and so these</em>
-<em style="color: green;">// bytes will still be PKCS #8, not OpenSSL.</em>
-byte[] decrypted = pkcs8.getDecryptedBytes();
-PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( decrypted );
-
-<em style="color: green;">// A Java PrivateKey object is born.</em>
-PrivateKey pk = null;
-if ( pkcs8.isDSA() )
-{
- pk = KeyFactory.getInstance( "DSA" ).generatePrivate( spec );
-}
-else if ( pkcs8.isRSA() )
-{
- pk = KeyFactory.getInstance( "RSA" ).generatePrivate( spec );
-}
-
-<em style="color: green;">// For lazier types:</em>
-pk = pkcs8.getPrivateKey();
-</pre>
-<br clear="all"/>
-<p>Both RSA and DSA keys are supported. Here is a list of supported formats:</p>
-<ul>
-<li class="top"><b>OpenSSL "Traditional SSLeay Compatible Format"</b><ul>
-<li>Unencrypted PEM or DER</li>
-<li>Encrypted PEM:<br/>
-<ul class="openssl"><li>des</li><li>des2</li><li>des3</li><li>blowfish</li></ul>
-<ul class="openssl"><li>aes128</li><li>aes192</li><li>aes256</li></ul>
-<ul class="openssl"><li>rc2-40</li><li>rc2-64</li><li>rc2-128</li></ul>
-<br clear="all"/>
-<dl style="margin-top: 1em; width: 600px;"><dt>Note:</dt><dd>OpenSSL "traditional SSLeay" format does not allow encrypted keys to be encoded in DER. Only
-unencrypted keys can be encoded in DER.</dd></dl></li>
-</ul>
-</li>
-<li class="top"><b>PKCS #8 (Unencrypted)</b>
-<ul><li>PEM or DER</li></ul></li>
-<li class="top"><b>PKCS #8 with PKCS #5 Version 1.5 Encryption</b>
-<ul><li>PEM or DER:
-<ul class="pkcs8">
-<li>MD2 with DES</li>
-<li>MD2 with RC2-64</li>
-</ul>
-<ul class="pkcs8">
-<li>MD5 with DES</li>
-<li>MD5 with RC2-64</li>
-</ul>
-<ul class="pkcs8">
-<li>SHA1 with DES</li>
-<li>SHA1 with RC2-64</li>
-</ul>
-<br clear="all"/>
-</li></ul></li>
-<li class="top"><b>PKCS #8 with PKCS #5 Version 1.5 Encryption and PKCS #12 Key Derivation</b>
-<ul><li>PEM or DER:
-<ul class="pkcs8">
-<li>SHA1 with 3DES</li>
-<li>SHA1 with 2DES</li>
-</ul>
-<ul class="pkcs8">
-<li>SHA1 with RC2-128</li>
-<li>SHA1 with RC2-40</li>
-</ul>
-<ul class="pkcs8">
-<li>SHA1 with RC4-128</li>
-<li>SHA1 with RC4-40</li>
-</ul>
-<br clear="all"/>
-</li></ul></li>
-<li class="top"><b>PKCS #8 with PKCS #5 Version 2.0 Encryption and HmacSHA1</b>
-<ul><li>PEM or DER:
-<ul class="pkcs8">
-<li>DES</li>
-<li>3DES</li>
-<li>Blowfish</li>
-</ul>
-<ul class="pkcs8">
-<li>AES-128</li>
-<li>AES-192</li>
-<li>AES-256</li>
-</ul>
-<ul class="pkcs8">
-<li>RC2-40</li>
-<li>RC2-64</li>
-<li>RC2-128</li>
-</ul>
-<br clear="all"/>
-</li></ul></li></ul>
-<hr/>
-<p>
-Here are links to the raw samples and test results:
-<ol>
-<li><a href="samples/rsa_result.html">2048 Bit RSA</a></li>
-<li><a href="samples/dsa_result.html">2048 Bit DSA</a></li>
-</ol>
-</p>
-<p>The samples were all generated using OpenSSL's
-<code>rsa</code>, <code>genrsa</code>, <code>dsa</code>, <code>gendsa</code>, <code>dsaparam</code>
-and <code>pkcs8</code> commands. We're curious to know if
-PKCS #8 keys created by other programs will also work, but OpenSSL is all we have to play
-with at the moment.</p>
-<p>The password to decrypt the samples is always "changeit", and they all have the same RSA or DSA
-key.</p>
-
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/rmi.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/rmi.html b/3rdparty/not-yet-commons-ssl/docs/rmi.html
deleted file mode 100644
index 6d7b2b6..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/rmi.html
+++ /dev/null
@@ -1,102 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - RMI over SSL Java Example</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-ol.points li { margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<span class="hl" href="rmi.html">rmi</span> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>RMI over SSL <em style="color: red; font-weight: normal;">(experimental)</em></h2>
-<br/><b>3 points to consider:</b>
-<ol class="points">
-<li>To run the RMI-SSL server, you must invoke <code>LocateRegistry.createRegistry( 1099 )</code>
-from within your own application. You must do this AFTER calling <code>RMISocketFactory.setSocketFactory( impl )</code>.
-RMISocketFactoryImpl will open the registry on 1099, and will open anonymous RMI servers (where port 0 is
-specified) on port 31099.
-RMI-SSL, as shown here, doesn't work with <code>$JAVA_HOME/bin/rmiregistry</code>.
-<br/>See the example code below for help with <code>RMISocketFactory.setSocketFactory( impl )</code>.
-</li>
-<li>To run the RMI-SSL client, you need to find an RMI-SSL server to connect to. See #1, above. ;-)</li>
-<li>If you don't manage to find an RMI-SSL server, then the RMI-SSL client will automatically downgrade itself
-to plain-socket. There is an important security consideration to consider regarding this: RMISocketFactoryImpl
-at this time only guarantees the security of the registry and the server sockets it opens. Client sockets
-it creates might be plain-socket.</li>
-</ol>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>RMI over SSL Example</b></u>
-
-import org.apache.commons.ssl.RMISocketFactoryImpl;
-
-<em style="color: green;">// RMISocketFactoryImpl tries to detect plain sockets, so you should be able to use</em>
-<em style="color: green;">// this even in situations where not all of the RMI servers you are talking to are</em>
-<em style="color: green;">// using SSL.</em>
-RMISocketFactoryImpl impl = new RMISocketFactoryImpl();
-
-<em style="color: green;">// Let's change some settings on our default SSL client.</em>
-SSLClient defaultClient = (SSLClient) impl.getDefaultClient();
-client.setCheckHostname( false );
-client.setCheckCRL( true );
-client.setCheckExpiry( false );
-
-<em style="color: green;">// By default we trust Java's "cacerts", as well as whatever cert is on localhost:1099,</em>
-<em style="color: green;">// so this is redundant: (Trusting localhost:1099 is some commons-ssl magic).</em>
-client.addTrustMaterial( TrustMaterial.DEFAULT );
-
-<em style="color: green;">// But if we had used setTrustMaterial() instead of addTrustMaterial(), we would (probably)</em>
-<em style="color: green;">// no longer trust localhost:1099! Using set instead of add causes all previous "adds" to</em>
-<em style="color: green;">// to be thrown out.</em>
-
-<em style="color: green;">// Meanwhile, RMI calls to rmi://special.com:1099/ need to trust a self-signed certificate,</em>
-<em style="color: green;">// but we don't want to pollute our default trust with this shoddy cert. So only calls</em>
-<em style="color: green;">// specifically to "special.com" (any port) will use this.</em>
-SSLClient specialClient = new SSLClient();
-TrustMaterial tm = new TrustMaterial( "special.pem" );
-specialClient.addTrustMaterial( tm );
-<em style="color: green;">// Here's where the special cert gets associated with "special.com":</em>
-impl.setClient( "special.com", specialClient );
-
-
-<em style="color: green;">// We're might also want to be an RMI server ourselves!</em>
-<em style="color: green;">// By default commons-ssl looks for "~/.keystore" and tries password "changeit",</em>
-<em style="color: green;">// but we can change things if we want:</em>
-SSLServer server = (SSLServer) impl.getDefaultServer();
-tm = new TrustMaterial( "trust_only_these_client_certs.pem" );
-KeyMaterial km = new KeyMaterial( "/path/to/myKey.p12", "password".toCharArray() );
-server.setTrustMaterial( tm );
-server.setKeyMaterial( km );
-<em style="color: green;">// This particular RMI server will only accept connections with client certs!</em>
-server.setNeedClientAuth( true );
-
-<em style="color: green;">// Finally, we tell Java to use our new RMI socket factory!</em>
-RMISocketFactory.setSocketFactory( impl );</pre>
-<br clear="all">
-<pre>
-<!-- make the page scroll a little more -->
-
-</pre>
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/roadmap.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/roadmap.html b/3rdparty/not-yet-commons-ssl/docs/roadmap.html
deleted file mode 100644
index 3962540..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/roadmap.html
+++ /dev/null
@@ -1,86 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - Downloads, Features, Future Directions</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-td.v { text-align: center; }
-dt { padding: 8px 0 8px 5px; }
-dd { padding-left: 15px; }
-li { padding-bottom: 6px; }
-tr.released td, tr.released th { background-color: yellow; font-weight: bold; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-
-<span class="hl" href="download.html">download</span>
-</div>
-<br clear="all"/>
-<hr/>
-<h1>This page is out of date. These days we just do maintenance releases to fix bugs reported on the mailing list.
-Current version is 0.3.15.</h1>
-<h3><a name="roadmap">Road Map For Future Versions</a></h3>
-<p>0.3.10 - 0.3.11 are just some feature ideas. They might not be feasible. <b style="background-color: yellow;">0.3.9 is the current version.</b></p>
-<table cellspacing="0" cellpadding="4" border="1">
-<tr><th>Version</th><th>Release Date?</th><th>Description</th></tr>
-<tr><td class="v">0.3.4</td><td class="v">Nov 2006</td><td>90% feature complete. Probably contains some bugs.</td></tr>
-
-<tr><td class="v">0.3.5</td><td class="v">Dec 2006</td><td>PKCS8Key constructor is public now. Whoops. Hostname verification
-knows about more than just CN's now - also checks subjectAlts in the server's certificate.</td></tr>
-<tr><td class="v">0.3.6</td><td class="v">Jan 2007</td><td>Fixed Java 1.4 bug with HttpsURLConnection.</td></tr>
-<tr><td class="v">0.3.7</td><td class="v">Feb 2007</td><td>40 bit and 56 bit ciphers disabled by default. RMI-SSL improved. getSSLContext() added. Various other improvements.</td></tr>
-<tr class="v"><td class="v">0.3.8</td><td class="v">Nov 2007</td><td>PBE (password-based-encryption) formally introduced and improved. 40 bit and 56 bit ciphers still disabled by default, but working better when re-enabled.</td></tr>
-
-<tr class="released"><td class="v">0.3.9</td><td class="v">May 2008</td><td>Some PBE fixes. Using latest ASN.1 code from BouncyCastle.</td></tr>
-<tr class="unreleased"><td class="v">0.3.10</td><td class="v">May 2008</td><td>
-<p>
-Socket monitoring. Make it easier for long-running server applications to warn
-about impending certificate expiries.
-</p>
-<p>
-<a href="http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol">OCSP</a> - Online Certificate Status Protocol
-</p>
-
-<p>
-NotQuiteSoEasySSLProtocolSocketFactory will trust any server The First Time, and store that server's cert on disk for future accesses.
-</p>
-</td></tr>
-<tr><td class="v">0.3.11</td><td class="v">Jun 2008</td><td><code>TrustMaterial.setAutoReload( true / false )</code>, and <code>KeyMaterial.setAutoReload( true / false )</code>,
-but only if no password, or "changeit" was provided. (Question: should this "reload" tear down all open sockets?).
-</td></tr>
-<tr><td class="v">0.4.0</td><td class="v">Jul 2008</td><td>Non-public code (protected, private, etc) moved into a separate "impl" package where possible.</td></tr>
-
-<tr><td class="v">0.5.0</td><td class="v">Aug 2008</td><td>API froven. All future versions must be reverse-compatible with 0.5.0 (except for any parts of 0.5.0 later found to be insecure).</td></tr>
-<tr><td class="v">0.7.0</td><td class="v">Nov 2008</td><td>JavaDocs written for all public methods and classes.</td></tr>
-<tr><td class="v">0.7.5</td><td class="v">Mar 2009</td><td>JUnit tests written for all classes.</td></tr>
-<tr><td class="v">0.9.0</td><td class="v">May 2009</td><td>First BETA release. JUnit tests passing on all targetted platforms:
-
-<ol>
-<li>Intel/AMD: (Sun, IBM, BEA) x (Linux, Mac, Windows) x (1.3, 1.4, 5, 6, 7)</li>
-<li>All of the above with and without BouncyCastle.</li>
-<li>PowerPC: Mac OS X 10.4, 10.5</li>
-<li>Linux: Latest GCJ, Kaffe, and Blackdown releases. BouncyCastle added if necessary to get tests to pass.</li>
-<li>Anyone got an IBM mainframe we can test on?</li>
-</td></tr>
-<tr><td class="v">0.9.1 - 0.9.9</td><td class="v">Aug 2009</td><td>Bug fixes.</td></tr>
-
-<tr><td class="v">1.0.0</td><td class="v">Jan 2010</td><td>Development mostly stops.</td></tr>
-</table>
-<p>The problem we're solving with Commons-SSL
-is quite small, so I don't see any reason to ever go beyond 1.0.0, except for fixing bugs.</p>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/source.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/source.html b/3rdparty/not-yet-commons-ssl/docs/source.html
deleted file mode 100644
index 6c2fc85..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/source.html
+++ /dev/null
@@ -1,38 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - Source Tree</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<span class="hl" href="source.html">source</span> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>not-yet-commons-ssl Source Code</em></h2>
-<br clear="all">
-
-<!--#include virtual="tree.html" -->
-
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/ssl.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/ssl.html b/3rdparty/not-yet-commons-ssl/docs/ssl.html
deleted file mode 100644
index 86bfa4d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/ssl.html
+++ /dev/null
@@ -1,106 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<meta name="Author" content="Julius Davies">
-<title>Java Examples for Creating SSL/TLS Sockets</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<span class="hl" href="ssl.html">ssl</span> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Code Examples For Creating SSL Sockets</h2>
-<div style="font-family: arial; margin-top: 18px;">
-<b class="n">Note:</b>
-<br/>SSLClient <b class="n">extends</b> SSLSocketFactory
-<br/>SSLServer <b class="n">extends</b> SSLServerSocketFactory
-</div>
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>Client Example:</b></u>
-
-SSLClient client = new SSLClient();
-
-<em style="color: green;">// Let's trust usual "cacerts" that come with Java. Plus, let's also trust a self-signed cert</em>
-<em style="color: green;">// we know of. We have some additional certs to trust inside a java keystore file.</em>
-client.addTrustMaterial( TrustMaterial.DEFAULT );
-client.addTrustMaterial( new TrustMaterial( "/path/to/self-signed.pem" ) );
-client.addTrustMaterial( new KeyMaterial( "/path/to/keystore.jks", "changeit".toCharArray() ) );
-
-<em style="color: green;">// To be different, let's allow for expired certificates (not recommended).</em>
-client.setCheckHostname( true ); <em style="color: green;">// default setting is "true" for SSLClient</em>
-client.setCheckExpiry( false ); <em style="color: green;">// default setting is "true" for SSLClient</em>
-client.setCheckCRL( true ); <em style="color: green;">// default setting is "true" for SSLClient</em>
-
-<em style="color: green;">// Let's load a client certificate (max: 1 per SSLClient instance).</em>
-client.setKeyMaterial( new KeyMaterial( "/path/to/client.pfx", "secret".toCharArray() ) );
-SSLSocket s = (SSLSocket) client.createSocket( "www.cucbc.com", 443 );</pre>
-
-<br clear="all"><pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>Server Example (OpenSSL/Apache Style)</b></u>
-<em style="color: green;">// Compatible with the private key / certificate chain created from following the Apache2</em>
-<em style="color: green;">// TLS FAQ: "How do I create a self-signed SSL Certificate for testing purposes?"</em>
-<em style="color: green;">// <a href="http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#selfcert">http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#selfcert</a></em>
-
-SSLServer server = new SSLServer();
-
-<em style="color: green;">// Server needs some key material. We'll use an OpenSSL/PKCS8 style key (possibly encrypted).</em>
-String certificateChain = "/path/to/this/server.crt";
-String privateKey = "/path/to/this/server.key";
-char[] password = "changeit".toCharArray();
-KeyMaterial km = new KeyMaterial( certificateChain, privateKey, password );
-
-server.setKeyMaterial( km );
-
-<em style="color: green;">// These settings have to do with how we'll treat client certificates that are presented</em>
-<em style="color: green;">// to us. If the client doesn't present any client certificate, then these are ignored.</em>
-server.setCheckHostname( false ); <em style="color: green;">// default setting is "false" for SSLServer</em>
-server.setCheckExpiry( true ); <em style="color: green;">// default setting is "true" for SSLServer</em>
-server.setCheckCRL( true ); <em style="color: green;">// default setting is "true" for SSLServer</em>
-
-<em style="color: green;">// This server trusts all client certificates presented (usually people won't present</em>
-<em style="color: green;">// client certs, but if they do, we'll give them a socket at the very least).</em>
-server.addTrustMaterial( TrustMaterial.TRUST_ALL );
-SSLServerSocket ss = (SSLServerSocket) server.createServerSocket( 7443 );
-SSLSocket socket = (SSLSocket) ss.accept();</pre>
-
-<br clear="all"><pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>Server Example (Traditional Java "KeyStore" Style)</b></u>
-
-SSLServer server = new SSLServer();
-
-<em style="color: green;">// Server needs some key material. We'll use a Java Keystore (.jks) or Netscape</em>
-<em style="color: green;">// PKCS12 (.pfx or .p12) file. Commons-ssl automatically detects the type.</em>
-String pathToKeyMaterial = "/path/to/.keystore";
-char[] password = "changeit".toCharArray();
-KeyMaterial km = new KeyMaterial( pathToKeyMaterial, password );
-
-server.setKeyMaterial( km );
-
-<em style="color: green;">// This server trusts all client certificates presented (usually people won't present</em>
-<em style="color: green;">// client certs, but if they do, we'll give them a socket at the very least).</em>
-server.addTrustMaterial( TrustMaterial.TRUST_ALL );
-SSLServerSocket ss = (SSLServerSocket) server.createServerSocket( 7443 );
-SSLSocket socket = (SSLSocket) ss.accept();</pre>
-
-
-<br clear="all">
-
-</body>
-</html>
[4/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/tree.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/tree.html b/3rdparty/not-yet-commons-ssl/docs/tree.html
deleted file mode 100644
index 5d50525..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/tree.html
+++ /dev/null
@@ -1,1137 +0,0 @@
-
-<pre><a href=".">.</a>
- |-- <a href="./LICENSE.txt">LICENSE.txt</a>
- |-- <a href="./NOTICE.txt">NOTICE.txt</a>
- |-- <a href="./README.txt">README.txt</a>
- |-- <a href="./build.xml">build.xml</a>
- |-- <a href="./docs/">docs</a>
- | |-- <a href="./docs/404.html">404.html</a>
- | |-- <a href="./docs/TrustExample.java">TrustExample.java</a>
- | |-- <a href="./docs/TrustExample.java.html">TrustExample.java.html</a>
- | |-- <a href="./docs/about.html">about.html</a>
- | |-- <a href="./docs/download.html">download.html</a>
- | |-- <a href="./docs/index.html">index.html</a>
- | |-- <a href="./docs/openssl/">openssl</a>
- | | |-- <a href="./docs/openssl/compare.txt">compare.txt</a>
- | | |-- <a href="./docs/openssl/profile.3.10">profile.3.10</a>
- | | `-- <a href="./docs/openssl/profile.3.9">profile.3.9</a>
- | |-- <a href="./docs/pbe.html">pbe.html</a>
- | |-- <a href="./docs/ping.html">ping.html</a>
- | |-- <a href="./docs/pkcs8.html">pkcs8.html</a>
- | |-- <a href="./docs/rmi.html">rmi.html</a>
- | |-- <a href="./docs/roadmap.html">roadmap.html</a>
- | |-- <a href="./docs/source.html">source.html</a>
- | |-- <a href="./docs/ssl.html">ssl.html</a>
- | |-- <a href="./docs/tree.html">tree.html</a>
- | `-- <a href="./docs/utilities.html">utilities.html</a>
- |-- <a href="./javadocs/">javadocs</a>
- |-- <a href="./lib/">lib</a>
- | |-- <a href="./lib/bcprov-jdk16-143.jar">bcprov-jdk16-143.jar</a>
- | |-- <a href="./lib/commons-httpclient-3.0.jar">commons-httpclient-3.0.jar</a>
- | |-- <a href="./lib/commons-logging-1.0.4.jar">commons-logging-1.0.4.jar</a>
- | |-- <a href="./lib/junit-3.8.1.jar">junit-3.8.1.jar</a>
- | `-- <a href="./lib/log4j-1.2.13.jar">log4j-1.2.13.jar</a>
- |-- <a href="./not-yet-commons-ssl-0.3.11.jar">not-yet-commons-ssl-0.3.11.jar</a>
- |-- <a href="./not-yet-commons-ssl-0.3.11.zip">not-yet-commons-ssl-0.3.11.zip</a>
- |-- <a href="./samples/">samples</a>
- | |-- <a href="./samples/PASSWORD.txt">PASSWORD.txt</a>
- | |-- <a href="./samples/README.txt">README.txt</a>
- | |-- <a href="./samples/ca/">ca</a>
- | | |-- <a href="./samples/ca/CA.sh">CA.sh</a>
- | | |-- <a href="./samples/ca/clean.sh">clean.sh</a>
- | | |-- <a href="./samples/ca/dsa-intermediate/">dsa-intermediate</a>
- | | | |-- <a href="./samples/ca/dsa-intermediate/cacert.pem">cacert.pem</a>
- | | | |-- <a href="./samples/ca/dsa-intermediate/dsa.params">dsa.params</a>
- | | | |-- <a href="./samples/ca/dsa-intermediate/newcerts/">newcerts</a>
- | | | `-- <a href="./samples/ca/dsa-intermediate/private/">private</a>
- | | | `-- <a href="./samples/ca/dsa-intermediate/private/cakey.pem">cakey.pem</a>
- | | |-- <a href="./samples/ca/openssl.cnf">openssl.cnf</a>
- | | |-- <a href="./samples/ca/root/">root</a>
- | | | |-- <a href="./samples/ca/root/cacert.pem">cacert.pem</a>
- | | | |-- <a href="./samples/ca/root/newcerts/">newcerts</a>
- | | | `-- <a href="./samples/ca/root/private/">private</a>
- | | | `-- <a href="./samples/ca/root/private/cakey.pem">cakey.pem</a>
- | | |-- <a href="./samples/ca/rsa-intermediate/">rsa-intermediate</a>
- | | | |-- <a href="./samples/ca/rsa-intermediate/cacert.pem">cacert.pem</a>
- | | | |-- <a href="./samples/ca/rsa-intermediate/newcerts/">newcerts</a>
- | | | `-- <a href="./samples/ca/rsa-intermediate/private/">private</a>
- | | | `-- <a href="./samples/ca/rsa-intermediate/private/cakey.pem">cakey.pem</a>
- | | |-- <a href="./samples/ca/rsa.key">rsa.key</a>
- | | |-- <a href="./samples/ca/test-dsa-cert.pem">test-dsa-cert.pem</a>
- | | |-- <a href="./samples/ca/test-dsa-chain.pem">test-dsa-chain.pem</a>
- | | |-- <a href="./samples/ca/test-rsa-cert.pem">test-rsa-cert.pem</a>
- | | `-- <a href="./samples/ca/test-rsa-chain.pem">test-rsa-chain.pem</a>
- | |-- <a href="./samples/createPBESamples.sh">createPBESamples.sh</a>
- | |-- <a href="./samples/dsa/">dsa</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes128_cbc.pem">openssl_dsa_aes128_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes128_cfb.pem">openssl_dsa_aes128_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes128_ecb.pem">openssl_dsa_aes128_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes128_ofb.pem">openssl_dsa_aes128_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes192_cbc.pem">openssl_dsa_aes192_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes192_cfb.pem">openssl_dsa_aes192_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes192_ecb.pem">openssl_dsa_aes192_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes192_ofb.pem">openssl_dsa_aes192_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes256_cbc.pem">openssl_dsa_aes256_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes256_cfb.pem">openssl_dsa_aes256_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes256_ecb.pem">openssl_dsa_aes256_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_aes256_ofb.pem">openssl_dsa_aes256_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_blowfish_cbc.pem">openssl_dsa_blowfish_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_blowfish_cfb.pem">openssl_dsa_blowfish_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_blowfish_ecb.pem">openssl_dsa_blowfish_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_blowfish_ofb.pem">openssl_dsa_blowfish_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des1_cbc.pem">openssl_dsa_des1_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des1_cfb.pem">openssl_dsa_des1_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des1_ecb.pem">openssl_dsa_des1_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des1_ofb.pem">openssl_dsa_des1_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des2_cbc.pem">openssl_dsa_des2_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des2_cfb.pem">openssl_dsa_des2_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des2_ecb.pem">openssl_dsa_des2_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des2_ofb.pem">openssl_dsa_des2_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des3_cbc.pem">openssl_dsa_des3_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des3_cfb.pem">openssl_dsa_des3_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des3_ecb.pem">openssl_dsa_des3_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_des3_ofb.pem">openssl_dsa_des3_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_128_cbc.pem">openssl_dsa_rc2_128_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_128_cfb.pem">openssl_dsa_rc2_128_cfb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_128_ecb.pem">openssl_dsa_rc2_128_ecb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_128_ofb.pem">openssl_dsa_rc2_128_ofb.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_40_cbc.pem">openssl_dsa_rc2_40_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_rc2_64_cbc.pem">openssl_dsa_rc2_64_cbc.pem</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_unencrypted.der">openssl_dsa_unencrypted.der</a>
- | | |-- <a href="./samples/dsa/openssl_dsa_unencrypted.pem">openssl_dsa_unencrypted.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8_dsa_unencrypted.der">pkcs8_dsa_unencrypted.der</a>
- | | |-- <a href="./samples/dsa/pkcs8_dsa_unencrypted.pem">pkcs8_dsa_unencrypted.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md2_des1_cbc.der">pkcs8v1_dsa_md2_des1_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md2_des1_cbc.pem">pkcs8v1_dsa_md2_des1_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md2_rc2_64_cbc.der">pkcs8v1_dsa_md2_rc2_64_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md2_rc2_64_cbc.pem">pkcs8v1_dsa_md2_rc2_64_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md5_des1_cbc.der">pkcs8v1_dsa_md5_des1_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md5_des1_cbc.pem">pkcs8v1_dsa_md5_des1_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md5_rc2_64_cbc.der">pkcs8v1_dsa_md5_rc2_64_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_md5_rc2_64_cbc.pem">pkcs8v1_dsa_md5_rc2_64_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des1_cbc.der">pkcs8v1_dsa_sha1_des1_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des1_cbc.pem">pkcs8v1_dsa_sha1_des1_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des2_cbc.der">pkcs8v1_dsa_sha1_des2_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des2_cbc.pem">pkcs8v1_dsa_sha1_des2_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des3_cbc.der">pkcs8v1_dsa_sha1_des3_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_des3_cbc.pem">pkcs8v1_dsa_sha1_des3_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_128_cbc.der">pkcs8v1_dsa_sha1_rc2_128_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_128_cbc.pem">pkcs8v1_dsa_sha1_rc2_128_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_40_cbc.der">pkcs8v1_dsa_sha1_rc2_40_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_40_cbc.pem">pkcs8v1_dsa_sha1_rc2_40_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_64_cbc.der">pkcs8v1_dsa_sha1_rc2_64_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc2_64_cbc.pem">pkcs8v1_dsa_sha1_rc2_64_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc4_128.der">pkcs8v1_dsa_sha1_rc4_128.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc4_128.pem">pkcs8v1_dsa_sha1_rc4_128.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc4_40.der">pkcs8v1_dsa_sha1_rc4_40.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v1_dsa_sha1_rc4_40.pem">pkcs8v1_dsa_sha1_rc4_40.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_cbc.der">pkcs8v2_dsa_aes128_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_cbc.pem">pkcs8v2_dsa_aes128_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_cfb.der">pkcs8v2_dsa_aes128_cfb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_cfb.pem">pkcs8v2_dsa_aes128_cfb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_ecb.der">pkcs8v2_dsa_aes128_ecb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_ecb.pem">pkcs8v2_dsa_aes128_ecb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_ofb.der">pkcs8v2_dsa_aes128_ofb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes128_ofb.pem">pkcs8v2_dsa_aes128_ofb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_cbc.der">pkcs8v2_dsa_aes192_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_cbc.pem">pkcs8v2_dsa_aes192_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_cfb.der">pkcs8v2_dsa_aes192_cfb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_cfb.pem">pkcs8v2_dsa_aes192_cfb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_ecb.der">pkcs8v2_dsa_aes192_ecb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_ecb.pem">pkcs8v2_dsa_aes192_ecb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_ofb.der">pkcs8v2_dsa_aes192_ofb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes192_ofb.pem">pkcs8v2_dsa_aes192_ofb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_cbc.der">pkcs8v2_dsa_aes256_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_cbc.pem">pkcs8v2_dsa_aes256_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_cfb.der">pkcs8v2_dsa_aes256_cfb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_cfb.pem">pkcs8v2_dsa_aes256_cfb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_ecb.der">pkcs8v2_dsa_aes256_ecb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_ecb.pem">pkcs8v2_dsa_aes256_ecb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_ofb.der">pkcs8v2_dsa_aes256_ofb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_aes256_ofb.pem">pkcs8v2_dsa_aes256_ofb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_blowfish_cbc.der">pkcs8v2_dsa_blowfish_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_blowfish_cbc.pem">pkcs8v2_dsa_blowfish_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_cbc.der">pkcs8v2_dsa_des1_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_cbc.pem">pkcs8v2_dsa_des1_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_cfb.der">pkcs8v2_dsa_des1_cfb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_cfb.pem">pkcs8v2_dsa_des1_cfb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_ecb.der">pkcs8v2_dsa_des1_ecb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_ecb.pem">pkcs8v2_dsa_des1_ecb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_ofb.der">pkcs8v2_dsa_des1_ofb.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des1_ofb.pem">pkcs8v2_dsa_des1_ofb.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des2_ecb_SEEMS_WRONG.der">pkcs8v2_dsa_des2_ecb_SEEMS_WRONG.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des2_ecb_SEEMS_WRONG.pem">pkcs8v2_dsa_des2_ecb_SEEMS_WRONG.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des3_cbc.der">pkcs8v2_dsa_des3_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_des3_cbc.pem">pkcs8v2_dsa_des3_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_128_cbc.der">pkcs8v2_dsa_rc2_128_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_128_cbc.pem">pkcs8v2_dsa_rc2_128_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_40_cbc.der">pkcs8v2_dsa_rc2_40_cbc.der</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_40_cbc.pem">pkcs8v2_dsa_rc2_40_cbc.pem</a>
- | | |-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_64_cbc.der">pkcs8v2_dsa_rc2_64_cbc.der</a>
- | | `-- <a href="./samples/dsa/pkcs8v2_dsa_rc2_64_cbc.pem">pkcs8v2_dsa_rc2_64_cbc.pem</a>
- | |-- <a href="./samples/dsa.html">dsa.html</a>
- | |-- <a href="./samples/dsa_result.html">dsa_result.html</a>
- | |-- <a href="./samples/keystores/">keystores</a>
- | | |-- <a href="./samples/keystores/BC.BKS.ks">BC.BKS.ks</a>
- | | |-- <a href="./samples/keystores/BC.PKCS12-3DES-3DES.ks">BC.PKCS12-3DES-3DES.ks</a>
- | | |-- <a href="./samples/keystores/BC.PKCS12-DEF-3DES-3DES.ks">BC.PKCS12-DEF-3DES-3DES.ks</a>
- | | |-- <a href="./samples/keystores/BC.PKCS12-DEF.ks">BC.PKCS12-DEF.ks</a>
- | | |-- <a href="./samples/keystores/BC.PKCS12.ks">BC.PKCS12.ks</a>
- | | |-- <a href="./samples/keystores/BC.UBER.ks">BC.UBER.ks</a>
- | | |-- <a href="./samples/keystores/README.txt">README.txt</a>
- | | |-- <a href="./samples/keystores/Sun.2pass.jks.ks">Sun.2pass.jks.ks</a>
- | | |-- <a href="./samples/keystores/Sun.jks.ks">Sun.jks.ks</a>
- | | |-- <a href="./samples/keystores/SunJCE.jceks.ks">SunJCE.jceks.ks</a>
- | | |-- <a href="./samples/keystores/chain-rsa_dsa_rsa.ks">chain-rsa_dsa_rsa.ks</a>
- | | |-- <a href="./samples/keystores/chain-rsa_dsa_rsa.pem">chain-rsa_dsa_rsa.pem</a>
- | | |-- <a href="./samples/keystores/chain-rsa_dsa_rsa.pkcs12.der">chain-rsa_dsa_rsa.pkcs12.der</a>
- | | |-- <a href="./samples/keystores/chain-rsa_dsa_rsa.pkcs12.pem">chain-rsa_dsa_rsa.pkcs12.pem</a>
- | | |-- <a href="./samples/keystores/chain-rsa_rsa_rsa.ks">chain-rsa_rsa_rsa.ks</a>
- | | |-- <a href="./samples/keystores/chain-rsa_rsa_rsa.pem">chain-rsa_rsa_rsa.pem</a>
- | | |-- <a href="./samples/keystores/chain-rsa_rsa_rsa.pkcs12.der">chain-rsa_rsa_rsa.pkcs12.der</a>
- | | |-- <a href="./samples/keystores/chain-rsa_rsa_rsa.pkcs12.pem">chain-rsa_rsa_rsa.pkcs12.pem</a>
- | | |-- <a href="./samples/keystores/generate.sh">generate.sh</a>
- | | `-- <a href="./samples/keystores/rsa.key">rsa.key</a>
- | |-- <a href="./samples/pbe/">pbe</a>
- | | |-- <a href="./samples/pbe/README.txt">README.txt</a>
- | | |-- <a href="./samples/pbe/java/">java</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cbc.base64">aes-128-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cbc.raw">aes-128-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cfb.base64">aes-128-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cfb.raw">aes-128-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cfb8.base64">aes-128-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-cfb8.raw">aes-128-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-ecb.base64">aes-128-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-ecb.raw">aes-128-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-ofb.base64">aes-128-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128-ofb.raw">aes-128-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-128.base64">aes-128.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-128.raw">aes-128.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cbc.base64">aes-192-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cbc.raw">aes-192-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cfb.base64">aes-192-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cfb.raw">aes-192-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cfb8.base64">aes-192-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-cfb8.raw">aes-192-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-ecb.base64">aes-192-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-ecb.raw">aes-192-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-ofb.base64">aes-192-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192-ofb.raw">aes-192-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-192.base64">aes-192.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-192.raw">aes-192.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cbc.base64">aes-256-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cbc.raw">aes-256-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cfb.base64">aes-256-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cfb.raw">aes-256-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cfb8.base64">aes-256-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-cfb8.raw">aes-256-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-ecb.base64">aes-256-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-ecb.raw">aes-256-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-ofb.base64">aes-256-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256-ofb.raw">aes-256-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes-256.base64">aes-256.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes-256.raw">aes-256.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cbc.base64">aes128-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cbc.raw">aes128-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cfb.base64">aes128-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cfb.raw">aes128-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cfb8.base64">aes128-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128-cfb8.raw">aes128-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128-ecb.base64">aes128-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128-ecb.raw">aes128-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128-ofb.base64">aes128-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128-ofb.raw">aes128-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes128.base64">aes128.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes128.raw">aes128.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cbc.base64">aes192-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cbc.raw">aes192-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cfb.base64">aes192-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cfb.raw">aes192-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cfb8.base64">aes192-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192-cfb8.raw">aes192-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192-ecb.base64">aes192-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192-ecb.raw">aes192-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192-ofb.base64">aes192-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192-ofb.raw">aes192-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes192.base64">aes192.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes192.raw">aes192.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cbc.base64">aes256-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cbc.raw">aes256-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cfb.base64">aes256-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cfb.raw">aes256-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cfb8.base64">aes256-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256-cfb8.raw">aes256-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256-ecb.base64">aes256-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256-ecb.raw">aes256-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256-ofb.base64">aes256-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256-ofb.raw">aes256-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/aes256.base64">aes256.base64</a>
- | | | |-- <a href="./samples/pbe/java/aes256.raw">aes256.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf-cbc.base64">bf-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf-cbc.raw">bf-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf-cfb.base64">bf-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf-cfb.raw">bf-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf-cfb8.base64">bf-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf-cfb8.raw">bf-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf-ecb.base64">bf-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf-ecb.raw">bf-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf-ofb.base64">bf-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf-ofb.raw">bf-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/bf.base64">bf.base64</a>
- | | | |-- <a href="./samples/pbe/java/bf.raw">bf.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cbc.base64">blowfish-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cbc.raw">blowfish-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cfb.base64">blowfish-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cfb.raw">blowfish-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cfb8.base64">blowfish-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-cfb8.raw">blowfish-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-ecb.base64">blowfish-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-ecb.raw">blowfish-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-ofb.base64">blowfish-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish-ofb.raw">blowfish-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/blowfish.base64">blowfish.base64</a>
- | | | |-- <a href="./samples/pbe/java/blowfish.raw">blowfish.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cbc.base64">camellia-128-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cbc.raw">camellia-128-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cfb.base64">camellia-128-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cfb.raw">camellia-128-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cfb8.base64">camellia-128-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-cfb8.raw">camellia-128-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-ecb.base64">camellia-128-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-ecb.raw">camellia-128-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-ofb.base64">camellia-128-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128-ofb.raw">camellia-128-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128.base64">camellia-128.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-128.raw">camellia-128.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cbc.base64">camellia-192-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cbc.raw">camellia-192-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cfb.base64">camellia-192-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cfb.raw">camellia-192-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cfb8.base64">camellia-192-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-cfb8.raw">camellia-192-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-ecb.base64">camellia-192-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-ecb.raw">camellia-192-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-ofb.base64">camellia-192-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192-ofb.raw">camellia-192-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192.base64">camellia-192.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-192.raw">camellia-192.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cbc.base64">camellia-256-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cbc.raw">camellia-256-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cfb.base64">camellia-256-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cfb.raw">camellia-256-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cfb8.base64">camellia-256-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-cfb8.raw">camellia-256-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-ecb.base64">camellia-256-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-ecb.raw">camellia-256-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-ofb.base64">camellia-256-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256-ofb.raw">camellia-256-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256.base64">camellia-256.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia-256.raw">camellia-256.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cbc.base64">camellia128-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cbc.raw">camellia128-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cfb.base64">camellia128-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cfb.raw">camellia128-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cfb8.base64">camellia128-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-cfb8.raw">camellia128-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-ecb.base64">camellia128-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-ecb.raw">camellia128-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-ofb.base64">camellia128-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128-ofb.raw">camellia128-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia128.base64">camellia128.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia128.raw">camellia128.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cbc.base64">camellia192-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cbc.raw">camellia192-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cfb.base64">camellia192-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cfb.raw">camellia192-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cfb8.base64">camellia192-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-cfb8.raw">camellia192-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-ecb.base64">camellia192-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-ecb.raw">camellia192-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-ofb.base64">camellia192-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192-ofb.raw">camellia192-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia192.base64">camellia192.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia192.raw">camellia192.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cbc.base64">camellia256-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cbc.raw">camellia256-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cfb.base64">camellia256-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cfb.raw">camellia256-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cfb8.base64">camellia256-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-cfb8.raw">camellia256-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-ecb.base64">camellia256-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-ecb.raw">camellia256-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-ofb.base64">camellia256-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256-ofb.raw">camellia256-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/camellia256.base64">camellia256.base64</a>
