From 171aaece4f23709d33d180cf36eb3af5e454b0c9 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Thu, 8 Dec 2011 21:15:59 -0500 Subject: Revert "Formatting" This reverts commit 32150d3ee32f8ac27118af7c792794b538c78a2f. --- .../com/netscape/cmsutil/crypto/CryptoUtil.java | 633 ++++++++++++--------- .../src/com/netscape/cmsutil/crypto/Module.java | 30 +- .../src/com/netscape/cmsutil/crypto/Token.java | 18 +- .../com/netscape/cmsutil/http/ConnectAsync.java | 7 +- .../util/src/com/netscape/cmsutil/http/Http.java | 1 + .../src/com/netscape/cmsutil/http/HttpClient.java | 61 +- .../netscape/cmsutil/http/HttpEofException.java | 2 + .../src/com/netscape/cmsutil/http/HttpMessage.java | 44 +- .../cmsutil/http/HttpProtocolException.java | 2 + .../src/com/netscape/cmsutil/http/HttpRequest.java | 31 +- .../com/netscape/cmsutil/http/HttpResponse.java | 18 +- .../netscape/cmsutil/http/JssSSLSocketFactory.java | 61 +- .../src/com/netscape/cmsutil/ldap/LDAPUtil.java | 11 +- .../com/netscape/cmsutil/net/ISocketFactory.java | 22 +- .../netscape/cmsutil/ocsp/BasicOCSPResponse.java | 155 ++--- .../util/src/com/netscape/cmsutil/ocsp/CertID.java | 235 ++++---- .../src/com/netscape/cmsutil/ocsp/CertStatus.java | 7 +- .../src/com/netscape/cmsutil/ocsp/GoodInfo.java | 92 +-- .../src/com/netscape/cmsutil/ocsp/KeyHashID.java | 136 +++-- .../util/src/com/netscape/cmsutil/ocsp/NameID.java | 138 +++-- .../src/com/netscape/cmsutil/ocsp/OCSPRequest.java | 224 ++++---- .../com/netscape/cmsutil/ocsp/OCSPResponse.java | 212 +++---- .../netscape/cmsutil/ocsp/OCSPResponseStatus.java | 170 +++--- .../src/com/netscape/cmsutil/ocsp/Request.java | 233 ++++---- .../src/com/netscape/cmsutil/ocsp/ResponderID.java | 8 +- .../src/com/netscape/cmsutil/ocsp/Response.java | 9 +- .../com/netscape/cmsutil/ocsp/ResponseBytes.java | 200 ++++--- .../com/netscape/cmsutil/ocsp/ResponseData.java | 126 ++-- .../src/com/netscape/cmsutil/ocsp/RevokedInfo.java | 127 +++-- .../src/com/netscape/cmsutil/ocsp/Signature.java | 248 ++++---- .../com/netscape/cmsutil/ocsp/SingleResponse.java | 275 +++++---- .../src/com/netscape/cmsutil/ocsp/TBSRequest.java | 109 ++-- .../src/com/netscape/cmsutil/ocsp/UnknownInfo.java | 92 +-- .../netscape/cmsutil/password/IPasswordReader.java | 3 - .../netscape/cmsutil/password/IPasswordStore.java | 8 +- .../netscape/cmsutil/password/IPasswordWriter.java | 10 +- .../cmsutil/password/PlainPasswordFile.java | 27 +- .../cmsutil/password/PlainPasswordReader.java | 24 +- .../cmsutil/password/PlainPasswordWriter.java | 35 +- .../com/netscape/cmsutil/radius/AccessAccept.java | 2 + .../netscape/cmsutil/radius/AccessChallenge.java | 2 + .../com/netscape/cmsutil/radius/AccessReject.java | 2 + .../com/netscape/cmsutil/radius/AccessRequest.java | 3 + .../src/com/netscape/cmsutil/radius/Attribute.java | 12 +- .../netscape/cmsutil/radius/AttributeFactory.java | 57 +- .../com/netscape/cmsutil/radius/AttributeSet.java | 2 + .../com/netscape/cmsutil/radius/Authenticator.java | 2 + .../cmsutil/radius/CHAPChallengeAttribute.java | 2 + .../cmsutil/radius/CHAPPasswordAttribute.java | 2 + .../cmsutil/radius/CallbackIdAttribute.java | 2 + .../cmsutil/radius/CallbackNumberAttribute.java | 2 + .../cmsutil/radius/CallerStationIdAttribute.java | 2 + .../cmsutil/radius/CallingStationIdAttribute.java | 2 + .../cmsutil/radius/ChallengeException.java | 9 +- .../netscape/cmsutil/radius/FilterIdAttribute.java | 2 + .../radius/FramedAppleTalkLinkAttribute.java | 2 + .../radius/FramedAppleTalkNetworkAttribute.java | 2 + .../radius/FramedAppleTalkZoneAttribute.java | 2 + .../cmsutil/radius/FramedCompressionAttribute.java | 8 +- .../cmsutil/radius/FramedIPAddressAttribute.java | 10 +- .../cmsutil/radius/FramedIPNetmaskAttribute.java | 2 + .../cmsutil/radius/FramedIPXNetworkAttribute.java | 2 + .../cmsutil/radius/FramedMTUAttribute.java | 2 + .../cmsutil/radius/FramedProtocolAttribute.java | 8 +- .../cmsutil/radius/FramedRouteAttribute.java | 2 + .../cmsutil/radius/FramedRoutingAttribute.java | 2 + .../netscape/cmsutil/radius/GenericAttribute.java | 2 + .../cmsutil/radius/IdleTimeoutAttribute.java | 2 + .../cmsutil/radius/LoginIPHostAttribute.java | 2 + .../cmsutil/radius/LoginLATGroupAttribute.java | 2 + .../cmsutil/radius/LoginLATNodeAttribute.java | 2 + .../cmsutil/radius/LoginLATPortAttribute.java | 2 + .../cmsutil/radius/LoginLATServiceAttribute.java | 2 + .../cmsutil/radius/LoginServiceAttribute.java | 2 + .../cmsutil/radius/LoginTCPPortAttribute.java | 12 +- .../netscape/cmsutil/radius/NASClassAttribute.java | 2 + .../cmsutil/radius/NASIPAddressAttribute.java | 2 + .../cmsutil/radius/NASIdentifierAttribute.java | 2 + .../src/com/netscape/cmsutil/radius/NASPacket.java | 2 + .../netscape/cmsutil/radius/NASPortAttribute.java | 12 +- .../cmsutil/radius/NASPortTypeAttribute.java | 2 + .../src/com/netscape/cmsutil/radius/Packet.java | 15 +- .../com/netscape/cmsutil/radius/PacketFactory.java | 4 +- .../cmsutil/radius/PortLimitAttribute.java | 2 + .../cmsutil/radius/ProxyStateAttribute.java | 2 + .../com/netscape/cmsutil/radius/RadiusConn.java | 76 +-- .../netscape/cmsutil/radius/RejectException.java | 8 +- .../cmsutil/radius/ReplyMessageAttribute.java | 2 + .../cmsutil/radius/RequestAuthenticator.java | 6 +- .../cmsutil/radius/ResponseAuthenticator.java | 2 + .../com/netscape/cmsutil/radius/ServerPacket.java | 6 +- .../cmsutil/radius/ServiceTypeAttribute.java | 8 +- .../cmsutil/radius/SessionTimeoutAttribute.java | 12 +- .../netscape/cmsutil/radius/StateAttribute.java | 2 + .../cmsutil/radius/TerminationActionAttribute.java | 2 + .../netscape/cmsutil/radius/UserNameAttribute.java | 2 + .../cmsutil/radius/UserPasswordAttribute.java | 9 +- .../cmsutil/radius/VendorSpecificAttribute.java | 2 + .../com/netscape/cmsutil/scep/CRSPKIMessage.java | 571 ++++++++++--------- .../util/src/com/netscape/cmsutil/util/Cert.java | 43 +- .../util/src/com/netscape/cmsutil/util/Fmt.java | 186 +++--- .../src/com/netscape/cmsutil/util/HMACDigest.java | 62 +- .../util/src/com/netscape/cmsutil/util/Utils.java | 162 +++--- .../src/com/netscape/cmsutil/xml/XMLObject.java | 40 +- 104 files changed, 2914 insertions(+), 2351 deletions(-) (limited to 'pki/base/util/src/com/netscape') diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java index c6c9960ad..e659da9b9 100644 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java +++ b/pki/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.crypto; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.CharConversionException; @@ -108,27 +109,27 @@ public class CryptoUtil { /* * encodes cert */ - // private static BASE64Encoder mEncoder = new BASE64Encoder(); + // private static BASE64Encoder mEncoder = new BASE64Encoder(); public static String toMIME64(X509CertImpl cert) { try { - return "-----BEGIN CERTIFICATE-----\n" - // + mEncoder.encodeBuffer(cert.getEncoded()) - + OSUtil.BtoA(cert.getEncoded()) + return + "-----BEGIN CERTIFICATE-----\n" + // + mEncoder.encodeBuffer(cert.getEncoded()) + + OSUtil.BtoA( cert.getEncoded() ) + "-----END CERTIFICATE-----\n"; - } catch (Exception e) { - } + } catch (Exception e) {} return null; } - + public static boolean arraysEqual(byte[] bytes, byte[] ints) { if (bytes == null || ints == null) { return false; } - + if (bytes.length != ints.length) { return false; } - + for (int i = 0; i < bytes.length; i++) { if (bytes[i] != ints[i]) { return false; @@ -141,7 +142,8 @@ public class CryptoUtil { * Retrieves handle to a JSS token. */ public static CryptoToken getTokenByName(String token) - throws CryptoManager.NotInitializedException, NoSuchTokenException { + throws CryptoManager.NotInitializedException, + NoSuchTokenException { CryptoManager cm = CryptoManager.getInstance(); CryptoToken t = null; @@ -157,8 +159,10 @@ public class CryptoUtil { * Generates a RSA key pair. */ public static KeyPair generateRSAKeyPair(String token, int keysize) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { CryptoToken t = getTokenByName(token); KeyPairGenerator g = t.getKeyPairGenerator(KeyPairAlgorithm.RSA); @@ -168,28 +172,34 @@ public class CryptoUtil { return pair; } - public static boolean isECCKey(X509Key key) { + public static boolean isECCKey(X509Key key) + { String keyAlgo = key.getAlgorithm(); - if (keyAlgo.equals("EC") || keyAlgo.equals("OID.1.2.840.10045.44")) { // ECC - return true; - } - return false; + if (keyAlgo.equals("EC") || + keyAlgo.equals("OID.1.2.840.10045.44")) { // ECC + return true; + } + return false; } /** * Generates an ecc key pair. */ public static KeyPair generateECCKeyPair(String token, int keysize) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { return generateECCKeyPair(token, keysize, null, null); } public static KeyPair generateECCKeyPair(String token, int keysize, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { CryptoToken t = getTokenByName(token); KeyPairAlgorithm alg = KeyPairAlgorithm.EC; @@ -207,52 +217,55 @@ public class CryptoUtil { * Generates an ecc key pair by curve name */ public static KeyPair generateECCKeyPair(String token, String curveName) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { return generateECCKeyPair(token, curveName, null, null); } public static KeyPair generateECCKeyPair(CryptoToken token, String curveName) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { return generateECCKeyPair(token, curveName, null, null); } public static KeyPair generateECCKeyPair(String token, String curveName, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { CryptoToken t = getTokenByName(token); return generateECCKeyPair(t, curveName, usage_ops, usage_mask); } - public static KeyPair generateECCKeyPair(CryptoToken token, - String curveName, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) - throws CryptoManager.NotInitializedException, NoSuchTokenException, - NoSuchAlgorithmException, TokenException { + public static KeyPair generateECCKeyPair(CryptoToken token, String curveName, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_ops, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage[] usage_mask) + throws CryptoManager.NotInitializedException, + NoSuchTokenException, + NoSuchAlgorithmException, + TokenException { KeyPairAlgorithm alg = KeyPairAlgorithm.EC; KeyPairGenerator g = token.getKeyPairGenerator(alg); g.setKeyPairUsages(usage_ops, usage_mask); - System.out.println("CryptoUtil: generateECCKeyPair: curve = " - + curveName); + System.out.println("CryptoUtil: generateECCKeyPair: curve = "+ curveName); int curveCode = 0; try { curveCode = g.getCurveCodeByName(curveName); } catch (Exception e) { - System.out.println("CryptoUtil: generateECCKeyPair: " - + e.toString()); + System.out.println("CryptoUtil: generateECCKeyPair: "+ e.toString()); throw new NoSuchAlgorithmException(); } g.initialize(curveCode); - System.out - .println("CryptoUtil: generateECCKeyPair: after KeyPairGenerator initialize with:" - + curveName); + System.out.println("CryptoUtil: generateECCKeyPair: after KeyPairGenerator initialize with:"+ curveName); KeyPair pair = g.genKeyPair(); return pair; @@ -274,22 +287,23 @@ public class CryptoUtil { // All this streaming is lame, but Base64OutputStream needs a // PrintStream ByteArrayOutputStream output = new ByteArrayOutputStream(); - Base64OutputStream b64 = new Base64OutputStream(new PrintStream( - new FilterOutputStream(output))); - + Base64OutputStream b64 = new Base64OutputStream(new + PrintStream(new + FilterOutputStream(output))); + b64.write(bytes); b64.flush(); - + // This is internationally safe because Base64 chars are // contained within 8859_1 return output.toString("8859_1"); } - + public static byte[] base64Decode(String s) throws IOException { - // BASE64Decoder base64 = new BASE64Decoder(); - // byte[] d = base64.decodeBuffer(s); - byte[] d = OSUtil.AtoB(s); - + // BASE64Decoder base64 = new BASE64Decoder(); + // byte[] d = base64.decodeBuffer(s); + byte[] d = OSUtil.AtoB( s ); + return d; } @@ -299,10 +313,10 @@ public class CryptoUtil { public static String reqFormat(String content) { int beginIndex = CERTREQ_BEGIN_HEADING.length(); int endIndex = CERTREQ_END_HEADING.length(); - + String result = CERTREQ_BEGIN_HEADING + "\n"; int index = 0; - + while (content.length() >= LINE_COUNT) { result = result + content.substring(0, LINE_COUNT) + "\n"; content = content.substring(LINE_COUNT); @@ -312,15 +326,21 @@ public class CryptoUtil { } else { result = result + CERTREQ_END_HEADING; } - + return result; } - - public static String getPKCS10FromKey(String dn, byte modulus[], - byte exponent[], byte prikdata[]) throws IOException, - InvalidKeyException, TokenException, NoSuchProviderException, - CertificateException, SignatureException, - CryptoManager.NotInitializedException, NoSuchAlgorithmException { + + public static String getPKCS10FromKey(String dn, + byte modulus[], byte exponent[], byte prikdata[]) + throws IOException, + InvalidKeyException, + TokenException, + NoSuchProviderException, + CertificateException, + SignatureException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException + { X509Key x509key = getPublicX509Key(modulus, exponent); PrivateKey prik = findPrivateKeyFromID(prikdata); PKCS10 pkcs10 = createCertificationRequest(dn, x509key, prik); @@ -330,11 +350,17 @@ public class CryptoUtil { return bs.toString(); } - public static String getPKCS10FromKey(String dn, byte modulus[], - byte exponent[], byte prikdata[], String alg) throws IOException, - InvalidKeyException, TokenException, NoSuchProviderException, - CertificateException, SignatureException, - CryptoManager.NotInitializedException, NoSuchAlgorithmException { + public static String getPKCS10FromKey(String dn, + byte modulus[], byte exponent[], byte prikdata[], String alg) + throws IOException, + InvalidKeyException, + TokenException, + NoSuchProviderException, + CertificateException, + SignatureException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException + { X509Key x509key = getPublicX509Key(modulus, exponent); PrivateKey prik = findPrivateKeyFromID(prikdata); PKCS10 pkcs10 = createCertificationRequest(dn, x509key, prik, alg); @@ -353,10 +379,10 @@ public class CryptoUtil { } int beginIndex = CERT_BEGIN_HEADING.length(); int endIndex = CERT_END_HEADING.length(); - + String result = CERT_BEGIN_HEADING + "\n"; int index = 0; - + while (content.length() >= LINE_COUNT) { result = result + content.substring(0, LINE_COUNT) + "\n"; content = content.substring(LINE_COUNT); @@ -366,32 +392,31 @@ public class CryptoUtil { } else { result = result + CERT_END_HEADING; } - + return result; } /** * strips out the begin and end certificate brackets - * * @param s the string potentially bracketed with - * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" + * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" * @return string without the brackets */ public static String stripCertBrackets(String s) { if (s == null) { return s; } - + if (s.startsWith(CERT_BEGIN_HEADING) && s.endsWith(CERT_END_HEADING)) { return (s.substring(27, (s.length() - 25))); } - + // To support Thawte's header and footer if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) && (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) { return (s.substring(35, (s.length() - 33))); } - + return s; } @@ -405,13 +430,13 @@ public class CryptoUtil { s = s.replaceAll("-----END NEW CERTIFICATE REQUEST-----", ""); s = s.replaceAll("-----BEGIN CERTIFICATE-----", ""); s = s.replaceAll("-----END CERTIFICATE-----", ""); - + StringBuffer sb = new StringBuffer(); StringTokenizer st = new StringTokenizer(s, "\r\n "); - + while (st.hasMoreTokens()) { String nextLine = st.nextToken(); - + nextLine = nextLine.trim(); if (nextLine.equals("-----BEGIN CERTIFICATE REQUEST-----")) { continue; @@ -435,10 +460,10 @@ public class CryptoUtil { } return sb.toString(); } - + public static String normalizeCertStr(String s) { String val = ""; - + for (int i = 0; i < s.length(); i++) { if (s.charAt(i) == '\n') { continue; @@ -455,58 +480,65 @@ public class CryptoUtil { } public static void importCertificateChain(String certchain) - throws IOException, CryptoManager.NotInitializedException, - TokenException, CertificateEncodingException, CertificateException { + throws IOException, + CryptoManager.NotInitializedException, + TokenException, + CertificateEncodingException, + CertificateException + { byte[] blah = base64Decode(certchain); CryptoManager manager = CryptoManager.getInstance(); PKCS7 pkcs7 = null; - try { - // try PKCS7 first - pkcs7 = new PKCS7(blah); + try { + // try PKCS7 first + pkcs7 = new PKCS7(blah); } catch (Exception e) { } X509Certificate cert = null; if (pkcs7 == null) { - cert = manager.importCACertPackage(blah); + cert = manager.importCACertPackage(blah); } else { - java.security.cert.X509Certificate certsInP7[] = pkcs7 - .getCertificates(); - if (certsInP7 == null) { - cert = manager.importCACertPackage(blah); - } else { - for (int i = 0; i < certsInP7.length; i++) { - // import P7 one by one - cert = manager.importCACertPackage(certsInP7[i] - .getEncoded()); - } + java.security.cert.X509Certificate certsInP7[] = + pkcs7.getCertificates(); + if (certsInP7 == null) { + cert = manager.importCACertPackage(blah); + } else { + for (int i = 0; i < certsInP7.length; i++) { + // import P7 one by one + cert = manager.importCACertPackage(certsInP7[i].getEncoded()); } + } } - X509Certificate[] certchains = CryptoManager.getInstance() - .buildCertificateChain(cert); - + X509Certificate[] certchains = + CryptoManager.getInstance().buildCertificateChain(cert); + if (certchains != null) { - cert = certchains[certchains.length - 1]; + cert = certchains[certchains.length - 1]; } InternalCertificate icert = (InternalCertificate) cert; - icert.setSSLTrust(InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA - | InternalCertificate.VALID_CA); + icert.setSSLTrust( InternalCertificate.TRUSTED_CA + | InternalCertificate.TRUSTED_CLIENT_CA + | InternalCertificate.VALID_CA); } public static SEQUENCE parseCRMFMsgs(byte cert_request[]) - throws IOException, InvalidBERException { - ByteArrayInputStream crmfBlobIn = new ByteArrayInputStream(cert_request); - SEQUENCE crmfMsgs = (SEQUENCE) new SEQUENCE.OF_Template( - new CertReqMsg.Template()).decode(crmfBlobIn); + throws IOException, InvalidBERException + { + ByteArrayInputStream crmfBlobIn = + new ByteArrayInputStream(cert_request); + SEQUENCE crmfMsgs = (SEQUENCE) + new SEQUENCE.OF_Template(new CertReqMsg.Template()).decode( + crmfBlobIn); return crmfMsgs; } - public static X509Key getX509KeyFromCRMFMsgs(SEQUENCE crmfMsgs) - throws IOException, NoSuchAlgorithmException, InvalidKeyException, - InvalidKeyFormatException { + public static X509Key getX509KeyFromCRMFMsgs(SEQUENCE crmfMsgs) + throws IOException, NoSuchAlgorithmException, + InvalidKeyException, InvalidKeyFormatException + { int nummsgs = crmfMsgs.size(); if (nummsgs <= 0) { - throw new IOException("invalid certificate requests"); + throw new IOException("invalid certificate requests"); } CertReqMsg msg = (CertReqMsg) crmfMsgs.elementAt(0); CertRequest certreq = msg.getCertReq(); @@ -517,46 +549,47 @@ public class CryptoUtil { return x509key; } - public static X509Key getPublicX509Key(byte modulus[], byte exponent[]) - throws InvalidKeyException { + public static X509Key getPublicX509Key(byte modulus[], byte exponent[]) + throws InvalidKeyException { return new netscape.security.provider.RSAPublicKey(new BigInt(modulus), new BigInt(exponent)); } public static X509Key getPublicX509ECCKey(byte encoded[]) - throws InvalidKeyException { - try { - return X509Key.parse(new DerValue(encoded)); - } catch (IOException e) { - throw new InvalidKeyException(); - } + throws InvalidKeyException { + try { + return X509Key.parse(new DerValue(encoded)); + } catch (IOException e) { + throw new InvalidKeyException(); + } } public static X509Key convertPublicKeyToX509Key(PublicKey pubk) - throws InvalidKeyException { + throws InvalidKeyException { X509Key xKey; - + if (pubk instanceof RSAPublicKey) { RSAPublicKey rsaKey = (RSAPublicKey) pubk; - - xKey = new netscape.security.provider.RSAPublicKey(new BigInt( - rsaKey.getModulus()), + + xKey = new netscape.security.provider.RSAPublicKey( + new BigInt(rsaKey.getModulus()), new BigInt(rsaKey.getPublicExponent())); } else { // Assert.assert(pubk instanceof DSAPublicKey); DSAPublicKey dsaKey = (DSAPublicKey) pubk; DSAParams params = dsaKey.getParams(); - + xKey = new netscape.security.provider.DSAPublicKey(dsaKey.getY(), params.getP(), params.getQ(), params.getG()); } return xKey; } - public static String getSubjectName(SEQUENCE crmfMsgs) throws IOException { + public static String getSubjectName(SEQUENCE crmfMsgs) + throws IOException { int nummsgs = crmfMsgs.size(); if (nummsgs <= 0) { - throw new IOException("invalid certificate requests"); + throw new IOException("invalid certificate requests"); } CertReqMsg msg = (CertReqMsg) crmfMsgs.elementAt(0); CertRequest certreq = msg.getCertReq(); @@ -564,7 +597,7 @@ public class CryptoUtil { Name n = certTemplate.getSubject(); ByteArrayOutputStream subjectEncStream = new ByteArrayOutputStream(); n.encode(subjectEncStream); - + byte[] b = subjectEncStream.toByteArray(); X500Name subject = new X500Name(b); return subject.toString(); @@ -573,119 +606,157 @@ public class CryptoUtil { /** * Creates a Certificate template. */ - public static X509CertInfo createX509CertInfo(KeyPair pair, int serialno, - String issuername, String subjname, Date notBefore, Date notAfter) - throws IOException, CertificateException, InvalidKeyException { - return createX509CertInfo(convertPublicKeyToX509Key(pair.getPublic()), + public static X509CertInfo createX509CertInfo(KeyPair pair, + int serialno, String issuername, String subjname, + Date notBefore, Date notAfter) + throws IOException, + CertificateException, + InvalidKeyException { + return createX509CertInfo(convertPublicKeyToX509Key(pair.getPublic()), serialno, issuername, subjname, notBefore, notAfter); } public static X509CertInfo createX509CertInfo(PublicKey publickey, - int serialno, String issuername, String subjname, Date notBefore, - Date notAfter) throws IOException, CertificateException, - InvalidKeyException { - return createX509CertInfo(convertPublicKeyToX509Key(publickey), - serialno, issuername, subjname, notBefore, notAfter); + int serialno, String issuername, String subjname, + Date notBefore, Date notAfter) + throws IOException, + CertificateException, + InvalidKeyException { + return createX509CertInfo(convertPublicKeyToX509Key(publickey), serialno, + issuername, subjname, notBefore, notAfter); } public static X509CertInfo createX509CertInfo(X509Key x509key, - int serialno, String issuername, String subjname, Date notBefore, - Date notAfter) throws IOException, CertificateException, - InvalidKeyException { + int serialno, String issuername, String subjname, + Date notBefore, Date notAfter) + throws IOException, + CertificateException, + InvalidKeyException { // set default; use the other call with "alg" to set algorithm String alg = "SHA256withRSA"; try { - return createX509CertInfo(x509key, serialno, issuername, subjname, - notBefore, notAfter, alg); + return createX509CertInfo (x509key, serialno, issuername, subjname, notBefore, notAfter, alg); } catch (NoSuchAlgorithmException ex) { - // for those that calls the old call without alg - throw new CertificateException( - "createX509CertInfo old call should not be here"); + // for those that calls the old call without alg + throw new CertificateException("createX509CertInfo old call should not be here"); } } public static X509CertInfo createX509CertInfo(X509Key x509key, - int serialno, String issuername, String subjname, Date notBefore, - Date notAfter, String alg) throws IOException, - CertificateException, InvalidKeyException, NoSuchAlgorithmException { + int serialno, String issuername, String subjname, + Date notBefore, Date notAfter, String alg) + throws IOException, + CertificateException, + InvalidKeyException, + NoSuchAlgorithmException { X509CertInfo info = new X509CertInfo(); - info.set(X509CertInfo.VERSION, new CertificateVersion( - CertificateVersion.V3)); - info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( - serialno)); - info.set(X509CertInfo.ISSUER, new CertificateIssuerName(new X500Name( - issuername))); - info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(new X500Name( - subjname))); - info.set(X509CertInfo.VALIDITY, new CertificateValidity(notBefore, - notAfter)); - info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( - AlgorithmId.get(alg))); + info.set(X509CertInfo.VERSION, new + CertificateVersion(CertificateVersion.V3)); + info.set(X509CertInfo.SERIAL_NUMBER, new + CertificateSerialNumber(serialno)); + info.set(X509CertInfo.ISSUER, new + CertificateIssuerName(new X500Name(issuername))); + info.set(X509CertInfo.SUBJECT, new + CertificateSubjectName(new X500Name(subjname))); + info.set(X509CertInfo.VALIDITY, new + CertificateValidity(notBefore, notAfter)); + info.set(X509CertInfo.ALGORITHM_ID, new + CertificateAlgorithmId(AlgorithmId.get(alg))); info.set(X509CertInfo.KEY, new CertificateX509Key(x509key)); info.set(X509CertInfo.EXTENSIONS, new CertificateExtensions()); return info; } - public static X509CertImpl signECCCert(PrivateKey privateKey, - X509CertInfo certInfo) throws NoSuchTokenException, - CryptoManager.NotInitializedException, NoSuchAlgorithmException, - NoSuchTokenException, TokenException, InvalidKeyException, - SignatureException, IOException, CertificateException { + + public static X509CertImpl signECCCert(PrivateKey privateKey, + X509CertInfo certInfo) + throws NoSuchTokenException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException, + NoSuchTokenException, + TokenException, + InvalidKeyException, + SignatureException, + IOException, + CertificateException + { // set default; use the other call with "alg" to specify algorithm String alg = "SHA256withEC"; return signECCCert(privateKey, certInfo, alg); } - public static X509CertImpl signECCCert(PrivateKey privateKey, - X509CertInfo certInfo, String alg) throws NoSuchTokenException, - CryptoManager.NotInitializedException, NoSuchAlgorithmException, - NoSuchTokenException, TokenException, InvalidKeyException, - SignatureException, IOException, CertificateException { - return signCert(privateKey, certInfo, Cert.mapAlgorithmToJss(alg)); + public static X509CertImpl signECCCert(PrivateKey privateKey, + X509CertInfo certInfo, String alg) + throws NoSuchTokenException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException, + NoSuchTokenException, + TokenException, + InvalidKeyException, + SignatureException, + IOException, + CertificateException + { + return signCert(privateKey, certInfo, + Cert.mapAlgorithmToJss(alg)); } /** * Signs certificate. */ - public static X509CertImpl signCert(PrivateKey privateKey, - X509CertInfo certInfo, String alg) throws NoSuchTokenException, - CryptoManager.NotInitializedException, NoSuchAlgorithmException, - NoSuchTokenException, TokenException, InvalidKeyException, - SignatureException, IOException, CertificateException { - return signCert(privateKey, certInfo, Cert.mapAlgorithmToJss(alg)); + public static X509CertImpl signCert(PrivateKey privateKey, + X509CertInfo certInfo, String alg) + throws NoSuchTokenException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException, + NoSuchTokenException, + TokenException, + InvalidKeyException, + SignatureException, + IOException, + CertificateException { + return signCert (privateKey, certInfo, + Cert.mapAlgorithmToJss(alg)); } - public static X509CertImpl signCert(PrivateKey privateKey, + public static X509CertImpl signCert(PrivateKey privateKey, X509CertInfo certInfo, SignatureAlgorithm sigAlg) - throws NoSuchTokenException, CryptoManager.NotInitializedException, - NoSuchAlgorithmException, NoSuchTokenException, TokenException, - InvalidKeyException, SignatureException, IOException, - CertificateException { + throws NoSuchTokenException, + CryptoManager.NotInitializedException, + NoSuchAlgorithmException, + NoSuchTokenException, + TokenException, + InvalidKeyException, + SignatureException, + IOException, + CertificateException { DerInputStream ds = new DerInputStream(ASN1Util.encode(sigAlg.toOID())); ObjectIdentifier sigAlgOID = new ObjectIdentifier(ds); AlgorithmId aid = new AlgorithmId(sigAlgOID); - certInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(aid)); - - org.mozilla.jss.crypto.PrivateKey priKey = (org.mozilla.jss.crypto.PrivateKey) privateKey; + certInfo.set(X509CertInfo.ALGORITHM_ID, + new CertificateAlgorithmId(aid)); + + org.mozilla.jss.crypto.PrivateKey priKey = + (org.mozilla.jss.crypto.PrivateKey) privateKey; CryptoToken token = priKey.getOwningToken(); - + DerOutputStream tmp = new DerOutputStream(); DerOutputStream out = new DerOutputStream(); - + certInfo.encode(tmp); Signature signer = token.getSignatureContext(sigAlg); - + signer.initSign(priKey); signer.update(tmp.toByteArray()); byte signed[] = signer.sign(); - + aid.encode(tmp); tmp.putBitString(signed); out.write(DerValue.tag_Sequence, tmp); X509CertImpl signedCert = new X509CertImpl(out.toByteArray()); - + return signedCert; } @@ -693,22 +764,23 @@ public class CryptoUtil { * Creates a PKCS#10 request. */ public static PKCS10 createCertificationRequest(String subjectName, - X509Key pubk, PrivateKey prik) throws NoSuchAlgorithmException, - NoSuchProviderException, InvalidKeyException, IOException, - CertificateException, SignatureException { + X509Key pubk, PrivateKey prik) + throws NoSuchAlgorithmException, NoSuchProviderException, + InvalidKeyException, IOException, CertificateException, + SignatureException { // give default String alg = "SHA256withRSA"; if (isECCKey(pubk)) { - alg = "SHA256withEC"; + alg = "SHA256withEC"; } return createCertificationRequest(subjectName, pubk, prik, alg); } public static PKCS10 createCertificationRequest(String subjectName, X509Key pubk, PrivateKey prik, String alg) - throws NoSuchAlgorithmException, NoSuchProviderException, - InvalidKeyException, IOException, CertificateException, - SignatureException { + throws NoSuchAlgorithmException, NoSuchProviderException, + InvalidKeyException, IOException, CertificateException, + SignatureException { X509Key key = pubk; java.security.Signature sig = java.security.Signature.getInstance(alg, "Mozilla-JSS"); @@ -726,9 +798,10 @@ public class CryptoUtil { * Creates a PKCS#10 request. */ public static PKCS10 createCertificationRequest(String subjectName, - KeyPair keyPair) throws NoSuchAlgorithmException, - NoSuchProviderException, InvalidKeyException, IOException, - CertificateException, SignatureException { + KeyPair keyPair) + throws NoSuchAlgorithmException, NoSuchProviderException, + InvalidKeyException, IOException, CertificateException, + SignatureException { String alg; PublicKey pubk = keyPair.getPublic(); X509Key key = convertPublicKeyToX509Key(pubk); @@ -740,44 +813,46 @@ public class CryptoUtil { // Assert.assert(pubk instanceof DSAPublicKey); alg = "DSA"; } - return createCertificationRequest(subjectName, keyPair, alg); + return createCertificationRequest(subjectName,keyPair, alg); } public static PKCS10 createCertificationRequest(String subjectName, - KeyPair keyPair, String alg) throws NoSuchAlgorithmException, - NoSuchProviderException, InvalidKeyException, IOException, - CertificateException, SignatureException { + KeyPair keyPair, String alg) + throws NoSuchAlgorithmException, NoSuchProviderException, + InvalidKeyException, IOException, CertificateException, + SignatureException { PublicKey pubk = keyPair.getPublic(); X509Key key = convertPublicKeyToX509Key(pubk); - + java.security.Signature sig = java.security.Signature.getInstance(alg, "Mozilla-JSS"); - + sig.initSign(keyPair.getPrivate()); - + PKCS10 