procyberian/gcc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[multiple changes]

Browse source 
2004-09-21  Andreas Tobler  <a.tobler@schweiz.ch>

	Import the big Crypto/Jessie/Security merge from Classpath.

	* Makefile.am: Add imported files.
	* Makefile.in: Regenerate.

	2004-08-14  Casey Marshall <csm@gnu.org>

	The Big Crypto Merge of 2004.

	* javax/security/auth/x500/X500Principal.java: Replaced with GNU
	Crypto's version.

	Files imported from GNU Crypto.
	* javax/crypto/BadPaddingException.java
	* javax/crypto/Cipher.java
	* javax/crypto/CipherInputStream.java
	* javax/crypto/CipherOutputStream.java
	* javax/crypto/CipherSpi.java
	* javax/crypto/EncryptedPrivateKeyInfo.java
	* javax/crypto/ExemptionMechanism.java
	* javax/crypto/ExemptionMechanismException.java
	* javax/crypto/ExemptionMechanismSpi.java
	* javax/crypto/IllegalBlockSizeException.java
	* javax/crypto/KeyAgreement.java
	* javax/crypto/KeyAgreementSpi.java
	* javax/crypto/KeyGenerator.java
	* javax/crypto/KeyGeneratorSpi.java
	* javax/crypto/Mac.java
	* javax/crypto/MacSpi.java
	* javax/crypto/Makefile.am
	* javax/crypto/NoSuchPaddingException.java
	* javax/crypto/NullCipher.java
	* javax/crypto/NullCipherImpl.java
	* javax/crypto/SealedObject.java
	* javax/crypto/SecretKey.java
	* javax/crypto/SecretKeyFactory.java
	* javax/crypto/SecretKeyFactorySpi.java
	* javax/crypto/ShortBufferException.java
	* javax/crypto/interfaces/DHKey.java
	* javax/crypto/interfaces/DHPrivateKey.java
	* javax/crypto/interfaces/DHPublicKey.java
	* javax/crypto/interfaces/PBEKey.java
	* javax/crypto/spec/DESKeySpec.java
	* javax/crypto/spec/DESedeKeySpec.java
	* javax/crypto/spec/DHGenParameterSpec.java
	* javax/crypto/spec/DHParameterSpec.java
	* javax/crypto/spec/DHPrivateKeySpec.java
	* javax/crypto/spec/DHPublicKeySpec.java
	* javax/crypto/spec/IvParameterSpec.java
	* javax/crypto/spec/PBEKeySpec.java
	* javax/crypto/spec/PBEParameterSpec.java
	* javax/crypto/spec/RC2ParameterSpec.java
	* javax/crypto/spec/RC5ParameterSpec.java
	* javax/crypto/spec/SecretKeySpec.java
	* javax/security/auth/AuthPermission.java
	* javax/security/auth/DestroyFailedException.java
	* javax/security/auth/Destroyable.java
	* javax/security/auth/Policy.java
	* javax/security/auth/PrivateCredentialPermission.java
	* javax/security/auth/RefreshFailedException.java
	* javax/security/auth/Refreshable.java
	* javax/security/auth/Subject.java
	* javax/security/auth/SubjectDomainCombiner.java
	* javax/security/auth/callback/Callback.java
	* javax/security/auth/callback/CallbackHandler.java
	* javax/security/auth/callback/ChoiceCallback.java
	* javax/security/auth/callback/ConfirmationCallback.java
	* javax/security/auth/callback/LanguageCallback.java
	* javax/security/auth/callback/NameCallback.java
	* javax/security/auth/callback/PasswordCallback.java
	* javax/security/auth/callback/TextInputCallback.java
	* javax/security/auth/callback/TextOutputCallback.java
	* javax/security/auth/callback/UnsupportedCallbackException.java
	* javax/security/auth/login/AccountExpiredException.java
	* javax/security/auth/login/AppConfigurationEntry.java
	* javax/security/auth/login/Configuration.java
	* javax/security/auth/login/CredentialExpiredException.java
	* javax/security/auth/login/FailedLoginException.java
	* javax/security/auth/login/LoginContext.java
	* javax/security/auth/login/LoginException.java
	* javax/security/auth/login/NullConfiguration.java
	* javax/security/auth/x500/X500PrivateCredential.java
	* javax/security/sasl/AuthenticationException.java
	* javax/security/sasl/AuthorizeCallback.java
	* javax/security/sasl/RealmCallback.java
	* javax/security/sasl/RealmChoiceCallback.java
	* javax/security/sasl/Sasl.java
	* javax/security/sasl/SaslClient.java
	* javax/security/sasl/SaslClientFactory.java
	* javax/security/sasl/SaslException.java
	* javax/security/sasl/SaslServer.java
	* javax/security/sasl/SaslServerFactory.java
	* org/ietf/jgss/ChannelBinding.java
	* org/ietf/jgss/GSSContext.java
	* org/ietf/jgss/GSSCredential.java
	* org/ietf/jgss/GSSException.java
	* org/ietf/jgss/GSSManager.java
	* org/ietf/jgss/GSSName.java
	* org/ietf/jgss/MessageProp.java
	* org/ietf/jgss/Oid.java
	* org/ietf/jgss/MessagesBundle.properties