- | | | |-- <a href="./samples/pbe/java/camellia256.raw">camellia256.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cbc.base64">cast5-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cbc.raw">cast5-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cfb.base64">cast5-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cfb.raw">cast5-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cfb8.base64">cast5-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5-cfb8.raw">cast5-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5-ecb.base64">cast5-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5-ecb.raw">cast5-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5-ofb.base64">cast5-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5-ofb.raw">cast5-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast5.base64">cast5.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast5.raw">cast5.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cbc.base64">cast6-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cbc.raw">cast6-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cfb.base64">cast6-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cfb.raw">cast6-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cfb8.base64">cast6-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6-cfb8.raw">cast6-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6-ecb.base64">cast6-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6-ecb.raw">cast6-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6-ofb.base64">cast6-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6-ofb.raw">cast6-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/cast6.base64">cast6.base64</a>
- | | | |-- <a href="./samples/pbe/java/cast6.raw">cast6.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-cbc.base64">des-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-cbc.raw">des-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-cfb.base64">des-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-cfb.raw">des-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-cfb8.base64">des-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-cfb8.raw">des-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ecb.base64">des-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ecb.raw">des-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cbc.base64">des-ede-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cbc.raw">des-ede-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cfb.base64">des-ede-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cfb.raw">des-ede-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cfb8.base64">des-ede-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-cfb8.raw">des-ede-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-ecb.base64">des-ede-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-ecb.raw">des-ede-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-ofb.base64">des-ede-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede-ofb.raw">des-ede-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede.base64">des-ede.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede.raw">des-ede.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cbc.base64">des-ede3-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cbc.raw">des-ede3-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cfb.base64">des-ede3-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cfb.raw">des-ede3-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cfb8.base64">des-ede3-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-cfb8.raw">des-ede3-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-ecb.base64">des-ede3-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-ecb.raw">des-ede3-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-ofb.base64">des-ede3-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3-ofb.raw">des-ede3-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3.base64">des-ede3.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ede3.raw">des-ede3.raw</a>
- | | | |-- <a href="./samples/pbe/java/des-ofb.base64">des-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des-ofb.raw">des-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des.base64">des.base64</a>
- | | | |-- <a href="./samples/pbe/java/des.raw">des.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2-cbc.base64">des2-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2-cbc.raw">des2-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2-cfb.base64">des2-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2-cfb.raw">des2-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2-cfb8.base64">des2-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2-cfb8.raw">des2-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2-ecb.base64">des2-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2-ecb.raw">des2-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2-ofb.base64">des2-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2-ofb.raw">des2-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des2.base64">des2.base64</a>
- | | | |-- <a href="./samples/pbe/java/des2.raw">des2.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3-cbc.base64">des3-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3-cbc.raw">des3-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3-cfb.base64">des3-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3-cfb.raw">des3-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3-cfb8.base64">des3-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3-cfb8.raw">des3-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3-ecb.base64">des3-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3-ecb.raw">des3-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3-ofb.base64">des3-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3-ofb.raw">des3-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/des3.base64">des3.base64</a>
- | | | |-- <a href="./samples/pbe/java/des3.raw">des3.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost-cbc.base64">gost-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost-cbc.raw">gost-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost-cfb.base64">gost-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost-cfb.raw">gost-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost-cfb8.base64">gost-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost-cfb8.raw">gost-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost-ecb.base64">gost-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost-ecb.raw">gost-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost-ofb.base64">gost-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost-ofb.raw">gost-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost.base64">gost.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost.raw">gost.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cbc.base64">gost28147-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cbc.raw">gost28147-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cfb.base64">gost28147-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cfb.raw">gost28147-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cfb8.base64">gost28147-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-cfb8.raw">gost28147-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-ecb.base64">gost28147-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-ecb.raw">gost28147-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-ofb.base64">gost28147-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147-ofb.raw">gost28147-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/gost28147.base64">gost28147.base64</a>
- | | | |-- <a href="./samples/pbe/java/gost28147.raw">gost28147.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea-cbc.base64">idea-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea-cbc.raw">idea-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea-cfb.base64">idea-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea-cfb.raw">idea-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea-cfb8.base64">idea-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea-cfb8.raw">idea-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea-ecb.base64">idea-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea-ecb.raw">idea-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea-ofb.base64">idea-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea-ofb.raw">idea-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/idea.base64">idea.base64</a>
- | | | |-- <a href="./samples/pbe/java/idea.raw">idea.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cbc.base64">rc2-40-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cbc.raw">rc2-40-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cfb.base64">rc2-40-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cfb.raw">rc2-40-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cfb8.base64">rc2-40-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-cfb8.raw">rc2-40-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-ecb.base64">rc2-40-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-ecb.raw">rc2-40-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-ofb.base64">rc2-40-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40-ofb.raw">rc2-40-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40.base64">rc2-40.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-40.raw">rc2-40.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cbc.base64">rc2-64-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cbc.raw">rc2-64-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cfb.base64">rc2-64-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cfb.raw">rc2-64-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cfb8.base64">rc2-64-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-cfb8.raw">rc2-64-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-ecb.base64">rc2-64-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-ecb.raw">rc2-64-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-ofb.base64">rc2-64-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64-ofb.raw">rc2-64-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64.base64">rc2-64.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-64.raw">rc2-64.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cbc.base64">rc2-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cbc.raw">rc2-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cfb.base64">rc2-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cfb.raw">rc2-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cfb8.base64">rc2-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-cfb8.raw">rc2-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-ecb.base64">rc2-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-ecb.raw">rc2-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2-ofb.base64">rc2-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2-ofb.raw">rc2-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc2.base64">rc2.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc2.raw">rc2.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cbc.base64">rc4-40-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cbc.raw">rc4-40-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb.base64">rc4-40-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb.raw">rc4-40-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb1.base64">rc4-40-cfb1.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb1.raw">rc4-40-cfb1.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb8.base64">rc4-40-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-cfb8.raw">rc4-40-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-ecb.base64">rc4-40-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-ecb.raw">rc4-40-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-ofb.base64">rc4-40-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40-ofb.raw">rc4-40-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40.base64">rc4-40.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-40.raw">rc4-40.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cbc.base64">rc4-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cbc.raw">rc4-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb.base64">rc4-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb.raw">rc4-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb1.base64">rc4-cfb1.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb1.raw">rc4-cfb1.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb8.base64">rc4-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-cfb8.raw">rc4-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-ecb.base64">rc4-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-ecb.raw">rc4-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4-ofb.base64">rc4-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4-ofb.raw">rc4-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc4.base64">rc4.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc4.raw">rc4.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cbc.base64">rc5-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cbc.raw">rc5-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cfb.base64">rc5-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cfb.raw">rc5-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cfb8.base64">rc5-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5-cfb8.raw">rc5-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5-ecb.base64">rc5-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5-ecb.raw">rc5-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5-ofb.base64">rc5-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5-ofb.raw">rc5-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc5.base64">rc5.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc5.raw">rc5.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cbc.base64">rc6-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cbc.raw">rc6-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cfb.base64">rc6-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cfb.raw">rc6-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cfb8.base64">rc6-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6-cfb8.raw">rc6-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6-ecb.base64">rc6-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6-ecb.raw">rc6-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6-ofb.base64">rc6-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6-ofb.raw">rc6-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rc6.base64">rc6.base64</a>
- | | | |-- <a href="./samples/pbe/java/rc6.raw">rc6.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cbc.base64">rijndael-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cbc.raw">rijndael-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cfb.base64">rijndael-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cfb.raw">rijndael-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cfb8.base64">rijndael-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-cfb8.raw">rijndael-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-ecb.base64">rijndael-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-ecb.raw">rijndael-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-ofb.base64">rijndael-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael-ofb.raw">rijndael-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/rijndael.base64">rijndael.base64</a>
- | | | |-- <a href="./samples/pbe/java/rijndael.raw">rijndael.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed-cbc.base64">seed-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed-cbc.raw">seed-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed-cfb.base64">seed-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed-cfb.raw">seed-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed-cfb8.base64">seed-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed-cfb8.raw">seed-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed-ecb.base64">seed-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed-ecb.raw">seed-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed-ofb.base64">seed-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed-ofb.raw">seed-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/seed.base64">seed.base64</a>
- | | | |-- <a href="./samples/pbe/java/seed.raw">seed.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cbc.base64">serpent-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cbc.raw">serpent-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cfb.base64">serpent-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cfb.raw">serpent-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cfb8.base64">serpent-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent-cfb8.raw">serpent-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent-ecb.base64">serpent-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent-ecb.raw">serpent-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent-ofb.base64">serpent-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent-ofb.raw">serpent-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/serpent.base64">serpent.base64</a>
- | | | |-- <a href="./samples/pbe/java/serpent.raw">serpent.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cbc.base64">skipjack-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cbc.raw">skipjack-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cfb.base64">skipjack-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cfb.raw">skipjack-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cfb8.base64">skipjack-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-cfb8.raw">skipjack-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-ecb.base64">skipjack-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-ecb.raw">skipjack-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-ofb.base64">skipjack-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack-ofb.raw">skipjack-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/skipjack.base64">skipjack.base64</a>
- | | | |-- <a href="./samples/pbe/java/skipjack.raw">skipjack.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea-cbc.base64">tea-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea-cbc.raw">tea-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea-cfb.base64">tea-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea-cfb.raw">tea-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea-cfb8.base64">tea-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea-cfb8.raw">tea-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea-ecb.base64">tea-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea-ecb.raw">tea-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea-ofb.base64">tea-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea-ofb.raw">tea-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/tea.base64">tea.base64</a>
- | | | |-- <a href="./samples/pbe/java/tea.raw">tea.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cbc.base64">twofish-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cbc.raw">twofish-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cfb.base64">twofish-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cfb.raw">twofish-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cfb8.base64">twofish-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish-cfb8.raw">twofish-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish-ecb.base64">twofish-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish-ecb.raw">twofish-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish-ofb.base64">twofish-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish-ofb.raw">twofish-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/twofish.base64">twofish.base64</a>
- | | | |-- <a href="./samples/pbe/java/twofish.raw">twofish.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cbc.base64">xtea-cbc.base64</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cbc.raw">xtea-cbc.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cfb.base64">xtea-cfb.base64</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cfb.raw">xtea-cfb.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cfb8.base64">xtea-cfb8.base64</a>
- | | | |-- <a href="./samples/pbe/java/xtea-cfb8.raw">xtea-cfb8.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea-ecb.base64">xtea-ecb.base64</a>
- | | | |-- <a href="./samples/pbe/java/xtea-ecb.raw">xtea-ecb.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea-ofb.base64">xtea-ofb.base64</a>
- | | | |-- <a href="./samples/pbe/java/xtea-ofb.raw">xtea-ofb.raw</a>
- | | | |-- <a href="./samples/pbe/java/xtea.base64">xtea.base64</a>
- | | | `-- <a href="./samples/pbe/java/xtea.raw">xtea.raw</a>
- | | `-- <a href="./samples/pbe/openssl/">openssl</a>
- | | |-- <a href="./samples/pbe/openssl/README.txt">README.txt</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cbc.base64">aes-128-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cbc.raw">aes-128-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb.base64">aes-128-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb.raw">aes-128-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb1.base64">aes-128-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb1.raw">aes-128-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb8.base64">aes-128-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-cfb8.raw">aes-128-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-ecb.base64">aes-128-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-ecb.raw">aes-128-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-ofb.base64">aes-128-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-128-ofb.raw">aes-128-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cbc.base64">aes-192-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cbc.raw">aes-192-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb.base64">aes-192-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb.raw">aes-192-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb1.base64">aes-192-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb1.raw">aes-192-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb8.base64">aes-192-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-cfb8.raw">aes-192-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-ecb.base64">aes-192-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-ecb.raw">aes-192-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-ofb.base64">aes-192-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-192-ofb.raw">aes-192-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cbc.base64">aes-256-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cbc.raw">aes-256-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb.base64">aes-256-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb.raw">aes-256-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb1.base64">aes-256-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb1.raw">aes-256-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb8.base64">aes-256-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-cfb8.raw">aes-256-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-ecb.base64">aes-256-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-ecb.raw">aes-256-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-ofb.base64">aes-256-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes-256-ofb.raw">aes-256-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes128.base64">aes128.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes128.raw">aes128.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes192.base64">aes192.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes192.raw">aes192.raw</a>
- | | |-- <a href="./samples/pbe/openssl/aes256.base64">aes256.base64</a>
- | | |-- <a href="./samples/pbe/openssl/aes256.raw">aes256.raw</a>
- | | |-- <a href="./samples/pbe/openssl/bf-cbc.base64">bf-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/bf-cbc.raw">bf-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/bf-cfb.base64">bf-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/bf-cfb.raw">bf-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/bf-ecb.base64">bf-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/bf-ecb.raw">bf-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/bf-ofb.base64">bf-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/bf-ofb.raw">bf-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/bf.base64">bf.base64</a>
- | | |-- <a href="./samples/pbe/openssl/bf.raw">bf.raw</a>
- | | |-- <a href="./samples/pbe/openssl/blowfish.base64">blowfish.base64</a>
- | | |-- <a href="./samples/pbe/openssl/blowfish.raw">blowfish.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cbc.base64">camellia-128-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cbc.raw">camellia-128-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb.base64">camellia-128-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb.raw">camellia-128-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb1.base64">camellia-128-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb1.raw">camellia-128-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb8.base64">camellia-128-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-cfb8.raw">camellia-128-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-ecb.base64">camellia-128-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-ecb.raw">camellia-128-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-ofb.base64">camellia-128-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-128-ofb.raw">camellia-128-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cbc.base64">camellia-192-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cbc.raw">camellia-192-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb.base64">camellia-192-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb.raw">camellia-192-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb1.base64">camellia-192-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb1.raw">camellia-192-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb8.base64">camellia-192-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-cfb8.raw">camellia-192-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-ecb.base64">camellia-192-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-ecb.raw">camellia-192-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-ofb.base64">camellia-192-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-192-ofb.raw">camellia-192-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cbc.base64">camellia-256-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cbc.raw">camellia-256-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb.base64">camellia-256-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb.raw">camellia-256-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb1.base64">camellia-256-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb1.raw">camellia-256-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb8.base64">camellia-256-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-cfb8.raw">camellia-256-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-ecb.base64">camellia-256-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-ecb.raw">camellia-256-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-ofb.base64">camellia-256-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia-256-ofb.raw">camellia-256-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia128.base64">camellia128.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia128.raw">camellia128.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia192.base64">camellia192.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia192.raw">camellia192.raw</a>
- | | |-- <a href="./samples/pbe/openssl/camellia256.base64">camellia256.base64</a>
- | | |-- <a href="./samples/pbe/openssl/camellia256.raw">camellia256.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast-cbc.base64">cast-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast-cbc.raw">cast-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast.base64">cast.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast.raw">cast.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-cbc.base64">cast5-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-cbc.raw">cast5-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-cfb.base64">cast5-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-cfb.raw">cast5-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-ecb.base64">cast5-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-ecb.raw">cast5-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-ofb.base64">cast5-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/cast5-ofb.raw">cast5-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-cbc.base64">des-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-cbc.raw">des-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb.base64">des-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb.raw">des-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb1.base64">des-cfb1.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb1.raw">des-cfb1.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb8.base64">des-cfb8.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-cfb8.raw">des-cfb8.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ecb.base64">des-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ecb.raw">des-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-cbc.base64">des-ede-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-cbc.raw">des-ede-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-cfb.base64">des-ede-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-cfb.raw">des-ede-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-ofb.base64">des-ede-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede-ofb.raw">des-ede-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede.base64">des-ede.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede.raw">des-ede.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-cbc.base64">des-ede3-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-cbc.raw">des-ede3-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-cfb.base64">des-ede3-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-cfb.raw">des-ede3-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-ofb.base64">des-ede3-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3-ofb.raw">des-ede3-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3.base64">des-ede3.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ede3.raw">des-ede3.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des-ofb.base64">des-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des-ofb.raw">des-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des.base64">des.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des.raw">des.raw</a>
- | | |-- <a href="./samples/pbe/openssl/des3.base64">des3.base64</a>
- | | |-- <a href="./samples/pbe/openssl/des3.raw">des3.raw</a>
- | | |-- <a href="./samples/pbe/openssl/idea-cbc.base64">idea-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/idea-cbc.raw">idea-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/idea-cfb.base64">idea-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/idea-cfb.raw">idea-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/idea-ecb.base64">idea-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/idea-ecb.raw">idea-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/idea-ofb.base64">idea-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/idea-ofb.raw">idea-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/idea.base64">idea.base64</a>
- | | |-- <a href="./samples/pbe/openssl/idea.raw">idea.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-40-cbc.base64">rc2-40-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-40-cbc.raw">rc2-40-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-64-cbc.base64">rc2-64-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-64-cbc.raw">rc2-64-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-cbc.base64">rc2-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-cbc.raw">rc2-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-cfb.base64">rc2-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-cfb.raw">rc2-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-ecb.base64">rc2-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-ecb.raw">rc2-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-ofb.base64">rc2-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2-ofb.raw">rc2-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc2.base64">rc2.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc2.raw">rc2.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc4-40.base64">rc4-40.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc4-40.raw">rc4-40.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc4.base64">rc4.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc4.raw">rc4.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-cbc.base64">rc5-cbc.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-cbc.raw">rc5-cbc.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-cfb.base64">rc5-cfb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-cfb.raw">rc5-cfb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-ecb.base64">rc5-ecb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-ecb.raw">rc5-ecb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-ofb.base64">rc5-ofb.base64</a>
- | | |-- <a href="./samples/pbe/openssl/rc5-ofb.raw">rc5-ofb.raw</a>
- | | |-- <a href="./samples/pbe/openssl/rc5.base64">rc5.base64</a>
- | | `-- <a href="./samples/pbe/openssl/rc5.raw">rc5.raw</a>
- | |-- <a href="./samples/pbe.tests">pbe.tests</a>
- | |-- <a href="./samples/pkcs12/">pkcs12</a>
- | | |-- <a href="./samples/pkcs12/pkcs12_client_cert.p12">pkcs12_client_cert.p12</a>
- | | `-- <a href="./samples/pkcs12/pkcs12_client_cert.pem">pkcs12_client_cert.pem</a>
- | |-- <a href="./samples/rsa/">rsa</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes128_cbc.pem">openssl_rsa_aes128_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes128_cfb.pem">openssl_rsa_aes128_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes128_ecb.pem">openssl_rsa_aes128_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes128_ofb.pem">openssl_rsa_aes128_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes192_cbc.pem">openssl_rsa_aes192_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes192_cfb.pem">openssl_rsa_aes192_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes192_ecb.pem">openssl_rsa_aes192_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes192_ofb.pem">openssl_rsa_aes192_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes256_cbc.pem">openssl_rsa_aes256_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes256_cfb.pem">openssl_rsa_aes256_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes256_ecb.pem">openssl_rsa_aes256_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_aes256_ofb.pem">openssl_rsa_aes256_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_blowfish_cbc.pem">openssl_rsa_blowfish_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_blowfish_cfb.pem">openssl_rsa_blowfish_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_blowfish_ecb.pem">openssl_rsa_blowfish_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_blowfish_ofb.pem">openssl_rsa_blowfish_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des1_cbc.pem">openssl_rsa_des1_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des1_cfb.pem">openssl_rsa_des1_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des1_ecb.pem">openssl_rsa_des1_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des1_ofb.pem">openssl_rsa_des1_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des2_cbc.pem">openssl_rsa_des2_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des2_cfb.pem">openssl_rsa_des2_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des2_ecb.pem">openssl_rsa_des2_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des2_ofb.pem">openssl_rsa_des2_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des3_cbc.pem">openssl_rsa_des3_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des3_cfb.pem">openssl_rsa_des3_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des3_ecb.pem">openssl_rsa_des3_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_des3_ofb.pem">openssl_rsa_des3_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_128_cbc.pem">openssl_rsa_rc2_128_cbc.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_128_cfb.pem">openssl_rsa_rc2_128_cfb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_128_ecb.pem">openssl_rsa_rc2_128_ecb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_128_ofb.pem">openssl_rsa_rc2_128_ofb.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_40.pem">openssl_rsa_rc2_40.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_rc2_64.pem">openssl_rsa_rc2_64.pem</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_unencrypted.der">openssl_rsa_unencrypted.der</a>
- | | |-- <a href="./samples/rsa/openssl_rsa_unencrypted.pem">openssl_rsa_unencrypted.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8_rsa_unencrypted.der">pkcs8_rsa_unencrypted.der</a>
- | | |-- <a href="./samples/rsa/pkcs8_rsa_unencrypted.pem">pkcs8_rsa_unencrypted.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md2_des1.der">pkcs8v1_rsa_md2_des1.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md2_des1.pem">pkcs8v1_rsa_md2_des1.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md2_rc2_64.der">pkcs8v1_rsa_md2_rc2_64.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md2_rc2_64.pem">pkcs8v1_rsa_md2_rc2_64.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md5_des1.der">pkcs8v1_rsa_md5_des1.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md5_des1.pem">pkcs8v1_rsa_md5_des1.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md5_rc2_64.der">pkcs8v1_rsa_md5_rc2_64.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_md5_rc2_64.pem">pkcs8v1_rsa_md5_rc2_64.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des1.der">pkcs8v1_rsa_sha1_des1.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des1.pem">pkcs8v1_rsa_sha1_des1.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des2.der">pkcs8v1_rsa_sha1_des2.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des2.pem">pkcs8v1_rsa_sha1_des2.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des3.der">pkcs8v1_rsa_sha1_des3.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_des3.pem">pkcs8v1_rsa_sha1_des3.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_128.der">pkcs8v1_rsa_sha1_rc2_128.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_128.pem">pkcs8v1_rsa_sha1_rc2_128.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_40.der">pkcs8v1_rsa_sha1_rc2_40.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_40.pem">pkcs8v1_rsa_sha1_rc2_40.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_64.der">pkcs8v1_rsa_sha1_rc2_64.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc2_64.pem">pkcs8v1_rsa_sha1_rc2_64.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc4_128.der">pkcs8v1_rsa_sha1_rc4_128.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc4_128.pem">pkcs8v1_rsa_sha1_rc4_128.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc4_40.der">pkcs8v1_rsa_sha1_rc4_40.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v1_rsa_sha1_rc4_40.pem">pkcs8v1_rsa_sha1_rc4_40.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_cbc.der">pkcs8v2_rsa_aes128_cbc.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_cbc.pem">pkcs8v2_rsa_aes128_cbc.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_cfb.der">pkcs8v2_rsa_aes128_cfb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_cfb.pem">pkcs8v2_rsa_aes128_cfb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_ecb.der">pkcs8v2_rsa_aes128_ecb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_ecb.pem">pkcs8v2_rsa_aes128_ecb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_ofb.der">pkcs8v2_rsa_aes128_ofb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes128_ofb.pem">pkcs8v2_rsa_aes128_ofb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_cbc.der">pkcs8v2_rsa_aes192_cbc.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_cbc.pem">pkcs8v2_rsa_aes192_cbc.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_cfb.der">pkcs8v2_rsa_aes192_cfb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_cfb.pem">pkcs8v2_rsa_aes192_cfb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_ecb.der">pkcs8v2_rsa_aes192_ecb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_ecb.pem">pkcs8v2_rsa_aes192_ecb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_ofb.der">pkcs8v2_rsa_aes192_ofb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes192_ofb.pem">pkcs8v2_rsa_aes192_ofb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_cbc.der">pkcs8v2_rsa_aes256_cbc.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_cbc.pem">pkcs8v2_rsa_aes256_cbc.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_cfb.der">pkcs8v2_rsa_aes256_cfb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_cfb.pem">pkcs8v2_rsa_aes256_cfb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_ecb.der">pkcs8v2_rsa_aes256_ecb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_ecb.pem">pkcs8v2_rsa_aes256_ecb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_ofb.der">pkcs8v2_rsa_aes256_ofb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_aes256_ofb.pem">pkcs8v2_rsa_aes256_ofb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_blowfish_cbc.der">pkcs8v2_rsa_blowfish_cbc.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_blowfish_cbc.pem">pkcs8v2_rsa_blowfish_cbc.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_cbc.der">pkcs8v2_rsa_des1_cbc.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_cbc.pem">pkcs8v2_rsa_des1_cbc.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_cfb.der">pkcs8v2_rsa_des1_cfb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_cfb.pem">pkcs8v2_rsa_des1_cfb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_ecb.der">pkcs8v2_rsa_des1_ecb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_ecb.pem">pkcs8v2_rsa_des1_ecb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_ofb.der">pkcs8v2_rsa_des1_ofb.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des1_ofb.pem">pkcs8v2_rsa_des1_ofb.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des2_ecb_SEEMS_WRONG.der">pkcs8v2_rsa_des2_ecb_SEEMS_WRONG.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des2_ecb_SEEMS_WRONG.pem">pkcs8v2_rsa_des2_ecb_SEEMS_WRONG.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des3.der">pkcs8v2_rsa_des3.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_des3.pem">pkcs8v2_rsa_des3.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_128.der">pkcs8v2_rsa_rc2_128.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_128.pem">pkcs8v2_rsa_rc2_128.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_40.der">pkcs8v2_rsa_rc2_40.der</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_40.pem">pkcs8v2_rsa_rc2_40.pem</a>
- | | |-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_64.der">pkcs8v2_rsa_rc2_64.der</a>
- | | `-- <a href="./samples/rsa/pkcs8v2_rsa_rc2_64.pem">pkcs8v2_rsa_rc2_64.pem</a>
- | |-- <a href="./samples/rsa.html">rsa.html</a>
- | |-- <a href="./samples/rsa_result.html">rsa_result.html</a>
- | `-- <a href="./samples/x509/">x509</a>
- | |-- <a href="./samples/x509/certificate.der">certificate.der</a>
- | |-- <a href="./samples/x509/certificate.pem">certificate.pem</a>
- | |-- <a href="./samples/x509/certificate_chain.pem">certificate_chain.pem</a>
- | |-- <a href="./samples/x509/certificate_root_ca.der">certificate_root_ca.der</a>
- | |-- <a href="./samples/x509/certificate_root_ca.pem">certificate_root_ca.pem</a>
- | |-- <a href="./samples/x509/oscp.pem">oscp.pem</a>
- | |-- <a href="./samples/x509/two-crls.pem">two-crls.pem</a>
- | |-- <a href="./samples/x509/x509_foo.pem">x509_foo.pem</a>
- | |-- <a href="./samples/x509/x509_foo_bar.pem">x509_foo_bar.pem</a>
- | |-- <a href="./samples/x509/x509_foo_bar_hanako.pem">x509_foo_bar_hanako.pem</a>
- | |-- <a href="./samples/x509/x509_hanako.pem">x509_hanako.pem</a>
- | |-- <a href="./samples/x509/x509_no_cns_foo.pem">x509_no_cns_foo.pem</a>
- | |-- <a href="./samples/x509/x509_three_cns_foo_bar_hanako.pem">x509_three_cns_foo_bar_hanako.pem</a>
- | |-- <a href="./samples/x509/x509_wild_co_jp.pem">x509_wild_co_jp.pem</a>
- | |-- <a href="./samples/x509/x509_wild_foo.pem">x509_wild_foo.pem</a>
- | `-- <a href="./samples/x509/x509_wild_foo_bar_hanako.pem">x509_wild_foo_bar_hanako.pem</a>
- |-- <a href="./source.html">source.html</a>
- |-- <a href="./src/">src</a>
- | |-- <a href="./src/java/">java</a>
- | | `-- <a href="./src/java/org/">org</a>
- | | `-- <a href="./src/java/org/apache/">apache</a>
- | | `-- <a href="./src/java/org/apache/commons/">commons</a>
- | | |-- <a href="./src/java/org/apache/commons/httpclient/">httpclient</a>
- | | | `-- <a href="./src/java/org/apache/commons/httpclient/contrib/">contrib</a>
- | | | `-- <a href="./src/java/org/apache/commons/httpclient/contrib/ssl/">ssl</a>
- | | | |-- <a href="./src/java/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java">AuthSSLProtocolSocketFactory.java</a>
- | | | |-- <a href="./src/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java">EasySSLProtocolSocketFactory.java</a>
- | | | |-- <a href="./src/java/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java">StrictSSLProtocolSocketFactory.java</a>
- | | | `-- <a href="./src/java/org/apache
<TRUNCATED>
[2/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64OutputStream.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64OutputStream.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64OutputStream.java
deleted file mode 100644
index a9cadde..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64OutputStream.java
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.commons.ssl;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * Provides Base64 encoding and decoding in a streaming fashion (unlimited size). When encoding the default lineLength
- * is 76 characters and the default lineEnding is CRLF, but these can be overridden by using the appropriate
- * constructor.