pkcs10 = new PKCS10(key); - + X500Name name = new X500Name(subjectName); X500Signer signer = new X500Signer(sig, name); - + pkcs10.encodeAndSign(signer); - + return pkcs10; } public static void unTrustCert(InternalCertificate cert) { // remove TRUSTED_CA int flag = cert.getSSLTrust(); - + flag ^= InternalCertificate.VALID_CA; cert.setSSLTrust(flag); } - + /** * Trusts a certificate by nickname. */ - public static void trustCertByNickname(String nickname) - throws CryptoManager.NotInitializedException, TokenException { + public static void trustCertByNickname(String nickname) + throws CryptoManager.NotInitializedException, + TokenException { CryptoManager cm = CryptoManager.getInstance(); X509Certificate certs[] = cm.findCertsByNickname(nickname); @@ -793,28 +868,28 @@ public class CryptoUtil { * Trusts a certificate. */ public static void trustCert(InternalCertificate cert) { - int flag = InternalCertificate.VALID_CA - | InternalCertificate.TRUSTED_CA | InternalCertificate.USER + int flag = InternalCertificate.VALID_CA | InternalCertificate.TRUSTED_CA + | InternalCertificate.USER | InternalCertificate.TRUSTED_CLIENT_CA; - + cert.setSSLTrust(flag); cert.setObjectSigningTrust(flag); cert.setEmailTrust(flag); } - + /** - * To certificate server point of view, SSL trust is what we referring. + * To certificate server point of view, SSL trust is + * what we referring. */ public static boolean isCertTrusted(InternalCertificate cert) { - if (isTrust(cert.getSSLTrust()) - && isTrust(cert.getObjectSigningTrust()) + if (isTrust(cert.getSSLTrust()) && isTrust(cert.getObjectSigningTrust()) && isTrust(cert.getEmailTrust())) { return true; } else { return false; } } - + public static boolean isTrust(int flag) { if (((flag & InternalCertificate.VALID_CA) > 0) && ((flag & InternalCertificate.TRUSTED_CA) > 0) @@ -830,11 +905,12 @@ public class CryptoUtil { * Generates a symmetric key. */ public static SymmetricKey generateKey(CryptoToken token, - KeyGenAlgorithm alg) throws TokenException, - NoSuchAlgorithmException, IllegalStateException { + KeyGenAlgorithm alg) + throws TokenException, NoSuchAlgorithmException, + IllegalStateException { try { KeyGenerator kg = token.getKeyGenerator(alg); - + return kg.generate(); } catch (CharConversionException e) { throw new RuntimeException( @@ -874,8 +950,9 @@ public class CryptoUtil { /** * Retrieves a private key from a unique key ID. */ - public static PrivateKey findPrivateKeyFromID(byte id[]) - throws CryptoManager.NotInitializedException, TokenException { + public static PrivateKey findPrivateKeyFromID(byte id[]) + throws CryptoManager.NotInitializedException, + TokenException { CryptoManager cm = CryptoManager.getInstance(); Enumeration enums = cm.getAllTokens(); @@ -883,7 +960,7 @@ public class CryptoUtil { CryptoToken token = (CryptoToken) enums.nextElement(); String tokenName = token.getName(); CryptoStore store = token.getCryptoStore(); - PrivateKey keys[] = store.getPrivateKeys(); + PrivateKey keys[] = store.getPrivateKeys(); if (keys != null) { for (int i = 0; i < keys.length; i++) { @@ -900,7 +977,8 @@ public class CryptoUtil { * Retrieves all user certificates from all tokens. */ public static X509CertImpl[] getAllUserCerts() - throws CryptoManager.NotInitializedException, TokenException { + throws CryptoManager.NotInitializedException, + TokenException { Vector certs = new Vector(); CryptoManager cm = CryptoManager.getInstance(); Enumeration enums = cm.getAllTokens(); @@ -908,11 +986,10 @@ public class CryptoUtil { while (enums.hasMoreElements()) { CryptoToken token = (CryptoToken) enums.nextElement(); String tokenName = token.getName(); - + CryptoStore store = token.getCryptoStore(); - org.mozilla.jss.crypto.X509Certificate list[] = store - .getCertificates(); - + org.mozilla.jss.crypto.X509Certificate list[] = store.getCertificates(); + for (int i = 0; i < list.length; i++) { try { PrivateKey key = cm.findPrivKeyByCert(list[i]); @@ -945,7 +1022,7 @@ public class CryptoUtil { * Deletes a private key. */ public static void deletePrivateKey(PrivateKey prikey) - throws CryptoManager.NotInitializedException, TokenException { + throws CryptoManager.NotInitializedException, TokenException { CryptoManager cm = CryptoManager.getInstance(); try { @@ -953,24 +1030,21 @@ public class CryptoUtil { CryptoStore store = token.getCryptoStore(); store.deletePrivateKey(prikey); - } catch (NoSuchItemOnTokenException e) { - } + } catch (NoSuchItemOnTokenException e) {} } /** * Retrieves a private key by nickname. */ public static PrivateKey getPrivateKey(String nickname) - throws CryptoManager.NotInitializedException, TokenException { + throws CryptoManager.NotInitializedException, TokenException { try { CryptoManager cm = CryptoManager.getInstance(); X509Certificate cert = cm.findCertByNickname(nickname); - org.mozilla.jss.crypto.PrivateKey prikey = cm - .findPrivKeyByCert(cert); + org.mozilla.jss.crypto.PrivateKey prikey = cm.findPrivKeyByCert(cert); return prikey; - } catch (ObjectNotFoundException e) { - } + } catch (ObjectNotFoundException e) {} return null; } @@ -978,7 +1052,7 @@ public class CryptoUtil { * Deletes all certificates by a nickname. */ public static void deleteAllCertificates(String nickname) - throws CryptoManager.NotInitializedException, TokenException { + throws CryptoManager.NotInitializedException, TokenException { CryptoManager cm = CryptoManager.getInstance(); X509Certificate certs[] = cm.findCertsByNickname(nickname); @@ -988,28 +1062,28 @@ public class CryptoUtil { for (int i = 0; i < certs.length; i++) { try { X509Certificate cert = certs[i]; - org.mozilla.jss.crypto.PrivateKey prikey = cm - .findPrivKeyByCert(cert); + org.mozilla.jss.crypto.PrivateKey prikey = cm.findPrivKeyByCert( + cert); CryptoToken token = prikey.getOwningToken(); CryptoStore store = token.getCryptoStore(); store.deleteCert(cert); - } catch (NoSuchItemOnTokenException e) { - } catch (ObjectNotFoundException e) { - } + } catch (NoSuchItemOnTokenException e) {} catch (ObjectNotFoundException e) {} } } /** - * Imports a PKCS#7 certificate chain that includes the user certificate, - * and trusts the certificate. + * Imports a PKCS#7 certificate chain that includes the user + * certificate, and trusts the certificate. */ - public static X509Certificate importUserCertificateChain(String c, - String nickname) throws CryptoManager.NotInitializedException, - CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException, - NoSuchItemOnTokenException, TokenException, - CertificateEncodingException { + public static X509Certificate importUserCertificateChain(String c, + String nickname) + throws CryptoManager.NotInitializedException, + CryptoManager.NicknameConflictException, + CryptoManager.UserCertConflictException, + NoSuchItemOnTokenException, + TokenException, + CertificateEncodingException { CryptoManager cm = CryptoManager.getInstance(); X509Certificate cert = cm.importCertPackage(c.getBytes(), nickname); @@ -1021,22 +1095,26 @@ public class CryptoUtil { * Imports a user certificate, and trusts the certificate. */ public static void importUserCertificate(X509CertImpl cert, String nickname) - throws CryptoManager.NotInitializedException, - CertificateEncodingException, NoSuchItemOnTokenException, - TokenException, CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException { + throws CryptoManager.NotInitializedException, + CertificateEncodingException, + NoSuchItemOnTokenException, + TokenException, + CryptoManager.NicknameConflictException, + CryptoManager.UserCertConflictException { CryptoManager cm = CryptoManager.getInstance(); cm.importUserCACertPackage(cert.getEncoded(), nickname); trustCertByNickname(nickname); } - public static void importUserCertificate(X509CertImpl cert, - String nickname, boolean trust) - throws CryptoManager.NotInitializedException, - CertificateEncodingException, NoSuchItemOnTokenException, - TokenException, CryptoManager.NicknameConflictException, - CryptoManager.UserCertConflictException { + public static void importUserCertificate(X509CertImpl cert, String nickname, + boolean trust) + throws CryptoManager.NotInitializedException, + CertificateEncodingException, + NoSuchItemOnTokenException, + TokenException, + CryptoManager.NicknameConflictException, + CryptoManager.UserCertConflictException { CryptoManager cm = CryptoManager.getInstance(); cm.importUserCACertPackage(cert.getEncoded(), nickname); @@ -1044,38 +1122,39 @@ public class CryptoUtil { trustCertByNickname(nickname); } - public static java.security.cert.X509Certificate[] getX509CertificateFromPKCS7( - byte[] b) throws IOException { + public static java.security.cert.X509Certificate[] getX509CertificateFromPKCS7(byte[] b) throws IOException { ByteArrayInputStream bis = new ByteArrayInputStream(b); CertificateChain certchain = new CertificateChain(); certchain.decode(bis); - java.security.cert.X509Certificate[] certs = certchain.getChain(); + java.security.cert.X509Certificate[] certs = certchain.getChain(); return certs; } } // START ENABLE_ECC -// This following can be removed when JSS with ECC capability +// This following can be removed when JSS with ECC capability // is integrated. -class CryptoAlgorithm extends Algorithm { +class CryptoAlgorithm extends Algorithm +{ protected CryptoAlgorithm(int oidIndex, String name) { super(oidIndex, name); } } -class CryptoKeyPairAlgorithm extends KeyPairAlgorithm { - protected CryptoKeyPairAlgorithm(int oidIndex, String name, - Algorithm algFamily) { - super(oidIndex, name, algFamily); +class CryptoKeyPairAlgorithm extends KeyPairAlgorithm +{ + protected CryptoKeyPairAlgorithm(int oidIndex, String name, Algorithm algFamily) { super(oidIndex, name, algFamily); } } -class CryptoSignatureAlgorithm extends SignatureAlgorithm { +class CryptoSignatureAlgorithm extends SignatureAlgorithm +{ protected CryptoSignatureAlgorithm(int oidIndex, String name, - SignatureAlgorithm signingAlg, DigestAlgorithm digestAlg, - OBJECT_IDENTIFIER oid) { + SignatureAlgorithm signingAlg, DigestAlgorithm digestAlg, + OBJECT_IDENTIFIER oid) + { super(oidIndex, name, signingAlg, digestAlg, oid); } } diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java b/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java index 16f948fd7..e7971ea78 100644 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java +++ b/pki/base/util/src/com/netscape/cmsutil/crypto/Module.java @@ -31,34 +31,34 @@ public class Module { private Vector mTokens = null; private boolean mFound = false; - public Module(String name, String printName) { - mCommonName = name; - mUserFriendlyName = printName; - mTokens = new Vector(); + public Module (String name, String printName) { + mCommonName = name; + mUserFriendlyName = printName; + mTokens = new Vector(); } - public Module(String name, String printName, String image) { - mCommonName = name; - mUserFriendlyName = printName; - mImagePath = image; - mTokens = new Vector(); + public Module (String name, String printName, String image) { + mCommonName = name; + mUserFriendlyName = printName; + mImagePath = image; + mTokens = new Vector(); } public void addToken(CryptoToken t) { - Token token = new Token(t); - mTokens.addElement(token); + Token token = new Token(t); + mTokens.addElement(token); } public String getCommonName() { - return mCommonName; + return mCommonName; } public String getUserFriendlyName() { - return mUserFriendlyName; + return mUserFriendlyName; } public String getImagePath() { - return mImagePath; + return mImagePath; } public boolean isFound() { @@ -70,6 +70,6 @@ public class Module { } public Vector getTokens() { - return mTokens; + return mTokens; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java b/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java index c6f5a5e3c..f86e49bdc 100644 --- a/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java +++ b/pki/base/util/src/com/netscape/cmsutil/crypto/Token.java @@ -22,36 +22,36 @@ import org.mozilla.jss.crypto.CryptoToken; public class Token { CryptoToken mToken; - public Token(CryptoToken token) { - mToken = token; + public Token (CryptoToken token) { + mToken = token; } public String getNickName() { - String nickName = ""; + String nickName=""; try { - nickName = mToken.getName(); + nickName = mToken.getName(); } catch (Exception e) { } - return nickName; + return nickName; } public boolean isLoggedIn() { boolean isLoggedIn = false; try { - isLoggedIn = mToken.isLoggedIn(); + isLoggedIn = mToken.isLoggedIn(); } catch (Exception e) { } - return isLoggedIn; + return isLoggedIn; } public boolean isPresent() { boolean isPresent = false; try { - isPresent = mToken.isPresent(); + isPresent = mToken.isPresent(); } catch (Exception e) { } - return isPresent; + return isPresent; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java b/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java index ca230ca21..8922f38dd 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/ConnectAsync.java @@ -17,10 +17,12 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.net.SocketException; import com.netscape.cmsutil.net.ISocketFactory; + public class ConnectAsync extends Thread { String host = null; int port = 0; @@ -31,9 +33,9 @@ public class ConnectAsync extends Thread { this.host = host; this.port = port; this.obj = sock; - setName("ConnectAsync"); + setName("ConnectAsync"); } - + public void run() { try { obj.makeSocket(host, port); @@ -44,3 +46,4 @@ public class ConnectAsync extends Thread { } } } + diff --git a/pki/base/util/src/com/netscape/cmsutil/http/Http.java b/pki/base/util/src/com/netscape/cmsutil/http/Http.java index 2cda7fd12..acece15d1 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/Http.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/Http.