	Files imported from Jessie <http://www.nongnu.org/jessie/>
	* javax/net/ServerSocketFactory.java
	* javax/net/SocketFactory.java
	* javax/net/VanillaServerSocketFactory.java
	* javax/net/VanillaSocketFactory.java
	* javax/net/ssl/HandshakeCompletedEvent.java
	* javax/net/ssl/HandshakeCompletedListener.java
	* javax/net/ssl/HostnameVerifier.java
	* javax/net/ssl/HttpsURLConnection.java
	* javax/net/ssl/KeyManager.java
	* javax/net/ssl/KeyManagerFactory.java
	* javax/net/ssl/KeyManagerFactorySpi.java
	* javax/net/ssl/ManagerFactoryParameters.java
	* javax/net/ssl/SSLContext.java
	* javax/net/ssl/SSLContextSpi.java
	* javax/net/ssl/SSLException.java
	* javax/net/ssl/SSLHandshakeException.java
	* javax/net/ssl/SSLKeyException.java
	* javax/net/ssl/SSLPeerUnverifiedException.java
	* javax/net/ssl/SSLPermission.java
	* javax/net/ssl/SSLProtocolException.java
	* javax/net/ssl/SSLServerSocket.java
	* javax/net/ssl/SSLServerSocketFactory.java
	* javax/net/ssl/SSLSession.java
	* javax/net/ssl/SSLSessionBindingEvent.java
	* javax/net/ssl/SSLSessionBindingListener.java
	* javax/net/ssl/SSLSessionContext.java
	* javax/net/ssl/SSLSocket.java
	* javax/net/ssl/SSLSocketFactory.java
	* javax/net/ssl/TrivialHostnameVerifier.java
	* javax/net/ssl/TrustManager.java
	* javax/net/ssl/TrustManagerFactory.java
	* javax/net/ssl/TrustManagerFactorySpi.java
	* javax/net/ssl/X509KeyManager.java
	* javax/net/ssl/X509TrustManager.java
	* javax/security/cert/Certificate.java
	* javax/security/cert/CertificateEncodingException.java
	* javax/security/cert/CertificateException.java
	* javax/security/cert/CertificateExpiredException.java
	* javax/security/cert/CertificateNotYetValidException.java
	* javax/security/cert/CertificateParsingException.java
	* javax/security/cert/X509CertBridge.java
	* javax/security/cert/X509Certificate.java

	2004-08-20  Casey Marshall  <csm@gnu.org>

	* java/security/cert/X509CRLSelector.java: New file.
	* java/security/cert/X509CertSelector.java: New file.

From-SVN: r87795
This commit is contained in:
Andreas Tobler 2004-09-21 10:33:35 +02:00 committed by Andreas Tobler
parent c93320c457
commit 6f5ce93bab
134 changed files with 25334 additions and 274 deletions
Download patch file Download diff file Expand all files Collapse all files

