diff options
| author | doko <doko@138bc75d-0d04-0410-961f-82ee72b054a4> | 2007-06-03 23:18:43 +0000 |
|---|---|---|
| committer | doko <doko@138bc75d-0d04-0410-961f-82ee72b054a4> | 2007-06-03 23:18:43 +0000 |
| commit | 5bf762459121cc397663d22498d62d71fa179ef6 (patch) | |
| tree | a9c9e7d91c484d53fe154f9285fc57325572ce50 /libjava/classpath/gnu/java/security | |
| parent | 6d7301dc346a198a89ac987c1008aac09f191ee6 (diff) | |
| download | ppe42-gcc-5bf762459121cc397663d22498d62d71fa179ef6.tar.gz ppe42-gcc-5bf762459121cc397663d22498d62d71fa179ef6.zip | |
libjava/classpath/ChangeLog.gcj:
2007-05-31 Matthias Klose <doko@ubuntu.com>
* javax/management/NotificationBroadcasterSupport.java
(getNotificationInfo): Add cast.
* native/jni/qt-peer/Makefile.am (AM_CXXFLAGS): Add libstdc++ include
directories.
* native/jni/qt-peer/Makefile.in: Regenerate.
libjava/ChangeLog:
2007-06-03 Matthias Klose <doko@ubuntu.com>
* java/io/natFileWin32.cc (setFilePermissions): New (stub only).
_access: Handle EXEC query, stub only.
2007-06-03 Matthias Klose <doko@ubuntu.com>
Merged from classpath:
* gnu/java/nio/SelectorProviderImpl.java: Whitespace merge.
* java/lang/System.java(inheritedChannel): New.
* java/lang/Character.java: Remove stray`;'.
* java/net/MulticastSocket.java: Merged.
* java/text/DateFormatSymbols.java(getInstance): New, comment updates.
* java/text/Collator.java(getInstance): Merged.
* java/util/Calendar.java: New attributes ALL_STYLES, SHORT, LONG.
getDisplayName, getDisplayNames: New.
* java/util/logging/Logger.java: Merged.
* Regenerate .class and .h files.
2007-06-03 Matthias Klose <doko@ubuntu.com>
* java/io/File.java: Merge with classpath-0.95, new method
setFilePermissions, new attribute EXEC.
* java/io/natFilePosix.cc (setFilePermissions): New.
_access: Handle EXEC query.
* classpath/lib/java/io/File.class, java/io/File.h: Regenerate.
2007-06-03 Matthias Klose <doko@ubuntu.com>
Imported GNU Classpath 0.95.
* classpath/Makefile.in,
classpath/native/jni/midi-dssi/Makefile.in,
classpath/native/jni/classpath/Makefile.in,
classpath/native/jni/Makefile.in,
classpath/native/jni/gconf-peer/Makefile.in,
classpath/native/jni/java-io/Makefile.in,
classpath/native/jni/native-lib/Makefile.in,
classpath/native/jni/java-util/Makefile.in,
classpath/native/jni/midi-alsa/Makefile.in,
classpath/native/jni/java-lang/Makefile.in,
classpath/native/jni/java-nio/Makefile.in,
classpath/native/jni/java-net/Makefile.in,
classpath/native/jni/xmlj/Makefile.in,
classpath/native/jni/qt-peer/Makefile.in,
classpath/native/jni/gtk-peer/Makefile.in,
classpath/native/Makefile.in, classpath/native/jawt/Makefile.in,
classpath/native/fdlibm/Makefile.in,
classpath/native/plugin/Makefile.in,
classpath/resource/Makefile.in, classpath/scripts/Makefile.in,
classpath/tools/Makefile.in, classpath/doc/Makefile.in,
classpath/doc/api/Makefile.in, classpath/lib/Makefile.in,
classpath/external/Makefile.in, classpath/external/jsr166/Makefile.in,
classpath/external/sax/Makefile.in,
classpath/external/w3c_dom/Makefile.in,
classpath/external/relaxngDatatype/Makefile.in,
classpath/include/Makefile.in,
classpath/examples/Makefile.in: Regenerate.
* classpath/config.guess, classpath/config.sub,
classpath/ltmain.sh : Update.
* classpath/configure, classpath/depcomp, classpath/missing,
classpath/aclocal.m4, classpath/install-sh: Regenerate.
* gnu/classpath/Configuration.java (CLASSPATH_VERSION): Now 0.95.
* sources.am: Regenerate.
* Makefile.in: Regenerate.
* Update the .class files and generated CNI header files, add new
.class and generated CNI header files.
* Remove generated files for removed java source files:
classpath/gnu/java/net/BASE64.java,
classpath/gnu/java/security/util/Base64.java,
classpath/gnu/java/awt/peer/gtk/GThreadMutex.java,
classpath/gnu/java/awt/peer/gtk/GThreadNativeMethodRunner.java,
classpath/gnu/java/awt/font/autofit/Scaler.java,
classpath/gnu/classpath/jdwp/util/Value.java,
classpath/gnu/javax/net/ssl/Base64.java.
* Remove empty directories.
* Makefile.am(nat_source_files): Add natVMOperatingSystemMXBeanImpl.cc.
* java/lang/Class.java(setAccessible): Merge from classpath.
* java/util/Locale.java: Remove.
* gnu/java/lang/management/VMOperatingSystemMXBeanImpl.java,
gnu/java/lang/management/natVMOperatingSystemMXBeanImpl.cc: New.
* gcj/javaprims.h: Update class declarations.
* scripts/classes.pl: Update usage.
