diff options
Diffstat (limited to 'pki/base/util/src/com/netscape')
104 files changed, 0 insertions, 10568 deletions
diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java deleted file mode 100644 index bf8a9cfc1..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java +++ /dev/null @@ -1,1292 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.crypto; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.CharConversionException; -import java.io.FilterOutputStream; -import java.io.IOException; -import java.io.PrintStream; -import java.math.BigInteger; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.KeyPair; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.PublicKey; -import java.security.SignatureException; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPublicKey; -import java.security.interfaces.RSAPublicKey; -import java.util.Date; -import java.util.Enumeration; -import java.util.StringTokenizer; -import java.util.Vector; - -import netscape.security.pkcs.PKCS10; -import netscape.security.pkcs.PKCS7; -import netscape.security.util.BigInt; -import netscape.security.util.DerInputStream; -import netscape.security.util.DerOutputStream; -import netscape.security.util.DerValue; -import netscape.security.util.ObjectIdentifier; -import netscape.security.x509.AlgorithmId; -import netscape.security.x509.CertificateAlgorithmId; -import netscape.security.x509.CertificateChain; -import netscape.security.x509.CertificateExtensions; -import netscape.security.x509.CertificateIssuerName; -import netscape.security.x509.CertificateSerialNumber; -import netscape.security.x509.CertificateSubjectName; -import netscape.security.x509.CertificateValidity; -import netscape.security.x509.CertificateVersion; -import netscape.security.x509.CertificateX509Key; -import netscape.security.x509.X500Name; -import netscape.security.x509.X500Signer; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; -import netscape.security.x509.X509Key; - -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.CryptoManager.NotInitializedException; -import org.mozilla.jss.NoSuchTokenException; -import org.mozilla.jss.asn1.ASN1Util; -import org.mozilla.jss.asn1.BIT_STRING; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.crypto.Algorithm; -import org.mozilla.jss.crypto.BadPaddingException; -import org.mozilla.jss.crypto.Cipher; -import org.mozilla.jss.crypto.CryptoStore; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.DigestAlgorithm; -import org.mozilla.jss.crypto.EncryptionAlgorithm; -import org.mozilla.jss.crypto.IVParameterSpec; -import org.mozilla.jss.crypto.IllegalBlockSizeException; -import org.mozilla.jss.crypto.InternalCertificate; -import org.mozilla.jss.crypto.InvalidKeyFormatException; -import org.mozilla.jss.crypto.KeyGenAlgorithm; -import org.mozilla.jss.crypto.KeyGenerator; -import org.mozilla.jss.crypto.KeyPairAlgorithm; -import org.mozilla.jss.crypto.KeyPairGenerator; -import org.mozilla.jss.crypto.KeyWrapAlgorithm; -import org.mozilla.jss.crypto.KeyWrapper; -import org.mozilla.jss.crypto.NoSuchItemOnTokenException; -import org.mozilla.jss.crypto.ObjectNotFoundException; -import org.mozilla.jss.crypto.PBEAlgorithm; -import org.mozilla.jss.crypto.PrivateKey; -import org.mozilla.jss.crypto.Signature; -import org.mozilla.jss.crypto.SignatureAlgorithm; -import org.mozilla.jss.crypto.SymmetricKey; -import org.mozilla.jss.crypto.TokenException; -import org.mozilla.jss.crypto.X509Certificate; -import org.mozilla.jss.pkcs11.PK11ECPublicKey; -import org.mozilla.jss.pkcs12.PasswordConverter; -import org.mozilla.jss.pkcs7.EncryptedContentInfo; -import org.mozilla.jss.pkix.crmf.CertReqMsg; -import org.mozilla.jss.pkix.crmf.CertRequest; -import org.mozilla.jss.pkix.crmf.CertTemplate; -import org.mozilla.jss.pkix.crmf.EncryptedKey; -import org.mozilla.jss.pkix.crmf.EncryptedValue; -import org.mozilla.jss.pkix.crmf.PKIArchiveOptions; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; -import org.mozilla.jss.pkix.primitive.Name; -import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo; -import org.mozilla.jss.util.Base64OutputStream; -import org.mozilla.jss.util.Password; - -import com.netscape.cmsutil.util.Cert; -import com.netscape.cmsutil.util.Utils; - -public class CryptoUtil { - - public static final String CERTREQ_BEGIN_HEADING = "-----BEGIN CERTIFICATE REQUEST-----"; - public static final String CERTREQ_END_HEADING = "-----END CERTIFICATE REQUEST-----"; - public static final int LINE_COUNT = 76; - public static final String CERT_BEGIN_HEADING = "-----BEGIN CERTIFICATE-----"; - public static final String CERT_END_HEADING = "-----END CERTIFICATE-----"; - - /* - * encodes cert - */ - // private static BASE64Encoder mEncoder = new BASE64Encoder(); - public static String toMIME64(X509CertImpl cert) { - try { - return "-----BEGIN CERTIFICATE-----\n" - // + mEncoder.encodeBuffer(cert.getEncoded()) - + Utils.base64encode(cert.getEncoded()) - + "-----END CERTIFICATE-----\n"; - } catch (Exception e) { - } - return null; - } - - public static boolean arraysEqual(byte[] bytes, byte[] ints) { - if (bytes == null || ints == null) { - return false; - } - - if (bytes.length != ints.length) { - return false; - } - - for (int i = 0; i < bytes.length; i++) { - if (bytes[i] != ints[i]) { - return false; - } - } - return true; - } - - /** - * Retrieves handle to a JSS token. - */ - public static CryptoToken getTokenByName(String token) - throws CryptoManager.NotInitializedException, - NoSuchTokenException { - CryptoManager cm = CryptoManager.getInstance(); - CryptoToken t = null; - - if (token.equals("internal")) { - t = cm.getInternalKeyStorageToken(); - } else { - t = cm.getTokenByName(token); - } - return t; - } - - /** - * Generates a RSA key pair. - */ - public static KeyPair generateRSAKeyPair(String token, int keysize) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - CryptoToken t = getTokenByName(token); - KeyPairGenerator g = t.getKeyPairGenerator(KeyPairAlgorithm.RSA); - - g.initialize(keysize); - KeyPair pair = g.genKeyPair(); - - return pair; - } - - public static boolean isECCKey(X509Key key) { - String keyAlgo = key.getAlgorithm(); - if (keyAlgo.equals("EC") || - keyAlgo.equals("OID.1.2.840.10045.44")) { // ECC - return true; - } - return false; - } - - /** - * Generates an ecc key pair. - */ - public static KeyPair generateECCKeyPair(String token, int keysize) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - return generateECCKeyPair(token, keysize, null, null); - } - - public static KeyPair generateECCKeyPair(String token, int keysize, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - CryptoToken t = getTokenByName(token); - - KeyPairAlgorithm alg = KeyPairAlgorithm.EC; - KeyPairGenerator g = t.getKeyPairGenerator(alg); - - g.setKeyPairUsages(usage_ops, usage_mask); - g.initialize(keysize); - - KeyPair pair = g.genKeyPair(); - - return pair; - } - - /** - * Generates an ecc key pair by curve name - */ - public static KeyPair generateECCKeyPair(String token, String curveName) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - return generateECCKeyPair(token, curveName, null, null); - } - - public static KeyPair generateECCKeyPair(CryptoToken token, String curveName) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - return generateECCKeyPair(token, curveName, null, null); - } - - public static KeyPair generateECCKeyPair(String token, String curveName, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - CryptoToken t = getTokenByName(token); - return generateECCKeyPair(t, curveName, usage_ops, usage_mask); - } - - public static KeyPair generateECCKeyPair(CryptoToken token, String curveName, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, - NoSuchTokenException, - NoSuchAlgorithmException, - TokenException { - KeyPairAlgorithm alg = KeyPairAlgorithm.EC; - KeyPairGenerator g = token.getKeyPairGenerator(alg); - - g.setKeyPairUsages(usage_ops, usage_mask); - - System.out.println("CryptoUtil: generateECCKeyPair: curve = " + curveName); - int curveCode = 0; - try { - curveCode = g.getCurveCodeByName(curveName); - } catch (Exception e) { - System.out.println("CryptoUtil: generateECCKeyPair: " + e.toString()); - throw new NoSuchAlgorithmException(); - } - g.initialize(curveCode); - - System.out.println("CryptoUtil: generateECCKeyPair: after KeyPairGenerator initialize with:" + curveName); - KeyPair pair = g.genKeyPair(); - - return pair; - } - - public static byte[] getModulus(PublicKey pubk) { - RSAPublicKey rsaKey = (RSAPublicKey) pubk; - - return rsaKey.getModulus().toByteArray(); - } - - public static byte[] getPublicExponent(PublicKey pubk) { - RSAPublicKey rsaKey = (RSAPublicKey) pubk; - - return rsaKey.getPublicExponent().toByteArray(); - } - - public static String base64Encode(byte[] bytes) throws IOException { - // All this streaming is lame, but Base64OutputStream needs a - // PrintStream - ByteArrayOutputStream output = new ByteArrayOutputStream(); - Base64OutputStream b64 = new Base64OutputStream(new - PrintStream(new - FilterOutputStream(output))); - - b64.write(bytes); - b64.flush(); - - // This is internationally safe because Base64 chars are - // contained within 8859_1 - return output.toString("8859_1"); - } - - public static byte[] base64Decode(String s) throws IOException { - // BASE64Decoder base64 = new BASE64Decoder(); - // byte[] d = base64.decodeBuffer(s); - byte[] d = Utils.base64decode(s); - - return d; - } - - /* - * formats a cert request - */ - public static String reqFormat(String content) { - String result = CERTREQ_BEGIN_HEADING + "\n"; - - while (content.length() >= LINE_COUNT) { - result = result + content.substring(0, LINE_COUNT) + "\n"; - content = content.substring(LINE_COUNT); - } - if (content.length() > 0) { - result = result + content + "\n" + CERTREQ_END_HEADING; - } else { - result = result + CERTREQ_END_HEADING; - } - - return result; - } - - public static String getPKCS10FromKey(String dn, - byte modulus[], byte exponent[], byte prikdata[]) - throws IOException, - InvalidKeyException, - TokenException, - NoSuchProviderException, - CertificateException, - SignatureException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException { - X509Key x509key = getPublicX509Key(modulus, exponent); - PrivateKey prik = findPrivateKeyFromID(prikdata); - PKCS10 pkcs10 = createCertificationRequest(dn, x509key, prik); - ByteArrayOutputStream bs = new ByteArrayOutputStream(); - PrintStream ps = new PrintStream(bs); - pkcs10.print(ps); - return bs.toString(); - } - - public static String getPKCS10FromKey(String dn, - byte modulus[], byte exponent[], byte prikdata[], String alg) - throws IOException, - InvalidKeyException, - TokenException, - NoSuchProviderException, - CertificateException, - SignatureException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException { - X509Key x509key = getPublicX509Key(modulus, exponent); - PrivateKey prik = findPrivateKeyFromID(prikdata); - PKCS10 pkcs10 = createCertificationRequest(dn, x509key, prik, alg); - ByteArrayOutputStream bs = new ByteArrayOutputStream(); - PrintStream ps = new PrintStream(bs); - pkcs10.print(ps); - return bs.toString(); - } - - /* - * formats a cert - */ - public static String certFormat(String content) { - if (content == null || content.length() == 0) { - return ""; - } - String result = CERT_BEGIN_HEADING + "\n"; - - while (content.length() >= LINE_COUNT) { - result = result + content.substring(0, LINE_COUNT) + "\n"; - content = content.substring(LINE_COUNT); - } - if (content.length() > 0) { - result = result + content + "\n" + CERT_END_HEADING; - } else { - result = result + CERT_END_HEADING; - } - - return result; - } - - /** - * strips out the begin and end certificate brackets - * - * @param s the string potentially bracketed with - * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" - * @return string without the brackets - */ - public static String stripCertBrackets(String s) { - if (s == null) { - return s; - } - - if (s.startsWith(CERT_BEGIN_HEADING) && s.endsWith(CERT_END_HEADING)) { - return (s.substring(27, (s.length() - 25))); - } - - // To support Thawte's header and footer - if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) - && (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) { - return (s.substring(35, (s.length() - 33))); - } - - return s; - } - - public static String normalizeCertAndReq(String s) { - if (s == null) { - return s; - } - s = s.replaceAll("-----BEGIN CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----BEGIN NEW CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----END CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----END NEW CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----BEGIN CERTIFICATE-----", ""); - s = s.replaceAll("-----END CERTIFICATE-----", ""); - - StringBuffer sb = new StringBuffer(); - StringTokenizer st = new StringTokenizer(s, "\r\n "); - - while (st.hasMoreTokens()) { - String nextLine = st.nextToken(); - - nextLine = nextLine.trim(); - if (nextLine.equals("-----BEGIN CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----BEGIN NEW CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----END CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----END NEW CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----BEGIN CERTIFICATE-----")) { - continue; - } - if (nextLine.equals("-----END CERTIFICATE-----")) { - continue; - } - sb.append(nextLine); - } - return sb.toString(); - } - - public static String normalizeCertStr(String s) { - String val = ""; - - for (int i = 0; i < s.length(); i++) { - if (s.charAt(i) == '\n') { - continue; - } else if (s.charAt(i) == '\r') { - continue; - } else if (s.charAt(i) == '"') { - continue; - } else if (s.charAt(i) == ' ') { - continue; - } - val += s.charAt(i); - } - return val; - } - - public static void importCertificateChain(String certchain) - throws IOException, - CryptoManager.NotInitializedException, - TokenException, - CertificateEncodingException, - CertificateException { - byte[] blah = base64Decode(certchain); - CryptoManager manager = CryptoManager.getInstance(); - PKCS7 pkcs7 = null; - try { - // try PKCS7 first - pkcs7 = new PKCS7(blah); - } catch (Exception e) { - } - X509Certificate cert = null; - if (pkcs7 == null) { - cert = manager.importCACertPackage(blah); - } else { - java.security.cert.X509Certificate certsInP7[] = - pkcs7.getCertificates(); - if (certsInP7 == null) { - cert = manager.importCACertPackage(blah); - } else { - for (int i = 0; i < certsInP7.length; i++) { - // import P7 one by one - cert = manager.importCACertPackage(certsInP7[i].getEncoded()); - } - } - } - X509Certificate[] certchains = - CryptoManager.getInstance().buildCertificateChain(cert); - - if (certchains != null) { - cert = certchains[certchains.length - 1]; - } - InternalCertificate icert = (InternalCertificate) cert; - icert.setSSLTrust(InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA - | InternalCertificate.VALID_CA); - } - - public static SEQUENCE parseCRMFMsgs(byte cert_request[]) - throws IOException, InvalidBERException { - ByteArrayInputStream crmfBlobIn = - new ByteArrayInputStream(cert_request); - SEQUENCE crmfMsgs = (SEQUENCE) - new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode( - crmfBlobIn); - return crmfMsgs; - } - - public static X509Key getX509KeyFromCRMFMsgs(SEQUENCE crmfMsgs) - throws IOException, NoSuchAlgorithmException, - InvalidKeyException, InvalidKeyFormatException { - int nummsgs = crmfMsgs.size(); - if (nummsgs <= 0) { - throw new IOException("invalid certificate requests"); - } - CertReqMsg msg = (CertReqMsg) crmfMsgs.elementAt(0); - CertRequest certreq = msg.getCertReq(); - CertTemplate certTemplate = certreq.getCertTemplate(); - SubjectPublicKeyInfo spkinfo = certTemplate.getPublicKey(); - PublicKey pkey = spkinfo.toPublicKey(); - X509Key x509key = convertPublicKeyToX509Key(pkey); - return x509key; - } - - public static X509Key getPublicX509Key(byte modulus[], byte exponent[]) - throws InvalidKeyException { - return new netscape.security.provider.RSAPublicKey(new BigInt(modulus), - new BigInt(exponent)); - } - - public static X509Key getPublicX509ECCKey(byte encoded[]) - throws InvalidKeyException { - try { - return X509Key.parse(new DerValue(encoded)); - } catch (IOException e) { - throw new InvalidKeyException(); - } - } - - public static X509Key convertPublicKeyToX509Key(PublicKey pubk) - throws InvalidKeyException { - X509Key xKey; - - if (pubk instanceof RSAPublicKey) { - RSAPublicKey rsaKey = (RSAPublicKey) pubk; - - xKey = new netscape.security.provider.RSAPublicKey( - new BigInt(rsaKey.getModulus()), - new BigInt(rsaKey.getPublicExponent())); - } else if (pubk instanceof PK11ECPublicKey) { - byte encoded[] = pubk.getEncoded(); - xKey = CryptoUtil.getPublicX509ECCKey(encoded); - } else { - // Assert.assert(pubk instanceof DSAPublicKey); - DSAPublicKey dsaKey = (DSAPublicKey) pubk; - DSAParams params = dsaKey.getParams(); - - xKey = new netscape.security.provider.DSAPublicKey(dsaKey.getY(), - params.getP(), params.getQ(), params.getG()); - } - return xKey; - } - - public static String getSubjectName(SEQUENCE crmfMsgs) - throws IOException { - int nummsgs = crmfMsgs.size(); - if (nummsgs <= 0) { - throw new IOException("invalid certificate requests"); - } - CertReqMsg msg = (CertReqMsg) crmfMsgs.elementAt(0); - CertRequest certreq = msg.getCertReq(); - CertTemplate certTemplate = certreq.getCertTemplate(); - Name n = certTemplate.getSubject(); - ByteArrayOutputStream subjectEncStream = new ByteArrayOutputStream(); - n.encode(subjectEncStream); - - byte[] b = subjectEncStream.toByteArray(); - X500Name subject = new X500Name(b); - return subject.toString(); - } - - /** - * Creates a Certificate template. - */ - public static X509CertInfo createX509CertInfo(KeyPair pair, - int serialno, String issuername, String subjname, - Date notBefore, Date notAfter) - throws IOException, - CertificateException, - InvalidKeyException { - return createX509CertInfo(convertPublicKeyToX509Key(pair.getPublic()), - serialno, issuername, subjname, notBefore, notAfter); - } - - public static X509CertInfo createX509CertInfo(PublicKey publickey, - int serialno, String issuername, String subjname, - Date notBefore, Date notAfter) - throws IOException, - CertificateException, - InvalidKeyException { - return createX509CertInfo(convertPublicKeyToX509Key(publickey), serialno, - issuername, subjname, notBefore, notAfter); - } - - public static X509CertInfo createX509CertInfo(X509Key x509key, - int serialno, String issuername, String subjname, - Date notBefore, Date notAfter) - throws IOException, - CertificateException, - InvalidKeyException { - // set default; use the other call with "alg" to set algorithm - String alg = "SHA256withRSA"; - try { - return createX509CertInfo(x509key, serialno, issuername, subjname, notBefore, notAfter, alg); - } catch (NoSuchAlgorithmException ex) { - // for those that calls the old call without alg - throw new CertificateException("createX509CertInfo old call should not be here"); - } - } - - public static X509CertInfo createX509CertInfo(X509Key x509key, - int serialno, String issuername, String subjname, - Date notBefore, Date notAfter, String alg) - throws IOException, - CertificateException, - InvalidKeyException, - NoSuchAlgorithmException { - X509CertInfo info = new X509CertInfo(); - - info.set(X509CertInfo.VERSION, new - CertificateVersion(CertificateVersion.V3)); - info.set(X509CertInfo.SERIAL_NUMBER, new - CertificateSerialNumber(serialno)); - info.set(X509CertInfo.ISSUER, new - CertificateIssuerName(new X500Name(issuername))); - info.set(X509CertInfo.SUBJECT, new - CertificateSubjectName(new X500Name(subjname))); - info.set(X509CertInfo.VALIDITY, new - CertificateValidity(notBefore, notAfter)); - info.set(X509CertInfo.ALGORITHM_ID, new - CertificateAlgorithmId(AlgorithmId.get(alg))); - info.set(X509CertInfo.KEY, new CertificateX509Key(x509key)); - info.set(X509CertInfo.EXTENSIONS, new CertificateExtensions()); - return info; - } - - public static X509CertImpl signECCCert(PrivateKey privateKey, - X509CertInfo certInfo) - throws NoSuchTokenException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException, - NoSuchTokenException, - TokenException, - InvalidKeyException, - SignatureException, - IOException, - CertificateException { - // set default; use the other call with "alg" to specify algorithm - String alg = "SHA256withEC"; - return signECCCert(privateKey, certInfo, alg); - } - - public static X509CertImpl signECCCert(PrivateKey privateKey, - X509CertInfo certInfo, String alg) - throws NoSuchTokenException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException, - NoSuchTokenException, - TokenException, - InvalidKeyException, - SignatureException, - IOException, - CertificateException { - return signCert(privateKey, certInfo, - Cert.mapAlgorithmToJss(alg)); - } - - /** - * Signs certificate. - */ - public static X509CertImpl signCert(PrivateKey privateKey, - X509CertInfo certInfo, String alg) - throws NoSuchTokenException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException, - NoSuchTokenException, - TokenException, - InvalidKeyException, - SignatureException, - IOException, - CertificateException { - return signCert(privateKey, certInfo, - Cert.mapAlgorithmToJss(alg)); - } - - public static X509CertImpl signCert(PrivateKey privateKey, - X509CertInfo certInfo, SignatureAlgorithm sigAlg) - throws NoSuchTokenException, - CryptoManager.NotInitializedException, - NoSuchAlgorithmException, - NoSuchTokenException, - TokenException, - InvalidKeyException, - SignatureException, - IOException, - CertificateException { - - DerInputStream ds = new DerInputStream(ASN1Util.encode(sigAlg.toOID())); - ObjectIdentifier sigAlgOID = new ObjectIdentifier(ds); - AlgorithmId aid = new AlgorithmId(sigAlgOID); - certInfo.set(X509CertInfo.ALGORITHM_ID, - new CertificateAlgorithmId(aid)); - - org.mozilla.jss.crypto.PrivateKey priKey = - (org.mozilla.jss.crypto.PrivateKey) privateKey; - CryptoToken token = priKey.getOwningToken(); - - DerOutputStream tmp = new DerOutputStream(); - DerOutputStream out = new DerOutputStream(); - - certInfo.encode(tmp); - Signature signer = token.getSignatureContext(sigAlg); - - signer.initSign(priKey); - signer.update(tmp.toByteArray()); - byte signed[] = signer.sign(); - - aid.encode(tmp); - tmp.putBitString(signed); - out.write(DerValue.tag_Sequence, tmp); - X509CertImpl signedCert = new X509CertImpl(out.toByteArray()); - - return signedCert; - } - - /** - * Creates a PKCS#10 request. - */ - public static PKCS10 createCertificationRequest(String subjectName, - X509Key pubk, PrivateKey prik) - throws NoSuchAlgorithmException, NoSuchProviderException, - InvalidKeyException, IOException, CertificateException, - SignatureException { - // give default - String alg = "SHA256withRSA"; - if (isECCKey(pubk)) { - alg = "SHA256withEC"; - } - return createCertificationRequest(subjectName, pubk, prik, alg); - } - - public static PKCS10 createCertificationRequest(String subjectName, - X509Key pubk, PrivateKey prik, String alg) - throws NoSuchAlgorithmException, NoSuchProviderException, - InvalidKeyException, IOException, CertificateException, - SignatureException { - X509Key key = pubk; - java.security.Signature sig = java.security.Signature.getInstance(alg, - "Mozilla-JSS"); - - sig.initSign(prik); - PKCS10 pkcs10 = new PKCS10(key); - X500Name name = new X500Name(subjectName); - X500Signer signer = new X500Signer(sig, name); - - pkcs10.encodeAndSign(signer); - return pkcs10; - } - - /** - * Creates a PKCS#10 request. - */ - public static PKCS10 createCertificationRequest(String subjectName, - KeyPair keyPair) - throws NoSuchAlgorithmException, NoSuchProviderException, - InvalidKeyException, IOException, CertificateException, - SignatureException { - String alg; - PublicKey pubk = keyPair.getPublic(); - X509Key key = convertPublicKeyToX509Key(pubk); - if (pubk instanceof RSAPublicKey) { - alg = "SHA256withRSA"; - } else if (isECCKey(key)) { - alg = "SHA256withEC"; - } else { - // Assert.assert(pubk instanceof DSAPublicKey); - alg = "DSA"; - } - return createCertificationRequest(subjectName, keyPair, alg); - } - - public static PKCS10 createCertificationRequest(String subjectName, - KeyPair keyPair, String alg) - throws NoSuchAlgorithmException, NoSuchProviderException, - InvalidKeyException, IOException, CertificateException, - SignatureException { - PublicKey pubk = keyPair.getPublic(); - X509Key key = convertPublicKeyToX509Key(pubk); - - java.security.Signature sig = java.security.Signature.getInstance(alg, - "Mozilla-JSS"); - - sig.initSign(keyPair.getPrivate()); - - PKCS10 pkcs10 = new PKCS10(key); - - X500Name name = new X500Name(subjectName); - X500Signer signer = new X500Signer(sig, name); - - pkcs10.encodeAndSign(signer); - - return pkcs10; - } - - public static void unTrustCert(InternalCertificate cert) { - // remove TRUSTED_CA - int flag = cert.getSSLTrust(); - - flag ^= InternalCertificate.VALID_CA; - cert.setSSLTrust(flag); - } - - /** - * Trusts a certificate by nickname. - */ - public static void trustCertByNickname(String nickname) - throws CryptoManager.NotInitializedException, - TokenException { - CryptoManager cm = CryptoManager.getInstance(); - X509Certificate certs[] = cm.findCertsByNickname(nickname); - - if (certs == null) { - return; - } - for (int i = 0; i < certs.length; i++) { - trustCert((InternalCertificate) certs[i]); - } - } - - /** - * Trusts a certificate. - */ - public static void trustCert(InternalCertificate cert) { - int flag = InternalCertificate.VALID_CA | InternalCertificate.TRUSTED_CA - | InternalCertificate.USER - | InternalCertificate.TRUSTED_CLIENT_CA; - - cert.setSSLTrust(flag); - cert.setObjectSigningTrust(flag); - cert.setEmailTrust(flag); - } - - /** - * To certificate server point of view, SSL trust is - * what we referring. - */ - public static boolean isCertTrusted(InternalCertificate cert) { - if (isTrust(cert.getSSLTrust()) && isTrust(cert.getObjectSigningTrust()) - && isTrust(cert.getEmailTrust())) { - return true; - } else { - return false; - } - } - - public static boolean isTrust(int flag) { - if (((flag & InternalCertificate.VALID_CA) > 0) - && ((flag & InternalCertificate.TRUSTED_CA) > 0) - && ((flag & InternalCertificate.USER) > 0) - && ((flag & InternalCertificate.TRUSTED_CLIENT_CA) > 0)) { - return true; - } else { - return false; - } - } - - /** - * Generates a symmetric key. - */ - public static SymmetricKey generateKey(CryptoToken token, - KeyGenAlgorithm alg) - throws TokenException, NoSuchAlgorithmException, - IllegalStateException { - try { - KeyGenerator kg = token.getKeyGenerator(alg); - - return kg.generate(); - } catch (CharConversionException e) { - throw new RuntimeException( - "CharConversionException while generating symmetric key"); - } - } - - /** - * Compares 2 byte arrays to see if they are the same. - */ - public static boolean compare(byte src[], byte dest[]) { - if (src != null && dest != null) { - if (src.length == dest.length) { - boolean matched = true; - - for (int i = 0; i < src.length; i++) { - if (src[i] != dest[i]) { - matched = false; - } - } - if (matched) { - return true; - } - } - } - return false; - } - - public static String byte2string(byte id[]) { - return new BigInteger(id).toString(16); - } - - public static byte[] string2byte(String id) { - return (new BigInteger(id, 16)).toByteArray(); - } - - /** - * Retrieves a private key from a unique key ID. - */ - public static PrivateKey findPrivateKeyFromID(byte id[]) - throws CryptoManager.NotInitializedException, - TokenException { - CryptoManager cm = CryptoManager.getInstance(); - @SuppressWarnings("unchecked") - Enumeration<CryptoToken> enums = cm.getAllTokens(); - - while (enums.hasMoreElements()) { - CryptoToken token = enums.nextElement(); - CryptoStore store = token.getCryptoStore(); - PrivateKey keys[] = store.getPrivateKeys(); - - if (keys != null) { - for (int i = 0; i < keys.length; i++) { - if (compare(keys[i].getUniqueID(), id)) { - return keys[i]; - } - } - } - } - return null; - } - - /** - * Retrieves all user certificates from all tokens. - */ - public static X509CertImpl[] getAllUserCerts() - throws CryptoManager.NotInitializedException, - TokenException { - Vector<X509CertImpl> certs = new Vector<X509CertImpl>(); - CryptoManager cm = CryptoManager.getInstance(); - @SuppressWarnings("unchecked") - Enumeration<CryptoToken> enums = cm.getAllTokens(); - - while (enums.hasMoreElements()) { - CryptoToken token = (CryptoToken) enums.nextElement(); - - CryptoStore store = token.getCryptoStore(); - org.mozilla.jss.crypto.X509Certificate list[] = store.getCertificates(); - - for (int i = 0; i < list.length; i++) { - try { - @SuppressWarnings("unused") - PrivateKey key = cm.findPrivKeyByCert(list[i]); // check for errors - X509CertImpl impl = null; - - try { - impl = new X509CertImpl(list[i].getEncoded()); - } catch (CertificateException e) { - continue; - } - certs.addElement(impl); - } catch (TokenException e) { - continue; - } catch (ObjectNotFoundException e) { - continue; - } - } - } - if (certs.size() == 0) { - return null; - } else { - X509CertImpl c[] = new X509CertImpl[certs.size()]; - - certs.copyInto(c); - return c; - } - } - - /** - * Deletes a private key. - */ - public static void deletePrivateKey(PrivateKey prikey) - throws CryptoManager.NotInitializedException, TokenException { - - try { - CryptoToken token = prikey.getOwningToken(); - CryptoStore store = token.getCryptoStore(); - - store.deletePrivateKey(prikey); - } catch (NoSuchItemOnTokenException e) { - } - } - - /** - * Retrieves a private key by nickname. - */ - public static PrivateKey getPrivateKey(String nickname) - throws CryptoManager.NotInitializedException, TokenException { - try { - CryptoManager cm = CryptoManager.getInstance(); - X509Certificate cert = cm.findCertByNickname(nickname); - org.mozilla.jss.crypto.PrivateKey prikey = cm.findPrivKeyByCert(cert); - - return prikey; - } catch (ObjectNotFoundException e) { - } - return null; - } - - /** - * Deletes all certificates by a nickname. - */ - public static void deleteAllCertificates(String nickname) - throws CryptoManager.NotInitializedException, TokenException { - CryptoManager cm = CryptoManager.getInstance(); - X509Certificate certs[] = cm.findCertsByNickname(nickname); - - if (certs == null) { - return; - } - for (int i = 0; i < certs.length; i++) { - try { - X509Certificate cert = certs[i]; - org.mozilla.jss.crypto.PrivateKey prikey = cm.findPrivKeyByCert( - cert); - CryptoToken token = prikey.getOwningToken(); - CryptoStore store = token.getCryptoStore(); - - store.deleteCert(cert); - } catch (NoSuchItemOnTokenException e) { - } catch (ObjectNotFoundException e) { - } - } - } - - /** - * Imports a PKCS#7 certificate chain that includes the user - * certificate, and trusts the certificate. - */ - public static X509Certificate importUserCertificateChain(String c, - String nickname) - throws CryptoManager.NotInitializedException, - CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException, - NoSuchItemOnTokenException, - TokenException, - CertificateEncodingException { - CryptoManager cm = CryptoManager.getInstance(); - X509Certificate cert = cm.importCertPackage(c.getBytes(), nickname); - - trustCertByNickname(nickname); - return cert; - } - - /** - * Imports a user certificate, and trusts the certificate. - */ - public static void importUserCertificate(X509CertImpl cert, String nickname) - throws CryptoManager.NotInitializedException, - CertificateEncodingException, - NoSuchItemOnTokenException, - TokenException, - CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException { - CryptoManager cm = CryptoManager.getInstance(); - - cm.importUserCACertPackage(cert.getEncoded(), nickname); - trustCertByNickname(nickname); - } - - public static void importUserCertificate(X509CertImpl cert, String nickname, - boolean trust) - throws CryptoManager.NotInitializedException, - CertificateEncodingException, - NoSuchItemOnTokenException, - TokenException, - CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException { - CryptoManager cm = CryptoManager.getInstance(); - - cm.importUserCACertPackage(cert.getEncoded(), nickname); - if (trust) - trustCertByNickname(nickname); - } - - public static java.security.cert.X509Certificate[] getX509CertificateFromPKCS7(byte[] b) throws IOException { - ByteArrayInputStream bis = new ByteArrayInputStream(b); - CertificateChain certchain = new CertificateChain(); - - certchain.decode(bis); - java.security.cert.X509Certificate[] certs = certchain.getChain(); - - return certs; - } - - @SuppressWarnings("deprecation") - public static String unwrapUsingPassphrase(String wrappedRecoveredKey, String recoveryPassphrase) - throws IOException, InvalidBERException, InvalidKeyException, IllegalStateException, - NoSuchAlgorithmException, InvalidAlgorithmParameterException, NotInitializedException, TokenException, - IllegalBlockSizeException, BadPaddingException { - EncryptedContentInfo cInfo = null; - String unwrappedData = null; - - //We have to do this to get the decoding to work. - @SuppressWarnings("unused") - PBEAlgorithm pbeAlg = PBEAlgorithm.PBE_SHA1_DES3_CBC; - - Password pass = new Password(recoveryPassphrase.toCharArray()); - PasswordConverter passConverter = new - PasswordConverter(); - - byte[] encoded = Utils.base64decode(wrappedRecoveredKey); - - ByteArrayInputStream inStream = new ByteArrayInputStream(encoded); - cInfo = (EncryptedContentInfo) - new EncryptedContentInfo.Template().decode(inStream); - - byte[] decodedData = cInfo.decrypt(pass, passConverter); - - unwrappedData = Utils.base64encode(decodedData); - - return unwrappedData; - } - - @SuppressWarnings("deprecation") - public static String unwrapUsingSymmetricKey(CryptoToken token, IVParameterSpec IV, byte[] wrappedRecoveredKey, - SymmetricKey recoveryKey, EncryptionAlgorithm alg) throws NoSuchAlgorithmException, TokenException, - BadPaddingException, - IllegalBlockSizeException, InvalidKeyException, InvalidAlgorithmParameterException { - - Cipher decryptor = token.getCipherContext(alg); - decryptor.initDecrypt(recoveryKey, IV); - byte[] unwrappedData = decryptor.doFinal(wrappedRecoveredKey); - String unwrappedS = Utils.base64encode(unwrappedData); - - return unwrappedS; - } - - @SuppressWarnings("deprecation") - public static byte[] wrapPassphrase(CryptoToken token, String passphrase, IVParameterSpec IV, SymmetricKey sk, - EncryptionAlgorithm alg) - throws NoSuchAlgorithmException, TokenException, InvalidKeyException, - InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException { - byte[] wrappedPassphrase = null; - Cipher encryptor = null; - - encryptor = token.getCipherContext(alg); - - if (encryptor != null) { - encryptor.initEncrypt(sk, IV); - wrappedPassphrase = encryptor.doFinal(passphrase.getBytes("UTF-8")); - } else { - throw new IOException("Failed to create cipher"); - } - - return wrappedPassphrase; - } - - @SuppressWarnings("deprecation") - public static byte[] wrapSymmetricKey(CryptoManager manager, CryptoToken token, String transportCert, - SymmetricKey sk) throws CertificateEncodingException, TokenException, NoSuchAlgorithmException, - InvalidKeyException, InvalidAlgorithmParameterException { - byte transport[] = Utils.base64decode(transportCert); - X509Certificate tcert = manager.importCACertPackage(transport); - KeyWrapper rsaWrap = token.getKeyWrapper(KeyWrapAlgorithm.RSA); - rsaWrap.initWrap(tcert.getPublicKey(), null); - byte session_data[] = rsaWrap.wrap(sk); - return session_data; - } - - @SuppressWarnings("deprecation") - public static byte[] createPKIArchiveOptions(CryptoManager manager, CryptoToken token, String transportCert, - SymmetricKey vek, String passphrase, KeyGenAlgorithm keyGenAlg, IVParameterSpec IV) throws TokenException, - CharConversionException, - NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, - CertificateEncodingException, IOException, IllegalStateException, IllegalBlockSizeException, - BadPaddingException, InvalidBERException { - byte[] key_data = null; - - //generate session key - SymmetricKey sk = CryptoUtil.generateKey(token, keyGenAlg); - - if (passphrase != null) { - key_data = wrapPassphrase(token, passphrase, IV, sk, EncryptionAlgorithm.DES3_CBC_PAD); - } else { - // wrap payload using session key - KeyWrapper wrapper1 = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD); - wrapper1.initWrap(sk, IV); - key_data = wrapper1.wrap(vek); - } - - // wrap session key using transport key - byte[] session_data = wrapSymmetricKey(manager, token, transportCert, sk); - - // create PKIArchiveOptions structure - AlgorithmIdentifier algS = new AlgorithmIdentifier(new OBJECT_IDENTIFIER("1.2.840.113549.3.7"), - new OCTET_STRING(IV.getIV())); - EncryptedValue encValue = new EncryptedValue(null, algS, new BIT_STRING(session_data, 0), null, null, - new BIT_STRING(key_data, 0)); - EncryptedKey key = new EncryptedKey(encValue); - PKIArchiveOptions opt = new PKIArchiveOptions(key); - - byte[] encoded = null; - - //Let's make sure we can decode the encoded PKIArchiveOptions.. - ByteArrayOutputStream oStream = new ByteArrayOutputStream(); - - opt.encode(oStream); - - encoded = oStream.toByteArray(); - ByteArrayInputStream inStream = new ByteArrayInputStream(encoded); - - @SuppressWarnings("unused") - PKIArchiveOptions options = (PKIArchiveOptions) - (new PKIArchiveOptions.Template()).decode(inStream); - - return encoded; - } -} - -// START ENABLE_ECC -// This following can be removed when JSS with ECC capability -// is integrated. -class CryptoAlgorithm extends Algorithm { - protected CryptoAlgorithm(int oidIndex, String name) { - super(oidIndex, name); - } -} - -class CryptoKeyPairAlgorithm extends KeyPairAlgorithm { - protected CryptoKeyPairAlgorithm(int oidIndex, String name, Algorithm algFamily) { - super(oidIndex, name, algFamily); - } -} - -class CryptoSignatureAlgorithm extends SignatureAlgorithm { - protected CryptoSignatureAlgorithm(int oidIndex, String name, - SignatureAlgorithm signingAlg, DigestAlgorithm digestAlg, - OBJECT_IDENTIFIER oid) { - super(oidIndex, name, signingAlg, digestAlg, oid); - } -} -// END ENABLE_ECC diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java b/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java deleted file mode 100644 index bf4a7fe73..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java +++ /dev/null @@ -1,75 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.crypto; - -import java.util.Vector; - -import org.mozilla.jss.crypto.CryptoToken; - -public class Module { - // Common Name is the name given when module is added - private String mCommonName = ""; - // User friendly name is the name to be displayed on panel - private String mUserFriendlyName = ""; - private String mImagePath = ""; - // a Vector of Tokens - private Vector<Token> mTokens = null; - private boolean mFound = false; - - public Module(String name, String printName) { - mCommonName = name; - mUserFriendlyName = printName; - mTokens = new Vector<Token>(); - } - - public Module(String name, String printName, String image) { - mCommonName = name; - mUserFriendlyName = printName; - mImagePath = image; - mTokens = new Vector<Token>(); - } - - public void addToken(CryptoToken t) { - Token token = new Token(t); - mTokens.addElement(token); - } - - public String getCommonName() { - return mCommonName; - } - - public String getUserFriendlyName() { - return mUserFriendlyName; - } - - public String getImagePath() { - return mImagePath; - } - - public boolean isFound() { - return mFound; - } - - public void setFound(boolean isFound) { - mFound = isFound; - } - - public Vector<Token> getTokens() { - return mTokens; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java b/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java deleted file mode 100644 index c6f5a5e3c..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java +++ /dev/null @@ -1,57 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.crypto; - -import org.mozilla.jss.crypto.CryptoToken; - -public class Token { - CryptoToken mToken; - - public Token(CryptoToken token) { - mToken = token; - } - - public String getNickName() { - String nickName = ""; - try { - nickName = mToken.getName(); - } catch (Exception e) { - } - return nickName; - } - - public boolean isLoggedIn() { - boolean isLoggedIn = false; - try { - isLoggedIn = mToken.isLoggedIn(); - } catch (Exception e) { - } - - return isLoggedIn; - } - - public boolean isPresent() { - boolean isPresent = false; - try { - isPresent = mToken.isPresent(); - } catch (Exception e) { - } - - return isPresent; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java b/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java deleted file mode 100644 index ca230ca21..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java +++ /dev/null @@ -1,46 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.net.SocketException; - -import com.netscape.cmsutil.net.ISocketFactory; - -public class ConnectAsync extends Thread { - String host = null; - int port = 0; - ISocketFactory obj = null; - - public ConnectAsync(ISocketFactory sock, String host, int port) { - super(); - this.host = host; - this.port = port; - this.obj = sock; - setName("ConnectAsync"); - } - - public void run() { - try { - obj.makeSocket(host, port); - } catch (SocketException e) { - // Stop throwing exception - } catch (Exception e) { - // Stop throwing exception - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/Http.java b/pki/base/util/src/com/netscape/cmsutil/http/Http.java deleted file mode 100644 index 2cda7fd12..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/Http.java +++ /dev/null @@ -1,31 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -public class Http { - public static final String HttpVers = "HTTP/1.0"; - - public static final String Vers1_0 = "HTTP/1.0"; - public static final String Vers1_1 = "HTTP/1.1"; - public static final String CRLF = "\r\n"; - - public static final char CR = '\r'; - public static final char LF = '\n'; - public static final char SP = ' '; - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java deleted file mode 100644 index 438c70c23..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java +++ /dev/null @@ -1,217 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.net.Socket; - -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; - -import com.netscape.cmsutil.net.ISocketFactory; - -/** - * basic http client. - * not optimized for performance. - * handles only string content. - */ -public class HttpClient { - protected ISocketFactory mFactory = null; - - protected Socket mSocket = null; - protected InputStream mInputStream = null; - protected OutputStream mOutputStream = null; - - protected InputStreamReader mInputStreamReader = null; - protected OutputStreamWriter mOutputStreamWriter = null; - protected BufferedReader mBufferedReader = null; - protected SSLCertificateApprovalCallback mCertApprovalCallback = null; - protected boolean mConnected = false; - - public HttpClient() { - } - - public HttpClient(ISocketFactory factory) { - mFactory = factory; - } - - public HttpClient(ISocketFactory factory, SSLCertificateApprovalCallback certApprovalCallback) { - mFactory = factory; - mCertApprovalCallback = certApprovalCallback; - } - - public void connect(String host, int port) - throws IOException { - if (mFactory != null) { - if (mCertApprovalCallback == null) { - mSocket = mFactory.makeSocket(host, port); - } else { - mSocket = mFactory.makeSocket(host, port, mCertApprovalCallback, null); - } - } else { - mSocket = new Socket(host, port); - } - - if (mSocket == null) { - IOException e = new IOException("Couldn't make connection"); - - throw e; - } - - mInputStream = mSocket.getInputStream(); - mOutputStream = mSocket.getOutputStream(); - mInputStreamReader = new InputStreamReader(mInputStream, "UTF8"); - mBufferedReader = new BufferedReader(mInputStreamReader); - mOutputStreamWriter = new OutputStreamWriter(mOutputStream, "UTF8"); - mConnected = true; - } - - // Inserted by beomsuk - public void connect(String host, int port, int timeout) - throws IOException { - if (mFactory != null) { - mSocket = mFactory.makeSocket(host, port, timeout); - } else { - mSocket = new Socket(host, port); - } - - if (mSocket == null) { - IOException e = new IOException("Couldn't make connection"); - - throw e; - } - - mInputStream = mSocket.getInputStream(); - mOutputStream = mSocket.getOutputStream(); - mInputStreamReader = new InputStreamReader(mInputStream, "UTF8"); - mBufferedReader = new BufferedReader(mInputStreamReader); - mOutputStreamWriter = new OutputStreamWriter(mOutputStream, "UTF8"); - mConnected = true; - } - - // Insert end - public boolean connected() { - return mConnected; - } - - /** - * Sends a request to http server. - * Returns a http response. - */ - public HttpResponse send(HttpRequest request) - throws IOException { - HttpResponse resp = new HttpResponse(); - - if (mOutputStream == null) - throw new IOException("Output stream not initialized"); - request.write(mOutputStreamWriter); - try { - resp.parse(mBufferedReader); - } catch (IOException e) { - // XXX should we disconnect in all cases ? - disconnect(); - throw e; - } - disconnect(); - return resp; - } - - public void disconnect() - throws IOException { - mSocket.close(); - mInputStream = null; - mOutputStream = null; - mConnected = false; - } - - public InputStream getInputStream() { - return mInputStream; - } - - public OutputStream getOutputStream() { - return mOutputStream; - } - - public BufferedReader getBufferedReader() { - return mBufferedReader; - } - - public InputStreamReader getInputStreamReader() { - return mInputStreamReader; - } - - public OutputStreamWriter getOutputStreamWriter() { - return mOutputStreamWriter; - } - - public Socket getSocket() { - return mSocket; - } - - /** - * unit test - */ - public static void main(String args[]) - throws Exception { - HttpClient c = new HttpClient(); - HttpRequest req = new HttpRequest(); - HttpResponse resp = null; - - System.out.println("connecting to " + args[0] + " " + args[1]); - c.connect(args[0], Integer.parseInt(args[1])); - - req.setMethod("GET"); - req.setURI(args[2]); - if (args.length >= 4) - req.setHeader("Connection", args[3]); - resp = c.send(req); - - System.out.println("version " + resp.getHttpVers()); - System.out.println("status code " + resp.getStatusCode()); - System.out.println("reason " + resp.getReasonPhrase()); - System.out.println("content " + resp.getContent()); - - //String lenstr = resp.getHeader("Content-Length"); - //System.out.println("content len is "+lenstr); - //int length = Integer.parseInt(lenstr); - //char[] content = new char[length]; - //c.mBufferedReader.read(content, 0, content.length); - //System.out.println(content); - - if (args.length >= 4 && args[3].equalsIgnoreCase("keep-alive")) { - for (int i = 0; i < 2; i++) { - if (i == 1) - req.setHeader("Connection", "Close"); - resp = c.send(req); - System.out.println("version " + resp.getHttpVers()); - System.out.println("status code " + resp.getStatusCode()); - System.out.println("reason " + resp.getReasonPhrase()); - System.out.println("content " + resp.getContent()); - //len = Integer.parseInt(resp.getHeader("Content-Length")); - //System.out.println("content len is "+len); - //msgbody = new char[len]; - //c.mBufferedReader.read(msgbody, 0, len); - //System.out.println(content); - } - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java deleted file mode 100644 index 824b9ea2a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java +++ /dev/null @@ -1,35 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.IOException; - -public class HttpEofException extends IOException { - /** - * - */ - private static final long serialVersionUID = 433303354049669059L; - - public HttpEofException() { - super(); - } - - public HttpEofException(String msg) { - super(msg); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java deleted file mode 100644 index badec5930..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java +++ /dev/null @@ -1,163 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.util.Enumeration; -import java.util.Hashtable; - -/** - * Basic HTTP Message, excluding message body. - * Not optimized for performance. - * Set fields or parse from input. - */ -public class HttpMessage { - protected String mLine = null; // request or response line. - protected Hashtable<String, String> mHeaders = null; - protected String mContent = null; // arbitrary content chars assumed. - - /** - * Instantiate a HttpResponse for write to http client. - */ - public HttpMessage() { - mHeaders = new Hashtable<String, String>(); - } - - /** - * Set a header field. <br> - * Content-length is automatically set on write.<br> - * If value spans multiple lines must be in proper http format for - * multiple lines. - */ - public void setHeader(String name, String value) { - if (mHeaders == null) - mHeaders = new Hashtable<String, String>(); - mHeaders.put(name.toLowerCase(), value); - } - - /** - * get a header - */ - public String getHeader(String name) { - return (String) mHeaders.get(name.toLowerCase()); - } - - /** - * write http headers - * does not support values of more than one line - */ - public void writeHeaders(OutputStreamWriter writer) - throws IOException { - if (mHeaders != null) { - Enumeration<String> keys = mHeaders.keys(); - String header, value; - - while (keys.hasMoreElements()) { - header = keys.nextElement(); - value = mHeaders.get(header); - writer.write(header + ":" + value + Http.CRLF); - } - } - writer.write(Http.CRLF); // end with CRLF line. - } - - /** - * read http headers. - * does not support values of more than one line or multivalue headers. - */ - public void readHeaders(BufferedReader reader) - throws IOException { - mHeaders = new Hashtable<String, String>(); - - int colon; - String line, key, value; - - while (true) { - line = reader.readLine(); - if (line == null || line.equals("")) - break; - colon = line.indexOf(':'); - if (colon == -1) { - mHeaders = null; - throw new HttpProtocolException("Bad Http header format"); - } - key = line.substring(0, colon); - value = line.substring(colon + 1); - mHeaders.put(key.toLowerCase(), value.trim()); - } - } - - public void write(OutputStreamWriter writer) - throws IOException { - writer.write(mLine + Http.CRLF); - writeHeaders(writer); - writer.flush(); - if (mContent != null) { - writer.write(mContent); - } - writer.flush(); - } - - public void parse(BufferedReader reader) - throws IOException { - String line = reader.readLine(); - - // if (line == null) { - // throw new HttpEofException("End of stream reached"); - // } - if (line.equals("")) { - throw new HttpProtocolException("Bad Http req/resp line " + line); - } - mLine = line; - readHeaders(reader); - - // won't work if content length is not set. - String lenstr = mHeaders.get("content-length"); - - if (lenstr != null) { - int len = Integer.parseInt(lenstr); - char[] cbuf = new char[len]; - int done = reader.read(cbuf, 0, cbuf.length); - int total = done; - - while (done >= 0 && total < len) { - done = reader.read(cbuf, total, len - total); - total += done; - } - - mContent = new String(cbuf); - } - } - - public void reset() { - mLine = null; - mHeaders = null; - mContent = null; - } - - public void setContent(String content) { - mContent = content; - } - - public String getContent() { - return mContent; - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java deleted file mode 100644 index b5ceb1d7f..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java +++ /dev/null @@ -1,35 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.IOException; - -public class HttpProtocolException extends IOException { - /** - * - */ - private static final long serialVersionUID = -953002842302351684L; - - public HttpProtocolException() { - super(); - } - - public HttpProtocolException(String msg) { - super(msg); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java deleted file mode 100644 index 9024dabf0..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java +++ /dev/null @@ -1,137 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.OutputStreamWriter; - -/** - * Basic HTTP Request. not optimized for performance. - * Set fields or parse from input. - * Handles text content. - */ -public class HttpRequest extends HttpMessage { - public static final String GET = "GET"; - public static final String POST = "POST"; - public static final String HEAD = "HEAD"; - - protected String mMethod = null; - protected String mURI = null; - protected String mHttpVers = null; - - /** - * Instantiate a HttpResponse for write to http client. - */ - public HttpRequest() { - super(); - } - - /** - * set set request method. - */ - public void setMethod(String method) - throws HttpProtocolException { - if (!method.equals(GET) && !method.equals(HEAD) && - !method.equals(POST)) - throw new HttpProtocolException("No such method " + method); - mMethod = method; - } - - /** - * set reason phrase. - */ - public void setURI(String uri) { - mURI = uri; - } - - /** - * write request to the http client - */ - public void write(OutputStreamWriter writer) - throws IOException { - if (mMethod == null || mURI == null) { - HttpProtocolException e = new HttpProtocolException( - "Http request method or uri not initialized"); - - //e.printStackTrace(); - throw e; - } - - mLine = mMethod + " " + mURI + " " + Http.HttpVers; - super.write(writer); - } - - /** - * parse a http request from a http client - */ - public void parse(BufferedReader reader) - throws IOException { - super.parse(reader); - - int method = mLine.indexOf(Http.SP); - - mMethod = mLine.substring(0, method); - if (!mMethod.equals(GET) && !mMethod.equals(POST) && - !mMethod.equals(HEAD)) { - reset(); - throw new HttpProtocolException("Bad Http request method"); - } - - int uri = mLine.lastIndexOf(Http.SP); - - mURI = mLine.substring(method + 1, uri); - - mHttpVers = mLine.substring(uri + 1); - if (!mHttpVers.equals("")) { - if (!mHttpVers.equals(Http.Vers1_0) && - !mHttpVers.equals(Http.Vers1_1)) { - reset(); - throw new HttpProtocolException("Bad Http version in request"); - } - } - } - - public void reset() { - mMethod = null; - mURI = null; - mHttpVers = null; - super.reset(); - } - - /** - * get method - */ - public String getMethod() { - return mMethod; - } - - /** - * get reason phrase - */ - public String getURI() { - return mURI; - } - - /** - * get http version - */ - public String getHttpVers() { - return mHttpVers; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java deleted file mode 100644 index 7ac7e2f69..