- * <p>
- * The default behaviour of the Base64OutputStream is to ENCODE, whereas the default behaviour of the Base64InputStream
- * is to DECODE. But this behaviour can be overridden by using a different constructor.
- * </p>
- * <p>
- * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
- * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
- * </p>
- * <p>
- * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
- * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
- * </p>
- *
- * @author Apache Software Foundation
- * @version $Id$
- * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
- * @since 1.4
- */
-public class Base64OutputStream extends FilterOutputStream {
- private final boolean doEncode;
-
- private final Base64 base64;
-
- private final byte[] singleByte = new byte[1];
-
- /**
- * Creates a Base64OutputStream such that all data written is Base64-encoded to the original provided OutputStream.
- *
- * @param out
- * OutputStream to wrap.
- */
- public Base64OutputStream(OutputStream out) {
- this(out, true);
- }
-
- /**
- * Creates a Base64OutputStream such that all data written is either Base64-encoded or Base64-decoded to the
- * original provided OutputStream.
- *
- * @param out
- * OutputStream to wrap.
- * @param doEncode
- * true if we should encode all data written to us, false if we should decode.
- */
- public Base64OutputStream(OutputStream out, boolean doEncode) {
- super(out);
- this.doEncode = doEncode;
- this.base64 = new Base64();
- }
-
- /**
- * Creates a Base64OutputStream such that all data written is either Base64-encoded or Base64-decoded to the
- * original provided OutputStream.
- *
- * @param out
- * OutputStream to wrap.
- * @param doEncode
- * true if we should encode all data written to us, false if we should decode.
- * @param lineLength
- * If doEncode is true, each line of encoded data will contain lineLength characters (rounded down to
- * nearest multiple of 4). If lineLength <=0, the encoded data is not divided into lines. If doEncode is
- * false, lineLength is ignored.
- * @param lineSeparator
- * If doEncode is true, each line of encoded data will be terminated with this byte sequence (e.g. \r\n).
- * If lineLength <= 0, the lineSeparator is not used. If doEncode is false lineSeparator is ignored.
- */
- public Base64OutputStream(OutputStream out, boolean doEncode, int lineLength, byte[] lineSeparator) {
- super(out);
- this.doEncode = doEncode;
- this.base64 = new Base64(lineLength, lineSeparator);
- }
-
- /**
- * Writes the specified <code>byte</code> to this output stream.
- *
- * @param i
- * source byte
- * @throws java.io.IOException
- * if an I/O error occurs.
- */
- public void write(int i) throws IOException {
- singleByte[0] = (byte) i;
- write(singleByte, 0, 1);
- }
-
- /**
- * Writes <code>len</code> bytes from the specified <code>b</code> array starting at <code>offset</code> to this
- * output stream.
- *
- * @param b
- * source byte array
- * @param offset
- * where to start reading the bytes
- * @param len
- * maximum number of bytes to write
- *
- * @throws java.io.IOException
- * if an I/O error occurs.
- * @throws NullPointerException
- * if the byte array parameter is null
- * @throws IndexOutOfBoundsException
- * if offset, len or buffer size are invalid
- */
- public void write(byte b[], int offset, int len) throws IOException {
- if (b == null) {
- throw new NullPointerException();
- } else if (offset < 0 || len < 0) {
- throw new IndexOutOfBoundsException();
- } else if (offset > b.length || offset + len > b.length) {
- throw new IndexOutOfBoundsException();
- } else if (len > 0) {
- if (doEncode) {
- base64.encode(b, offset, len);
- } else {
- base64.decode(b, offset, len);
- }
- flush(false);
- }
- }
-
- /**
- * Flushes this output stream and forces any buffered output bytes to be written out to the stream. If propogate is
- * true, the wrapped stream will also be flushed.
- *
- * @param propogate
- * boolean flag to indicate whether the wrapped OutputStream should also be flushed.
- * @throws java.io.IOException
- * if an I/O error occurs.
- */
- private void flush(boolean propogate) throws IOException {
- int avail = base64.avail();
- if (avail > 0) {
- byte[] buf = new byte[avail];
- int c = base64.readResults(buf, 0, avail);
- if (c > 0) {
- out.write(buf, 0, c);
- }
- }
- if (propogate) {
- out.flush();
- }
- }
-
- /**
- * Flushes this output stream and forces any buffered output bytes to be written out to the stream.
- *
- * @throws java.io.IOException
- * if an I/O error occurs.
- */
- public void flush() throws IOException {
- flush(true);
- }
-
- /**
- * Closes this output stream and releases any system resources associated with the stream.
- *
- * @throws java.io.IOException
- * if an I/O error occurs.
- */
- public void close() throws IOException {
- // Notify encoder of EOF (-1).
- if (doEncode) {
- base64.encode(singleByte, 0, -1);
- } else {
- base64.decode(singleByte, 0, -1);
- }
- flush();
- out.close();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
index 99259c8..b018834 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
@@ -31,6 +31,8 @@
package org.apache.commons.ssl;
+import org.apache.kerby.util.Base64;
+
import javax.naming.InvalidNameException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13.java
deleted file mode 100644
index 1a2fb47..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13.java
+++ /dev/null
@@ -1,303 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/Java13.java $
- * $Revision: 155 $
- * $Date: 2009-09-17 14:00:58 -0700 (Thu, 17 Sep 2009) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import com.sun.net.ssl.KeyManager;
-import com.sun.net.ssl.KeyManagerFactory;
-import com.sun.net.ssl.SSLContext;
-import com.sun.net.ssl.TrustManager;
-import com.sun.net.ssl.TrustManagerFactory;
-import com.sun.net.ssl.X509KeyManager;
-import com.sun.net.ssl.X509TrustManager;
-
-import javax.net.SocketFactory;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.PrintStream;
-import java.lang.reflect.Method;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.net.URL;
-import java.security.KeyManagementException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-import java.security.Security;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 30-Jun-2006
- */
-public final class Java13 extends JavaImpl {
- private final static Java13 instance = new Java13();
-
- private Java13() {
- try {
- Class c = Class.forName("javax.crypto.Cipher");
- Class[] sig = {String.class};
- String[] args = {"DES/CBC/PKCS5Padding"};
- Method m = c.getMethod("getInstance", sig);
- m.invoke(null, (Object[]) args);
- }
- catch (Exception e) {
- try {
- Class c = Class.forName("com.sun.crypto.provider.SunJCE");
- Security.addProvider((Provider) c.newInstance());
- // System.out.println( "jce not loaded: " + e + " - loading SunJCE!" );
- //e.printStackTrace( System.out );
- }
- catch (Exception e2) {
- System.out.println("com.sun.crypto.provider.SunJCE unavailable: " + e2);
- // e2.printStackTrace( System.out );
- }
- }
- try {
- URL u = new URL("https://vancity.com/");
- u.openConnection();
- }
- catch (Exception e) {
- // System.out.println( "java.net.URL support of https not loaded: " + e + " - attempting to load com.sun.net.ssl.internal.ssl.Provider!" );
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
- }
- // System.out.println( "old HANDLER: " + HANDLER );
- }
-
- public static Java13 getInstance() {
- return instance;
- }
-
- public final String getVersion() {
- return "Java13";
- }
-
- protected final String retrieveSubjectX500(X509Certificate cert) {
- return cert.getSubjectDN().toString();
- }
-
- protected final String retrieveIssuerX500(X509Certificate cert) {
- return cert.getIssuerDN().toString();
- }
-
- protected final Certificate[] retrievePeerCerts(SSLSession sslSession)
- throws SSLPeerUnverifiedException {
- javax.security.cert.X509Certificate[] chain;
- chain = sslSession.getPeerCertificateChain();
- X509Certificate[] newChain = new X509Certificate[chain.length];
- try {
- for (int i = 0; i < chain.length; i++) {
- javax.security.cert.X509Certificate javaxCert = chain[i];
- byte[] encoded = javaxCert.getEncoded();
- ByteArrayInputStream in = new ByteArrayInputStream(encoded);
- synchronized (Certificates.CF) {
- Certificate c = Certificates.CF.generateCertificate(in);
- newChain[i] = (X509Certificate) c;
- }
- }
- }
- catch (Exception e) {
- throw buildRuntimeException(e);
- }
- return newChain;
- }
-
- protected final Object buildKeyManagerFactory(KeyStore ks, char[] password)
- throws NoSuchAlgorithmException, KeyStoreException,
- UnrecoverableKeyException {
- String alg = KeyManagerFactory.getDefaultAlgorithm();
- KeyManagerFactory kmf = KeyManagerFactory.getInstance(alg);
- kmf.init(ks, password);
- return kmf;
- }
-
- protected final Object buildTrustManagerFactory(KeyStore ks)
- throws NoSuchAlgorithmException, KeyStoreException {
- String alg = TrustManagerFactory.getDefaultAlgorithm();
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(alg);
- tmf.init(ks);
- return tmf;
- }
-
-
- protected final Object[] retrieveKeyManagers(Object keyManagerFactory) {
- KeyManagerFactory kmf = (KeyManagerFactory) keyManagerFactory;
- return kmf.getKeyManagers();
- }
-
- protected final Object[] retrieveTrustManagers(Object trustManagerFactory) {
- TrustManagerFactory tmf = (TrustManagerFactory) trustManagerFactory;
- return tmf.getTrustManagers();
- }
-
- protected final SSLSocketFactory buildSSLSocketFactory(Object ssl) {
- return ((SSLContext) ssl).getSocketFactory();
- }
-
- protected final SSLServerSocketFactory buildSSLServerSocketFactory(Object ssl) {
- return ((SSLContext) ssl).getServerSocketFactory();
- }
-
- protected final RuntimeException buildRuntimeException(Exception cause) {
- ByteArrayOutputStream byteOut = new ByteArrayOutputStream(512);
- PrintStream ps = new PrintStream(byteOut);
- ps.println(cause.toString());
- cause.printStackTrace(ps);
- ps.flush();
- String originalCause = byteOut.toString();
- return new RuntimeException(originalCause);
- }
-
- protected final SSLSocket buildSocket(SSL ssl) {
- // Not supported in Java 1.3.
- throw new UnsupportedOperationException();
- }
-
- protected final SSLSocket buildSocket(SSL ssl, String remoteHost,
- int remotePort, InetAddress localHost,
- int localPort, int connectTimeout)
- throws IOException {
- // Connect Timeout ignored for Java 1.3
- SSLSocketFactory sf = ssl.getSSLSocketFactory();
- SSLSocket s = (SSLSocket) connectSocket(
- null, sf, remoteHost, remotePort, localHost, localPort, -1, ssl
- );
- ssl.doPreConnectSocketStuff(s);
- ssl.doPostConnectSocketStuff(s, remoteHost);
- return s;
- }
-
- protected final Socket buildPlainSocket(
- SSL ssl, String remoteHost, int remotePort, InetAddress localHost, int localPort, int connectTimeout
- )
- throws IOException {
- // Connect Timeout ignored for Java 1.3
- SocketFactory sf = SocketFactory.getDefault();
- Socket s = connectSocket(
- null, sf, remoteHost, remotePort, localHost, localPort, -1, ssl
- );
- ssl.doPreConnectSocketStuff(s);
- ssl.doPostConnectSocketStuff(s, remoteHost);
- return s;
- }
-
- protected final Socket connectSocket(Socket s, SocketFactory sf,
- String remoteHost, int remotePort,
- InetAddress localHost, int localPort,
- int timeout, SSL ssl)
- throws IOException {
-
- remoteHost = ssl.dnsOverride(remoteHost);
-
- // Connect Timeout ignored for Java 1.3
- if (s == null) {
- if (sf == null) {
- s = new Socket(remoteHost, remotePort, localHost, localPort);
- } else {
- s = sf.createSocket(remoteHost, remotePort, localHost, localPort);
- }
- }
- return s;
- }
-
-
- protected final SSLServerSocket buildServerSocket(SSL ssl) {
- // Not supported in Java 1.3.
- throw new UnsupportedOperationException();
- }
-
- protected final void wantClientAuth(Object o, boolean wantClientAuth) {
- // Not supported in Java 1.3.
- }
-
- protected final void enabledProtocols(Object o, String[] enabledProtocols) {
- // Not supported in Java 1.3.
- }
-
- protected void checkTrusted(Object trustManager, X509Certificate[] chain,
- String authType)
- throws CertificateException {
- X509TrustManager tm = (X509TrustManager) trustManager;
- boolean result = tm.isServerTrusted(chain);
- if (!result) {
- throw new CertificateException("commons-ssl java13 mode: certificate chain not trusted");
- }
- }
-
-
- protected final Object initSSL(SSL ssl, TrustChain tc, KeyMaterial k)
- throws NoSuchAlgorithmException, KeyStoreException,
- CertificateException, KeyManagementException, IOException {
- SSLContext context = SSLContext.getInstance(ssl.getDefaultProtocol());
- TrustManager[] trustManagers = null;
- KeyManager[] keyManagers = null;
- if (tc != null) {
- trustManagers = (TrustManager[]) tc.getTrustManagers();
- }
- if (k != null) {
- keyManagers = (KeyManager[]) k.getKeyManagers();
- }
- if (keyManagers != null) {
- for (int i = 0; i < keyManagers.length; i++) {
- if (keyManagers[i] instanceof X509KeyManager) {
- X509KeyManager km = (X509KeyManager) keyManagers[i];
- keyManagers[i] = new Java13KeyManagerWrapper(km, k, ssl);
- }
- }
- }
- if (trustManagers != null) {
- for (int i = 0; i < trustManagers.length; i++) {
- if (trustManagers[i] instanceof X509TrustManager) {
- X509TrustManager tm = (X509TrustManager) trustManagers[i];
- trustManagers[i] = new Java13TrustManagerWrapper(tm, tc, ssl);
- }
- }
- }
- context.init(keyManagers, trustManagers, null);
- return context;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13KeyManagerWrapper.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13KeyManagerWrapper.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13KeyManagerWrapper.java
deleted file mode 100644
index 81111b8..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13KeyManagerWrapper.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/Java13KeyManagerWrapper.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import com.sun.net.ssl.X509KeyManager;
-
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.security.cert.X509Certificate;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 30-Jun-2006
- */
-public class Java13KeyManagerWrapper implements X509KeyManager {
-
- private final X509KeyManager keyManager;
- // private final KeyMaterial keyMaterial; <-- maybe use one day in the
- // private final SSL ssl; <-- in the future?
-
- public Java13KeyManagerWrapper(X509KeyManager m, KeyMaterial km, SSL h) {
- this.keyManager = m;
- // this.keyMaterial = km; <-- maybe use one day in the
- // this.ssl = h; <-- in the future?
- }
-
- public String chooseClientAlias(String keyType, Principal[] issuers) {
- return keyManager.chooseClientAlias(keyType, issuers);
- }
-
- public String chooseServerAlias(String keyType, Principal[] issuers) {
- return keyManager.chooseServerAlias(keyType, issuers);
- }
-
- public X509Certificate[] getCertificateChain(String alias) {
- return keyManager.getCertificateChain(alias);
- }
-
- public String[] getClientAliases(String keyType, Principal[] issuers) {
- return keyManager.getClientAliases(keyType, issuers);
- }
-
- public PrivateKey getPrivateKey(String alias) {
- return keyManager.getPrivateKey(alias);
- }
-
- public String[] getServerAliases(String keyType, Principal[] issuers) {
- return keyManager.getServerAliases(keyType, issuers);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13TrustManagerWrapper.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13TrustManagerWrapper.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13TrustManagerWrapper.java
deleted file mode 100644
index ad86ee9..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java13TrustManagerWrapper.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/Java13TrustManagerWrapper.java $
- * $Revision: 138 $
- * $Date: 2008-03-03 23:50:07 -0800 (Mon, 03 Mar 2008) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import com.sun.net.ssl.X509TrustManager;
-
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 30-Jun-2006
- */
-public class Java13TrustManagerWrapper implements X509TrustManager {
-
- private final X509TrustManager trustManager;
- private final TrustChain trustChain;
- private final SSL ssl;
-
- public Java13TrustManagerWrapper(X509TrustManager m, TrustChain tc, SSL h) {
- this.trustManager = m;
- this.trustChain = tc;
- this.ssl = h;
- }
-
- public boolean isClientTrusted(X509Certificate[] chain) {
- ssl.setCurrentClientChain(chain);
- boolean firstTest = trustManager.isClientTrusted(chain);
- return test(firstTest, chain);
- }
-
- public boolean isServerTrusted(X509Certificate[] chain) {
- ssl.setCurrentServerChain(chain);
- boolean firstTest = trustManager.isServerTrusted(chain);
- return test(firstTest, chain);
- }
-
- public X509Certificate[] getAcceptedIssuers() {
- if ( trustChain.containsTrustAll()) {
- // This means we accept all issuers.
- return new X509Certificate[0];
- } else {
- return trustManager.getAcceptedIssuers();
- }
- }
-
- private boolean test(boolean firstTest, X509Certificate[] chain) {
- // Even if the first test failed, we might still be okay as long as
- // this SSLServer or SSLClient is setup to trust all certificates.
- if (!firstTest) {
- if (!trustChain.contains(TrustMaterial.TRUST_ALL)) {
- return false;
- }
- }
- try {
- for (int i = 0; i < chain.length; i++) {
- X509Certificate c = chain[i];
- if (ssl.getCheckExpiry()) {
- c.checkValidity();
- }
- if (ssl.getCheckCRL()) {
- Certificates.checkCRL(c);
- }
- }
- return true;
- }
- catch (CertificateException ce) {
- return false;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
index 81d91a7..bc222a8 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
@@ -61,35 +61,10 @@ public abstract class JavaImpl {
static {
JavaImpl h = null;
- try {
h = Java14.getInstance();
- }
- catch (Throwable t) {
- // System.out.println( t.toString() );
- System.out.println("commons-ssl reverting to: Java 1.3 + jsse.jar");
- }
- if (h == null) {
- h = Java13.getInstance();
- }
HANDLER = h;
}
- public static void downgrade() {
- if (HANDLER instanceof Java14) {
- HANDLER = Java13.getInstance();
- }
- }
-
- public static boolean isJava13() {
- return HANDLER instanceof Java13;
- }
-
- public static void uprade() {
- if (HANDLER instanceof Java13) {
- HANDLER = Java14.getInstance();
- }
- }
-
public abstract String getVersion();
protected abstract Object buildKeyManagerFactory(KeyStore ks, char[] pass)
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogHelper.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogHelper.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogHelper.java
deleted file mode 100644
index 7a0f090..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogHelper.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/LogHelper.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import org.apache.log4j.Logger;
-
-/**
- * <p/>
- * Wraps a Log4j Logger. This non-public class is the one actually interacting
- * with the log4j.jar library. That way LogWrapper can safely attempt to use
- * log4j.jar, but still degrade gracefully and provide logging via standard-out
- * even if log4j is unavailable.
- * <p/>
- * The interactions with log4j.jar could be done directly inside LogWrapper
- * as long as the Java code is compiled by Java 1.4 or greater (still works
- * at runtime in Java 1.3). The interactions with log4j.jar only need to be
- * pushed out into a separate class like this for people using a Java 1.3
- * compiler, which creates bytecode that is more strict with depedency
- * checking.
- *
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 3-Aug-2006
- */
-final class LogHelper {
- private final Logger l;
-
- LogHelper(Class c) { l = Logger.getLogger(c); }
-
- LogHelper(String s) { l = Logger.getLogger(s); }
-
- void debug(Object o) { l.debug(o); }
-
- void debug(Object o, Throwable t) { l.debug(o, t); }
-
- void info(Object o) { l.info(o); }
-
- void info(Object o, Throwable t) { l.info(o, t); }
-
- void warn(Object o) { l.warn(o); }
-
- void warn(Object o, Throwable t) { l.warn(o, t); }
-
- void error(Object o) { l.error(o); }
-
- void error(Object o, Throwable t) { l.error(o, t); }
-
- void fatal(Object o) { l.fatal(o); }
-
- void fatal(Object o, Throwable t) { l.fatal(o, t); }
-
- boolean isDebugEnabled() { return l.isDebugEnabled(); }
-
- boolean isInfoEnabled() { return l.isInfoEnabled(); }
-
- Object getLog4jLogger() { return l; }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogWrapper.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogWrapper.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogWrapper.java
deleted file mode 100644
index b2baeb9..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LogWrapper.java
+++ /dev/null
@@ -1,295 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/LogWrapper.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import java.io.BufferedOutputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.io.PrintStream;
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-
-/**
- * <p/>
- * LogWrapper can be used for situations where log4j might not be available on
- * the classpath. It presents the most basic and critical components of the
- * log4j API, and passes all log calls through to log4j if possible. If log4j
- * is not available, logging is sent to standard-out by default.
- * <p/>
- * This default logging to standard-out (which only occurs if log4j is NOT
- * available) can be disabled or changed via the static setBackupStream() and
- * setBackupLogFile() methods.
- *
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 3-Aug-2006
- */
-public class LogWrapper {
-
- // final static String[] LEVELS = {"DEBUG", "INFO", "WARN", "ERROR", "FATAL"};
- final static String[] LEVELS = {"+", " ", "!", "*", "#"};
- final static String TIMESTAMP_PATTERN = "zzz:yyyy-MM-dd/HH:mm:ss.SSS";
- final static int TIMESTAMP_LENGTH = TIMESTAMP_PATTERN.length();
- final static String LINE_SEPARATOR = System.getProperty("line.separator");
- final static DateFormat DF = new SimpleDateFormat(TIMESTAMP_PATTERN);
-
- private final static LogWrapper NOOP = new LogWrapper();
-
- /** Should we print DEBUG statements if log4j is not available? */
- private final static boolean DEBUG = true;
-
- /** true if log4j is available */
- public final static boolean log4j;
-
- /**
- * OutputStream to log to if log4j is not available. Set it to null to
- * disable.
- */
- private static volatile OutputStream backup = System.out;
-
- /** The wrappingPrintStream is lazy-initted if we have to log a stacktrace. */
- private static volatile PrintStream wrappingPrintStream = null;
-
- private final LogHelper h;
-
- static {
- boolean avail = false;
- try {
- // LogHelper's constructor will blow up if log4j.jar isn't on the
- // classpath.
- LogHelper lh = new LogHelper(LogWrapper.class);
- lh.hashCode();
- avail = true;
- }
- catch (Throwable t) {
- avail = false;
- }
- finally {
- log4j = avail;
- }
- }
-
- public static boolean isLog4jAvailable() { return log4j; }
-
- public static LogWrapper getLogger(Class c) {
- return log4j ? new LogWrapper(c) : NOOP;
- }
-
- public static LogWrapper getLogger(String s) {
- return log4j ? new LogWrapper(s) : NOOP;
- }
-
- private LogWrapper() { this.h = null; }
-
- private LogWrapper(Class c) { this.h = new LogHelper(c); }
-
- private LogWrapper(String s) { this.h = new LogHelper(s); }
-
- public void debug(Object o) {
- if (t(0, o, null)) {
- h.debug(o);
- }
- }
-
- public void debug(Object o, Throwable t) {
- if (t(0, o, t)) {
- h.debug(o, t);
- }
- }
-
- public void info(Object o) {
- if (t(1, o, null)) {
- h.info(o);
- }
- }
-
- public void info(Object o, Throwable t) {
- if (t(1, o, t)) {
- h.info(o, t);
- }
- }
-
- public void warn(Object o) {
- if (t(2, o, null)) {
- h.warn(o);
- }
- }
-
- public void warn(Object o, Throwable t) {
- if (t(2, o, t)) {
- h.warn(o, t);
- }
- }
-
- public void error(Object o) {
- if (t(3, o, null)) {
- h.error(o);
- }
- }
-
- public void error(Object o, Throwable t) {
- if (t(3, o, t)) {
- h.error(o, t);
- }
- }
-
- public void fatal(Object o) {
- if (t(4, o, null)) {
- h.fatal(o);
- }
- }
-
- public void fatal(Object o, Throwable t) {
- if (t(4, o, t)) {
- h.fatal(o, t);
- }
- }
-
- public boolean isDebugEnabled() { return log4j ? h.isDebugEnabled() : DEBUG;}
-
- public boolean isInfoEnabled() { return !log4j || h.isInfoEnabled(); }
-
- public Object getLog4jLogger() { return log4j ? h.getLog4jLogger() : null; }
-
-
- /**
- * Tests if log4j is available. If not, logs to backup OutputStream (if
- * backup != null).
- *
- * @param level log4j logging level for this statement
- * @param o object to log
- * @param t throwable to log
- * @return true if log4j is available, false if log4j is not. If it returns
- * false, as a side-effect, it will also log the statement.
- */
- private boolean t(int level, Object o, Throwable t) {
- if (log4j) {
- return true;
- } else {
- // LogWrapper doesn't log debug statements if Log4j is not available
- // and DEBUG is false.
- if (backup != null && (DEBUG || level > 0)) {
- String s = ""; // log4j allows null
- if (o != null) {
- try {
- s = (String) o;
- }
- catch (ClassCastException cce) {
- s = o.toString();
- }
- }
- int len = s.length() + TIMESTAMP_LENGTH + 9;
- String timestamp = DF.format(new Date());
- StringBuffer buf = new StringBuffer(len);
- buf.append(timestamp);
- if (LEVELS[level].length() == 1) {
- buf.append(LEVELS[level]);
- } else {
- buf.append(' ');
- buf.append(LEVELS[level]);
- buf.append(' ');
- }
- buf.append(s);
- buf.append(LINE_SEPARATOR);
- s = buf.toString();
- byte[] logBytes = s.getBytes();
- try {
- if (t == null) {
- backup.write(logBytes);
- } else {
- synchronized (backup) {
- backup.write(logBytes);
- if (t != null) {
- if (wrappingPrintStream == null) {
- wrappingPrintStream = new PrintStream(backup, false);
- }
- t.printStackTrace(wrappingPrintStream);
- wrappingPrintStream.flush();
- }
- }
- }
- backup.flush(); // J2RE 1.5.0 IBM J9 2.3 Linux x86-32 needs this.
