summaryrefslogtreecommitdiffstats
path: root/base
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-03-28 00:36:32 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-03-28 13:19:26 -0500
commit1c8437891cdfe5580e09c495f79d81334ed0c2c0 (patch)
tree5a3ca8c31ca13c2809cccd3ac73c5791fe491163 /base
parente744c37ab1510f87ed4b5b3eafeb3758f1d0e30f (diff)
downloadpki-1c8437891cdfe5580e09c495f79d81334ed0c2c0.tar.gz
pki-1c8437891cdfe5580e09c495f79d81334ed0c2c0.tar.xz
pki-1c8437891cdfe5580e09c495f79d81334ed0c2c0.zip
Replaced deprecated AlgorithmId.getAlgorithmId().
The deprecated getAlgorithmId() method in AlgorithmId has been replaced with get(). Ticket #3
Diffstat (limited to 'base')
-rw-r--r--base/common/src/com/netscape/cms/profile/common/EnrollProfile.java31
-rw-r--r--base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java7
-rw-r--r--base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java51
-rw-r--r--base/common/src/com/netscape/cmscore/cert/CertUtils.java39
-rw-r--r--base/common/src/com/netscape/cmscore/security/JssSubsystem.java62
-rw-r--r--base/common/src/com/netscape/cmscore/security/KeyCertUtil.java11
-rw-r--r--base/util/src/netscape/security/extensions/CertInfo.java9
-rw-r--r--base/util/src/netscape/security/x509/AlgorithmId.java39
-rw-r--r--base/util/src/netscape/security/x509/X500Signer.java16
9 files changed, 122 insertions, 143 deletions
diff --git a/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
index d574f0f94..6fbdddb69 100644
--- a/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
+++ b/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
@@ -100,7 +100,7 @@ import com.netscape.cmsutil.util.HMACDigest;
/**
* This class implements a generic enrollment profile.
- *
+ *
* @version $Revision$, $Date$
*/
public abstract class EnrollProfile extends BasicProfile
@@ -167,7 +167,7 @@ public abstract class EnrollProfile extends BasicProfile
num_requests = msgs.length;
}
- // only 1 request for renewal
+ // only 1 request for renewal
if ((is_renewal != null) && (is_renewal.equals("true"))) {
num_requests = 1;
String renewal_seq_num_str = ctx.get(CTX_RENEWAL_SEQ_NUM);
@@ -229,8 +229,7 @@ public abstract class EnrollProfile extends BasicProfile
info.set(X509CertInfo.VALIDITY,
new CertificateValidity(new Date(), new Date()));
info.set(X509CertInfo.ALGORITHM_ID,
- new CertificateAlgorithmId(
- AlgorithmId.getAlgorithmId("MD5withRSA")));
+ new CertificateAlgorithmId(AlgorithmId.get("MD5withRSA")));
// add default extension container
info.set(X509CertInfo.EXTENSIONS,
@@ -281,7 +280,7 @@ public abstract class EnrollProfile extends BasicProfile
Enumeration<String> setIds = getProfilePolicySetIds();
while (setIds.hasMoreElements()) {
- String setId = (String) setIds.nextElement();
+ String setId = setIds.nextElement();
if (count == seq_no) {
return setId;
@@ -323,8 +322,7 @@ public abstract class EnrollProfile extends BasicProfile
// }
// }
- IAuthority authority = (IAuthority)
- getAuthority();
+ IAuthority authority = getAuthority();
IRequestQueue queue = authority.getRequestQueue();
// this profile queues request that is authenticated
@@ -376,7 +374,7 @@ public abstract class EnrollProfile extends BasicProfile
org.mozilla.jss.pkix.cms.ContentInfo cmcReq = (org.mozilla.jss.pkix.cms.ContentInfo)
org.mozilla.jss.pkix.cms.ContentInfo.getTemplate().decode(cmcBlobIn);
- org.mozilla.jss.pkix.cms.SignedData cmcFullReq =
+ org.mozilla.jss.pkix.cms.SignedData cmcFullReq =
(org.mozilla.jss.pkix.cms.SignedData) cmcReq.getInterpretedContent();
org.mozilla.jss.pkix.cms.EncapsulatedContentInfo ci = cmcFullReq.getContentInfo();
OCTET_STRING content = ci.getContent();
@@ -1056,8 +1054,7 @@ public abstract class EnrollProfile extends BasicProfile
PKCS10Attributes p10Attrs = pkcs10.getAttributes();
if (p10Attrs != null) {
- PKCS10Attribute p10Attr = (PKCS10Attribute)
- (p10Attrs.getAttribute(CertificateExtensions.NAME));
+ PKCS10Attribute p10Attr = p10Attrs.getAttribute(CertificateExtensions.NAME);
if (p10Attr != null && p10Attr.getAttributeId().equals(
PKCS9Attribute.EXTENSION_REQUEST_OID)) {
CMS.debug("Found PKCS10 extension");
@@ -1237,16 +1234,16 @@ public abstract class EnrollProfile extends BasicProfile
/**
* Populate input
* <P>
- *
+ *
* (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT
* made through a connector)
* <P>
- *
+ *
* <ul>
* <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before
* approval process)
* </ul>
- *
+ *
* @param ctx profile context
* @param request the certificate request
* @exception EProfileException an error related to this profile has
@@ -1357,12 +1354,12 @@ public abstract class EnrollProfile extends BasicProfile
/**
* Signed Audit Log Requester ID
- *
+ *
* This method is inherited by all extended "EnrollProfile"s,
* and is called to obtain the "RequesterID" for
* a signed audit log message.