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + public class Http { public static final String HttpVers = "HTTP/1.0"; diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java index 2c0134687..130d747d6 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpClient.java @@ -30,8 +30,9 @@ import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; import com.netscape.cmsutil.net.ISocketFactory; /** - * basic http client. not optimized for performance. handles only string - * content. + * basic http client. + * not optimized for performance. + * handles only string content. */ public class HttpClient { protected ISocketFactory mFactory = null; @@ -53,19 +54,18 @@ public class HttpClient { mFactory = factory; } - public HttpClient(ISocketFactory factory, - SSLCertificateApprovalCallback certApprovalCallback) { + public HttpClient(ISocketFactory factory, SSLCertificateApprovalCallback certApprovalCallback) { mFactory = factory; mCertApprovalCallback = certApprovalCallback; } - public void connect(String host, int port) throws IOException { + public void connect(String host, int port) + throws IOException { if (mFactory != null) { if (mCertApprovalCallback == null) { mSocket = mFactory.makeSocket(host, port); } else { - mSocket = mFactory.makeSocket(host, port, - mCertApprovalCallback, null); + mSocket = mFactory.makeSocket(host, port, mCertApprovalCallback, null); } } else { mSocket = new Socket(host, port); @@ -76,7 +76,7 @@ public class HttpClient { throw e; } - + mInputStream = mSocket.getInputStream(); mOutputStream = mSocket.getOutputStream(); mInputStreamReader = new InputStreamReader(mInputStream, "UTF8"); @@ -86,7 +86,8 @@ public class HttpClient { } // Inserted by beomsuk - public void connect(String host, int port, int timeout) throws IOException { + public void connect(String host, int port, int timeout) + throws IOException { if (mFactory != null) { mSocket = mFactory.makeSocket(host, port, timeout); } else { @@ -98,7 +99,7 @@ public class HttpClient { throw e; } - + mInputStream = mSocket.getInputStream(); mOutputStream = mSocket.getOutputStream(); mInputStreamReader = new InputStreamReader(mInputStream, "UTF8"); @@ -113,11 +114,14 @@ public class HttpClient { } /** - * Sends a request to http server. Returns a http response. + * Sends a request to http server. + * Returns a http response. */ - public HttpResponse send(HttpRequest request) throws IOException { + public HttpResponse send(HttpRequest request) + throws IOException { HttpResponse resp = new HttpResponse(); + if (mOutputStream == null) throw new IOException("Output stream not initialized"); request.write(mOutputStreamWriter); @@ -132,7 +136,8 @@ public class HttpClient { return resp; } - public void disconnect() throws IOException { + public void disconnect() + throws IOException { mSocket.close(); mInputStream = null; mOutputStream = null; @@ -166,7 +171,8 @@ public class HttpClient { /** * unit test */ - public static void main(String args[]) throws Exception { + public static void main(String args[]) + throws Exception { HttpClient c = new HttpClient(); HttpRequest req = new HttpRequest(); HttpResponse resp = null; @@ -176,7 +182,7 @@ public class HttpClient { req.setMethod("GET"); req.setURI(args[2]); - if (args.length >= 4) + if (args.length >= 4) req.setHeader("Connection", args[3]); resp = c.send(req); @@ -185,30 +191,29 @@ public class HttpClient { System.out.println("reason " + resp.getReasonPhrase()); System.out.println("content " + resp.getContent()); - // String lenstr = resp.getHeader("Content-Length"); - // System.out.println("content len is "+lenstr); - // int length = Integer.parseInt(lenstr); - // char[] content = new char[length]; - // c.mBufferedReader.read(content, 0, content.length); - // System.out.println(content); + //String lenstr = resp.getHeader("Content-Length"); + //System.out.println("content len is "+lenstr); + //int length = Integer.parseInt(lenstr); + //char[] content = new char[length]; + //c.mBufferedReader.read(content, 0, content.length); + //System.out.println(content); if (args.length >= 4 && args[3].equalsIgnoreCase("keep-alive")) { int len; char[] msgbody; for (int i = 0; i < 2; i++) { - if (i == 1) - req.setHeader("Connection", "Close"); + if (i == 1) req.setHeader("Connection", "Close"); resp = c.send(req); System.out.println("version " + resp.getHttpVers()); System.out.println("status code " + resp.getStatusCode()); System.out.println("reason " + resp.getReasonPhrase()); System.out.println("content " + resp.getContent()); - // len = Integer.parseInt(resp.getHeader("Content-Length")); - // System.out.println("content len is "+len); - // msgbody = new char[len]; - // c.mBufferedReader.read(msgbody, 0, len); - // System.out.println(content); + //len = Integer.parseInt(resp.getHeader("Content-Length")); + //System.out.println("content len is "+len); + //msgbody = new char[len]; + //c.mBufferedReader.read(msgbody, 0, len); + //System.out.println(content); } } } diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java index 824b9ea2a..e5573612e 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpEofException.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.IOException; + public class HttpEofException extends IOException { /** * diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java index b0a0f0df7..93eeef68c 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpMessage.java @@ -17,18 +17,21 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.BufferedReader; import java.io.IOException; import java.io.OutputStreamWriter; import java.util.Enumeration; import java.util.Hashtable; + /** - * Basic HTTP Message, excluding message body. Not optimized for performance. + * Basic HTTP Message, excluding message body. + * Not optimized for performance. * Set fields or parse from input. */ public class HttpMessage { - protected String mLine = null; // request or response line. + protected String mLine = null; // request or response line. protected Hashtable mHeaders = null; protected String mContent = null; // arbitrary content chars assumed. @@ -39,14 +42,14 @@ public class HttpMessage { mHeaders = new Hashtable(); } - /** + /** * Set a header field.
* Content-length is automatically set on write.
- * If value spans multiple lines must be in proper http format for multiple - * lines. + * If value spans multiple lines must be in proper http format for + * multiple lines. */ public void setHeader(String name, String value) { - if (mHeaders == null) + if (mHeaders == null) mHeaders = new Hashtable(); mHeaders.put(name.toLowerCase(), value); } @@ -59,9 +62,11 @@ public class HttpMessage { } /** - * write http headers does not support values of more than one line + * write http headers + * does not support values of more than one line */ - public void writeHeaders(OutputStreamWriter writer) throws IOException { + public void writeHeaders(OutputStreamWriter writer) + throws IOException { if (mHeaders != null) { Enumeration keys = mHeaders.keys(); String header, value; @@ -76,10 +81,11 @@ public class HttpMessage { } /** - * read http headers. does not support values of more than one line or - * multivalue headers. + * read http headers. + * does not support values of more than one line or multivalue headers. */ - public void readHeaders(BufferedReader reader) throws IOException { + public void readHeaders(BufferedReader reader) + throws IOException { mHeaders = new Hashtable(); int colon; @@ -87,7 +93,7 @@ public class HttpMessage { while (true) { line = reader.readLine(); - if (line == null || line.equals("")) + if (line == null || line.equals("")) break; colon = line.indexOf(':'); if (colon == -1) { @@ -100,7 +106,8 @@ public class HttpMessage { } } - public void write(OutputStreamWriter writer) throws IOException { + public void write(OutputStreamWriter writer) + throws IOException { writer.write(mLine + Http.CRLF); writeHeaders(writer); writer.flush(); @@ -110,12 +117,13 @@ public class HttpMessage { writer.flush(); } - public void parse(BufferedReader reader) throws IOException { + public void parse(BufferedReader reader) + throws IOException { String line = reader.readLine(); - // if (line == null) { - // throw new HttpEofException("End of stream reached"); - // } +// if (line == null) { + // throw new HttpEofException("End of stream reached"); + // } if (line.equals("")) { throw new HttpProtocolException("Bad Http req/resp line " + line); } @@ -135,7 +143,7 @@ public class HttpMessage { done = reader.read(cbuf, total, len - total); total += done; } - + mContent = new String(cbuf); } } diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java index b5ceb1d7f..6b2fc75fe 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpProtocolException.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.IOException; + public class HttpProtocolException extends IOException { /** * diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java index 0c3333afb..76232a2dc 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpRequest.java @@ -17,13 +17,16 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.BufferedReader; import java.io.IOException; import java.io.OutputStreamWriter; + /** - * Basic HTTP Request. not optimized for performance. Set fields or parse from - * input. Handles text content. + * Basic HTTP Request. not optimized for performance. + * Set fields or parse from input. + * Handles text content. */ public class HttpRequest extends HttpMessage { public static final String GET = "GET"; @@ -44,8 +47,10 @@ public class HttpRequest extends HttpMessage { /** * set set request method. */ - public void setMethod(String method) throws HttpProtocolException { - if (!method.equals(GET) && !method.equals(HEAD) && !method.equals(POST)) + public void setMethod(String method) + throws HttpProtocolException { + if (!method.equals(GET) && !method.equals(HEAD) && + !method.equals(POST)) throw new HttpProtocolException("No such method " + method); mMethod = method; } @@ -60,12 +65,13 @@ public class HttpRequest extends HttpMessage { /** * write request to the http client */ - public void write(OutputStreamWriter writer) throws IOException { + public void write(OutputStreamWriter writer) + throws IOException { if (mMethod == null || mURI == null) { HttpProtocolException e = new HttpProtocolException( "Http request method or uri not initialized"); - // e.printStackTrace(); + //e.printStackTrace(); throw e; } @@ -76,17 +82,18 @@ public class HttpRequest extends HttpMessage { /** * parse a http request from a http client */ - public void parse(BufferedReader reader) throws IOException { + public void parse(BufferedReader reader) + throws IOException { super.parse(reader); int method = mLine.indexOf(Http.SP); mMethod = mLine.substring(0, method); - if (!mMethod.equals(GET) && !mMethod.equals(POST) - && !mMethod.equals(HEAD)) { + if (!mMethod.equals(GET) && !mMethod.equals(POST) && + !mMethod.equals(HEAD)) { reset(); throw new HttpProtocolException("Bad Http request method"); - } + } int uri = mLine.lastIndexOf(Http.SP); @@ -94,8 +101,8 @@ public class HttpRequest extends HttpMessage { mHttpVers = mLine.substring(uri + 1); if (!mHttpVers.equals("")) { - if (!mHttpVers.equals(Http.Vers1_0) - && !mHttpVers.equals(Http.Vers1_1)) { + if (!mHttpVers.equals(Http.Vers1_0) && + !mHttpVers.equals(Http.Vers1_1)) { reset(); throw new HttpProtocolException("Bad Http version in request"); } diff --git a/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java b/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java index bf425ddf8..09d8e562d 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/HttpResponse.java @@ -17,13 +17,16 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.BufferedReader; import java.io.IOException; import java.io.OutputStreamWriter; + /** - * Basic HTTP Response. Set fields or parse from input. Handles only text - * content. + * Basic HTTP Response. + * Set fields or parse from input. + * Handles only text content. */ public class HttpResponse extends HttpMessage { protected String mStatusCode = null; @@ -68,11 +71,12 @@ public class HttpResponse extends HttpMessage { /** * write the response out to the http client */ - public void write(OutputStreamWriter writer) throws IOException { + public void write(OutputStreamWriter writer) + throws IOException { if (mStatusCode == null) { throw new HttpProtocolException("status code not set in response"); } - // write status-line + // write status-line mLine = Http.HttpVers + " " + mStatusCode + " "; if (mReasonPhrase != null) mLine += mReasonPhrase; @@ -83,7 +87,8 @@ public class HttpResponse extends HttpMessage { /** * parse a http response from a http server */ - public void parse(BufferedReader reader) throws IOException { + public void parse(BufferedReader reader) + throws IOException { mHttpVers = null; mStatusCode = null; mReasonPhrase = null; @@ -97,7 +102,8 @@ public class HttpResponse extends HttpMessage { throw new HttpProtocolException("no Http version in response"); } mHttpVers = mLine.substring(0, httpvers); - if (!mHttpVers.equals(Http.Vers1_0) && !mHttpVers.equals(Http.Vers1_1)) { + if (!mHttpVers.equals(Http.Vers1_0) && + !mHttpVers.equals(Http.Vers1_1)) { reset(); throw new HttpProtocolException("Bad Http version in response"); } diff --git a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java b/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java index 45dc9d288..501886b54 100644 --- a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java +++ b/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.http; + import java.io.IOException; import java.net.Socket; import java.net.SocketException; @@ -34,12 +35,12 @@ import com.netscape.cmsutil.net.ISocketFactory; /** * Uses NSS ssl socket. - * + * * @version $Revision$ $Date$ */ public class JssSSLSocketFactory implements ISocketFactory { private String mClientAuthCertNickname = null; - private SSLSocket s = null; + private SSLSocket s = null; public JssSSLSocketFactory() { } @@ -61,62 +62,66 @@ public class JssSSLSocketFactory implements ISocketFactory { SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA, SSLSocket.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - // SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - // SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - // SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + //SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, + //SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + //SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSLSocket.TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSLSocket.TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 0 }; - + SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + 0 + }; + static { int i; - for (i = SSLSocket.SSL2_RC4_128_WITH_MD5; i <= SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5; ++i) { + for (i = SSLSocket.SSL2_RC4_128_WITH_MD5; + i <= SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5; ++i) { try { SSLSocket.setCipherPreferenceDefault(i, false); - } catch (SocketException e) { + } catch( SocketException e) { } } - // skip SSL_EN_IDEA_128_EDE3_CBC_WITH_MD5 - for (i = SSLSocket.SSL2_DES_64_CBC_WITH_MD5; i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) { + //skip SSL_EN_IDEA_128_EDE3_CBC_WITH_MD5 + for (i = SSLSocket.SSL2_DES_64_CBC_WITH_MD5; + i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) { try { SSLSocket.setCipherPreferenceDefault(i, false); - } catch (SocketException e) { + } catch( SocketException e) { } } for (i = 0; cipherSuites[i] != 0; ++i) { try { SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true); - } catch (SocketException e) { + } catch( SocketException e) { } } } - public Socket makeSocket(String host, int port) throws IOException, - UnknownHostException { + public Socket makeSocket(String host, int port) + throws IOException, UnknownHostException { return makeSocket(host, port, null, null); } - public Socket makeSocket(String host, int port, - SSLCertificateApprovalCallback certApprovalCallback, - SSLClientCertificateSelectionCallback clientCertCallback) - throws IOException, UnknownHostException { + public Socket makeSocket(String host, int port, + SSLCertificateApprovalCallback certApprovalCallback, + SSLClientCertificateSelectionCallback clientCertCallback) + throws IOException, UnknownHostException { try { s = new SSLSocket(host, port, null, 0, certApprovalCallback, - clientCertCallback); + clientCertCallback); for (int i = 0; cipherSuites[i] != 0; ++i) { try { SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true); - } catch (SocketException e) { + } catch( SocketException e) { } } s.setUseClientMode(true); s.enableSSL2(false); - // TODO Do we rally want to set the default each time? + //TODO Do we rally want to set the default each time? SSLSocket.enableSSL2Default(false); s.enableV2CompatibleHello(false); @@ -130,8 +135,7 @@ public class JssSSLSocketFactory implements ISocketFactory { // report error if the nickName is invalid. // So we check this ourself using // findCertByNickname - X509Certificate cert = CryptoManager.getInstance() - .findCertByNickname(mClientAuthCertNickname); + X509Certificate cert = CryptoManager.getInstance().findCertByNickname(mClientAuthCertNickname); s.setClientCertNickname(mClientAuthCertNickname); } @@ -150,8 +154,8 @@ public class JssSSLSocketFactory implements ISocketFactory { return s; } - public Socket makeSocket(String host, int port, int timeout) - throws IOException, UnknownHostException { + public Socket makeSocket(String host, int port, int timeout) + throws IOException, UnknownHostException { Thread t = new ConnectAsync(this, host, port); t.start(); @@ -159,7 +163,7 @@ public class JssSSLSocketFactory implements ISocketFactory { t.join(1000 * timeout); } catch (InterruptedException e) { } - + if (t.isAlive()) { } @@ -175,8 +179,9 @@ public class JssSSLSocketFactory implements ISocketFactory { public ClientHandshakeCB(Object sc) { this.sc = sc; } - + public void handshakeCompleted(SSLHandshakeCompletedEvent