From 1c8437891cdfe5580e09c495f79d81334ed0c2c0 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 28 Mar 2012 00:36:32 -0500 Subject: Replaced deprecated AlgorithmId.getAlgorithmId(). The deprecated getAlgorithmId() method in AlgorithmId has been replaced with get(). Ticket #3 --- .../netscape/cms/profile/common/EnrollProfile.java | 31 +++++------ .../cms/profile/def/SigningAlgDefault.java | 7 ++- .../cms/servlet/request/ProcessCertReq.java | 51 +++++++++--------- .../src/com/netscape/cmscore/cert/CertUtils.java | 39 +++++++------- .../netscape/cmscore/security/JssSubsystem.java | 62 +++++++++++----------- .../com/netscape/cmscore/security/KeyCertUtil.java | 11 ++-- .../src/netscape/security/extensions/CertInfo.java | 9 ++-- .../src/netscape/security/x509/AlgorithmId.java | 39 +++++--------- .../src/netscape/security/x509/X500Signer.java | 16 +++--- 9 files changed, 122 insertions(+), 143 deletions(-) diff --git a/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index d574f0f94..6fbdddb69 100644 --- a/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -100,7 +100,7 @@ import com.netscape.cmsutil.util.HMACDigest; /** * This class implements a generic enrollment profile. - * + * * @version $Revision$, $Date$ */ public abstract class EnrollProfile extends BasicProfile @@ -167,7 +167,7 @@ public abstract class EnrollProfile extends BasicProfile num_requests = msgs.length; } - // only 1 request for renewal + // only 1 request for renewal if ((is_renewal != null) && (is_renewal.equals("true"))) { num_requests = 1; String renewal_seq_num_str = ctx.get(CTX_RENEWAL_SEQ_NUM); @@ -229,8 +229,7 @@ public abstract class EnrollProfile extends BasicProfile info.set(X509CertInfo.VALIDITY, new CertificateValidity(new Date(), new Date())); info.set(X509CertInfo.ALGORITHM_ID, - new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId("MD5withRSA"))); + new CertificateAlgorithmId(AlgorithmId.get("MD5withRSA"))); // add default extension container info.set(X509CertInfo.EXTENSIONS, @@ -281,7 +280,7 @@ public abstract class EnrollProfile extends BasicProfile Enumeration setIds = getProfilePolicySetIds(); while (setIds.hasMoreElements()) { - String setId = (String) setIds.nextElement(); + String setId = setIds.nextElement(); if (count == seq_no) { return setId; @@ -323,8 +322,7 @@ public abstract class EnrollProfile extends BasicProfile // } // } - IAuthority authority = (IAuthority) - getAuthority(); + IAuthority authority = getAuthority(); IRequestQueue queue = authority.getRequestQueue(); // this profile queues request that is authenticated @@ -376,7 +374,7 @@ public abstract class EnrollProfile extends BasicProfile org.mozilla.jss.pkix.cms.ContentInfo cmcReq = (org.mozilla.jss.pkix.cms.ContentInfo) org.mozilla.jss.pkix.cms.ContentInfo.getTemplate().decode(cmcBlobIn); - org.mozilla.jss.pkix.cms.SignedData cmcFullReq = + org.mozilla.jss.pkix.cms.SignedData cmcFullReq = (org.mozilla.jss.pkix.cms.SignedData) cmcReq.getInterpretedContent(); org.mozilla.jss.pkix.cms.EncapsulatedContentInfo ci = cmcFullReq.getContentInfo(); OCTET_STRING content = ci.getContent(); @@ -1056,8 +1054,7 @@ public abstract class EnrollProfile extends BasicProfile PKCS10Attributes p10Attrs = pkcs10.getAttributes(); if (p10Attrs != null) { - PKCS10Attribute p10Attr = (PKCS10Attribute) - (p10Attrs.getAttribute(CertificateExtensions.NAME)); + PKCS10Attribute p10Attr = p10Attrs.getAttribute(CertificateExtensions.NAME); if (p10Attr != null && p10Attr.getAttributeId().equals( PKCS9Attribute.EXTENSION_REQUEST_OID)) { CMS.debug("Found PKCS10 extension"); @@ -1237,16 +1234,16 @@ public abstract class EnrollProfile extends BasicProfile /** * Populate input *

- * + * * (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT * made through a connector) *