- }
- catch (IOException ioe) {
- throw new RuntimeException(ioe.toString());
- }
- }
- return false;
- }
- }
-
- /**
- * Set file to log to if log4j is not available.
- *
- * @param f path to use for backup log file (if log4j not available)
- * @throws java.io.IOException if we can't write to the given path
- */
- public static void setBackupLogFile(String f)
- throws IOException {
- if (!log4j) {
- OutputStream out = new FileOutputStream(f, true);
- out = new BufferedOutputStream(out);
- setBackupStream(out);
- }
- }
-
- /**
- * Set PrintStream to log to if log4j is not available. Set to null to
- * disable. Default value is System.out.
- *
- * @param os outputstream to use for backup logging (if log4j not available)
- */
- public static void setBackupStream(OutputStream os) {
- // synchronize on the old backup - don't want to pull the rug out from
- // under him if he's working on a big stacktrace or something like that.
- if (backup != null) {
- synchronized (backup) {
- wrappingPrintStream = null;
- backup = os;
- }
- } else {
- wrappingPrintStream = null;
- backup = os;
- }
- }
-
- /**
- * Get the PrintStream we're logging to if log4j is not available.
- *
- * @return OutputStream we're using as our log4j replacement.
- */
- public static OutputStream getBackupStream() { return backup; }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
index c4d3798..2990cda 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
@@ -31,7 +31,9 @@
package org.apache.commons.ssl;
-import org.apache.commons.ssl.util.Hex;
+import org.apache.kerby.util.Base64;
+import org.apache.kerby.util.Base64InputStream;
+import org.apache.kerby.util.Hex;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
index e0a9684..c935f39 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
@@ -31,7 +31,7 @@
package org.apache.commons.ssl;
-import org.apache.commons.ssl.util.Hex;
+import org.apache.kerby.util.Hex;
import java.util.Collections;
import java.util.Map;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
index c2a7099..2c60c5d 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
@@ -32,6 +32,7 @@
package org.apache.commons.ssl;
import org.apache.commons.ssl.util.ByteArrayReadLine;
+import org.apache.kerby.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/RMISocketFactoryImpl.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/RMISocketFactoryImpl.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/RMISocketFactoryImpl.java
deleted file mode 100644
index fcf7c5c..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/RMISocketFactoryImpl.java
+++ /dev/null
@@ -1,578 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/RMISocketFactoryImpl.java $
- * $Revision: 166 $
- * $Date: 2014-04-28 11:40:25 -0700 (Mon, 28 Apr 2014) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import javax.net.ServerSocketFactory;
-import javax.net.SocketFactory;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLProtocolException;
-import javax.net.ssl.SSLSocket;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InterruptedIOException;
-import java.net.DatagramSocket;
-import java.net.InetAddress;
-import java.net.NetworkInterface;
-import java.net.ServerSocket;
-import java.net.Socket;
-import java.net.SocketException;
-import java.net.UnknownHostException;
-import java.rmi.server.RMISocketFactory;
-import java.security.GeneralSecurityException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.Map;
-import java.util.Set;
-import java.util.SortedSet;
-import java.util.TreeMap;
-import java.util.TreeSet;
-
-
-/**
- * An RMISocketFactory ideal for using RMI over SSL. The server secures both
- * the registry and the remote objects. The client assumes that either both
- * the registry and the remote objects will use SSL, or both will use
- * plain-socket. The client is able to auto detect plain-socket registries
- * and downgrades itself to accomodate those.
- * <p/>
- * Unlike most existing RMI over SSL solutions in use (including Java 5's
- * javax.rmi.ssl.SslRMIClientSocketFactory), this one does proper SSL hostname
- * verification. From the client perspective this is straighforward. From
- * the server perspective we introduce a clever trick: we perform an initial
- * "hostname verification" by trying the current value of
- * "java.rmi.server.hostname" against our server certificate. If the
- * "java.rmi.server.hostname" System Property isn't set, we set it ourselves
- * using the CN value we extract from our server certificate! (Some
- * complications arise should a wildcard certificate show up, but we try our
- * best to deal with those).
- * <p/>
- * An SSL server cannot be started without a private key. We have defined some
- * default behaviour for trying to find a private key to use that we believe
- * is convenient and sensible:
- * <p/>
- * If running from inside Tomcat, we try to re-use Tomcat's private key and
- * certificate chain (assuming Tomcat-SSL on port 8443 is enabled). If this
- * isn't available, we look for the "javax.net.ssl.keyStore" System property.
- * Finally, if that isn't available, we look for "~/.keystore" and assume
- * a password of "changeit".
- * <p/>
- * If after all these attempts we still failed to find a private key, the
- * RMISocketFactoryImpl() constructor will throw an SSLException.
- *
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Apr-2005
- */
-public class RMISocketFactoryImpl extends RMISocketFactory {
- public final static String RMI_HOSTNAME_KEY = "java.rmi.server.hostname";
- private final static LogWrapper log = LogWrapper.getLogger(RMISocketFactoryImpl.class);
-
- private volatile SocketFactory defaultClient;
- private volatile ServerSocketFactory sslServer;
- private volatile String localBindAddress = null;
- private volatile int anonymousPort = 31099;
- private Map clientMap = new TreeMap();
- private Map serverSockets = new HashMap();
- private final SocketFactory plainClient = SocketFactory.getDefault();
-
- public RMISocketFactoryImpl() throws GeneralSecurityException, IOException {
- this(true);
- }
-
- /**
- * @param createDefaultServer If false, then we only set the default
- * client, and the default server is set to null.
- * If true, then a default server is also created.
- * @throws java.security.GeneralSecurityException bad things
- * @throws java.io.IOException bad things
- */
- public RMISocketFactoryImpl(boolean createDefaultServer)
- throws GeneralSecurityException, IOException {
- SSLServer defaultServer = createDefaultServer ? new SSLServer() : null;
- SSLClient defaultClient = new SSLClient();
-
- // RMI calls to localhost will not check that host matches CN in
- // certificate. Hopefully this is acceptable. (The registry server
- // will followup the registry lookup with the proper DNS name to get
- // the remote object, anyway).
- HostnameVerifier verifier = HostnameVerifier.DEFAULT_AND_LOCALHOST;
- defaultClient.setHostnameVerifier(verifier);
- if (defaultServer != null) {
- defaultServer.setHostnameVerifier(verifier);
- // The RMI server will try to re-use Tomcat's "port 8443" SSL
- // Certificate if possible.
- defaultServer.useTomcatSSLMaterial();
- X509Certificate[] x509 = defaultServer.getAssociatedCertificateChain();
- if (x509 == null || x509.length < 1) {
- throw new SSLException("Cannot initialize RMI-SSL Server: no KeyMaterial!");
- }
- setServer(defaultServer);
- }
- setDefaultClient(defaultClient);
- }
-
- public void setServer(ServerSocketFactory f)
- throws GeneralSecurityException, IOException {
- this.sslServer = f;
- if (f instanceof SSLServer) {
- final HostnameVerifier VERIFIER;
- VERIFIER = HostnameVerifier.DEFAULT_AND_LOCALHOST;
-
- final SSLServer ssl = (SSLServer) f;
- final X509Certificate[] chain = ssl.getAssociatedCertificateChain();
- String[] cns = Certificates.getCNs(chain[0]);
- String[] subjectAlts = Certificates.getDNSSubjectAlts(chain[0]);
- LinkedList names = new LinkedList();
- if (cns != null && cns.length > 0) {
- // Only first CN is used. Not going to get into the IE6 nonsense
- // where all CN values are used.
- names.add(cns[0]);
- }
- if (subjectAlts != null && subjectAlts.length > 0) {
- names.addAll(Arrays.asList(subjectAlts));
- }
-
- String rmiHostName = System.getProperty(RMI_HOSTNAME_KEY);
- // If "java.rmi.server.hostname" is already set, don't mess with it.
- // But blowup if it's not going to work with our SSL Server
- // Certificate!
- if (rmiHostName != null) {
- try {
- VERIFIER.check(rmiHostName, cns, subjectAlts);
- }
- catch (SSLException ssle) {
- String s = ssle.toString();
- throw new SSLException(RMI_HOSTNAME_KEY + " of " + rmiHostName + " conflicts with SSL Server Certificate: " + s);
- }
- } else {
- // If SSL Cert only contains one non-wild name, just use that and
- // hope for the best.
- boolean hopingForBest = false;
- if (names.size() == 1) {
- String name = (String) names.get(0);
- if (!name.startsWith("*")) {
- System.setProperty(RMI_HOSTNAME_KEY, name);
- log.warn("commons-ssl '" + RMI_HOSTNAME_KEY + "' set to '" + name + "' as found in my SSL Server Certificate.");
- hopingForBest = true;
- }
- }
- if (!hopingForBest) {
- // Help me, Obi-Wan Kenobi; you're my only hope. All we can
- // do now is grab our internet-facing addresses, reverse-lookup
- // on them, and hope that one of them validates against our
- // server cert.
- Set s = getMyInternetFacingIPs();
- Iterator it = s.iterator();
- while (it.hasNext()) {
- String name = (String) it.next();
- try {
- VERIFIER.check(name, cns, subjectAlts);
- System.setProperty(RMI_HOSTNAME_KEY, name);
- log.warn("commons-ssl '" + RMI_HOSTNAME_KEY + "' set to '" + name + "' as found by reverse-dns against my own IP.");
- hopingForBest = true;
- break;
- }
- catch (SSLException ssle) {
- // next!
- }
- }
- }
- if (!hopingForBest) {
- throw new SSLException("'" + RMI_HOSTNAME_KEY + "' not present. Must work with my SSL Server Certificate's CN field: " + names);
- }
- }
- }
- trustOurself();
- }
-
- public void setLocalBindAddress(String localBindAddress) {
- this.localBindAddress = localBindAddress;
- }
-
- public void setAnonymousPort(int port) {
- this.anonymousPort = port;
- }
-
- public void setDefaultClient(SocketFactory f)
- throws GeneralSecurityException, IOException {
- this.defaultClient = f;
- trustOurself();
- }
-
- public void setClient(String host, SocketFactory f)
- throws GeneralSecurityException, IOException {
- if (f != null && sslServer != null) {
- boolean clientIsCommonsSSL = f instanceof SSLClient;
- boolean serverIsCommonsSSL = sslServer instanceof SSLServer;
- if (clientIsCommonsSSL && serverIsCommonsSSL) {
- SSLClient c = (SSLClient) f;
- SSLServer s = (SSLServer) sslServer;
- trustEachOther(c, s);
- }
- }
- Set names = hostnamePossibilities(host);
- Iterator it = names.iterator();
- synchronized (this) {
- while (it.hasNext()) {
- clientMap.put(it.next(), f);
- }
- }
- }
-
- public void removeClient(String host) {
- Set names = hostnamePossibilities(host);
- Iterator it = names.iterator();
- synchronized (this) {
- while (it.hasNext()) {
- clientMap.remove(it.next());
- }
- }
- }
-
- public synchronized void removeClient(SocketFactory sf) {
- Iterator it = clientMap.entrySet().iterator();
- while (it.hasNext()) {
- Map.Entry entry = (Map.Entry) it.next();
- Object o = entry.getValue();
- if (sf.equals(o)) {
- it.remove();
- }
- }
- }
-
- private Set hostnamePossibilities(String host) {
- host = host != null ? host.toLowerCase().trim() : "";
- if ("".equals(host)) {
- return Collections.EMPTY_SET;
- }
- TreeSet names = new TreeSet();
- names.add(host);
- InetAddress[] addresses;
- try {
- // If they gave us "hostname.com", this will give us the various
- // IP addresses:
- addresses = InetAddress.getAllByName(host);
- for (int i = 0; i < addresses.length; i++) {
- String name1 = addresses[i].getHostName();
- String name2 = addresses[i].getHostAddress();
- names.add(name1.trim().toLowerCase());
- names.add(name2.trim().toLowerCase());
- }
- }
- catch (UnknownHostException uhe) {
- /* oh well, nothing found, nothing to add for this client */
- }
-
- try {
- host = InetAddress.getByName(host).getHostAddress();
-
- // If they gave us "1.2.3.4", this will hopefully give us
- // "hostname.com" so that we can then try and find any other
- // IP addresses associated with that name.
- host = InetAddress.getByName(host).getHostName();
- names.add(host.trim().toLowerCase());
- addresses = InetAddress.getAllByName(host);
- for (int i = 0; i < addresses.length; i++) {
- String name1 = addresses[i].getHostName();
- String name2 = addresses[i].getHostAddress();
- names.add(name1.trim().toLowerCase());
- names.add(name2.trim().toLowerCase());
- }
- }
- catch (UnknownHostException uhe) {
- /* oh well, nothing found, nothing to add for this client */
- }
- return names;
- }
-
- private void trustOurself()
- throws GeneralSecurityException, IOException {
- if (defaultClient == null || sslServer == null) {
- return;
- }
- boolean clientIsCommonsSSL = defaultClient instanceof SSLClient;
- boolean serverIsCommonsSSL = sslServer instanceof SSLServer;
- if (clientIsCommonsSSL && serverIsCommonsSSL) {
- SSLClient c = (SSLClient) defaultClient;
- SSLServer s = (SSLServer) sslServer;
- trustEachOther(c, s);
- }
- }
-
- private void trustEachOther(SSLClient client, SSLServer server)
- throws GeneralSecurityException, IOException {
- if (client != null && server != null) {
- // Our own client should trust our own server.
- X509Certificate[] certs = server.getAssociatedCertificateChain();
- if (certs != null && certs[0] != null) {
- TrustMaterial tm = new TrustMaterial(certs[0]);
- client.addTrustMaterial(tm);
- }
-
- // Our own server should trust our own client.
- certs = client.getAssociatedCertificateChain();
- if (certs != null && certs[0] != null) {
- TrustMaterial tm = new TrustMaterial(certs[0]);
- server.addTrustMaterial(tm);
- }
- }
- }
-
- public ServerSocketFactory getServer() { return sslServer; }
-
- public SocketFactory getDefaultClient() { return defaultClient; }
-
- public synchronized SocketFactory getClient(String host) {
- host = host != null ? host.trim().toLowerCase() : "";
- return (SocketFactory) clientMap.get(host);
- }
-
- public synchronized ServerSocket createServerSocket(int port)
- throws IOException {
- // Re-use existing ServerSocket if possible.
- if (port == 0) {
- port = anonymousPort;
- }
- Integer key = new Integer(port);
- ServerSocket ss = (ServerSocket) serverSockets.get(key);
- if (ss == null || ss.isClosed()) {
- if (ss != null && ss.isClosed()) {
- System.out.println("found closed server on port: " + port);
- }
- log.debug("commons-ssl RMI server-socket: listening on port " + port);
- ss = sslServer.createServerSocket(port);
- serverSockets.put(key, ss);
- }
- return ss;
- }
-
- public Socket createSocket(String host, int port)
- throws IOException {
- host = host != null ? host.trim().toLowerCase() : "";
- InetAddress local = null;
- String bindAddress = localBindAddress;
- if (bindAddress == null) {
- bindAddress = System.getProperty(RMI_HOSTNAME_KEY);
- if (bindAddress != null) {
- local = InetAddress.getByName(bindAddress);
- if (!local.isLoopbackAddress()) {
- String ip = local.getHostAddress();
- Set myInternetIps = getMyInternetFacingIPs();
- if (!myInternetIps.contains(ip)) {
- log.warn("Cannot bind to " + ip + " since it doesn't exist on this machine.");
- // Not going to be able to bind as this. Our RMI_HOSTNAME_KEY
- // must be set to some kind of proxy in front of us. So we
- // still want to use it, but we can't bind to it.
- local = null;
- bindAddress = null;
- }
- }
- }
- }
- if (bindAddress == null) {
- // Our last resort - let's make sure we at least use something that's
- // internet facing!
- bindAddress = getMyDefaultIP();
- }
- if (local == null && bindAddress != null) {
- local = InetAddress.getByName(bindAddress);
- localBindAddress = local.getHostName();
- }
-
- SocketFactory sf;
- synchronized (this) {
- sf = (SocketFactory) clientMap.get(host);
- }
- if (sf == null) {
- sf = defaultClient;
- }
-
- Socket s = null;
- SSLSocket ssl = null;
- int soTimeout = Integer.MIN_VALUE;
- IOException reasonForPlainSocket = null;
- boolean tryPlain = false;
- try {
- s = sf.createSocket(host, port, local, 0);
- soTimeout = s.getSoTimeout();
- if (!(s instanceof SSLSocket)) {
- // Someone called setClient() or setDefaultClient() and passed in
- // a plain socket factory. Okay, nothing to see, move along.
- return s;
- } else {
- ssl = (SSLSocket) s;
- }
-
- // If we don't get the peer certs in 15 seconds, revert to plain
- // socket.
- ssl.setSoTimeout(15000);
- ssl.getSession().getPeerCertificates();
-
- // Everything worked out okay, so go back to original soTimeout.
- ssl.setSoTimeout(soTimeout);
- return ssl;
- }
- catch (IOException ioe) {
- // SSL didn't work. Let's analyze the IOException to see if maybe
- // we're accidentally attempting to talk to a plain-socket RMI
- // server.
- Throwable t = ioe;
- while (!tryPlain && t != null) {
- tryPlain = tryPlain || t instanceof EOFException;
- tryPlain = tryPlain || t instanceof InterruptedIOException;
- tryPlain = tryPlain || t instanceof SSLProtocolException;
- t = t.getCause();
- }
- if (!tryPlain && ioe instanceof SSLPeerUnverifiedException) {
- try {
- if (ssl != null) {
- ssl.startHandshake();
- }
- }
- catch (IOException ioe2) {
- // Stacktrace from startHandshake() will be more descriptive
- // then the one we got from getPeerCertificates().
- ioe = ioe2;
- t = ioe2;
- while (!tryPlain && t != null) {
- tryPlain = tryPlain || t instanceof EOFException;
- tryPlain = tryPlain || t instanceof InterruptedIOException;
- tryPlain = tryPlain || t instanceof SSLProtocolException;
- t = t.getCause();
- }
- }
- }
- if (!tryPlain) {
- log.debug("commons-ssl RMI-SSL failed: " + ioe);
- throw ioe;
- } else {
- reasonForPlainSocket = ioe;
- }
- }
- finally {
- // Some debug logging:
- boolean isPlain = tryPlain || (s != null && ssl == null);
- String socket = isPlain ? "RMI plain-socket " : "RMI ssl-socket ";
- String localIP = local != null ? local.getHostAddress() : "ANY";
- StringBuffer buf = new StringBuffer(64);
- buf.append(socket);
- buf.append(localIP);
- buf.append(" --> ");
- buf.append(host);
- buf.append(":");
- buf.append(port);
- log.debug(buf.toString());
- }
-
- // SSL didn't work. Remote server either timed out, or sent EOF, or
- // there was some kind of SSLProtocolException. (Any other problem
- // would have caused an IOException to be thrown, so execution wouldn't
- // have made it this far). Maybe plain socket will work in these three
- // cases.
- sf = plainClient;
- s = JavaImpl.connect(null, sf, host, port, local, 0, 15000, null);
- if (soTimeout != Integer.MIN_VALUE) {
- s.setSoTimeout(soTimeout);
- }
-
- try {
- // Plain socket worked! Let's remember that for next time an RMI call
- // against this host happens.
- setClient(host, plainClient);
- String msg = "RMI downgrading from SSL to plain-socket for " + host + " because of " + reasonForPlainSocket;
- log.warn(msg, reasonForPlainSocket);
- }
- catch (GeneralSecurityException gse) {
- throw new RuntimeException("can't happen because we're using plain socket", gse);
- // won't happen because we're using plain socket, not SSL.
- }
-
- return s;
- }
-
-
- public static String getMyDefaultIP() {
- String anInternetIP = "64.111.122.211";
- String ip = null;
- try {
- DatagramSocket dg = new DatagramSocket();
- dg.setSoTimeout(250);
- // 64.111.122.211 is juliusdavies.ca.
- // This code doesn't actually send any packets (so no firewalls can
- // get in the way). It's just a neat trick for getting our
- // internet-facing interface card.
- InetAddress addr = Util.toInetAddress(anInternetIP);
- dg.connect(addr, 12345);
- InetAddress localAddr = dg.getLocalAddress();
- ip = localAddr.getHostAddress();
- // log.debug( "Using bogus UDP socket (" + anInternetIP + ":12345), I think my IP address is: " + ip );
- dg.close();
- if (localAddr.isLoopbackAddress() || "0.0.0.0".equals(ip)) {
- ip = null;
- }
- }
- catch (IOException ioe) {
- log.debug("Bogus UDP didn't work: " + ioe);
- }
- return ip;
- }
-
- public static SortedSet getMyInternetFacingIPs() throws SocketException {
- TreeSet set = new TreeSet();
- Enumeration en = NetworkInterface.getNetworkInterfaces();
- while (en.hasMoreElements()) {
- NetworkInterface ni = (NetworkInterface) en.nextElement();
- Enumeration en2 = ni.getInetAddresses();
- while (en2.hasMoreElements()) {
- InetAddress addr = (InetAddress) en2.nextElement();
- if (!addr.isLoopbackAddress()) {
- String ip = addr.getHostAddress();
- String reverse = addr.getHostName();
- // IP:
- set.add(ip);
- // Reverse-Lookup:
- set.add(reverse);
-
- }
- }
- }
- return set;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
index 5f9f6dc..c4a5be3 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
@@ -219,14 +219,6 @@ public class SSL {
{
Object obj = getSSLContextAsObject();
- if (JavaImpl.isJava13()) {
- try {
- return (SSLContext) obj;
- }
- catch (ClassCastException cce) {
- throw new ClassCastException("When using Java13 SSL, you must call SSL.getSSLContextAsObject() - " + cce);
- }
- }
return (SSLContext) obj;
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLServer.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLServer.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLServer.java
index 13472ed..4d58988 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLServer.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLServer.java
@@ -71,40 +71,6 @@ public class SSLServer extends SSLServerSocketFactory {
}
}
- /**
- * Tries to extract the TrustMaterial and KeyMaterial being used by a Tomcat
- * SSL server (usually on 8443) by analyzing Tomcat's "server.xml" file. If
- * the extraction is successful, the TrustMaterial and KeyMaterial are
- * applied to this SSLServer.
- *
- * @return true if the operation was successful.
- * @throws java.security.GeneralSecurityException setKeyMaterial() failed
- * @throws java.io.IOException setKeyMaterial() failed
- */
- public boolean useTomcatSSLMaterial()
- throws GeneralSecurityException, IOException {
- // If running inside Tomcat, let's try to re-use Tomcat's SSL
- // certificate for our own stuff (e.g. RMI-SSL).
- Integer p8443 = Integer.valueOf(8443);
- KeyMaterial km;
- TrustMaterial tm;
- km = (KeyMaterial) TomcatServerXML.KEY_MATERIAL_BY_PORT.get(p8443);
- tm = (TrustMaterial) TomcatServerXML.TRUST_MATERIAL_BY_PORT.get(p8443);
-
- // If 8443 isn't set, let's take lowest secure port.
- km = km == null ? TomcatServerXML.KEY_MATERIAL : km;
- tm = tm == null ? TomcatServerXML.TRUST_MATERIAL : tm;
- boolean success = false;
- if (km != null) {
- setKeyMaterial(km);
- success = true;
- if (tm != null && !TrustMaterial.DEFAULT.equals(tm)) {
- setTrustMaterial(tm);
- }
- }
- return success;
- }
-
private boolean useDefaultKeyMaterial()
throws GeneralSecurityException, IOException {
// If we're not able to re-use Tomcat's SSLServerSocket configuration,
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLWrapperFactory.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLWrapperFactory.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLWrapperFactory.java
index c8fa432..3f15b83 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLWrapperFactory.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSLWrapperFactory.java
@@ -82,10 +82,7 @@ public interface SSLWrapperFactory {
// the accept() call.
public SSLServerSocket wrap(SSLServerSocket s, SSL ssl)
throws IOException {
- // Can't wrap with Java 1.3 because SSLServerSocket's constructor has
- // default access instead of protected access in Java 1.3.
- boolean java13 = JavaImpl.isJava13();
- return java13 ? s : new SSLServerSocketWrapper(s, ssl, this);
+ return new SSLServerSocketWrapper(s, ssl, this);
}
};
@@ -99,10 +96,7 @@ public interface SSLWrapperFactory {
public SSLServerSocket wrap(SSLServerSocket s, SSL ssl)
throws IOException {
- // Can't wrap with Java 1.3 because SSLServerSocket's constructor has
- // default access instead of protected access in Java 1.3.
- boolean java13 = JavaImpl.isJava13();
- return java13 ? s : new SSLServerSocketWrapper(s, ssl, this);
+ return new SSLServerSocketWrapper(s, ssl, this);
}
};
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/TomcatServerXML.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/TomcatServerXML.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/TomcatServerXML.java
deleted file mode 100644
index 382c9f0..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/TomcatServerXML.java
+++ /dev/null
@@ -1,231 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/TomcatServerXML.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Collections;
-import java.util.Map;
-import java.util.SortedMap;
-import java.util.TreeMap;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public class TomcatServerXML {
- private final static LogWrapper log = LogWrapper.getLogger(TomcatServerXML.class);
-
- /**
- * KeyMaterial extracted from Tomcat's conf/server.xml. There might be
- * several KeyMaterials to extract if Tomcat has different SSL Certificates
- * listening on different ports. This particular KeyMaterial will come from
- * the lowest secure port that Tomcat is properly configured to open.
- */
- public final static KeyMaterial KEY_MATERIAL;
-
- /**
- * TrustMaterial extracted from Tomcat's conf/server.xml. There might be
- * several TrustMaterials to extract if Tomcat has different SSL Certificates
- * listening on different ports. This particular TrustMaterial will come
- * from the lowest secure port that Tomcat is properly configured to open.
- * </p><p>
- * There's a good chance this will be set to TrustMaterial.DEFAULT (which
- * use's the JVM's '$JAVA_HOME/jre/lib/security/cacerts' file).
- * </p><p>
- * Note: With SSLServerSockets, TrustMaterial only matters when the
- * incoming client socket (SSLSocket) presents a client certificate.
- * </p>
- */
- public final static TrustMaterial TRUST_MATERIAL;
-
- /**
- * new Integer( port ) --> KeyMaterial mapping of SSL Certificates found
- * inside Tomcat's conf/server.xml file.
- */
- public final static SortedMap KEY_MATERIAL_BY_PORT;
-
- /**
- * new Integer( port ) --> TrustMaterial mapping of SSL configuration
- * found inside Tomcat's conf/server.xml file.
- * </p><p>
- * Many of these will probably be TrustMaterial.DEFAULT (which uses the
- * JVM's '$JAVA_HOME/jre/lib/security/cacerts' file).
- * </p><p>
- * Note: With SSLServerSockets, TrustMaterial only matters when the
- * incoming client socket (SSLSocket) presents a client certificate.
- * </p>
- */
- public final static SortedMap TRUST_MATERIAL_BY_PORT;
-
- static {
- String tomcatHome = System.getProperty("catalina.home");
- String serverXML = tomcatHome + "/conf/server.xml";
- TreeMap keyMap = new TreeMap();
- TreeMap trustMap = new TreeMap();
- InputStream in = null;
- Document doc = null;
- try {
- if (tomcatHome != null) {
- File f = new File(serverXML);
- if (f.exists()) {
- try {
- in = new FileInputStream(serverXML);
- }
- catch (IOException ioe) {
- // oh well, no soup for us.
- log.warn("Commons-SSL failed to load Tomcat's [" + serverXML + "] " + ioe);
- }
- }
- }
- if (in != null) {
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
- try {
- DocumentBuilder db = dbf.newDocumentBuilder();
- doc = db.parse(in);
- }
- catch (Exception e) {
- log.warn("Commons-SSL failed to parse Tomcat's [" + serverXML + "] " + e);
- }
- }
- if (doc != null) {
- loadTomcatConfig(doc, keyMap, trustMap);
- }
- }
- finally {
- if (in != null) {
- try { in.close(); } catch (Exception e) { /* . */ }
- }
- }
- KEY_MATERIAL_BY_PORT = Collections.unmodifiableSortedMap(keyMap);
- TRUST_MATERIAL_BY_PORT = Collections.unmodifiableSortedMap(trustMap);
-
- KeyMaterial km = null;
- TrustMaterial tm = null;
- if (!keyMap.isEmpty()) {
- km = (KeyMaterial) keyMap.get(keyMap.firstKey());
- }
- if (!trustMap.isEmpty()) {
- tm = (TrustMaterial) trustMap.get(trustMap.firstKey());
- }
- KEY_MATERIAL = km;
- TRUST_MATERIAL = tm;
-
- }
-
- private static void loadTomcatConfig(Document d, Map keyMap, Map trustMap) {
- final String userHome = System.getProperty("user.home");
- NodeList nl = d.getElementsByTagName("Connector");
- for (int i = 0; i < nl.getLength(); i++) {
- KeyMaterial km = null;
- TrustMaterial tm = null;
-
- Element element = (Element) nl.item(i);
- String secure = element.getAttribute("secure");
- String portString = element.getAttribute("port");
- Integer port = null;
- String pass;
- try {
- portString = portString != null ? portString.trim() : "";
- port = new Integer(portString);
- }
- catch (NumberFormatException nfe) {
- // oh well
- }
- if (port != null && Util.isYes(secure)) {
- // Key Material
- String keystoreFile = element.getAttribute("keystoreFile");
- pass = element.getAttribute("keystorePass");
- if (!element.hasAttribute("keystoreFile")) {
- keystoreFile = userHome + "/.keystore";
- }
- if (!element.hasAttribute("keystorePass")) {
- pass = "changeit";
- }
- char[] keystorePass = pass != null ? pass.toCharArray() : null;
-
- // Trust Material
- String truststoreFile = element.getAttribute("truststoreFile");
- pass = element.getAttribute("truststorePass");
- if (!element.hasAttribute("truststoreFile")) {
- truststoreFile = null;
- }
- if (!element.hasAttribute("truststorePass")) {
- pass = null;
- }
- char[] truststorePass = pass != null ? pass.toCharArray() : null;
-
-
- if (keystoreFile == null) {
- km = null;
- } else {
- try {
- km = new KeyMaterial(keystoreFile, keystorePass);
- }
- catch (Exception e) {
- log.warn("Commons-SSL failed to load [" + keystoreFile + "] " + e);
- }
- }
- if (truststoreFile == null) {
- tm = TrustMaterial.DEFAULT;
- } else {
- try {
- tm = new TrustMaterial(truststoreFile, truststorePass);
- }
- catch (Exception e) {
- log.warn("Commons-SSL failed to load [" + truststoreFile + "] " + e);
- }
- }
-
- Object o = keyMap.put(port, km);
- if (o != null) {
- log.debug("Commons-SSL TomcatServerXML keyMap clobbered port: " + port);
- }
- o = trustMap.put(port, tm);
- if (o != null) {
- log.debug("Commons-SSL TomcatServerXML trustMap clobbered port: " + port);
- }
- }
- }
- }
-
-}
[6/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Posted by dr...@apache.org.