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java +++ /dev/null @@ -1,139 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.OutputStreamWriter; - -/** - * Basic HTTP Response. - * Set fields or parse from input. - * Handles only text content. - */ -public class HttpResponse extends HttpMessage { - protected String mStatusCode = null; - protected String mReasonPhrase = null; - protected String mHttpVers = null; - - /** - * Instantiate a HttpResponse for write to http client. - */ - public HttpResponse() { - super(); - } - - /** - * set status code of response - */ - public void setStatusCode(int code) { - mStatusCode = String.valueOf(code); - } - - /** - * set reason phrase. - */ - public void setReasonPhrase(String phrase) { - mReasonPhrase = phrase; - } - - /** - * get status code - */ - public String getStatusCode() { - return mStatusCode; - } - - /** - * get reason phrase - */ - public String getReasonPhrase() { - return mReasonPhrase; - } - - /** - * write the response out to the http client - */ - public void write(OutputStreamWriter writer) - throws IOException { - if (mStatusCode == null) { - throw new HttpProtocolException("status code not set in response"); - } - // write status-line - mLine = Http.HttpVers + " " + mStatusCode + " "; - if (mReasonPhrase != null) - mLine += mReasonPhrase; - mLine += Http.CRLF; - super.write(writer); - } - - /** - * parse a http response from a http server - */ - public void parse(BufferedReader reader) - throws IOException { - mHttpVers = null; - mStatusCode = null; - mReasonPhrase = null; - - super.parse(reader); - - int httpvers = mLine.indexOf(' '); - - if (httpvers == -1) { - reset(); - throw new HttpProtocolException("no Http version in response"); - } - mHttpVers = mLine.substring(0, httpvers); - if (!mHttpVers.equals(Http.Vers1_0) && - !mHttpVers.equals(Http.Vers1_1)) { - reset(); - throw new HttpProtocolException("Bad Http version in response"); - } - - int code = mLine.indexOf(' ', httpvers + 1); - - if (code == -1) { - reset(); - throw new HttpProtocolException("no status code in response"); - } - mStatusCode = mLine.substring(httpvers + 1, code); - try { - Integer.parseInt(mStatusCode); - } catch (NumberFormatException e) { - reset(); - throw new HttpProtocolException("Bad status code in response"); - } - - mReasonPhrase = mLine.substring(code + 1); - } - - public void reset() { - mStatusCode = null; - mHttpVers = null; - mReasonPhrase = null; - super.reset(); - } - - /** - * get http version - */ - public String getHttpVers() { - return mHttpVers; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java b/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java deleted file mode 100644 index c2013a5d2..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java +++ /dev/null @@ -1,182 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.http; - -import java.io.IOException; -import java.net.Socket; -import java.net.SocketException; -import java.net.UnknownHostException; - -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; -import org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback; -import org.mozilla.jss.ssl.SSLHandshakeCompletedEvent; -import org.mozilla.jss.ssl.SSLHandshakeCompletedListener; -import org.mozilla.jss.ssl.SSLSocket; - -import com.netscape.cmsutil.net.ISocketFactory; - -/** - * Uses NSS ssl socket. - * - * @version $Revision$ $Date$ - */ -public class JssSSLSocketFactory implements ISocketFactory { - private String mClientAuthCertNickname = null; - private SSLSocket s = null; - - public JssSSLSocketFactory() { - } - - public JssSSLSocketFactory(String certNickname) { - mClientAuthCertNickname = certNickname; - } - - // XXX remove these static SSL cipher suite initializations later on. - static final int cipherSuites[] = { - SSLSocket.SSL3_RSA_WITH_RC4_128_MD5, - SSLSocket.SSL3_RSA_WITH_3DES_EDE_CBC_SHA, - SSLSocket.SSL3_RSA_WITH_DES_CBC_SHA, - SSLSocket.SSL3_RSA_EXPORT_WITH_RC4_40_MD5, - SSLSocket.SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5, - SSLSocket.SSL3_RSA_WITH_NULL_MD5, - SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - SSLSocket.TLS_RSA_WITH_AES_128_CBC_SHA, - SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA, - SSLSocket.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - //SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - //SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - //SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - SSLSocket.TLS_DHE_DSS_WITH_AES_128_CBC_SHA, - SSLSocket.TLS_DHE_DSS_WITH_AES_256_CBC_SHA, - SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - 0 - }; - - static { - int i; - - for (i = SSLSocket.SSL2_RC4_128_WITH_MD5; i <= SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5; ++i) { - try { - SSLSocket.setCipherPreferenceDefault(i, false); - } catch (SocketException e) { - } - } - - //skip SSL_EN_IDEA_128_EDE3_CBC_WITH_MD5 - for (i = SSLSocket.SSL2_DES_64_CBC_WITH_MD5; i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) { - try { - SSLSocket.setCipherPreferenceDefault(i, false); - } catch (SocketException e) { - } - } - for (i = 0; cipherSuites[i] != 0; ++i) { - try { - SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true); - } catch (SocketException e) { - } - } - } - - public Socket makeSocket(String host, int port) - throws IOException, UnknownHostException { - return makeSocket(host, port, null, null); - } - - public Socket makeSocket(String host, int port, - SSLCertificateApprovalCallback certApprovalCallback, - SSLClientCertificateSelectionCallback clientCertCallback) - throws IOException, UnknownHostException { - - try { - s = new SSLSocket(host, port, null, 0, certApprovalCallback, - clientCertCallback); - for (int i = 0; cipherSuites[i] != 0; ++i) { - try { - SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true); - } catch (SocketException e) { - } - } - - s.setUseClientMode(true); - s.enableSSL2(false); - //TODO Do we rally want to set the default each time? - SSLSocket.enableSSL2Default(false); - s.enableV2CompatibleHello(false); - - SSLHandshakeCompletedListener listener = null; - - listener = new ClientHandshakeCB(this); - s.addHandshakeCompletedListener(listener); - - if (mClientAuthCertNickname != null) { - // 052799 setClientCertNickname does not - // report error if the nickName is invalid. - // So we check this ourself using - // findCertByNickname - CryptoManager.getInstance().findCertByNickname(mClientAuthCertNickname); - - s.setClientCertNickname(mClientAuthCertNickname); - } - s.forceHandshake(); - } catch (org.mozilla.jss.crypto.ObjectNotFoundException e) { - throw new IOException(e.toString()); - } catch (org.mozilla.jss.crypto.TokenException e) { - throw new IOException(e.toString()); - } catch (UnknownHostException e) { - throw e; - } catch (IOException e) { - throw e; - } catch (Exception e) { - throw new IOException(e.toString()); - } - return s; - } - - public Socket makeSocket(String host, int port, int timeout) - throws IOException, UnknownHostException { - Thread t = new ConnectAsync(this, host, port); - - t.start(); - try { - t.join(1000 * timeout); - } catch (InterruptedException e) { - } - - if (t.isAlive()) { - } - - return s; - } - - public void log(int level, String msg) { - } - - class ClientHandshakeCB implements SSLHandshakeCompletedListener { - Object sc; - - public ClientHandshakeCB(Object sc) { - this.sc = sc; - } - - public void handshakeCompleted(SSLHandshakeCompletedEvent event) { - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java b/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java deleted file mode 100644 index e821db67a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java +++ /dev/null @@ -1,101 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ldap; - -import java.io.IOException; -import java.util.ArrayList; - -import netscape.ldap.LDAPAttribute; -import netscape.ldap.LDAPAttributeSet; -import netscape.ldap.LDAPConnection; -import netscape.ldap.LDAPEntry; -import netscape.ldap.LDAPException; -import netscape.ldap.LDAPModification; -import netscape.ldap.util.LDIF; -import netscape.ldap.util.LDIFAttributeContent; -import netscape.ldap.util.LDIFContent; -import netscape.ldap.util.LDIFModifyContent; -import netscape.ldap.util.LDIFRecord; - -public class LDAPUtil { - - // special chars are *, (, ), \, null - public static String SPECIAL_CHARS = "*()\\\000"; - - /** - * This method escapes special characters for LDAP filter (RFC 4515). - * Each special character will be replaced by a backslash followed by - * 2-digit hex of the ASCII code. - * - * @param string string to escape - * @return escaped string - */ - public static String escape(String string) { - StringBuilder sb = new StringBuilder(); - for (char c : string.toCharArray()) { - if (SPECIAL_CHARS.indexOf(c) >= 0) { - sb.append('\\'); - if (c < 0x10) sb.append('0'); // make sure it's 2-digit - sb.append(Integer.toHexString(c)); - } else { - sb.append(c); - } - } - return sb.toString(); - } - - public static void importLDIF(LDAPConnection conn, String filename, ArrayList<String> errors) throws IOException { - LDIF ldif = new LDIF(filename); - while (true) { - try { - LDIFRecord record = ldif.nextRecord(); - if (record == null) - break; - - String dn = record.getDN(); - LDIFContent content = record.getContent(); - int type = content.getType(); - if (type == LDIFContent.ATTRIBUTE_CONTENT) { - LDIFAttributeContent c = (LDIFAttributeContent) content; - LDAPAttribute[] attrs = c.getAttributes(); - LDAPAttributeSet myAttrs = new LDAPAttributeSet(); - for (int i = 0; i < attrs.length; i++) - myAttrs.add(attrs[i]); - LDAPEntry entry = new LDAPEntry(dn, myAttrs); - try { - conn.add(entry); - } catch (LDAPException ee) { - errors.add("LDAPUtil:importLDIF: exception in adding entry " + dn + - ":" + ee.toString() + "\n"); - } - } else if (type == LDIFContent.MODIFICATION_CONTENT) { - LDIFModifyContent c = (LDIFModifyContent) content; - LDAPModification[] mods = c.getModifications(); - try { - conn.modify(dn, mods); - } catch (LDAPException ee) { - errors.add("LDAPUtil:importLDIF: exception in modifying entry " + dn + - ":" + ee.toString()); - } - } - } catch (Exception e) { - throw new IOException(e.toString()); - } - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/net/ISocketFactory.java b/pki/base/util/src/com/netscape/cmsutil/net/ISocketFactory.java deleted file mode 100644 index 18f6cac88..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/net/ISocketFactory.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.net; - -import java.io.IOException; -import java.net.Socket; -import java.net.UnknownHostException; - -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; -import org.mozilla.jss.ssl.SSLClientCertificateSelectionCallback; - -public interface ISocketFactory { - Socket makeSocket(String host, int port) - throws IOException, UnknownHostException; - - Socket makeSocket(String host, int port, int timeout) - throws IOException, UnknownHostException; - - Socket makeSocket(String host, int port, - SSLCertificateApprovalCallback certApprovalCallback, - SSLClientCertificateSelectionCallback clientCertCallback) - throws IOException, UnknownHostException; -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/BasicOCSPResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/BasicOCSPResponse.java deleted file mode 100644 index 11ae7f152..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/BasicOCSPResponse.java +++ /dev/null @@ -1,195 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.BIT_STRING; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Certificate; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; - -/** - * RFC 2560: - * - * <pre> - * BasicOCSPResponse ::= SEQUENCE { - * tbsResponseData ResponseData, - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class BasicOCSPResponse implements Response { - private byte mData[] = null; - private ResponseData _rd = null; - private AlgorithmIdentifier _signAlg = null; - private BIT_STRING _signature = null; - private Certificate _certs[] = null; - - public BasicOCSPResponse(ResponseData rd, AlgorithmIdentifier signAlg, - BIT_STRING signature, Certificate certs[]) { - _rd = rd; - _signAlg = signAlg; - _signature = signature; - _certs = certs; - } - - public BasicOCSPResponse(OCTET_STRING os) { - this(os.toByteArray()); - } - - public BasicOCSPResponse(byte data[]) { - mData = data; - - // extract _rd, _signAlg, _signature and _certs - try { - BasicOCSPResponse resp = (BasicOCSPResponse) getTemplate().decode(new ByteArrayInputStream(data)); - _rd = resp.getResponseData(); - _signAlg = resp.getSignatureAlgorithm(); - _signature = resp.getSignature(); - _certs = resp.getCerts(); - } catch (Exception e) { - // exception in decoding byte data - } - } - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(Tag t, OutputStream os) throws IOException { - if (mData != null) { - os.write(mData); - } else { - SEQUENCE seq = new SEQUENCE(); - seq.addElement(_rd); - seq.addElement(_signAlg); - seq.addElement(_signature); - if (_certs != null) { - SEQUENCE certsSeq = new SEQUENCE(); - for (Certificate c : _certs) { - certsSeq.addElement(c); - } - EXPLICIT certsExplicit = new EXPLICIT(new Tag(0), certsSeq); - seq.addElement(certsExplicit); - } - seq.encode(t, os); - } - } - - public void encode(OutputStream os) throws IOException { - encode(TAG, os); - } - - public OCTET_STRING getBytes() { - return null; - } - - public ResponseData getResponseData() { - return _rd; - } - - public AlgorithmIdentifier getSignatureAlgorithm() { - return _signAlg; - } - - public BIT_STRING getSignature() { - return _signature; - } - - public int getCertsCount() { - return (_certs != null) ? _certs.length : 0; - } - - public Certificate[] getCerts() { - return _certs; - } - - public Certificate getCertificateAt(int pos) { - return (_certs != null) ? _certs[pos] : null; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(ResponseData.getTemplate()); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(BIT_STRING.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template( - new Tag(0), new SEQUENCE.OF_Template( - Certificate.getTemplate()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - ResponseData rd = (ResponseData) seq.elementAt(0); - AlgorithmIdentifier alg = (AlgorithmIdentifier) seq.elementAt(1); - BIT_STRING bs = (BIT_STRING) seq.elementAt(2); - Certificate[] certs = null; - if (seq.size() == 4) { - // optional certificates are present - EXPLICIT certSeqExplicit = (EXPLICIT) seq.elementAt(3); - SEQUENCE certSeq = (SEQUENCE) certSeqExplicit.getContent(); - if (certSeq != null) { - certs = new Certificate[certSeq.size()]; - for (int x = 0; x < certSeq.size(); x++) { - certs[x] = (Certificate) certSeq.elementAt(x); - } - } - } - - return new BasicOCSPResponse(rd, alg, bs, certs); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java deleted file mode 100644 index b6979c784..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java +++ /dev/null @@ -1,155 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; - -/** - * RFC 2560: - * - * <pre> - * CertID ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier, - * issuerNameHash OCTET STRING, -- Hash of Issuer's DN - * issuerKeyHash OCTET STRING, -- Hash of Issuers public key - * serialNumber CertificateSerialNumber } - * </pre> - * - * @version $Revision$ $Date$ - */ - -public class CertID implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - private AlgorithmIdentifier hashAlgorithm; - private OCTET_STRING issuerNameHash; - private OCTET_STRING issuerKeyHash; - private INTEGER serialNumber; - private SEQUENCE sequence; - - public AlgorithmIdentifier getHashAlgorithm() { - return hashAlgorithm; - } - - public OCTET_STRING getIssuerNameHash() { - return issuerNameHash; - } - - public OCTET_STRING getIssuerKeyHash() { - return issuerKeyHash; - } - - public INTEGER getSerialNumber() { - return serialNumber; - } - - /////////////////////////////////////////////////////////////////////// - // Constructors - /////////////////////////////////////////////////////////////////////// - - public CertID(AlgorithmIdentifier hashAlgorithm, - OCTET_STRING issuerNameHash, OCTET_STRING issuerKeyHash, - INTEGER serialNumber) { - sequence = new SEQUENCE(); - - this.hashAlgorithm = hashAlgorithm; - sequence.addElement(hashAlgorithm); - - this.issuerNameHash = issuerNameHash; - sequence.addElement(issuerNameHash); - - this.issuerKeyHash = issuerKeyHash; - sequence.addElement(issuerKeyHash); - - this.serialNumber = serialNumber; - sequence.addElement(serialNumber); - } - - /////////////////////////////////////////////////////////////////////// - // encoding/decoding - /////////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding a <code>CertID</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - seqt.addElement(INTEGER.getTemplate()); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - return new CertID( - (AlgorithmIdentifier) seq.elementAt(0), - (OCTET_STRING) seq.elementAt(1), - (OCTET_STRING) seq.elementAt(2), - (INTEGER) seq.elementAt(3)); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java deleted file mode 100644 index a90eb215f..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java +++ /dev/null @@ -1,35 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import org.mozilla.jss.asn1.ASN1Value; - -/** - * RFC 2560: - * - * <pre> - * CertStatus ::= CHOICE { - * good [0] IMPLICIT NULL, - * revoked [1] IMPLICIT RevokedInfo, - * unknown [2] IMPLICIT UnknownInfo } - * </pre> - * - * @version $Revision$ $Date$ - */ -public interface CertStatus extends ASN1Value { -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java deleted file mode 100644 index fa7387260..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java +++ /dev/null @@ -1,98 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.NULL; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * CertStatus ::= CHOICE { - * good [0] IMPLICIT NULL, - * revoked [1] IMPLICIT RevokedInfo, - * unknown [2] IMPLICIT UnknownInfo } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class GoodInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; - - public GoodInfo() { - } - - public Tag getTag() { - return Tag.get(0); - } - - public void encode(Tag t, OutputStream os) throws IOException { - NULL.getInstance().encode(getTag(), os); - } - - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new NULL.Template()); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - // istream); - - return new GoodInfo(); - - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java deleted file mode 100644 index 358fb0ebd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java +++ /dev/null @@ -1,105 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * ResponderID ::= CHOICE { - * byName [1] EXPLICIT Name, - * byKey [2] EXPLICIT KeyHash } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class KeyHashID implements ResponderID { - private OCTET_STRING _hash = null; - private static final Tag TAG = SEQUENCE.TAG; - - public KeyHashID(OCTET_STRING hash) { - _hash = hash; - } - - public Tag getTag() { - return Tag.get(2); - } - - public void encode(Tag tag, OutputStream os) throws IOException { - _hash.encode(os); - } - - public void encode(OutputStream os) throws IOException { - _hash.encode(os); - } - - public OCTET_STRING getHash() { - return _hash; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - // seqt.addElement(new EXPLICIT.Template( - // new Tag (2), new OCTET_STRING.Template()) ); - seqt.addElement(new OCTET_STRING.Template()); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - istream); - - OCTET_STRING o = (OCTET_STRING) seq.elementAt(0); - return new KeyHashID(o); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java deleted file mode 100644 index 529ededbb..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java +++ /dev/null @@ -1,106 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.primitive.Name; - -/** - * RFC 2560: - * - * <pre> - * ResponderID ::= CHOICE { - * byName [1] EXPLICIT Name, - * byKey [2] EXPLICIT KeyHash } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class NameID implements ResponderID { - private Name _name = null; - private static final Tag TAG = SEQUENCE.TAG; - - public NameID(Name n) { - _name = n; - } - - public Tag getTag() { - return Tag.get(1); - } - - public void encode(Tag tag, OutputStream os) throws IOException { - _name.encode(os); - } - - public void encode(OutputStream os) throws IOException { - _name.encode(os); - } - - public Name getName() { - return _name; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - // seqt.addElement(new EXPLICIT.Template( - // new Tag (1), new Name.Template()) ); - seqt.addElement(new Name.Template()); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - istream); - - // EXPLICIT e_name = (EXPLICIT) seq.elementAt(0); - Name name = (Name) seq.elementAt(0); - return new NameID(name); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java deleted file mode 100644 index 963bdc832..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java +++ /dev/null @@ -1,140 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * OCSPRequest ::= SEQUENCE { - * tbsRequest TBSRequest, - * optionalSignature [0] EXPLICIT Signature OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ - -public class OCSPRequest implements ASN1Value { - - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - private TBSRequest tbsRequest; - private Signature optionalSignature; - private SEQUENCE sequence; - - /** - * Returns the <code>TBSRequest</code> field. - */ - public TBSRequest getTBSRequest() { - return tbsRequest; - } - - /** - * Returns the <code>Signature</code> field. - */ - public Signature getSignature() { - return optionalSignature; - } - - /* THIS code is probably broken. It does not properly encode the explicit element */ - - public OCSPRequest(TBSRequest tbsRequest, Signature optionalSignature) { - sequence = new SEQUENCE(); - - this.tbsRequest = tbsRequest; - sequence.addElement(tbsRequest); - - this.optionalSignature = optionalSignature; - if (optionalSignature != null) { - sequence.addElement(optionalSignature); - } - } - - /////////////////////////////////////////////////////////////////////// - // encoding/decoding - /////////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding OCSPRequest. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(TBSRequest.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new Signature.Template())); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(istream); - Signature signature = null; - if (seq.elementAt(1) != null) { - signature = (Signature) ((EXPLICIT) seq.elementAt(1)).getContent(); - } - - return new OCSPRequest( - (TBSRequest) seq.elementAt(0), - signature); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java deleted file mode 100644 index 6696cd9dc..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java +++ /dev/null @@ -1,135 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * OCSPResponse ::= SEQUENCE { - * responseStatus OCSPResponseStatus, - * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class OCSPResponse implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - private OCSPResponseStatus responseStatus = null; - private ResponseBytes responseBytes = null; - private SEQUENCE sequence; - - public OCSPResponseStatus getResponseStatus() { - return responseStatus; - } - - public ResponseBytes getResponseBytes() { - return responseBytes; - } - - public OCSPResponse(OCSPResponseStatus responseStatus, - ResponseBytes responseBytes) { - sequence = new SEQUENCE(); - - this.responseStatus = responseStatus; - sequence.addElement(responseStatus); - - this.responseBytes = responseBytes; - sequence.addElement(new EXPLICIT(Tag.get(0), responseBytes)); - } - - /////////////////////////////////////////////////////////////////////// - // encoding/decoding - /////////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding an <code>OCSPResponse</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(OCSPResponseStatus.getTemplate()); - seqt.addOptionalElement( - new EXPLICIT.Template( - new Tag(0), new ResponseBytes.Template())); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - OCSPResponseStatus rs = (OCSPResponseStatus) seq.elementAt(0); - ResponseBytes rb = null; - ASN1Value val = seq.elementAt(1); - if (val instanceof EXPLICIT) { - EXPLICIT exp = (EXPLICIT) val; - rb = (ResponseBytes) exp.getContent(); - } else { - rb = (ResponseBytes) val; - } - return new OCSPResponse(rs, rb); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java deleted file mode 100644 index 38ca881c2..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java +++ /dev/null @@ -1,120 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.ENUMERATED; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * OCSPResponseStatus ::= ENUMERATED { - * successful (0), --Response has valid confirmations - * malformedRequest (1), --Illegal confirmation request - * internalError (2), --Internal error in issuer - * tryLater (3), --Try again later - * --(4) is not used - * sigRequired (5), --Must sign the request - * unauthorized (6) --Request unauthorized - * } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class OCSPResponseStatus implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - public final static OCSPResponseStatus SUCCESSFUL = - new OCSPResponseStatus(0); - public final static OCSPResponseStatus MALFORMED_REQUEST = - new OCSPResponseStatus(1); - public final static OCSPResponseStatus INTERNAL_ERROR = - new OCSPResponseStatus(2); - public final static OCSPResponseStatus TRY_LATER = - new OCSPResponseStatus(3); - public final static OCSPResponseStatus SIG_REQUIRED = - new OCSPResponseStatus(5); - public final static OCSPResponseStatus UNAUTHORIZED = - new OCSPResponseStatus(6); - - private ENUMERATED responseStatus; - - public long getValue() { - return responseStatus.getValue(); - } - - public OCSPResponseStatus(long val) { - responseStatus = new ENUMERATED(val); - } - - /////////////////////////////////////////////////////////////////////// - // encoding/decoding - /////////////////////////////////////////////////////////////////////// - - private static final Tag TAG = ENUMERATED.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - responseStatus.