- * + * *

- * + * * @param ctx profile context * @param request the certificate request * @exception EProfileException an error related to this profile has @@ -1357,12 +1354,12 @@ public abstract class EnrollProfile extends BasicProfile /** * Signed Audit Log Requester ID - * + * * This method is inherited by all extended "EnrollProfile"s, * and is called to obtain the "RequesterID" for * a signed audit log message. *

- * + * * @param request the actual request * @return id string containing the signed audit log message RequesterID */ @@ -1388,12 +1385,12 @@ public abstract class EnrollProfile extends BasicProfile /** * Signed Audit Log Profile ID - * + * * This method is inherited by all extended "EnrollProfile"s, * and is called to obtain the "ProfileID" for * a signed audit log message. *

- * + * * @return id string containing the signed audit log message ProfileID */ protected String auditProfileID() { diff --git a/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java b/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java index 11da93fc8..81ad58c73 100644 --- a/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java +++ b/base/common/src/com/netscape/cms/profile/def/SigningAlgDefault.java @@ -37,7 +37,7 @@ import com.netscape.certsrv.request.IRequest; * This class implements an enrollment default policy * that populates a signing algorithm * into the certificate template. - * + * * @version $Revision$, $Date$ */ public class SigningAlgDefault extends EnrollDefault { @@ -121,7 +121,7 @@ public class SigningAlgDefault extends EnrollDefault { try { info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId(value))); + AlgorithmId.get(value))); } catch (Exception e) { CMS.debug("SigningAlgDefault: setValue " + e.toString()); throw new EPropertyException(CMS.getUserMessage( @@ -174,8 +174,7 @@ public class SigningAlgDefault extends EnrollDefault { throws EProfileException { try { info.set(X509CertInfo.ALGORITHM_ID, - new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId(getSigningAlg()))); + new CertificateAlgorithmId(AlgorithmId.get(getSigningAlg()))); } catch (Exception e) { CMS.debug("SigningAlgDefault: populate " + e.toString()); } diff --git a/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java b/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java index 820e9a654..c324e4a1f 100644 --- a/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java +++ b/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java @@ -84,7 +84,7 @@ import com.netscape.cmsutil.util.Utils; * Agent operations on Certificate requests. This servlet is used * by an Agent to approve, reject, reassign, or change a certificate * request. - * + * * @version $Revision$, $Date$ */ public class ProcessCertReq extends CMSServlet { @@ -190,7 +190,7 @@ public class ProcessCertReq extends CMSServlet { /** * initialize the servlet. This servlet uses the template file * "processCertReq.template" to process the response. - * + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -219,7 +219,7 @@ public class ProcessCertReq extends CMSServlet { mParser = CertReqParser.DETAIL_PARSER; - // override success and error templates to null - + // override success and error templates to null - // handle templates locally. mTemplates.remove(CMSRequest.SUCCESS); @@ -255,7 +255,7 @@ public class ProcessCertReq extends CMSServlet { *

  • http.param addExts base-64, DER encoded Extension or SEQUENCE OF Extensions to add to certificate *
  • http.param pathLenConstraint integer path length constraint to use in BasicConstraint extension if applicable * - * + * * @param cmsReq the object holding the request and response information */ public void process(CMSRequest cmsReq) throws EBaseException { @@ -364,21 +364,21 @@ public class ProcessCertReq extends CMSServlet { * Process X509 certificate enrollment request and send request information * to the caller. *

    - * + * * (Certificate Request - an "agent" cert request for "cloning") *

    - * + * * (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent" * non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection) *