* <P>
- *
+ *
* @param request the actual request
* @return id string containing the signed audit log message RequesterID
*/
@@ -1388,12 +1385,12 @@ public abstract class EnrollProfile extends BasicProfile
/**
* Signed Audit Log Profile ID
- *
+ *
* This method is inherited by all extended "EnrollProfile"s,
* and is called to obtain the "ProfileID" for
* a signed audit log message.
* <P>
- *
+ *
* @return id string containing the signed audit log message ProfileID
*/
protected String auditProfileID() {
diff --git a/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java b/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java
index 11da93fc8..81ad58c73 100644
--- a/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java
@@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest;
* This class implements an enrollment default policy
* that populates a signing algorithm
* into the certificate template.
- *
+ *
* @version $Revision$, $Date$
*/
public class SigningAlgDefault extends EnrollDefault {
@@ -121,7 +121,7 @@ public class SigningAlgDefault extends EnrollDefault {
try {
info.set(X509CertInfo.ALGORITHM_ID,
new CertificateAlgorithmId(
- AlgorithmId.getAlgorithmId(value)));
+ AlgorithmId.get(value)));
} catch (Exception e) {
CMS.debug("SigningAlgDefault: setValue " + e.toString());
throw new EPropertyException(CMS.getUserMessage(
@@ -174,8 +174,7 @@ public class SigningAlgDefault extends EnrollDefault {
throws EProfileException {
try {
info.set(X509CertInfo.ALGORITHM_ID,
- new CertificateAlgorithmId(
- AlgorithmId.getAlgorithmId(getSigningAlg())));
+ new CertificateAlgorithmId(AlgorithmId.get(getSigningAlg())));
} catch (Exception e) {
CMS.debug("SigningAlgDefault: populate " + e.toString());
}
diff --git a/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java b/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
index 820e9a654..c324e4a1f 100644
--- a/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
+++ b/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
@@ -84,7 +84,7 @@ import com.netscape.cmsutil.util.Utils;
* Agent operations on Certificate requests. This servlet is used
* by an Agent to approve, reject, reassign, or change a certificate
* request.
- *
+ *
* @version $Revision$, $Date$
*/
public class ProcessCertReq extends CMSServlet {
@@ -190,7 +190,7 @@ public class ProcessCertReq extends CMSServlet {
/**
* initialize the servlet. This servlet uses the template file
* "processCertReq.template" to process the response.
- *
+ *
* @param sc servlet configuration, read from the web.xml file
*/
public void init(ServletConfig sc) throws ServletException {
@@ -219,7 +219,7 @@ public class ProcessCertReq extends CMSServlet {
mParser = CertReqParser.DETAIL_PARSER;
- // override success and error templates to null -
+ // override success and error templates to null -
// handle templates locally.
mTemplates.remove(CMSRequest.SUCCESS);
@@ -255,7 +255,7 @@ public class ProcessCertReq extends CMSServlet {
* <li>http.param addExts base-64, DER encoded Extension or SEQUENCE OF Extensions to add to certificate
* <li>http.param pathLenConstraint integer path length constraint to use in BasicConstraint extension if applicable
* </ul>
- *
+ *
* @param cmsReq the object holding the request and response information
*/
public void process(CMSRequest cmsReq) throws EBaseException {
@@ -364,21 +364,21 @@ public class ProcessCertReq extends CMSServlet {
* Process X509 certificate enrollment request and send request information
* to the caller.