Clean up not-commons-ssl library, removing many unwanted and not much relevant
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/bc5c276e
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/bc5c276e
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/bc5c276e
Branch: refs/heads/master
Commit: bc5c276eec622e36c3a0dc340692834ff13da8fe
Parents: 5c70429
Author: Drankye <dr...@gmail.com>
Authored: Mon Jan 26 00:43:39 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Mon Jan 26 00:43:39 2015 +0800
----------------------------------------------------------------------
3rdparty/not-yet-commons-ssl/README.txt | 10 +-
3rdparty/not-yet-commons-ssl/docs/.htaccess | 3 -
3rdparty/not-yet-commons-ssl/docs/404.html | 55 -
.../not-yet-commons-ssl/docs/TrustExample.java | 114 --
.../docs/TrustExample.java.html | 131 --
3rdparty/not-yet-commons-ssl/docs/about.html | 73 --
3rdparty/not-yet-commons-ssl/docs/download.html | 263 ----
3rdparty/not-yet-commons-ssl/docs/index.html | 119 --
.../docs/openssl/compare.txt | 28 -
.../docs/openssl/profile.3.10 | 72 --
.../docs/openssl/profile.3.9 | 72 --
3rdparty/not-yet-commons-ssl/docs/pbe.html | 204 ----
3rdparty/not-yet-commons-ssl/docs/ping.html | 93 --
3rdparty/not-yet-commons-ssl/docs/pkcs8.html | 156 ---
3rdparty/not-yet-commons-ssl/docs/rmi.html | 102 --
3rdparty/not-yet-commons-ssl/docs/roadmap.html | 86 --
3rdparty/not-yet-commons-ssl/docs/source.html | 38 -
3rdparty/not-yet-commons-ssl/docs/ssl.html | 106 --
3rdparty/not-yet-commons-ssl/docs/tree.html | 1137 ------------------
.../not-yet-commons-ssl/docs/utilities.html | 91 --
.../not-yet-commons-ssl-0.3.16.jar | Bin 273191 -> 0 bytes
3rdparty/not-yet-commons-ssl/pom.xml | 6 +
.../ssl/AuthSSLProtocolSocketFactory.java | 204 ----
.../ssl/EasySSLProtocolSocketFactory.java | 101 --
.../ssl/StrictSSLProtocolSocketFactory.java | 131 --
.../ssl/TrustSSLProtocolSocketFactory.java | 207 ----
.../apache/commons/ssl/Asn1PkcsStructure.java | 2 +-
.../org/apache/commons/ssl/Asn1PkcsUtil.java | 2 +-
.../java/org/apache/commons/ssl/Base64.java | 1048 ----------------
.../apache/commons/ssl/Base64InputStream.java | 174 ---
.../apache/commons/ssl/Base64OutputStream.java | 198 ---
.../org/apache/commons/ssl/Certificates.java | 2 +
.../java/org/apache/commons/ssl/Java13.java | 303 -----
.../commons/ssl/Java13KeyManagerWrapper.java | 82 --
.../commons/ssl/Java13TrustManagerWrapper.java | 103 --
.../java/org/apache/commons/ssl/JavaImpl.java | 25 -
.../java/org/apache/commons/ssl/LogHelper.java | 87 --
.../java/org/apache/commons/ssl/LogWrapper.java | 295 -----
.../java/org/apache/commons/ssl/OpenSSL.java | 4 +-
.../java/org/apache/commons/ssl/PEMItem.java | 2 +-
.../java/org/apache/commons/ssl/PEMUtil.java | 1 +
.../commons/ssl/RMISocketFactoryImpl.java | 578 ---------
.../main/java/org/apache/commons/ssl/SSL.java | 8 -
.../java/org/apache/commons/ssl/SSLServer.java | 34 -
.../apache/commons/ssl/SSLWrapperFactory.java | 10 +-
.../org/apache/commons/ssl/TomcatServerXML.java | 231 ----
.../org/apache/commons/ssl/rmi/DateRMI.java | 69 --
.../org/apache/commons/ssl/rmi/IntegerRMI.java | 69 --
.../org/apache/commons/ssl/rmi/RemoteDate.java | 46 -
.../apache/commons/ssl/rmi/RemoteInteger.java | 45 -
.../java/org/apache/commons/ssl/rmi/Test.java | 200 ---
.../java/org/apache/commons/ssl/util/Hex.java | 83 --
.../java/org/apache/commons/ssl/util/UTF8.java | 22 -
.../contrib/ssl/TestHttpclientContrib.java | 42 -
.../java/org/apache/commons/ssl/TestBase64.java | 3 +
.../main/java/org/apache/kerby/util/Base64.java | 1046 ++++++++++++++++
.../apache/kerby/util/Base64InputStream.java | 174 +++
.../apache/kerby/util/Base64OutputStream.java | 198 +++
.../main/java/org/apache/kerby/util/Hex.java | 77 ++
.../main/java/org/apache/kerby/util/UTF8.java | 22 +
pom.xml | 1 +
61 files changed, 1539 insertions(+), 7349 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/README.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/README.txt b/3rdparty/not-yet-commons-ssl/README.txt
index 2497e38..365bf3d 100644
--- a/3rdparty/not-yet-commons-ssl/README.txt
+++ b/3rdparty/not-yet-commons-ssl/README.txt
@@ -1,9 +1 @@
-Jakarta Commons SSL
-===========================
-Welcome to the SSL component of the Jakarta Commons
-project.
-
-This is not a real Jakarta Project yet. I'm just
-trying to copy their directory structure while I work
-on this proposal.
-
+This module is adapted from not-yet-commons-ssl library, with much simplified, only focusing on PKI and SSL related.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/.htaccess
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/.htaccess b/3rdparty/not-yet-commons-ssl/docs/.htaccess
deleted file mode 100644
index 6f20845..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/.htaccess
+++ /dev/null
@@ -1,3 +0,0 @@
-AddType text/html .html
-AddHandler server-parsed .html
-ErrorDocument 404 /commons-ssl/404.html
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/404.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/404.html b/3rdparty/not-yet-commons-ssl/docs/404.html
deleted file mode 100644
index 794a625..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/404.html
+++ /dev/null
@@ -1,55 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - 404 Page Not Found</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-td.v { text-align: center; }
-dt { padding: 8px 0 8px 5px; }
-dd { padding-left: 15px; }
-li { padding-bottom: 6px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="/commons-ssl/index.html">main</a> |
-<a href="/commons-ssl/ssl.html">ssl</a> |
-
-<a href="/commons-ssl/pkcs8.html">pkcs8</a> |
-<a href="/commons-ssl/pbe.html">pbe</a> |
-<a href="/commons-ssl/rmi.html">rmi</a> |
-<a href="/commons-ssl/utilities.html">utilities</a> |
-<a href="/commons-ssl/source.html">source</a> |
-<a href="/commons-ssl/javadocs/">javadocs</a> |
-
-<a href="/commons-ssl/download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>404 - Page Not Found</h2>
-<p>The path you requested is not available.</p>
-<table cellpadding="6" cellspacing="0" border="0" style="margin-top: 9px;">
-<tr><th colspan="3">Current Version (September 23rd, 2014):</th></tr>
-<tr><td>Full source:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.zip">not-yet-commons-ssl-0.3.16.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
-<tr><td>Binary only:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.jar">not-yet-commons-ssl-0.3.16.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
-<tr><th colspan="3">Previous Version (September 8th, 2014):</th></tr>
-<tr><td>Full source:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.zip">not-yet-commons-ssl-0.3.15.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: f62d7f7f890ac03a0210d1be7571b21e</td></tr>
-<tr><td>Binary only:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.jar">not-yet-commons-ssl-0.3.15.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
-<tr><th colspan="3">All Previous Versions (use "svn export"):</th></tr>
-<tr><td> </td><td colspan="2"><a href='http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/'>/svn/not-yet-commons-ssl/tags/</a></td></tr>
-</table>
-<br/><b>Warning:</b>
- <span style="color: red; font-weight: bold;">All versions (to date) of not-yet-commons-ssl should be considered to be of "Alpha" quality!
-This code probably contains bugs. This code may have security issues.</span>
-<p>Future versions will definitely break the current API in a non-reverse compatible way. After commons-ssl-0.5.0, though, we
-plan on always being reverse compatible with ourselves.
-<hr/>
-
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java b/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
deleted file mode 100644
index c4561de..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
+++ /dev/null
@@ -1,114 +0,0 @@
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.commons.ssl.HttpSecureProtocol;
-import org.apache.commons.ssl.TrustMaterial;
-
-import javax.net.ssl.SSLHandshakeException;
-import java.net.URL;
-
-/**
- *
- * Example of trusting certs to answer a question Sudip Shrestha posed on the
- * httpclient-user@jakarta.apache.org mailing list, Fri 5/5/2006.
- *
- * @author Julius Davies
- * @since May 5, 2006
- */
-public class TrustExample {
-
-/*
-Microsoft IE trusts usertrust.com CA certs by default, but Java doesn't, so we need
-to tell Java to.
-
-Cert is good until 2019 !
-
-openssl x509 -in cert.pem -noout -text
-=======================================
-
-Serial Number:
- 44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
-Signature Algorithm: sha1WithRSAEncryption
-Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-Validity
- Not Before: Jul 9 18:10:42 1999 GMT
- Not After : Jul 9 18:19:22 2019 GMT
-Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-
-X509v3 extensions:
- X509v3 Key Usage:
- Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Subject Key Identifier:
- A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
- X509v3 CRL Distribution Points:
- URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl
-
- X509v3 Extended Key Usage:
- TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User
-
-*/
- private static byte[] pemCert = (
- "-----BEGIN CERTIFICATE-----\n" +
- "MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB\n" +
- "lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug\n" +
- "Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho\n" +
- "dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt\n" +
- "SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG\n" +
- "A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe\n" +
- "MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v\n" +
- "d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh\n" +
- "cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn\n" +
- "0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ\n" +
- "M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a\n" +
- "MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd\n" +
- "oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI\n" +
- "DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy\n" +
- "oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD\n" +
- "VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0\n" +
- "dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy\n" +
- "bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF\n" +
- "BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM\n" +
- "//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli\n" +
- "CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE\n" +
- "CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t\n" +
- "3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS\n" +
- "KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==\n" +
- "-----END CERTIFICATE-----\n" ).getBytes();
-
- public static void main( String[] args ) throws Exception
- {
- HttpSecureProtocol f = new HttpSecureProtocol();
-
- // might as well trust the usual suspects:
- f.addTrustMaterial(TrustMaterial.CACERTS);
-
- // here's where we start trusting usertrust.com's CA:
- f.addTrustMaterial(new TrustMaterial( pemCert ));
-
- Protocol trustHttps = new Protocol("https", f, 443);
- Protocol.registerProtocol("https", trustHttps);
-
- HttpClient client = new HttpClient();
- GetMethod httpget = new GetMethod("https://www.usertrust.com/");
- client.executeMethod(httpget);
- String s = httpget.getStatusLine().toString();
- System.out.println( "HTTPClient: " + s );
-
- // Notice that Java still can't access it. Only HTTPClient knows
- // to trust the cert!
- URL u = new URL( "https://www.usertrust.com/" );
- try
- {
- // This will throw an SSLHandshakeException
- u.openStream();
- }
- catch ( SSLHandshakeException she )
- {
- System.out.println( "Java: " + she );
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html b/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
deleted file mode 100644
index ec2752d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
+++ /dev/null
@@ -1,131 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>/home/julius/dev/commons-ssl/src/java/TrustExample.java</TITLE>
-<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
-<META NAME="KEYWORDS" CONTENT="IntelliJ_IDEA_Html">
-</HEAD>
-<BODY BGCOLOR="#ffffff">
-<TABLE CELLSPACING=0 CELLPADDING=5 COLS=1 WIDTH="100%" BGCOLOR="#C0C0C0" >
-<TR><TD><CENTER>
-<FONT FACE="Arial, Helvetica" COLOR="#000000">
-/home/julius/dev/commons-ssl/src/java/TrustExample.java</FONT>
-</center></TD></TR></TABLE>
-<PRE>
-
-<FONT COLOR=0 STYLE="font-style:normal">1 </FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">2 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.HttpClient;
-<FONT COLOR=0 STYLE="font-style:normal">3 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.methods.GetMethod;
-<FONT COLOR=0 STYLE="font-style:normal">4 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.protocol.Protocol;
-<FONT COLOR=0 STYLE="font-style:normal">5 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.ssl.HttpSecureProtocol;
-<FONT COLOR=0 STYLE="font-style:normal">6 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.ssl.TrustMaterial;
-<FONT COLOR=0 STYLE="font-style:normal">7 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">8 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> javax.net.ssl.SSLHandshakeException;
-<FONT COLOR=0 STYLE="font-style:normal">9 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> java.net.URL;
-<FONT COLOR=0 STYLE="font-style:normal">10 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">11 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>/**
-<FONT COLOR=0 STYLE="font-style:normal">12 </FONT> *
-<FONT COLOR=0 STYLE="font-style:normal">13 </FONT> * Example of trusting certs to answer a question Sudip Shrestha posed on the
-<FONT COLOR=0 STYLE="font-style:normal">14 </FONT> * httpclient-user@jakarta.apache.org mailing list, Fri 5/5/2006.
-<FONT COLOR=0 STYLE="font-style:normal">15 </FONT> *
-<FONT COLOR=0 STYLE="font-style:normal">16 </FONT> * </I></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><B>@author</B></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I> Julius Davies
-<FONT COLOR=0 STYLE="font-style:normal">17 </FONT> * </I></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><B>@since</B></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I> May 5, 2006
-<FONT COLOR=0 STYLE="font-style:normal">18 </FONT> */</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">19 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>public</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>class</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> TrustExample {
-<FONT COLOR=0 STYLE="font-style:normal">20 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">21 </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>/*
-<FONT COLOR=0 STYLE="font-style:normal">22 </FONT>Microsoft IE trusts usertrust.com CA certs by default, but Java doesn't, so we need
-<FONT COLOR=0 STYLE="font-style:normal">23 </FONT>to tell Java to.
-<FONT COLOR=0 STYLE="font-style:normal">24 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">25 </FONT>Cert is good until 2019 !
-<FONT COLOR=0 STYLE="font-style:normal">26 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">27 </FONT>openssl x509 -in cert.pem -noout -text
-<FONT COLOR=0 STYLE="font-style:normal">28 </FONT>=======================================
-<FONT COLOR=0 STYLE="font-style:normal">29 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">30 </FONT>Serial Number:
-<FONT COLOR=0 STYLE="font-style:normal">31 </FONT> 44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
-<FONT COLOR=0 STYLE="font-style:normal">32 </FONT>Signature Algorithm: sha1WithRSAEncryption
-<FONT COLOR=0 STYLE="font-style:normal">33 </FONT>Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-<FONT COLOR=0 STYLE="font-style:normal">34 </FONT>Validity
-<FONT COLOR=0 STYLE="font-style:normal">35 </FONT> Not Before: Jul 9 18:10:42 1999 GMT
-<FONT COLOR=0 STYLE="font-style:normal">36 </FONT> Not After : Jul 9 18:19:22 2019 GMT
-<FONT COLOR=0 STYLE="font-style:normal">37 </FONT>Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-<FONT COLOR=0 STYLE="font-style:normal">38 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">39 </FONT>X509v3 extensions:
-<FONT COLOR=0 STYLE="font-style:normal">40 </FONT> X509v3 Key Usage:
-<FONT COLOR=0 STYLE="font-style:normal">41 </FONT> Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-<FONT COLOR=0 STYLE="font-style:normal">42 </FONT> X509v3 Basic Constraints: critical
-<FONT COLOR=0 STYLE="font-style:normal">43 </FONT> CA:TRUE
-<FONT COLOR=0 STYLE="font-style:normal">44 </FONT> X509v3 Subject Key Identifier:
-<FONT COLOR=0 STYLE="font-style:normal">45 </FONT> A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-<FONT COLOR=0 STYLE="font-style:normal">46 </FONT> X509v3 CRL Distribution Points:
-<FONT COLOR=0 STYLE="font-style:normal">47 </FONT> URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl
-<FONT COLOR=0 STYLE="font-style:normal">48 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">49 </FONT> X509v3 Extended Key Usage:
-<FONT COLOR=0 STYLE="font-style:normal">50 </FONT> TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User
-<FONT COLOR=0 STYLE="font-style:normal">51 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">52 </FONT>*/</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">53 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>private</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>static</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>byte</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000">[] pemCert = (
-<FONT COLOR=0 STYLE="font-style:normal">54 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"-----BEGIN CERTIFICATE-----</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">55 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">56 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">57 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">58 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">59 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">60 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">61 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">62 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">63 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">64 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">65 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">66 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">67 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">68 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">69 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">70 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">71 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">72 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">73 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">74 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">75 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">76 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">77 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">78 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> +
-<FONT COLOR=0 STYLE="font-style:normal">79 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"-----END CERTIFICATE-----</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> ).getBytes();
-<FONT COLOR=0 STYLE="font-style:normal">80 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">81 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>public</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>static</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>void</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> main( String[] args ) </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>throws</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> Exception
-<FONT COLOR=0 STYLE="font-style:normal">82 </FONT> {
-<FONT COLOR=0 STYLE="font-style:normal">83 </FONT> HttpSecureProtocol f = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> HttpSecureProtocol();
-<FONT COLOR=0 STYLE="font-style:normal">84 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">85 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// might as well trust the usual suspects:</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">86 </FONT> f.addTrustMaterial(TrustMaterial.CACERTS);
-<FONT COLOR=0 STYLE="font-style:normal">87 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">88 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// here's where we start trusting usertrust.com's CA:</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">89 </FONT> f.addTrustMaterial(</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> TrustMaterial( pemCert ));
-<FONT COLOR=0 STYLE="font-style:normal">90 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">91 </FONT> Protocol trustHttps = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> Protocol(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"https"</FONT><FONT style="font-family:monospaced;" COLOR="#000000">, f, </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">443</FONT><FONT style="font-family:monospaced;" COLOR="#000000">);
-<FONT COLOR=0 STYLE="font-style:normal">92 </FONT> Protocol.registerProtocol(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"https"</FONT><FONT style="font-family:monospaced;" COLOR="#000000">, trustHttps);
-<FONT COLOR=0 STYLE="font-style:normal">93 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">94 </FONT> HttpClient client = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> HttpClient();
-<FONT COLOR=0 STYLE="font-style:normal">95 </FONT> GetMethod httpget = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> GetMethod(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"https://www.usertrust.com/"</FONT><FONT style="font-family:monospaced;" COLOR="#000000">);
-<FONT COLOR=0 STYLE="font-style:normal">96 </FONT> client.executeMethod(httpget);
-<FONT COLOR=0 STYLE="font-style:normal">97 </FONT> String s = httpget.getStatusLine().toString();
-<FONT COLOR=0 STYLE="font-style:normal">98 </FONT> System.out.println( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"HTTPClient: "</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + s );
-<FONT COLOR=0 STYLE="font-style:normal">99 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">100 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// Notice that Java still can't access it. Only HTTPClient knows</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">101 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// to trust the cert!</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">102 </FONT> URL u = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> URL( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"https://www.usertrust.com/"</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> );
-<FONT COLOR=0 STYLE="font-style:normal">103 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>try</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">104 </FONT> {
-<FONT COLOR=0 STYLE="font-style:normal">105 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// This will throw an SSLHandshakeException</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000">
-<FONT COLOR=0 STYLE="font-style:normal">106 </FONT> u.openStream();
-<FONT COLOR=0 STYLE="font-style:normal">107 </FONT> }
-<FONT COLOR=0 STYLE="font-style:normal">108 </FONT> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>catch</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> ( SSLHandshakeException she )
-<FONT COLOR=0 STYLE="font-style:normal">109 </FONT> {
-<FONT COLOR=0 STYLE="font-style:normal">110 </FONT> System.out.println( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">"Java: "</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + she );
-<FONT COLOR=0 STYLE="font-style:normal">111 </FONT> }
-<FONT COLOR=0 STYLE="font-style:normal">112 </FONT> }
-<FONT COLOR=0 STYLE="font-style:normal">113 </FONT>
-<FONT COLOR=0 STYLE="font-style:normal">114 </FONT>}
-<FONT COLOR=0 STYLE="font-style:normal">115 </FONT></FONT></PRE>
-</BODY>
-</HTML>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/about.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/about.html b/3rdparty/not-yet-commons-ssl/docs/about.html
deleted file mode 100644
index 5ef231e..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/about.html
+++ /dev/null
@@ -1,73 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<meta name="Author" content="Julius Davies">
-<title>About Not-Yet-Commons-SSL</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl, a.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-.nav a.hl { color: white; }
-dt { padding: 8px 0 8px 5px; }
-li { padding-bottom: 6px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html" class="hl">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>About Not-Yet-Commons-SSL</h2>
-
-<h4 style="margin-top: 1em;">5 Design Goals:</h4>
-<ol>
-<li style="margin-top: 6px;"><b>Make SSL and Java Easier.</b> Ever wanted to work with self-signed
-certificates in your Java application in a secure fashion? Ever wanted to use more than one client
-certificate in a single running JVM? You can edit your <code>$JAVA_HOME/jre/lib/security/cacerts</code>
-file, and you can invoke Java with <code>-Djavax.net.ssl.keyStore=/path/to/keystore</code>. Both of
-these approaches are great at first, but they don't scale well. Do you really want to pollute every
-SSL socket in your JVM (HTTP, LDAP, JDBC, RMI, etc...) with those system-wide changes? Commons-SSL let's you
-control the SSL options you need in an natural way for each SSLSocketFactory, and those options
-won't bleed into the rest of your system.</li>
-<li style="margin-top: 6px;"><b>Improve Security.</b>
-<a href="http://en.wikipedia.org/wiki/Certificate_revocation_list">CRL</a> checking turned on by default.
-We hope to add support for
-<a href="http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol">OCSP</a> soon!
-It's obnoxious to have to download CRL files around 500KB each from Thawte and Verisign every 24 hours.
-OCSP improves on that.</li>
-<li style="margin-top: 6px;"><b>Improve Flexibility.</b> Checking hostnames, expirations, CRL's, and many
-other options can be enabled/disabled for each SSLSocketFactory created.</li>
-<li style="margin-top: 6px;"><b>Support more file formats, and support these formats more robustly.</b>
-<ul>
-<li>commons-ssl supports over <a href="samples/rsa_result.html">50 formats</a> of PKCS8 and OpenSSL Encrypted Private Keys in PEM or DER</li>
-<li>X.509 Certificates can be PEM or DER encoded. Can also come in PKCS7 chains. (To be fair, Java always supported this.)</li>
-<li>PKCS12 files can be in <a href="samples/pkcs12/pkcs12_client_cert.pem">PEM</a> (as created by <code>openssl pkcs12</code>).</li>
-<li>Parsing of Base64-PEM is more tolerant of extra whitespace or comments, especially outside the Base64 sections:
-<pre style="padding-left: 100px;">any comments or whitespace up here are ignored
-
------BEGIN TYPE-----
-[...base64....]
------END TYPE-----
-
-any comments or whitespace down here are also ignored</pre></li></ul></li>
-<li><b>Automatically detect type of KeyMaterial or TrustMaterial.</b> Consumer does not need to know
-whether keystore is PKCS12 or JKS. They just need to know the password to decrypt the private key.</li>
-</ol>
-
-</body>
-</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/download.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/download.html b/3rdparty/not-yet-commons-ssl/docs/download.html
deleted file mode 100644
index 5e8a8cb..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/download.html
+++ /dev/null
@@ -1,263 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - Downloads, Features, Future Directions</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-td.v { text-align: center; }
-dt { padding: 8px 0 8px 5px; }
-dd { padding-left: 15px; }
-li { padding-bottom: 6px; }
-tr.released td, tr.released th { background-color: yellow; font-weight: bold; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-
-<span class="hl" href="download.html">download</span>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Download Not-Yet-Commons-SSL!</em></h2>
-<p>Not-Yet-Commons-SSL currently has NO affiliation with the <a href="http://apache.org/">Apache Software Foundation</a> (apache.org), but we're hoping
-to start <a href="http://incubator.apache.org/incubation/Incubation_Policy.html">Incubation</a> one day.
-<table cellpadding="6" cellspacing="0" border="0" style="margin-top: 9px;">
- <tr><th colspan="3">Current Version (September 23rd, 2014):</th></tr>
- <tr><td>Full source:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.zip">not-yet-commons-ssl-0.3.16.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
- <tr><td>Binary only:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.jar">not-yet-commons-ssl-0.3.16.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
- <tr><th colspan="3">Previous Version (September 8th, 2014):</th></tr>
- <tr><td>Full source:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.zip">not-yet-commons-ssl-0.3.15.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: f62d7f7f890ac03a0210d1be7571b21e</td></tr>
- <tr><td>Binary only:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.jar">not-yet-commons-ssl-0.3.15.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
- <tr><th colspan="3">All Previous Versions (use "svn export"):</th></tr>
- <tr><td> </td><td colspan="2"><a href='http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/'>/svn/not-yet-commons-ssl/tags/</a></td></tr>
-</table>
-<br/><b>Warning:</b>
- <span style="color: red; font-weight: bold;">All versions of not-yet-commons-ssl should be considered to be of "Alpha" quality!
-This code probably contains bugs. This code may have security issues.</span>
-<p>Future versions will definitely break the current API in a non-reverse compatible way. After commons-ssl-0.5.0, though, we
-plan on always being reverse compatible with ourselves.
-<hr/>
-<h3>Changelog for not-yet-commons-ssl-0.3.16:</h3>
-<dl>
- <dt>1. Bug fix for TrustMaterial constructor.</dt>
- <dd>Re-introduce ability to load an X509 certificate specified as raw bytes (e.g., byte[]) in the constructor. (Thanks to Brent Putnam for the bug report).</dd></dd>
- <dt>2. Remove protocol / cipher whitelists.</dt>
- <dd>
-Got rid of useStrongCiphers() method (and its converse, useDefaultCiphers()), since all ciphers in Java 7 are at least 128 bit, and my approach used a white list that was starting to get out-of-date. If users want to ensure only strong ciphers are used in their SSL connections, they can either upgrade to Java 7 or newer, or invoke SSLClient.setEnabledCiphers() or SSLServer.setEnabledCiphers(). Also got rid of all logic that was setting default protocols, because again it was a white list that was getting out of date. We do still call SSLContext.getInstance("TLS") by default (can be overridden), but I figure that one should be okay for at least another decade.
- </dd>
-</dl>
-
-<h3>Changelog for not-yet-commons-ssl-0.3.15:</h3>
-<dl>
- <dt>1. Security patch from Redhat for CVE alert.</dt>
- <dd>The way we parse the Principal (e.g., "CN=a,OU=b,O=c") from an X509 Certificate had a serious security flaw.
- Thanks to Redhat, Arun Babu Neelicattu, and David Jorm for notifying us, and for the patch they submitted.</dd></dd>
- <dt>2. Upgrade to Java 1.5.</dt>
- <dd>Not-yet-commons-ssl now requires at least Java 1.5 to run (a.k.a. Java 5).
- If you really need Java 1.3 or Java 1.4 compatibility, please email the mailing list; it's not too late for us to
- rejig things to bring that back, but we're not going to bother unless someone actually needs it.
- </dd>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.13:</h3>
-<dl>
-<dt>1. Fix bugs in AuthSSLProtocolSocketFactory and TrustSSLProtocolSocketFactory.</dt>
-<dd>KeyMaterial's constructor has been checking that KeyMaterial contains at least one
-private key, but this assumption was invalid with these guys. The fall-back to the
-TrustMaterial constructor if necessary. (Wonder how long this has been broken! Oops!)</dd>
-
-<dt>2. Upgraded from JUnit3 to JUnit4. Added some extra unit tests.</dt>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.12:</h3>
-<dl>
-<dt>1. Avoid reverse-DNS lookups with literal IP address connections.</dt>
-<dd>Based on my own investigation, InetAddress.getByAddress(String, byte[]) does not do the reverse-DNS lookup that plagues Java SSL users, so we call that whenever possible.</dd>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.11:</h3>
-<dl>
-<dt>1. Fixed KeyStoreBuilder.</dt>
-<dd>It really can handle KeyStores now where the store-password and key-password differ. It can
-also now handle all the things 0.3.9 couuld handle, too. Whoops. Sorry about 0.3.10, everyone.</dd>
-
-<dt>2. KeyStoreBuilder auto-detects BouncyCastle BKS and UBER keystore types.</dt>
-
-<dt>3. CRL checking no longer blocks forever in bad network situations (Java 5 and newer).</dt>
-<dd>CRL checking was using default java.net.URL behaviour, which unfortunately can
-cause infinite blocking. CRL checking now waits at most 5 seconds for the CRL server
-to respond. <b>Note: Only works on Java 1.5 and above.</b></dd>
-
-<dt>4. Lot's more unit tests. Especially for KeyStoreBuilder.</dt>
-
-<dt>5. Base64InputStream's default behaviour changed to DECODE. VERY SORRY!</dt>
-
-<dt>6. PKCS8Key.getPublicKey() and PEMUtil.toPEM() methods added. </dt>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.10:</h3>
-<dl>
-<dt>1. <a href="utilities.html#KSB">KeyStoreBuilder</a> broken.
-<dd>
-<b>Version 0.3.10 should be avoided!</b>
-</dd>
-</dl>
-
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.9:</h3>
-<dl>
-<dt>1. <a href="pbe.html">PBE</a> is now Compatible with <code>openssl enc -K [key] -iv [IV]</code>.</dt>
-<dd>People were asking for this. See the PBE page for more details.</dd>
-<dt>2. DES2 with PBE was broken.</dt>
-<dd>Fixed.</dd>
-
-<dt>3. directory.apache.org didn't write the ASN.1 code. BouncyCastle did.</dt>
-<dd>Now using latest ASN.1 parsing code from BC, and attributing it properly.</dd>
-<dt>4. The "ping" utility has a few more options.</dt>
-<dd>For those who need more than just a "HEAD /" request. You can also set the HTTP host header,
-independant of the target host/ip.</dd>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.8:</h3>
-<dl>
-<dt>1. useDefaultJavaCiphers() actually works now.</dt>
-<dd>When you want to allow 40 bit, 56 bit, and MD5 based SSL ciphers, use this. It was 99% functional in 0.3.7, but there was a
-rare situation where setting ciphers was causing SSL handshake errors.</dd>
-
-<dt>2. <a href="pbe.html">PBE</a> (password-based-encryption) improved.</dt>
-<dd>PBE now has its own <a href="pbe.html">HTML page</a>. Support for all of OpenSSL's PBE ciphers implemented and tested, including
-IDEA and RC5. (DES-X might work, but couldn't find a JCE provider that supported it). Threw in support for some
-additional BouncyCastle ciphers even though OpenSSL doesn't support them (cast6, gost28147, rc6, seed, serpent,
-skipjack, tea, twofish, xtea). Around <a href="samples/pbe/">650 test files</a> created to make sure PBE is working properly.
-</dd>
-<dt>3. PBE API changed on <a href="javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20java.io.InputStream)">OpenSSL.encrypt()</a> and <a href="javadocs/org/apache/commons/ssl/OpenSSL.html#decrypt(java.lang.String,%20char[],%20java.io.InputStream)">OpenSSL.decrypt()</a>.</dt>
-
-<dd>The password is now char[] instead of byte[] (sorry!). Encrypt/decrypt on byte[] introduced. Encrypt/decrypt on InputStream
-is still available, and is properly streamed so that even extremely large files can be encrypted/decrypted.</dd>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.7:</h3>
-<dl>
-<dt>1. useStrongCiphers() used by default.</dt>
-<dd>40 bit and 56 bit ciphers are now disabled by default. To turn them back on call useDefaultJavaCiphers().</dd>
-<dt>2. addAllowedName() adds some flexibility to the CN verification.</dt>
-<dd>
-Here's a code example using "cucbc.com" to connect, but anticipating "www.cucbc.com" in the server's certificate:
-<pre>
-SSLClient client = new SSLClient();
-client.addAllowedName( "www.cucbc.com" );
-Socket s = client.createSocket( "cucbc.com", 443 );
-
-</pre>
-This technique is also useful if you don't want to use DNS, and want to
-connect using the IP address.