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding an <code>OCSPResponseStatus</code>. - */ - public static class Template implements ASN1Template { - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - ENUMERATED.Template enumt = new ENUMERATED.Template(); - ENUMERATED enum1 = (ENUMERATED) enumt.decode(implicitTag, istream); - - return new OCSPResponseStatus(enum1.getValue()); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java deleted file mode 100644 index 85c97de22..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java +++ /dev/null @@ -1,147 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Extension; - -/** - * RFC 2560: - * - * <pre> - * Request ::= SEQUENCE { - * reqCert CertID, - * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ - -public class Request implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // members and member access - /////////////////////////////////////////////////////////////////////// - private CertID reqCert = null; - private SEQUENCE singleRequestExtensions = null; - private SEQUENCE sequence = null; - - public CertID getCertID() { - return reqCert; - } - - public int getExtensionsCount() { - if (singleRequestExtensions == null) { - return 0; - } else { - return singleRequestExtensions.size(); - } - } - - public Extension getRequestExtensionAt(int index) { - if (singleRequestExtensions == null) { - throw new ArrayIndexOutOfBoundsException(); - } - return (Extension) singleRequestExtensions.elementAt(index); - } - - public Request(CertID reqCert, SEQUENCE singleRequestExtensions) { - sequence = new SEQUENCE(); - - this.reqCert = reqCert; - sequence.addElement(reqCert); - - if (singleRequestExtensions != null) { - this.singleRequestExtensions = singleRequestExtensions; - sequence.addElement(singleRequestExtensions); - } - } - - /////////////////////////////////////////////////////////////////////// - // encode / decode - /////////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding Request. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(CertID.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new SEQUENCE.OF_Template(new Extension.Template()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - EXPLICIT tag = (EXPLICIT) seq.elementAt(1); - - if (tag == null) { - return new Request( - (CertID) seq.elementAt(0), - (SEQUENCE) null); - } else { - return new Request( - (CertID) seq.elementAt(0), - (SEQUENCE) tag.getContent()); - } - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java deleted file mode 100644 index 02e30de05..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java +++ /dev/null @@ -1,34 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import org.mozilla.jss.asn1.ASN1Value; - -/** - * RFC 2560: - * - * <pre> - * ResponderID ::= CHOICE { - * byName [1] EXPLICIT Name, - * byKey [2] EXPLICIT KeyHash } - * </pre> - * - * @version $Revision$ $Date$ - */ -public interface ResponderID extends ASN1Value { -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java deleted file mode 100644 index 0d363e811..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java +++ /dev/null @@ -1,34 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.OCTET_STRING; - -/** - * RFC 2560: - * - * <pre> - * response OCTET STRING - * </pre> - * - * @version $Revision$ $Date$ - */ -public interface Response extends ASN1Value { - public OCTET_STRING getBytes(); -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java deleted file mode 100644 index c5d461148..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java +++ /dev/null @@ -1,130 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * ResponseBytes ::= SEQUENCE { - * responseType OBJECT IDENTIFIER, - * response OCTET STRING } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class ResponseBytes implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - public final static OBJECT_IDENTIFIER OCSP = - new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1"); - public final static OBJECT_IDENTIFIER OCSP_BASIC = - new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1.1"); - - private OBJECT_IDENTIFIER responseType = null; - private OCTET_STRING response = null; - private SEQUENCE sequence; - - public OBJECT_IDENTIFIER getObjectIdentifier() { - return responseType; - } - - public OCTET_STRING getResponse() { - return response; - } - - public ResponseBytes(OBJECT_IDENTIFIER responseType, OCTET_STRING response) { - sequence = new SEQUENCE(); - - this.responseType = responseType; - sequence.addElement(responseType); - - this.response = response; - sequence.addElement(response); - } - - /////////////////////////////////////////////////////////////////////// - // encoding/decoding - /////////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(OBJECT_IDENTIFIER.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - return new ResponseBytes( - (OBJECT_IDENTIFIER) seq.elementAt(0), - (OCTET_STRING) seq.elementAt(1)); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java deleted file mode 100644 index 1b28cf134..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java +++ /dev/null @@ -1,222 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ANY; -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.GeneralizedTime; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Extension; - -/** - * RFC 2560: - * - * <pre> - * ResponseData ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * responderID ResponderID, - * producedAt GeneralizedTime, - * responses SEQUENCE OF SingleResponse, - * responseExtensions [1] EXPLICIT Extensions OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class ResponseData implements ASN1Value { - private static final INTEGER v1 = new INTEGER(0); - private INTEGER mVer; - private ResponderID mRID = null; - private GeneralizedTime mProduced = null; - private SingleResponse mSR[] = null; - private Extension mExts[] = null; - - private static final Tag TAG = SEQUENCE.TAG; - - public ResponseData(INTEGER ver, ResponderID rid, GeneralizedTime produced, - SingleResponse sr[], Extension exts[]) { - mVer = (ver != null) ? ver : v1; - mRID = rid; - mProduced = produced; - mSR = sr; - mExts = exts; - } - - public ResponseData(ResponderID rid, GeneralizedTime produced, - SingleResponse sr[]) { - this(v1, rid, produced, sr, null); - } - - public ResponseData(ResponderID rid, GeneralizedTime produced, - SingleResponse sr[], Extension exts[]) { - this(v1, rid, produced, sr, exts); - } - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream os) throws IOException { - encode(null, os); - } - - public void encode(Tag t, OutputStream os) throws IOException { - SEQUENCE seq = new SEQUENCE(); - - if (mVer != v1) { - seq.addElement(new EXPLICIT(Tag.get(0), new INTEGER(mVer))); - } - - seq.addElement(new EXPLICIT(mRID.getTag(), mRID)); - seq.addElement(mProduced); - SEQUENCE responses = new SEQUENCE(); - for (int i = 0; i < mSR.length; i++) { - responses.addElement(mSR[i]); - } - seq.addElement(responses); - if (mExts != null) { - SEQUENCE exts = new SEQUENCE(); - for (int i = 0; i < mExts.length; i++) { - exts.addElement(mExts[i]); - } - seq.addElement(new EXPLICIT(Tag.get(1), exts)); - } - if (t == null) { - seq.encode(os); - } else { - seq.encode(t, os); - } - } - - public ResponderID getResponderID() { - return mRID; - } - - public GeneralizedTime getProducedAt() { - return mProduced; - } - - public int getResponseCount() { - return (mSR != null) ? mSR.length : 0; - } - - public SingleResponse getResponseAt(int pos) { - return (mSR != null) ? mSR[pos] : null; - } - - public int getResponseExtensionCount() { - return (mExts != null) ? mExts.length : 0; - } - - public Extension getResponseExtensionAt(int pos) { - return (mExts != null) ? mExts[pos] : null; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addOptionalElement(new EXPLICIT.Template( - new Tag(0), new INTEGER.Template())); - seqt.addElement(new ANY.Template()); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addElement(new SEQUENCE.OF_Template( - SingleResponse.getTemplate())); - seqt.addOptionalElement(new EXPLICIT.Template( - new Tag(1), new SEQUENCE.OF_Template( - Extension.getTemplate()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - istream); - - INTEGER ver = v1; - EXPLICIT e_ver = (EXPLICIT) seq.elementAt(0); - if (e_ver != null && e_ver.getTag().getNum() == 0) { - ver = (INTEGER) e_ver.getContent(); - } - ResponderID rid = null; - ANY e_rid = (ANY) seq.elementAt(1); - if (e_rid.getTag().getNum() == 1) { - // name id - rid = (NameID) - NameID.getTemplate().decode(e_rid.getTag(), - new ByteArrayInputStream(e_rid.getEncoded())); - } else if (e_rid.getTag().getNum() == 2) { - // key hash id - rid = (KeyHashID) - KeyHashID.getTemplate().decode(e_rid.getTag(), - new ByteArrayInputStream(e_rid.getEncoded())); - } - GeneralizedTime producedAt = (GeneralizedTime) seq.elementAt(2); - SEQUENCE responses = (SEQUENCE) seq.elementAt(3); - SingleResponse sr[] = null; - if ((responses != null) && (responses.size() > 0)) { - sr = new SingleResponse[responses.size()]; - for (int i = 0; i < responses.size(); i++) { - sr[i] = (SingleResponse) responses.elementAt(i); - } - } - - //decode response extension sequence - EXPLICIT extns_exp = (EXPLICIT) seq.elementAt(4); - SEQUENCE extns_seq; - Extension[] extns_array = null; - if (extns_exp != null) { - extns_seq = (SEQUENCE) extns_exp.getContent(); - extns_array = new Extension[extns_seq.size()]; - for (int x = 0; x < extns_array.length; x++) { - extns_array[x] = (Extension) extns_seq.elementAt(x); - } - } - - return new ResponseData(ver, rid, producedAt, sr, extns_array); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/RevokedInfo.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/RevokedInfo.java deleted file mode 100644 index 9b0b2d186..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/RevokedInfo.java +++ /dev/null @@ -1,113 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.GeneralizedTime; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * RevokedInfo ::= SEQUENCE { - * revocationTime GeneralizedTime, - * revocationReason [0] EXPLICIT CRLReason OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class RevokedInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; - - private GeneralizedTime mRevokedAt; - - public RevokedInfo(GeneralizedTime revokedAt) { - mRevokedAt = revokedAt; - } - - public Tag getTag() { - return Tag.get(1); - } - - public void encode(Tag t, OutputStream os) throws IOException { - SEQUENCE seq = new SEQUENCE(); - seq.addElement(mRevokedAt); - seq.encode(t, os); - } - - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } - - public GeneralizedTime getRevocationTime() { - return mRevokedAt; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addOptionalElement( - new EXPLICIT.Template(new Tag(0), - new INTEGER.Template())); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - istream); - - GeneralizedTime revokedAt = (GeneralizedTime) - seq.elementAt(0); - return new RevokedInfo(revokedAt); - - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java deleted file mode 100644 index b9b192aee..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java +++ /dev/null @@ -1,159 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.BIT_STRING; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Certificate; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; - -/** - * RFC 2560: - * - * <pre> - * Signature ::= SEQUENCE { - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ - -public class Signature implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // Members and member access - /////////////////////////////////////////////////////////////////////// - private AlgorithmIdentifier signatureAlgorithm; - private BIT_STRING signature; - private SEQUENCE certs; - private SEQUENCE sequence; - - public AlgorithmIdentifier getSignatureAlgorithm() { - return signatureAlgorithm; - } - - public BIT_STRING getSignature() { - return signature; - } - - public int getCertificateCount() { - if (certs == null) { - return 0; - } else { - return certs.size(); - } - } - - public Certificate getCertificateAt(int index) { - if (certs == null) { - throw new ArrayIndexOutOfBoundsException(); - } - return (Certificate) certs.elementAt(index); - } - - public Signature(AlgorithmIdentifier signatureAlgorithm, - BIT_STRING signature, SEQUENCE certs) { - sequence = new SEQUENCE(); - - this.signatureAlgorithm = signatureAlgorithm; - sequence.addElement(signatureAlgorithm); - - this.signature = signature; - sequence.addElement(signature); - - this.certs = certs; - sequence.addElement(certs); - } - - /////////////////////////////////////////////////////////////////////// - // encode / decode - /////////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding Request. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(BIT_STRING.getTemplate()); - seqt.addOptionalElement( - new EXPLICIT.Template( - new Tag(0), - new SEQUENCE.OF_Template(new Certificate.Template()) - ) - ); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - SEQUENCE certs = null; - if (seq.elementAt(2) != null) { - certs = (SEQUENCE) ((EXPLICIT) seq.elementAt(2)).getContent(); - } - - return new Signature( - (AlgorithmIdentifier) seq.elementAt(0), - (BIT_STRING) seq.elementAt(1), - certs); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java deleted file mode 100644 index ab54e5019..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java +++ /dev/null @@ -1,182 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ANY; -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.GeneralizedTime; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Extension; - -/** - * RFC 2560: - * - * <pre> - * SingleResponse ::= SEQUENCE { - * certID CertID, - * certStatus CertStatus, - * thisUpdate GeneralizedTime, - * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, - * singleExtensions [1] EXPLICIT Extensions OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ -public class SingleResponse implements ASN1Value { - private CertID mCID = null; - private CertStatus mStatus = null; - private GeneralizedTime mThisUpdate = null; - private GeneralizedTime mNextUpdate = null; - - private static final Tag TAG = SEQUENCE.TAG; - - public SingleResponse(CertID cid, CertStatus s, - GeneralizedTime thisUpdate, GeneralizedTime nextUpdate) { - mCID = cid; - mStatus = s; - mThisUpdate = thisUpdate; - mNextUpdate = nextUpdate; - } - - public CertID getCertID() { - return mCID; - } - - public Tag getTag() { - return null; - } - - public void encode(Tag t, OutputStream os) throws IOException { - SEQUENCE seq = new SEQUENCE(); - seq.addElement(mCID); - seq.addElement(mStatus); - seq.addElement(mThisUpdate); - if (mNextUpdate != null) { - seq.addElement(new EXPLICIT(Tag.get(0), mNextUpdate)); - } - if (t == null) { - seq.encode(os); - } else { - seq.encode(t, os); - } - } - - public void encode(OutputStream os) throws IOException { - encode(null, os); - } - - public CertStatus getCertStatus() { - return mStatus; - } - - public GeneralizedTime getThisUpdate() { - return mThisUpdate; - } - - public GeneralizedTime getNextUpdate() { - return mNextUpdate; - } - - public int getExtensionCount() { - return 0; - } - - public Extension getExtensionAt(int pos) { - return null; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new CertID.Template()); - seqt.addElement(new ANY.Template()); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addOptionalElement(new EXPLICIT.Template( - new Tag(0), new GeneralizedTime.Template())); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(1), - new SEQUENCE.OF_Template(new Extension.Template()))); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - istream); - - CertID cid = (CertID) seq.elementAt(0); - CertStatus status = null; - ANY e_status = (ANY) seq.elementAt(1); - if (e_status.getTag().getNum() == 0) { - status = (GoodInfo) - GoodInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - // good - } else if (e_status.getTag().getNum() == 1) { - // revoked - status = (RevokedInfo) - RevokedInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - } else if (e_status.getTag().getNum() == 2) { - // unknown - status = (UnknownInfo) - UnknownInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - } - GeneralizedTime thisUpdate = (GeneralizedTime) - seq.elementAt(2); - GeneralizedTime nextUpdate = null; - - return new SingleResponse(cid, status, thisUpdate, - nextUpdate); - - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java deleted file mode 100644 index b7f706edb..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java +++ /dev/null @@ -1,210 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ANY; -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.EXPLICIT; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; -import org.mozilla.jss.pkix.cert.Extension; - -/** - * RFC 2560: - * - * <pre> - * TBSRequest ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * requestorName [1] EXPLICIT GeneralName OPTIONAL, - * requestList SEQUENCE OF Request, - * requestExtensions [2] EXPLICIT Extensions OPTIONAL } - * </pre> - * - * @version $Revision$ $Date$ - */ - -public class TBSRequest implements ASN1Value { - /////////////////////////////////////////////////////////////////////// - // members and member access - /////////////////////////////////////////////////////////////////////// - private static final INTEGER v1 = new INTEGER(0); - private INTEGER version; - private ANY requestorName; - private SEQUENCE requestList; - private SEQUENCE requestExtensions; - - public INTEGER getVersion() { - return version; - } - - public ANY getRequestorName() { - return requestorName; - } - - public int getRequestCount() { - if (requestList == null) { - return 0; - } else { - return requestList.size(); - } - } - - public Request getRequestAt(int index) { - return (Request) requestList.elementAt(index); - } - - public int getExtensionsCount() { - if (requestExtensions == null) { - return 0; - } else { - return requestExtensions.size(); - } - } - - public Extension getRequestExtensionAt(int index) { - return (Extension) requestExtensions.elementAt(index); - } - - /////////////////////////////////////////////////////////////////////// - // constructors - /////////////////////////////////////////////////////////////////////// - - public TBSRequest(INTEGER version, ANY requestorName, - SEQUENCE requestList, SEQUENCE requestExtensions) { - this.version = (version != null) ? version : v1; - this.requestorName = requestorName; - this.requestList = requestList; - this.requestExtensions = requestExtensions; - } - - /////////////////////////////////////////////////////////////////////// - // encode / decode - /////////////////////////////////////////////////////////////////////// - public static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) - throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - SEQUENCE seq = new SEQUENCE(); - - if (version != v1) { - seq.addElement(new EXPLICIT(Tag.get(0), version)); - } - - if (requestorName != null) { - seq.addElement(new EXPLICIT(Tag.get(1), requestorName)); - } - - seq.addElement(requestList); - - if (requestExtensions != null) { - seq.addElement(new EXPLICIT(Tag.get(2), requestExtensions)); - } - if (implicitTag == null) { - seq.encode(ostream); - } else { - seq.encode(implicitTag, ostream); - } - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding TBSRequest. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement( - new EXPLICIT.Template( - new Tag(0), new INTEGER.Template()), - new EXPLICIT(new Tag(0), new INTEGER(0)) - ); - seqt.addOptionalElement( - new EXPLICIT.Template( - new Tag(1), new ANY.Template())); - seqt.addElement(new SEQUENCE.OF_Template(new Request.Template())); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(2), - new SEQUENCE.OF_Template(new Extension.Template()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - INTEGER v = v1; //assume default version - EXPLICIT e_ver = (EXPLICIT) seq.elementAt(0); - if (e_ver != null) { - v = (INTEGER) e_ver.getContent(); - } - - ANY requestorname = null; - EXPLICIT e_requestorName = (EXPLICIT) seq.elementAt(1); - if (e_requestorName != null) { - requestorname = (ANY) e_requestorName.getContent(); - } - - //request sequence (element 2) done below - - EXPLICIT exts = (EXPLICIT) seq.elementAt(3); - SEQUENCE exts_seq; - if (exts != null) { - exts_seq = (SEQUENCE) exts.getContent(); - } else { - exts_seq = null; - } - - return new TBSRequest( - v, - requestorname, - (SEQUENCE) seq.elementAt(2), - exts_seq); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java deleted file mode 100644 index 1fe4ea743..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java +++ /dev/null @@ -1,95 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.ocsp; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; - -import org.mozilla.jss.asn1.ASN1Template; -import org.mozilla.jss.asn1.ASN1Value; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.NULL; -import org.mozilla.jss.asn1.SEQUENCE; -import org.mozilla.jss.asn1.Tag; - -/** - * RFC 2560: - * - * <pre> - * UnknownInfo ::= NULL -- this can be replaced with an enumeration - * </pre> - * - * @version $Revision$ $Date$ - */ -public class UnknownInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; - - public UnknownInfo() { - } - - public Tag getTag() { - return Tag.get(2); - } - - public void encode(Tag t, OutputStream os) throws IOException { - NULL.getInstance().encode(getTag(), os); - } - - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding <code>ResponseBytes</code>. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - // seqt = new SEQUENCE.Template(); - // seqt.addElement(new NULL.Template() ); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - // istream); - - return new UnknownInfo(); - - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java deleted file mode 100644 index 759e9e777..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java +++ /dev/null @@ -1,29 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.IOException; -import java.util.Enumeration; - -public interface IPasswordReader { - public void init(String pwdPath) throws IOException; - - public String getPassword(String tag); - - public Enumeration<String> getTags(); -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java deleted file mode 100644 index 49b2610fa..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java +++ /dev/null @@ -1,34 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.IOException; -import java.util.Enumeration; - -public interface IPasswordStore { - public void init(String pwdPath) throws IOException; - - public String getPassword(String tag); - - public Enumeration<String> getTags(); - - public Object putPassword(String tag, String password); - - public void commit() - throws IOException, ClassCastException, NullPointerException; -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java deleted file mode 100644 index c9f9691e7..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java +++ /dev/null @@ -1,30 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.IOException; - -public interface IPasswordWriter { - public void init(String pwdPath) - throws IOException;; - - public Object putPassword(String tag, String password); - - public void commit() - throws IOException, ClassCastException, NullPointerException; -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java deleted file mode 100644 index eb43607f0..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java +++ /dev/null @@ -1,70 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Enumeration; -import java.util.Properties; -import java.util.Vector; - -public class PlainPasswordFile implements IPasswordStore { - private String mPwdPath = ""; - private Properties mPwdStore; - private static final String PASSWORD_WRITER_HEADER = ""; - - public PlainPasswordFile() { - } - - public void init(String pwdPath) - throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; - - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); - } - - public String getPassword(String tag) { - return (String) mPwdStore.getProperty(tag); - } - - // return an array of String-based tag - public Enumeration<String> getTags() { - Enumeration<?> e = mPwdStore.propertyNames(); - Vector<String> v = new Vector<String>(); - while (e.hasMoreElements()) { - v.add((String) e.nextElement()); - } - return v.elements(); - } - - public Object putPassword(String tag, String password) { - return mPwdStore.setProperty(tag, password); - } - - public void commit() - throws IOException, ClassCastException, NullPointerException { - FileOutputStream file = new FileOutputStream(mPwdPath); - mPwdStore.store(file, PASSWORD_WRITER_HEADER); - file.close(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java deleted file mode 100644 index 68724a9f6..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java +++ /dev/null @@ -1,58 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.FileInputStream; -import java.io.IOException; -import java.util.Enumeration; -import java.util.Properties; -import java.util.Vector; - -public class PlainPasswordReader implements IPasswordReader { - private String mPwdPath = ""; - private Properties mPwdStore; - - public PlainPasswordReader() { - } - - public void init(String pwdPath) - throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; - mPwdStore = new Properties(); - - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); - } - - public String getPassword(String tag) { - return (String) mPwdStore.getProperty(tag); - } - - // return an array of String-based tag - public Enumeration<String> getTags() { - Enumeration<?> e = mPwdStore.propertyNames(); - Vector<String> v = new Vector<String>(); - while (e.hasMoreElements()) { - v.add((String) e.nextElement()); - } - return v.elements(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java deleted file mode 100644 index 3ceac4bd6..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java +++ /dev/null @@ -1,56 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.password; - -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Properties; - -public class PlainPasswordWriter implements IPasswordWriter { - private static final String PASSWORD_WRITER_HEADER = ""; - private String mPwdPath = ""; - private Properties mPwdStore; - - public PlainPasswordWriter() { - } - - public void init(String pwdPath) - throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; - mPwdStore = new Properties(); - - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); - } - - public Object putPassword(String tag, String password) { - return mPwdStore.setProperty(tag, password); - } - - public void commit() - throws IOException, ClassCastException, NullPointerException { - FileOutputStream file = new FileOutputStream(mPwdPath); - mPwdStore.store(file, PASSWORD_WRITER_HEADER); - file.close(); - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java deleted file mode 100644 index 4824c885f..