* <P>
- *
+ *
* (Certificate Request - an "agent" cert request for "cloning")
* <P>
- *
+ *
* (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent"
* non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection)
* <P>
- *
+ *
* <ul>
* <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made
* (before approval process)
* <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been
* through the approval process
* </ul>
- *
+ *
* @param cmsReq a certificate enrollment request
* @param argSet CMS template parameters
* @param header argument block
@@ -535,7 +535,7 @@ public class ProcessCertReq extends CMSServlet {
if (!(algId.getName().equals(signatureAlgorithm))) {
alterationCounter++;
- AlgorithmId newAlgId = AlgorithmId.getAlgorithmId(signatureAlgorithm);
+ AlgorithmId newAlgId = AlgorithmId.get(signatureAlgorithm);
certInfo[i].set(X509CertInfo.ALGORITHM_ID,
new CertificateAlgorithmId(newAlgId));
@@ -590,7 +590,7 @@ public class ProcessCertReq extends CMSServlet {
}
}
if (validityChanged) {
- // this set() trigger this rebuild of internal
+ // this set() trigger this rebuild of internal
// raw der encoding cache of X509CertInfo.
// Otherwise, the above change wont have effect.
certInfo[i].set(X509CertInfo.VALIDITY, certValidity);
@@ -640,7 +640,7 @@ public class ProcessCertReq extends CMSServlet {
certInfo[i].set(X509CertInfo.EXTENSIONS, extensions);
}
for (int j = 0; j < extsToBeAdded.size(); j++) {
- Extension theExt = (Extension) extsToBeAdded.elementAt(j);
+ Extension theExt = extsToBeAdded.elementAt(j);
extensions.set(theExt.getExtensionId().toString(), theExt);
}
@@ -683,8 +683,7 @@ public class ProcessCertReq extends CMSServlet {
new BasicConstraintsExtension(isCA.booleanValue(), pathLen);
extensions.delete(BasicConstraintsExtension.NAME);
- extensions.set(BasicConstraintsExtension.NAME,
- (Extension) bcExt0);
+ extensions.set(BasicConstraintsExtension.NAME, bcExt0);
alterationCounter++;
}
}
@@ -791,7 +790,7 @@ public class ProcessCertReq extends CMSServlet {
}
}
- // this set() trigger this rebuild of internal
+ // this set() trigger this rebuild of internal
// raw der encoding cache of X509CertInfo.
// Otherwise, the above change wont have effect.
certInfo[i].set(X509CertInfo.EXTENSIONS, extensions);
@@ -913,12 +912,12 @@ public class ProcessCertReq extends CMSServlet {
X509CertImpl issuedCerts[] =
r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
- // return potentially more than one certificates.
+ // return potentially more than one certificates.
if (issuedCerts != null) {
long endTime = CMS.getCurrentDate().getTime();
StringBuffer sbuf = new StringBuffer();
- //header.addBigIntegerValue("serialNumber",
+ //header.addBigIntegerValue("serialNumber",
//issuedCerts[0].getSerialNumber(),16);
for (int i = 0; i < issuedCerts.length; i++) {
if (i != 0)
@@ -1000,7 +999,7 @@ public class ProcessCertReq extends CMSServlet {
audit(auditMessage);
}
- // grant trusted manager or agent privileges
+ // grant trusted manager or agent privileges
try {
int res = grant_privileges(
cmsReq, r, issuedCerts, header);
@@ -1016,10 +1015,10 @@ public class ProcessCertReq extends CMSServlet {
// since ther is no cert database.
/*
if (mAuthority instanceof RegistrationAuthority) {
- Object[] results =
+ Object[] results =
new Object[] { issuedCerts, grantError };
cmsReq.setResult(results);
- renderTemplate(cmsReq,
+ renderTemplate(cmsReq,
mReqCompletedTemplate, REQ_COMPLETED_FILLER);
return;
@@ -1039,7 +1038,7 @@ public class ProcessCertReq extends CMSServlet {
"authorityid", mAuthority.getId());
header.addStringValue("serviceURL", scheme +"://"+
req.getServerName() + ":"+
- req.getServerPort() +
+ req.getServerPort() +
req.getRequestURI());
*/
@@ -1255,7 +1254,7 @@ public class ProcessCertReq extends CMSServlet {
}
}
- // add authority names to know what privileges can be requested.
+ // add authority names to know what privileges can be requested.
if (CMS.getSubsystem("kra") != null)
header.addStringValue("localkra", "yes");
if (CMS.getSubsystem("ca") != null)
@@ -1664,7 +1663,7 @@ public class ProcessCertReq extends CMSServlet {
}
}
- String uid = (String) httpParams.getValueAsString(GRANT_UID, null);
+ String uid = httpParams.getValueAsString(GRANT_UID, null);
if (uid == null || uid.length() == 0) {
throw new ECMSGWException(CMS.getUserMessage("CMS_GW_MISSING_GRANT_UID"));
@@ -1780,11 +1779,11 @@ public class ProcessCertReq extends CMSServlet {
/**
* Signed Audit Log Info Name
- *
+ *
* This method is called to obtain the "InfoName" for
* a signed audit log message.
