summaryrefslogtreecommitdiff
path: root/gnu/javax/net/ssl/provider/Certificate.java
diff options
context:
space:
mode:
authorCasey Marshall <csm@gnu.org>2006-08-14 22:36:17 +0000
committerCasey Marshall <csm@gnu.org>2006-08-14 22:36:17 +0000
commit8c09ba9b0bb2b3c6768d7bf7849bf5e096efdc16 (patch)
tree2385de1ad71e083a0394a98b0865c95187cfeb76 /gnu/javax/net/ssl/provider/Certificate.java
parent32bb0e9c211961fbade190535b8041ece5df772c (diff)
downloadclasspath-8c09ba9b0bb2b3c6768d7bf7849bf5e096efdc16.tar.gz
2006-08-14 Casey Marshall <csm@gnu.org>
Merge in ssl-nio-branch work. See `ChangeLog-ssl-nio' for a record of changes made on this branch. Files modified: * gnu/classpath/debug/Component.java * gnu/classpath/debug/SystemLogger.java * gnu/java/security/action/GetPropertyAction.java * gnu/java/security/action/GetSecurityPropertyAction.java * gnu/javax/crypto/RSACipherImpl.java * gnu/javax/net/ssl/PrivateCredentials.java * gnu/javax/net/ssl/provider/Alert.java * gnu/javax/net/ssl/provider/AlertException.java * gnu/javax/net/ssl/provider/Certificate.java * gnu/javax/net/ssl/provider/CertificateRequest.java * gnu/javax/net/ssl/provider/CertificateType.java * gnu/javax/net/ssl/provider/CertificateVerify.java * gnu/javax/net/ssl/provider/CipherSuite.java * gnu/javax/net/ssl/provider/ClientHello.java * gnu/javax/net/ssl/provider/ClientKeyExchange.java * gnu/javax/net/ssl/provider/CompressionMethod.java * gnu/javax/net/ssl/provider/Constructed.java * gnu/javax/net/ssl/provider/ContentType.java * gnu/javax/net/ssl/provider/DiffieHellman.java * gnu/javax/net/ssl/provider/Extension.java * gnu/javax/net/ssl/provider/Finished.java * gnu/javax/net/ssl/provider/Handshake.java * gnu/javax/net/ssl/provider/Jessie.java * gnu/javax/net/ssl/provider/ProtocolVersion.java * gnu/javax/net/ssl/provider/Random.java * gnu/javax/net/ssl/provider/ServerHello.java * gnu/javax/net/ssl/provider/ServerKeyExchange.java * gnu/javax/net/ssl/provider/Signature.java * gnu/javax/net/ssl/provider/Util.java * gnu/javax/net/ssl/provider/X509KeyManagerFactory.java * gnu/javax/net/ssl/provider/X509TrustManagerFactory.java * java/security/MessageDigest.java * java/security/MessageDigestSpi.java * java/security/Signature.java * java/security/SignatureSpi.java * javax/crypto/Mac.java * javax/crypto/MacSpi.java * javax/net/ssl/HandshakeCompletedEvent.java * javax/net/ssl/HttpsURLConnection.java * javax/net/ssl/SSLContext.java * javax/net/ssl/SSLContextSpi.java * javax/net/ssl/SSLSession.java Files added: * gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java * gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java * gnu/javax/net/ssl/provider/SimpleSessionContext.java * gnu/javax/net/ssl/provider/ServerRSAParams.java * gnu/javax/net/ssl/provider/SSLContextImpl.java * gnu/javax/net/ssl/provider/ServerDHParams.java * gnu/javax/net/ssl/provider/ClientHelloBuilder.java * gnu/javax/net/ssl/provider/ClientDHE_PSKParameters.java * gnu/javax/net/ssl/provider/SignatureAlgorithm.java * gnu/javax/net/ssl/provider/CipherSuiteList.java * gnu/javax/net/ssl/provider/ServerNameList.java * gnu/javax/net/ssl/provider/SSLServerSocketImpl.java * gnu/javax/net/ssl/provider/CompressionMethodList.java * gnu/javax/net/ssl/provider/ServerRSA_PSKParameters.java * gnu/javax/net/ssl/provider/ClientKeyExchangeBuilder.java * gnu/javax/net/ssl/provider/TrustedAuthorities.java * gnu/javax/net/ssl/provider/CertificateStatusRequest.java * gnu/javax/net/ssl/provider/ServerHelloDone.java * gnu/javax/net/ssl/provider/ServerDHE_PSKParameters.java * gnu/javax/net/ssl/provider/SSLSocketImpl.java * gnu/javax/net/ssl/provider/ServerHelloBuilder.java * gnu/javax/net/ssl/provider/Record.java * gnu/javax/net/ssl/provider/SSLRSASignatureImpl.java * gnu/javax/net/ssl/provider/EncryptedPreMasterSecret.java * gnu/javax/net/ssl/provider/PreSharedKeyManagerFactoryImpl.java * gnu/javax/net/ssl/provider/KeyExchangeAlgorithm.java * gnu/javax/net/ssl/provider/SSLServerSocketFactoryImpl.java * gnu/javax/net/ssl/provider/CertificateBuilder.java * gnu/javax/net/ssl/provider/ClientRSA_PSKParameters.java * gnu/javax/net/ssl/provider/CertificateStatusType.java * gnu/javax/net/ssl/provider/ExtensionList.java * gnu/javax/net/ssl/provider/ClientCertificateTypeList.java * gnu/javax/net/ssl/provider/ClientPSKParameters.java * gnu/javax/net/ssl/provider/X500PrincipalList.java * gnu/javax/net/ssl/provider/ServerHandshake.java * gnu/javax/net/ssl/provider/ClientDiffieHellmanPublic.java * gnu/javax/net/ssl/provider/SessionImpl.java * gnu/javax/net/ssl/provider/SSLSocketFactoryImpl.java * gnu/javax/net/ssl/provider/ServerPSKParameters.java * gnu/javax/net/ssl/provider/TruncatedHMAC.java * gnu/javax/net/ssl/provider/MaxFragmentLength.java * gnu/javax/net/ssl/provider/HelloRequest.java * gnu/javax/net/ssl/provider/ServerKeyExchangeParams.java * gnu/javax/net/ssl/provider/UnresolvedExtensionValue.java * gnu/javax/net/ssl/provider/CipherAlgorithm.java * gnu/javax/net/ssl/provider/ClientHandshake.java * gnu/javax/net/ssl/provider/ExchangeKeys.java * gnu/javax/net/ssl/provider/CertificateURL.java * gnu/javax/net/ssl/provider/EmptyExchangeKeys.java * gnu/javax/net/ssl/provider/CertificateRequestBuilder.java * gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java * gnu/javax/net/ssl/provider/Builder.java * gnu/javax/net/ssl/provider/Debug.java * gnu/javax/net/ssl/provider/SSLEngineImpl.java * gnu/javax/net/ssl/provider/MacAlgorithm.java * gnu/javax/net/ssl/provider/DelegatedTask.java * gnu/javax/net/ssl/provider/InputSecurityParameters.java * gnu/javax/net/ssl/provider/ClientHelloV2.java * gnu/javax/net/ssl/provider/OutputSecurityParameters.java * gnu/javax/net/ssl/provider/AbstractHandshake.java * javax/net/ssl/SSLEngine.java * javax/net/ssl/CertPathTrustManagerParameters.java * javax/net/ssl/KeyStoreBuilderParameters.java * javax/net/ssl/X509ExtendedKeyManager.java * javax/net/ssl/SSLEngineResult.java * gnu/javax/net/ssl/PreSharedKeyManager.java * gnu/javax/net/ssl/Session.java * gnu/javax/net/ssl/PreSharedKeyManagerParameters.java * gnu/javax/net/ssl/SSLCipherSuite.java * gnu/javax/net/ssl/AbstractSessionContext.java * gnu/javax/net/ssl/SessionStoreException.java * gnu/javax/net/ssl/SSLRecordHandler.java * gnu/javax/net/ssl/SSLProtocolVersion.java * gnu/javax/crypto/key/GnuPBEKey.java * gnu/java/security/util/ByteBufferOutputStream.java * gnu/java/security/Requires.java * gnu/javax/security/auth/callback/CertificateCallback.java Files removed: * gnu/javax/net/ssl/provider/Context.java * gnu/javax/net/ssl/provider/DigestInputStream.java * gnu/javax/net/ssl/provider/DigestOutputStream.java * gnu/javax/net/ssl/provider/Enumerated.java * gnu/javax/net/ssl/provider/Extensions.java * gnu/javax/net/ssl/provider/GNUSecurityParameters.java * gnu/javax/net/ssl/provider/JCESecurityParameters.java * gnu/javax/net/ssl/provider/JDBCSessionContext.java * gnu/javax/net/ssl/provider/JessieDHPrivateKey.java * gnu/javax/net/ssl/provider/JessieDHPublicKey.java * gnu/javax/net/ssl/provider/JessieRSAPrivateKey.java * gnu/javax/net/ssl/provider/JessieRSAPublicKey.java * gnu/javax/net/ssl/provider/KeyPool.java * gnu/javax/net/ssl/provider/OverflowException.java * gnu/javax/net/ssl/provider/RecordInput.java * gnu/javax/net/ssl/provider/RecordInputStream.java * gnu/javax/net/ssl/provider/RecordOutputStream.java * gnu/javax/net/ssl/provider/RecordingInputStream.java * gnu/javax/net/ssl/provider/SSLRSASignature.java * gnu/javax/net/ssl/provider/SSLServerSocket.java * gnu/javax/net/ssl/provider/SSLServerSocketFactory.java * gnu/javax/net/ssl/provider/SSLSocket.java * gnu/javax/net/ssl/provider/SSLSocketFactory.java * gnu/javax/net/ssl/provider/SSLSocketInputStream.java * gnu/javax/net/ssl/provider/SSLSocketOutputStream.java * gnu/javax/net/ssl/provider/SecurityParameters.java * gnu/javax/net/ssl/provider/Session.java * gnu/javax/net/ssl/provider/SessionContext.java * gnu/javax/net/ssl/provider/SynchronizedRandom.java * gnu/javax/net/ssl/provider/XMLSessionContext.java
Diffstat (limited to 'gnu/javax/net/ssl/provider/Certificate.java')
-rw-r--r--gnu/javax/net/ssl/provider/Certificate.java205
1 files changed, 94 insertions, 111 deletions
diff --git a/gnu/javax/net/ssl/provider/Certificate.java b/gnu/javax/net/ssl/provider/Certificate.java
index b1d6b2a01..8ff91e557 100644
--- a/gnu/javax/net/ssl/provider/Certificate.java
+++ b/gnu/javax/net/ssl/provider/Certificate.java
@@ -1,4 +1,4 @@
-/* Certificate.java -- SSL Certificate message.
+/* Certificate.java -- SSL certificate message.
Copyright (C) 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
@@ -38,157 +38,140 @@ exception statement from your version. */
package gnu.javax.net.ssl.provider;
-import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.EOFException;
-import java.io.InputStream;
-import java.io.IOException;
-import java.io.OutputStream;
import java.io.PrintWriter;
-import java.io.StringReader;
import java.io.StringWriter;
-import java.security.cert.CertificateEncodingException;
+import java.nio.ByteBuffer;
+import java.nio.ByteOrder;
+
+import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
+import java.util.Iterator;
import java.util.LinkedList;
-
-import javax.net.ssl.SSLProtocolException;
-
-final class Certificate implements Handshake.Body
+import java.util.List;
+
+/**
+ * The certificate object. This is used by both the client and the server
+ * to send their certificates (if any) to one another.
+ *
+ * <pre>opaque ASN.1Cert&lt;1..2^24-1&gt;;
+
+struct {
+ ASN.1Cert certificate_list&lt;0..2^24-1&gt;;
+} Certificate;</pre>
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class Certificate implements Handshake.Body
{
// Fields.
// -------------------------------------------------------------------------
- private final X509Certificate[] certs;
+ protected ByteBuffer buffer;
+ protected final CertificateType type;
// Constructors.
// -------------------------------------------------------------------------
- Certificate(X509Certificate[] certs)
+ public Certificate (final ByteBuffer buffer, final CertificateType type)
{
- if (certs == null)
- {
- throw new NullPointerException();
- }
- this.certs = certs;
+ buffer.getClass ();
+ type.getClass ();
+ this.buffer = buffer.duplicate().order(ByteOrder.BIG_ENDIAN);
+ this.type = type;
}
- // Class methods.
+ // Instance methods.