* HACKING: Mention to build all peers.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@125302 138bc75d-0d04-0410-961f-82ee72b054a4
Diffstat (limited to 'libjava/classpath/gnu/java/security')
11 files changed, 657 insertions, 499 deletions
diff --git a/libjava/classpath/gnu/java/security/util/Base64.java b/libjava/classpath/gnu/java/security/util/Base64.java deleted file mode 100644 index 9b2ae12dc27..00000000000 --- a/libjava/classpath/gnu/java/security/util/Base64.java +++ /dev/null @@ -1,349 +0,0 @@ -/* Base64.java -- - Copyright (C) 2003, 2006 Free Software Foundation, Inc. - -This file is a part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or (at -your option) any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; if not, write to the Free Software -Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 -USA - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.util; - -import gnu.java.security.Configuration; - -import java.io.UnsupportedEncodingException; -import java.util.logging.Logger; - -/** - * Most of this implementation is from Robert Harder's public domain Base64 - * code (version 1.4.1 available from <http://iharder.net/xmlizable>). - */ -public class Base64 -{ - private static final Logger log = Logger.getLogger(Base64.class.getName()); - - /** Maximum line length (76) of Base64 output. */ - private static final int MAX_LINE_LENGTH = 76; - - /** The new line character (\n) as one byte. */ - private static final byte NEW_LINE = (byte) '\n'; - - /** The equals sign (=) as a byte. */ - private static final byte EQUALS_SIGN = (byte) '='; - - private static final byte WHITE_SPACE_ENC = -5; // white space in encoding - - private static final byte EQUALS_SIGN_ENC = -1; // equals sign in encoding - - /** The 64 valid Base64 values. */ - private static final byte[] ALPHABET = { - (byte) 'A', (byte) 'B', (byte) 'C', (byte) 'D', (byte) 'E', (byte) 'F', - (byte) 'G', (byte) 'H', (byte) 'I', (byte) 'J', (byte) 'K', (byte) 'L', - (byte) 'M', (byte) 'N', (byte) 'O', (byte) 'P', (byte) 'Q', (byte) 'R', - (byte) 'S', (byte) 'T', (byte) 'U', (byte) 'V', (byte) 'W', (byte) 'X', - (byte) 'Y', (byte) 'Z', (byte) 'a', (byte) 'b', (byte) 'c', (byte) 'd', - (byte) 'e', (byte) 'f', (byte) 'g', (byte) 'h', (byte) 'i', (byte) 'j', - (byte) 'k', (byte) 'l', (byte) 'm', (byte) 'n', (byte) 'o', (byte) 'p', - (byte) 'q', (byte) 'r', (byte) 's', (byte) 't', (byte) 'u', (byte) 'v', - (byte) 'w', (byte) 'x', (byte) 'y', (byte) 'z', (byte) '0', (byte) '1', - (byte) '2', (byte) '3', (byte) '4', (byte) '5', (byte) '6', (byte) '7', - (byte) '8', (byte) '9', (byte) '+', (byte) '/' - }; - - /** - * Translates a Base64 value to either its 6-bit reconstruction value or a - * negative number indicating some other meaning. - */ - private static final byte[] DECODABET = { - -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 0 - 8 - -5, -5, // Whitespace: Tab and Linefeed - -9, -9, // Decimal 11 - 12 - -5, // Whitespace: Carriage Return - -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 14 - 26 - -9, -9, -9, -9, -9, // Decimal 27 - 31 - -5, // Whitespace: Space - -9, -9, -9, -9, -9, -9, -9, -9, -9, -9, // Decimal 33 - 42 - 62, // Plus sign at decimal 43 - -9, -9, -9, // Decimal 44 - 46 - 63, // Slash at decimal 47 - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, // Numbers zero through nine - -9, -9, -9, // Decimal 58 - 60 - -1, // Equals sign at decimal 61 - -9, -9, -9, // Decimal 62 - 64 - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, // Letters 'A' through 'N' - 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, // Letters 'O' through 'Z' - -9, -9, -9, -9, -9, -9, // Decimal 91 - 96 - 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, // Letters 'a' through 'm' - 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, // Letters 'n' through 'z' - -9, -9, -9, -9 // Decimal 123 - 126 - }; - - /** Trivial private ctor to enfore Singleton pattern. */ - private Base64() - { - super(); - } - - /** - * Encodes a byte array into Base64 notation. Equivalent to calling - * <code>encode(source, 0, source.length)</code>. - * - * @param src the data to convert. - */ - public static final String encode(final byte[] src) - { - return encode(src, 0, src.length, true); - } - - /** - * Encodes a byte array into Base64 notation. - * - * @param src the data to convert. - * @param off offset in array where conversion should begin. - * @param len length of data to convert. - * @param breakLines break lines at 80 characters or less. - */ - public static final String encode(final byte[] src, final int off, - final int len, final boolean breakLines) - { - final int len43 = len * 4 / 3; - final byte[] outBuff = new byte[len43 // Main 4:3 - + ((len % 3) > 0 ? 4 : 0) // Account for padding - + (breakLines ? (len43 / MAX_LINE_LENGTH) - : 0)]; // New lines - int d = 0; - int e = 0; - final int len2 = len - 2; - int lineLength = 0; - for (; d < len2; d += 3, e += 4) - { - encode3to4(src, d + off, 3, outBuff, e); - lineLength += 4; - if (breakLines && lineLength == MAX_LINE_LENGTH) - { - outBuff[e + 4] = NEW_LINE; - e++; - lineLength = 0; - } - } - if (d < len) // padding needed - { - encode3to4(src, d + off, len - d, outBuff, e); - e += 4; - } - return new String(outBuff, 0, e); - } - - /** - * Decodes data from Base64 notation. - * - * @param s the string to decode. - * @return the decoded data. - */ - public static final byte[] decode(final String s) - throws UnsupportedEncodingException - { - final byte[] bytes; - bytes = s.getBytes("US-ASCII"); - return decode(bytes, 0, bytes.length); - } - - /** - * Decodes Base64 content in byte array format and returns the decoded byte - * array. - * - * @param src the Base64 encoded data. - * @param off the offset of