    - * + * *

      *
    • signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made * (before approval process) *
    • signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been * through the approval process *
    - * + * * @param cmsReq a certificate enrollment request * @param argSet CMS template parameters * @param header argument block @@ -535,7 +535,7 @@ public class ProcessCertReq extends CMSServlet { if (!(algId.getName().equals(signatureAlgorithm))) { alterationCounter++; - AlgorithmId newAlgId = AlgorithmId.getAlgorithmId(signatureAlgorithm); + AlgorithmId newAlgId = AlgorithmId.get(signatureAlgorithm); certInfo[i].set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(newAlgId)); @@ -590,7 +590,7 @@ public class ProcessCertReq extends CMSServlet { } } if (validityChanged) { - // this set() trigger this rebuild of internal + // this set() trigger this rebuild of internal // raw der encoding cache of X509CertInfo. // Otherwise, the above change wont have effect. certInfo[i].set(X509CertInfo.VALIDITY, certValidity); @@ -640,7 +640,7 @@ public class ProcessCertReq extends CMSServlet { certInfo[i].set(X509CertInfo.EXTENSIONS, extensions); } for (int j = 0; j < extsToBeAdded.size(); j++) { - Extension theExt = (Extension) extsToBeAdded.elementAt(j); + Extension theExt = extsToBeAdded.elementAt(j); extensions.set(theExt.getExtensionId().toString(), theExt); } @@ -683,8 +683,7 @@ public class ProcessCertReq extends CMSServlet { new BasicConstraintsExtension(isCA.booleanValue(), pathLen); extensions.delete(BasicConstraintsExtension.NAME); - extensions.set(BasicConstraintsExtension.NAME, - (Extension) bcExt0); + extensions.set(BasicConstraintsExtension.NAME, bcExt0); alterationCounter++; } } @@ -791,7 +790,7 @@ public class ProcessCertReq extends CMSServlet { } } - // this set() trigger this rebuild of internal + // this set() trigger this rebuild of internal // raw der encoding cache of X509CertInfo. // Otherwise, the above change wont have effect. certInfo[i].set(X509CertInfo.EXTENSIONS, extensions); @@ -913,12 +912,12 @@ public class ProcessCertReq extends CMSServlet { X509CertImpl issuedCerts[] = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - // return potentially more than one certificates. + // return potentially more than one certificates. if (issuedCerts != null) { long endTime = CMS.getCurrentDate().getTime(); StringBuffer sbuf = new StringBuffer(); - //header.addBigIntegerValue("serialNumber", + //header.addBigIntegerValue("serialNumber", //issuedCerts[0].getSerialNumber(),16); for (int i = 0; i < issuedCerts.length; i++) { if (i != 0) @@ -1000,7 +999,7 @@ public class ProcessCertReq extends CMSServlet { audit(auditMessage); } - // grant trusted manager or agent privileges + // grant trusted manager or agent privileges try { int res = grant_privileges( cmsReq, r, issuedCerts, header); @@ -1016,10 +1015,10 @@ public class ProcessCertReq extends CMSServlet { // since ther is no cert database. /* if (mAuthority instanceof RegistrationAuthority) { - Object[] results = + Object[] results = new Object[] { issuedCerts, grantError }; cmsReq.setResult(results); - renderTemplate(cmsReq, + renderTemplate(cmsReq, mReqCompletedTemplate, REQ_COMPLETED_FILLER); return; @@ -1039,7 +1038,7 @@ public class ProcessCertReq extends CMSServlet { "authorityid", mAuthority.getId()); header.addStringValue("serviceURL", scheme +"://"+ req.getServerName() + ":"+ - req.getServerPort() + + req.getServerPort() + req.getRequestURI()); */ @@ -1255,7 +1254,7 @@ public class ProcessCertReq extends CMSServlet { } } - // add authority names to know what privileges can be requested. + // add authority names to know what privileges can be requested. if (CMS.getSubsystem("kra") != null) header.addStringValue("localkra", "yes"); if (CMS.getSubsystem("ca") != null) @@ -1664,7 +1663,7 @@ public class ProcessCertReq extends CMSServlet { } } - String uid = (String) httpParams.getValueAsString(GRANT_UID, null); + String uid = httpParams.getValueAsString(GRANT_UID, null); if (uid == null || uid.length() == 0) { throw new ECMSGWException(CMS.getUserMessage("CMS_GW_MISSING_GRANT_UID")); @@ -1780,11 +1779,11 @@ public class ProcessCertReq extends CMSServlet { /** * Signed Audit Log Info Name - * + * * This method is called to obtain the "InfoName" for * a signed audit log message. *

    - * + * * @param type signed audit log request processing type * @return id string containing the signed audit log message InfoName */ @@ -1815,11 +1814,11 @@ public class ProcessCertReq extends CMSServlet { /** * Signed Audit Log Info Certificate Value - * + * * This method is called to obtain the certificate from the passed in * "X509CertImpl" for a signed audit log message. *

