You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2020/06/11 12:42:08 UTC
[tomcat] branch 9.0.x updated: Move toPEM to PEMFile
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 886f96d Move toPEM to PEMFile
886f96d is described below
commit 886f96de122b5692e949f76047d37d70f175ae64
Author: remm <re...@apache.org>
AuthorDate: Thu Jun 11 14:40:34 2020 +0200
Move toPEM to PEMFile
Also remove obsolete class comment since it now supports more formats.
---
.../org/apache/catalina/valves/rewrite/ResolverImpl.java | 16 +++-------------
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 15 ++++++++++++---
2 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index 7b30227..01afcff 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -33,9 +33,9 @@ import java.util.concurrent.TimeUnit;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
import org.apache.catalina.connector.Request;
-import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.http.FastHttpDateFormat;
import org.apache.tomcat.util.net.SSLSupport;
+import org.apache.tomcat.util.net.jsse.PEMFile;
import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
import org.apache.tomcat.util.net.openssl.ciphers.EncryptionLevel;
import org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser;
@@ -267,13 +267,13 @@ public class ResolverImpl extends Resolver {
return certificates[0].getPublicKey().getAlgorithm();
} else if (key.equals("CERT")) {
try {
- return toPEM(certificates[0]);
+ return PEMFile.toPEM(certificates[0]);
} catch (CertificateEncodingException e) {
}
} else if (key.startsWith("CERT_CHAIN_")) {
key = key.substring("CERT_CHAIN_".length());
try {
- return toPEM(certificates[Integer.parseInt(key)]);
+ return PEMFile.toPEM(certificates[Integer.parseInt(key)]);
} catch (NumberFormatException | ArrayIndexOutOfBoundsException
| CertificateEncodingException e) {
// Ignore
@@ -317,16 +317,6 @@ public class ResolverImpl extends Resolver {
return null;
}
- private String toPEM(X509Certificate certificate) throws CertificateEncodingException {
- StringBuilder result = new StringBuilder();
- result.append("-----BEGIN CERTIFICATE-----");
- result.append(System.lineSeparator());
- Base64 b64 = new Base64(64);
- result.append(b64.encodeAsString(certificate.getEncoded()));
- result.append("-----END CERTIFICATE-----");
- return result.toString();
- }
-
@Override
public String resolveHttp(String key) {
String header = request.getHeader(key);
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index 0dd4aef..02f54ca 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -27,6 +27,7 @@ import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PrivateKey;
+import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -50,9 +51,7 @@ import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
/**
- * RFC 1421 PEM file containing X509 certificates or private keys (PKCS#8 only,
- * i.e. with boundaries containing "BEGIN PRIVATE KEY" or "BEGIN ENCRYPTED PRIVATE KEY",
- * not "BEGIN RSA PRIVATE KEY" or other variations).
+ * RFC 1421 PEM file containing X509 certificates or private keys.
*/
public class PEMFile {
@@ -61,6 +60,16 @@ public class PEMFile {
private static final byte[] OID_EC_PUBLIC_KEY =
new byte[] { 0x06, 0x07, 0x2A, (byte) 0x86, 0x48, (byte) 0xCE, 0x3D, 0x02, 0x01 };
+ public static String toPEM(X509Certificate certificate) throws CertificateEncodingException {
+ StringBuilder result = new StringBuilder();
+ result.append("-----BEGIN CERTIFICATE-----");
+ result.append(System.lineSeparator());
+ Base64 b64 = new Base64(64);
+ result.append(b64.encodeAsString(certificate.getEncoded()));
+ result.append("-----END CERTIFICATE-----");
+ return result.toString();
+ }
+
private String filename;
private List<X509Certificate> certificates = new ArrayList<>();
private PrivateKey privateKey;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org