-</dd>
-<dt>3. SSLServer can re-use a Tomcat-8443 private key if running from inside Tomcat.</dt>
-<dd>
-<pre>
-SSLClient server = new SSLServer();
-server.useTomcatSSLMaterial();
-</pre>
-</dd>
-<dt>4. RMI-SSL support improved.</dt>
-<dd>Attempts to re-use the Tomcat-8443 private key for all RMI SSL Server sockets.
-Anonymous server-sockets (port 0) will always be set to port 31099. Analyzes the
-server certificate CN field and tries to set "java.rmi.server.hostname" to something
-compatible with that. Probably the only free implementation around that does a good
-job on the hostname verification!
-</dd>
-<dt>5. KeyMaterial constructor blows up earlier.</dt>
-<dd>If a JKS or PKCS12 file is provided that isn't going to work (e.g. no private keys),
-the KeyMaterial constructor throws an exception right away.</dd>
-
-<dt>6. getSSLContext() now available to help inter-op with Java 5 SSL-NIO libraries.</dt>
-<dd>Oleg has been working hard on SSL-NIO for the Apache httpcomponents library. Go
-check it out!</dd>
-<dt>7. Fixed bug where SSLClient couldn't be used with javax.net.ssl.HttpsURLConnection
-on Java 1.4.x</dt>
-<dd>I was wrapping the SSLSocket, but Java 1.4.x guards against that inside HttpsURLConnection
-and throws this exciting exception:
-<pre>
-java.lang.RuntimeException: Export restriction: this JSSE implementation is non-pluggable.
- at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.checkCreate(DashoA6275)
- at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
- at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
- at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:560)
- at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6275)
-</pre>
-Silly Java - I'm still using <em>your</em> JSSE implementation, I'm just wrapping it!
-</dd>
-</dl>
-<br/>
-
-<h3>Features as of not-yet-commons-ssl-0.3.4:</h3>
-<dl>
-<dt>1. <code>"javax.net.ssl.keyStore"</code> and <code>"javax.net.ssl.trustStore"</code></dt>
-<dd>SSLClient and SSLServer now set their default TrustMaterial and KeyMaterial from these
- system properties if they are present.</dd>
-<dt>2. <code>ssl.setCheckCRL( true/false )</code> <em>Note: <a href="http://en.wikipedia.org/wiki/Certificate_revocation_list">CRL</a> is an abbreviation for "Certificate Revocation List"</em></dt>
-
-<dd>Set to <code>true</code> by default. If you're using SSLClient, then the remote
-server's certificate chain is checked. If you're using SSLServer, CRL checking is ignored <em>unless</em>
-client certificates are presented. Commons-SSL tries to perform the CRL check against each certificate in
-the chain, but we're not sure if we always know the entire chain.
-<p><em>Implementation note:</em>
-To reduce memory consumption all CRL's are saved to disk using
-<code>File.createTempFile()</code> and <code>File.deleteOnExit()</code>.
-CRL's are re-downloaded every 24 hours. To reduce disk IO
-the "pass/fail" result of a CRL check for a given X.509 Certificate is cached using the 20 byte SHA1 hash of the
-certificate as the key. The cached "pass" result is discarded every 24 hours. The cached "fail" result is retained
-until the JVM restarts.
-</p>
-</dd>
-
-<dt>3. <code>ssl.setCheckExpiry( true/false )</code></dt>
-<dd>Certificate expiry checking can be turned off. Turned on by default. For Java 1.4 and newer we're
-intercepting the CertificateException thrown by the TrustManager. But we still implemented our own
-expiry checking because Java 1.3 doesn't check expiry. We check every certificate in
-the chain, but we're not sure if we always know the entire chain.</dd>
-<dt>4. <code>ssl.setCheckHostname( true/false )</code></dt>
-<dd>Certificate hostname checking improved. Turned on by default for SSLClient, but turned off by
-default for SSLServer. If turned on for SSLServer, only applied to client certificates by checking
-against a reverse DNS lookup of the client's IP address. Turning on for SSLServer will probably be
-quite rare. We imagine that applications (such as Tomcat) will pass the client chain back up into
-the business layer where people can code in any kind of validation logic they like. But we put
-it in anyway to keep things consistent.
-<p>Support added for certificates with wildcards in the CN field
-(e.g. <a href="https://www.credential.com/">*.credential.com</a>).
-Java already had this, to be fair. We broke it
-by accident!
-<pre style="font-style: 90%; padding: 0 30px;">
-s: CN=*.credential.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/cps (c)05,
- OU=businessprofile.geotrust.com/get.jsp?GT27402892, O=*.credential.com, C=CA
-i: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
-</pre>
-</p>
-</dd>
-
-<dt>5. PKCS8 support.</dt>
-<dd>Support for OpenSSL "Traditional" and PKCS8 encrypted private keys added.
-Private keys can be RSA or DSA. See our <a href="pkcs8.html">pkcs8 page</a> for more details.</dt>
-<dt>6. New Utility: "<code>KeyStoreBuilder</code>"</dt>
-<dd>Command line utility converts an OpenSSL pair (private key + certificate) into a Java Keystore ("JKS")
-file. To see the command-line options, visit our <a href="utilities.html">utilities page</a>, or just run:
-<pre style="font-style: 90%; padding: 0 30px;">
-
-java -cp commons-ssl-0.3.4.jar org.apache.commons.ssl.KeyStoreBuilder
-</pre></dd>
-</dl>
-
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/index.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/index.html b/3rdparty/not-yet-commons-ssl/docs/index.html
deleted file mode 100644
index db39c4d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/index.html
+++ /dev/null
@@ -1,119 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<meta name="Author" content="Julius Davies">
-<title>Java and SSL/TLS Made Easier - Not-Yet-Commons-SSL</title>
-<meta name="description" content="Java library for controlling aspects of SSL. Also helps interop between Java and OpenSSL."/>
-<meta name="keywords" content="Java, SSL, TLS, OpenSSL, HTTPS, Certificates, X.509, X509, Secure Socket Layer, Transport Layer Security, Client Auth, Client Certificate, Client Cert, Client Certificates, Server Cert, Server Certificate, Server Certificates"/>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-dt { padding: 8px 0 8px 5px; }
-li { padding-bottom: 6px; }
-th { text-align: right; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<span class="hl">main</span> |
-
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Not-Yet-Commons-SSL</h2>
-<p><a href="download.html">not-yet-commons-ssl-0.3.16</a> released! (September 23rd, 2014)</p>
-<p>Requires Java 1.5.x or higher.
-
-<p>Please see our <a href="ssl.html">ssl page</a> for code examples on how to use this library.</a></p>
-
-<h3>Resources:</h3>
-<table border="0" cellpadding="5" cellspacing="5">
-<tr>
- <th>Design Goals:</th>
- <td><a href="about.html">about.html</a></td>
-</tr>
-
-<tr>
- <th>Code Examples:</th>
- <td><a href="ssl.html">SSL/TLS</a> | <a href="pkcs8.html">PKCS #8</a> | <a href="pbe.html">PBE</a></td>
-</tr>
-<tr>
-
- <th>Join Mailing List:</th>
- <td><a href="http://lists.juliusdavies.ca/listinfo.cgi/not-yet-commons-ssl-juliusdavies.ca/">http://lists.juliusdavies.ca/listinfo.cgi/not-yet-commons-ssl-juliusdavies.ca/</a></td>
-</tr>
-<tr>
- <th>Mailing List Archives:</th>
- <td><a href="http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/">http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/</a></td>
-</tr>
-
-<tr>
- <th>Downloads:</th>
- <td><a href="download.html">http://juliusdavies.ca/commons-ssl/download.html</a></td>
-</tr>
-<tr>
- <th>Checkout From Subversion:</th>
- <td><code>svn co <a style="text-decoration: none;" href="http://juliusdavies.ca/svn/not-yet-commons-ssl/trunk">http://juliusdavies.ca/svn/not-yet-commons-ssl/trunk</a> not-yet-commons-ssl</code></td>
-
-</tr>
-<tr>
- <th>Browse Subversion (via viewvc):</th>
- <td><a href="http://juliusdavies.ca/svn/viewvc.cgi/not-yet-commons-ssl/">http://juliusdavies.ca/svn/not-yet-commons-ssl/viewvc.cgi/not-yet-commons-ssl/</a></td>
-</tr>
-<tr>
- <th>License (Apache 2.0):</th>
- <td><a href="LICENSE.txt">LICENSE.txt</a></td>
-
-</tr>
-</table>
-<hr/>
-<h4>About</h4>
-<p>We're calling this library "Not-Yet-Commons-SSL" since we have the intention of one day
-becoming an official Apache project. Not-Yet-Commons-SSL was originally developed by
-<a href="https://www.cucbc.com">Credit Union Central of British Columbia</a>.
-The webpages, releases, and code here on <a href="http://juliusdavies.ca/">juliusdavies.ca</a> have no relationship to
-the Apache Software Foundation, but all code is licensed under <a href="LICENSE.txt">ASL 2.0</a>.
-</p>
-<p>The <a href="http://juliusdavies.ca/svn/viewvc.cgi/trunk/src/java/org/apache/commons/ssl/asn1/">ASN.1 parsing code</a>
-
-comes directly from BouncyCastle (<a href="http://bouncycastle.org/">bouncycastle.org</a>). Our only modification to this
-code was an accidental "reformat" to bring it inline with our code style. Also, in two places, we switched the BC code
-to use <em>our</em> Hex.java
-for encoding/decoding instead of their own.
-The PKCS12 key derivation function (for some PKCS8 version 1.5 encrypted keys) also comes from BouncyCastle.
-Presumably they got it from RSA's PKCS12 specification
-(<a href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf">ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf</a>).
-BouncyCastle maintains copyright over all the code used, but allows us to reuse and redistribute
-(the BouncyCastle license is compatible with ASL 2.0). We are very thankful for their excellent code.
-</p>
-
-<p>Not-Yet-Commons-SSL would never have happened without Oleg Kalnichevski's excellent
-"<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/">contrib</a>"
-example in the <a href="http://jakarta.apache.org/httpcomponents/">HttpComponents</a> SVN repository.
-His
-<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java?view=markup">AuthSSLProtocolSocketFactory.java</a>
-
-and
-<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLX509TrustManager.java?view=markup">AuthSSLX509TrustManager.java</a>
-examples
-were the seeds for all of this. Evil Comrade Oleg's Javadocs on those classes were also extremely helpful. We
-only one day hope that we can write Javadocs like that (hopefully by <a href="download.html#roadmap">0.7.0</a>!).
-</p>
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt b/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
deleted file mode 100644
index 40c469d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
+++ /dev/null
@@ -1,28 +0,0 @@
-
-Performance of org.apache.commons.ssl.OpenSSL.decrypt()
-
-Decrypting the same 946MB Base64 DES-3 encrypted file.
-
-
-OpenSSL 0.9.7l 28 Sep 2006
---------------------
-real 1m40.578s
-user 1m34.223s
-sys 0m04.039s
-
-
-not-yet-commons-ssl-0.3.10
-(22% slower than OpenSSL!)
---------------------
-real 2m03.270s
-user 1m56.959s
-sys 0m03.605s
-
-
-not-yet-commons-ssl-0.3.9
-(3,000% slower than OpenSSL!)
---------------------
-real 50m47.424s
-user 18m47.687s
-sys 31m30.298s
-
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10 b/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
deleted file mode 100644
index d52bd7d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
+++ /dev/null
@@ -1,72 +0,0 @@
-Flat profile of 140.04 secs (12528 total ticks): main
-
- Interpreted + native Method
- 0.7% 0 + 90 java.io.FileOutputStream.writeBytes
- 0.4% 0 + 56 java.io.FileInputStream.readBytes
- 0.2% 0 + 24 java.lang.System.arraycopy
- 0.0% 5 + 0 org.apache.commons.ssl.ComboInputStream.read
- 0.0% 4 + 0 com.sun.crypto.provider.SunJCE_h.a
- 0.0% 3 + 0 javax.crypto.CipherInputStream.available
- 0.0% 2 + 0 com.sun.crypto.provider.SunJCE_h.a
- 0.0% 2 + 0 org.apache.commons.ssl.Base64.decodeBase64
- 0.0% 0 + 2 java.io.FileInputStream.read
- 0.0% 2 + 0 java.io.PrintStream.write
- 0.0% 0 + 2 java.lang.String.intern
- 0.0% 2 + 0 com.sun.crypto.provider.SunJCE_e.a
- 0.0% 1 + 0 java.math.BigInteger.addOne
- 0.0% 1 + 0 java.util.HashMap.getEntry
- 0.0% 1 + 0 java.lang.String.<init>
- 0.0% 1 + 0 sun.security.x509.RDN.<init>
- 0.0% 0 + 1 java.lang.ClassLoader.defineClass1
- 0.0% 1 + 0 java.math.BigInteger.mulAdd
- 0.0% 0 + 1 java.util.zip.Inflater.inflateBytes
- 0.0% 0 + 1 java.util.zip.ZipFile.getEntry
- 0.0% 1 + 0 org.apache.commons.ssl.Util.pipeStream
- 0.0% 0 + 1 java.lang.Class.forName0
- 0.0% 1 + 0 java.lang.StringCoding$CharsetSD.decode
- 0.0% 1 + 0 java.util.HashMap.<init>
- 0.0% 0 + 1 java.lang.Object.clone
- 1.8% 46 + 180 Total interpreted (including elided)
-
- Compiled + native Method
- 71.9% 8987 + 0 com.sun.crypto.provider.SunJCE_y.c
- 7.0% 706 + 167 org.apache.commons.ssl.util.ReadLine.nextAsBytes
- 3.1% 391 + 0 com.sun.crypto.provider.SunJCE_m.b
- 2.2% 252 + 28 org.apache.commons.ssl.Base64.decodeBase64
- 2.0% 249 + 0 org.apache.commons.ssl.Base64InputStream.getLine
- 1.3% 0 + 168 org.apache.commons.ssl.Base64.discardNonBase64
- 1.2% 8 + 144 javax.crypto.Cipher.update
- 0.8% 1 + 96 com.sun.crypto.provider.SunJCE_h.a
- 0.3% 37 + 0 javax.crypto.CipherInputStream.read
- 0.2% 22 + 0 org.apache.commons.ssl.Util.pipeStream
- 0.1% 13 + 0 java.io.BufferedInputStream.read1
- 0.1% 7 + 0 java.io.FilterInputStream.read
- 0.0% 2 + 0 adapters
- 0.0% 1 + 0 java.math.BigInteger.squareToLen
- 90.3% 10676 + 603 Total compiled
-
- Stub + native Method
- 4.6% 0 + 575 java.io.FileOutputStream.writeBytes
- 3.0% 0 + 380 java.io.FileInputStream.readBytes
- 7.6% 0 + 955 Total stub
-
- Thread-local ticks:
- 0.3% 36 Blocked (of total)
- 0.1% 7 Class loader
- 0.0% 1 Compilation
- 0.2% 24 Unknown: thread_state
-
-
-Flat profile of 0.01 secs (1 total ticks): DestroyJavaVM
-
- Thread-local ticks:
-100.0% 1 Blocked (of total)
-
-
-Global summary of 140.06 seconds:
-100.0% 12563 Received ticks
- 0.2% 29 Received GC ticks
- 0.5% 65 Compilation
- 0.0% 4 Other VM operations
- 0.1% 7 Class loader
- 0.2% 24 Unknown code
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9 b/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
deleted file mode 100644
index cdff246..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
+++ /dev/null
@@ -1,72 +0,0 @@
-Flat profile of 3230.62 secs (320463 total ticks): main
-
- Interpreted + native Method
- 0.0% 0 + 17 java.lang.System.arraycopy
- 0.0% 0 + 7 java.io.FileOutputStream.writeBytes
- 0.0% 0 + 6 java.io.FileInputStream.read
- 0.0% 0 + 4 java.lang.Object.clone
- 0.0% 0 + 3 java.io.FileInputStream.readBytes
- 0.0% 2 + 0 com.sun.crypto.provider.SunJCE_e.<clinit>
- 0.0% 2 + 0 java.lang.StringCoding.trim
- 0.0% 0 + 2 java.util.zip.Inflater.inflateBytes
- 0.0% 2 + 0 java.math.BigInteger.multiplyToLen
- 0.0% 2 + 0 com.sun.crypto.provider.SunJCE_h.a
- 0.0% 1 + 0 sun.security.util.DerValue.init
- 0.0% 1 + 0 com.sun.crypto.provider.SunJCE_y.a
- 0.0% 1 + 0 org.apache.commons.ssl.Base64.decodeBase64
- 0.0% 1 + 0 com.sun.crypto.provider.SunJCE_y.c
- 0.0% 1 + 0 com.sun.crypto.provider.SunJCE_h.a
- 0.0% 1 + 0 java.lang.String.toLowerCase
- 0.0% 1 + 0 sun.security.pkcs.PKCS7.parse
- 0.0% 0 + 1 java.lang.ClassLoader.findBootstrapClass
- 0.0% 1 + 0 sun.misc.CharacterDecoder.decodeLinePrefix
- 0.0% 1 + 0 java.lang.String.lastIndexOf
- 0.0% 1 + 0 java.util.AbstractList.iterator
- 0.0% 1 + 0 java.util.HashMap.newValueIterator
- 0.0% 1 + 0 java.io.DataInputStream.<init>
- 0.0% 0 + 1 org.apache.commons.ssl.JavaImpl.<clinit>
- 0.0% 1 + 0 java.util.HashMap.resize
- 0.0% 28 + 42 Total interpreted (including elided)
-
- Compiled + native Method
- 0.0% 111 + 0 com.sun.crypto.provider.SunJCE_y.c
- 0.0% 0 + 76 javax.crypto.Cipher.update
- 0.0% 16 + 0 org.apache.commons.ssl.Util.readLine
- 0.0% 12 + 0 org.apache.commons.ssl.Base64.decodeBase64
- 0.0% 11 + 0 java.nio.charset.CharsetEncoder.encode
- 0.0% 9 + 0 org.apache.commons.ssl.Base64InputStream.getLine
- 0.0% 7 + 1 java.lang.StringCoding$CharsetSE.encode
- 0.0% 5 + 0 com.sun.crypto.provider.SunJCE_m.b
- 0.0% 3 + 0 org.apache.commons.ssl.Util.pipeStream
- 0.0% 1 + 0 javax.crypto.CipherInputStream.read
- 0.0% 0 + 1 org.apache.commons.ssl.Base64.discardNonBase64
- 0.0% 1 + 0 java.lang.StringCoding.encode
- 0.0% 1 + 0 java.math.BigInteger.squareToLen
- 0.1% 177 + 78 Total compiled
-
- Stub + native Method
- 92.6% 0 + 296801 java.io.FileInputStream.read
- 7.3% 0 + 23277 java.io.FileOutputStream.writeBytes
- 99.9% 0 + 320078 Total stub
-
- Thread-local ticks:
- 0.0% 22 Blocked (of total)
- 0.0% 7 Class loader
- 0.0% 1 Compilation
- 0.0% 1 Unknown: no last frame
- 0.0% 29 Unknown: thread_state
-
-
-Flat profile of 0.01 secs (1 total ticks): DestroyJavaVM
-
- Thread-local ticks:
-100.0% 1 Blocked (of total)
-
-
-Global summary of 3230.64 seconds:
-100.0% 320556 Received ticks
- 0.0% 73 Received GC ticks
- 0.0% 61 Compilation
- 0.0% 16 Other VM operations
- 0.0% 7 Class loader
- 0.0% 30 Unknown code
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/pbe.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/pbe.html b/3rdparty/not-yet-commons-ssl/docs/pbe.html
deleted file mode 100644
index eab326a..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/pbe.html
+++ /dev/null
@@ -1,204 +0,0 @@
-<html>
-<head>
-<title>OpenSSL's "enc" in Java (PBE / Password Based Encryption)</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-li { margin-top: 6px; width: 750px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-i { color: purple; }
-i.special { color: red; }
-dt { font-weight: bold; }
-dd { margin-top: 1em; margin-bottom: 1em; }
-sup a { text-decoration: none; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<span class="hl" href="pbe.html">pbe</span> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>OpenSSL's "enc" in Java (PBE / Password Based Encryption)</h2>
-<p>Not-Yet-Commons-SSL has an implementation of PBE ("password based encryption") that is 100%
-compatible with OpenSSL's command-line "enc" utility. PBE is a form of symmetric encryption where
-the same key or password is used to encrypt and decrypt the file.
-</p>
-<p>
-We are also compatible with <code>openssl enc -K [key] -iv [IV]</code>, where the key and IV are provided explicitly,
-instead of being derived from a password. Look for encrypt()/decrypt() methods that take
-<a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20byte[],%20byte[],%20byte[])">byte[] key, byte[] iv</a>
-instead of char[] password.
-
-</p>
-<p>Please visit the <a href="#Quick-FAQ">Quick-FAQ</a> if you are having problems.</p>
-
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>PBE code example (DES-3):</b></u><sup><a href="#fn">*</a></sup>
-
-char[] password = {'c','h','a','n','g','e','i','t'};
-byte[] data = "Hello World!".getBytes();
-
-<em style="color: green;">// Encrypt!</em>
-byte[] encrypted = OpenSSL.encrypt("des3", password, data);
-System.out.println("ENCRYPTED: [" + new String(encrypted) + "]");
-
-<em style="color: green;">// Decrypt results of previous!</em>
-data = OpenSSL.decrypt("des3", password, encrypted);
-System.out.println("DECRYPTED: [" + new String(data) + "]");
-
-
-OUTPUT:
-=======================
-ENCRYPTED: [U2FsdGVkX19qplb9qVDVVEYxH8wjJDGpMS+F4/2pS2c=]
-DECRYPTED: [Hello World!]
-
-<sup><a name="fn">*</a></sup> <span style="font-size: 85%;">- This code example is <a href="#nqr">not quite right</a>.</span>
-</pre>
-<br clear="all"/>
-<p>Some notes:
-<ul>
- <li>The OpenSSL.encrypt() and OpenSSL.decrypt() methods have InputStream and byte[] versions. For large
- files you're going to have to use the InputStream versions.</li>
- <li>OpenSSL.encrypt() produces base64 output by default. Use
-<a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20byte[],%20boolean)">OpenSSL.encrypt(alg, pwd, data, false)</a>
- to turn that off.</li>
- <li>OpenSSL.decrypt() auto-detects whether input is base64 or raw binary, so you don't need to worry about it
- when decrypting. The base64 "true/false" parameter is only applicable when encrypting.</li>
- <li>We also have methods that are compatible with "<code>openssl enc -K [key] -iv [IV]</code>" where key and iv
- are explicitly provided, rather than being derived from a password. The [key] and [IV] should be specified
- in either raw binary, or hexidecimal (4 bits per character). This isn't really PBE anymore, but it's a
- common use case.</li>
-</ul>
-</p>
-
-<p>Here's a list of supported OpenSSL ciphers. The <i>purple ones</i> require the <a href="http://www.bouncycastle.org/latest_releases.html">BouncyCastle JCE</a>.
-The <i class="special">red ones (desx, desx-cbc)</i> probably require RSA's <a href="http://www.rsa.com/node.aspx?id=1204">BSAFE JCE</a>,
-and have not been tested.
-</p>
-<pre>
-aes-128-cbc aes-128-cfb <!-- aes-128-cfb1 -->
-aes-128-cfb8 aes-128-ecb aes-128-ofb
-aes-192-cbc aes-192-cfb <!-- aes-192-cfb1 -->
-aes-192-cfb8 aes-192-ecb aes-192-ofb
-aes-256-cbc aes-256-cfb <!-- aes-256-cfb1 -->
-aes-256-cfb8 aes-256-ecb aes-256-ofb
-aes128 aes192 aes256
-bf bf-cbc bf-cfb
-bf-ecb bf-ofb blowfish
-<i>camellia-128-cbc</i> <i>camellia-128-cfb</i> <!-- <i>camellia-128-cfb1</i> -->
-<i>camellia-128-cfb8</i> <i>camellia-128-ecb</i> <i>camellia-128-ofb</i>
-<i>camellia-192-cbc</i> <i>camellia-192-cfb</i> <!-- <i>camellia-192-cfb1</i> -->
-<i>camellia-192-cfb8</i> <i>camellia-192-ecb</i> <i>camellia-192-ofb</i>
-<i>camellia-256-cbc</i> <i>camellia-256-cfb</i> <!-- <i>camellia-256-cfb1</i> -->
-<i>camellia-256-cfb8</i> <i>camellia-256-ecb</i> <i>camellia-256-ofb</i>
-<i>camellia128</i> <i>camellia192</i> <i>camellia256</i>
-<i>cast</i> <i>cast-cbc</i> <i>cast5-cbc</i>
-<i>cast5-cfb</i> <i>cast5-ecb</i> <i>cast5-ofb</i>
-des des-cbc des-cfb
-<!-- des-cfb1 --> des-cfb8 des-ecb
-des-ede des-ede-cbc des-ede-cfb
-des-ede-ofb des-ede3 des-ede3-cbc
-des-ede3-cfb des-ede3-ofb des-ofb
-des3 <i class="special">desx</i> <i class="special">desx-cbc</i>
-<i>idea</i> <i>idea-cbc</i> <i>idea-cfb</i>
-<i>idea-ecb</i> <i>idea-ofb</i> rc2
-rc2-40-cbc rc2-64-cbc rc2-cbc
-rc2-cfb rc2-ecb rc2-ofb
-rc4 rc4-40 <i>rc5</i>
-<i>rc5-cbc</i> <i>rc5-cfb</i> <i>rc5-ecb</i>
-<i>rc5-ofb</i>
-</pre>
-
-<p>Here are some additional ciphers supported by BouncyCastle, but not by OpenSSL:</p>
-<pre>
-<i>cast6</i>
-<i>gost</i> (aka: <i>gost28147</i>)
-<i>rc6</i>
-<i>seed</i>
-<i>serpent</i>
-<i>skipjack</i>
-<i>tea</i>
-<i>twofish</i>
-<i>xtea</i>
-</pre>
-
-<hr/>
-<h3><a name="Quick-FAQ">Quick FAQ about PBE and Java</a></h3>
-<hr/>
-<dl>
-<dt>Why do I keep getting "java.security.InvalidKeyException: Illegal key size"?</dt>
-<dd>
-Don't forget to install your JVM's Unlimited Strength
-Jurisdiction Policy Files if you want AES-192 and AES-256 to work. (Same is true
-for Camillia-192, Camellia-256, and GOST28147).
-
-Visit <a href="http://java.sun.com/javase/downloads/">http://java.sun.com/javase/downloads/</a>
-and scroll to the bottom:
-<blockquote>
-Other Downloads
-<br/>Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6
-</blockquote>
-You can use DES-3 (168 bit keys) without
-installing the extra policy files.
-</dd>
-<dt>Why do the encrypted files always start with "Salted__" ("U2FsdGVkX1" in base64)?
-Isn't giving away information like this insecure?</dt>
-<dd>
-The encrypted files must always start with "Salted__" to interoperate with OpenSSL.
-OpenSSL expects this. The 8 bytes that spell "Salted__" are always immediately followed
-by another random 8 bytes of salt. The encrypted stream starts at the 17th byte.
-This way, even if you use the same password to encrypt 2 different files, the actual
-secret keys used to encrypt these 2 files are very different.
-<br/>
-<br/>
-It is possible to omit the salt, but this is highly discouraged:
-
-<pre style="padding: 10px; float: left;">
-boolean useBase64 = true;
-boolean useSalt = false; <em style="color: green;">// Omitting the salt is bad for security!</em>
-byte[] result = <a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20byte[],%20boolean,%20boolean)">OpenSSL.encrypt(alg, pwd, data, useBase64, useSalt);</a>
-</pre>
-<br clear="all"/>
-</dd>
-<dt><a name="nqr">Why</a> is code example above "not quite right"?</dt>
-<dd>It relies on the platform's default character set. Here is the proper version (forcing UTF-8):
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>PBE example (DES-3):</b></u>
-
-char[] password = {'c','h','a','n','g','e','i','t'};
-byte[] data = "Hello World!".getBytes("UTF-8");
-
-<em style="color: green;">// Encrypt!</em>
-byte[] encrypted = OpenSSL.encrypt("des3", password, data);
-System.out.println("ENCRYPTED: [" + new String(encrypted, "UTF-8") + "]");
-
-<em style="color: green;">// Decrypt results of previous!</em>
-data = OpenSSL.decrypt("des3", password, encrypted);
-System.out.println("DECRYPTED: [" + new String(data, "UTF-8") + "]");
-
-OUTPUT:
-======================
-ENCRYPTED: [U2FsdGVkX19qplb9qVDVVEYxH8wjJDGpMS+F4/2pS2c=]
-DECRYPTED: [Hello World!]
-</pre>
-</dd>
-</dl>
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/ping.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/ping.html b/3rdparty/not-yet-commons-ssl/docs/ping.html
deleted file mode 100644
index 3458d07..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/ping.html
+++ /dev/null
@@ -1,93 +0,0 @@
-<html>
-<head>
-<title>Commons-SSL - Utilities</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<span class="hl" href="utilities.html">utilities</span> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Ping</h2>
-
-<p>"org.apache.commons.ssl.Ping" contains a main method to help you diagnose SSL issues.
-It's modeled on OpenSSL's very handy "s_client" utility. We've been very careful to
-make sure "org.apache.commons.ssl.Ping" can execute without any additional jar files
-on the classpath (except if using Java 1.3 - then you'll need jsse.jar).</p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>"Ping" Utility Attempts "HEAD / HTTP/1.1" Request</b></u>
-This utility is very handy because it can get you the server's public
-certificate even if your client certificate is bad (so even though the SSL
-handshake fails). And unlike "openssl s_client", this utility can bind
-against any IP address available.
-
-Usage: java -jar not-yet-commons-ssl-0.3.13.jar [options]
-Version: 0.3.13 Compiled: [PDT:2014-05-08/14:15:16.000]
-Options: (*=required)
-* -t --target [hostname[:port]] default port=443
- -b --bind [hostname[:port]] default port=0 "ANY"
- -r --proxy [hostname[:port]] default port=80
- -tm --trust-cert [path to trust material] {pem, der, crt, jks}
- -km --client-cert [path to client's private key] {jks, pkcs12, pkcs8}
- -cc --cert-chain [path to client's cert chain for pkcs8/OpenSSL key]
- -p --password [client cert password]
- -h --host-header [http-host-header] in case -t is an IP address
- -u --path [path for GET/HEAD request] default=/
- -m --method [http method to use] default=HEAD
-
-Example:
-
-java -jar commons-ssl.jar -t host.com:443 -c ./client.pfx -p `cat ./pass.txt` </pre><br clear="all"/>
-
-<p style="margin-top: 8px;"><b>TODO:</b><br/>Apparently Java 6.0 includes support for grabbing passwords from
-standard-in without echoing the typed characters. Would be nice to use that feature when it's
-available, instead of requiring the password to be specified as a command-line argument.</p>
-
-<hr/>
-<h2>KeyStoreBuilder</em></h2>
-<p><code>java -cp not-yet-commons-ssl-0.3.13.jar org.apache.commons.ssl.KeyStoreBuilder</code></p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>KeyStoreBuilder converts PKCS12 and PKCS8 to Java "Keystore", and vice versa.</b></u>
-KeyStoreBuilder: creates '[alias].jks' (Java Key Store)
- -topk8 mode: creates '[alias].pem' (x509 chain + unencrypted pkcs8)
-[alias] will be set to the first CN value of the X509 certificate.