    - * + * * @param x509cert an X509CertImpl * @return cert string containing the certificate */ diff --git a/base/common/src/com/netscape/cmscore/cert/CertUtils.java b/base/common/src/com/netscape/cmscore/cert/CertUtils.java index 9710d63f5..009e9b0d9 100644 --- a/base/common/src/com/netscape/cmscore/cert/CertUtils.java +++ b/base/common/src/com/netscape/cmscore/cert/CertUtils.java @@ -66,7 +66,7 @@ import com.netscape.cmsutil.util.Utils; * Utility class with assorted methods to check for * smime pairs, determining the type of cert - signature * or encryption ..etc. - * + * * @author kanda * @version $Revision$, $Date$ */ @@ -172,8 +172,7 @@ public class CertUtils { if (info == null) { throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); } - X509Key key = new X509Key(AlgorithmId.getAlgorithmId( - "RSAEncryption"), encoded); + X509Key key = new X509Key(AlgorithmId.get("RSAEncryption"), encoded); info.set(X509CertInfo.KEY, key); } catch (Exception e) { @@ -191,7 +190,7 @@ public class CertUtils { info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(serialno)); info.set(X509CertInfo.ALGORITHM_ID, new - CertificateAlgorithmId(AlgorithmId.getAlgorithmId(alg))); + CertificateAlgorithmId(AlgorithmId.get(alg))); info.set(X509CertInfo.ISSUER, new CertificateIssuerName(new X500Name(issuerName))); info.set(X509CertInfo.VALIDITY, new @@ -398,9 +397,9 @@ public class CertUtils { /** * Returns the index of the given cert in an array of certs. - * + * * Assumptions: The certs are issued by the same CA - * + * * @param certArray The array of certs. * @param givenCert The certificate we are lokking for in the array. * @return -1 if not found or the index of the given cert in the array. @@ -421,9 +420,9 @@ public class CertUtils { /** * Returns the most recently issued signing certificate from an * an array of certs. - * + * * Assumptions: The certs are issued by the same CA - * + * * @param certArray The array of certs. * @param givenCert The certificate we are lokking for in the array. * @return null if there is no recent cert or the most recent cert. @@ -643,7 +642,7 @@ public class CertUtils { /** * strips out the begin and end certificate brackets - * + * * @param s the string potentially bracketed with * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" * @return string without the brackets @@ -670,7 +669,7 @@ public class CertUtils { /** * Returns a string that represents a cert's fingerprint. * The fingerprint is a MD5 digest of the DER encoded certificate. - * + * * @param cert Certificate to get the fingerprint of. * @return a String that represents the cert's fingerprint. */ @@ -693,16 +692,16 @@ public class CertUtils { * MD5, MD2 and SHA1 hashes. * A certificate's fingerprint is a hash digest of the DER encoded * certificate. - * + * * @param cert Certificate to get the fingerprints of. * @return a String with fingerprints using the MD5, MD2 and SHA1 hashes. * For example, - * + * * 

          * MD2:   78:7E:D1:F9:3E:AF:50:18:68:A7:29:50:C3:21:1F:71
-     * 
+     *
      * MD5:   0E:89:91:AC:40:50:F7:BE:6E:7B:39:4F:56:73:75:75
-     * 
+     *
      * SHA1:  DC:D9:F7:AF:E2:83:10:B2:F7:0A:77:E8:50:E2:F7:D1:15:9A:9D:00
      *
    */ @@ -731,16 +730,16 @@ public class CertUtils { * MD5, MD2 and SHA1 hashes. * A certificate's fingerprint is a hash digest of the DER encoded * certificate. - * + * * @param cert Certificate to get the fingerprints of. * @return a String with fingerprints using the MD5, MD2 and SHA1 hashes. * For example, - * + * * 
          * MD2:   78:7E:D1:F9:3E:AF:50:18:68:A7:29:50:C3:21:1F:71
-     * 
+     *
      * MD5:   0E:89:91:AC:40:50:F7:BE:6E:7B:39:4F:56:73:75:75
-     * 
+     *
      * SHA1:  DC:D9:F7:AF:E2:83:10:B2:F7:0A:77:E8:50:E2:F7:D1:15:9A:9D:00
      *
    */ @@ -764,7 +763,7 @@ public class CertUtils { /** * Check if a object identifier in string form is valid, * that is a string in the form n.n.n.n and der encode and decode-able. - * + * * @param attrName attribute name (from the configuration file) * @param value object identifier string. */ @@ -1083,7 +1082,7 @@ public class CertUtils { /** * Signed Audit Log * This method is called to store messages to the signed audit log. - * + * * @param msg signed audit log message */ private static void audit(String msg) { diff --git a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java index 42768060c..7c16c6f43 100644 --- a/base/common/src/com/netscape/cmscore/security/JssSubsystem.java +++ b/base/common/src/com/netscape/cmscore/security/JssSubsystem.java @@ -103,7 +103,7 @@ import com.netscape.cmsutil.util.Utils; /** * Subsystem for initializing JSS> *