* <P>
- *
+ *
* @param type signed audit log request processing type
* @return id string containing the signed audit log message InfoName
*/
@@ -1815,11 +1814,11 @@ public class ProcessCertReq extends CMSServlet {
/**
* Signed Audit Log Info Certificate Value
- *
+ *
* This method is called to obtain the certificate from the passed in
* "X509CertImpl" for a signed audit log message.
* <P>
- *
+ *
* @param x509cert an X509CertImpl
* @return cert string containing the certificate
*/
diff --git a/base/common/src/com/netscape/cmscore/cert/CertUtils.java b/base/common/src/com/netscape/cmscore/cert/CertUtils.java
index 9710d63f5..009e9b0d9 100644
--- a/base/common/src/com/netscape/cmscore/cert/CertUtils.java
+++ b/base/common/src/com/netscape/cmscore/cert/CertUtils.java
@@ -66,7 +66,7 @@ import com.netscape.cmsutil.util.Utils;
* Utility class with assorted methods to check for
* smime pairs, determining the type of cert - signature
* or encryption ..etc.
- *
+ *
* @author kanda
* @version $Revision$, $Date$
*/
@@ -172,8 +172,7 @@ public class CertUtils {
if (info == null) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_OPERATION"));
}
- X509Key key = new X509Key(AlgorithmId.getAlgorithmId(
- "RSAEncryption"), encoded);
+ X509Key key = new X509Key(AlgorithmId.get("RSAEncryption"), encoded);
info.set(X509CertInfo.KEY, key);
} catch (Exception e) {
@@ -191,7 +190,7 @@ public class CertUtils {
info.set(X509CertInfo.SERIAL_NUMBER, new
CertificateSerialNumber(serialno));
info.set(X509CertInfo.ALGORITHM_ID, new
- CertificateAlgorithmId(AlgorithmId.getAlgorithmId(alg)));
+ CertificateAlgorithmId(AlgorithmId.get(alg)));
info.set(X509CertInfo.ISSUER, new
CertificateIssuerName(new X500Name(issuerName)));
info.set(X509CertInfo.VALIDITY, new
@@ -398,9 +397,9 @@ public class CertUtils {
/**
* Returns the index of the given cert in an array of certs.
- *
+ *
* Assumptions: The certs are issued by the same CA
- *
+ *
* @param certArray The array of certs.
* @param givenCert The certificate we are lokking for in the array.
* @return -1 if not found or the index of the given cert in the array.
@@ -421,9 +420,9 @@ public class CertUtils {
/**
* Returns the most recently issued signing certificate from an
* an array of certs.
- *
+ *
* Assumptions: The certs are issued by the same CA
- *
+ *
* @param certArray The array of certs.
* @param givenCert The certificate we are lokking for in the array.
* @return null if there is no recent cert or the most recent cert.
@@ -643,7 +642,7 @@ public class CertUtils {
/**
* strips out the begin and end certificate brackets
- *
+ *
* @param s the string potentially bracketed with
* "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
* @return string without the brackets
@@ -670,7 +669,7 @@ public class CertUtils {
/**
* Returns a string that represents a cert's fingerprint.
* The fingerprint is a MD5 digest of the DER encoded certificate.
- *
+ *
* @param cert Certificate to get the fingerprint of.
* @return a String that represents the cert's fingerprint.
*/
@@ -693,16 +692,16 @@ public class CertUtils {
* MD5, MD2 and SHA1 hashes.
* A certificate's fingerprint is a hash digest of the DER encoded
* certificate.
- *
+ *
* @param cert Certificate to get the fingerprints of.
* @return a String with fingerprints using the MD5, MD2 and SHA1 hashes.
* For example,
- *
+ *
* <pre>
* MD2: 78:7E:D1:F9:3E:AF:50:18:68:A7:29:50:C3:21:1F:71
- *
+ *
* MD5: 0E:89:91:AC:40:50:F7:BE:6E:7B:39:4F:56:73:75:75
- *
+ *
* SHA1: DC:D9:F7:AF:E2:83:10:B2:F7:0A:77:E8:50:E2:F7:D1:15:9A:9D:00
* </pre>
*/
@@ -731,16 +730,16 @@ public class CertUtils {
* MD5, MD2 and SHA1 hashes.
* A certificate's fingerprint is a hash digest of the DER encoded
* certificate.
- *
+ *
* @param cert Certificate to get the fingerprints of.
* @return a String with fingerprints using the MD5, MD2 and SHA1 hashes.