459
libjava/java/security/cert/X509CRLSelector.java Normal file
View file

@ -0,0 +1,459 @@
/* X509CRLSelector.java -- selects X.509 CRLs by criteria.
Copyright (C) 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version. */
package java.security.cert;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import gnu.java.security.action.GetPropertyAction;
import gnu.java.security.der.DERReader;
import gnu.java.security.der.DERValue;
/**
* A class for matching X.509 certificate revocation lists by criteria.
*
* <p>Use of this class requires extensive knowledge of the Internet
* Engineering Task Force's Public Key Infrastructure (X.509). The primary
* document describing this standard is <a
* href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and Certificate Revocation List
* (CRL) Profile</a>.
*
* <p>Note that this class is not thread-safe. If multiple threads will
* use or modify this class then they need to synchronize on the object.
*
* @author Casey Marshall (csm@gnu.org)
*/
public class X509CRLSelector implements CRLSelector, Cloneable
{
// Fields.
// -------------------------------------------------------------------------
private static final String CRL_NUMBER_ID = "2.5.29.20";
private List issuerNames;
private BigInteger maxCrlNumber;
private BigInteger minCrlNumber;
private Date date;
private X509Certificate cert;
// Constructor.
// -------------------------------------------------------------------------
/**
* Creates a new CRL selector with no criteria enabled; i.e., every CRL
* will be matched.
*/
public X509CRLSelector()
{
}
// Instance methods.
// -------------------------------------------------------------------------
/**
* Add an issuer name to the set of issuer names criteria, as the DER
* encoded form.
*
* @param name The name to add, as DER bytes.
* @throws IOException If the argument is not a valid DER-encoding.
*/
public void addIssuerName(byte[] name) throws IOException
{
X500Principal p = null;
try
{
p = new X500Principal(name);
}
catch (IllegalArgumentException iae)
{
IOException ioe = new IOException("malformed name");
ioe.initCause(iae);
throw ioe;
}
if (issuerNames == null)
issuerNames = new LinkedList();
issuerNames.add(p);
}
/**
* Add an issuer name to the set of issuer names criteria, as a
* String representation.
*
* @param name The name to add.
* @throws IOException If the argument is not a valid name.
*/
public void addIssuerName(String name) throws IOException
{
X500Principal p = null;
try
{
p = new X500Principal(name);
}
catch (IllegalArgumentException iae)
{
IOException ioe = new IOException("malformed name: " + name);
ioe.initCause(iae);
throw ioe;
}
if (issuerNames == null)
issuerNames = new LinkedList();
issuerNames.add(p);
}
/**
* Sets the issuer names criterion. Pass <code>null</code> to clear this
* value. CRLs matched by this selector must have an issuer name in this
* set.
*
* @param names The issuer names.
* @throws IOException If any of the elements in the collection is not
* a valid name.
*/
public void setIssuerNames(Collection names) throws IOException
{
if (names == null)
{
issuerNames = null;
return;
}
List l = new ArrayList(names.size());
for (Iterator it = names.iterator(); it.hasNext(); )
{
Object o = it.next();
if (o instanceof X500Principal)
l.add(o);
else if (o instanceof String)
{
try
{
l.add(new X500Principal((String) o));
}
catch (IllegalArgumentException iae)
{
IOException ioe = new IOException("malformed name: " + o);
ioe.initCause(iae);
throw ioe;
}
}
else if (o instanceof byte[])
{
try
{
l.add(new X500Principal((byte[]) o));
}
catch (IllegalArgumentException iae)
{
IOException ioe = new IOException("malformed name");
ioe.initCause(iae);
throw ioe;
}
}
else if (o instanceof InputStream)
{
try
{
l.add(new X500Principal((InputStream) o));
}
catch (IllegalArgumentException iae)
{
IOException ioe = new IOException("malformed name");
ioe.initCause(iae);
throw ioe;
}
}
else
throw new IOException("not a valid name: " +
(o != null ? o.getClass().getName() : "null"));
}
issuerNames = l;
}
/**
* Returns the set of issuer names that are matched by this selector,
* or <code>null</code> if this criteria is not set. The returned
* collection is not modifiable.
*
* @return The set of issuer names.
*/
public Collection getIssuerNames()
{
if (issuerNames != null)
return Collections.unmodifiableList(issuerNames);
else
return null;
}
/**
* Returns the maximum value of the CRLNumber extension present in
* CRLs matched by this selector, or <code>null</code> if this
* criteria is not set.
*
* @return The maximum CRL number.
*/
public BigInteger getMaxCRL()
{
return maxCrlNumber;