--------------------------------------------------------------------
-Usage1: [password] [file:pkcs12]
-Usage2: [password] [file:private-key] [file:certificate-chain]
-Usage3: -topk8 [password] [file:jks]
--------------------------------------------------------------------
-[private-key] can be openssl format, or pkcs8.
-[password] decrypts [private-key], and also encrypts outputted JKS file.
-All files can be PEM or DER.</pre><br clear="all"/>
-
-<br/><b>Warning:</b>
- <span style="color: red; font-weight: bold;">-topk8 outputs the private key UNENCRYPTED!
-Cut and paste the private key into a separate file, and then use "openssl rsa" or "openssl dsa"
-to encrypt it with a password.</span>
-<br/>
-<br/>
-
-
-</body>
-</html>
[3/6] directory-kerberos git commit: Clean up not-commons-ssl library,
removing many unwanted and not much relevant
Posted by dr...@apache.org.
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/docs/utilities.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/utilities.html b/3rdparty/not-yet-commons-ssl/docs/utilities.html
deleted file mode 100644
index 76ec47c..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/utilities.html
+++ /dev/null
@@ -1,91 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - Utilities</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<span class="hl" href="utilities.html">utilities</span> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Ping</h2>
-
-<p>"org.apache.commons.ssl.Ping" contains a main method to help you diagnose SSL issues.
-It's modeled on OpenSSL's very handy "s_client" utility. We've been very careful to
-make sure "org.apache.commons.ssl.Ping" can execute without any additional jar files
-on the classpath (except if using Java 1.3 - then you'll need jsse.jar).</p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>"Ping" Utility Attempts "HEAD / HTTP/1.1" Request</b></u>
-This utility is very handy because it can get you the server's public
-certificate even if your client certificate is bad (so even though the SSL
-handshake fails). And unlike "openssl s_client", this utility can bind
-against any IP address available.
-
-Usage: java -jar not-yet-commons-ssl-0.3.13.jar [options]
-Version 0.3.13 compiled=[PST:2014-05-08/14:42:18.000]
-Options: (*=required)
-* -t --target [hostname[:port]] default port=443
- -b --bind [hostname[:port]] default port=0 "ANY"
- -r --proxy [hostname[:port]] default port=80
- -tm --trust-cert [path to trust material] {pem, der, crt, jks}
- -km --client-cert [path to client's private key] {jks, pkcs12, pkcs8}
- -cc --cert-chain [path to client's cert chain for pkcs8/OpenSSL key]
- -p --password [client cert password]
- -h --host-header [http-host-header] in case -t is an IP address
- -u --path [path for GET/HEAD request] default=/
- -m --method [http method to use] default=HEAD
-
-Example:
-
-java -jar not-yet-commons-ssl.jar -t host.com:443 -c ./client.pfx -p `cat ./pass.txt`</pre><br clear="all"/>
-
-<p style="margin-top: 8px;"><b>TODO:</b><br/>Apparently Java 6.0 includes support for grabbing passwords from
-standard-in without echoing the typed characters. Would be nice to use that feature when it's
-available, instead of requiring the password to be specified as a command-line argument.</p>
-
-<hr/>
-<h2>KeyStoreBuilder</h2>
-<p>org.apache.commons.ssl.KeyStoreBuilder is able to convert OpenSSL style public/private keys into
-Java KeyStore files. It can also convert Java Keystore files into the PEM format that Apache likes.</p>
-
-<p><code>java -cp not-yet-commons-ssl-0.3.13.jar org.apache.commons.ssl.KeyStoreBuilder</code></p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>KeyStoreBuilder converts PKCS12 and PKCS8 to Java "Keystore"</b></u>
-
-KeyStoreBuilder: creates '[alias].jks' (Java Key Store)
- -topk8 mode: creates '[alias].pem' (x509 chain + unencrypted pkcs8)
-[alias] will be set to the first CN value of the X509 certificate.
--------------------------------------------------------------------
-Usage1: [password] [file:pkcs12]
-Usage2: [password] [file:private-key] [file:certificate-chain]
-Usage3: -topk8 [password] [file:jks]
--------------------------------------------------------------------
-[private-key] can be openssl format, or pkcs8.
-[password] decrypts [private-key], and also encrypts outputted JKS file.
-All files can be PEM or DER.
-</pre><br clear="all"/>
-
-
-</body>
-</html>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/not-yet-commons-ssl-0.3.16.jar
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/not-yet-commons-ssl-0.3.16.jar b/3rdparty/not-yet-commons-ssl/not-yet-commons-ssl-0.3.16.jar
deleted file mode 100644
index 71fd59e..0000000
Binary files a/3rdparty/not-yet-commons-ssl/not-yet-commons-ssl-0.3.16.jar and /dev/null differ
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/pom.xml
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/pom.xml b/3rdparty/not-yet-commons-ssl/pom.xml
index ae3bf0f..74c97d4 100644
--- a/3rdparty/not-yet-commons-ssl/pom.xml
+++ b/3rdparty/not-yet-commons-ssl/pom.xml
@@ -68,6 +68,12 @@
<version>${project.version}</version>
</dependency>
<dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-util</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <scope>test</scope>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-ext-jdk15on</artifactId>
<version>1.51</version>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java
deleted file mode 100644
index df7f095..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * $Header$
- * $Revision: 168 $
- * $Date: 2014-05-06 16:25:46 -0700 (Tue, 06 May 2014) $
- *
- * ====================================================================
- *
- * Copyright 2002-2006 The Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import org.apache.commons.ssl.HttpSecureProtocol;
-import org.apache.commons.ssl.KeyMaterial;
-import org.apache.commons.ssl.TrustMaterial;
-
-import java.io.IOException;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.KeyStoreException;
-
-/**
- * <p/>
- * AuthSSLProtocolSocketFactory can be used to validate the identity of the HTTPS
- * server against a list of trusted certificates and to authenticate to the HTTPS
- * server using a private key.
- * </p>
- * <p/>
- * <p/>
- * AuthSSLProtocolSocketFactory will enable server authentication when supplied with
- * a {@link java.security.KeyStore truststore} file containg one or several trusted certificates.
- * The client secure socket will reject the connection during the SSL session handshake
- * if the target HTTPS server attempts to authenticate itself with a non-trusted
- * certificate.
- * </p>
- * <p/>
- * <p/>
- * Use JDK keytool utility to import a trusted certificate and generate a truststore file:
- * <pre>
- * keytool -import -alias "my server cert" -file server.crt -keystore my.truststore
- * </pre>
- * </p>
- * <p/>
- * <p/>
- * AuthSSLProtocolSocketFactory will enable client authentication when supplied with
- * a {@link java.security.KeyStore keystore} file containg a private key/public certificate pair.
- * The client secure socket will use the private key to authenticate itself to the target
- * HTTPS server during the SSL session handshake if requested to do so by the server.
- * The target HTTPS server will in its turn verify the certificate presented by the client
- * in order to establish client's authenticity
- * </p>
- * <p/>
- * <p/>
- * Use the following sequence of actions to generate a keystore file
- * </p>
- * <ul>
- * <li>
- * <p/>
- * Use JDK keytool utility to generate a new key
- * <pre>keytool -genkey -v -alias "my client key" -validity 365 -keystore my.keystore</pre>
- * For simplicity use the same password for the key as that of the keystore
- * </p>
- * </li>
- * <li>
- * <p/>
- * Issue a certificate signing request (CSR)
- * <pre>keytool -certreq -alias "my client key" -file mycertreq.csr -keystore my.keystore</pre>
- * </p>
- * </li>
- * <li>
- * <p/>
- * Send the certificate request to the trusted Certificate Authority for signature.
- * One may choose to act as her own CA and sign the certificate request using a PKI
- * tool, such as OpenSSL.
- * </p>
- * </li>
- * <li>
- * <p/>
- * Import the trusted CA root certificate
- * <pre>keytool -import -alias "my trusted ca" -file caroot.crt -keystore my.keystore</pre>
- * </p>
- * </li>
- * <li>
- * <p/>
- * Import the PKCS#7 file containg the complete certificate chain
- * <pre>keytool -import -alias "my client key" -file mycert.p7 -keystore my.keystore</pre>
- * </p>
- * </li>
- * <li>
- * <p/>
- * Verify the content the resultant keystore file
- * <pre>keytool -list -v -keystore my.keystore</pre>
- * </p>
- * </li>
- * </ul>
- * <p/>
- * Example of using custom protocol socket factory for a specific host:
- * <pre>
- * Protocol authhttps = new Protocol("https",
- * new AuthSSLProtocolSocketFactory(
- * new URL("file:my.keystore"), "mypassword",
- * new URL("file:my.truststore"), "mypassword"), 443);
- * <p/>
- * HttpClient client = new HttpClient();
- * client.getHostConfiguration().setHost("localhost", 443, authhttps);
- * // use relative url only
- * GetMethod httpget = new GetMethod("/");
- * client.executeMethod(httpget);
- * </pre>
- * </p>
- * <p/>
- * Example of using custom protocol socket factory per default instead of the standard one:
- * <pre>
- * Protocol authhttps = new Protocol("https",
- * new AuthSSLProtocolSocketFactory(
- * new URL("file:my.keystore"), "mypassword",
- * new URL("file:my.truststore"), "mypassword"), 443);
- * Protocol.registerProtocol("https", authhttps);
- * <p/>
- * HttpClient client = new HttpClient();
- * GetMethod httpget = new GetMethod("https://localhost/");
- * client.executeMethod(httpget);
- * </pre>
- * </p>
- *
- * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
- * <p/>
- * <p/>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- */
-
-public class AuthSSLProtocolSocketFactory extends HttpSecureProtocol {
-
- /**
- * Constructor for AuthSSLProtocolSocketFactory. Either a keystore or truststore file
- * must be given. Otherwise SSL context initialization error will result.
- *
- * @param keystoreUrl URL of the keystore file. May be <tt>null</tt> if HTTPS client
- * authentication is not to be used.
- * @param keystorePassword Password to unlock the keystore. IMPORTANT: this implementation
- * assumes that the same password is used to protect the key and the keystore itself.
- * @param truststoreUrl URL of the truststore file. May be <tt>null</tt> if HTTPS server
- * authentication is not to be used.
- * @param truststorePassword Password to unlock the truststore.
- */
- public AuthSSLProtocolSocketFactory(final URL keystoreUrl,
- final String keystorePassword,
- final URL truststoreUrl,
- final String truststorePassword)
- throws GeneralSecurityException, IOException {
-
- super();
-
- // prepare key material
- if (keystoreUrl != null) {
- char[] ksPass = null;
- if (keystorePassword != null) {
- ksPass = keystorePassword.toCharArray();
- }
- KeyMaterial km = new KeyMaterial(keystoreUrl, ksPass);
- super.setKeyMaterial(km);
- }
-
- // prepare trust material
- if (truststoreUrl != null) {
- char[] tsPass = null;
- if (truststorePassword != null) {
- tsPass = truststorePassword.toCharArray();
- }
- TrustMaterial tm;
- try {
- tm = new KeyMaterial(truststoreUrl, tsPass);
- } catch (KeyStoreException kse) {
- // KeyMaterial constructor blows up in no keys found,
- // so we fall back to TrustMaterial constructor instead.
- tm = new TrustMaterial(truststoreUrl, tsPass);
- }
- super.setTrustMaterial(tm);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
deleted file mode 100644
index e7c55bc..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * $Header$
- * $Revision: 180 $
- * $Date: 2014-09-23 11:33:47 -0700 (Tue, 23 Sep 2014) $
- *
- * ====================================================================
- *
- * Copyright 2002-2004 The Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import org.apache.commons.ssl.HttpSecureProtocol;
-import org.apache.commons.ssl.TrustMaterial;
-
-import java.io.IOException;
-import java.net.Socket;
-import java.security.GeneralSecurityException;
-
-/**
- * <p/>
- * EasySSLProtocolSocketFactory can be used to creats SSL {@link java.net.Socket}s
- * that accept self-signed certificates.
- * </p>
- * <p/>
- * This socket factory SHOULD NOT be used for productive systems
- * due to security reasons, unless it is a concious decision and
- * you are perfectly aware of security implications of accepting
- * self-signed certificates
- * </p>
- * <p/>
- * <p/>
- * Example of using custom protocol socket factory for a specific host:
- * <pre>
- * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- * <p/>
- * HttpClient client = new HttpClient();
- * client.getHostConfiguration().setHost("localhost", 443, easyhttps);
- * // use relative url only
- * GetMethod httpget = new GetMethod("/");
- * client.executeMethod(httpget);
- * </pre>
- * </p>
- * <p/>
- * Example of using custom protocol socket factory per default instead of the standard one:
- * <pre>
- * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- * Protocol.registerProtocol("https", easyhttps);
- * <p/>
- * HttpClient client = new HttpClient();
- * GetMethod httpget = new GetMethod("https://localhost/");
- * client.executeMethod(httpget);
- * </pre>
- * </p>
- *
- * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
- * <p/>
- * <p/>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- */
-
-public class EasySSLProtocolSocketFactory extends HttpSecureProtocol {
-
- /**
- * Constructor for EasySSLProtocolSocketFactory.
- *
- * @throws java.security.GeneralSecurityException GeneralSecurityException
- * @throws java.io.IOException IOException
- */
- public EasySSLProtocolSocketFactory()
- throws GeneralSecurityException, IOException {
- super();
- super.setTrustMaterial(TrustMaterial.TRUST_ALL);
- super.setCheckHostname(false);
- super.setCheckExpiry(false);
- super.setCheckCRL(false );
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java
deleted file mode 100644
index 05e207d..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * $Header$
- * $Revision: 129 $
- * $Date: 2007-11-14 19:21:33 -0800 (Wed, 14 Nov 2007) $
- *
- * ====================================================================
- *
- * Copyright 1999-2004 The Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- * [Additional notices, if required by prior licensing conditions]
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU Lesser General Public License Version 2 or later
- * (the "LGPL"), in which case the provisions of the LGPL are
- * applicable instead of those above. See terms of LGPL at
- * <http://www.gnu.org/copyleft/lesser.txt>.
- * If you wish to allow use of your version of this file only under
- * the terms of the LGPL and not to allow others to use your version
- * of this file under the Apache Software License, indicate your
- * decision by deleting the provisions above and replace them with
- * the notice and other provisions required by the LGPL. If you do
- * not delete the provisions above, a recipient may use your version
- * of this file under either the Apache Software License or the LGPL.
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import org.apache.commons.ssl.HttpSecureProtocol;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-
-/**
- * A <code>SecureProtocolSocketFactory</code> that uses JSSE to create
- * SSL sockets. It will also support host name verification to help preventing
- * man-in-the-middle attacks. Host name verification is turned <b>on</b> by
- * default but one will be able to turn it off, which might be a useful feature
- * during development. Host name verification will make sure the SSL sessions
- * server host name matches with the the host name returned in the
- * server certificates "Common Name" field of the "SubjectDN" entry.
- *
- * @author <a href="mailto:hauer@psicode.com">Sebastian Hauer</a>
- * <p/>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- */
-public class StrictSSLProtocolSocketFactory extends HttpSecureProtocol {
-
- /**
- * Constructor for StrictSSLProtocolSocketFactory.
- *
- * @param verifyHostname The host name verification flag. If set to
- * <code>true</code> the SSL sessions server host name will be compared
- * to the host name returned in the server certificates "Common Name"
- * field of the "SubjectDN" entry. If these names do not match a
- * Exception is thrown to indicate this. Enabling host name verification
- * will help to prevent from man-in-the-middle attacks. If set to
- * <code>false</code> host name verification is turned off.
- * <p/>
- * Code sample:
- * <p/>
- * <blockquote>
- * Protocol stricthttps = new Protocol(
- * "https", new StrictSSLProtocolSocketFactory(true), 443);
- * <p/>
- * HttpClient client = new HttpClient();
- * client.getHostConfiguration().setHost("localhost", 443, stricthttps);
- * </blockquote>
- */
- public StrictSSLProtocolSocketFactory(boolean verifyHostname)
- throws GeneralSecurityException, IOException {
- super();
- super.setCheckHostname(verifyHostname);
- }
-
- /**
- * Constructor for StrictSSLProtocolSocketFactory.
- * Host name verification will be enabled by default.
- */
- public StrictSSLProtocolSocketFactory()
- throws GeneralSecurityException, IOException {
- this(true);
- }
-
- /**
- * Set the host name verification flag.
- *
- * @param verifyHostname The host name verification flag. If set to
- * <code>true</code> the SSL sessions server host name will be compared
- * to the host name returned in the server certificates "Common Name"
- * field of the "SubjectDN" entry. If these names do not match a
- * Exception is thrown to indicate this. Enabling host name verification
- * will help to prevent from man-in-the-middle attacks. If set to
- * <code>false</code> host name verification is turned off.
- */
- public void setHostnameVerification(boolean verifyHostname) {
- super.setCheckHostname(verifyHostname);
- }
-
- /**
- * Gets the status of the host name verification flag.
- *
- * @return Host name verification flag. Either <code>true</code> if host
- * name verification is turned on, or <code>false</code> if host name
- * verification is turned off.
- */
- public boolean getHostnameVerification() {
- return super.getCheckHostname();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/TrustSSLProtocolSocketFactory.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/TrustSSLProtocolSocketFactory.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/TrustSSLProtocolSocketFactory.java
deleted file mode 100644
index 31362c7..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/httpclient/contrib/ssl/TrustSSLProtocolSocketFactory.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/*
- * ====================================================================
- *
- * Copyright 1999-2006 The Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.httpclient.contrib.ssl;
-
-import org.apache.commons.ssl.HttpSecureProtocol;
-import org.apache.commons.ssl.KeyMaterial;
-import org.apache.commons.ssl.TrustMaterial;
-
-import java.io.IOException;
-import java.net.Socket;
-import java.security.GeneralSecurityException;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-
-/**
- * <p/>
- * TrustSSLProtocolSocketFactory allows you exercise full control over the
- * HTTPS server certificates you are going to trust. Instead of relying
- * on the Certificate Authorities already present in "jre/lib/security/cacerts",
- * TrustSSLProtocolSocketFactory only trusts the public certificates you provide
- * to its constructor.
- * </p>
- * <p/>
- * TrustSSLProtocolSocketFactory can be used to create SSL {@link java.net.Socket}s
- * that accepts self-signed certificates. Unlike EasySSLProtocolSocketFactory,
- * TrustSSLProtocolSocketFactory can be used in production. This is because
- * it forces you to pre-install the self-signed certificate you are going to
- * trust locally.
- * <p/>
- * TrustSSLProtocolSocketFactory can parse both Java Keystore Files (*.jks)
- * and base64 PEM encoded public certificates (*.pem).
- * </p>
- * <p/>
- * Example of using TrustSSLProtocolSocketFactory
- * <pre>
- * 1. First we must find the certificate we want to trust. In this example
- * we'll use gmail.google.com's certificate.
- * <p/>
- * openssl s_client -showcerts -connect gmail.google.com:443
- * <p/>
- * 2. Cut & paste into a "cert.pem" any certificates you are interested in
- * trusting in accordance with your security policies. In this example I'll
- * actually use the current "gmail.google.com" certificate (instead of the
- * Thawte CA certificate that signed the gmail certificate - that would be
- * too boring) - but it expires on June 7th, 2006, so this example won't be
- * useful for very long!
- * <p/>
- * Here's what my "cert.pem" file looks like:
- * <p/>
- * -----BEGIN CERTIFICATE-----
- * MIIDFjCCAn+gAwIBAgIDP3PeMA0GCSqGSIb3DQEBBAUAMEwxCzAJBgNVBAYTAlpB
- * MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMRYwFAYDVQQD
- * Ew1UaGF3dGUgU0dDIENBMB4XDTA1MDYwNzIyMTI1N1oXDTA2MDYwNzIyMTI1N1ow
- * ajELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1v
- * dW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJbmMxGTAXBgNVBAMTEGdtYWls
- * Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALoRiWYW0hZw
- * 9TSn3s9912syZg1CP2TaC86PU1Ao2qf3pVu7Mx10Wl8W+aKZrQlvrYjTwku4sEh+
- * 9uI+gWnfmCd0OyVcXr1eFOGCYiiyaPv79Wtb0m0d8GuiRSJhYkZGzGlgFViws2vR
- * BAMCD2fdp7WGJUVGYOO+s52dgAMUHQXxAgMBAAGjgecwgeQwKAYDVR0lBCEwHwYI
- * KwYBBQUHAwEGCCsGAQUFBwMCBglghkgBhvhCBAEwNgYDVR0fBC8wLTAroCmgJ4Yl
- * aHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVNHQ0NBLmNybDByBggrBgEFBQcB
- * AQRmMGQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wPgYIKwYB
- * BQUHMAKGMmh0dHA6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5L1RoYXd0ZV9T
- * R0NfQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAktM1l1cV
- * ebi+Uo6fCE/eLnvvY6QbNNCsU5Pi9B5E1BlEUG+AGpgzE2cSPw1N4ZZb+2AWWwjx
- * H8/IrJ143KZZXM49ri3Z2e491Jj8qitrMauT7/hb16Jw6I02/74/do4TtHu/Eifr
- * EZCaSOobSHGeufHjlqlC3ehC4Bx4mLexIMk=
- * -----END CERTIFICATE-----
- * <p/>
- * 3. Run "openssl x509" to analyze the certificate more deeply. This helps
- * us answer questions like "Do we really want to trust it? When does it
- * expire? What's the value of the CN (Common Name) field?".
- * <p/>
- * "openssl x509" is also super cool, and will impress all your friends,
- * coworkers, family, and that cute girl at the starbucks. :-)
- * <p/>
- * If you dig through "man x509" you'll find this example. Run it:
- * <p/>
- * openssl x509 -in cert.pem -noout -text
- * <p/>
- * 4. Rename "cert.pem" to "gmail.pem" so that step 5 works.
- * <p/>
- * 5. Setup the TrustSSLProtocolSocketFactory to trust "gmail.google.com"
- * for URLS of the form "https-gmail://" - but don't trust anything else
- * when using "https-gmail://":
- * <p/>
- * TrustSSLProtocolSocketFactory sf = new TrustSSLProtocolSocketFactory( "/path/to/gmail.pem" );
- * Protocol trustHttps = new Protocol("https-gmail", sf, 443);
- * Protocol.registerProtocol("https-gmail", trustHttps);
- * <p/>
- * HttpClient client = new HttpClient();
- * GetMethod httpget = new GetMethod("https-gmail://gmail.google.com/");
- * client.executeMethod(httpget);
- * <p/>
- * 6. Notice that "https-gmail://" cannot connect to "www.wellsfargo.com" -
- * the server's certificate isn't trusted! It would still work using
- * regular "https://" because Java would use the "jre/lib/security/cacerts"
- * file.
- * <p/>
- * httpget = new GetMethod("https-gmail://www.wellsfargo.com/");
- * client.executeMethod(httpget);
- * <p/>
- * javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
- * <p/>
- * <p/>
- * 7. Of course "https-gmail://" cannot connect to hosts where the CN field
- * in the certificate doesn't match the hostname. The same is supposed to
- * be true of regular "https://", but HTTPClient is a bit lenient.
- * <p/>
- * httpget = new GetMethod("https-gmail://gmail.com/");
- * client.executeMethod(httpget);
- * <p/>
- * javax.net.ssl.SSLException: hostname in certificate didn't match: <gmail.com> != <gmail.google.com>
- * <p/>
- * <p/>
- * 8. You can use "*.jks" files instead of "*.pem" if you prefer. Use the 2nd constructor
- * in that case to pass along the JKS password:
- * <p/>
- * new TrustSSLProtocolSocketFactory( "/path/to/gmail.jks", "my_password".toCharArray() );
- * <p/>
- * </pre>
- *
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * <p/>
- * <p/>
- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * </p>
- * @since 17-Feb-2006
- */
-
-public class TrustSSLProtocolSocketFactory extends HttpSecureProtocol {
-
- /**
- * @param pathToTrustStore Path to either a ".jks" Java Key Store, or a
- * ".pem" base64 encoded certificate. If it's a
- * ".pem" base64 certificate, the file must start
- * with "------BEGIN CERTIFICATE-----", and must end
- * with "-------END CERTIFICATE--------".
- */
- public TrustSSLProtocolSocketFactory(String pathToTrustStore)
- throws GeneralSecurityException, IOException {
- this(pathToTrustStore, null);
- }
-
- /**
- * @param pathToTrustStore Path to either a ".jks" Java Key Store, or a
- * ".pem" base64 encoded certificate. If it's a
- * ".pem" base64 certificate, the file must start
- * with "------BEGIN CERTIFICATE-----", and must end
- * with "-------END CERTIFICATE--------".
- * @param password Password to open the ".jks" file. If "truststore"
- * is a ".pem" file, then password can be null; if
- * password isn't null and we're using a ".pem" file,
- * then technically, this becomes the password to
- * open up the special in-memory keystore we create
- * to hold the ".pem" file, but it's not important at
- * all.
- * @throws java.security.cert.CertificateException
- * @throws java.security.KeyStoreException
- * @throws java.io.IOException
- * @throws java.security.NoSuchAlgorithmException
- * @throws java.security.KeyManagementException
- */
- public TrustSSLProtocolSocketFactory(String pathToTrustStore, char[] password)
- throws GeneralSecurityException, IOException {
- super();
- TrustMaterial tm;
- try {
- tm = new KeyMaterial(pathToTrustStore, password);
- } catch (KeyStoreException kse) {
- // KeyMaterial constructor blows up in no keys found,
- // so we fall back to TrustMaterial constructor instead.
- tm = new TrustMaterial(pathToTrustStore, password);
- }
- super.setTrustMaterial(tm);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
index e00d58d..fc25b51 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
@@ -25,8 +25,8 @@
package org.apache.commons.ssl;
-import org.apache.commons.ssl.util.Hex;
import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.util.Hex;
import java.util.*;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
index 4f6823a..398d012 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
@@ -25,9 +25,9 @@
package org.apache.commons.ssl;
-import org.apache.commons.ssl.util.Hex;
import org.apache.kerby.asn1.Asn1InputBuffer;
import org.apache.kerby.asn1.type.*;
+import org.apache.kerby.util.Hex;
import java.io.FileInputStream;
import java.io.IOException;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64.java
deleted file mode 100644
index 99dc717..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64.java
+++ /dev/null
@@ -1,1048 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.commons.ssl;
-
-import org.apache.commons.ssl.util.UTF8;
-
-import java.math.BigInteger;
-
-/**
- * Provides Base64 encoding and decoding as defined by RFC 2045.
- *
- * <p>
- * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
- * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
- * </p>
- * <p>
- * The class can be parameterized in the following manner with various constructors:
- * <ul>
- * <li>URL-safe mode: Default off.</li>
- * <li>Line length: Default 76. Line length that aren't multiples of 4 will still essentially end up being multiples of
- * 4 in the encoded data.
- * <li>Line separator: Default is CRLF ("\r\n")</li>
- * </ul>
- * </p>
- * <p>
- * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
- * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
- * </p>
- *
- * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
- * @author Apache Software Foundation
- * @since 1.0
- * @version $Id: Base64.java 155 2009-09-17 21:00:58Z julius $
- */
-public class Base64 {
- private static final int DEFAULT_BUFFER_RESIZE_FACTOR = 2;
-
- private static final int DEFAULT_BUFFER_SIZE = 8192;
-
- /**
- * Chunk size per RFC 2045 section 6.8.
- *
- * <p>
- * The {@value} character limit does not count the trailing CRLF, but counts all other characters, including any
- * equal signs.
- * </p>
- *
- * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045 section 6.8</a>
- */
- static final int CHUNK_SIZE = 76;
-
- /**
- * Chunk separator per RFC 2045 section 2.1.
- *
- * <p>
- * N.B. The next major release may break compatibility and make this field private.
- * </p>
- *
- * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045 section 2.1</a>
- */
- static final byte[] CHUNK_SEPARATOR = {'\r', '\n'};
-
- /**
- * This array is a lookup table that translates 6-bit positive integer index values into their "Base64 Alphabet"
- * equivalents as specified in Table 1 of RFC 2045.
- *
- * Thanks to "commons" project in ws.apache.org for this code.
- * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
- */
- private static final byte[] STANDARD_ENCODE_TABLE = {
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
- };
-
- /**
- * This is a copy of the STANDARD_ENCODE_TABLE above, but with + and /
- * changed to - and _ to make the encoded Base64 results more URL-SAFE.
- * This table is only used when the Base64's mode is set to URL-SAFE.
- */
- private static final byte[] URL_SAFE_ENCODE_TABLE = {
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
- 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'
- };
-
- /**
- * Byte used to pad output.
- */
- private static final byte PAD = '=';
-
- /**
- * This array is a lookup table that translates Unicode characters drawn from the "Base64 Alphabet" (as specified in
- * Table 1 of RFC 2045) into their 6-bit positive integer equivalents. Characters that are not in the Base64
- * alphabet but fall within the bounds of the array are translated to -1.
- *
- * Note: '+' and '-' both decode to 62. '/' and '_' both decode to 63. This means decoder seamlessly handles both
- * URL_SAFE and STANDARD base64. (The encoder, on the other hand, needs to know ahead of time what to emit).
- *
- * Thanks to "commons" project in ws.apache.org for this code.
- * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
- */
- private static final byte[] DECODE_TABLE = {
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, 52, 53, 54,
- 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1, 0, 1, 2, 3, 4,
- 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
- 24, 25, -1, -1, -1, -1, 63, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
- 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51
- };
-
- /** Mask used to extract 6 bits, used when encoding */
- private static final int MASK_6BITS = 0x3f;
-
- /** Mask used to extract 8 bits, used in decoding base64 bytes */
- private static final int MASK_8BITS = 0xff;
-
- // The static final fields above are used for the original static byte[] methods on Base64.
- // The private member fields below are used with the new streaming approach, which requires
- // some state be preserved between calls of encode() and decode().
-
- /**
- * Encode table to use: either STANDARD or URL_SAFE. Note: the DECODE_TABLE above remains static because it is able
- * to decode both STANDARD and URL_SAFE streams, but the encodeTable must be a member variable so we can switch
- * between the two modes.
- */
- private final byte[] encodeTable;
-
- /**
- * Line length for encoding. Not used when decoding. A value of zero or less implies no chunking of the base64
- * encoded data.
- */
- private final int lineLength;
-
- /**
- * Line separator for encoding. Not used when decoding. Only used if lineLength > 0.
- */
- private final byte[] lineSeparator;
-
- /**
- * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
- * <code>decodeSize = 3 + lineSeparator.length;</code>
- */
- private final int decodeSize;
-
- /**
- * Convenience variable to help us determine when our buffer is going to run out of room and needs resizing.
- * <code>encodeSize = 4 + lineSeparator.length;</code>
- */
- private final int encodeSize;
-
- /**
- * Buffer for streaming.
- */
- private byte[] buffer;
-
- /**
- * Position where next character should be written in the buffer.
- */
- private int pos;
-
- /**
- * Position where next character should be read from the buffer.