    - * + * * @version $Revision$ $Date$ */ public final class JssSubsystem implements ICryptoSubsystem { @@ -137,7 +137,7 @@ public final class JssSubsystem implements ICryptoSubsystem { // May 01, 1999 01:55:55. private static SimpleDateFormat mFormatter = new SimpleDateFormat("MMMMM dd, yyyy HH:mm:ss"); - // SSL related variables. + // SSL related variables. private IConfigStore mSSLConfig = null; @@ -367,9 +367,9 @@ public final class JssSubsystem implements ICryptoSubsystem { } public String isCipherFortezza() throws EBaseException { - // we always display fortezza suites. - // too much work to display tokens/certs corresponding to the - // suites. + // we always display fortezza suites. + // too much work to display tokens/certs corresponding to the + // suites. return "true"; } @@ -396,10 +396,10 @@ public final class JssSubsystem implements ICryptoSubsystem { /** * Initialize SSL cipher suites from config file. - * + * */ private void initSSL() throws EBaseException { - // JSS will AND what is set and what is allowed by export policy + // JSS will AND what is set and what is allowed by export policy // so we can set what is requested. try { @@ -415,7 +415,7 @@ public final class JssSubsystem implements ICryptoSubsystem { if (Debug.ON) Debug.trace("configured ssl cipher prefs is " + sslCiphers); - // first, disable all ciphers, since JSS defaults to all-enabled + // first, disable all ciphers, since JSS defaults to all-enabled for (int i = mJSSCipherSuites.length - 1; i >= 0; i--) { try { SSLSocket.setCipherPreferenceDefault(mJSSCipherSuites[i], @@ -436,7 +436,7 @@ public final class JssSubsystem implements ICryptoSubsystem { } while (ciphers.hasMoreTokens()) { String cipher = ciphers.nextToken(); - Integer sslcipher = (Integer) mCipherNames.get(cipher); + Integer sslcipher = mCipherNames.get(cipher); if (sslcipher != null) { String msg = "setting ssl cipher " + cipher; @@ -749,7 +749,7 @@ public final class JssSubsystem implements ICryptoSubsystem { return new AlgIdDSA(P, Q, G); } } - return AlgorithmId.getAlgorithmId(algname); + return AlgorithmId.get(algname); } catch (NoSuchAlgorithmException e) { throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED", "")); } @@ -1099,7 +1099,7 @@ public final class JssSubsystem implements ICryptoSubsystem { } try { if (mNicknameMapCertsTable != null) { - X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + X509Certificate[] certs = mNicknameMapCertsTable.get(nickname); if (certs == null) { EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); @@ -1164,7 +1164,7 @@ public final class JssSubsystem implements ICryptoSubsystem { Hashtable> vecTable = new Hashtable>(); while (enums.hasMoreElements()) { - CryptoToken token = (CryptoToken) enums.nextElement(); + CryptoToken token = enums.nextElement(); String tokenName = token.getName(); CryptoStore store = token.getCryptoStore(); @@ -1186,7 +1186,7 @@ public final class JssSubsystem implements ICryptoSubsystem { try { Vector v; - if (vecTable.containsKey((Object) nickname) == true) { + if (vecTable.containsKey(nickname) == true) { v = vecTable.get(nickname); } else { v = new Vector(); @@ -1213,11 +1213,11 @@ public final class JssSubsystem implements ICryptoSubsystem { Enumeration elms = vecTable.keys(); while (elms.hasMoreElements()) { - String key = (String) elms.nextElement(); - Vector v = vecTable.get((Object) key); + String key = elms.nextElement(); + Vector v = vecTable.get(key); X509Certificate[] a = new X509Certificate[v.size()]; - v.copyInto((Object[]) a); + v.copyInto(a); mNicknameMapCertsTable.put(key, a); } } @@ -1237,7 +1237,7 @@ public final class JssSubsystem implements ICryptoSubsystem { Enumeration enums = mCryptoManager.getAllTokens(); while (enums.hasMoreElements()) { - CryptoToken token = (CryptoToken) enums.nextElement(); + CryptoToken token = enums.nextElement(); String tokenName = token.getName(); CryptoStore store = token.getCryptoStore(); @@ -1305,7 +1305,7 @@ public final class JssSubsystem implements ICryptoSubsystem { Enumeration enums = mCryptoManager.getAllTokens(); while (enums.hasMoreElements()) { - CryptoToken token = (CryptoToken) enums.nextElement(); + CryptoToken token = enums.nextElement(); CryptoStore store = token.getCryptoStore(); X509Certificate[] list = store.getCertificates(); @@ -1388,7 +1388,7 @@ public final class JssSubsystem implements ICryptoSubsystem { /* build a table of our own */ Vector v; - if (vecTable.containsKey((Object) nickname) == true) { + if (vecTable.containsKey(nickname) == true) { v = vecTable.get(nickname); } else { v = new Vector(); @@ -1401,19 +1401,19 @@ public final class JssSubsystem implements ICryptoSubsystem { Enumeration elms = vecTable.keys(); while (elms.hasMoreElements()) { - String key = (String) elms.nextElement(); - Vector v = vecTable.get((Object) key); + String key = elms.nextElement(); + Vector v = vecTable.get(key); X509Certificate[] a = new X509Certificate[v.size()]; - v.copyInto((Object[]) a); + v.copyInto(a); mNicknameMapCertsTable.put(key, a); } Enumeration keys = mNicknameMapCertsTable.keys(); while (keys.hasMoreElements()) { - String nickname = (String) keys.nextElement(); - X509Certificate[] value = (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + String nickname = keys.nextElement(); + X509Certificate[] value = mNicknameMapCertsTable.get(nickname); for (int i = 0; i < value.length; i++) { InternalCertificate icert = null; @@ -1462,7 +1462,7 @@ public final class JssSubsystem implements ICryptoSubsystem { EBaseException { try { if (mNicknameMapCertsTable != null) { - X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + X509Certificate[] certs = mNicknameMapCertsTable.get(nickname); if (certs == null) { EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); @@ -1505,7 +1505,7 @@ public final class JssSubsystem implements ICryptoSubsystem { /** * Delete the CA certificate