* For example,
- *
+ *
* <pre>
* MD2: 78:7E:D1:F9:3E:AF:50:18:68:A7:29:50:C3:21:1F:71
- *
+ *
* MD5: 0E:89:91:AC:40:50:F7:BE:6E:7B:39:4F:56:73:75:75
- *
+ *
* SHA1: DC:D9:F7:AF:E2:83:10:B2:F7:0A:77:E8:50:E2:F7:D1:15:9A:9D:00
* </pre>
*/
@@ -764,7 +763,7 @@ public class CertUtils {
/**
* Check if a object identifier in string form is valid,
* that is a string in the form n.n.n.n and der encode and decode-able.
- *
+ *
* @param attrName attribute name (from the configuration file)
* @param value object identifier string.
*/
@@ -1083,7 +1082,7 @@ public class CertUtils {
/**
* Signed Audit Log
* This method is called to store messages to the signed audit log.
- *
+ *
* @param msg signed audit log message
*/
private static void audit(String msg) {
diff --git a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
index 42768060c..7c16c6f43 100644
--- a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
@@ -103,7 +103,7 @@ import com.netscape.cmsutil.util.Utils;
/**
* Subsystem for initializing JSS>
* <P>
- *
+ *
* @version $Revision$ $Date$
*/
public final class JssSubsystem implements ICryptoSubsystem {
@@ -137,7 +137,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
// May 01, 1999 01:55:55.
private static SimpleDateFormat mFormatter = new SimpleDateFormat("MMMMM dd, yyyy HH:mm:ss");
- // SSL related variables.
+ // SSL related variables.
private IConfigStore mSSLConfig = null;
@@ -367,9 +367,9 @@ public final class JssSubsystem implements ICryptoSubsystem {
}
public String isCipherFortezza() throws EBaseException {
- // we always display fortezza suites.
- // too much work to display tokens/certs corresponding to the
- // suites.
+ // we always display fortezza suites.
+ // too much work to display tokens/certs corresponding to the
+ // suites.
return "true";
}
@@ -396,10 +396,10 @@ public final class JssSubsystem implements ICryptoSubsystem {
/**
* Initialize SSL cipher suites from config file.
- *
+ *
*/
private void initSSL() throws EBaseException {
- // JSS will AND what is set and what is allowed by export policy
+ // JSS will AND what is set and what is allowed by export policy
// so we can set what is requested.
try {
@@ -415,7 +415,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
if (Debug.ON)
Debug.trace("configured ssl cipher prefs is " + sslCiphers);
- // first, disable all ciphers, since JSS defaults to all-enabled
+ // first, disable all ciphers, since JSS defaults to all-enabled
for (int i = mJSSCipherSuites.length - 1; i >= 0; i--) {
try {
SSLSocket.setCipherPreferenceDefault(mJSSCipherSuites[i],
@@ -436,7 +436,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
}
while (ciphers.hasMoreTokens()) {
String cipher = ciphers.nextToken();
- Integer sslcipher = (Integer) mCipherNames.get(cipher);
+ Integer sslcipher = mCipherNames.get(cipher);
if (sslcipher != null) {
String msg = "setting ssl cipher " + cipher;
@@ -749,7 +749,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
return new AlgIdDSA(P, Q, G);
}
}
- return AlgorithmId.getAlgorithmId(algname);
+ return AlgorithmId.get(algname);
} catch (NoSuchAlgorithmException e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED", ""));
}
@@ -1099,7 +1099,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
}
try {
if (mNicknameMapCertsTable != null) {
- X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ X509Certificate[] certs = mNicknameMapCertsTable.get(nickname);
if (certs == null) {
EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
@@ -1164,7 +1164,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
Hashtable<String, Vector<X509Certificate>> vecTable = new Hashtable<String, Vector<X509Certificate>>();
while (enums.hasMoreElements()) {
- CryptoToken token = (CryptoToken) enums.nextElement();
+ CryptoToken token = enums.nextElement();
String tokenName = token.getName();
CryptoStore store = token.getCryptoStore();
@@ -1186,7 +1186,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
try {
Vector<X509Certificate> v;
- if (vecTable.containsKey((Object) nickname) == true) {
+ if (vecTable.containsKey(nickname) == true) {
v = vecTable.get(nickname);
} else {
v = new Vector<X509Certificate>();
@@ -1213,11 +1213,11 @@ public final class JssSubsystem implements ICryptoSubsystem {
Enumeration<String> elms = vecTable.keys();
while (elms.hasMoreElements()) {
- String key = (String) elms.nextElement();
- Vector<X509Certificate> v = vecTable.get((Object) key);
+ String key = elms.nextElement();
+ Vector<X509Certificate> v = vecTable.get(key);
X509Certificate[] a = new X509Certificate[v.size()];
- v.copyInto((Object[]) a);
+ v.copyInto(a);
mNicknameMapCertsTable.put(key, a);
}
}
@@ -1237,7 +1237,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
Enumeration<CryptoToken> enums = mCryptoManager.getAllTokens();
while (enums.hasMoreElements()) {
- CryptoToken token = (CryptoToken) enums.nextElement();