event) { } } } + diff --git a/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java b/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java index f19b2ab26..eaae00074 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java +++ b/pki/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java @@ -32,8 +32,7 @@ import netscape.ldap.util.LDIFModifyContent; import netscape.ldap.util.LDIFRecord; public class LDAPUtil { - public static void importLDIF(LDAPConnection conn, String filename) - throws IOException { + public static void importLDIF(LDAPConnection conn, String filename) throws IOException { LDIF ldif = new LDIF(filename); while (true) { try { @@ -45,18 +44,18 @@ public class LDAPUtil { LDIFContent content = record.getContent(); int type = content.getType(); if (type == LDIFContent.ATTRIBUTE_CONTENT) { - LDIFAttributeContent c = (LDIFAttributeContent) content; + LDIFAttributeContent c = (LDIFAttributeContent)content; LDAPAttribute[] attrs = c.getAttributes(); LDAPAttributeSet myAttrs = new LDAPAttributeSet(); - for (int i = 0; i < attrs.length; i++) + for (int i=0; i * BasicOCSPResponse ::= SEQUENCE { * tbsResponseData ResponseData, @@ -43,10 +43,11 @@ import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; * signature BIT STRING, * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } * - * + * * @version $Revision$ $Date$ */ -public class BasicOCSPResponse implements Response { +public class BasicOCSPResponse implements Response +{ private byte mData[] = null; private ResponseData _rd = null; private AlgorithmIdentifier _signAlg = null; @@ -54,43 +55,47 @@ public class BasicOCSPResponse implements Response { private Certificate _certs[] = null; public BasicOCSPResponse(ResponseData rd, AlgorithmIdentifier signAlg, - BIT_STRING signature, Certificate certs[]) { + BIT_STRING signature, Certificate certs[]) + { _rd = rd; _signAlg = signAlg; _signature = signature; _certs = certs; } - public BasicOCSPResponse(OCTET_STRING os) { + public BasicOCSPResponse(OCTET_STRING os) + { this(os.toByteArray()); } - public BasicOCSPResponse(byte data[]) { + public BasicOCSPResponse(byte data[]) + { mData = data; // extract _rd, _signAlg, _signature and _certs try { - BasicOCSPResponse resp = (BasicOCSPResponse) getTemplate().decode( - new ByteArrayInputStream(data)); + BasicOCSPResponse resp = (BasicOCSPResponse) getTemplate().decode(new ByteArrayInputStream(data)); _rd = resp.getResponseData(); _signAlg = resp.getSignatureAlgorithm(); _signature = resp.getSignature(); _certs = resp.getCerts(); - } catch (Exception e) { + } catch (Exception e) { // exception in decoding byte data - } + } } private static final Tag TAG = SEQUENCE.TAG; - public Tag getTag() { + public Tag getTag() + { return TAG; } - public void encode(Tag t, OutputStream os) throws IOException { - if (mData != null) { - os.write(mData); - } else { + public void encode(Tag t, OutputStream os) throws IOException + { + if (mData != null) { + os.write(mData); + } else { SEQUENCE seq = new SEQUENCE(); seq.addElement(_rd); seq.addElement(_signAlg); @@ -100,42 +105,50 @@ public class BasicOCSPResponse implements Response { for (Certificate c : _certs) { certsSeq.addElement(c); } - EXPLICIT certsExplicit = new EXPLICIT(new Tag(0), certsSeq); + EXPLICIT certsExplicit = new EXPLICIT(new Tag(0),certsSeq); seq.addElement(certsExplicit); } - seq.encode(t, os); - } + seq.encode(t,os); + } } - public void encode(OutputStream os) throws IOException { + public void encode(OutputStream os) throws IOException + { encode(TAG, os); } - public OCTET_STRING getBytes() { + public OCTET_STRING getBytes() + { return null; } - public ResponseData getResponseData() { + public ResponseData getResponseData() + { return _rd; } - public AlgorithmIdentifier getSignatureAlgorithm() { + public AlgorithmIdentifier getSignatureAlgorithm() + { return _signAlg; } - public BIT_STRING getSignature() { + public BIT_STRING getSignature() + { return _signature; } - public int getCertsCount() { + public int getCertsCount() + { return (_certs != null) ? _certs.length : 0; } - public Certificate[] getCerts() { - return _certs; + public Certificate[] getCerts() + { + return _certs; } - public Certificate getCertificateAt(int pos) { + public Certificate getCertificateAt(int pos) + { return (_certs != null) ? _certs[pos] : null; } @@ -148,48 +161,54 @@ public class BasicOCSPResponse implements Response { /** * A Template for decoding ResponseBytes. */ - public static class Template implements ASN1Template { + public static class Template implements ASN1Template + { private SEQUENCE.Template seqt; - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(ResponseData.getTemplate()); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(BIT_STRING.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new SEQUENCE.OF_Template(Certificate.getTemplate()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - ResponseData rd = (ResponseData) seq.elementAt(0); - AlgorithmIdentifier alg = (AlgorithmIdentifier) seq.elementAt(1); - BIT_STRING bs = (BIT_STRING) seq.elementAt(2); - Certificate[] certs = null; - if (seq.size() == 4) { - // optional certificates are present - EXPLICIT certSeqExplicit = (EXPLICIT) seq.elementAt(3); - SEQUENCE certSeq = (SEQUENCE) certSeqExplicit.getContent(); - if (certSeq != null) { - certs = new Certificate[certSeq.size()]; - for (int x = 0; x < certSeq.size(); x++) { - certs[x] = (Certificate) certSeq.elementAt(x); - } - } - } - - return new BasicOCSPResponse(rd, alg, bs, certs); - } + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( ResponseData.getTemplate() ); + seqt.addElement( AlgorithmIdentifier.getTemplate() ); + seqt.addElement( BIT_STRING.getTemplate() ); + seqt.addOptionalElement( new EXPLICIT.Template( + new Tag(0), new SEQUENCE.OF_Template( + Certificate.getTemplate())) ); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + + ResponseData rd = (ResponseData)seq.elementAt(0); + AlgorithmIdentifier alg = (AlgorithmIdentifier)seq.elementAt(1); + BIT_STRING bs = (BIT_STRING)seq.elementAt(2); + Certificate[] certs = null; + if (seq.size() == 4) { + // optional certificates are present + EXPLICIT certSeqExplicit = (EXPLICIT) seq.elementAt(3); + SEQUENCE certSeq = (SEQUENCE) certSeqExplicit.getContent(); + if (certSeq != null) { + certs = new Certificate[certSeq.size()]; + for (int x = 0; x < certSeq.size(); x++) { + certs[x] = (Certificate) certSeq.elementAt(x); + } + } + } + + return new BasicOCSPResponse(rd, alg, bs, certs); + } } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java index 816cc81c1..29fbc4e87 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertID.java @@ -32,7 +32,7 @@ import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; /** * RFC 2560: - * + * * 
  * CertID          ::=     SEQUENCE {
  *     hashAlgorithm       AlgorithmIdentifier,
@@ -40,116 +40,131 @@ import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier;
  *     issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
  *     serialNumber        CertificateSerialNumber }
  *
- * + * * @version $Revision$ $Date$ */ -public class CertID implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - private AlgorithmIdentifier hashAlgorithm; - private OCTET_STRING issuerNameHash; - private OCTET_STRING issuerKeyHash; - private INTEGER serialNumber; - private SEQUENCE sequence; - - public AlgorithmIdentifier getHashAlgorithm() { - return hashAlgorithm; - } - - public OCTET_STRING getIssuerNameHash() { - return issuerNameHash; - } - - public OCTET_STRING getIssuerKeyHash() { - return issuerKeyHash; - } - - public INTEGER getSerialNumber() { - return serialNumber; - } - - // ///////////////////////////////////////////////////////////////////// - // Constructors - // ///////////////////////////////////////////////////////////////////// - private CertID() { - } - - public CertID(AlgorithmIdentifier hashAlgorithm, - OCTET_STRING issuerNameHash, OCTET_STRING issuerKeyHash, - INTEGER serialNumber) { - sequence = new SEQUENCE(); - - this.hashAlgorithm = hashAlgorithm; - sequence.addElement(hashAlgorithm); - - this.issuerNameHash = issuerNameHash; - sequence.addElement(issuerNameHash); - - this.issuerKeyHash = issuerKeyHash; - sequence.addElement(issuerKeyHash); - - this.serialNumber = serialNumber; - sequence.addElement(serialNumber); - } - - // ///////////////////////////////////////////////////////////////////// - // encoding/decoding - // ///////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding a CertID. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - seqt.addElement(INTEGER.getTemplate()); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - return new CertID((AlgorithmIdentifier) seq.elementAt(0), - (OCTET_STRING) seq.elementAt(1), - (OCTET_STRING) seq.elementAt(2), (INTEGER) seq.elementAt(3)); - } - } +public class CertID implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + private AlgorithmIdentifier hashAlgorithm; + private OCTET_STRING issuerNameHash; + private OCTET_STRING issuerKeyHash; + private INTEGER serialNumber; + private SEQUENCE sequence; + + public AlgorithmIdentifier getHashAlgorithm() + { + return hashAlgorithm; + } + + public OCTET_STRING getIssuerNameHash() + { + return issuerNameHash; + } + + public OCTET_STRING getIssuerKeyHash() + { + return issuerKeyHash; + } + + public INTEGER getSerialNumber() + { + return serialNumber; + } + + /////////////////////////////////////////////////////////////////////// + // Constructors + /////////////////////////////////////////////////////////////////////// + private CertID() { } + + public CertID(AlgorithmIdentifier hashAlgorithm, + OCTET_STRING issuerNameHash, OCTET_STRING issuerKeyHash, + INTEGER serialNumber) + { + sequence = new SEQUENCE(); + + this.hashAlgorithm = hashAlgorithm; + sequence.addElement(hashAlgorithm); + + this.issuerNameHash = issuerNameHash; + sequence.addElement(issuerNameHash); + + this.issuerKeyHash = issuerKeyHash; + sequence.addElement(issuerKeyHash); + + this.serialNumber = serialNumber; + sequence.addElement(serialNumber); + } + + /////////////////////////////////////////////////////////////////////// + // encoding/decoding + /////////////////////////////////////////////////////////////////////// + + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; + } + + /** + * A Template for decoding a CertID. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( AlgorithmIdentifier.getTemplate() ); + seqt.addElement( OCTET_STRING.getTemplate() ); + seqt.addElement( OCTET_STRING.getTemplate() ); + seqt.addElement( INTEGER.getTemplate() ); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + + return new CertID( + (AlgorithmIdentifier) seq.elementAt(0), + (OCTET_STRING) seq.elementAt(1), + (OCTET_STRING) seq.elementAt(2), + (INTEGER) seq.elementAt(3)); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java index a90eb215f..c6fe4b510 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/CertStatus.java @@ -21,15 +21,16 @@ import org.mozilla.jss.asn1.ASN1Value; /** * RFC 2560: - * + * * 
  * CertStatus ::= CHOICE {
  *  good                [0]     IMPLICIT NULL,
  *  revoked             [1]     IMPLICIT RevokedInfo,
  *  unknown             [2]     IMPLICIT UnknownInfo }
  *
- * + * * @version $Revision$ $Date$ */ -public interface CertStatus extends ASN1Value { +public interface CertStatus extends ASN1Value +{ } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java index fe777214f..c0b5015d0 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/GoodInfo.java @@ -30,69 +30,79 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * CertStatus ::= CHOICE {
  *  good                [0]     IMPLICIT NULL,
  *  revoked             [1]     IMPLICIT RevokedInfo,
  *  unknown             [2]     IMPLICIT UnknownInfo }
  *
- * + * * @version $Revision$ $Date$ */ -public class GoodInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; +public class GoodInfo implements CertStatus +{ + private static final Tag TAG = SEQUENCE.TAG; - public GoodInfo() { - } + public GoodInfo() + { + } - public Tag getTag() { - return Tag.get(0); - } + public Tag getTag() + { + return Tag.get(0); + } - public void encode(Tag t, OutputStream os) throws IOException { - NULL.getInstance().encode(getTag(), os); - } + public void encode(Tag t, OutputStream os) throws IOException + { + NULL.getInstance().encode(getTag(), os); + } - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } + public void encode(OutputStream os) throws IOException + { + encode(getTag(), os); + } - private static final Template templateInstance = new Template(); + private static final Template templateInstance = new Template(); - public static Template getTemplate() { - return templateInstance; - } + public static Template getTemplate() { + return templateInstance; + } - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { - private SEQUENCE.Template seqt; + private SEQUENCE.Template seqt; - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new NULL.Template()); + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement(new NULL.Template() ); - } + } - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - // istream); + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + // istream); - return new GoodInfo(); + return new GoodInfo(); + } } - } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java index 4e2454b3d..96a3e44fa 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/KeyHashID.java @@ -30,75 +30,87 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * ResponderID ::= CHOICE {
  *    byName               [1] EXPLICIT Name,
  *    byKey                [2] EXPLICIT KeyHash }
  *
- * + * * @version $Revision$ $Date$ */ -public class KeyHashID implements ResponderID { - private OCTET_STRING _hash = null; - private static final Tag TAG = SEQUENCE.TAG; - - public KeyHashID(OCTET_STRING hash) { - _hash = hash; - } - - public Tag getTag() { - return Tag.get(2); - } - - public void encode(Tag tag, OutputStream os) throws IOException { - _hash.encode(os); - } - - public void encode(OutputStream os) throws IOException { - _hash.encode(os); - } - - public OCTET_STRING getHash() { - return _hash; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - // seqt.addElement(new EXPLICIT.Template( - // new Tag (2), new OCTET_STRING.Template()) ); - seqt.addElement(new OCTET_STRING.Template()); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); +public class KeyHashID implements ResponderID +{ + private OCTET_STRING _hash = null; + private static final Tag TAG = SEQUENCE.TAG; + + public KeyHashID(OCTET_STRING hash) + { + _hash = hash; + } + + public Tag getTag() + { + return Tag.get(2); + } + + public void encode(Tag tag, OutputStream os) throws IOException + { + _hash.encode(os); + } + + public void encode(OutputStream os) throws IOException + { + _hash.encode(os); + } + + public OCTET_STRING getHash() + { + return _hash; + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; } - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - OCTET_STRING o = (OCTET_STRING) seq.elementAt(0); - return new KeyHashID(o); - } - } + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); +// seqt.addElement(new EXPLICIT.Template( + // new Tag (2), new OCTET_STRING.Template()) ); + seqt.addElement(new OCTET_STRING.Template() ); + + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + istream); + + OCTET_STRING o = (OCTET_STRING)seq.elementAt(0); + return new KeyHashID(o); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java index 016c058d7..aa6ef1b55 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/NameID.java @@ -30,76 +30,88 @@ import org.mozilla.jss.pkix.primitive.Name; /** * RFC 2560: - * + * * 
  * ResponderID ::= CHOICE {
  *    byName               [1] EXPLICIT Name,
  *    byKey                [2] EXPLICIT KeyHash }
  *