from the perm database. - * + * * @param nickname The nickname of the CA certificate. * @param notAfterTime The notAfter of the certificate. It is possible to get multiple * certificates under the same nickname. If one of the certificates match the notAfterTime, @@ -1515,7 +1515,7 @@ public final class JssSubsystem implements ICryptoSubsystem { public void deleteCACert(String nickname, String notAfterTime) throws EBaseException { try { if (mNicknameMapCertsTable != null) { - X509Certificate[] certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + X509Certificate[] certs = mNicknameMapCertsTable.get(nickname); if (certs == null) { EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); @@ -1566,7 +1566,7 @@ public final class JssSubsystem implements ICryptoSubsystem { /** * Delete any certificate from the any token. - * + * * @param nickname The nickname of the certificate. * @param notAfterTime The notAfter of the certificate. It is possible to get multiple * certificates under the same nickname. If one of the certificates match the notAfterTime, @@ -1581,13 +1581,13 @@ public final class JssSubsystem implements ICryptoSubsystem { try { if (mNicknameMapCertsTable != null) { certs = - (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + mNicknameMapCertsTable.get(nickname); } if (certs == null) { if (mNicknameMapUserCertsTable != null) { certs = - (X509Certificate[]) mNicknameMapUserCertsTable.get(nickname); + mNicknameMapUserCertsTable.get(nickname); if (certs != null) { CMS.debug("in mNicknameMapUserCertsTable, isUserCert is true"); isUserCert = true; @@ -1956,7 +1956,7 @@ public final class JssSubsystem implements ICryptoSubsystem { if ((certs == null || certs.length == 0) && mNicknameMapCertsTable != null) { - certs = (X509Certificate[]) mNicknameMapCertsTable.get(nickname); + certs = mNicknameMapCertsTable.get(nickname); } if (certs == null) { EBaseException e = new EBaseException(CMS.getUserMessage("CMS_BASE_CERT_NOT_FOUND")); diff --git a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java index 2a9afb868..2bb31ba1a 100644 --- a/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java +++ b/base/common/src/com/netscape/cmscore/security/KeyCertUtil.java @@ -63,7 +63,6 @@ import netscape.security.x509.AlgIdDSA; import netscape.security.x509.AlgorithmId; import netscape.security.x509.AuthorityKeyIdentifierExtension; import netscape.security.x509.BasicConstraintsExtension; -import netscape.security.x509.CertAttrSet; import netscape.security.x509.CertificateAlgorithmId; import netscape.security.x509.CertificateExtensions; import netscape.security.x509.Extension; @@ -119,7 +118,7 @@ import com.netscape.cmsutil.util.Utils; /** * This class provides all the base methods to generate the key for different * kinds of certificates. - * + * * @author Christine Ho * @version $Revision$, $Date$ */ @@ -162,7 +161,7 @@ public class KeyCertUtil { int num = 0; while (tokens.hasMoreElements()) { - CryptoToken c = (CryptoToken) tokens.nextElement(); + CryptoToken c = tokens.nextElement(); if (num++ == 0) tokenList = tokenList + c.getName(); @@ -333,7 +332,7 @@ public class KeyCertUtil { return new AlgIdDSA(P, Q, G); } } - return AlgorithmId.getAlgorithmId(algname); + return AlgorithmId.get(algname); } catch (NoSuchAlgorithmException e) { throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED")); } @@ -603,7 +602,7 @@ public class KeyCertUtil { if (exts != null) { PKCS10Attribute attr = new PKCS10Attribute(PKCS9Attribute.EXTENSION_REQUEST_OID, - (CertAttrSet) exts); + exts); PKCS10Attributes attrs = new PKCS10Attributes(); attrs.setAttribute(attr.getAttributeValue().getName(), attr); @@ -764,7 +763,7 @@ public class KeyCertUtil { byte bCert[] = Utils.base64decode(str); /* - java.security.cert.X509Certificate cert = + java.security.cert.X509Certificate cert = java.security.cert.X509Certificate.getInstance(bCert); return cert; */ diff --git a/base/util/src/netscape/security/extensions/CertInfo.java b/base/util/src/netscape/security/extensions/CertInfo.java index ab88ec8ab..47a138253 100644 --- a/base/util/src/netscape/security/extensions/CertInfo.java +++ b/base/util/src/netscape/security/extensions/CertInfo.java @@ -65,14 +65,13 @@ public class CertInfo extends X509CertInfo { SERIALIZE_SERIALNO = new CertificateSerialNumber(new BigInteger("0")); SERIALIZE_ALGOR = - new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId("MD5withRSA")); + new CertificateAlgorithmId(AlgorithmId.get("MD5withRSA")); } catch (IOException e) { - // should never happen. If does, system is hosed. + // should never happen. If does, system is hosed. System.out.println("**** Impossible Error encountered ****"); throw new RuntimeException(e.toString()); } catch (NoSuchAlgorithmException e) { - // should never happen. If does, system is hosed. + // should never happen. If does, system is hosed. System.out.println("**** Impossible Error encountered ****"); throw new RuntimeException(e.toString()); } @@ -111,7 +110,7 @@ public class CertInfo extends X509CertInfo { certinfo.set(X509CertInfo.SUBJECT, SERIALIZE_SUBJECT); } // key is set later in the request. - } // these exceptions shouldn't happen here unless the + } // these exceptions shouldn't happen here unless the // whole process is hosed. catch (CertificateException e) { } catch (IOException e) { diff --git a/base/util/src/netscape/security/x509/AlgorithmId.java b/base/util/src/netscape/security/x509/AlgorithmId.java index b0113af41..947853a42 100644 --- a/base/util/src/netscape/security/x509/AlgorithmId.java +++ b/base/util/src/netscape/security/x509/AlgorithmId.java @@ -35,19 +35,19 @@ import netscape.security.util.ObjectIdentifier; * are used when this runtime environment has no special knowledge of the * algorithm type, and may also be used in other cases. Equivalence is * defined according to OID and (where relevant) parameters. - * + * *