+ CryptoToken token = enums.nextElement();
String tokenName = token.getName();
CryptoStore store = token.getCryptoStore();
@@ -1305,7 +1305,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
Enumeration<CryptoToken> enums = mCryptoManager.getAllTokens();
while (enums.hasMoreElements()) {
- CryptoToken token = (CryptoToken) enums.nextElement();
+ CryptoToken token = enums.nextElement();
CryptoStore store = token.getCryptoStore();
X509Certificate[] list = store.getCertificates();
@@ -1388,7 +1388,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
/* build a table of our own */
Vector<X509Certificate> v;
- if (vecTable.containsKey((Object) nickname) == true) {
+ if (vecTable.containsKey(nickname) == true) {
v = vecTable.get(nickname);
} else {
v = new Vector<X509Certificate>();
@@ -1401,19 +1401,19 @@ public final class JssSubsystem implements ICryptoSubsystem {
Enumeration<String> elms = vecTable.keys();
while (elms.hasMoreElements()) {
- String key = (String) elms.nextElement();
- Vector<X509Certificate> v = vecTable.get((Object) key);
+ String key = elms.nextElement();
+ Vector<X509Certificate> v = vecTable.get(key);
X509Certificate[] a = new X509Certificate[v.size()];
- v.copyInto((Object[]) a);
+ v.copyInto(a);
mNicknameMapCertsTable.put(key, a);
}
Enumeration<String> keys = mNicknameMapCertsTable.keys();
while (keys.hasMoreElements()) {
- String nickname = (String) keys.nextElement();
- X509Certificate[] value = (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ String nickname = keys.nextElement();
+ X509Certificate[] value = mNicknameMapCertsTable.get(nickname);
for (int i = 0; i < value.length; i++) {
InternalCertificate icert = null;
@@ -1462,7 +1462,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
EBaseException {
try {
if (mNicknameMapCertsTable != null) {
- X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ X509Certificate[] certs = mNicknameMapCertsTable.get(nickname);
if (certs == null) {
EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
@@ -1505,7 +1505,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
/**
* Delete the CA certificate from the perm database.
- *
+ *
* @param nickname The nickname of the CA certificate.
* @param notAfterTime The notAfter of the certificate. It is possible to get multiple
* certificates under the same nickname. If one of the certificates match the notAfterTime,
@@ -1515,7 +1515,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
public void deleteCACert(String nickname, String notAfterTime) throws EBaseException {
try {
if (mNicknameMapCertsTable != null) {
- X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ X509Certificate[] certs = mNicknameMapCertsTable.get(nickname);
if (certs == null) {
EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
@@ -1566,7 +1566,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
/**
* Delete any certificate from the any token.
- *
+ *
* @param nickname The nickname of the certificate.
* @param notAfterTime The notAfter of the certificate. It is possible to get multiple
* certificates under the same nickname. If one of the certificates match the notAfterTime,
@@ -1581,13 +1581,13 @@ public final class JssSubsystem implements ICryptoSubsystem {
try {
if (mNicknameMapCertsTable != null) {
certs =
- (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ mNicknameMapCertsTable.get(nickname);
}
if (certs == null) {
if (mNicknameMapUserCertsTable != null) {
certs =
- (X509Certificate[]) mNicknameMapUserCertsTable.get(nickname);
+ mNicknameMapUserCertsTable.get(nickname);
if (certs != null) {
CMS.debug("in mNicknameMapUserCertsTable, isUserCert is true");
isUserCert = true;
@@ -1956,7 +1956,7 @@ public final class JssSubsystem implements ICryptoSubsystem {
if ((certs == null || certs.length == 0) &&
mNicknameMapCertsTable != null) {
- certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname);
+ certs = mNicknameMapCertsTable.get(nickname);
}
if (certs == null) {
EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND"));
diff --git a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java
index 2a9afb868..2bb31ba1a 100644
--- a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java
+++ b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java
@@ -63,7 +63,6 @@ import netscape.security.x509.AlgIdDSA;
import netscape.security.x509.AlgorithmId;
import netscape.security.x509.AuthorityKeyIdentifierExtension;
import netscape.security.x509.BasicConstraintsExtension;
-import netscape.security.x509.CertAttrSet;
import netscape.security.x509.CertificateAlgorithmId;
import netscape.security.x509.CertificateExtensions;
import netscape.security.x509.Extension;
@@ -119,7 +118,7 @@ import com.netscape.cmsutil.util.Utils;
/**
* This class provides all the base methods to generate the key for different
* kinds of certificates.