where to begin decoding. - * @param len the length of characters to decode. - * @return the decoded data. - * @throws IllegalArgumentException if <code>src</code> contains an illegal - * Base-64 character. - */ - public static byte[] decode(final byte[] src, final int off, final int len) - { - final int len34 = len * 3 / 4; - final byte[] outBuff = new byte[len34]; // Upper limit on size of output - int outBuffPosn = 0; - final byte[] b4 = new byte[4]; - int b4Posn = 0; - int i; - byte sbiCrop, sbiDecode; - for (i = off; i < off + len; i++) - { - sbiCrop = (byte) (src[i] & 0x7F); // Only the low seven bits - sbiDecode = DECODABET[sbiCrop]; - if (sbiDecode >= WHITE_SPACE_ENC) - { // White space, Equals sign or better - if (sbiDecode >= EQUALS_SIGN_ENC) - { - b4[b4Posn++] = sbiCrop; - if (b4Posn > 3) - { - outBuffPosn += decode4to3(b4, 0, outBuff, outBuffPosn); - b4Posn = 0; - // If that was the equals sign, break out of 'for' loop - if (sbiCrop == EQUALS_SIGN) - break; - } // end if: quartet built - } // end if: equals sign or better - } - throw new IllegalArgumentException("Illegal BASE-64 character at #" - + i + ": " + src[i] + "(decimal)"); - } - final byte[] result = new byte[outBuffPosn]; - System.arraycopy(outBuff, 0, result, 0, outBuffPosn); - return result; - } - - /** - * Encodes up to three bytes of the array <code>src</code> and writes the - * resulting four Base64 bytes to <code>dest</code>. The source and - * destination arrays can be manipulated anywhere along their length by - * specifying <code>sOffset</code> and <code>dOffset</code>. - * <p> - * This method does not check to make sure the arrays are large enough to - * accomodate <code>sOffset + 3</code> for the <code>src</code> array or - * <code>dOffset + 4</code> for the <code>dest</code> array. The actual - * number of significant bytes in the input array is given by - * <code>numBytes</code>. - * - * @param src the array to convert. - * @param sOffset the index where conversion begins. - * @param numBytes the number of significant bytes in your array. - * @param dest the array to hold the conversion. - * @param dOffset the index where output will be put. - * @return the <code>destination</code> array. - */ - private static final byte[] encode3to4(final byte[] src, final int sOffset, - final int numBytes, final byte[] dest, - final int dOffset) - { - // 1 2 3 - // 01234567890123456789012345678901 Bit position - // --------000000001111111122222222 Array position from threeBytes - // --------| || || || | Six bit groups to index ALPHABET - // >>18 >>12 >> 6 >> 0 Right shift necessary - // 0x3F 0x3F 0x3F Additional AND - - // Create buffer with zero-padding if there are only one or two - // significant bytes passed in the array. - // We have to shift left 24 in order to flush out the 1's that appear - // when Java treats a value as negative that is cast from a byte to an int. - final int inBuff = (numBytes > 0 ? ((src[sOffset] << 24) >>> 8) : 0) - | (numBytes > 1 ? ((src[sOffset + 1] << 24) >>> 16) : 0) - | (numBytes > 2 ? ((src[sOffset + 2] << 24) >>> 24) : 0); - switch (numBytes) - { - case 3: - dest[dOffset ] = ALPHABET[(inBuff >>> 18)]; - dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; - dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F]; - dest[dOffset + 3] = ALPHABET[(inBuff) & 0x3F]; - break; - case 2: - dest[dOffset ] = ALPHABET[(inBuff >>> 18)]; - dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; - dest[dOffset + 2] = ALPHABET[(inBuff >>> 6) & 0x3F]; - dest[dOffset + 3] = EQUALS_SIGN; - break; - case 1: - dest[dOffset ] = ALPHABET[(inBuff >>> 18)]; - dest[dOffset + 1] = ALPHABET[(inBuff >>> 12) & 0x3F]; - dest[dOffset + 2] = EQUALS_SIGN; - dest[dOffset + 3] = EQUALS_SIGN; - break; - } - return dest; - } - - /** - * Decodes four bytes from array <code>src</code> and writes the resulting - * bytes (up to three of them) to <code>dest</code>. - * <p> - * The source and destination arrays can be manipulated anywhere along their - * length by specifying <code>sOffset</code> and <code>dOffset</code>. - * <p> - * This method does not check to make sure your arrays are large enough to - * accomodate <code>sOffset + 4</code> for the <code>src</code> array or - * <code>dOffset + 3</code> for the <code>dest</code> array. This method - * returns the actual number of bytes that were converted from the Base64 - * encoding. - * - * @param src the array to convert. - * @param sOffset the index where conversion begins. - * @param dest the array to hold the conversion. - * @param dOffset the index where output will be put. - * @return the number of decoded bytes converted. - */ - private static final int decode4to3(final byte[] src, final int sOffset, - final byte[] dest, final int dOffset) - { - if (src[sOffset + 2] == EQUALS_SIGN) // Example: Dk== - { - final int outBuff = ((DECODABET[src[sOffset ]] & 0xFF) << 18) - | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12); - dest[dOffset] = (byte)(outBuff >>> 16); - return 1; - } - if (src[sOffset + 3] == EQUALS_SIGN) // Example: DkL= - { - final int outBuff = ((DECODABET[src[sOffset ]] & 0xFF) << 18) - | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12) - | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6); - dest[dOffset ] = (byte)(outBuff >>> 16); - dest[dOffset + 1] = (byte)(outBuff >>> 8); - return 2; - } - try // Example: DkLE - { - final int outBuff = ((DECODABET[src[sOffset ]] & 0xFF) << 18) - | ((DECODABET[src[sOffset + 1]] & 0xFF) << 12) - | ((DECODABET[src[sOffset + 2]] & 0xFF) << 6) - | ((DECODABET[src[sOffset + 3]] & 0xFF)); - dest[dOffset ] = (byte)(outBuff >> 16); - dest[dOffset + 1] = (byte)(outBuff >> 8); - dest[dOffset + 2] = (byte) outBuff; - return 3; - } - catch (Exception x) - { - if (Configuration.DEBUG) - { - log.fine("" + src[sOffset ] + ": " + (DECODABET[src[sOffset ]])); - log.fine("" + src[sOffset + 1] + ": " + (DECODABET[src[sOffset + 1]])); - log.fine("" + src[sOffset + 2] + ": " + (DECODABET[src[sOffset + 2]])); - log.fine("" + src[sOffset + 3] + ": " + (DECODABET[src[sOffset + 3]])); - } - return -1; - } - } -} diff --git a/libjava/classpath/gnu/java/security/x509/X509Certificate.java b/libjava/classpath/gnu/java/security/x509/X509Certificate.java index b3f8a696a85..14c5652648a 100644 --- a/libjava/classpath/gnu/java/security/x509/X509Certificate.java +++ b/libjava/classpath/gnu/java/security/x509/X509Certificate.java @@ -1,5 +1,5 @@ /* X509Certificate.java -- X.509 certificate. - Copyright (C) 2003, 2004 Free Software Foundation, Inc. + Copyright (C) 2003, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -48,6 +48,7 @@ import gnu.java.security.der.DERValue; import gnu.java.security.x509.ext.BasicConstraints; import gnu.java.security.x509.ext.ExtendedKeyUsage; import gnu.java.security.x509.ext.Extension; +import gnu.java.security.x509.ext.GeneralName; import gnu.java.security.x509.ext.IssuerAlternativeNames; import gnu.java.security.x509.ext.KeyUsage; import gnu.java.security.x509.ext.SubjectAlternativeNames; @@ -103,6 +104,7 @@ public class X509Certificate extends java.security.cert.X509Certificate // Constants and fields. // ------------------------------------------------------------------------ + private static final long serialVersionUID = -2491127588187038216L; private static final Logger logger = SystemLogger.SYSTEM; protected static final OID ID_DSA = new OID ("1.2.840.10040.4.1"); @@ -133,7 +135,7 @@ public class X509Certificate extends java.security.cert.X509Certificate protected transient PublicKey subjectKey; protected transient BitString issuerUniqueId; protected transient BitString subjectUniqueId; - protected transient Map extensions; + protected transient Map<OID, Extension> extensions; // Signature. protected transient OID sigAlgId; @@ -157,7 +159,7 @@ public class X509Certificate extends java.security.cert.X509Certificate throws CertificateException, IOException { super(); - extensions = new HashMap(); + extensions = new HashMap<OID, Extension>(); try { parse(encoded); @@ -178,7 +180,7 @@ public class X509Certificate extends java.security.cert.X509Certificate protected X509Certificate() { - extensions = new HashMap(); + extensions = new HashMap<OID, Extension>(); } // X509Certificate methods. @@ -316,17 +318,15 @@ public class X509Certificate extends java.security.cert.X509Certificate return null; } - public List getExtendedKeyUsage() throws CertificateParsingException + public List<String> getExtendedKeyUsage() throws CertificateParsingException { Extension e = getExtension(ExtendedKeyUsage.ID); if (e != null) { - List a = ((ExtendedKeyUsage) e.getValue()).getPurposeIds(); - List b = new ArrayList(a.size()); - for (Iterator it = a.iterator(); it.hasNext(); ) - { - b.add(it.next().toString()); - } + List<OID> a = ((ExtendedKeyUsage) e.getValue()).getPurposeIds(); + List<String> b = new ArrayList<String>(a.size()); + for (OID oid : a) + b.add(oid.toString()); return Collections.unmodifiableList(b); } return null; @@ -342,24 +342,44 @@ public class X509Certificate extends java.security.cert.X509Certificate return -1; } - public Collection getSubjectAlternativeNames() + public Collection<List<?>> getSubjectAlternativeNames() throws CertificateParsingException { Extension e = getExtension(SubjectAlternativeNames.ID); if (e != null) { - return ((SubjectAlternativeNames) e.getValue()).getNames(); + List<GeneralName> names + = ((SubjectAlternativeNames) e.getValue()).getNames(); + List<List<?>> list = new ArrayList<List<?>>(names.size()); + for (GeneralName name : names) + { + List<Object> n = new ArrayList<Object>(2); + n.add(name.kind().tag()); + n.add(name.name()); + list.add(n); + } + return list; } return null; } - public Collection getIssuerAlternativeNames() + public Collection<List<?>> getIssuerAlternativeNames() throws CertificateParsingException { Extension e = getExtension(IssuerAlternativeNames.ID); if (e != null) { - return ((IssuerAlternativeNames) e.getValue()).getNames(); + List<GeneralName> names + = ((IssuerAlternativeNames) e.getValue()).getNames(); + List<List<?>> list = new ArrayList<List<?>>(names.size()); + for (GeneralName name : names) + { + List<Object> n = new ArrayList<Object>(2); + n.add(name.kind().tag()); + n.add(name.name()); + list.add(n); + } + return list; } return null; } @@ -378,24 +398,22 @@ public class X509Certificate extends java.security.cert.X509Certificate return false; } - public Set getCriticalExtensionOIDs() + public Set<String> getCriticalExtensionOIDs() { - HashSet s = new HashSet(); - for (Iterator it = extensions.values().iterator(); it.hasNext(); ) + HashSet<String> s = new HashSet<String>(); + for (Extension e : extensions.values()) { - Extension e = (Extension) it.next(); if (e.isCritical()) s.add(e.getOid().toString()); } return Collections.unmodifiableSet(s); } - public Set getNonCriticalExtensionOIDs() + public Set<String> getNonCriticalExtensionOIDs() { - HashSet s = new HashSet(); - for (Iterator it = extensions.values().iterator(); it.hasNext(); ) + HashSet<String> s = new HashSet<String>(); + for (Extension e : extensions.values()) { - Extension e = (Extension) it.next(); if (!e.isCritical()) s.add(e.getOid().toString()); } diff --git a/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java b/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java index 50bc6d367d7..c451762f8e0 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java +++ b/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java @@ -1,5 +1,5 @@ /* CertificatePolicies.java -- certificate policy extension. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -61,8 +61,8 @@ public class CertificatePolicies extends Extension.Value public static final OID ID = new OID("2.5.29.32"); - private final List policies; - private final Map policyQualifierInfos; + private final List<OID> policies; + private final Map<OID, List<PolicyQualifierInfo>> policyQualifierInfos; // Constructor. // ------------------------------------------------------------------------- @@ -76,8 +76,9 @@ public class CertificatePolicies extends Extension.Value throw new IOException("malformed CertificatePolicies"); int len = 0; - LinkedList policyList = new LinkedList(); - HashMap qualifierMap = new HashMap(); + LinkedList<OID> policyList = new LinkedList<OID>(); + HashMap<OID, List<PolicyQualifierInfo>> qualifierMap + = new HashMap<OID, List<PolicyQualifierInfo>>(); while (len < pol.getLength()) { DERValue policyInfo = der.read(); @@ -92,7 +93,7 @@ public class CertificatePolicies extends Extension.Value { DERValue qual = der.read(); int len2 = 0; - LinkedList quals = new LinkedList(); + LinkedList<PolicyQualifierInfo> quals = new LinkedList<PolicyQualifierInfo>(); while (len2 < qual.getLength()) { val = der.read(); @@ -109,8 +110,8 @@ public class CertificatePolicies extends Extension.Value policyQualifierInfos = Collections.unmodifiableMap(qualifierMap); } - public CertificatePolicies (final List policies, - final Map policyQualifierInfos) + public CertificatePolicies (final List<OID> policies, + final Map<OID, List<PolicyQualifierInfo>> policyQualifierInfos) { for (Iterator it = policies.iterator(); it.hasNext(); ) if (!(it.next() instanceof OID)) @@ -129,54 +130,69 @@ public class CertificatePolicies extends Extension.Value throw new IllegalArgumentException ("policyQualifierInfos values must be Lists of PolicyQualifierInfos"); } - this.policies = Collections.unmodifiableList (new ArrayList (policies)); + this.policies = Collections.unmodifiableList (new ArrayList<OID>(policies)); this.policyQualifierInfos = Collections.unmodifiableMap - (new HashMap (policyQualifierInfos)); + (new HashMap<OID, List<PolicyQualifierInfo>>(policyQualifierInfos)); } // Instance methods. // ------------------------------------------------------------------------- - public List getPolicies() + public List<OID> getPolicies() { return policies; } + + /** + * Returns the list of policy OIDs, formatted as dotted-decimal strings. + * + * @return + */ + public List<String> getPolicyStrings() + { + List<String> l = new ArrayList<String>(policies.size()); + for (OID oid : policies) + { + l.add(oid.toString()); + } + return l; + } - public List getPolicyQualifierInfos(OID oid) + public List<PolicyQualifierInfo> getPolicyQualifierInfos(OID oid) { - return (List) policyQualifierInfos.get(oid); + return policyQualifierInfos.get(oid); } public byte[] getEncoded() { if (encoded == null) { - List pol = new ArrayList (policies.size()); - for (Iterator it = policies.iterator(); it.hasNext(); ) + List<DERValue> pol = new ArrayList<DERValue>(policies.size()); + for (Iterator<OID> it = policies.iterator(); it.hasNext(); ) { - OID policy = (OID) it.next(); - List qualifiers = getPolicyQualifierInfos (policy); - List l = new ArrayList (qualifiers == null ? 1 : 2); - l.add (new DERValue (DER.OBJECT_IDENTIFIER, policy)); + OID policy = it.next(); + List<PolicyQualifierInfo> qualifiers = getPolicyQualifierInfos(policy); + List<DERValue> l = new ArrayList<DERValue>(qualifiers == null ? 1 : 2); + l.add(new DERValue(DER.OBJECT_IDENTIFIER, policy)); if (qualifiers != null) { - List ll = new ArrayList (qualifiers.size()); - for (Iterator it2 = qualifiers.iterator(); it.hasNext(); ) + List<DERValue> ll = new ArrayList<DERValue>(qualifiers.size()); + for (Iterator<PolicyQualifierInfo> it2 = qualifiers.iterator(); it.hasNext(); ) { - PolicyQualifierInfo info = (PolicyQualifierInfo) it2.next(); + PolicyQualifierInfo info = it2.next(); try { - ll.add (DERReader.read (info.getEncoded())); + ll.add(DERReader.read(info.getEncoded())); } catch (IOException ioe) { } } - l.add (new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, ll)); + l.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, ll)); } - pol.add (new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, l)); + pol.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, l)); } - encoded = new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded(); + encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded(); } return (byte[]) encoded.clone(); } diff --git a/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java b/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java index 37b08acf43e..428013d04bd 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java +++ b/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java @@ -1,5 +1,5 @@ /* ExtendedKeyUsage.java -- the extended key usage extension. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -56,7 +56,7 @@ public class ExtendedKeyUsage extends Extension.Value public static final OID ID = new OID("2.5.29.37"); - private final List purposeIds; + private final List<OID> purposeIds; // Constructor. // ------------------------------------------------------------------------- @@ -69,13 +69,13 @@ public class ExtendedKeyUsage extends Extension.Value if (!usageList.isConstructed()) throw new IOException("malformed ExtKeyUsageSyntax"); int len = 0; - purposeIds = new LinkedList(); + purposeIds = new LinkedList<OID>(); while (len < usageList.getLength()) { DERValue val = der.read(); if (val.getTag() != DER.OBJECT_IDENTIFIER) throw new IOException("malformed KeyPurposeId"); - purposeIds.add(val.getValue()); + purposeIds.add((OID) val.getValue()); len += val.getEncodedLength(); } } @@ -83,7 +83,7 @@ public class ExtendedKeyUsage extends Extension.Value // Instance method. // ------------------------------------------------------------------------- - public List getPurposeIds() + public List<OID> getPurposeIds() { return Collections.unmodifiableList(purposeIds); } diff --git a/libjava/classpath/gnu/java/security/x509/ext/Extension.java b/libjava/classpath/gnu/java/security/x509/ext/Extension.java index 69251987ec9..2b7e96d5abc 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/Extension.java +++ b/libjava/classpath/gnu/java/security/x509/ext/Extension.java @@ -1,5 +1,5 @@ /* Extension.java -- an X.509 certificate or CRL extension. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -171,6 +171,10 @@ public class Extension { value = new ReasonCode(encval); } + else if (oid.equals(NameConstraints.ID)) + { + value = new NameConstraints(encval); + } else { value = new Value(encval); @@ -226,11 +230,11 @@ public class Extension public DERValue getDerValue() { - List ext = new ArrayList (3); - ext.add (new DERValue (DER.OBJECT_IDENTIFIER, oid)); - ext.add (new DERValue (DER.BOOLEAN, Boolean.valueOf (critical))); - ext.add (new DERValue (DER.OCTET_STRING, value.getEncoded())); - return new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, ext); + List<DERValue> ext = new ArrayList<DERValue>(3); + ext.add(new DERValue(DER.OBJECT_IDENTIFIER, oid)); + ext.add(new DERValue(DER.BOOLEAN, Boolean.valueOf(critical))); + ext.add(new DERValue(DER.OCTET_STRING, value.getEncoded())); + return new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, ext); } // Own methods. diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java new file mode 100644 index 00000000000..fbc05339f6d --- /dev/null +++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java @@ -0,0 +1,232 @@ +/* GeneralName.java -- a GeneralName. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.x509.ext; + +import gnu.java.security.der.DER; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.x509.Util; + +import java.io.IOException; +import java.util.Arrays; + +/** + * The GeneralName structure from X.509. + * + * <pre> + GeneralName ::= CHOICE { + otherName [0] OtherName, + rfc822Name [1] IA5String, + dNSName [2] IA5String, + x400Address [3] ORAddress, + directoryName [4] Name, + ediPartyName [5] EDIPartyName, + uniformResourceIdentifier [6] IA5String, + iPAddress [7] OCTET STRING, + registeredID [8] OBJECT IDENTIFIER } + + OtherName ::= SEQUENCE { + type-id OBJECT IDENTIFIER, + value [0] EXPLICIT ANY DEFINED BY type-id } + + EDIPartyName ::= SEQUENCE { + nameAssigner [0] DirectoryString OPTIONAL, + partyName [1] DirectoryString } +</pre> + * + * @author Casey Marshall (csm@gnu.org) + */ +public class GeneralName +{ + public static enum Kind + { + otherName (0), + rfc822Name (1), + dNSName (2), + x400Address (3), + directoryName (4), + ediPartyName (5), + uniformResourceIdentifier (6), + iPAddress (7), + registeredId (8); + + private int tag; + + private Kind(int tag) + { + this.tag = tag; + } + + public static Kind forTag(final int tag) + { + switch (tag) + { + case 0: return otherName; + case 1: return rfc822Name; + case 2: return dNSName; + case 3: return x400Address; + case 4: return directoryName; + case 5: return ediPartyName; + case 6: return uniformResourceIdentifier; + case 7: return iPAddress; + case 8: return registeredId; + } + + throw new IllegalArgumentException("invalid tag: " + tag); + } + + public int tag() + { + return tag; + } + }; + + private final Kind kind; + private final byte[] name; + private final byte[] encoded; + + public GeneralName(byte[] encoded) throws IOException + { + DERReader reader = new DERReader(encoded); + DERValue value = reader.read(); + + if (value.getTagClass() != DER.CONTEXT) + throw new IOException("malformed GeneralName"); + + this.encoded = value.getEncoded(); + + kind = Kind.forTag(value.getTag()); + switch (kind) + { + case otherName: + name = value.getEncoded(); + name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE); + // Skip the two fields of the name. + reader.read(); // OID + reader.read(); // Octet string + break; + + case rfc822Name: + name = (byte[]) value.getValue(); + break; + + case dNSName: + name = (byte[]) value.getValue(); + break; + + case x400Address: + name = (byte[]) value.getValue(); + break; + + case directoryName: + name = value.getEncoded(); + name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE); + break; + + case ediPartyName: + name = value.getEncoded(); + name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE); + break; + + case uniformResourceIdentifier: + name = (byte[]) value.getValue(); + break; + + case iPAddress: + name = (byte[]) value.getValue(); + break; + + case registeredId: + name = value.getEncoded(); + name[0] = DER.OBJECT_IDENTIFIER; + break; + + default: + name = null; // Not reached. + } + } + + public GeneralName(Kind kind, byte[] name) + { + this.kind = kind; + this.name = (byte[]) name.clone(); + this.encoded = null; + } + + public Kind kind() + { + return kind; + } + + public byte[] name() + { + return (byte[]) name.clone(); + } + + public byte[] encoded() + { + try + { + return (byte[]) encoded.clone(); + } + catch (NullPointerException npe) + { + return null; + } + } + + public boolean equals(Object o) + { + try + { + GeneralName that = (GeneralName) o; + return (that.kind() == kind() && Arrays.equals(name, that.name)); + } + catch (ClassCastException cce) + { + return false; + } + } + + public String toString() + { + return (super.toString() + " [ kind=" + kind + "; name=" + + Util.hexDump(name, "") + " ]"); + } +} diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java index b342cbd5f2e..f56ee963b9c 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java +++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java @@ -38,106 +38,38 @@ exception statement from your version. */ package gnu.java.security.x509.ext; -import gnu.java.security.OID; -import gnu.java.security.der.DER; import gnu.java.security.der.DERReader; import gnu.java.security.der.DERValue; import java.io.IOException; -import java.net.InetAddress; -import java.util.ArrayList; import java.util.Collections; -import java.util.Iterator; import java.util.LinkedList; import java.util.List; -import javax.security.auth.x500.X500Principal; - public class GeneralNames { // Instance methods. // ------------------------------------------------------------------------- - public static final int OTHER_NAME = 0; - public static final int RFC822_NAME = 1; - public static final int DNS_NAME = 2; - public static final int X400_ADDRESS = 3; - public static final int DIRECTORY_NAME = 4; - public static final int EDI_PARTY_NAME = 5; - public static final int URI = 6; - public static final int IP_ADDRESS = 7; - public static final int REGISTERED_ID = 8; - - private List names; + private List<GeneralName> names; // Constructor. // ------------------------------------------------------------------------- public GeneralNames(final byte[] encoded) throws IOException { - names = new LinkedList(); + names = new LinkedList<GeneralName>(); DERReader der = new DERReader(encoded); DERValue nameList = der.read(); if (!nameList.isConstructed()) throw new IOException("malformed GeneralNames"); int len = 0; - int i = 0; while (len < nameList.getLength()) { DERValue name = der.read(); - List namePair = new ArrayList(2); - int tagClass = name.getTagClass(); - if (tagClass != DER.CONTEXT) - throw new IOException("malformed GeneralName: Tag class is " + tagClass); - namePair.add(Integer.valueOf(name.getTag())); - DERValue val = null; - switch (name.getTag()) - { - case RFC822_NAME: - case DNS_NAME: - case X400_ADDRESS: - case URI: - namePair.add(new String((byte[]) name.getValue())); - break; - - case OTHER_NAME: - // MUST return the encoded bytes of the OID/OctetString sequence - byte[] anotherName = name.getEncoded(); - anotherName[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE); - namePair.add(anotherName); - // DERReader goes back on Constructed things so we need to skip over them - DERValue skip = der.read(); // skip OID - skip = der.read(); // skip Octet String - break; - - case EDI_PARTY_NAME: - namePair.add(name.getValue()); - break; - - case DIRECTORY_NAME: - byte[] b = name.getEncoded(); - b[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE); - DERReader r = new DERReader (b); - r.read (); - namePair.add(new X500Principal(r.read ().getEncoded ()).toString()); - break; - - case IP_ADDRESS: - namePair.add(InetAddress.getByAddress((byte[]) name.getValue()) - .getHostAddress()); - break; - - case REGISTERED_ID: - byte[] bb = name.getEncoded(); - bb[0] = (byte) DER.OBJECT_IDENTIFIER; - namePair.add(new OID(bb).toString()); - break; - - default: - throw new IOException("unknown tag " + name.getTag()); - } - names.add(namePair); + GeneralName generalName = new GeneralName(name.getEncoded()); + names.add(generalName); len += name.getEncodedLength(); } } @@ -145,21 +77,9 @@ public class GeneralNames // Instance methods. // ------------------------------------------------------------------------- - public List getNames() + public List<GeneralName> getNames() { - List l = new ArrayList(names.size()); - for (Iterator it = names.iterator(); it.hasNext(); ) - { - List ll = (List) it.next(); - List pair = new ArrayList(2); - pair.add(ll.get(0)); - if (ll.get(1) instanceof byte[]) - pair.add(((byte[]) ll.get(1)).clone()); - else - pair.add(ll.get(1)); - l.add(Collections.unmodifiableList(pair)); - } - return Collections.unmodifiableList(l); + return Collections.unmodifiableList(names); } public String toString() diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java new file mode 100644 index 00000000000..5f6ffd98701 --- /dev/null +++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java @@ -0,0 +1,156 @@ +/* GeneralSubtree.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.x509.ext; + +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; + +import java.io.IOException; +import java.math.BigInteger; + +/** + * The GeneralSubtree structure, a part of the {@link NameConstraints} + * extension. + * + * <pre> + GeneralSubtree ::= SEQUENCE { + base GeneralName, + minimum [0] BaseDistance DEFAULT 0, + maximum [1] BaseDistance OPTIONAL } + + BaseDistance ::= INTEGER (0..MAX)</pre> + * + * @author Casey Marshall (csm@gnu.org) + */ +public class GeneralSubtree +{ + private final GeneralName base; + private final int minimum; + private final int maximum; + + public GeneralSubtree(byte[] encoded) throws IOException + { + DERReader reader = new DERReader(encoded); + DERValue generalSubtree = reader.read(); + + if (!generalSubtree.isConstructed()) + throw new IOException("malformed GeneralSubtree"); + + DERValue generalName = reader.read(); + base = new GeneralName(generalName.getEncoded()); + if (generalName.isConstructed()) + reader.skip(generalName.getLength()); + + int len = generalName.getEncodedLength(); + if (len < generalSubtree.getLength()) + { + DERValue distance = reader.read(); + if (distance.getTag() == 0) + { + minimum = ((BigInteger) distance.getValue()).intValue(); + len += distance.getEncodedLength(); + if (len < generalSubtree.getLength()) + { + distance = reader.read(); + if (distance.getTag() != 1) + throw new IOException("unexpected tag " + + distance.getTag() + + " (expected 1 for GeneralSubtree maximum distance)"); + maximum = ((BigInteger) distance.getValue()).intValue(); + } + else + { + maximum = -1; + } + } + else if (distance.getTag() == 1) + { + minimum = 1; + maximum = ((BigInteger) distance.getValue()).intValue(); + } + else + { + throw new IOException("unexpected tag " + distance.getTag() + + " (expected 0 or 1 for GeneralSubtree distance)"); + } + } + else + { + minimum = 0; + maximum = -1; + } + } + + /** + * Returns the base name. + * + * @return The base name. + */ + public GeneralName base() + { + return base; + } + + /** + * Returns the minimum base distance, possibly zero. + * + * @return The minimum base distance. + */ + public int minimum() + { + return minimum; + } + + /** + * Returns the maximum base distance, or -1 if this value was not specified. + * + * @return The maximum base distance. + */ + public int maximum() + { + return maximum; + } + + public String toString() + { + return (GeneralSubtree.class.getName() + " [ base=" + base + + "; minimum=" + minimum + "; maximim=" + maximum + + " ]"); + } +} diff --git a/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java b/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java index 8b017dc62d8..080070b9890 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java +++ b/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java @@ -1,5 +1,5 @@ /* IssuerAlternatuveNames.java -- issuer alternative names extension. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -65,7 +65,7 @@ public class IssuerAlternativeNames extends Extension.Value // Instance method. // ------------------------------------------------------------------------- - public List getNames() + public List<GeneralName> getNames() { return names.getNames(); } diff --git a/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java b/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java new file mode 100644 index 00000000000..607c4296642 --- /dev/null +++ b/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java @@ -0,0 +1,161 @@ +/* NameConstraints.java -- the NameConstraints X.509 extension. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.x509.ext; + +import gnu.java.security.OID; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.x509.ext.Extension.Value; + +import java.io.IOException; +import java.util.Collections; +import java.util.LinkedList; +import java.util.List; + +/** + * The NameConstraints extension. From RFC 3280, section 4.2.1.11, this + * extension is defined as: + * + * <pre> + id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } + + NameConstraints ::= SEQUENCE { + permittedSubtrees [0] GeneralSubtrees OPTIONAL, + excludedSubtrees [1] GeneralSubtrees OPTIONAL } + + GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree + + GeneralSubtree ::= SEQUENCE { + base GeneralName, + minimum [0] BaseDistance DEFAULT 0, + maximum [1] BaseDistance OPTIONAL } + + BaseDistance ::= INTEGER (0..MAX) + </pre> + * + * See also the classes {@link GeneralNames} and {@link GeneralSubtree}. + * + * @author csm + */ +public class NameConstraints extends Value +{ + public static final OID ID = new OID("2.5.29.30"); + + private List<GeneralSubtree> permittedSubtrees; + private List<GeneralSubtree> excludedSubtrees; + + public NameConstraints(byte[] encoded) throws IOException + { + super(encoded); + + DERReader der = new DERReader(encoded); + DERValue value = der.read(); + if (!value.isConstructed()) + { + throw new IOException("malformed NameConstraints"); + } + + permittedSubtrees = new LinkedList<GeneralSubtree>(); + excludedSubtrees = new LinkedList<GeneralSubtree>(); + int len = 0; + if (len < value.getLength()) + { + DERValue subtrees = der.read(); + if (subtrees.getTag() == 0) + { + int len2 = 0; + while (len2 < subtrees.getLength()) + { + DERValue subtree = der.read(); + permittedSubtrees.add(new GeneralSubtree(subtree.getEncoded())); + der.skip(subtree.getLength()); + len2 += subtree.getEncodedLength(); + } + len += subtrees.getEncodedLength(); + + if (len < value.getLength()) + { + subtrees = der.read(); + if (subtrees.getTag() != 1) + throw new IOException("unexpected tag " + subtrees.getTag() + + " (expecting 1 for excludedSubtrees)"); + len2 = 0; + while (len2 < subtrees.getLength()) + { + DERValue subtree = der.read(); + excludedSubtrees.add(new GeneralSubtree(subtree.getEncoded())); + der.skip(subtree.getLength()); + len2 += subtree.getEncodedLength(); + } + } + } + else if (subtrees.getTag() == 1) + { + int len2 = 0; + while (len2 < subtrees.getLength()) + { + DERValue subtree = der.read(); + excludedSubtrees.add(new GeneralSubtree(subtree.getEncoded())); + der.skip(subtree.getLength()); + len2 += subtree.getEncodedLength(); + } + } + else + throw new IOException("unexpected tag " + subtrees.getTag() + + " (expecting 0 or 1)"); + } + } + + public List<GeneralSubtree> permittedSubtrees() + { + return Collections.unmodifiableList(permittedSubtrees); + } + + public List<GeneralSubtree> excludedSubtrees() + { + return Collections.unmodifiableList(excludedSubtrees); + } + + public String toString() + { + return NameConstraints.class.getName() + " [ permittedSubtrees=" + + permittedSubtrees + "; excludedSubtrees=" + excludedSubtrees + + " ]"; + } +} diff --git a/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java b/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java index f88e854965f..8b6347d99a3 100644 --- a/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java +++ b/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java @@ -1,5 +1,5 @@ /* SubjectAlternatuveNames.java -- subject alternative names extension. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -65,7 +65,7 @@ public class SubjectAlternativeNames extends Extension.Value // Instance method. // ------------------------------------------------------------------------- - public List getNames() + public List<GeneralName> getNames() { return names.getNames(); } |