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java +++ /dev/null @@ -1,27 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class AccessAccept extends ServerPacket { - public AccessAccept(byte data[]) throws IOException { - super(data); - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java deleted file mode 100644 index c06f809b1..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java +++ /dev/null @@ -1,27 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class AccessChallenge extends ServerPacket { - public AccessChallenge(byte data[]) throws IOException { - super(data); - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java deleted file mode 100644 index 5f32ef349..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java +++ /dev/null @@ -1,27 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class AccessReject extends ServerPacket { - public AccessReject(byte data[]) throws IOException { - super(data); - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java deleted file mode 100644 index 7856b0cc8..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java +++ /dev/null @@ -1,25 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -public class AccessRequest extends NASPacket { - public AccessRequest(short id, Authenticator auth) { - super(ACCESS_REQUEST, id, auth); - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java deleted file mode 100644 index 5e79816e4..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java +++ /dev/null @@ -1,97 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; - -public abstract class Attribute { - public static final int USER_NAME = 1; - public static final int USER_PASSWORD = 2; - public static final int CHAP_PASSWORD = 3; - public static final int NAS_IP_ADDRESS = 4; - public static final int NAS_PORT = 5; - public static final int SERVICE_TYPE = 6; - public static final int FRAMED_PROTOCOL = 7; - public static final int FRAMED_IP_ADDRESS = 8; - public static final int FRAMED_IP_NETMASK = 9; - public static final int FRAMED_ROUTING = 10; - public static final int FILTER_ID = 11; - public static final int FRAMED_MTU = 12; - public static final int FRAMED_COMPRESSION = 13; - public static final int LOGIN_IP_HOST = 14; - public static final int LOGIN_SERVICE = 15; - public static final int LOGIN_TCP_PORT = 16; - // 17 HAS NOT BEEN ASSIGNED - public static final int REPLY_MESSAGE = 18; - public static final int CALLBACK_NUMBER = 19; - public static final int CALLBACK_ID = 20; - // 21 HAS NOT BEEN ASSIGNED - public static final int FRAMED_ROUTE = 22; - public static final int FRAMED_IPX_NETWORK = 23; - public static final int STATE = 24; - public static final int NAS_CLASS = 25; - public static final int VENDOR_SPECIFIC = 26; - public static final int SESSION_TIMEOUT = 27; - public static final int IDLE_TIMEOUT = 28; - public static final int TERMINATION_ACTION = 29; - public static final int CALLER_STATION_ID = 30; - public static final int CALLING_STATION_ID = 31; - public static final int NAS_IDENTIFIER = 32; - public static final int PROXY_STATE = 33; - public static final int LOGIN_LAT_SERVICE = 34; - public static final int LOGIN_LAT_NODE = 35; - public static final int LOGIN_LAT_GROUP = 36; - public static final int FRAMED_APPLETALK_LINK = 37; - public static final int FRAMED_APPLETALK_NETWORK = 38; - public static final int FRAMED_APPLETALK_ZONE = 39; - // 40-59 HAS NOT BEEN ASSIGNED - public static final int CHAP_CHALLENGE = 60; - public static final int NAS_PORT_TYPE = 61; - public static final int PORT_LIMIT = 62; - public static final int LOGIN_LAT_PORT = 63; - - protected int _t = 0; - - public Attribute() { - } - - public Attribute(int t) { - _t = t; - } - - public int getType() { - return _t; - } - - public abstract byte[] getValue() - throws IOException; - - public byte[] getData() - throws IOException { - ByteArrayOutputStream attrOS = new ByteArrayOutputStream(); - - attrOS.write(_t); // type - byte value[] = getValue(); - - attrOS.write(value.length + 2); // length - attrOS.write(value); - - return attrOS.toByteArray(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java deleted file mode 100644 index 021c06720..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java +++ /dev/null @@ -1,154 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class AttributeFactory { - public static Attribute createAttribute(byte data[]) - throws IOException { - switch (data[0] & 0xFF) { - case Attribute.USER_NAME: // 1 - return new UserNameAttribute(data); - - case Attribute.USER_PASSWORD: // 2 - return new UserPasswordAttribute(data); - - case Attribute.NAS_IP_ADDRESS: // 4 - return new NASIPAddressAttribute(data); - - case Attribute.NAS_PORT: // 5 - return new NASPortAttribute(data); - - case Attribute.CHAP_PASSWORD: // 3 - return new CHAPPasswordAttribute(data); - - case Attribute.SERVICE_TYPE: // 6 - return new ServiceTypeAttribute(data); - - case Attribute.FRAMED_PROTOCOL: // 7 - return new FramedProtocolAttribute(data); - - case Attribute.FRAMED_IP_ADDRESS: // 8 - return new FramedIPAddressAttribute(data); - - case Attribute.FRAMED_IP_NETMASK: // 9 - return new FramedIPNetmaskAttribute(data); - - case Attribute.FRAMED_ROUTING: // 10 - return new FramedRoutingAttribute(data); - - case Attribute.FILTER_ID: // 11 - return new FilterIdAttribute(data); - - case Attribute.FRAMED_MTU: // 12 - return new FramedMTUAttribute(data); - - case Attribute.FRAMED_COMPRESSION: // 13 - return new FramedCompressionAttribute(data); - - case Attribute.LOGIN_IP_HOST: // 14 - return new LoginIPHostAttribute(data); - - case Attribute.LOGIN_SERVICE: // 15 - return new LoginServiceAttribute(data); - - case Attribute.LOGIN_TCP_PORT: // 16 - return new LoginTCPPortAttribute(data); - - case Attribute.REPLY_MESSAGE: // 18 - return new ReplyMessageAttribute(data); - - case Attribute.CALLBACK_NUMBER: // 19 - return new CallbackNumberAttribute(data); - - case Attribute.CALLBACK_ID: // 20 - return new CallbackIdAttribute(data); - - case Attribute.FRAMED_ROUTE: // 22 - return new FramedRouteAttribute(data); - - case Attribute.FRAMED_IPX_NETWORK: // 23 - return new FramedIPXNetworkAttribute(data); - - case Attribute.STATE: // 24 - return new StateAttribute(data); - - case Attribute.NAS_CLASS: // 25 - return new NASClassAttribute(data); - - case Attribute.VENDOR_SPECIFIC: // 26 - return new VendorSpecificAttribute(data); - - case Attribute.SESSION_TIMEOUT: // 27 - return new SessionTimeoutAttribute(data); - - case Attribute.IDLE_TIMEOUT: // 28 - return new IdleTimeoutAttribute(data); - - case Attribute.TERMINATION_ACTION: // 29 - return new TerminationActionAttribute(data); - - case Attribute.CALLER_STATION_ID: // 30 - return new CallerStationIdAttribute(data); - - case Attribute.CALLING_STATION_ID: // 31 - return new CallingStationIdAttribute(data); - - case Attribute.NAS_IDENTIFIER: // 32 - return new NASIdentifierAttribute(data); - - case Attribute.PROXY_STATE: // 33 - return new ProxyStateAttribute(data); - - case Attribute.LOGIN_LAT_SERVICE: // 34 - return new LoginLATServiceAttribute(data); - - case Attribute.LOGIN_LAT_NODE: // 35 - return new LoginLATNodeAttribute(data); - - case Attribute.LOGIN_LAT_GROUP: // 36 - return new LoginLATGroupAttribute(data); - - case Attribute.FRAMED_APPLETALK_LINK: // 37 - return new FramedAppleTalkLinkAttribute(data); - - case Attribute.FRAMED_APPLETALK_NETWORK: // 38 - return new FramedAppleTalkNetworkAttribute(data); - - case Attribute.FRAMED_APPLETALK_ZONE: // 39 - return new FramedAppleTalkZoneAttribute(data); - - case Attribute.CHAP_CHALLENGE: // 60 - return new CHAPChallengeAttribute(data); - - case Attribute.NAS_PORT_TYPE: // 61 - return new NASPortTypeAttribute(data); - - case Attribute.PORT_LIMIT: // 62 - return new PortLimitAttribute(data); - - case Attribute.LOGIN_LAT_PORT: // 63 - return new LoginLATPortAttribute(data); - - default: - return new GenericAttribute(data); - // throw new IOException("Unknown attribute " + (data[0] & 0xFF)); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java deleted file mode 100644 index d6974d371..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java +++ /dev/null @@ -1,56 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.util.Enumeration; -import java.util.Vector; - -public class AttributeSet { - private Vector<Attribute> _attrs = new Vector<Attribute>(); - - public AttributeSet() { - } - - public void addAttribute(Attribute attr) { - _attrs.addElement(attr); - } - - public int size() { - return _attrs.size(); - } - - public Enumeration<Attribute> getAttributes() { - return _attrs.elements(); - } - - public Attribute getAttributeByType(int type) { - int l = _attrs.size(); - - for (int i = 0; i < l; i++) { - Attribute attr = getAttributeAt(i); - - if (attr.getType() == type) - return attr; - } - return null; - } - - public Attribute getAttributeAt(int pos) { - return _attrs.elementAt(pos); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java deleted file mode 100644 index 008af489a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java +++ /dev/null @@ -1,24 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public abstract class Authenticator { - public abstract byte[] getData() throws IOException; -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java deleted file mode 100644 index cd715a031..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java +++ /dev/null @@ -1,38 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CHAPChallengeAttribute extends Attribute { - private String _str = null; - - public CHAPChallengeAttribute(byte value[]) { - super(); - _t = CHAP_CHALLENGE; - _str = new String(value, 2, value.length - 2); - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java deleted file mode 100644 index 3f0ef1793..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java +++ /dev/null @@ -1,55 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CHAPPasswordAttribute extends Attribute { - private byte _value[] = null; - private int _ident = 0; - private String _str = null; - - public CHAPPasswordAttribute(String s) { - _str = s; - } - - public CHAPPasswordAttribute(byte value[]) { - super(); - _t = CHAP_PASSWORD; - _ident = value[2]; - _str = new String(value, 2, 16); - _value = value; - } - - public int getIdent() { - return _ident; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - byte val[] = new byte[1 + _str.length()]; - byte s[] = _str.getBytes(); - - val[0] = (byte) _ident; - System.arraycopy(s, 0, val, 1, s.length); - return val; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java deleted file mode 100644 index 5fd806003..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CallbackIdAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public CallbackIdAttribute(byte value[]) { - super(); - _t = CALLBACK_ID; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java deleted file mode 100644 index d6e45cecd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CallbackNumberAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public CallbackNumberAttribute(byte value[]) { - super(); - _t = CALLBACK_NUMBER; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java deleted file mode 100644 index 3b5eec804..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CallerStationIdAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public CallerStationIdAttribute(byte value[]) { - super(); - _t = CALLER_STATION_ID; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java deleted file mode 100644 index 9a57f8089..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class CallingStationIdAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public CallingStationIdAttribute(byte value[]) { - super(); - _t = CALLING_STATION_ID; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java b/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java deleted file mode 100644 index 972f7f084..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java +++ /dev/null @@ -1,43 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -public class ChallengeException extends Exception { - /** - * - */ - private static final long serialVersionUID = -3496050461777520369L; - private AccessChallenge _res = null; - - public ChallengeException(AccessChallenge res) { - _res = res; - } - - public AttributeSet getAttributeSet() { - return _res.getAttributeSet(); - } - - public String getState() { - return ((StateAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.STATE))).getString(); - } - - public String getReplyMessage() { - return ((ReplyMessageAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.REPLY_MESSAGE))) - .getString(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java deleted file mode 100644 index 879d7d5c7..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FilterIdAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public FilterIdAttribute(byte value[]) { - super(); - _t = CHAP_PASSWORD; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java deleted file mode 100644 index 05273780f..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java +++ /dev/null @@ -1,51 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedAppleTalkLinkAttribute extends Attribute { - public static int UN_NUMBERED = 0; - - private byte _value[] = null; - private int _type = 0; - - public FramedAppleTalkLinkAttribute(byte value[]) { - super(); - _t = FRAMED_APPLETALK_LINK; - _value = value; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java deleted file mode 100644 index cea0d936a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java +++ /dev/null @@ -1,49 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedAppleTalkNetworkAttribute extends Attribute { - private byte _value[] = null; - private int _type = 0; - - public FramedAppleTalkNetworkAttribute(byte value[]) { - super(); - _t = FRAMED_APPLETALK_NETWORK; - _value = value; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java deleted file mode 100644 index 54ee47c45..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedAppleTalkZoneAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public FramedAppleTalkZoneAttribute(byte value[]) { - super(); - _t = FRAMED_APPLETALK_ZONE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java deleted file mode 100644 index b57c030b5..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java +++ /dev/null @@ -1,54 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedCompressionAttribute extends Attribute { - public static final int NONE = 1; - public static final int VJ_TCP_IP_HEADER = 2; - public static final int IPX_HEADER = 2; - public static final int STAC_LZS = 3; - - private byte _value[] = null; - private int _type = 0; - - public FramedCompressionAttribute(byte value[]) { - super(); - _t = FRAMED_COMPRESSION; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java deleted file mode 100644 index 2f66ee8c2..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedIPAddressAttribute extends Attribute { - private byte _value[] = null; - private byte _addr[] = new byte[4]; - - public FramedIPAddressAttribute(byte value[]) { - super(); - _t = FRAMED_IP_ADDRESS; - _addr[0] = value[2]; - _addr[1] = value[3]; - _addr[2] = value[4]; - _addr[3] = value[5]; - _value = value; - } - - public byte[] getValue() throws IOException { - return _addr; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java deleted file mode 100644 index f8e1980c7..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedIPNetmaskAttribute extends Attribute { - private byte _value[] = null; - private byte _mask[] = new byte[4]; - - public FramedIPNetmaskAttribute(byte value[]) { - super(); - _t = FRAMED_IP_NETMASK; - _mask[0] = value[2]; - _mask[1] = value[3]; - _mask[2] = value[4]; - _mask[3] = value[5]; - _value = value; - } - - public byte[] getValue() throws IOException { - return _mask; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java deleted file mode 100644 index 92f47eec1..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedIPXNetworkAttribute extends Attribute { - private byte _value[] = null; - private byte _net[] = new byte[4]; - - public FramedIPXNetworkAttribute(byte value[]) { - super(); - _t = FRAMED_IPX_NETWORK; - _net[0] = value[2]; - _net[1] = value[3]; - _net[2] = value[4]; - _net[3] = value[5]; - _value = value; - } - - public byte[] getValue() throws IOException { - return _net; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java deleted file mode 100644 index 5cd9551a2..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java +++ /dev/null @@ -1,49 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedMTUAttribute extends Attribute { - private byte _value[] = null; - private int _type = 0; - - public FramedMTUAttribute(byte value[]) { - super(); - _t = FRAMED_IP_ADDRESS; - _value = value; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java deleted file mode 100644 index 5af219b9a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java +++ /dev/null @@ -1,56 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedProtocolAttribute extends Attribute { - public static final int PPP = 1; - public static final int SLIP = 2; - public static final int ARAP = 3; - public static final int GANDALF = 4; - public static final int XYLOGICS = 5; - public static final int X_75 = 6; - - private byte _value[] = null; - private int _type = 0; - - public FramedProtocolAttribute(byte value[]) { - super(); - _t = SERVICE_TYPE; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java deleted file mode 100644 index 9b123fe2a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedRouteAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public FramedRouteAttribute(byte value[]) { - super(); - _t = FRAMED_ROUTE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java deleted file mode 100644 index 14d2b0cc8..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java +++ /dev/null @@ -1,54 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class FramedRoutingAttribute extends Attribute { - public static final int NONE = 0; - public static final int SEND_ROUTING_PACKETS = 1; - public static final int LISTEN_FOR_ROUTING_PACKETS = 2; - public static final int SEND_AND_LISTEN = 3; - - private byte _value[] = null; - private int _type = 0; - - public FramedRoutingAttribute(byte value[]) { - super(); - _t = FRAMED_ROUTING; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java deleted file mode 100644 index ac1798ae3..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java +++ /dev/null @@ -1,35 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class GenericAttribute extends Attribute { - private byte _value[] = null; - - public GenericAttribute(byte value[]) { - super(); - _t = value[0]; - _value = new byte[value.length - 2]; - System.arraycopy(value, 2, _value, 0, _value.length); - } - - public byte[] getValue() throws IOException { - return _value; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java deleted file mode 100644 index 44b0c5087..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java +++ /dev/null @@ -1,52 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class IdleTimeoutAttribute extends Attribute { - private int _timeout = 0; - - public IdleTimeoutAttribute(byte value[]) { - super(); - _t = IDLE_TIMEOUT; - _timeout = value[5] & 0xFF; - _timeout |= ((value[4] << 8) & 0xFF00); - _timeout |= ((value[3] << 16) & 0xFF0000); - _timeout |= ((value[2] << 24) & 0xFF000000); - } - - public IdleTimeoutAttribute(int timeout) { - super(IDLE_TIMEOUT); - _timeout = timeout; - } - - public int getTimeout() { - return _timeout; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_timeout >>> 24) & 0xFF); - p[1] = (byte) ((_timeout >>> 16) & 0xFF); - p[2] = (byte) ((_timeout >>> 8) & 0xFF); - p[3] = (byte) (_timeout & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java deleted file mode 100644 index 0d1c0565a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java +++ /dev/null @@ -1,52 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginIPHostAttribute extends Attribute { - public static final int NAS_ALLOW_SELECT = 0xFFFFFFFF; - public static final int NAS_SELECT = 0; - - private byte _value[] = null; - private int _type = 0; - - public LoginIPHostAttribute(byte value[]) { - super(); - _t = LOGIN_IP_HOST; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java deleted file mode 100644 index 4cee6bc3a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginLATGroupAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public LoginLATGroupAttribute(byte value[]) { - super(); - _t = LOGIN_LAT_GROUP; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java deleted file mode 100644 index 2c2d3411e..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginLATNodeAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public LoginLATNodeAttribute(byte value[]) { - super(); - _t = LOGIN_LAT_NODE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java deleted file mode 100644 index 330161ec8..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginLATPortAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public LoginLATPortAttribute(byte value[]) { - super(); - _t = PROXY_STATE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java deleted file mode 100644 index 158630d27..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginLATServiceAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public LoginLATServiceAttribute(byte value[]) { - super(); - _t = LOGIN_LAT_SERVICE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java deleted file mode 100644 index 73f49d39f..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java +++ /dev/null @@ -1,58 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginServiceAttribute extends Attribute { - public static final int TELNET = 0; - public static final int RLOGIN = 1; - public static final int TCP_CLEAR = 2; - public static final int PORTMASTER = 3; - public static final int LAT = 4; - public static final int X25_PAD = 5; - public static final int X25_T3POS = 6; - public static final int TCP_CLEAR_QUIET = 8; - - private byte _value[] = null; - private int _type = 0; - - public LoginServiceAttribute(byte value[]) { - super(); - _t = LOGIN_SERVICE; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java deleted file mode 100644 index 6b44f50c6..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java +++ /dev/null @@ -1,52 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class LoginTCPPortAttribute extends Attribute { - private int _port = 0; - - public LoginTCPPortAttribute(byte value[]) { - super(); - _t = LOGIN_TCP_PORT; - _port = value[5] & 0xFF; - _port |= ((value[4] << 8) & 0xFF00); - _port |= ((value[3] << 16) & 0xFF0000); - _port |= ((value[2] << 24) & 0xFF000000); - } - - public LoginTCPPortAttribute(int port) { - super(LOGIN_TCP_PORT); - _port = port; - } - - public int getPort() { - return _port; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_port >>> 24) & 0xFF); - p[1] = (byte) ((_port >>> 16) & 0xFF); - p[2] = (byte) ((_port >>> 8) & 0xFF); - p[3] = (byte) (_port & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java deleted file mode 100644 index 57b983028..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class NASClassAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public NASClassAttribute(byte value[]) { - super(); - _t = NAS_CLASS; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java deleted file mode 100644 index d4022b3dd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java +++ /dev/null @@ -1,41 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; -import java.net.InetAddress; - -public class NASIPAddressAttribute extends Attribute { - private InetAddress _ip = null; - private byte _value[] = null; - - public NASIPAddressAttribute(byte value[]) { - super(); - _t = NAS_IP_ADDRESS; - _value = value; - } - - public NASIPAddressAttribute(InetAddress ip) { - super(NAS_IP_ADDRESS); - _ip = ip; - } - - public byte[] getValue() throws IOException { - return _ip.getAddress(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java deleted file mode 100644 index 0a3a62cd8..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class NASIdentifierAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public NASIdentifierAttribute(byte value[]) { - super(); - _t = NAS_IDENTIFIER; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java deleted file mode 100644 index 70d143989..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java +++ /dev/null @@ -1,52 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; - -public abstract class NASPacket extends Packet { - public NASPacket(int c, short id, Authenticator auth) { - super(c, id, auth); - } - - public byte[] getData() throws IOException { - // prepare the attributes first - ByteArrayOutputStream attrsOS = new ByteArrayOutputStream(); - - for (int i = 0; i < _attrs.size(); i++) { - Attribute attr = (Attribute) getAttributeAt(i); - - attrsOS.write(attr.getData()); - } - byte attrsData[] = attrsOS.toByteArray(); - - ByteArrayOutputStream dataOS = new ByteArrayOutputStream(); - - dataOS.write(_c); // code - dataOS.write(_id); // identifier - int len = attrsData.length + 20; - - dataOS.write((len >>> 8) & 0xFF); - dataOS.write(len & 0xFF); - dataOS.write(_auth.getData()); - dataOS.write(attrsData); - - return dataOS.toByteArray(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java deleted file mode 100644 index 0f7b31e75..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java +++ /dev/null @@ -1,48 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class NASPortAttribute extends Attribute { - private int _port = 0; - - public NASPortAttribute(byte value[]) { - super(); - _t = NAS_PORT; - _port = value[5] & 0xFF; - _port |= ((value[4] << 8) & 0xFF00); - _port |= ((value[3] << 16) & 0xFF0000); - _port |= ((value[2] << 24) & 0xFF000000); - } - - public NASPortAttribute(int port) { - super(NAS_PORT); - _port = port; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_port >>> 24) & 0xFF); - p[1] = (byte) ((_port >>> 16) & 0xFF); - p[2] = (byte) ((_port >>> 8) & 0xFF); - p[3] = (byte) (_port & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java deleted file mode 100644 index 84ccc3ae1..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java +++ /dev/null @@ -1,53 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class NASPortTypeAttribute extends Attribute { - public static final int ASYNC = 0; - public static final int SYNC = 1; - public static final int ISDN_SYNC = 2; - public static final int ISDN_ASYNC_V120 = 3; - public static final int ISDN_ASYNC_V110 = 4; - public static final int VIRTUAL = 5; - public static final int PIAFS = 6; - public static final int HDLC = 7; - public static final int X_25 = 8; - public static final int X_75 = 9; - public static final int G3_FAX = 10; - public static final int SDSL = 11; - public static final int ADSL_CAP = 12; - public static final int ADSL_DMT = 13; - public static final int IDSL = 14; - public static final int ETHERNET = 15; - public static final int XDSL = 16; - public static final int CABLE = 17; - - private byte _value[] = null; - - public NASPortTypeAttribute(byte value[]) { - super(); - _t = NAS_PORT_TYPE; - _value = value; - } - - public byte[] getValue() throws IOException { - return _value; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java b/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java deleted file mode 100644 index 4fad0ba79..