// -------------------------------------------------------------------------
- static Certificate read(InputStream in, CertificateType type)
- throws IOException
+ public int length ()
{
- if (type == CertificateType.X509)
- {
- int len = (in.read() & 0xFF) << 16 | (in.read() & 0xFF) << 8
- | (in.read() & 0xFF);
- byte[] buf = new byte[len];
- int count = 0;
- while (count < len)
- {
- int l = in.read(buf, count, len - count);
- if (l == -1)
- {
- throw new EOFException("unexpected end of stream");
- }
- count += l;
- }
- try
- {
- LinkedList certs = new LinkedList();
- CertificateFactory fact = CertificateFactory.getInstance("X.509");
- ByteArrayInputStream bin = new ByteArrayInputStream(buf);
- count = 0;
- while (count < len)
- {
- int len2 = (bin.read() & 0xFF) << 16 | (bin.read() & 0xFF) << 8
- | (bin.read() & 0xFF);
- certs.add(fact.generateCertificate(bin));
- count += len2 + 3;
- }
- return new Certificate((X509Certificate[])
- certs.toArray(new X509Certificate[certs.size()]));
- }
- catch (CertificateException ce)
- {
- SSLProtocolException sslpe = new SSLProtocolException(ce.getMessage());
- sslpe.initCause (ce);
- throw sslpe;
- }
- }
- else if (type == CertificateType.OPEN_PGP)
- {
- throw new UnsupportedOperationException("not yet implemented");
- }
- else
- throw new Error("unsupported certificate type "+type);
+ return (((buffer.get (0) & 0xFF) << 24)
+ | buffer.getShort (1)) + 3;
}
- // Instance methods.
- // -------------------------------------------------------------------------
-
- public void write(OutputStream out) throws IOException
+ public List<java.security.cert.Certificate> certificates ()
+ throws CertificateException, NoSuchAlgorithmException
{
- ByteArrayOutputStream bout = new ByteArrayOutputStream();
- try
- {
- for (int i = 0; i < certs.length; i++)
- {
- byte[] enc = certs[i].getEncoded();
- bout.write((enc.length >>> 16) & 0xFF);
- bout.write((enc.length >>> 8) & 0xFF);
- bout.write( enc.length & 0xFF);
- bout.write(enc);
- }
- }
- catch (CertificateEncodingException cee)
- {
- throw new Error("cannot encode certificates");
- }
- catch (IOException ignored)
+ LinkedList<java.security.cert.Certificate> list
+ = new LinkedList<java.security.cert.Certificate>();
+ CertificateFactory factory = CertificateFactory.getInstance(type.toString());
+ int length = (((buffer.get(0) & 0xFF) << 16)
+ | (buffer.getShort(1) & 0xFFFF));
+ ByteBuffer b = (ByteBuffer) buffer.duplicate().position(3);
+ for (int i = 3; i < length; )
{
+ int length2 = (((b.get () & 0xFF) << 16)
+ | (b.getShort () & 0xFFFF));
+ byte[] buf = new byte[length2];
+ b.position(i+3);
+ b.get (buf);
+ list.add(factory.generateCertificate (new ByteArrayInputStream (buf)));
+ i += length2 + 3;
+ b.position(i);
}
- out.write(bout.size() >>> 16 & 0xFF);
- out.write(bout.size() >>> 8 & 0xFF);
- out.write(bout.size() & 0xFF);
- bout.writeTo(out);
+ return list;
}
- X509Certificate[] getCertificates()
+ public String toString ()
{
- return certs;
+ return toString (null);
}
- public String toString()
+ public String toString (final String prefix)
{
StringWriter str = new StringWriter();
PrintWriter out = new PrintWriter(str);
- out.println("struct {");
- out.println(" certificateList =");
- for (int i = 0; i < certs.length; i++)
+ if (prefix != null)
+ out.print (prefix);
+ out.println ("struct {");
+ try
{
- BufferedReader r =
- new BufferedReader(new StringReader(certs[i].toString()));
- String s;
- try
- {
- while ((s = r.readLine()) != null)
- {
- out.print(" ");
- out.println(s);
- }
- }
- catch (IOException ignored)
+ List certs = certificates ();
+ if (prefix != null)
+ out.print (prefix);
+ out.print (" certificateList: [");
+ out.print (certs.size ());
+ out.println ("] {");
+ for (Iterator it = certs.iterator (); it.hasNext (); )
{
+ java.security.cert.Certificate cert =
+ (java.security.cert.Certificate) it.next ();
+ if (prefix != null)
+ out.print (prefix);
+ out.print (" ");
+ if (cert instanceof X509Certificate)
+ out.print (((X509Certificate) cert).getSubjectDN ());
+ else
+ out.print (cert);
+ out.println (";");
}
+ if (prefix != null)
+ out.print (prefix);
+ out.println (" };");
+ }
+ catch (CertificateException ce)
+ {
+ if (prefix != null)
+ out.print (prefix);
+ out.print (" ");
+ out.print (ce);
+ out.println (";");
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ if (prefix != null)
+ out.print (prefix);
+ out.print (" ");
+ out.print (nsae);
+ out.println (";");
}
- out.println("} Certificate;");
+ out.print ("} Certificate;");
return str.toString();
}
}
View Lorry Controller Status