- * + * * @version $Revision$ $Date$ */ -public class NameID implements ResponderID { - private Name _name = null; - private static final Tag TAG = SEQUENCE.TAG; - - public NameID(Name n) { - _name = n; - } - - public Tag getTag() { - return Tag.get(1); - } - - public void encode(Tag tag, OutputStream os) throws IOException { - _name.encode(os); - } - - public void encode(OutputStream os) throws IOException { - _name.encode(os); - } - - public Name getName() { - return _name; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - // seqt.addElement(new EXPLICIT.Template( - // new Tag (1), new Name.Template()) ); - seqt.addElement(new Name.Template()); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); +public class NameID implements ResponderID +{ + private Name _name = null; + private static final Tag TAG = SEQUENCE.TAG; + + public NameID(Name n) + { + _name = n; + } + + public Tag getTag() + { + return Tag.get(1); + } + + public void encode(Tag tag, OutputStream os) throws IOException + { + _name.encode(os); + } + + public void encode(OutputStream os) throws IOException + { + _name.encode(os); + } + + public Name getName() + { + return _name; + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; } - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - // EXPLICIT e_name = (EXPLICIT) seq.elementAt(0); - Name name = (Name) seq.elementAt(0); - return new NameID(name); - } - } + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + // seqt.addElement(new EXPLICIT.Template( + // new Tag (1), new Name.Template()) ); + seqt.addElement(new Name.Template()); + + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + istream); + + // EXPLICIT e_name = (EXPLICIT) seq.elementAt(0); + Name name = (Name)seq.elementAt(0); + return new NameID(name); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java index 5476f322d..98f50e7ef 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPRequest.java @@ -30,119 +30,129 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * OCSPRequest     ::=     SEQUENCE {
  *  tbsRequest                  TBSRequest,
  *  optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class OCSPRequest implements ASN1Value { - - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - private TBSRequest tbsRequest; - private Signature optionalSignature; - private SEQUENCE sequence; - - /** - * Returns the TBSRequest field. - */ - public TBSRequest getTBSRequest() { - return tbsRequest; - } - - /** - * Returns the Signature field. - */ - public Signature getSignature() { - return optionalSignature; - } - - // ///////////////////////////////////////////////////////////////////// - // Constructors - // ///////////////////////////////////////////////////////////////////// - private OCSPRequest() { - } - - /* - * THIS code is probably broken. It does not properly encode the explicit - * element - */ - - public OCSPRequest(TBSRequest tbsRequest, Signature optionalSignature) { - sequence = new SEQUENCE(); - - this.tbsRequest = tbsRequest; - sequence.addElement(tbsRequest); - - this.optionalSignature = optionalSignature; - if (optionalSignature != null) { - sequence.addElement(optionalSignature); - } - } - - // ///////////////////////////////////////////////////////////////////// - // encoding/decoding - // ///////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding OCSPRequest. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(TBSRequest.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new Signature.Template())); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(istream); - Signature signature = null; - if (seq.elementAt(1) != null) { - signature = (Signature) ((EXPLICIT) seq.elementAt(1)) - .getContent(); - } - - return new OCSPRequest((TBSRequest) seq.elementAt(0), signature); - } - } +public class OCSPRequest implements ASN1Value +{ + + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + private TBSRequest tbsRequest; + private Signature optionalSignature; + private SEQUENCE sequence; + + /** + * Returns the TBSRequest field. + */ + public TBSRequest getTBSRequest() + { + return tbsRequest; + } + + /** + * Returns the Signature field. + */ + public Signature getSignature() + { + return optionalSignature; + } + + /////////////////////////////////////////////////////////////////////// + // Constructors + /////////////////////////////////////////////////////////////////////// + private OCSPRequest() { } + + /* THIS code is probably broken. It does not properly encode the explicit element */ + + public OCSPRequest(TBSRequest tbsRequest, Signature optionalSignature) + { + sequence = new SEQUENCE(); + + this.tbsRequest = tbsRequest; + sequence.addElement(tbsRequest); + + this.optionalSignature = optionalSignature; + if (optionalSignature != null) { + sequence.addElement(optionalSignature); + } + } + + /////////////////////////////////////////////////////////////////////// + // encoding/decoding + /////////////////////////////////////////////////////////////////////// + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() + { + return templateInstance; + } + + /** + * A Template for decoding OCSPRequest. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement(TBSRequest.getTemplate()); + seqt.addOptionalElement( new EXPLICIT.Template( new Tag(0), + new Signature.Template()) ); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(istream); + Signature signature = null; + if (seq.elementAt(1) != null) { + signature = (Signature)((EXPLICIT)seq.elementAt(1)).getContent(); + } + + return new OCSPRequest( + (TBSRequest) seq.elementAt(0), + signature); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java index eaa30268b..67f6242c5 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponse.java @@ -30,111 +30,123 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * OCSPResponse ::= SEQUENCE {
  *    responseStatus         OCSPResponseStatus,
  *    responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class OCSPResponse implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - private OCSPResponseStatus responseStatus = null; - private ResponseBytes responseBytes = null; - private SEQUENCE sequence; - - public OCSPResponseStatus getResponseStatus() { - return responseStatus; - } - - public ResponseBytes getResponseBytes() { - return responseBytes; - } - - // ///////////////////////////////////////////////////////////////////// - // Constructors - // ///////////////////////////////////////////////////////////////////// - private OCSPResponse() { - } - - public OCSPResponse(OCSPResponseStatus responseStatus, - ResponseBytes responseBytes) { - sequence = new SEQUENCE(); - - this.responseStatus = responseStatus; - sequence.addElement(responseStatus); - - this.responseBytes = responseBytes; - sequence.addElement(new EXPLICIT(Tag.get(0), responseBytes)); - } - - // ///////////////////////////////////////////////////////////////////// - // encoding/decoding - // ///////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding an OCSPResponse. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(OCSPResponseStatus.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new ResponseBytes.Template())); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - OCSPResponseStatus rs = (OCSPResponseStatus) seq.elementAt(0); - ResponseBytes rb = null; - ASN1Value val = seq.elementAt(1); - if (val instanceof EXPLICIT) { - EXPLICIT exp = (EXPLICIT) val; - rb = (ResponseBytes) exp.getContent(); - } else { - rb = (ResponseBytes) val; - } - return new OCSPResponse(rs, rb); - } - } +public class OCSPResponse implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + private OCSPResponseStatus responseStatus = null; + private ResponseBytes responseBytes = null; + private SEQUENCE sequence; + + public OCSPResponseStatus getResponseStatus() + { + return responseStatus; + } + + public ResponseBytes getResponseBytes() + { + return responseBytes; + } + + /////////////////////////////////////////////////////////////////////// + // Constructors + /////////////////////////////////////////////////////////////////////// + private OCSPResponse() { } + + public OCSPResponse(OCSPResponseStatus responseStatus, + ResponseBytes responseBytes) + { + sequence = new SEQUENCE(); + + this.responseStatus = responseStatus; + sequence.addElement(responseStatus); + + this.responseBytes = responseBytes; + sequence.addElement(new EXPLICIT(Tag.get(0), responseBytes)); + } + + /////////////////////////////////////////////////////////////////////// + // encoding/decoding + /////////////////////////////////////////////////////////////////////// + + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; + } + + /** + * A Template for decoding an OCSPResponse. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( OCSPResponseStatus.getTemplate() ); + seqt.addOptionalElement( + new EXPLICIT.Template( + new Tag (0), new ResponseBytes.Template()) ); + + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + + OCSPResponseStatus rs = (OCSPResponseStatus) seq.elementAt(0); + ResponseBytes rb = null; + ASN1Value val = seq.elementAt(1); + if (val instanceof EXPLICIT) { + EXPLICIT exp = (EXPLICIT)val; + rb = (ResponseBytes)exp.getContent(); + } else { + rb = (ResponseBytes)val; + } + return new OCSPResponse(rs, rb); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java index c5fc3386a..ee2b62020 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/OCSPResponseStatus.java @@ -29,7 +29,7 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * OCSPResponseStatus ::= ENUMERATED {
  *     successful            (0),  --Response has valid confirmations
@@ -41,85 +41,95 @@ import org.mozilla.jss.asn1.Tag;
  *     unauthorized          (6)   --Request unauthorized
  * }
  *
- * + * * @version $Revision$ $Date$ */ -public class OCSPResponseStatus implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - public final static OCSPResponseStatus SUCCESSFUL = new OCSPResponseStatus( - 0); - public final static OCSPResponseStatus MALFORMED_REQUEST = new OCSPResponseStatus( - 1); - public final static OCSPResponseStatus INTERNAL_ERROR = new OCSPResponseStatus( - 2); - public final static OCSPResponseStatus TRY_LATER = new OCSPResponseStatus(3); - public final static OCSPResponseStatus SIG_REQUIRED = new OCSPResponseStatus( - 5); - public final static OCSPResponseStatus UNAUTHORIZED = new OCSPResponseStatus( - 6); - - private ENUMERATED responseStatus; - - public long getValue() { - return responseStatus.getValue(); - } - - // ///////////////////////////////////////////////////////////////////// - // Constructors - // ///////////////////////////////////////////////////////////////////// - private OCSPResponseStatus() { - } - - public OCSPResponseStatus(long val) { - responseStatus = new ENUMERATED(val); - } - - // ///////////////////////////////////////////////////////////////////// - // encoding/decoding - // ///////////////////////////////////////////////////////////////////// - - private static final Tag TAG = ENUMERATED.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - responseStatus.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding an OCSPResponseStatus. - */ - public static class Template implements ASN1Template { - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - ENUMERATED.Template enumt = new ENUMERATED.Template(); - ENUMERATED enum1 = (ENUMERATED) enumt.decode(implicitTag, istream); - - return new OCSPResponseStatus(enum1.getValue()); - } - } +public class OCSPResponseStatus implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + public final static OCSPResponseStatus SUCCESSFUL = + new OCSPResponseStatus(0); + public final static OCSPResponseStatus MALFORMED_REQUEST = + new OCSPResponseStatus(1); + public final static OCSPResponseStatus INTERNAL_ERROR = + new OCSPResponseStatus(2); + public final static OCSPResponseStatus TRY_LATER = + new OCSPResponseStatus(3); + public final static OCSPResponseStatus SIG_REQUIRED = + new OCSPResponseStatus(5); + public final static OCSPResponseStatus UNAUTHORIZED = + new OCSPResponseStatus(6); + + private ENUMERATED responseStatus; + + public long getValue() + { + return responseStatus.getValue(); + } + + /////////////////////////////////////////////////////////////////////// + // Constructors + /////////////////////////////////////////////////////////////////////// + private OCSPResponseStatus() { } + + public OCSPResponseStatus(long val) + { + responseStatus = new ENUMERATED(val); + } + + /////////////////////////////////////////////////////////////////////// + // encoding/decoding + /////////////////////////////////////////////////////////////////////// + + private static final Tag TAG = ENUMERATED.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + responseStatus.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; + } + + /** + * A Template for decoding an OCSPResponseStatus. + */ + public static class Template implements ASN1Template + { + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + ENUMERATED.Template enumt = new ENUMERATED.Template(); + ENUMERATED enum1 = (ENUMERATED) enumt.decode(implicitTag, istream); + + return new OCSPResponseStatus(enum1.getValue()); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java index 705c55927..f180709de 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Request.java @@ -31,120 +31,137 @@ import org.mozilla.jss.pkix.cert.Extension; /** * RFC 2560: - * + * * 
  *   Request         ::=     SEQUENCE {
  *     reqCert                     CertID,
  *     singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class Request implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // members and member access - // ///////////////////////////////////////////////////////////////////// - private CertID reqCert = null; - private SEQUENCE singleRequestExtensions = null; - private SEQUENCE sequence = null; - - public CertID getCertID() { - return reqCert; - } - - public int getExtensionsCount() { - if (singleRequestExtensions == null) { - return 0; - } else { - return singleRequestExtensions.size(); - } - } - - public Extension getRequestExtensionAt(int index) { - if (singleRequestExtensions == null) { - throw new ArrayIndexOutOfBoundsException(); - } - return (Extension) singleRequestExtensions.elementAt(index); - } - - // ///////////////////////////////////////////////////////////////////// - // constructors - // ///////////////////////////////////////////////////////////////////// - private Request() { - } - - public Request(CertID reqCert, SEQUENCE singleRequestExtensions) { - sequence = new SEQUENCE(); - - this.reqCert = reqCert; - sequence.addElement(reqCert); - - if (singleRequestExtensions != null) { - this.singleRequestExtensions = singleRequestExtensions; - sequence.addElement(singleRequestExtensions); - } - } - - // ///////////////////////////////////////////////////////////////////// - // encode / decode - // ///////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding Request. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(CertID.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new SEQUENCE.OF_Template(new Extension.Template()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - EXPLICIT tag = (EXPLICIT) seq.elementAt(1); - - if (tag == null) { - return new Request((CertID) seq.elementAt(0), (SEQUENCE) null); - } else { - return new Request((CertID) seq.elementAt(0), - (SEQUENCE) tag.getContent()); - } - } - } +public class Request implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // members and member access + /////////////////////////////////////////////////////////////////////// + private CertID reqCert = null; + private SEQUENCE singleRequestExtensions = null; + private SEQUENCE sequence = null; + + public CertID getCertID() + { + return reqCert; + } + + public int getExtensionsCount() + { + if(singleRequestExtensions == null) { + return 0; + } else { + return singleRequestExtensions.size(); + } + } + + public Extension getRequestExtensionAt(int index) + { + if(singleRequestExtensions == null) { + throw new ArrayIndexOutOfBoundsException(); + } + return (Extension) singleRequestExtensions.elementAt(index); + } + + /////////////////////////////////////////////////////////////////////// + // constructors + /////////////////////////////////////////////////////////////////////// + private Request() { } + + public Request(CertID reqCert, SEQUENCE singleRequestExtensions) + { + sequence = new SEQUENCE(); + + this.reqCert = reqCert; + sequence.addElement(reqCert); + + if (singleRequestExtensions != null) { + this.singleRequestExtensions = singleRequestExtensions; + sequence.addElement(singleRequestExtensions); + } + } + + /////////////////////////////////////////////////////////////////////// + // encode / decode + /////////////////////////////////////////////////////////////////////// + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() + { + return templateInstance; + } + + /** + * A Template for decoding Request. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( CertID.getTemplate() ); + seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), + new SEQUENCE.OF_Template(new Extension.Template()) )); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + + EXPLICIT tag = (EXPLICIT) seq.elementAt(1); + + if (tag == null) { + return new Request( + (CertID) seq.elementAt(0), + (SEQUENCE) null); + } + else { + return new Request( + (CertID) seq.elementAt(0), + (SEQUENCE) tag.getContent()); + } + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java index 02e30de05..d5cfa6807 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponderID.java @@ -19,16 +19,18 @@ package com.netscape.cmsutil.ocsp; import org.mozilla.jss.asn1.ASN1Value; + /** * RFC 2560: - * + * * 