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java +++ /dev/null @@ -1,70 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -public abstract class Packet { - public static final int ACCESS_REQUEST = 1; - public static final int ACCESS_ACCEPT = 2; - public static final int ACCESS_REJECT = 3; - // public static final int ACCOUNTING_REQUEST = 4; - // public static final int ACCOUNTING_RESPONSE = 5; - public static final int ACCESS_CHALLENGE = 11; - public static final int RESERVED = 255; - - protected int _c = 0; - protected short _id = 0; - protected Authenticator _auth = null; - protected AttributeSet _attrs = new AttributeSet(); - - public Packet() { - } - - public Packet(int c, short id, Authenticator auth) { - _c = c; - _id = id; - _auth = auth; - } - - public int getCode() { - return _c; - } - - public short getIdentifier() { - return _id; - } - - public Authenticator getAuthenticator() { - return _auth; - } - - public void addAttribute(Attribute attr) { - _attrs.addAttribute(attr); - } - - public AttributeSet getAttributeSet() { - return _attrs; - } - - public Attribute getAttributeAt(int pos) { - return _attrs.getAttributeAt(pos); - } - - public String toString() { - return "Packet [code=" + _c + ",id=" + (_id & 0xFF) + "]"; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java b/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java deleted file mode 100644 index 8d2e20e74..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class PacketFactory { - public static ServerPacket createServerPacket(byte data[]) - throws IOException { - switch (data[0] & 0xFF) { - case Packet.ACCESS_ACCEPT: - return new AccessAccept(data); - - case Packet.ACCESS_REJECT: - return new AccessReject(data); - - case Packet.ACCESS_CHALLENGE: - return new AccessChallenge(data); - - default: - throw new IOException("Unknown server packet " + (data[0] & 0xFF)); - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java deleted file mode 100644 index 7903bb1fd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java +++ /dev/null @@ -1,51 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class PortLimitAttribute extends Attribute { - private int _port = 0; - - private byte _value[] = null; - - public PortLimitAttribute(byte value[]) { - super(); - _t = FRAMED_IP_ADDRESS; - _value = value; - _port = value[5] & 0xFF; - _port |= ((value[4] << 8) & 0xFF00); - _port |= ((value[3] << 16) & 0xFF0000); - _port |= ((value[2] << 24) & 0xFF000000); - - } - - public int getPort() { - return _port; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_port >>> 24) & 0xFF); - p[1] = (byte) ((_port >>> 16) & 0xFF); - p[2] = (byte) ((_port >>> 8) & 0xFF); - p[3] = (byte) (_port & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java deleted file mode 100644 index 83831b652..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class ProxyStateAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public ProxyStateAttribute(byte value[]) { - super(); - _t = PROXY_STATE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java b/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java deleted file mode 100644 index b22807a5d..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java +++ /dev/null @@ -1,230 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; -import java.io.InterruptedIOException; -import java.net.DatagramPacket; -import java.net.DatagramSocket; -import java.net.InetAddress; -import java.net.SocketException; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.util.Properties; - -/** - * This class implements RFC2865 - Remote Authentication Dial In - * User Service (RADIUS), June 2000. - */ -public class RadiusConn { - public static int MAX_RETRIES = 10; - public static int OFFICAL_PORT = 1812; - public static int DEFAULT_PORT = 1645; - public static int DEFAULT_TIMEOUT = 5; - - public static String OPTION_DEBUG = "OPTION_DEBUG"; - - private Properties _options = null; - private boolean _traceOn = true; - private String _host[] = new String[2]; - private int _port[] = new int[2]; - private int _selected = 0; - private String _secret = null; - private DatagramSocket _socket = null; - private short _id = (short) System.currentTimeMillis(); - private int _maxRetries = MAX_RETRIES; - private SecureRandom _rand = null; - - public RadiusConn(String host1, String host2, int port, String secret, - int timeout) throws SocketException { - this(host1, port, host2, port, secret, timeout, null, null); - } - - public RadiusConn(String host, int port, String secret, byte seed[], - Properties options) - throws SocketException { - this(host, port, host, port, secret, DEFAULT_TIMEOUT, seed, options); - } - - public RadiusConn(String host1, int port1, String host2, int port2, - String secret, int timeout, byte seed[], Properties options) - throws SocketException { - _host[0] = host1; - _port[0] = port1; - _host[1] = host2; - _port[1] = port2; - _selected = 0; - _secret = secret; - _options = options; - _socket = new DatagramSocket(); - _socket.setSoTimeout(timeout * 1000); - if (seed == null) { - _rand = new SecureRandom(); - } else { - _rand = new SecureRandom(seed); - } - } - - public void disconnect() throws IOException { - _socket.disconnect(); - } - - public void authenticate(String name, String password) - throws IOException, NoSuchAlgorithmException, - RejectException, ChallengeException { - int retries = 0; - Packet res = null; - - do { - AccessRequest req = createAccessRequest(); - - req.addAttribute(new UserNameAttribute(name)); - req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), - _secret, password)); - req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost())); - req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); - - send(req, _host[_selected], _port[_selected]); - try { - retries++; - res = receive(); - if (res instanceof AccessReject) { - throw new RejectException((AccessReject) res); - } else if (res instanceof AccessChallenge) { - throw new ChallengeException((AccessChallenge) res); - } - } catch (InterruptedIOException e) { - if (retries >= _maxRetries) { - // switch server if maxRetries reaches limit - retries = 0; - if (_selected == 0) { - _selected = 1; - } else { - _selected = 0; - } - // throw e; - } - - } - } while (res == null); - } - - public void replyChallenge(String password, ChallengeException ce) - throws IOException, NoSuchAlgorithmException, - RejectException, ChallengeException { - replyChallenge(null, password, ce); - } - - public void replyChallenge(String name, String password, - ChallengeException ce) - throws IOException, NoSuchAlgorithmException, - RejectException, ChallengeException { - StateAttribute state = (StateAttribute) - ce.getAttributeSet().getAttributeByType(Attribute.STATE); - - if (state == null) - throw new IOException("State not found in challenge"); - AccessRequest req = createAccessRequest(); - - req.addAttribute(state); // needed in challenge - if (name != null) { - req.addAttribute(new UserNameAttribute(name)); - } - req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), - _secret, password)); - req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost())); - req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); - - send(req, _host[_selected], _port[_selected]); - Packet res = receive(); - - if (res instanceof AccessReject) { - throw new RejectException((AccessReject) res); - } else if (res instanceof AccessChallenge) { - throw new ChallengeException((AccessChallenge) res); - } - } - - public void replyChallenge(String name, String password, String state) - throws IOException, NoSuchAlgorithmException, - RejectException, ChallengeException { - if (state == null) - throw new IOException("State not found in challenge"); - AccessRequest req = createAccessRequest(); - - req.addAttribute(new StateAttribute(state)); // needed in challenge - req.addAttribute(new UserNameAttribute(name)); - req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), - _secret, password)); - req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost())); - req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); - - send(req, _host[_selected], _port[_selected]); - Packet res = receive(); - - if (res instanceof AccessReject) { - throw new RejectException((AccessReject) res); - } else if (res instanceof AccessChallenge) { - throw new ChallengeException((AccessChallenge) res); - } - } - - private short getIdentifier() { - return _id++; - } - - private void send(NASPacket packet, String host, int port) - throws IOException { - DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); - - dp.setPort(port); - dp.setAddress(InetAddress.getByName(host)); - byte data[] = packet.getData(); - - dp.setLength(data.length); - dp.setData(data); - _socket.send(dp); - if (_traceOn) - trace("Sent " + packet); - } - - private ServerPacket receive() - throws IOException { - DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); - - _socket.receive(dp); - byte data[] = dp.getData(); - ServerPacket p = PacketFactory.createServerPacket(data); - - if (_traceOn) - trace("Received " + p + " size=" + p.getAttributeSet().size()); - return p; - } - - private AccessRequest createAccessRequest() throws NoSuchAlgorithmException { - RequestAuthenticator ra = new RequestAuthenticator(_rand, _secret); - AccessRequest req = new AccessRequest(getIdentifier(), ra); - - return req; - } - - private void trace(String msg) { - System.out.println("TRACE: " + msg); - System.out.flush(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java b/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java deleted file mode 100644 index f312ef2a4..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -public class RejectException extends Exception { - /** - * - */ - private static final long serialVersionUID = -6410697638175895003L; - private AccessReject _res = null; - - public RejectException(AccessReject res) { - _res = res; - } - - public AttributeSet getAttributeSet() { - return _res.getAttributeSet(); - } - - public String getReplyMessage() { - return ((ReplyMessageAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.REPLY_MESSAGE))) - .getString(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java deleted file mode 100644 index 5ec4ea052..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java +++ /dev/null @@ -1,40 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class ReplyMessageAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public ReplyMessageAttribute(byte value[]) { - super(); - _t = REPLY_MESSAGE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java deleted file mode 100644 index 5d82752dd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java +++ /dev/null @@ -1,44 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; - -public class RequestAuthenticator extends Authenticator { - private byte _ra[] = null; - - public RequestAuthenticator(SecureRandom rand, String secret) - throws NoSuchAlgorithmException { - byte[] authenticator = new byte[16]; - - rand.nextBytes(authenticator); - - MessageDigest md5 = MessageDigest.getInstance("MD5"); - - md5.update(authenticator); - md5.update(secret.getBytes()); - _ra = md5.digest(); - } - - public byte[] getData() throws IOException { - return _ra; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java deleted file mode 100644 index 3c3de33c4..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java +++ /dev/null @@ -1,32 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class ResponseAuthenticator extends Authenticator { - private byte _data[] = null; - - public ResponseAuthenticator(byte data[]) { - _data = data; - } - - public byte[] getData() throws IOException { - return _data; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java b/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java deleted file mode 100644 index f7d7fa302..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java +++ /dev/null @@ -1,47 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public abstract class ServerPacket extends Packet { - public ServerPacket(byte data[]) throws IOException { - super(); - _c = data[0]; - _id = data[1]; - int datalen = data[3] & 0xFF; - - datalen |= ((data[2] << 8) & 0xFF00); - byte authData[] = new byte[16]; - - System.arraycopy(data, 4, authData, 0, 16); - _auth = new ResponseAuthenticator(authData); - - // building attributes - int startp = 20; - - while (startp != datalen) { - int attrLen = (data[startp + 1] & 0xFF); - byte attrData[] = new byte[attrLen]; - - System.arraycopy(data, startp, attrData, 0, attrData.length); - addAttribute(AttributeFactory.createAttribute(attrData)); - startp += attrData.length; - } - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java deleted file mode 100644 index f31c74f9a..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java +++ /dev/null @@ -1,61 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class ServiceTypeAttribute extends Attribute { - public static final int LOGIN = 1; - public static final int FRAMED = 2; - public static final int CALLBACK_LOGIN = 3; - public static final int CALLBACK_FRAMED = 4; - public static final int OUTBOUND = 5; - public static final int ADMINSITRATIVE = 6; - public static final int NAS_PROMPT = 7; - public static final int AUTHENTICATE_ONLY = 8; - public static final int CALLBACK_NAS_PROMPT = 9; - public static final int CALL_CHECK = 10; - public static final int CALLBACK_ADMINISTRATIVE = 11; - - private byte _value[] = null; - private int _type = 0; - - public ServiceTypeAttribute(byte value[]) { - super(); - _t = SERVICE_TYPE; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); - _type |= ((value[2] << 24) & 0xFF000000); - _value = value; - } - - public int getType() { - return _type; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_type >>> 24) & 0xFF); - p[1] = (byte) ((_type >>> 16) & 0xFF); - p[2] = (byte) ((_type >>> 8) & 0xFF); - p[3] = (byte) (_type & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java deleted file mode 100644 index 2809aee4b..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java +++ /dev/null @@ -1,48 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class SessionTimeoutAttribute extends Attribute { - private int _timeout = 0; - - public SessionTimeoutAttribute(byte value[]) { - super(); - _t = SESSION_TIMEOUT; - _timeout = value[5] & 0xFF; - _timeout |= ((value[4] << 8) & 0xFF00); - _timeout |= ((value[3] << 16) & 0xFF0000); - _timeout |= ((value[2] << 24) & 0xFF000000); - } - - public SessionTimeoutAttribute(int timeout) { - super(SESSION_TIMEOUT); - _timeout = timeout; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_timeout >>> 24) & 0xFF); - p[1] = (byte) ((_timeout >>> 16) & 0xFF); - p[2] = (byte) ((_timeout >>> 8) & 0xFF); - p[3] = (byte) (_timeout & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java deleted file mode 100644 index 027f95620..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java +++ /dev/null @@ -1,45 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class StateAttribute extends Attribute { - private byte _value[] = null; - private String _str = null; - - public StateAttribute(String str) { - _t = STATE; - _str = str; - } - - public StateAttribute(byte value[]) { - super(); - _t = STATE; - _str = new String(value, 2, value.length - 2); - _value = value; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - return _str.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java deleted file mode 100644 index b47a70d8c..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java +++ /dev/null @@ -1,55 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class TerminationActionAttribute extends Attribute { - public static final int DEFAULT = 0; - public static final int RADIUS_REQUEST = 1; - - private int _action = 0; - - public TerminationActionAttribute(byte value[]) { - super(); - _t = TERMINATION_ACTION; - _action = value[5] & 0xFF; - _action |= ((value[4] << 8) & 0xFF00); - _action |= ((value[3] << 16) & 0xFF0000); - _action |= ((value[2] << 24) & 0xFF000000); - } - - public TerminationActionAttribute(int action) { - super(TERMINATION_ACTION); - _action = action; - } - - public int getAction() { - return _action; - } - - public byte[] getValue() throws IOException { - byte[] p = new byte[4]; - - p[0] = (byte) ((_action >>> 24) & 0xFF); - p[1] = (byte) ((_action >>> 16) & 0xFF); - p[2] = (byte) ((_action >>> 8) & 0xFF); - p[3] = (byte) (_action & 0xFF); - return p; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java deleted file mode 100644 index af7ce6bbe..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java +++ /dev/null @@ -1,39 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class UserNameAttribute extends Attribute { - private String _name = null; - - public UserNameAttribute(byte value[]) { - super(); - _t = USER_NAME; - _name = new String(value, 2, value.length - 2); - } - - public UserNameAttribute(String name) { - super(USER_NAME); - _name = name; - } - - public byte[] getValue() throws IOException { - return _name.getBytes(); - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java deleted file mode 100644 index 31c27cdfd..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java +++ /dev/null @@ -1,73 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class UserPasswordAttribute extends Attribute { - private Authenticator _ra = null; - private String _secret = null; - private String _password = null; - - public UserPasswordAttribute(byte value[]) { - // - } - - public UserPasswordAttribute(Authenticator ra, String secret, String password) { - super(USER_PASSWORD); - _ra = ra; - _secret = secret; - _password = password; - } - - public byte[] getValue() throws IOException { - MessageDigest md5 = null; - - try { - md5 = MessageDigest.getInstance("MD5"); - } catch (NoSuchAlgorithmException e) { - throw new IOException(e.getMessage()); - } - md5.update(_secret.getBytes()); - md5.update(_ra.getData()); - byte sum[] = md5.digest(); - - byte up[] = _password.getBytes(); - int oglen = (up.length / 16) + 1; - byte ret[] = new byte[oglen * 16]; - - for (int i = 0; i < ret.length; i++) { - if ((i % 16) == 0) { - md5.reset(); - md5.update(_secret.getBytes()); - } - if (i < up.length) { - ret[i] = (byte) (sum[i % 16] ^ up[i]); - } else { - ret[i] = (byte) (sum[i % 16] ^ 0); - } - md5.update(ret[i]); - if ((i % 16) == 15) { - sum = md5.digest(); - } - } - return ret; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java deleted file mode 100644 index 5f3d9f170..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java +++ /dev/null @@ -1,52 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.radius; - -import java.io.IOException; - -public class VendorSpecificAttribute extends Attribute { - private byte _value[] = null; - private String _id = null; - private String _str = null; - - public VendorSpecificAttribute(byte value[]) { - super(); - _t = VENDOR_SPECIFIC; - _id = new String(value, 2, 4); - _str = new String(value, 6, value.length - 6); - _value = value; - } - - public String getId() { - return _id; - } - - public String getString() { - return _str; - } - - public byte[] getValue() throws IOException { - byte v[] = new byte[_id.length() + _str.length()]; - byte idData[] = _id.getBytes(); - byte strData[] = _str.getBytes(); - - System.arraycopy(idData, 0, v, 0, _id.length()); - System.arraycopy(strData, 0, v, _id.length(), _str.length()); - return v; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java b/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java deleted file mode 100644 index 03bc68723..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java +++ /dev/null @@ -1,905 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.scep; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.CharConversionException; -import java.io.IOException; -import java.security.PublicKey; -import java.util.Arrays; -import java.util.Hashtable; - -import netscape.security.pkcs.PKCS10; - -import org.mozilla.jss.asn1.ANY; -import org.mozilla.jss.asn1.ASN1Util; -import org.mozilla.jss.asn1.INTEGER; -import org.mozilla.jss.asn1.InvalidBERException; -import org.mozilla.jss.asn1.NULL; -import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; -import org.mozilla.jss.asn1.OCTET_STRING; -import org.mozilla.jss.asn1.PrintableString; -import org.mozilla.jss.asn1.SET; -import org.mozilla.jss.crypto.SignatureAlgorithm; -import org.mozilla.jss.crypto.TokenException; -import org.mozilla.jss.pkcs7.Attribute; -import org.mozilla.jss.pkcs7.ContentInfo; -import org.mozilla.jss.pkcs7.EncryptedContentInfo; -import org.mozilla.jss.pkcs7.EnvelopedData; -import org.mozilla.jss.pkcs7.IssuerAndSerialNumber; -import org.mozilla.jss.pkcs7.RecipientInfo; -import org.mozilla.jss.pkcs7.SignedData; -import org.mozilla.jss.pkcs7.SignerInfo; -import org.mozilla.jss.pkix.cert.Certificate; -import org.mozilla.jss.pkix.cert.CertificateInfo; -import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; - -public class CRSPKIMessage { - - // OIDs for authenticated attributes - public static OBJECT_IDENTIFIER CRS_MESSAGETYPE = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 2 } - ); - public static OBJECT_IDENTIFIER CRS_PKISTATUS = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 3 } - ); - public static OBJECT_IDENTIFIER CRS_FAILINFO = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 4 } - ); - public static OBJECT_IDENTIFIER CRS_SENDERNONCE = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 5 } - ); - public static OBJECT_IDENTIFIER CRS_RECIPIENTNONCE = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 6 } - ); - public static OBJECT_IDENTIFIER CRS_TRANSID = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 7 } - ); - public static OBJECT_IDENTIFIER CRS_EXTENSIONREQ = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 113733, 1, 9, 8 } - ); - - // PKCS9 defined OIDs - - public static OBJECT_IDENTIFIER PKCS9_CONTENT_TYPE = - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 1, 9, 3 } - ); - - public static OBJECT_IDENTIFIER PKCS9_MESSAGE_DIGEST = - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 1, 9, 4 } - ); - - /* PKCS 1 - rsaEncryption */ - public static OBJECT_IDENTIFIER RSA_ENCRYPTION = - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 1, 1, 1 } - ); - - public static OBJECT_IDENTIFIER DES_CBC_ENCRYPTION = - new OBJECT_IDENTIFIER(new long[] { 1, 3, 14, 3, 2, 7 } - ); - - public static OBJECT_IDENTIFIER DES_EDE3_CBC_ENCRYPTION = - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 3, 7 } - ); - - public static OBJECT_IDENTIFIER MD5_DIGEST = - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 2, 5 } - ); - - public static OBJECT_IDENTIFIER SHA1_DIGEST = - new OBJECT_IDENTIFIER(new long[] { 1, 3, 14, 3, 2, 26 } - ); - - public static OBJECT_IDENTIFIER SHA256_DIGEST = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 101, 3, 4, 2, 1 } - ); - - public static OBJECT_IDENTIFIER SHA512_DIGEST = - new OBJECT_IDENTIFIER(new long[] { 2, 16, 840, 1, 101, 3, 4, 2, 3 } - ); - - // Strings given in 'messageType' authenticated attribute - public final static String mType_PKCSReq = "19"; - public final static String mType_CertRep = "3"; - public final static String mType_GetCertInitial = "20"; - public final static String mType_GetCert = "21"; - public final static String mType_GetCRL = "22"; - - // Strings given in 'PKIStatus' authenticated attribute - public final static String mStatus_SUCCESS = "0"; - public final static String mStatus_FAILURE = "2"; - public final static String mStatus_PENDING = "3"; - - // Strings given in 'failInfo' authenticated attribute - public final static String mFailInfo_badAlg = "0"; - public final static String mFailInfo_badMessageCheck = "1"; - public final static String mFailInfo_badRequest = "2"; - public final static String mFailInfo_badTime = "3"; - public final static String mFailInfo_badCertId = "4"; - public final static String mFailInfo_unsupportedExt = "5"; - public final static String mFailInfo_mustArchiveKeys = "6"; - public final static String mFailInfo_badIdentity = "7"; - public final static String mFailInfo_popRequired = "8"; - public final static String mFailInfo_popFailed = "9"; - public final static String mFailInfo_noKeyReuse = "10"; - public final static String mFailInfo_internalCAError = "11"; - public final static String mFailInfo_tryLater = "12"; - - // ************************************************************************ - // These private members represent the flattened structure of the PKIMessage - // ************************************************************************ - - // top level is just a ContentInfo - private ContentInfo crsci; - // it's content is a signedData - private SignedData sd; - - // In the signed data, we have: - private int sdv; // Version - private ContentInfo data; // The data to be digested - private EnvelopedData sded; // Enveloped data inside of signed data - private byte[] signerCertBytes; - org.mozilla.jss.pkix.cert.Certificate signerCert; - - private SET sis; // set of SignerInfos - private SignerInfo si; // First SignerInfo - private AlgorithmIdentifier digestAlgorithmId = null; - private int siv; // Version - private SET aa; // Authenticated Attributes - private SET aa_old; // Authenticated Attributes - private IssuerAndSerialNumber sgnIASN; // Signer's Issuer Name and Serialnum - private OCTET_STRING aa_digest; // digest of the authenticated attrs - - private String messageType; // these are all authenticated attributes - private String failInfo; - private String pkiStatus; - private String transactionID; - private byte[] senderNonce; - private byte[] recipientNonce; - private OCTET_STRING msg_digest; // digest of the message - - // Inside the sded Enveloped data - private RecipientInfo ri; // First RecipientInfo - private int riv; // Version - private AlgorithmIdentifier riAlgid; // alg that the bulk key is wrapped with - private byte[] riKey; // bulk key, wrapped with above algorithm - private byte[] cKey; // * 'clear', unwrapped key (not in ASN.1) * - private IssuerAndSerialNumber rcpIASN; // Recipient's Issuer Name and Serial Number - - private EncryptedContentInfo eci; - private byte[] iv; // initialization vector for above key - private byte[] ec; // encrypted content (P10, in case of request) - private byte[] cc; // * 'clear' content (not in ASN.1) * - private String encryptionAlgorithm = null; - - // For the CertRep, the enveloped content is another signed Data: - private SignedData crsd; - private int rsdVersion; - private byte[] rsdCert; // certificate to send in response - - private PKCS10 myP10; - - private Hashtable<String, Object> attrs; // miscellanous - - // *** END *** // - - public void debug() { - } - - public void put(String a, Object