}
/**
* Returns the minimum value of the CRLNumber extension present in
* CRLs matched by this selector, or <code>null</code> if this
* criteria is not set.
*
* @return The minimum CRL number.
*/
public BigInteger getMinCRL()
{
return minCrlNumber;
}
/**
* Sets the maximum value of the CRLNumber extension present in CRLs
* matched by this selector. Specify <code>null</code> to clear this
* criterion.
*
* @param maxCrlNumber The maximum CRL number.
*/
public void setMaxCRLNumber(BigInteger maxCrlNumber)
{
this.maxCrlNumber = maxCrlNumber;
}
/**
* Sets the minimum value of the CRLNumber extension present in CRLs
* matched by this selector. Specify <code>null</code> to clear this
* criterion.
*
* @param minCrlNumber The minimum CRL number.
*/
public void setMinCRLNumber(BigInteger minCrlNumber)
{
this.minCrlNumber = minCrlNumber;
}
/**
* Returns the date when this CRL must be valid; that is, the date
* must be after the thisUpdate date, but before the nextUpdate date.
* Returns <code>null</code> if this criterion is not set.
*
* @return The date.
*/
public Date getDateAndTime()
{
return date != null ? (Date) date.clone() : null;
}
/**
* Sets the date at which this CRL must be valid. Specify
* <code>null</code> to clear this criterion.
*
* @param date The date.
*/
public void setDateAndTime(Date date)
{
this.date = date != null ? (Date) date.clone() : null;
}
/**
* Returns the certificate being checked, or <code>null</code> if this
* value is not set.
*
* @return The certificate.
*/
public X509Certificate getCertificateChecking()
{
return cert;
}
/**
* Sets the certificate being checked. This is not a criterion, but
* info used by certificate store implementations to aid in searching.
*
* @param cert The certificate.
*/
public void setCertificateChecking(X509Certificate cert)
{
this.cert = cert;
}
/**
* Returns a string representation of this selector. The string will
* only describe the enabled criteria, so if none are enabled this will
* return a string that contains little else besides the class name.
*
* @return The string.
*/
public String toString()
{
StringBuffer str = new StringBuffer(X509CRLSelector.class.getName());
GetPropertyAction getProp = new GetPropertyAction("line.separator");
String nl = (String) AccessController.doPrivileged(getProp);
String eol = ";" + nl;
str.append(" {").append(nl);
if (issuerNames != null)
str.append(" issuer names = ").append(issuerNames).append(eol);
if (maxCrlNumber != null)
str.append(" max CRL = ").append(maxCrlNumber).append(eol);
if (minCrlNumber != null)
str.append(" min CRL = ").append(minCrlNumber).append(eol);
if (date != null)
str.append(" date = ").append(date).append(eol);
if (cert != null)
str.append(" certificate = ").append(cert).append(eol);
str.append("}").append(nl);
return str.toString();
}
/**
* Checks a CRL against the criteria of this selector, returning
* <code>true</code> if the given CRL matches all the criteria.
*
* @param _crl The CRL being checked.
* @return True if the CRL matches, false otherwise.
*/
public boolean match(CRL _crl)
{
if (!(_crl instanceof X509CRL))
return false;
X509CRL crl = (X509CRL) _crl;
if (issuerNames != null)
{
if (!issuerNames.contains(crl.getIssuerX500Principal()))
return false;
}
BigInteger crlNumber = null;
if (maxCrlNumber != null)
{
try
{
byte[] b = crl.getExtensionValue(CRL_NUMBER_ID);
if (b == null)
return false;
try
{
DERValue val = DERReader.read(b);
if (!(val.getValue() instanceof BigInteger))
return false;
crlNumber = (BigInteger) val.getValue();
}
catch (IOException ioe)
{
return false;
}
if (maxCrlNumber.compareTo(crlNumber) < 0)
return false;
}
catch (CertificateParsingException cpe)
{
return false;
}
}
if (minCrlNumber != null)
{
try
{
if (crlNumber == null)
{
byte[] b = crl.getExtensionValue(CRL_NUMBER_ID);
if (b == null)
return false;
try
{
DERValue val = DERReader.read(b);
if (!(val.getValue() instanceof BigInteger))
return false;
crlNumber = (BigInteger) val.getValue();
}
catch (IOException ioe)
{
return false;
}
}
if (minCrlNumber.compareTo(crlNumber) > 0)
return false;
}
catch (CertificateParsingException cpe)
{
return false;
}
}
if (date != null)
{
if (date.compareTo(crl.getThisUpdate()) < 0 ||
date.compareTo(crl.getNextUpdate()) > 0)
return false;
}
return true;
}
/**
* Returns a copy of this object.
*
* @return The copy.
*/
public Object clone()
{
try
{
return super.clone();
}
catch (CloneNotSupportedException shouldNotHappen)
{
throw new Error(shouldNotHappen);
}
}
}

1111
libjava/java/security/cert/X509CertSelector.java Normal file
View file

File diff suppressed because it is too large Load diff