- */
- private int readPos;
-
- /**
- * Variable tracks how many characters have been written to the current line. Only used when encoding. We use it to
- * make sure each encoded line never goes beyond lineLength (if lineLength > 0).
- */
- private int currentLinePos;
-
- /**
- * Writes to the buffer only occur after every 3 reads when encoding, an every 4 reads when decoding. This variable
- * helps track that.
- */
- private int modulus;
-
- /**
- * Boolean flag to indicate the EOF has been reached. Once EOF has been reached, this Base64 object becomes useless,
- * and must be thrown away.
- */
- private boolean eof;
-
- /**
- * Place holder for the 3 bytes we're dealing with for our base64 logic. Bitwise operations store and extract the
- * base64 encoding or decoding from this variable.
- */
- private int x;
-
- /**
- * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
- * <p>
- * When encoding the line length is 76, the line separator is CRLF, and the encoding table is STANDARD_ENCODE_TABLE.
- * </p>
- *
- * <p>
- * When decoding all variants are supported.
- * </p>
- */
- public Base64() {
- this(false);
- }
-
- /**
- * Creates a Base64 codec used for decoding (all modes) and encoding in the given URL-safe mode.
- * <p>
- * When encoding the line length is 76, the line separator is CRLF, and the encoding table is STANDARD_ENCODE_TABLE.
- * </p>
- *
- * <p>
- * When decoding all variants are supported.
- * </p>
- *
- * @param urlSafe
- * if <code>true</code>, URL-safe encoding is used. In most cases this should be set to
- * <code>false</code>.
- * @since 1.4
- */
- public Base64(boolean urlSafe) {
- this(CHUNK_SIZE, CHUNK_SEPARATOR, urlSafe);
- }
-
- /**
- * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
- * <p>
- * When encoding the line length is given in the constructor, the line separator is CRLF, and the encoding table is
- * STANDARD_ENCODE_TABLE.
- * </p>
- * <p>
- * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
- * </p>
- * <p>
- * When decoding all variants are supported.
- * </p>
- *
- * @param lineLength
- * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
- * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
- * @since 1.4
- */
- public Base64(int lineLength) {
- this(lineLength, CHUNK_SEPARATOR);
- }
-
- /**
- * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
- * <p>
- * When encoding the line length and line separator are given in the constructor, and the encoding table is
- * STANDARD_ENCODE_TABLE.
- * </p>
- * <p>
- * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
- * </p>
- * <p>
- * When decoding all variants are supported.
- * </p>
- *
- * @param lineLength
- * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
- * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
- * @param lineSeparator
- * Each line of encoded data will end with this sequence of bytes.
- * @throws IllegalArgumentException
- * Thrown when the provided lineSeparator included some base64 characters.
- * @since 1.4
- */
- public Base64(int lineLength, byte[] lineSeparator) {
- this(lineLength, lineSeparator, false);
- }
-
- /**
- * Creates a Base64 codec used for decoding (all modes) and encoding in URL-unsafe mode.
- * <p>
- * When encoding the line length and line separator are given in the constructor, and the encoding table is
- * STANDARD_ENCODE_TABLE.
- * </p>
- * <p>
- * Line lengths that aren't multiples of 4 will still essentially end up being multiples of 4 in the encoded data.
- * </p>
- * <p>
- * When decoding all variants are supported.
- * </p>
- *
- * @param lineLength
- * Each line of encoded data will be at most of the given length (rounded down to nearest multiple of 4).
- * If lineLength <= 0, then the output will not be divided into lines (chunks). Ignored when decoding.
- * @param lineSeparator
- * Each line of encoded data will end with this sequence of bytes.
- * @param urlSafe
- * Instead of emitting '+' and '/' we emit '-' and '_' respectively. urlSafe is only applied to encode
- * operations. Decoding seamlessly handles both modes.
- * @throws IllegalArgumentException
- * The provided lineSeparator included some base64 characters. That's not going to work!
- * @since 1.4
- */
- public Base64(int lineLength, byte[] lineSeparator, boolean urlSafe) {
- if (lineSeparator == null) {
- lineLength = 0; // disable chunk-separating
- lineSeparator = CHUNK_SEPARATOR; // this just gets ignored
- }
- this.lineLength = lineLength > 0 ? (lineLength / 4) * 4 : 0;
- this.lineSeparator = new byte[lineSeparator.length];
- System.arraycopy(lineSeparator, 0, this.lineSeparator, 0, lineSeparator.length);
- if (lineLength > 0) {
- this.encodeSize = 4 + lineSeparator.length;
- } else {
- this.encodeSize = 4;
- }
- this.decodeSize = this.encodeSize - 1;
- if (containsBase64Byte(lineSeparator)) {
- String sep = UTF8.toString(lineSeparator);
- throw new IllegalArgumentException("lineSeperator must not contain base64 characters: [" + sep + "]");
- }
- this.encodeTable = urlSafe ? URL_SAFE_ENCODE_TABLE : STANDARD_ENCODE_TABLE;
- }
-
- /**
- * Returns our current encode mode. True if we're URL-SAFE, false otherwise.
- *
- * @return true if we're in URL-SAFE mode, false otherwise.
- * @since 1.4
- */
- public boolean isUrlSafe() {
- return this.encodeTable == URL_SAFE_ENCODE_TABLE;
- }
-
- /**
- * Returns true if this Base64 object has buffered data for reading.
- *
- * @return true if there is Base64 object still available for reading.
- */
- boolean hasData() {
- return this.buffer != null;
- }
-
- /**
- * Returns the amount of buffered data available for reading.
- *
- * @return The amount of buffered data available for reading.
- */
- int avail() {
- return buffer != null ? pos - readPos : 0;
- }
-
- /** Doubles our buffer. */
- private void resizeBuffer() {
- if (buffer == null) {
- buffer = new byte[DEFAULT_BUFFER_SIZE];
- pos = 0;
- readPos = 0;
- } else {
- byte[] b = new byte[buffer.length * DEFAULT_BUFFER_RESIZE_FACTOR];
- System.arraycopy(buffer, 0, b, 0, buffer.length);
- buffer = b;
- }
- }
-
- /**
- * Extracts buffered data into the provided byte[] array, starting at position bPos, up to a maximum of bAvail
- * bytes. Returns how many bytes were actually extracted.
- *
- * @param b
- * byte[] array to extract the buffered data into.
- * @param bPos
- * position in byte[] array to start extraction at.
- * @param bAvail
- * amount of bytes we're allowed to extract. We may extract fewer (if fewer are available).
- * @return The number of bytes successfully extracted into the provided byte[] array.
- */
- int readResults(byte[] b, int bPos, int bAvail) {
- if (buffer != null) {
- int len = Math.min(avail(), bAvail);
- if (buffer != b) {
- System.arraycopy(buffer, readPos, b, bPos, len);
- readPos += len;
- if (readPos >= pos) {
- buffer = null;
- }
- } else {
- // Re-using the original consumer's output array is only
- // allowed for one round.
- buffer = null;
- }
- return len;
- }
- return eof ? -1 : 0;
- }
-
- /**
- * Sets the streaming buffer. This is a small optimization where we try to buffer directly to the consumer's output
- * array for one round (if the consumer calls this method first) instead of starting our own buffer.
- *
- * @param out
- * byte[] array to buffer directly to.
- * @param outPos
- * Position to start buffering into.
- * @param outAvail
- * Amount of bytes available for direct buffering.
- */
- void setInitialBuffer(byte[] out, int outPos, int outAvail) {
- // We can re-use consumer's original output array under
- // special circumstances, saving on some System.arraycopy().
- if (out != null && out.length == outAvail) {
- buffer = out;
- pos = outPos;
- readPos = outPos;
- }
- }
-
- /**
- * <p>
- * Encodes all of the provided data, starting at inPos, for inAvail bytes. Must be called at least twice: once with
- * the data to encode, and once with inAvail set to "-1" to alert encoder that EOF has been reached, so flush last
- * remaining bytes (if not multiple of 3).
- * </p>
- * <p>
- * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
- * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
- * </p>
- *
- * @param in
- * byte[] array of binary data to base64 encode.
- * @param inPos
- * Position to start reading data from.
- * @param inAvail
- * Amount of bytes available from input for encoding.
- */
- void encode(byte[] in, int inPos, int inAvail) {
- if (eof) {
- return;
- }
- // inAvail < 0 is how we're informed of EOF in the underlying data we're
- // encoding.
- if (inAvail < 0) {
- eof = true;
- if (buffer == null || buffer.length - pos < encodeSize) {
- resizeBuffer();
- }
- switch (modulus) {
- case 1 :
- buffer[pos++] = encodeTable[(x >> 2) & MASK_6BITS];
- buffer[pos++] = encodeTable[(x << 4) & MASK_6BITS];
- // URL-SAFE skips the padding to further reduce size.
- if (encodeTable == STANDARD_ENCODE_TABLE) {
- buffer[pos++] = PAD;
- buffer[pos++] = PAD;
- }
- break;
-
- case 2 :
- buffer[pos++] = encodeTable[(x >> 10) & MASK_6BITS];
- buffer[pos++] = encodeTable[(x >> 4) & MASK_6BITS];
- buffer[pos++] = encodeTable[(x << 2) & MASK_6BITS];
- // URL-SAFE skips the padding to further reduce size.
- if (encodeTable == STANDARD_ENCODE_TABLE) {
- buffer[pos++] = PAD;
- }
- break;
- }
- if (lineLength > 0 && pos > 0) {
- System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
- pos += lineSeparator.length;
- }
- } else {
- for (int i = 0; i < inAvail; i++) {
- if (buffer == null || buffer.length - pos < encodeSize) {
- resizeBuffer();
- }
- modulus = (++modulus) % 3;
- int b = in[inPos++];
- if (b < 0) {
- b += 256;
- }
- x = (x << 8) + b;
- if (0 == modulus) {
- buffer[pos++] = encodeTable[(x >> 18) & MASK_6BITS];
- buffer[pos++] = encodeTable[(x >> 12) & MASK_6BITS];
- buffer[pos++] = encodeTable[(x >> 6) & MASK_6BITS];
- buffer[pos++] = encodeTable[x & MASK_6BITS];
- currentLinePos += 4;
- if (lineLength > 0 && lineLength <= currentLinePos) {
- System.arraycopy(lineSeparator, 0, buffer, pos, lineSeparator.length);
- pos += lineSeparator.length;
- currentLinePos = 0;
- }
- }
- }
- }
- }
-
- /**
- * <p>
- * Decodes all of the provided data, starting at inPos, for inAvail bytes. Should be called at least twice: once
- * with the data to decode, and once with inAvail set to "-1" to alert decoder that EOF has been reached. The "-1"
- * call is not necessary when decoding, but it doesn't hurt, either.
- * </p>
- * <p>
- * Ignores all non-base64 characters. This is how chunked (e.g. 76 character) data is handled, since CR and LF are
- * silently ignored, but has implications for other bytes, too. This method subscribes to the garbage-in,
- * garbage-out philosophy: it will not check the provided data for validity.
- * </p>
- * <p>
- * Thanks to "commons" project in ws.apache.org for the bitwise operations, and general approach.
- * http://svn.apache.org/repos/asf/webservices/commons/trunk/modules/util/
- * </p>
- *
- * @param in
- * byte[] array of ascii data to base64 decode.
- * @param inPos
- * Position to start reading data from.
- * @param inAvail
- * Amount of bytes available from input for encoding.
- */
- void decode(byte[] in, int inPos, int inAvail) {
- if (eof) {
- return;
- }
- if (inAvail < 0) {
- eof = true;
- }
- for (int i = 0; i < inAvail; i++) {
- if (buffer == null || buffer.length - pos < decodeSize) {
- resizeBuffer();
- }
- byte b = in[inPos++];
- if (b == PAD) {
- // We're done.
- eof = true;
- break;
- } else {
- if (b >= 0 && b < DECODE_TABLE.length) {
- int result = DECODE_TABLE[b];
- if (result >= 0) {
- modulus = (++modulus) % 4;
- x = (x << 6) + result;
- if (modulus == 0) {
- buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
- buffer[pos++] = (byte) ((x >> 8) & MASK_8BITS);
- buffer[pos++] = (byte) (x & MASK_8BITS);
- }
- }
- }
- }
- }
-
- // Two forms of EOF as far as base64 decoder is concerned: actual
- // EOF (-1) and first time '=' character is encountered in stream.
- // This approach makes the '=' padding characters completely optional.
- if (eof && modulus != 0) {
- x = x << 6;
- switch (modulus) {
- case 2 :
- x = x << 6;
- buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
- break;
- case 3 :
- buffer[pos++] = (byte) ((x >> 16) & MASK_8BITS);
- buffer[pos++] = (byte) ((x >> 8) & MASK_8BITS);
- break;
- }
- }
- }
-
- /**
- * Returns whether or not the <code>octet</code> is in the base 64 alphabet.
- *
- * @param octet
- * The value to test
- * @return <code>true</code> if the value is defined in the the base 64 alphabet, <code>false</code> otherwise.
- * @since 1.4
- */
- public static boolean isBase64(byte octet) {
- return octet == PAD || (octet >= 0 && octet < DECODE_TABLE.length && DECODE_TABLE[octet] != -1);
- }
-
- /**
- * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet. Currently the
- * method treats whitespace as valid.
- *
- * @param arrayOctet
- * byte array to test
- * @return <code>true</code> if all bytes are valid characters in the Base64 alphabet or if the byte array is empty;
- * false, otherwise
- */
- public static boolean isArrayByteBase64(byte[] arrayOctet) {
- for (int i = 0; i < arrayOctet.length; i++) {
- if (!isBase64(arrayOctet[i]) && !isWhiteSpace(arrayOctet[i])) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Tests a given byte array to see if it contains only valid characters within the Base64 alphabet.
- *
- * @param arrayOctet
- * byte array to test
- * @return <code>true</code> if any byte is a valid character in the Base64 alphabet; false herwise
- */
- private static boolean containsBase64Byte(byte[] arrayOctet) {
- for (int i = 0; i < arrayOctet.length; i++) {
- if (isBase64(arrayOctet[i])) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * Encodes binary data using the base64 algorithm but does not chunk the output.
- *
- * @param binaryData
- * binary data to encode
- * @return byte[] containing Base64 characters in their UTF-8 representation.
- */
- public static byte[] encodeBase64(byte[] binaryData) {
- return encodeBase64(binaryData, false);
- }
-
- /**
- * Encodes binary data using the base64 algorithm into 76 character blocks separated by CRLF.
- *
- * @param binaryData
- * binary data to encode
- * @return String containing Base64 characters.
- * @since 1.4
- */
- public static String encodeBase64String(byte[] binaryData) {
- return UTF8.toString(encodeBase64(binaryData, true));
- }
-
- /**
- * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
- * url-safe variation emits - and _ instead of + and / characters.
- *
- * @param binaryData
- * binary data to encode
- * @return byte[] containing Base64 characters in their UTF-8 representation.
- * @since 1.4
- */
- public static byte[] encodeBase64URLSafe(byte[] binaryData) {
- return encodeBase64(binaryData, false, true);
- }
-
- /**
- * Encodes binary data using a URL-safe variation of the base64 algorithm but does not chunk the output. The
- * url-safe variation emits - and _ instead of + and / characters.
- *
- * @param binaryData
- * binary data to encode
- * @return String containing Base64 characters
- * @since 1.4
- */
- public static String encodeBase64URLSafeString(byte[] binaryData) {
- return UTF8.toString(encodeBase64(binaryData, false, true));
- }
-
- /**
- * Encodes binary data using the base64 algorithm and chunks the encoded output into 76 character blocks
- *
- * @param binaryData
- * binary data to encode
- * @return Base64 characters chunked in 76 character blocks
- */
- public static byte[] encodeBase64Chunked(byte[] binaryData) {
- return encodeBase64(binaryData, true);
- }
-
- /**
- * Decodes an Object using the base64 algorithm. This method is provided in order to satisfy the requirements of the
- * Decoder interface, and will throw a DecoderException if the supplied object is not of type byte[] or String.
- *
- * @param pObject
- * Object to decode
- * @return An object (of type byte[]) containing the binary data which corresponds to the byte[] or String supplied.
- */
- public Object decode(Object pObject) {
- if (pObject instanceof byte[]) {
- return decode((byte[]) pObject);
- } else if (pObject instanceof String) {
- return decode((String) pObject);
- } else {
- throw new IllegalArgumentException("Parameter supplied to Base64 decode is not a byte[] or a String");
- }
- }
-
- /**
- * Decodes a String containing containing characters in the Base64 alphabet.
- *
- * @param pArray
- * A String containing Base64 character data
- * @return a byte array containing binary data
- * @since 1.4
- */
- public byte[] decode(String pArray) {
- return decode(UTF8.toBytes(pArray));
- }
-
- /**
- * Decodes a byte[] containing containing characters in the Base64 alphabet.
- *
- * @param pArray
- * A byte array containing Base64 character data
- * @return a byte array containing binary data
- */
- public byte[] decode(byte[] pArray) {
- reset();
- if (pArray == null || pArray.length == 0) {
- return pArray;
- }
- long len = (pArray.length * 3) / 4;
- byte[] buf = new byte[(int) len];
- setInitialBuffer(buf, 0, buf.length);
- decode(pArray, 0, pArray.length);
- decode(pArray, 0, -1); // Notify decoder of EOF.
-
- // Would be nice to just return buf (like we sometimes do in the encode
- // logic), but we have no idea what the line-length was (could even be
- // variable). So we cannot determine ahead of time exactly how big an
- // array is necessary. Hence the need to construct a 2nd byte array to
- // hold the final result:
-
- byte[] result = new byte[pos];
- readResults(result, 0, result.length);
- return result;
- }
-
- /**
- * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
- *
- * @param binaryData
- * Array containing binary data to encode.
- * @param isChunked
- * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
- * @return Base64-encoded data.
- * @throws IllegalArgumentException
- * Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
- */
- public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) {
- return encodeBase64(binaryData, isChunked, false);
- }
-
- /**
- * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
- *
- * @param binaryData
- * Array containing binary data to encode.
- * @param isChunked
- * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
- * @param urlSafe
- * if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
- * @return Base64-encoded data.
- * @throws IllegalArgumentException
- * Thrown when the input array needs an output array bigger than {@link Integer#MAX_VALUE}
- * @since 1.4
- */
- public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe) {
- return encodeBase64(binaryData, isChunked, urlSafe, Integer.MAX_VALUE);
- }
-
- /**
- * Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
- *
- * @param binaryData
- * Array containing binary data to encode.
- * @param isChunked
- * if <code>true</code> this encoder will chunk the base64 output into 76 character blocks
- * @param urlSafe
- * if <code>true</code> this encoder will emit - and _ instead of the usual + and / characters.
- * @param maxResultSize
- * The maximum result size to accept.
- * @return Base64-encoded data.
- * @throws IllegalArgumentException
- * Thrown when the input array needs an output array bigger than maxResultSize
- * @since 1.4
- */
- public static byte[] encodeBase64(byte[] binaryData, boolean isChunked, boolean urlSafe, int maxResultSize) {
- if (binaryData == null || binaryData.length == 0) {
- return binaryData;
- }
-
- long len = getEncodeLength(binaryData, CHUNK_SIZE, CHUNK_SEPARATOR);
- if (len > maxResultSize) {
- throw new IllegalArgumentException("Input array too big, the output array would be bigger (" +
- len +
- ") than the specified maxium size of " +
- maxResultSize);
- }
-
- Base64 b64 = isChunked ? new Base64(urlSafe) : new Base64(0, CHUNK_SEPARATOR, urlSafe);
- return b64.encode(binaryData);
- }
-
- /**
- * Decodes a Base64 String into octets
- *
- * @param base64String
- * String containing Base64 data
- * @return Array containing decoded data.
- * @since 1.4
- */
- public static byte[] decodeBase64(String base64String) {
- return new Base64().decode(base64String);
- }
-
- /**
- * Decodes Base64 data into octets
- *
- * @param base64Data
- * Byte array containing Base64 data
- * @return Array containing decoded data.
- */
- public static byte[] decodeBase64(byte[] base64Data) {
- return new Base64().decode(base64Data);
- }
-
- /**
- * Discards any whitespace from a base-64 encoded block.
- *
- * @param data
- * The base-64 encoded data to discard the whitespace from.
- * @return The data, less whitespace (see RFC 2045).
- * @deprecated This method is no longer needed
- */
- static byte[] discardWhitespace(byte[] data) {
- byte groomedData[] = new byte[data.length];
- int bytesCopied = 0;
- for (int i = 0; i < data.length; i++) {
- switch (data[i]) {
- case ' ' :
- case '\n' :
- case '\r' :
- case '\t' :
- break;
- default :
- groomedData[bytesCopied++] = data[i];
- }
- }
- byte packedData[] = new byte[bytesCopied];
- System.arraycopy(groomedData, 0, packedData, 0, bytesCopied);
- return packedData;
- }
-
- /**
- * Checks if a byte value is whitespace or not.
- *
- * @param byteToCheck
- * the byte to check
- * @return true if byte is whitespace, false otherwise
- */
- private static boolean isWhiteSpace(byte byteToCheck) {
- switch (byteToCheck) {
- case ' ' :
- case '\n' :
- case '\r' :
- case '\t' :
- return true;
- default :
- return false;
- }
- }
-
- // Implementation of the Encoder Interface
-
- /**
- * Encodes an Object using the base64 algorithm. This method is provided in order to satisfy the requirements of the
- * Encoder interface, and will throw an EncoderException if the supplied object is not of type byte[].
- *
- * @param pObject
- * Object to encode
- * @return An object (of type byte[]) containing the base64 encoded data which corresponds to the byte[] supplied.
- */
- public Object encode(Object pObject) {
- if (!(pObject instanceof byte[])) {
- throw new IllegalArgumentException("Parameter supplied to Base64 encode is not a byte[]");
- }
- return encode((byte[]) pObject);
- }
-
- /**
- * Encodes a byte[] containing binary data, into a String containing characters in the Base64 alphabet.
- *
- * @param pArray
- * a byte array containing binary data
- * @return A String containing only Base64 character data
- * @since 1.4
- */
- public String encodeToString(byte[] pArray) {
- return UTF8.toString(encode(pArray));
- }
-
- /**
- * Encodes a byte[] containing binary data, into a byte[] containing characters in the Base64 alphabet.
- *
- * @param pArray
- * a byte array containing binary data
- * @return A byte array containing only Base64 character data
- */
- public byte[] encode(byte[] pArray) {
- reset();
- if (pArray == null || pArray.length == 0) {
- return pArray;
- }
- long len = getEncodeLength(pArray, lineLength, lineSeparator);
- byte[] buf = new byte[(int) len];
- setInitialBuffer(buf, 0, buf.length);
- encode(pArray, 0, pArray.length);
- encode(pArray, 0, -1); // Notify encoder of EOF.
- // Encoder might have resized, even though it was unnecessary.
- if (buffer != buf) {
- readResults(buf, 0, buf.length);
- }
- // In URL-SAFE mode we skip the padding characters, so sometimes our
- // final length is a bit smaller.
- if (isUrlSafe() && pos < buf.length) {
- byte[] smallerBuf = new byte[pos];
- System.arraycopy(buf, 0, smallerBuf, 0, pos);
- buf = smallerBuf;
- }
- return buf;
- }
-
- /**
- * Pre-calculates the amount of space needed to base64-encode the supplied array.
- *
- * @param pArray byte[] array which will later be encoded
- * @param chunkSize line-length of the output (<= 0 means no chunking) between each
- * chunkSeparator (e.g. CRLF).
- * @param chunkSeparator the sequence of bytes used to separate chunks of output (e.g. CRLF).
- *
- * @return amount of space needed to encoded the supplied array. Returns
- * a long since a max-len array will require Integer.MAX_VALUE + 33%.
- */
- private static long getEncodeLength(byte[] pArray, int chunkSize, byte[] chunkSeparator) {
- // base64 always encodes to multiples of 4.
- chunkSize = (chunkSize / 4) * 4;
-
- long len = (pArray.length * 4) / 3;
- long mod = len % 4;
- if (mod != 0) {
- len += 4 - mod;
- }
- if (chunkSize > 0) {
- boolean lenChunksPerfectly = len % chunkSize == 0;
- len += (len / chunkSize) * chunkSeparator.length;
- if (!lenChunksPerfectly) {
- len += chunkSeparator.length;
- }
- }
- return len;
- }
-
- // Implementation of integer encoding used for crypto
- /**
- * Decodes a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
- *
- * @param pArray
- * a byte array containing base64 character data
- * @return A BigInteger
- * @since 1.4
- */
- public static BigInteger decodeInteger(byte[] pArray) {
- return new BigInteger(1, decodeBase64(pArray));
- }
-
- /**
- * Encodes to a byte64-encoded integer according to crypto standards such as W3C's XML-Signature
- *
- * @param bigInt
- * a BigInteger
- * @return A byte array containing base64 character data
- * @throws NullPointerException
- * if null is passed in
- * @since 1.4
- */
- public static byte[] encodeInteger(BigInteger bigInt) {
- if (bigInt == null) {
- throw new NullPointerException("encodeInteger called with null parameter");
- }
- return encodeBase64(toIntegerBytes(bigInt), false);
- }
-
- /**
- * Returns a byte-array representation of a <code>BigInteger</code> without sign bit.
- *
- * @param bigInt
- * <code>BigInteger</code> to be converted
- * @return a byte array representation of the BigInteger parameter
- */
- static byte[] toIntegerBytes(BigInteger bigInt) {
- int bitlen = bigInt.bitLength();
- // round bitlen
- bitlen = ((bitlen + 7) >> 3) << 3;
- byte[] bigBytes = bigInt.toByteArray();
-
- if (((bigInt.bitLength() % 8) != 0) && (((bigInt.bitLength() / 8) + 1) == (bitlen / 8))) {
- return bigBytes;
- }
- // set up params for copying everything but sign bit
- int startSrc = 0;
- int len = bigBytes.length;
-
- // if bigInt is exactly byte-aligned, just skip signbit in copy
- if ((bigInt.bitLength() % 8) == 0) {
- startSrc = 1;
- len--;
- }
- int startDst = bitlen / 8 - len; // to pad w/ nulls as per spec
- byte[] resizedBytes = new byte[bitlen / 8];
- System.arraycopy(bigBytes, startSrc, resizedBytes, startDst, len);
- return resizedBytes;
- }
-
- /**
- * Resets this Base64 object to its initial newly constructed state.
- */
- private void reset() {
- buffer = null;
- pos = 0;
- readPos = 0;
- currentLinePos = 0;
- modulus = 0;
- eof = false;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/bc5c276e/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64InputStream.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64InputStream.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64InputStream.java
deleted file mode 100644
index 02f83bd..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Base64InputStream.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.commons.ssl;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Provides Base64 encoding and decoding in a streaming fashion (unlimited size). When encoding the default lineLength
- * is 76 characters and the default lineEnding is CRLF, but these can be overridden by using the appropriate
- * constructor.
- * <p>
- * The default behaviour of the Base64InputStream is to DECODE, whereas the default behaviour of the Base64OutputStream
- * is to ENCODE, but this behaviour can be overridden by using a different constructor.
- * </p>
- * <p>
- * This class implements section <cite>6.8. Base64 Content-Transfer-Encoding</cite> from RFC 2045 <cite>Multipurpose
- * Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies</cite> by Freed and Borenstein.
- * </p>
- * <p>
- * Since this class operates directly on byte streams, and not character streams, it is hard-coded to only encode/decode
- * character encodings which are compatible with the lower 127 ASCII chart (ISO-8859-1, Windows-1252, UTF-8, etc).
- * </p>
- *
- * @author Apache Software Foundation
- * @version $Id: Base64InputStream.java 155 2009-09-17 21:00:58Z julius $
- * @see <a href="http://www.ietf.org/rfc/rfc2045.txt">RFC 2045</a>
- * @since 1.4
- */
-public class Base64InputStream extends FilterInputStream {
-
- private final boolean doEncode;
-
- private final Base64 base64;
-
- private final byte[] singleByte = new byte[1];
-
- /**
- * Creates a Base64InputStream such that all data read is Base64-decoded from the original provided InputStream.
- *
- * @param in
- * InputStream to wrap.
- */
- public Base64InputStream(InputStream in) {
- this(in, false);
- }
-
- /**
- * Creates a Base64InputStream such that all data read is either Base64-encoded or Base64-decoded from the original
- * provided InputStream.
- *
- * @param in
- * InputStream to wrap.
- * @param doEncode
- * true if we should encode all data read from us, false if we should decode.
- */
- public Base64InputStream(InputStream in, boolean doEncode) {
- super(in);
- this.doEncode = doEncode;
- this.base64 = new Base64();
- }
-
- /**
- * Creates a Base64InputStream such that all data read is either Base64-encoded or Base64-decoded from the original
- * provided InputStream.
- *
- * @param in
- * InputStream to wrap.
- * @param doEncode
- * true if we should encode all data read from us, false if we should decode.
- * @param lineLength
- * If doEncode is true, each line of encoded data will contain lineLength characters (rounded down to
- * nearest multiple of 4). If lineLength <=0, the encoded data is not divided into lines. If doEncode is
- * false, lineLength is ignored.
- * @param lineSeparator
- * If doEncode is true, each line of encoded data will be terminated with this byte sequence (e.g. \r\n).
- * If lineLength <= 0, the lineSeparator is not used. If doEncode is false lineSeparator is ignored.
- */
- public Base64InputStream(InputStream in, boolean doEncode, int lineLength, byte[] lineSeparator) {
- super(in);
- this.doEncode = doEncode;
- this.base64 = new Base64(lineLength, lineSeparator);
- }
-
- /**
- * Reads one <code>byte</code> from this input stream.
- *
- * @return the byte as an integer in the range 0 to 255. Returns -1 if EOF has been reached.
- * @throws java.io.IOException
- * if an I/O error occurs.
- */
- public int read() throws IOException {
- int r = read(singleByte, 0, 1);
- while (r == 0) {
- r = read(singleByte, 0, 1);
- }
- if (r > 0) {
- return singleByte[0] < 0 ? 256 + singleByte[0] : singleByte[0];
- }
- return -1;
- }
-
- /**
- * Attempts to read <code>len</code> bytes into the specified <code>b</code> array starting at <code>offset</code>
- * from this InputStream.
- *
- * @param b
- * destination byte array
- * @param offset
- * where to start writing the bytes
- * @param len
- * maximum number of bytes to read
- *
- * @return number of bytes read
- * @throws java.io.IOException
- * if an I/O error occurs.
- * @throws NullPointerException
- * if the byte array parameter is null
- * @throws IndexOutOfBoundsException
- * if offset, len or buffer size are invalid
- */
- public int read(byte b[], int offset, int len) throws IOException {
- if (b == null) {
- throw new NullPointerException();
- } else if (offset < 0 || len < 0) {
- throw new IndexOutOfBoundsException();
- } else if (offset > b.length || offset + len > b.length) {
- throw new IndexOutOfBoundsException();
- } else if (len == 0) {
- return 0;
- } else {
- if (!base64.hasData()) {
- byte[] buf = new byte[doEncode ? 4096 : 8192];
- int c = in.read(buf);
- // A little optimization to avoid System.arraycopy()
- // when possible.
- if (c > 0 && b.length == len) {
- base64.setInitialBuffer(b, offset, len);
- }
- if (doEncode) {
- base64.encode(buf, 0, c);
- } else {
- base64.decode(buf, 0, c);
- }
- }
- return base64.readResults(b, offset, len);
- }
- }
-
- /**
- * {@inheritDoc}
- *
- * @return false
- */
- public boolean markSupported() {
- return false; // not an easy job to support marks
- }
-}