  * ResponderID ::= CHOICE {
  *    byName               [1] EXPLICIT Name,
  *    byKey                [2] EXPLICIT KeyHash }
  *
- * + * * @version $Revision$ $Date$ */ -public interface ResponderID extends ASN1Value { +public interface ResponderID extends ASN1Value +{ } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java index 0d363e811..eb011e1c1 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Response.java @@ -22,13 +22,14 @@ import org.mozilla.jss.asn1.OCTET_STRING; /** * RFC 2560: - * + * * 
  *     response       OCTET STRING
  *
- * + * * @version $Revision$ $Date$ */ -public interface Response extends ASN1Value { - public OCTET_STRING getBytes(); +public interface Response extends ASN1Value +{ + public OCTET_STRING getBytes(); } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java index 6ffd24806..80a15b910 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseBytes.java @@ -31,105 +31,117 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * ResponseBytes ::=       SEQUENCE {
  *     responseType   OBJECT IDENTIFIER,
  *     response       OCTET STRING }
  *
- * + * * @version $Revision$ $Date$ */ -public class ResponseBytes implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - public final static OBJECT_IDENTIFIER OCSP = new OBJECT_IDENTIFIER( - "1.3.6.1.5.5.7.48.1"); - public final static OBJECT_IDENTIFIER OCSP_BASIC = new OBJECT_IDENTIFIER( - "1.3.6.1.5.5.7.48.1.1"); - - private OBJECT_IDENTIFIER responseType = null; - private OCTET_STRING response = null; - private SEQUENCE sequence; - - public OBJECT_IDENTIFIER getObjectIdentifier() { - return responseType; - } - - public OCTET_STRING getResponse() { - return response; - } - - // ///////////////////////////////////////////////////////////////////// - // Constructors - // ///////////////////////////////////////////////////////////////////// - private ResponseBytes() { - } - - public ResponseBytes(OBJECT_IDENTIFIER responseType, OCTET_STRING response) { - sequence = new SEQUENCE(); - - this.responseType = responseType; - sequence.addElement(responseType); - - this.response = response; - sequence.addElement(response); - } - - // ///////////////////////////////////////////////////////////////////// - // encoding/decoding - // ///////////////////////////////////////////////////////////////////// - - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(OBJECT_IDENTIFIER.getTemplate()); - seqt.addElement(OCTET_STRING.getTemplate()); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - return new ResponseBytes((OBJECT_IDENTIFIER) seq.elementAt(0), - (OCTET_STRING) seq.elementAt(1)); - } - } +public class ResponseBytes implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + public final static OBJECT_IDENTIFIER OCSP = + new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1"); + public final static OBJECT_IDENTIFIER OCSP_BASIC = + new OBJECT_IDENTIFIER("1.3.6.1.5.5.7.48.1.1"); + + private OBJECT_IDENTIFIER responseType = null; + private OCTET_STRING response = null; + private SEQUENCE sequence; + + public OBJECT_IDENTIFIER getObjectIdentifier() + { + return responseType; + } + + public OCTET_STRING getResponse() + { + return response; + } + + /////////////////////////////////////////////////////////////////////// + // Constructors + /////////////////////////////////////////////////////////////////////// + private ResponseBytes() { } + + public ResponseBytes(OBJECT_IDENTIFIER responseType, OCTET_STRING response) + { + sequence = new SEQUENCE(); + + this.responseType = responseType; + sequence.addElement(responseType); + + this.response = response; + sequence.addElement(response); + } + + /////////////////////////////////////////////////////////////////////// + // encoding/decoding + /////////////////////////////////////////////////////////////////////// + + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; + } + + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( OBJECT_IDENTIFIER.getTemplate() ); + seqt.addElement( OCTET_STRING.getTemplate() ); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + + return new ResponseBytes( + (OBJECT_IDENTIFIER) seq.elementAt(0), + (OCTET_STRING) seq.elementAt(1)); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java index 745c24459..81c5eee4c 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/ResponseData.java @@ -35,7 +35,7 @@ import org.mozilla.jss.pkix.cert.Extension; /** * RFC 2560: - * + * * 
  * ResponseData ::= SEQUENCE {
  *    version              [0] EXPLICIT Version DEFAULT v1,
@@ -44,12 +44,13 @@ import org.mozilla.jss.pkix.cert.Extension;
  *    responses                SEQUENCE OF SingleResponse,
  *    responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class ResponseData implements ASN1Value { +public class ResponseData implements ASN1Value +{ private static final INTEGER v1 = new INTEGER(0); - private INTEGER mVer; + private INTEGER mVer; private ResponderID mRID = null; private GeneralizedTime mProduced = null; private SingleResponse mSR[] = null; @@ -57,7 +58,7 @@ public class ResponseData implements ASN1Value { private static final Tag TAG = SEQUENCE.TAG; - public ResponseData(INTEGER ver, ResponderID rid, GeneralizedTime produced, + public ResponseData(INTEGER ver, ResponderID rid, GeneralizedTime produced, SingleResponse sr[], Extension exts[]) { mVer = (ver != null) ? ver : v1; mRID = rid; @@ -66,25 +67,30 @@ public class ResponseData implements ASN1Value { mExts = exts; } - public ResponseData(ResponderID rid, GeneralizedTime produced, - SingleResponse sr[]) { + public ResponseData(ResponderID rid, GeneralizedTime produced, + SingleResponse sr[]) + { this(v1, rid, produced, sr, null); } - public ResponseData(ResponderID rid, GeneralizedTime produced, - SingleResponse sr[], Extension exts[]) { + public ResponseData(ResponderID rid, GeneralizedTime produced, + SingleResponse sr[], Extension exts[]) + { this(v1, rid, produced, sr, exts); } - - public Tag getTag() { + + public Tag getTag() + { return TAG; } - public void encode(OutputStream os) throws IOException { + public void encode(OutputStream os) throws IOException + { encode(null, os); } - public void encode(Tag t, OutputStream os) throws IOException { + public void encode(Tag t, OutputStream os) throws IOException + { SEQUENCE seq = new SEQUENCE(); if (mVer != v1) { @@ -110,29 +116,35 @@ public class ResponseData implements ASN1Value { } else { seq.encode(t, os); } - } + } - public ResponderID getResponderID() { + public ResponderID getResponderID() + { return mRID; } - public GeneralizedTime getProducedAt() { + public GeneralizedTime getProducedAt() + { return mProduced; } - public int getResponseCount() { + public int getResponseCount() + { return (mSR != null) ? mSR.length : 0; } - public SingleResponse getResponseAt(int pos) { + public SingleResponse getResponseAt(int pos) + { return (mSR != null) ? mSR[pos] : null; } - public int getResponseExtensionCount() { - return (mExts != null) ? mExts.length : 0; + public int getResponseExtensionCount() + { + return (mExts != null) ? mExts.length : 0; } - public Extension getResponseExtensionAt(int pos) { + public Extension getResponseExtensionAt(int pos) + { return (mExts != null) ? mExts[pos] : null; } @@ -145,75 +157,83 @@ public class ResponseData implements ASN1Value { /** * A Template for decoding ResponseBytes. */ - public static class Template implements ASN1Template { + public static class Template implements ASN1Template + { private SEQUENCE.Template seqt; - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new INTEGER.Template())); - seqt.addElement(new ANY.Template()); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addElement(new SEQUENCE.OF_Template(SingleResponse - .getTemplate())); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(1), - new SEQUENCE.OF_Template(Extension.getTemplate()))); + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addOptionalElement(new EXPLICIT.Template( + new Tag (0), new INTEGER.Template()) ); + seqt.addElement(new ANY.Template() ); + seqt.addElement(new GeneralizedTime.Template() ); + seqt.addElement(new SEQUENCE.OF_Template( + SingleResponse.getTemplate())); + seqt.addOptionalElement(new EXPLICIT.Template( + new Tag(1), new SEQUENCE.OF_Template( + Extension.getTemplate()))); } - public boolean tagMatch(Tag tag) { + public boolean tagMatch(Tag tag) + { return TAG.equals(tag); } public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { + throws InvalidBERException, IOException + { return decode(TAG, istream); } public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + istream); INTEGER ver = v1; - EXPLICIT e_ver = (EXPLICIT) seq.elementAt(0); + EXPLICIT e_ver = (EXPLICIT)seq.elementAt(0); if (e_ver != null && e_ver.getTag().getNum() == 0) { - ver = (INTEGER) e_ver.getContent(); + ver = (INTEGER)e_ver.getContent(); } ResponderID rid = null; - ANY e_rid = (ANY) seq.elementAt(1); + ANY e_rid = (ANY)seq.elementAt(1); if (e_rid.getTag().getNum() == 1) { // name id - rid = (NameID) NameID.getTemplate().decode(e_rid.getTag(), - new ByteArrayInputStream(e_rid.getEncoded())); + rid = (NameID) + NameID.getTemplate().decode(e_rid.getTag(), + new ByteArrayInputStream(e_rid.getEncoded())); } else if (e_rid.getTag().getNum() == 2) { // key hash id - rid = (KeyHashID) KeyHashID.getTemplate().decode( - e_rid.getTag(), - new ByteArrayInputStream(e_rid.getEncoded())); + rid = (KeyHashID) + KeyHashID.getTemplate().decode(e_rid.getTag(), + new ByteArrayInputStream(e_rid.getEncoded())); } - GeneralizedTime producedAt = (GeneralizedTime) seq.elementAt(2); - SEQUENCE responses = (SEQUENCE) seq.elementAt(3); + GeneralizedTime producedAt = (GeneralizedTime) seq.elementAt(2); + SEQUENCE responses = (SEQUENCE)seq.elementAt(3); SingleResponse sr[] = null; - if ((responses != null) && (responses.size() > 0)) { + if ((responses != null) && (responses.size() > 0)) { sr = new SingleResponse[responses.size()]; for (int i = 0; i < responses.size(); i++) { - sr[i] = (SingleResponse) responses.elementAt(i); + sr[i] = (SingleResponse)responses.elementAt(i); } } - // decode response extension sequence + //decode response extension sequence EXPLICIT extns_exp = (EXPLICIT) seq.elementAt(4); SEQUENCE extns_seq; Extension[] extns_array = null; if (extns_exp != null) { - extns_seq = (SEQUENCE) extns_exp.getContent(); + extns_seq = (SEQUENCE)extns_exp.getContent(); extns_array = new Extension[extns_seq.size()]; - for (int x = 0; x < extns_array.length; x++) { + for (int x=0;x * RevokedInfo ::= SEQUENCE { * revocationTime GeneralizedTime, * revocationReason [0] EXPLICIT CRLReason OPTIONAL } * - * + * * @version $Revision$ $Date$ */ -public class RevokedInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; +public class RevokedInfo implements CertStatus +{ + private static final Tag TAG = SEQUENCE.TAG; - private GeneralizedTime mRevokedAt; + private GeneralizedTime mRevokedAt; - public RevokedInfo(GeneralizedTime revokedAt) { - mRevokedAt = revokedAt; - } - - public Tag getTag() { - return Tag.get(1); - } - - public void encode(Tag t, OutputStream os) throws IOException { - SEQUENCE seq = new SEQUENCE(); - seq.addElement(mRevokedAt); - seq.encode(t, os); - } - - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } - - public GeneralizedTime getRevocationTime() { - return mRevokedAt; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new INTEGER.Template())); + public RevokedInfo(GeneralizedTime revokedAt) + { + mRevokedAt = revokedAt; + } + public Tag getTag() + { + return Tag.get(1); } - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); + public void encode(Tag t, OutputStream os) throws IOException + { + SEQUENCE seq = new SEQUENCE(); + seq.addElement(mRevokedAt); + seq.encode(t, os); } - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); + public void encode(OutputStream os) throws IOException + { + encode(getTag(), os); } + + public GeneralizedTime getRevocationTime() + { + return mRevokedAt; + } - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - GeneralizedTime revokedAt = (GeneralizedTime) seq.elementAt(0); - return new RevokedInfo(revokedAt); + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; + } + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement(new GeneralizedTime.Template() ); + seqt.addOptionalElement( + new EXPLICIT.Template( new Tag(0), + new INTEGER.Template()) ); + + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + istream); + + GeneralizedTime revokedAt = (GeneralizedTime) + seq.elementAt(0); + return new RevokedInfo(revokedAt); + + } } - } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java index 64194e1cd..2810182e1 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/Signature.java @@ -33,127 +33,147 @@ import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; /** * RFC 2560: - * + * * 
  * Signature       ::=     SEQUENCE {
  *  signatureAlgorithm   AlgorithmIdentifier,
  *  signature            BIT STRING,