    * Subclasses may be used, for example when when the algorithm ID has associated parameters which some code (e.g. code * using public keys) needs to have parsed. Two examples of such algorithms are Diffie-Hellman key exchange, and the * Digital Signature Standard Algorithm (DSS/DSA). - * + * *

    * The OID constants defined in this class correspond to some widely used algorithms, for which conventional string * names have been defined. This class is not a general repository for OIDs, or for such string names. Note that the * mappings between algorithm IDs and algorithm names is not one-to-one. - * + * * @version 1.70 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -77,19 +77,6 @@ public class AlgorithmId implements Serializable, DerEncoder { protected String paramsString = null; - /** - * Returns one of the algorithm IDs most commonly associated - * with this algorithm name. - * - * @param algname the name being used - * @deprecated use the short get form of this method. - * @exception NoSuchAlgorithmException on error. - */ - public static AlgorithmId getAlgorithmId(String algname) - throws NoSuchAlgorithmException { - return get(algname); - } - public AlgorithmParameters getParameters() { return this.algParams; } @@ -106,7 +93,7 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Returns one of the algorithm IDs most commonly associated * with this algorithm name. - * + * * @param algname the name being used * @exception NoSuchAlgorithmException on error. */ @@ -124,7 +111,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * Parse (unmarshal) an ID from a DER sequence input value. This form * parsing might be used when expanding a value which has already been * partially unmarshaled as a set or sequence member. - * + * * @exception IOException on error. * @param val the input value, which contains the algid and, if * there are any parameters, those parameters. @@ -163,7 +150,7 @@ public class AlgorithmId implements Serializable, DerEncoder { alg.decodeParams(); /* - * Set the raw params string in case + * Set the raw params string in case * higher level code might want the info */ @@ -185,7 +172,7 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Constructs a parameterless algorithm ID. - * + * * @param oid the identifier for the algorithm */ public AlgorithmId(ObjectIdentifier oid) { @@ -203,7 +190,7 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Constructs an algorithm ID which will be initialized * separately, for example by deserialization. - * + * * @deprecated use one of the other constructors. */ public AlgorithmId() { @@ -236,10 +223,10 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * DER encode this object onto an output stream. * Implements the DerEncoder interface. - * + * * @param out * the output stream on which to write the DER encoding. - * + * * @exception IOException on encoding error. */ public void derEncode(OutputStream out) throws IOException { @@ -459,7 +446,7 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Returns the DER encoded parameter, which can then be * used to initialize java.security.AlgorithmParamters. - * + * * @return DER encoded parameters, or null not present. */ public byte[] getEncodedParams() throws IOException { @@ -502,7 +489,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * Compares this AlgorithmID to another. If algorithm parameters are * available, they are compared. Otherwise, just the object IDs * for the algorithm are compared. - * + * * @param other preferably an AlgorithmId, else an ObjectIdentifier */ public boolean equals(Object other) { diff --git a/base/util/src/netscape/security/x509/X500Signer.java b/base/util/src/netscape/security/x509/X500Signer.java index 0b8cf87a4..3bc5a413e 100644 --- a/base/util/src/netscape/security/x509/X500Signer.java +++ b/base/util/src/netscape/security/x509/X500Signer.java @@ -26,17 +26,17 @@ import java.security.Signer; * This class provides a binding between a Signature object and an * authenticated X.500 name (from an X.509 certificate chain), which * is needed in many public key signing applications. - * + * *