- *
+ *
* @author Christine Ho
* @version $Revision$, $Date$
*/
@@ -162,7 +161,7 @@ public class KeyCertUtil {
int num = 0;
while (tokens.hasMoreElements()) {
- CryptoToken c = (CryptoToken) tokens.nextElement();
+ CryptoToken c = tokens.nextElement();
if (num++ == 0)
tokenList = tokenList + c.getName();
@@ -333,7 +332,7 @@ public class KeyCertUtil {
return new AlgIdDSA(P, Q, G);
}
}
- return AlgorithmId.getAlgorithmId(algname);
+ return AlgorithmId.get(algname);
} catch (NoSuchAlgorithmException e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED"));
}
@@ -603,7 +602,7 @@ public class KeyCertUtil {
if (exts != null) {
PKCS10Attribute attr = new
PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID,
- (CertAttrSet) exts);
+ exts);
PKCS10Attributes attrs = new PKCS10Attributes();
attrs.setAttribute(attr.getAttributeValue().getName(), attr);
@@ -764,7 +763,7 @@ public class KeyCertUtil {
byte bCert[] = Utils.base64decode(str);
/*
- java.security.cert.X509Certificate cert =
+ java.security.cert.X509Certificate cert =
java.security.cert.X509Certificate.getInstance(bCert);
return cert;
*/
diff --git a/base/util/src/netscape/security/extensions/CertInfo.java b/base/util/src/netscape/security/extensions/CertInfo.java
index ab88ec8ab..47a138253 100644
--- a/base/util/src/netscape/security/extensions/CertInfo.java
+++ b/base/util/src/netscape/security/extensions/CertInfo.java
@@ -65,14 +65,13 @@ public class CertInfo extends X509CertInfo {
SERIALIZE_SERIALNO =
new CertificateSerialNumber(new BigInteger("0"));
SERIALIZE_ALGOR =
- new CertificateAlgorithmId(
- AlgorithmId.getAlgorithmId("MD5withRSA"));
+ new CertificateAlgorithmId(AlgorithmId.get("MD5withRSA"));
} catch (IOException e) {
- // should never happen. If does, system is hosed.
+ // should never happen. If does, system is hosed.
System.out.println("**** Impossible Error encountered ****");
throw new RuntimeException(e.toString());
} catch (NoSuchAlgorithmException e) {
- // should never happen. If does, system is hosed.
+ // should never happen. If does, system is hosed.
System.out.println("**** Impossible Error encountered ****");
throw new RuntimeException(e.toString());
}
@@ -111,7 +110,7 @@ public class CertInfo extends X509CertInfo {
certinfo.set(X509CertInfo.SUBJECT, SERIALIZE_SUBJECT);
}
// key is set later in the request.
- } // these exceptions shouldn't happen here unless the
+ } // these exceptions shouldn't happen here unless the
// whole process is hosed.
catch (CertificateException e) {
} catch (IOException e) {
diff --git a/base/util/src/netscape/security/x509/AlgorithmId.java b/base/util/src/netscape/security/x509/AlgorithmId.java
index b0113af41..947853a42 100644
--- a/base/util/src/netscape/security/x509/AlgorithmId.java
+++ b/base/util/src/netscape/security/x509/AlgorithmId.java
@@ -35,19 +35,19 @@ import netscape.security.util.ObjectIdentifier;
* are used when this runtime environment has no special knowledge of the
* algorithm type, and may also be used in other cases. Equivalence is
* defined according to OID and (where relevant) parameters.
- *
+ *
* <P>
* Subclasses may be used, for example when when the algorithm ID has associated parameters which some code (e.g. code
* using public keys) needs to have parsed. Two examples of such algorithms are Diffie-Hellman key exchange, and the
* Digital Signature Standard Algorithm (DSS/DSA).
- *
+ *
* <P>
* The OID constants defined in this class correspond to some widely used algorithms, for which conventional string
* names have been defined. This class is not a general repository for OIDs, or for such string names. Note that the
* mappings between algorithm IDs and algorithm names is not one-to-one.
- *
+ *
* @version 1.70
- *
+ *
* @author David Brownell
* @author Amit Kapoor
* @author Hemma Prafullchandra
@@ -77,19 +77,6 @@ public class AlgorithmId implements Serializable, DerEncoder {
protected String paramsString = null;
- /**
- * Returns one of the algorithm IDs most commonly associated
- * with this algorithm name.