b) { - attrs.put(a, b); - } - - public Object get(Object a) { - return attrs.get(a); - } - - private SignatureAlgorithm getSignatureAlgorithm(String hashAlgorithm) { - SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RSASignatureWithMD5Digest; - if (hashAlgorithm != null) { - if (hashAlgorithm.equals("SHA1")) { - signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA1Digest; - } else if (hashAlgorithm.equals("SHA256")) { - signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA256Digest; - } else if (hashAlgorithm.equals("SHA512")) { - signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA512Digest; - } - } - return signatureAlgorithm; - } - - private OBJECT_IDENTIFIER getAlgorithmOID(String hashAlgorithm) { - OBJECT_IDENTIFIER oid = MD5_DIGEST; - if (hashAlgorithm != null) { - if (hashAlgorithm.equals("SHA1")) { - oid = SHA1_DIGEST; - } else if (hashAlgorithm.equals("SHA256")) { - oid = SHA256_DIGEST; - } else if (hashAlgorithm.equals("SHA512")) { - oid = SHA512_DIGEST; - } - } - return oid; - } - - // getHashAlgorithm is added to work around issue 636217 - private String getHashAlgorithm(OBJECT_IDENTIFIER algorithmOID) { - String hashAlgorithm = null; - if (algorithmOID != null) { - if (algorithmOID.equals(MD5_DIGEST)) { - hashAlgorithm = "MD5"; - } else if (algorithmOID.equals(SHA1_DIGEST)) { - hashAlgorithm = "SHA1"; - } else if (algorithmOID.equals(SHA256_DIGEST)) { - hashAlgorithm = "SHA256"; - } else if (algorithmOID.equals(SHA512_DIGEST)) { - hashAlgorithm = "SHA512"; - } - } - return hashAlgorithm; - } - - // These functions are used to initialize the various blobs - - public void makeSignedData(int version, - byte[] certificate, String hashAlgorithm) { - - try { - SET digest_algs = new SET(); - - digest_algs.addElement(new AlgorithmIdentifier(getAlgorithmOID(hashAlgorithm), new NULL())); - - // SET certs = new SET(); - // certs.addElement(new ANY(certificate)); - - SET sis = new SET(); - - sis.addElement(si); - - ContentInfo data = this.data; - - this.sd = new SignedData( - digest_algs, - data, - null, // don't send the certs, he already has them - null, // crl's - sis); - - } catch (Exception e) { - } - } - - public byte[] getResponse() throws IOException, InvalidBERException { - - crsci = new ContentInfo(ContentInfo.SIGNED_DATA, - sd); - - return ASN1Util.encode(crsci); - - // ANY a = crsci.getContent(); - // return a.getEncoded(); - } - - /* - public void makeSignerInfo_old(int version, - // issuer and serialnumber - byte[] digest) { - - si = new SignerInfo(new INTEGER(version), - sgnIASN, // issuer and serialnum - new AlgorithmIdentifier(MD5_DIGEST, new NULL()), // digest algorithm - this.aa, // Authenticated Attributes - new AlgorithmIdentifier(RSA_ENCRYPTION,new NULL()), // digest encryption algorithm - new OCTET_STRING(digest), // digest - null); // unauthenticated attributes - - } - */ - - public void makeSignerInfo(int version, - // issuer and serialnumber - org.mozilla.jss.crypto.PrivateKey pk, String hashAlgorithm) - throws java.security.NoSuchAlgorithmException, - TokenException, - java.security.InvalidKeyException, - java.security.SignatureException, - org.mozilla.jss.CryptoManager.NotInitializedException { - - si = new SignerInfo(sgnIASN, // issuer and serialnum - this.aa, // Authenticated Attributes - null, // Unauthenticated Attrs - ContentInfo.ENVELOPED_DATA, // content type - msg_digest.toByteArray(), // digest - getSignatureAlgorithm(hashAlgorithm), - pk); - } - - public void makeAuthenticatedAttributes() { - - aa = new SET(); - - try { - if (transactionID != null) { - SET tidset = new SET(); - - tidset.addElement((new PrintableString(transactionID))); - aa.addElement(new Attribute(CRS_TRANSID, tidset)); - } - - if (pkiStatus != null) { - SET pkistatusset = new SET(); - - pkistatusset.addElement(new PrintableString(pkiStatus)); - aa.addElement(new Attribute(CRS_PKISTATUS, pkistatusset)); - } - - if (messageType != null) { - SET aaset = new SET(); - - aaset.addElement(new PrintableString(messageType)); - aa.addElement(new Attribute(CRS_MESSAGETYPE, aaset)); - } - - if (failInfo != null) { - SET fiset = new SET(); - - fiset.addElement(new PrintableString(failInfo)); - aa.addElement(new Attribute(CRS_FAILINFO, fiset)); - } - - if (senderNonce != null) { - SET snset = new SET(); - - snset.addElement(new OCTET_STRING(senderNonce)); - aa.addElement(new Attribute(CRS_SENDERNONCE, snset)); - } - - if (recipientNonce != null) { - SET rnset = new SET(); - - rnset.addElement(new OCTET_STRING(recipientNonce)); - aa.addElement(new Attribute(CRS_RECIPIENTNONCE, rnset)); - } - - // XXX sender nonce - - } catch (CharConversionException e) { - } - } - - public byte[] makeEnvelopedData(int version) { - - byte[] r; - - try { - - if (this.ri != null) { - ContentInfo ci; - - SET ris = new SET(); - - ris.addElement(this.ri); - - this.sded = new EnvelopedData( - new INTEGER(version), - ris, - eci); - - ci = new ContentInfo(ContentInfo.ENVELOPED_DATA, - sded); - ByteArrayOutputStream ba = new ByteArrayOutputStream(); - - ci.encode(ba); - r = ba.toByteArray(); - } else { - r = new byte[0]; - } - - this.data = new ContentInfo(ContentInfo.DATA, - new OCTET_STRING(r)); - - return r; - - // return this.sded.getEncodedContents(); - } catch (Exception e) { - return null; - } - - } - - public void makeRecipientInfo(int version, byte[] riKey) { - this.riv = version; - - this.riAlgid = new AlgorithmIdentifier(RSA_ENCRYPTION, new NULL()); - this.riKey = riKey; - - this.ri = new RecipientInfo( - new INTEGER(this.riv), - rcpIASN, - this.riAlgid, - new OCTET_STRING(this.riKey) - ); - } - - public void makeEncryptedContentInfo(byte[] iv, byte[] ec, String algorithm) { - this.iv = iv; - this.ec = ec; - - try { - OBJECT_IDENTIFIER oid = DES_CBC_ENCRYPTION; - if (algorithm != null && algorithm.equals("DES3")) - oid = DES_EDE3_CBC_ENCRYPTION; - - AlgorithmIdentifier aid = new AlgorithmIdentifier(oid, new OCTET_STRING(iv)); - - //eci = EncryptedContentInfo.createCRSCompatibleEncryptedContentInfo( - eci = new EncryptedContentInfo(ContentInfo.DATA, - aid, - new OCTET_STRING(ec) - ); - - } catch (Exception e) { - } - } - - public byte[] makeSignedRep(int v, byte[] certificate) { - rsdVersion = v; - rsdCert = certificate; - try { - SET certs = new SET(); - ANY cert = new ANY(certificate); - - certs.addElement(cert); - - crsd = new SignedData( - new SET(), // empty set of digestAlgorithmID's - new ContentInfo( - new OBJECT_IDENTIFIER(new long[] { 1, 2, 840, 113549, 1, 7, 1 } - ), - null), //empty content - certs, - null, // no CRL's - new SET() // empty SignerInfos - ); - ContentInfo wrap = new ContentInfo(ContentInfo.SIGNED_DATA, - crsd); - - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - - wrap.encode(baos); - - return baos.toByteArray(); - // return crsd.getEncodedContents(); - } catch (Exception e) { - return null; - } - } - - public String toString() { - StringBuffer sb = new StringBuffer(); - sb.append("{ messageType="); - sb.append(getMessageType()); - sb.append(", failInfo="); - sb.append(getFailInfo()); - sb.append(", pkiStatus="); - sb.append(getPKIStatus()); - sb.append(", transactionID="); - sb.append(getTransactionID()); - sb.append(", senderNonce="); - sb.append(Arrays.toString(getSenderNonce())); - sb.append(", recipientNonce="); - sb.append(Arrays.toString(getRecipientNonce())); - sb.append(" }"); - - String s = sb.toString(); - return s; - } - - public String getMessageType() { - return messageType; - } - - public String getFailInfo() { - return failInfo; - } - - public String getPKIStatus() { - return pkiStatus; - } - - public String getTransactionID() { - return transactionID; - } - - public byte[] getSenderNonce() { - return senderNonce; - } - - public byte[] getRecipientNonce() { - return recipientNonce; - } - - public byte[] getWrappedKey() { - return riKey; - } - - public byte[] getEncryptedPkcs10() { - return ec; - } - - public byte[] getIV() { - return iv; - } - - public String getEncryptionAlgorithm() { - return encryptionAlgorithm; - } - - public String getDigestAlgorithmName() { - String name = null; - if (digestAlgorithmId != null) { - name = getHashAlgorithm(digestAlgorithmId.getOID()); - } - return name; - } - - public PublicKey getSignerPublicKey() { - try { - - org.mozilla.jss.pkix.cert.Certificate.Template ct = new - org.mozilla.jss.pkix.cert.Certificate.Template(); - - ByteArrayInputStream bais = new ByteArrayInputStream(this.signerCertBytes); - - signerCert = (org.mozilla.jss.pkix.cert.Certificate) ct.decode(bais); - return signerCert.getInfo().getSubjectPublicKeyInfo().toPublicKey(); - } catch (Exception e) { - return null; - } - } - - public byte[] getAA() { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - - aa.encode(baos); - return baos.toByteArray(); - } catch (Exception e) { - return null; - } - - } - - public void setAA_old(SET auth_attrs) { - aa_old = auth_attrs; - } - - // SWP - public byte[] getAA_old() { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - - aa_old.encode(baos); - return baos.toByteArray(); - } catch (Exception e) { - return null; - } - - } - - public byte[] getAADigest() { - return aa_digest.toByteArray(); - } - - public PKCS10 getP10() { - return myP10; - } - - public void setP10(PKCS10 p10) { - myP10 = p10; - } - - public void setSgnIssuerAndSerialNumber(IssuerAndSerialNumber iasn) { - this.sgnIASN = iasn; - } - - public void setRcpIssuerAndSerialNumber(IssuerAndSerialNumber iasn) { - this.rcpIASN = iasn; - } - - public IssuerAndSerialNumber getSgnIssuerAndSerialNumber() { - return this.sgnIASN; - } - - public IssuerAndSerialNumber getRcpIssuerAndSerialNumber() { - return this.rcpIASN; - } - - public void setMessageType(String messageType) { - this.messageType = messageType; - } - - public void setPKIStatus(String pkiStatus) { - this.pkiStatus = pkiStatus; - } - - public void setFailInfo(String failInfo) { - this.failInfo = failInfo; - } - - public void setTransactionID(String tid) { - this.transactionID = tid; - } - - public void setRecipientNonce(byte[] rn) { - this.recipientNonce = rn; - } - - public void setSenderNonce(byte[] sn) { - this.senderNonce = sn; - } - - // public void setCertificate(byte [] cert) { this.certificate = cert; } - - public void setMsgDigest(byte[] digest) { - this.msg_digest = new OCTET_STRING(digest); - } - - public void setAADigest(byte[] digest) { - this.aa_digest = new OCTET_STRING(digest); - } - - public void setPending() { - // setIssuerAndSerialNumber(); - - setMessageType(mType_CertRep); - setPKIStatus(mStatus_PENDING); - }; - - public void setFailure(String failInfo) { - setMessageType(mType_CertRep); - setPKIStatus(mStatus_FAILURE); - setFailInfo(failInfo); - } - - // Should add a Certificate to this call - public void setSuccess() { - setMessageType(mType_CertRep); - setPKIStatus(mStatus_SUCCESS); - } - - /** - * Gets a byte array which is the der-encoded blob - * which gets sent back to the router. - */ - - public byte[] getEncoded() { - //Assert.assert(messageType != null); - //Assert.assert(pkiStatus != null); - - return new byte[1]; // blagh - } - - private void decodeCRSPKIMessage(ByteArrayInputStream bais) throws InvalidBERException, Exception { - - org.mozilla.jss.pkcs7.ContentInfo.Template crscit; - - crscit = new ContentInfo.Template(); - crsci = (ContentInfo) crscit.decode(bais); - - if (!ContentInfo.SIGNED_DATA.equals(crsci.getContentType())) { - throw new Exception("ContentType wasn't signed data, it was" + crsci.getContentType()); - } - - // Now that we know that the contentInfo is a SignedData, we can decode it - SignedData.Template sdt = new SignedData.Template(); - - sd = (SignedData) sdt.decode( - new ByteArrayInputStream( - ((ANY) crsci.getContent()).getEncoded() - )); - this.decodeSD(); - } - - public CRSPKIMessage() { - attrs = new Hashtable<String, Object>(); - } - - public CRSPKIMessage(ByteArrayInputStream bais) throws InvalidBERException, Exception { - attrs = new Hashtable<String, Object>(); - decodeCRSPKIMessage(bais); - } - - private void decodeSD() throws Exception { - ContentInfo sdci; - - sis = sd.getSignerInfos(); - - decodeSI(); - - sdci = sd.getContentInfo(); - - // HACK to work with CRS - ANY a = (ANY) sdci.getContent(); - ByteArrayInputStream s = new ByteArrayInputStream(a.getEncoded()); - OCTET_STRING os = (OCTET_STRING) (new OCTET_STRING.Template()).decode(s); - - ByteArrayInputStream s2 = new ByteArrayInputStream(os.toByteArray()); - ContentInfo ci = (ContentInfo) (new ContentInfo.Template()).decode(s2); - ByteArrayInputStream s3 = new ByteArrayInputStream(((ANY) ci.getContent()).getEncoded()); - - EnvelopedData.Template edt = new EnvelopedData.Template(); - - sded = (EnvelopedData) edt.decode(s3); - - SET signerCerts = (SET) sd.getCertificates(); - Certificate firstCert = (Certificate) signerCerts.elementAt(0); - - signerCertBytes = ASN1Util.encode(firstCert); - - CertificateInfo firstCertInfo = firstCert.getInfo(); - - sgnIASN = new IssuerAndSerialNumber(firstCertInfo.getIssuer(), - firstCertInfo.getSerialNumber()); - - decodeED(); - } - - private void decodeSI() throws Exception { - if (sis.size() == 0) { - throw new Exception("SignerInfos is empty"); - } - si = (SignerInfo) sis.elementAt(0); - - digestAlgorithmId = si.getDigestAlgorithmIdentifer(); - - decodeAA(); - - aa_digest = new OCTET_STRING(si.getEncryptedDigest()); - } - - private void decodeED() throws Exception { - SET ris; - - ris = (SET) sded.getRecipientInfos(); - - if (ris.size() == 0) { - throw new Exception("RecipientInfos is empty"); - } - ri = (RecipientInfo) ris.elementAt(0); - eci = sded.getEncryptedContentInfo(); - - if (eci.getContentEncryptionAlgorithm().getOID().equals(DES_EDE3_CBC_ENCRYPTION)) { - encryptionAlgorithm = "DES3"; - } else if (eci.getContentEncryptionAlgorithm().getOID().equals(DES_CBC_ENCRYPTION)) { - encryptionAlgorithm = "DES"; - } else { - throw new Exception("P10 encrypted alg is not supported (not DES): " - + eci.getContentEncryptionAlgorithm().getOID()); - } - - ec = eci.getEncryptedContent().toByteArray(); - - OCTET_STRING.Template ost = new OCTET_STRING.Template(); - - OCTET_STRING os = (OCTET_STRING) - ost.decode(new ByteArrayInputStream( - ((ANY) eci.getContentEncryptionAlgorithm().getParameters()).getEncoded() - ) - ); - - iv = os.toByteArray(); - - decodeRI(); - } - - /** - * The PKCS10 request is encrypt with a symmetric key. - * This key in turn is encrypted with the RSA key in the - * CA certificate. - * - * riAlgid is the algorithm the symm key is encrypted with. It had - * better be RSA - * riKey is the encrypted symmetric key - */ - - private void decodeRI() throws Exception { - - // really should get issuer and serial number of our RI, as this - // indicates the key we should use to decrypt with. However, we're just - // going to assume that the key is the Signing cert for the server. - - riAlgid = ri.getKeyEncryptionAlgorithmID(); - - if (!riAlgid.getOID().equals(RSA_ENCRYPTION)) { - throw new Exception("Request is protected by a key which we can't decrypt"); - } - - riKey = ri.getEncryptedKey().toByteArray(); - - } - - private void decodeAA() throws InvalidBERException, IOException { - aa = si.getAuthenticatedAttributes(); - - int count; - - for (count = 0; count < aa.size(); count++) { - Attribute a = (Attribute) aa.elementAt(count); - SET s = (SET) a.getValues(); - ANY f = (ANY) s.elementAt(0); - PrintableString ps; - PrintableString.Template pst = new PrintableString.Template(); - OCTET_STRING.Template ost = new OCTET_STRING.Template(); - - OBJECT_IDENTIFIER oid = a.getType(); - - if (oid.equals(CRS_MESSAGETYPE)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); - // We make a new string here - messageType = ps.toString(); - - } else if (oid.equals(CRS_PKISTATUS)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); - pkiStatus = new String(ps.toString()); - } else if (oid.equals(CRS_FAILINFO)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); - failInfo = new String(ps.toString()); - } else if (oid.equals(CRS_SENDERNONCE)) { - OCTET_STRING oss = (OCTET_STRING) ost.decode(new ByteArrayInputStream(f.getEncoded())); - - senderNonce = oss.toByteArray(); - } else if (oid.equals(CRS_RECIPIENTNONCE)) { - OCTET_STRING osr = (OCTET_STRING) ost.decode(new ByteArrayInputStream(f.getEncoded())); - - recipientNonce = osr.toByteArray(); - } else if (oid.equals(CRS_TRANSID)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); - transactionID = new String(ps.toString()); - } - - } - - } // end of decodeAA(); - - public String getMessageTypeString() { - if (messageType == null) { - return null; - } - - if (messageType.equals(mType_PKCSReq)) { - return "PKCSReq"; - } - if (messageType.equals(mType_CertRep)) { - return "CertRep"; - } - if (messageType.equals(mType_GetCertInitial)) { - return "GetCertInitial"; - } - if (messageType.equals(mType_GetCert)) { - return "GetCert"; - } - if (messageType.equals(mType_GetCRL)) { - return "GetCRL"; - } - // messageType should match one of the above - //Assert.assert(false); - return null; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Cert.java b/pki/base/util/src/com/netscape/cmsutil/util/Cert.java deleted file mode 100644 index 3563f70c7..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/util/Cert.java +++ /dev/null @@ -1,186 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.util; - -import java.io.IOException; -import java.security.cert.CertificateException; -import java.security.cert.X509CRL; -import java.security.cert.X509Certificate; - -import netscape.security.pkcs.PKCS7; -import netscape.security.x509.X509CRLImpl; -import netscape.security.x509.X509CertImpl; - -import org.mozilla.jss.crypto.SignatureAlgorithm; - -public class Cert { - - public static SignatureAlgorithm mapAlgorithmToJss(String algname) { - if (algname.equals("MD5withRSA")) - return SignatureAlgorithm.RSASignatureWithMD5Digest; - else if (algname.equals("MD2withRSA")) - return SignatureAlgorithm.RSASignatureWithMD2Digest; - else if (algname.equals("SHA1withRSA")) - return SignatureAlgorithm.RSASignatureWithSHA1Digest; - else if (algname.equals("SHA1withDSA")) - return SignatureAlgorithm.DSASignatureWithSHA1Digest; - else if (algname.equals("SHA256withRSA")) - return SignatureAlgorithm.RSASignatureWithSHA256Digest; - else if (algname.equals("SHA512withRSA")) - return SignatureAlgorithm.RSASignatureWithSHA512Digest; - else if (algname.equals("SHA1withEC")) - return SignatureAlgorithm.ECSignatureWithSHA1Digest; - else if (algname.equals("SHA256withEC")) - return SignatureAlgorithm.ECSignatureWithSHA256Digest; - else if (algname.equals("SHA384withEC")) - return SignatureAlgorithm.ECSignatureWithSHA384Digest; - else if (algname.equals("SHA512withEC")) - return SignatureAlgorithm.ECSignatureWithSHA512Digest; - return null; - } - - public static String stripBrackets(String s) { - if (s == null) { - return s; - } - - if ((s.startsWith("-----BEGIN CERTIFICATE-----")) && - (s.endsWith("-----END CERTIFICATE-----"))) { - return (s.substring(27, (s.length() - 25))); - } - - // To support Thawte's header and footer - if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) && - (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) { - return (s.substring(35, (s.length() - 33))); - } - - return s; - } - - public static String stripCRLBrackets(String s) { - if (s == null) { - return s; - } - if ((s.startsWith("-----BEGIN CERTIFICATE REVOCATION LIST-----")) && - (s.endsWith("-----END CERTIFICATE REVOCATION LIST-----"))) { - return (s.substring(43, (s.length() - 41))); - } - return s; - } - - public static String stripCertBrackets(String s) { - return stripBrackets(s); - } - - // private static BASE64Decoder mDecoder = new BASE64Decoder(); - public static X509CertImpl mapCert(String mime64) - throws IOException { - mime64 = stripCertBrackets(mime64.trim()); - String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = Utils.base64decode(newval); - X509CertImpl cert = null; - - try { - cert = new X509CertImpl(rawPub); - } catch (CertificateException e) { - } - return cert; - } - - public static X509Certificate[] mapCertFromPKCS7(String mime64) - throws IOException { - mime64 = stripCertBrackets(mime64.trim()); - String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = Utils.base64decode(newval); - PKCS7 p7 = null; - - try { - p7 = new PKCS7(rawPub); - } catch (Exception e) { - throw new IOException("p7 is null"); - } - return p7.getCertificates(); - } - - public static X509CRL mapCRL(String mime64) - throws IOException { - mime64 = stripCRLBrackets(mime64.trim()); - String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = Utils.base64decode(newval); - X509CRL crl = null; - - try { - crl = new X509CRLImpl(rawPub); - } catch (Exception e) { - } - return crl; - } - - public static X509CRL mapCRL1(String mime64) - throws IOException { - mime64 = stripCRLBrackets(mime64.trim()); - - byte rawPub[] = Utils.base64decode(mime64); - X509CRL crl = null; - - try { - crl = new X509CRLImpl(rawPub); - } catch (Exception e) { - throw new IOException(e.toString()); - } - return crl; - } - - public static String normalizeCertStr(String s) { - String val = ""; - - for (int i = 0; i < s.length(); i++) { - if (s.charAt(i) == '\n') { - continue; - } else if (s.charAt(i) == '\r') { - continue; - } else if (s.charAt(i) == '"') { - continue; - } else if (s.charAt(i) == ' ') { - continue; - } - val += s.charAt(i); - } - return val; - } - - public static String normalizeCertStrAndReq(String s) { - String val = ""; - - for (int i = 0; i < s.length(); i++) { - if (s.charAt(i) == '\n') { - continue; - } else if (s.charAt(i) == '\r') { - continue; - } else if (s.charAt(i) == '"') { - continue; - } - val += s.charAt(i); - } - return val; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java b/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java deleted file mode 100644 index a24b8d090..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java +++ /dev/null @@ -1,605 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.util; - -// Fmt - some simple single-arg sprintf-like routines -// -// Copyright (C) 1996 by Jef Poskanzer <jef@acme.com>. All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// 1. Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright -// notice, this list of conditions and the following disclaimer in the -// documentation and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -// SUCH DAMAGE. -// -// Visit the ACME Labs Java page for up-to-date versions of this and other -// fine Java utilities: http://www.acme.com/java/ - -/// Some simple single-arg sprintf-like routines. -// <P> -// It is apparently impossible to declare a Java method that accepts -// variable numbers of any type of argument. You can declare it to take -// Objects, but numeric variables and constants are not in fact Objects. -// <P> -// However, using the built-in string concatenation, it's almost as -// convenient to make a series of single-argument formatting routines. -// <P> -// Fmt can format the following types: -// <BLOCKQUOTE><CODE> -// byte short int long float double char String Object -// </CODE></BLOCKQUOTE> -// For each type there is a set of overloaded methods, each returning -// a formatted String. There's the plain formatting version: -// <BLOCKQUOTE><PRE> -// Fmt.fmt( x ) -// </PRE></BLOCKQUOTE> -// There's a version specifying a minimum field width: -// <BLOCKQUOTE><PRE> -// Fmt.fmt( x, minWidth ) -// </PRE></BLOCKQUOTE> -// And there's a version that takes flags: -// <BLOCKQUOTE><PRE> -// Fmt.fmt( x, minWidth, flags ) -// </PRE></BLOCKQUOTE> -// Currently available flags are: -// <BLOCKQUOTE><PRE> -// Fmt.ZF - zero-fill -// Fmt.LJ - left justify -// Fmt.HX - hexadecimal -// Fmt.OC - octal -// </PRE></BLOCKQUOTE> -// The HX and OC flags imply unsigned output. -// <P> -// For doubles and floats, there's a significant-figures parameter before -// the flags: -// <BLOCKQUOTE><PRE> -// Fmt.fmt( d ) -// Fmt.fmt( d, minWidth ) -// Fmt.fmt( d, minWidth, sigFigs ) -// Fmt.fmt( d, minWidth, sigFigs, flags ) -// </PRE></BLOCKQUOTE> -// <P> -// <A HREF="/resources/classes/Acme/Fmt.java">Fetch the software.</A><BR> -// <A HREF="/resources/classes/Acme.tar.Z">Fetch the entire Acme package.