    * The name of the signer is important, both because knowing it is the whole point of the signature, and because the * associated X.509 certificate is always used to verify the signature. - * + * *

    * The X.509 certificate chain is temporarily not associated with * the signer, but this omission will be resolved. - * + * * @version 1.18 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -51,7 +51,7 @@ public final class X500Signer extends Signer { * Called for each chunk of the data being signed. That * is, you can present the data in many chunks, so that * it doesn't need to be in a single sequential buffer. - * + * * @param buf buffer holding the next chunk of the data to be signed * @param offset starting point of to-be-signed data * @param len how many bytes of data are to be signed @@ -64,7 +64,7 @@ public final class X500Signer extends Signer { /** * Produces the signature for the data processed by update(). - * + * * @exception SignatureException on errors. */ public byte[] sign() throws SignatureException { @@ -98,12 +98,12 @@ public final class X500Signer extends Signer { this.agent = agent; try { - this.algid = AlgorithmId.getAlgorithmId(sig.getAlgorithm()); + this.algid = AlgorithmId.get(sig.getAlgorithm()); String alg = sig.getAlgorithm(); if (alg.equals("DSA")) { alg = "SHA1withDSA"; } - this.algid = AlgorithmId.getAlgorithmId(alg); + this.algid = AlgorithmId.get(alg); } catch (NoSuchAlgorithmException e) { throw new RuntimeException("internal error! " + e.getMessage()); -- cgit