- *
- * @param algname the name being used
- * @deprecated use the short get form of this method.
- * @exception NoSuchAlgorithmException on error.
- */
- public static AlgorithmId getAlgorithmId(String algname)
- throws NoSuchAlgorithmException {
- return get(algname);
- }
-
public AlgorithmParameters getParameters() {
return this.algParams;
}
@@ -106,7 +93,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
/**
* Returns one of the algorithm IDs most commonly associated
* with this algorithm name.
- *
+ *
* @param algname the name being used
* @exception NoSuchAlgorithmException on error.
*/
@@ -124,7 +111,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
* Parse (unmarshal) an ID from a DER sequence input value. This form
* parsing might be used when expanding a value which has already been
* partially unmarshaled as a set or sequence member.
- *
+ *
* @exception IOException on error.
* @param val the input value, which contains the algid and, if
* there are any parameters, those parameters.
@@ -163,7 +150,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
alg.decodeParams();
/*
- * Set the raw params string in case
+ * Set the raw params string in case
* higher level code might want the info
*/
@@ -185,7 +172,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
/**
* Constructs a parameterless algorithm ID.
- *
+ *
* @param oid the identifier for the algorithm
*/
public AlgorithmId(ObjectIdentifier oid) {
@@ -203,7 +190,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
/**
* Constructs an algorithm ID which will be initialized
* separately, for example by deserialization.
- *
+ *
* @deprecated use one of the other constructors.
*/
public AlgorithmId() {
@@ -236,10 +223,10 @@ public class AlgorithmId implements Serializable, DerEncoder {
/**
* DER encode this object onto an output stream.
* Implements the <code>DerEncoder</code> interface.
- *
+ *
* @param out
* the output stream on which to write the DER encoding.
- *
+ *
* @exception IOException on encoding error.
*/
public void derEncode(OutputStream out) throws IOException {
@@ -459,7 +446,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
/**
* Returns the DER encoded parameter, which can then be
* used to initialize java.security.AlgorithmParamters.
- *
+ *
* @return DER encoded parameters, or null not present.
*/
public byte[] getEncodedParams() throws IOException {
@@ -502,7 +489,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
* Compares this AlgorithmID to another. If algorithm parameters are
* available, they are compared. Otherwise, just the object IDs
* for the algorithm are compared.
- *
+ *
* @param other preferably an AlgorithmId, else an ObjectIdentifier
*/
public boolean equals(Object other) {
diff --git a/base/util/src/netscape/security/x509/X500Signer.java b/base/util/src/netscape/security/x509/X500Signer.java
index 0b8cf87a4..3bc5a413e 100644
--- a/base/util/src/netscape/security/x509/X500Signer.java
+++ b/base/util/src/netscape/security/x509/X500Signer.java
@@ -26,17 +26,17 @@ import java.security.Signer;
* This class provides a binding between a Signature object and an
* authenticated X.500 name (from an X.509 certificate chain), which
* is needed in many public key signing applications.
- *
+ *
* <P>
* The name of the signer is important, both because knowing it is the whole point of the signature, and because the
* associated X.509 certificate is always used to verify the signature.
- *
+ *
* <P>
* <em>The X.509 certificate chain is temporarily not associated with
* the signer, but this omission will be resolved.</em>
- *
+ *
* @version 1.18
- *
+ *
* @author David Brownell
* @author Amit Kapoor
* @author Hemma Prafullchandra
@@ -51,7 +51,7 @@ public final class X500Signer extends Signer {
* Called for each chunk of the data being signed. That
* is, you can present the data in many chunks, so that
* it doesn't need to be in a single sequential buffer.
- *
+ *
* @param buf buffer holding the next chunk of the data to be signed
* @param offset starting point of to-be-signed data
* @param len how many bytes of data are to be signed
@@ -64,7 +64,7 @@ public final class X500Signer extends Signer {
/**
* Produces the signature for the data processed by update().
- *
+ *
* @exception SignatureException on errors.
*/
public byte[] sign() throws SignatureException {
@@ -98,12 +98,12 @@ public final class X500Signer extends Signer {
this.agent = agent;
try {
- this.algid = AlgorithmId.getAlgorithmId(sig.getAlgorithm());
+ this.algid = AlgorithmId.get(sig.getAlgorithm());
String alg = sig.getAlgorithm();
if (alg.equals("DSA")) {
alg = "SHA1withDSA";
}
- this.algid = AlgorithmId.getAlgorithmId(alg);
+ this.algid = AlgorithmId.get(alg);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("internal error! " + e.getMessage());