</A> -// <HR> -// Similar classes: -// <UL> -// <LI> Andrew Scherpbier's <A HREF="http://www.sdsu.edu/doc/java-SDSU/sdsu.FormatString.html">FormatString</A> -// Tries to allow variable numbers of arguments by -// supplying overloaded routines with different combinations of parameters, -// but doesn't actually supply that many. The floating point conversion -// is described as "very incomplete". -// <LI> Core Java's <A HREF="http://www.apl.jhu.edu/~hall/java/CoreJava-Format.html">Format</A>. -// The design seems a little weird. They want you to create an instance, -// passing the format string to the constructor, and then call an instance -// method with your data to do the actual formatting. The extra steps are -// pointless; better to just use static methods. -// </UL> - -public class Fmt { - - // Flags. - /// Zero-fill. - public static final int ZF = 1; - /// Left justify. - public static final int LJ = 2; - /// Hexadecimal. - public static final int HX = 4; - /// Octal. - public static final int OC = 8; - // Was a number - internal use. - private static final int WN = 16; - - // byte - public static String fmt(byte b) { - return fmt(b, 0, 0); - } - - public static String fmt(byte b, int minWidth) { - return fmt(b, minWidth, 0); - } - - public static String fmt(byte b, int minWidth, int flags) { - boolean hexadecimal = ((flags & HX) != 0); - boolean octal = ((flags & OC) != 0); - - if (hexadecimal) - return fmt(Integer.toString(b & 0xff, 16), minWidth, flags | WN); - else if (octal) - return fmt(Integer.toString(b & 0xff, 8), minWidth, flags | WN); - else - return fmt(Integer.toString(b & 0xff), minWidth, flags | WN); - } - - // short - public static String fmt(short s) { - return fmt(s, 0, 0); - } - - public static String fmt(short s, int minWidth) { - return fmt(s, minWidth, 0); - } - - public static String fmt(short s, int minWidth, int flags) { - boolean hexadecimal = ((flags & HX) != 0); - boolean octal = ((flags & OC) != 0); - - if (hexadecimal) - return fmt( - Integer.toString(s & 0xffff, 16), minWidth, flags | WN); - else if (octal) - return fmt( - Integer.toString(s & 0xffff, 8), minWidth, flags | WN); - else - return fmt(Integer.toString(s), minWidth, flags | WN); - } - - // int - public static String fmt(int i) { - return fmt(i, 0, 0); - } - - public static String fmt(int i, int minWidth) { - return fmt(i, minWidth, 0); - } - - public static String fmt(int i, int minWidth, int flags) { - boolean hexadecimal = ((flags & HX) != 0); - boolean octal = ((flags & OC) != 0); - - if (hexadecimal) - return fmt( - Long.toString(i & 0xffffffffL, 16), minWidth, flags | WN); - else if (octal) - return fmt( - Long.toString(i & 0xffffffffL, 8), minWidth, flags | WN); - else - return fmt(Integer.toString(i), minWidth, flags | WN); - } - - // long - public static String fmt(long l) { - return fmt(l, 0, 0); - } - - public static String fmt(long l, int minWidth) { - return fmt(l, minWidth, 0); - } - - public static String fmt(long l, int minWidth, int flags) { - boolean hexadecimal = ((flags & HX) != 0); - boolean octal = ((flags & OC) != 0); - - if (hexadecimal) { - if ((l & 0xf000000000000000L) != 0) - return fmt( - Long.toString(l >>> 60, 16) + - fmt(l & 0x0fffffffffffffffL, 15, HX | ZF), - minWidth, flags | WN); - else - return fmt(Long.toString(l, 16), minWidth, flags | WN); - } else if (octal) { - if ((l & 0x8000000000000000L) != 0) - return fmt( - Long.toString(l >>> 63, 8) + - fmt(l & 0x7fffffffffffffffL, 21, OC | ZF), - minWidth, flags | WN); - else - return fmt(Long.toString(l, 8), minWidth, flags | WN); - } else - return fmt(Long.toString(l), minWidth, flags | WN); - } - - // float - public static String fmt(float f) { - return fmt(f, 0, 0, 0); - } - - public static String fmt(float f, int minWidth) { - return fmt(f, minWidth, 0, 0); - } - - public static String fmt(float f, int minWidth, int sigFigs) { - return fmt(f, minWidth, sigFigs, 0); - } - - public static String fmt(float f, int minWidth, int sigFigs, int flags) { - if (sigFigs != 0) - return fmt( - sigFigFix(Float.toString(f), sigFigs), minWidth, - flags | WN); - else - return fmt(Float.toString(f), minWidth, flags | WN); - } - - // double - public static String fmt(double d) { - return fmt(d, 0, 0, 0); - } - - public static String fmt(double d, int minWidth) { - return fmt(d, minWidth, 0, 0); - } - - public static String fmt(double d, int minWidth, int sigFigs) { - return fmt(d, minWidth, sigFigs, 0); - } - - public static String fmt(double d, int minWidth, int sigFigs, int flags) { - if (sigFigs != 0) - return fmt( - sigFigFix(doubleToString(d), sigFigs), minWidth, - flags | WN); - else - return fmt(doubleToString(d), minWidth, flags | WN); - } - - // char - public static String fmt(char c) { - return fmt(c, 0, 0); - } - - public static String fmt(char c, int minWidth) { - return fmt(c, minWidth, 0); - } - - public static String fmt(char c, int minWidth, int flags) { - // return fmt( Character.toString( c ), minWidth, flags ); - // Character currently lacks a static toString method. Workaround - // is to make a temporary instance and use the instance toString. - return fmt(Character.valueOf(c).toString(), minWidth, flags); - } - - // Object - public static String fmt(Object o) { - return fmt(o, 0, 0); - } - - public static String fmt(Object o, int minWidth) { - return fmt(o, minWidth, 0); - } - - public static String fmt(Object o, int minWidth, int flags) { - return fmt(o.toString(), minWidth, flags); - } - - // String - public static String fmt(String s) { - return fmt(s, 0, 0); - } - - public static String fmt(String s, int minWidth) { - return fmt(s, minWidth, 0); - } - - public static String fmt(String s, int minWidth, int flags) { - int len = s.length(); - boolean zeroFill = ((flags & ZF) != 0); - boolean leftJustify = ((flags & LJ) != 0); - boolean hexadecimal = ((flags & HX) != 0); - boolean octal = ((flags & OC) != 0); - boolean wasNumber = ((flags & WN) != 0); - - if ((hexadecimal || octal || zeroFill) && !wasNumber) - throw new InternalError("Acme.Fmt: number flag on a non-number"); - if (zeroFill && leftJustify) - throw new InternalError("Acme.Fmt: zero-fill left-justify is silly"); - if (hexadecimal && octal) - throw new InternalError("Acme.Fmt: can't do both hex and octal"); - if (len >= minWidth) - return s; - int fillWidth = minWidth - len; - StringBuffer fill = new StringBuffer(fillWidth); - - for (int i = 0; i < fillWidth; ++i) - if (zeroFill) - fill.append('0'); - else - fill.append(' '); - if (leftJustify) - return s + fill; - else if (zeroFill && s.startsWith("-")) - return "-" + fill + s.substring(1); - else - return fill + s; - } - - // Internal routines. - - private static String sigFigFix(String s, int sigFigs) { - // First dissect the floating-point number string into sign, - // integer part, fraction part, and exponent. - String sign; - String unsigned; - - if (s.startsWith("-") || s.startsWith("+")) { - sign = s.substring(0, 1); - unsigned = s.substring(1); - } else { - sign = ""; - unsigned = s; - } - String mantissa; - String exponent; - int eInd = unsigned.indexOf('e'); - - if (eInd == -1) { - mantissa = unsigned; - exponent = ""; - } else { - mantissa = unsigned.substring(0, eInd); - exponent = unsigned.substring(eInd); - } - StringBuffer number, fraction; - int dotInd = mantissa.indexOf('.'); - - if (dotInd == -1) { - number = new StringBuffer(mantissa); - fraction = new StringBuffer(""); - } else { - number = new StringBuffer(mantissa.substring(0, dotInd)); - fraction = new StringBuffer(mantissa.substring(dotInd + 1)); - } - - int numFigs = number.length(); - int fracFigs = fraction.length(); - - if ((numFigs == 0 || number.toString().equals("0")) && - fracFigs > 0) { - // Don't count leading zeros in the fraction. - numFigs = 0; - for (int i = 0; i < fraction.length(); ++i) { - if (fraction.charAt(i) != '0') - break; - --fracFigs; - } - } - int mantFigs = numFigs + fracFigs; - - if (sigFigs > mantFigs) { - // We want more figures; just append zeros to the fraction. - for (int i = mantFigs; i < sigFigs; ++i) - fraction.append('0'); - } else if (sigFigs < mantFigs && sigFigs >= numFigs) { - // Want fewer figures in the fraction; chop. - fraction.setLength( - fraction.length() - (fracFigs - (sigFigs - numFigs))); - // Round? - } else if (sigFigs < numFigs) { - // Want fewer figures in the number; turn them to zeros. - fraction.setLength(0); // should already be zero, but make sure - for (int i = sigFigs; i < numFigs; ++i) - number.setCharAt(i, '0'); - // Round? - } - // Else sigFigs == mantFigs, which is fine. - - if (fraction.length() == 0) - return sign + number + exponent; - else - return sign + number + "." + fraction + exponent; - } - - /// Improved version of Double.toString(), returns more decimal places. - // <P> - // The JDK 1.0.2 version of Double.toString() returns only six decimal - // places on some systems. In JDK 1.1 full precision is returned on - // all platforms. - // @deprecated - // @see java.lang.Double.toString - public static String doubleToString(double d) { - // Handle special numbers first, to avoid complications. - if (Double.isNaN(d)) - return "NaN"; - if (d == Double.NEGATIVE_INFINITY) - return "-Inf"; - if (d == Double.POSITIVE_INFINITY) - return "Inf"; - - // Grab the sign, and then make the number positive for simplicity. - boolean negative = false; - - if (d < 0.0D) { - negative = true; - d = -d; - } - - // Get the native version of the unsigned value, as a template. - String unsStr = Double.toString(d); - - // Dissect out the exponent. - String mantStr, expStr; - int exp; - int eInd = unsStr.indexOf('e'); - - if (eInd == -1) { - mantStr = unsStr; - expStr = ""; - exp = 0; - } else { - mantStr = unsStr.substring(0, eInd); - expStr = unsStr.substring(eInd + 1); - if (expStr.startsWith("+")) - exp = Integer.parseInt(expStr.substring(1)); - else - exp = Integer.parseInt(expStr); - } - - // Dissect out the number part. - String numStr; - int dotInd = mantStr.indexOf('.'); - - if (dotInd == -1) - numStr = mantStr; - else - numStr = mantStr.substring(0, dotInd); - long num; - - if (numStr.length() == 0) - num = 0; - else - num = Integer.parseInt(numStr); - - // Build the new mantissa. - StringBuffer newMantBuf = new StringBuffer(numStr + "."); - double p = Math.pow(10, exp); - double frac = d - num * p; - String digits = "0123456789"; - int nDigits = 16 - numStr.length(); // about 16 digits in a double - - for (int i = 0; i < nDigits; ++i) { - p /= 10.0D; - int dig = (int) (frac / p); - - if (dig < 0) - dig = 0; - if (dig > 9) - dig = 9; - newMantBuf.append(digits.charAt(dig)); - frac -= dig * p; - } - - if ((int) (frac / p + 0.5D) == 1) { - // Round up. - boolean roundMore = true; - - for (int i = newMantBuf.length() - 1; i >= 0; --i) { - int dig = digits.indexOf(newMantBuf.charAt(i)); - - if (dig == -1) - continue; - ++dig; - if (dig == 10) { - newMantBuf.setCharAt(i, '0'); - continue; - } - newMantBuf.setCharAt(i, digits.charAt(dig)); - roundMore = false; - break; - } - if (roundMore) { - // If this happens, we need to prepend a 1. But I haven't - // found a test case yet, so I'm leaving it out for now. - // But if you get this message, please let me know! - newMantBuf.append("ROUNDMORE"); - } - } - - // Chop any trailing zeros. - int len = newMantBuf.length(); - - while (newMantBuf.charAt(len - 1) == '0') - newMantBuf.setLength(--len); - // And chop a trailing dot, if any. - if (newMantBuf.charAt(len - 1) == '.') - newMantBuf.setLength(--len); - - // Done. - return (negative ? "-" : "") + - newMantBuf + - (expStr.length() != 0 ? ("e" + expStr) : ""); - } - - /****************************************************************************** - * /// Test program. - * public static void main( String[] args ) - * { - * System.out.println( "Starting tests." ); - * show( Fmt.fmt( "Hello there." ) ); - * show( Fmt.fmt( 123 ) ); - * show( Fmt.fmt( 123, 10 ) ); - * show( Fmt.fmt( 123, 10, Fmt.ZF ) ); - * show( Fmt.fmt( 123, 10, Fmt.LJ ) ); - * show( Fmt.fmt( -123 ) ); - * show( Fmt.fmt( -123, 10 ) ); - * show( Fmt.fmt( -123, 10, Fmt.ZF ) ); - * show( Fmt.fmt( -123, 10, Fmt.LJ ) ); - * show( Fmt.fmt( (byte) 0xbe, 22, Fmt.OC ) ); - * show( Fmt.fmt( (short) 0xbabe, 22, Fmt.OC ) ); - * show( Fmt.fmt( 0xcafebabe, 22, Fmt.OC ) ); - * show( Fmt.fmt( 0xdeadbeefcafebabeL, 22, Fmt.OC ) ); - * show( Fmt.fmt( 0x8000000000000000L, 22, Fmt.OC ) ); - * show( Fmt.fmt( (byte) 0xbe, 16, Fmt.HX ) ); - * show( Fmt.fmt( (short) 0xbabe, 16, Fmt.HX ) ); - * show( Fmt.fmt( 0xcafebabe, 16, Fmt.HX ) ); - * show( Fmt.fmt( 0xdeadbeefcafebabeL, 16, Fmt.HX ) ); - * show( Fmt.fmt( 0x8000000000000000L, 16, Fmt.HX ) ); - * show( Fmt.fmt( 'c' ) ); - * show( Fmt.fmt( new java.util.Date() ) ); - * show( Fmt.fmt( 123.456F ) ); - * show( Fmt.fmt( 123456000000000000.0F ) ); - * show( Fmt.fmt( 123.456F, 0, 8 ) ); - * show( Fmt.fmt( 123.456F, 0, 7 ) ); - * show( Fmt.fmt( 123.456F, 0, 6 ) ); - * show( Fmt.fmt( 123.456F, 0, 5 ) ); - * show( Fmt.fmt( 123.456F, 0, 4 ) ); - * show( Fmt.fmt( 123.456F, 0, 3 ) ); - * show( Fmt.fmt( 123.456F, 0, 2 ) ); - * show( Fmt.fmt( 123.456F, 0, 1 ) ); - * show( Fmt.fmt( 123456000000000000.0F, 0, 4 ) ); - * show( Fmt.fmt( -123.456F, 0, 4 ) ); - * show( Fmt.fmt( -123456000000000000.0F, 0, 4 ) ); - * show( Fmt.fmt( 123.0F ) ); - * show( Fmt.fmt( 123.0D ) ); - * show( Fmt.fmt( 1.234567890123456789F ) ); - * show( Fmt.fmt( 1.234567890123456789D ) ); - * show( Fmt.fmt( 1234567890123456789F ) ); - * show( Fmt.fmt( 1234567890123456789D ) ); - * show( Fmt.fmt( 0.000000000000000000001234567890123456789F ) ); - * show( Fmt.fmt( 0.000000000000000000001234567890123456789D ) ); - * show( Fmt.fmt( 12300.0F ) ); - * show( Fmt.fmt( 12300.0D ) ); - * show( Fmt.fmt( 123000.0F ) ); - * show( Fmt.fmt( 123000.0D ) ); - * show( Fmt.fmt( 1230000.0F ) ); - * show( Fmt.fmt( 1230000.0D ) ); - * show( Fmt.fmt( 12300000.0F ) ); - * show( Fmt.fmt( 12300000.0D ) ); - * show( Fmt.fmt( Float.NaN ) ); - * show( Fmt.fmt( Float.POSITIVE_INFINITY ) ); - * show( Fmt.fmt( Float.NEGATIVE_INFINITY ) ); - * show( Fmt.fmt( Double.NaN ) ); - * show( Fmt.fmt( Double.POSITIVE_INFINITY ) ); - * show( Fmt.fmt( Double.NEGATIVE_INFINITY ) ); - * show( Fmt.fmt( 1.0F / 8.0F ) ); - * show( Fmt.fmt( 1.0D / 8.0D ) ); - * System.out.println( "Done with tests." ); - * } - * - * private static void show( String str ) - * { - * System.out.println( "#" + str + "#" ); - * } - ******************************************************************************/ - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java b/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java deleted file mode 100644 index 09bf53bbf..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java +++ /dev/null @@ -1,198 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.util; - -import java.security.MessageDigest; - -/** - * This class implements the HMAC algorithm specified in RFC 2104 using - * any MessageDigest. - * - * @author mikep - * @version $Revision$, $Date$ - * @see java.security.MessageDigest - */ -public class HMACDigest implements Cloneable { - public static final int PAD_BYTES = 64; - public static final int IPAD = 0x36; - public static final int OPAD = 0x5C; - - /** - * inner padding - key XORd with ipad - */ - private byte[] mKeyIpad = new byte[PAD_BYTES]; - - /** - * outer padding - key XORd with opad - */ - private byte[] mKeyOpad = new byte[PAD_BYTES]; - - /** - * The real MessageDigest - */ - private MessageDigest mMD = null; - - /** - * Creates an HMACDigest - * - * @param md The MessageDigest to be used for the HMAC calculation. It - * must be clonable. - */ - public HMACDigest(MessageDigest md) { - mMD = md; - } - - /** - * Creates an HMACDigest and initializes the HMAC function - * with the given key. - * - * @param md The MessageDigest to be used for the HMAC calculation. It - * must be clonable. - * @param key The key value to be used in the HMAC calculation - */ - public HMACDigest(MessageDigest md, byte[] key) { - this(md); - init(key); - } - - /** - * Return the MessageDigest used for this HMAC - */ - public MessageDigest getMessageDigest() { - return mMD; - } - - /** - * Initialize the HMAC function - * - * The HMAC transform looks like: - * - * hash(key XOR opad, hash(key XOR ipad, text)) - * - * where key is an n byte key - * ipad is the byte 0x36 repeated 64 times - * opad is the byte 0x5c repeated 64 times - * and text is the data being protected - * - * This routine must be called after every reset. - * - * @param key The password used to protect the hash value - */ - public void init(byte[] key) { - int i; - - reset(); - - // If the key is longer than 64 bytes, just hash it down - if (key.length > 64) { - key = mMD.digest(key); - mMD.reset(); // Redundant? - } - - // Copy the key. Truncate if key is too long - for (i = 0; i < key.length && i < PAD_BYTES; i++) { - mKeyIpad[i] = key[i]; - mKeyOpad[i] = key[i]; - } - - // XOR in the pads - for (i = 0; i < PAD_BYTES; i++) { - mKeyIpad[i] ^= IPAD; - mKeyOpad[i] ^= OPAD; - } - - mMD.update(mKeyIpad); - - // Hmmm, we really shouldn't key Opad around in memory for so - // long, but it would just force the user to key their key around - // until digest() time. Oh well, at least clear the key and Ipad - for (i = 0; i < PAD_BYTES; i++) { - mKeyIpad[i] = 0; - } - for (i = 0; i < key.length; i++) { - key[0] = 0; - } - } - - /** - * Updates the digest using the specified array of bytes. - * - * @param input the array of bytes. - */ - public void update(byte[] input) { - mMD.update(input); - } - - /** - * Completes the HMAC computation with the outer pad - * The digest is reset after this call is made. - * - * @return the array of bytes for the resulting hash value. - */ - public byte[] digest() { - byte[] finalDigest; - byte[] innerDigest = mMD.digest(); - - mMD.reset(); // Redundant? - mMD.update(mKeyOpad); - mMD.update(innerDigest); - finalDigest = mMD.digest(); - reset(); // Clear pad arrays - return finalDigest; - } - - /** - * Resets the digest for further use. - */ - public void reset() { - int i; - - mMD.reset(); - - // Clear out the pads - for (i = 0; i < PAD_BYTES; i++) { - mKeyIpad[i] = 0; - mKeyOpad[i] = 0; - } - } - - /** - * Clone the HMACDigest - * - * @return a clone if the implementation is cloneable. - * @exception CloneNotSupportedException if this is called on a - * MessageDigest implementation that does not support <code>Cloneable</code>. - */ - public Object clone() throws CloneNotSupportedException { - int i; - - HMACDigest hd = (HMACDigest) super.clone(); - - hd.mKeyOpad = new byte[PAD_BYTES]; - hd.mKeyIpad = new byte[PAD_BYTES]; - - for (i = 0; i < PAD_BYTES; i++) { - hd.mKeyOpad[i] = mKeyOpad[i]; - hd.mKeyIpad[i] = mKeyIpad[i]; - } - - hd.mMD = (MessageDigest) mMD.clone(); - return hd; - } - -} diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Utils.java b/pki/base/util/src/com/netscape/cmsutil/util/Utils.java deleted file mode 100644 index 303566416..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/util/Utils.java +++ /dev/null @@ -1,276 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.util; - -import org.apache.commons.codec.binary.Base64; - -import java.io.BufferedReader; -import java.io.BufferedWriter; -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.FileReader; -import java.io.FileWriter; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.io.PrintWriter; -import java.net.InetAddress; -import java.net.UnknownHostException; -import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.Vector; - -public class Utils { - /** - * Checks if this is NT. - */ - public static boolean isNT() { - return File.separator.equals("\\"); - } - - public static boolean isUnix() { - return File.separator.equals("/"); - } - - public static boolean exec(String cmd) { - try { - String cmds[] = null; - if (isNT()) { - // NT - cmds = new String[3]; - cmds[0] = "cmd"; - cmds[1] = "/c"; - cmds[2] = cmd; - } else { - // UNIX - cmds = new String[3]; - cmds[0] = "/bin/sh"; - cmds[1] = "-c"; - cmds[2] = cmd; - } - Process process = Runtime.getRuntime().exec(cmds); - process.waitFor(); - - if (process.exitValue() == 0) { - /** - * pOut = new BufferedReader( - * new InputStreamReader(process.getInputStream())); - * while ((l = pOut.readLine()) != null) { - * System.out.println(l); - * } - **/ - return true; - } else { - /** - * pOut = new BufferedReader( - * new InputStreamReader(process.getErrorStream())); - * l = null; - * while ((l = pOut.readLine()) != null) { - * System.out.println(l); - * } - **/ - return false; - } - } catch (Exception e) { - return false; - } - } - - public static String SpecialURLDecode(String s) { - if (s == null) - return null; - ByteArrayOutputStream out = new ByteArrayOutputStream(s.length()); - - for (int i = 0; i < s.length(); i++) { - int c = (int) s.charAt(i); - - if (c == '+') { - out.write(' '); - } else if (c == '#') { - int c1 = Character.digit(s.charAt(++i), 16); - int c2 = Character.digit(s.charAt(++i), 16); - - out.write((char) (c1 * 16 + c2)); - } else { - out.write(c); - } - } // end for - return out.toString(); - } - - public static byte[] SpecialDecode(String s) { - if (s == null) - return null; - ByteArrayOutputStream out = new ByteArrayOutputStream(s.length()); - - for (int i = 0; i < s.length(); i++) { - int c = (int) s.charAt(i); - - if (c == '+') { - out.write(' '); - } else if (c == '#') { - int c1 = Character.digit(s.charAt(++i), 16); - int c2 = Character.digit(s.charAt(++i), 16); - - out.write((char) (c1 * 16 + c2)); - } else { - out.write(c); - } - } // end for - return out.toByteArray(); - } - - public static String SpecialEncode(byte data[]) { - StringBuffer sb = new StringBuffer(); - for (int i = 0; i < data.length; i++) { - sb.append("%"); - if ((data[i] & 0xff) < 16) { - sb.append("0"); - } - sb.append(Integer.toHexString((data[i] & 0xff))); - } - return sb.toString().toUpperCase(); - } - - public static void checkHost(String hostname) throws UnknownHostException { - InetAddress.getByName(hostname); - } - - public static void copy(String orig, String dest) { - try { - BufferedReader in = new BufferedReader(new FileReader(orig)); - PrintWriter out = new PrintWriter( - new BufferedWriter(new FileWriter(dest))); - String line = ""; - while (in.ready()) { - line = in.readLine(); - if (line != null) - out.println(line); - } - in.close(); - out.close(); - } catch (Exception ee) { - } - } - - public static void copyStream(InputStream in, OutputStream out) throws IOException { - byte[] buf = new byte[4096]; - int len; - - while ((len = in.read(buf)) != -1) { - out.write(buf, 0, len); - } - } - - public static void copyStream(BufferedReader in, OutputStreamWriter out) throws IOException { - char[] buf = new char[4096]; - int len; - - while ((len = in.read(buf)) != -1) { - out.write(buf, 0, len); - } - } - - /// Sorts an array of Strings. - // Java currently has no general sort function. Sorting Strings is - // common enough that it's worth making a special case. - public static void sortStrings(String[] strings) { - // Just does a bubblesort. - for (int i = 0; i < strings.length - 1; ++i) { - for (int j = i + 1; j < strings.length; ++j) { - if (strings[i].compareTo(strings[j]) > 0) { - String t = strings[i]; - - strings[i] = strings[j]; - strings[j] = t; - } - } - } - } - - /// Returns a date string formatted in Unix ls style - if it's within - // six months of now, Mmm dd hh:ss, else Mmm dd yyyy. - public static String lsDateStr(Date date) { - long dateTime = date.getTime(); - - if (dateTime == -1L) - return "------------"; - long nowTime = System.currentTimeMillis(); - SimpleDateFormat formatter = new SimpleDateFormat(); - - if (Math.abs(nowTime - dateTime) < 183L * 24L * 60L * 60L * 1000L) - formatter.applyPattern("MMM dd hh:ss"); - else - formatter.applyPattern("MMM dd yyyy"); - return formatter.format(date); - } - - /** - * compares contents two byte arrays returning true if exactly same. - */ - static public boolean byteArraysAreEqual(byte[] a, byte[] b) { - if (a.length != b.length) - return false; - for (int i = 0; i < a.length; i++) { - if (a[i] != b[i]) - return false; - } - return true; - } - - /** - * strips out double quotes around String parameter - * - * @param s the string potentially bracketed with double quotes - * @return string stripped of surrounding double quotes - */ - public static String stripQuotes(String s) { - if (s == null) { - return s; - } - - if ((s.startsWith("\"")) && (s.endsWith("\""))) { - return (s.substring(1, (s.length() - 1))); - } - - return s; - } - - /** - * returns an array of strings from a vector of Strings - * there'll be trouble if the Vector contains something other - * than just Strings - */ - public static String[] getStringArrayFromVector(Vector<String> v) { - String s[] = new String[v.size()]; - - v.copyInto(s); - return s; - } - - public static String base64encode(byte[] bytes) { - String string = new Base64(64).encodeToString(bytes); - return string; - } - - public static byte[] base64decode(String string) { - byte[] bytes = Base64.decodeBase64(string); - return bytes; - } -} diff --git a/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java b/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java deleted file mode 100644 index ed2fb67ee..000000000 --- a/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java +++ /dev/null @@ -1,187 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmsutil.xml; - -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.io.StringWriter; -import java.util.Vector; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Result; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.Text; -import org.xml.sax.SAXException; - -public class XMLObject { - private Document mDoc = null; - - public XMLObject() throws ParserConfigurationException { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder docBuilder = factory.newDocumentBuilder(); - mDoc = docBuilder.newDocument(); - } - - public XMLObject(InputStream s) - throws SAXException, IOException, ParserConfigurationException { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder docBuilder = factory.newDocumentBuilder(); - mDoc = docBuilder.parse(s); - } - - public XMLObject(File f) - throws SAXException, IOException, ParserConfigurationException { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder docBuilder = factory.newDocumentBuilder(); - mDoc = docBuilder.parse(f); - } - - public Document getDocument() { - return mDoc; - } - - /** - * Each document should have 1 root only. This method should be called once. - */ - public Node createRoot(String name) { - Element root = mDoc.createElement(name); - mDoc.appendChild(root); - return (Node) root; - } - - public Node getRoot() { - return mDoc.getFirstChild(); - } - - /** - * If you have duplicate containers, then this method will return the - * first container in the list. - */ - public Node getContainer(String tagname) { - NodeList list = mDoc.getElementsByTagName(tagname); - if (list.getLength() > 0) - return list.item(0); - return null; - } - - public Node createContainer(Node containerParent, String containerName) { - Element node = mDoc.createElement(containerName); - containerParent.appendChild(node); - return (Node) node; - } - - public void addItemToContainer(Node container, String tagname, String value) { - Element node = mDoc.createElement(tagname); - Text text = mDoc.createTextNode(value); - node.appendChild(text); - container.appendChild(node); - } - - public String getValue(String tagname) { - Node n = getContainer(tagname); - - if (n != null) { - NodeList c = n.getChildNodes(); - if (c.getLength() == 0) - return null; - Node item = c.item(0); - return item.getNodeValue(); - } - - return null; - } - - public Vector<String> getAllValues(String tagname) { - Vector<String> v = new Vector<String>(); - NodeList nodes = mDoc.getElementsByTagName(tagname); - for (int i = 0; i < nodes.getLength(); i++) { - Node n = nodes.item(i); - NodeList c = n.getChildNodes(); - if (c.getLength() > 0) { - Node nn = c.item(0); - if (nn.getNodeType() == Node.TEXT_NODE) - v.addElement(nn.getNodeValue()); - } - } - return v; - } - - public Vector<String> getValuesFromContainer(Node container, String tagname) { - Vector<String> v = new Vector<String>(); - NodeList c = container.getChildNodes(); - int len = c.getLength(); - for (int i = 0; i < len; i++) { - Node subchild = c.item(i); - if (subchild.getNodeName().equals(tagname)) { - NodeList grandchildren = subchild.getChildNodes(); - if (grandchildren.getLength() > 0) { - Node grandchild = grandchildren.item(0); - if (grandchild.getNodeType() == Node.TEXT_NODE) - v.addElement(grandchild.getNodeValue()); - } - } - } - - return v; - } - - public byte[] toByteArray() throws TransformerConfigurationException, TransformerException { - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - TransformerFactory tranFactory = TransformerFactory.newInstance(); - Transformer aTransformer = tranFactory.newTransformer(); - Source src = new DOMSource(mDoc); - Result dest = new StreamResult(bos); - aTransformer.transform(src, dest); - return bos.toByteArray(); - } - - public void output(OutputStream os) - throws TransformerConfigurationException, TransformerException { - TransformerFactory tranFactory = TransformerFactory.newInstance(); - Transformer aTransformer = tranFactory.newTransformer(); - Source src = new DOMSource(mDoc); - Result dest = new StreamResult(os); - aTransformer.transform(src, dest); - } - - public String toXMLString() throws TransformerConfigurationException, TransformerException { - TransformerFactory tranFactory = TransformerFactory.newInstance(); - Transformer transformer = tranFactory.newTransformer(); - Source src = new DOMSource(mDoc); - StreamResult dest = new StreamResult(new StringWriter()); - transformer.transform(src, dest); - String xmlString = dest.getWriter().toString(); - return xmlString; - } -} |