  *  certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class Signature implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// - // Members and member access - // ///////////////////////////////////////////////////////////////////// - private AlgorithmIdentifier signatureAlgorithm; - private BIT_STRING signature; - private SEQUENCE certs; - private SEQUENCE sequence; - - public AlgorithmIdentifier getSignatureAlgorithm() { - return signatureAlgorithm; - } - - public BIT_STRING getSignature() { - return signature; - } - - public int getCertificateCount() { - if (certs == null) { - return 0; - } else { - return certs.size(); - } - } - - public Certificate getCertificateAt(int index) { - if (certs == null) { - throw new ArrayIndexOutOfBoundsException(); - } - return (Certificate) certs.elementAt(index); - } - - // ///////////////////////////////////////////////////////////////////// - // constructors - // ///////////////////////////////////////////////////////////////////// - private Signature() { - } - - public Signature(AlgorithmIdentifier signatureAlgorithm, - BIT_STRING signature, SEQUENCE certs) { - sequence = new SEQUENCE(); - - this.signatureAlgorithm = signatureAlgorithm; - sequence.addElement(signatureAlgorithm); - - this.signature = signature; - sequence.addElement(signature); - - this.certs = certs; - sequence.addElement(certs); - } - - // ///////////////////////////////////////////////////////////////////// - // encode / decode - // ///////////////////////////////////////////////////////////////////// - private static final Tag TAG = SEQUENCE.TAG; - - public Tag getTag() { - return TAG; - } - - public void encode(OutputStream ostream) throws IOException { - encode(TAG, ostream); - } - - public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { - sequence.encode(implicitTag, ostream); - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding Request. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(AlgorithmIdentifier.getTemplate()); - seqt.addElement(BIT_STRING.getTemplate()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new SEQUENCE.OF_Template(new Certificate.Template()))); - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - SEQUENCE certs = null; - if (seq.elementAt(2) != null) { - certs = (SEQUENCE) ((EXPLICIT) seq.elementAt(2)).getContent(); - } - - return new Signature((AlgorithmIdentifier) seq.elementAt(0), - (BIT_STRING) seq.elementAt(1), certs); - } - } +public class Signature implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// + // Members and member access + /////////////////////////////////////////////////////////////////////// + private AlgorithmIdentifier signatureAlgorithm; + private BIT_STRING signature; + private SEQUENCE certs; + private SEQUENCE sequence; + + public AlgorithmIdentifier getSignatureAlgorithm() + { + return signatureAlgorithm; + } + + public BIT_STRING getSignature() + { + return signature; + } + + public int getCertificateCount() + { + if(certs == null) { + return 0; + } else { + return certs.size(); + } + } + + public Certificate getCertificateAt(int index) + { + if(certs == null) { + throw new ArrayIndexOutOfBoundsException(); + } + return (Certificate) certs.elementAt(index); + } + + /////////////////////////////////////////////////////////////////////// + // constructors + /////////////////////////////////////////////////////////////////////// + private Signature() { } + + public Signature(AlgorithmIdentifier signatureAlgorithm, + BIT_STRING signature, SEQUENCE certs) + { + sequence = new SEQUENCE(); + + this.signatureAlgorithm = signatureAlgorithm; + sequence.addElement(signatureAlgorithm); + + this.signature = signature; + sequence.addElement(signature); + + this.certs = certs; + sequence.addElement(certs); + } + + /////////////////////////////////////////////////////////////////////// + // encode / decode + /////////////////////////////////////////////////////////////////////// + private static final Tag TAG = SEQUENCE.TAG; + + public Tag getTag() + { + return TAG; + } + + public void encode(OutputStream ostream) throws IOException + { + encode(TAG, ostream); + } + + public void encode(Tag implicitTag, OutputStream ostream) + throws IOException + { + sequence.encode(implicitTag, ostream); + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() + { + return templateInstance; + } + + /** + * A Template for decoding Request. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement( AlgorithmIdentifier.getTemplate() ); + seqt.addElement( BIT_STRING.getTemplate() ); + seqt.addOptionalElement( + new EXPLICIT.Template( + new Tag(0), + new SEQUENCE.OF_Template( new Certificate.Template()) + ) + ); + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); + SEQUENCE certs=null; + if( seq.elementAt(2) != null ) { + certs = (SEQUENCE) ((EXPLICIT)seq.elementAt(2)).getContent(); + } + + return new Signature( + (AlgorithmIdentifier) seq.elementAt(0), + (BIT_STRING) seq.elementAt(1), + certs); + } + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java index 439a9f41d..1ce727471 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/SingleResponse.java @@ -34,7 +34,7 @@ import org.mozilla.jss.pkix.cert.Extension; /** * RFC 2560: - * + * * 
  * SingleResponse ::= SEQUENCE {
  * certID                       CertID,
@@ -43,134 +43,157 @@ import org.mozilla.jss.pkix.cert.Extension;
  * nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
  * singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class SingleResponse implements ASN1Value { - private CertID mCID = null; - private CertStatus mStatus = null; - private GeneralizedTime mThisUpdate = null; - private GeneralizedTime mNextUpdate = null; - - private static final Tag TAG = SEQUENCE.TAG; - - public SingleResponse(CertID cid, CertStatus s, GeneralizedTime thisUpdate, - GeneralizedTime nextUpdate) { - mCID = cid; - mStatus = s; - mThisUpdate = thisUpdate; - mNextUpdate = nextUpdate; - } - - public CertID getCertID() { - return mCID; - } - - public Tag getTag() { - return null; - } - - public void encode(Tag t, OutputStream os) throws IOException { - SEQUENCE seq = new SEQUENCE(); - seq.addElement(mCID); - seq.addElement(mStatus); - seq.addElement(mThisUpdate); - if (mNextUpdate != null) { - seq.addElement(new EXPLICIT(Tag.get(0), mNextUpdate)); +public class SingleResponse implements ASN1Value +{ + private CertID mCID = null; + private CertStatus mStatus = null; + private GeneralizedTime mThisUpdate = null; + private GeneralizedTime mNextUpdate = null; + + private static final Tag TAG = SEQUENCE.TAG; + + public SingleResponse(CertID cid, CertStatus s, + GeneralizedTime thisUpdate, GeneralizedTime nextUpdate) + { + mCID = cid; + mStatus = s; + mThisUpdate = thisUpdate; + mNextUpdate = nextUpdate; + } + + public CertID getCertID() + { + return mCID; + } + + public Tag getTag() + { + return null; + } + + public void encode(Tag t, OutputStream os) throws IOException + { + SEQUENCE seq = new SEQUENCE(); + seq.addElement(mCID); + seq.addElement(mStatus); + seq.addElement(mThisUpdate); + if (mNextUpdate != null) + { + seq.addElement(new EXPLICIT(Tag.get(0), mNextUpdate)); + } + if (t == null) { + seq.encode(os); + } else { + seq.encode(t, os); + } + } + + public void encode(OutputStream os) throws IOException + { + encode(null, os); + } + + public CertStatus getCertStatus() + { + return mStatus; + } + + public GeneralizedTime getThisUpdate() + { + return mThisUpdate; + } + + public GeneralizedTime getNextUpdate() + { + return mNextUpdate; + } + + public int getExtensionCount() + { + return 0; + } + + public Extension getExtensionAt(int pos) + { + return null; + } + + private static final Template templateInstance = new Template(); + + public static Template getTemplate() { + return templateInstance; } - if (t == null) { - seq.encode(os); - } else { - seq.encode(t, os); - } - } - - public void encode(OutputStream os) throws IOException { - encode(null, os); - } - - public CertStatus getCertStatus() { - return mStatus; - } - - public GeneralizedTime getThisUpdate() { - return mThisUpdate; - } - - public GeneralizedTime getNextUpdate() { - return mNextUpdate; - } - - public int getExtensionCount() { - return 0; - } - - public Extension getExtensionAt(int pos) { - return null; - } - - private static final Template templateInstance = new Template(); - - public static Template getTemplate() { - return templateInstance; - } - - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { - - private SEQUENCE.Template seqt; - - public Template() { - seqt = new SEQUENCE.Template(); - seqt.addElement(new CertID.Template()); - seqt.addElement(new ANY.Template()); - seqt.addElement(new GeneralizedTime.Template()); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(0), - new GeneralizedTime.Template())); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(1), - new SEQUENCE.OF_Template(new Extension.Template()))); - - } - - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } - - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } - - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - - CertID cid = (CertID) seq.elementAt(0); - CertStatus status = null; - ANY e_status = (ANY) seq.elementAt(1); - if (e_status.getTag().getNum() == 0) { - status = (GoodInfo) GoodInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - // good - } else if (e_status.getTag().getNum() == 1) { - // revoked - status = (RevokedInfo) RevokedInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - } else if (e_status.getTag().getNum() == 2) { - // unknown - status = (UnknownInfo) UnknownInfo.getTemplate().decode( - e_status.getTag(), - new ByteArrayInputStream(e_status.getEncoded())); - } - GeneralizedTime thisUpdate = (GeneralizedTime) seq.elementAt(2); - GeneralizedTime nextUpdate = null; - - return new SingleResponse(cid, status, thisUpdate, nextUpdate); + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { + + private SEQUENCE.Template seqt; + + public Template() + { + seqt = new SEQUENCE.Template(); + seqt.addElement(new CertID.Template() ); + seqt.addElement(new ANY.Template() ); + seqt.addElement(new GeneralizedTime.Template() ); + seqt.addOptionalElement(new EXPLICIT.Template( + new Tag(0), new GeneralizedTime.Template())); + seqt.addOptionalElement(new EXPLICIT.Template(new Tag(1), + new SEQUENCE.OF_Template(new Extension.Template()))); + + } + + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } + + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } + + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + istream); + + CertID cid = (CertID)seq.elementAt(0); + CertStatus status = null; + ANY e_status = (ANY)seq.elementAt(1); + if (e_status.getTag().getNum() == 0) { + status = (GoodInfo) + GoodInfo.getTemplate().decode( + e_status.getTag(), + new ByteArrayInputStream(e_status.getEncoded())); + // good + } else if (e_status.getTag().getNum() == 1) { + // revoked + status = (RevokedInfo) + RevokedInfo.getTemplate().decode( + e_status.getTag(), + new ByteArrayInputStream(e_status.getEncoded())); + } else if (e_status.getTag().getNum() == 2) { + // unknown + status = (UnknownInfo) + UnknownInfo.getTemplate().decode( + e_status.getTag(), + new ByteArrayInputStream(e_status.getEncoded())); + } + GeneralizedTime thisUpdate = (GeneralizedTime) + seq.elementAt(2); + GeneralizedTime nextUpdate = null; + + return new SingleResponse(cid, status, thisUpdate, + nextUpdate); + + } } - } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java index ffb48e0ea..4e09c5914 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/TBSRequest.java @@ -33,7 +33,7 @@ import org.mozilla.jss.pkix.cert.Extension; /** * RFC 2560: - * + * * 
  * TBSRequest      ::=     SEQUENCE {
  *  version             [0] EXPLICIT Version DEFAULT v1,
@@ -41,29 +41,33 @@ import org.mozilla.jss.pkix.cert.Extension;
  *  requestList             SEQUENCE OF Request,
  *  requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
  *
- * + * * @version $Revision$ $Date$ */ -public class TBSRequest implements ASN1Value { - // ///////////////////////////////////////////////////////////////////// +public class TBSRequest implements ASN1Value +{ + /////////////////////////////////////////////////////////////////////// // members and member access - // ///////////////////////////////////////////////////////////////////// - private static final INTEGER v1 = new INTEGER(0); + /////////////////////////////////////////////////////////////////////// + private static final INTEGER v1 = new INTEGER (0); private INTEGER version; private ANY requestorName; private SEQUENCE requestList; private SEQUENCE requestExtensions; - public INTEGER getVersion() { + public INTEGER getVersion() + { return version; } - public ANY getRequestorName() { + public ANY getRequestorName() + { return requestorName; - } + } - public int getRequestCount() { + public int getRequestCount() + { if (requestList == null) { return 0; } else { @@ -71,11 +75,13 @@ public class TBSRequest implements ASN1Value { } } - public Request getRequestAt(int index) { + public Request getRequestAt(int index) + { return (Request) requestList.elementAt(index); } - public int getExtensionsCount() { + public int getExtensionsCount() + { if (requestExtensions == null) { return 0; } else { @@ -83,40 +89,45 @@ public class TBSRequest implements ASN1Value { } } - public Extension getRequestExtensionAt(int index) { + public Extension getRequestExtensionAt(int index) + { return (Extension) requestExtensions.elementAt(index); } - // ///////////////////////////////////////////////////////////////////// + /////////////////////////////////////////////////////////////////////// // constructors - // ///////////////////////////////////////////////////////////////////// - - private TBSRequest() { - } + /////////////////////////////////////////////////////////////////////// + + private TBSRequest() {} - public TBSRequest(INTEGER version, ANY requestorName, SEQUENCE requestList, - SEQUENCE requestExtensions) { + public TBSRequest(INTEGER version, ANY requestorName, + SEQUENCE requestList, SEQUENCE requestExtensions) + { this.version = (version != null) ? version : v1; this.requestorName = requestorName; this.requestList = requestList; this.requestExtensions = requestExtensions; } - // ///////////////////////////////////////////////////////////////////// + /////////////////////////////////////////////////////////////////////// // encode / decode - // ///////////////////////////////////////////////////////////////////// + /////////////////////////////////////////////////////////////////////// public static final Tag TAG = SEQUENCE.TAG; - public Tag getTag() { + public Tag getTag() + { return TAG; } - public void encode(OutputStream ostream) throws IOException { + public void encode(OutputStream ostream) + throws IOException + { encode(TAG, ostream); } public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { + throws IOException + { SEQUENCE seq = new SEQUENCE(); if (version != v1) { @@ -141,43 +152,52 @@ public class TBSRequest implements ASN1Value { private static final Template templateInstance = new Template(); - public static Template getTemplate() { + public static Template getTemplate() + { return templateInstance; } /** * A Template for decoding TBSRequest. */ - public static class Template implements ASN1Template { + public static class Template implements ASN1Template + { private SEQUENCE.Template seqt; - public Template() { + public Template() + { seqt = new SEQUENCE.Template(); - seqt.addElement(new EXPLICIT.Template(new Tag(0), - new INTEGER.Template()), new EXPLICIT(new Tag(0), - new INTEGER(0))); - seqt.addOptionalElement(new EXPLICIT.Template(new Tag(1), - new ANY.Template())); - seqt.addElement(new SEQUENCE.OF_Template(new Request.Template())); + seqt.addElement( + new EXPLICIT.Template( + new Tag(0), new INTEGER.Template()), + new EXPLICIT( new Tag(0), new INTEGER(0)) + ); + seqt.addOptionalElement( + new EXPLICIT.Template( + new Tag (1), new ANY.Template()) ); + seqt.addElement( new SEQUENCE.OF_Template(new Request.Template()) ); seqt.addOptionalElement(new EXPLICIT.Template(new Tag(2), - new SEQUENCE.OF_Template(new Extension.Template()))); + new SEQUENCE.OF_Template(new Extension.Template())) ); } - public boolean tagMatch(Tag tag) { + public boolean tagMatch(Tag tag) + { return TAG.equals(tag); } public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { + throws InvalidBERException, IOException + { return decode(TAG, istream); } public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { + throws InvalidBERException, IOException + { SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, istream); - INTEGER v = v1; // assume default version + INTEGER v = v1; //assume default version EXPLICIT e_ver = (EXPLICIT) seq.elementAt(0); if (e_ver != null) { v = (INTEGER) e_ver.getContent(); @@ -189,18 +209,21 @@ public class TBSRequest implements ASN1Value { requestorname = (ANY) e_requestorName.getContent(); } - // request sequence (element 2) done below + //request sequence (element 2) done below EXPLICIT exts = (EXPLICIT) seq.elementAt(3); SEQUENCE exts_seq; if (exts != null) { - exts_seq = (SEQUENCE) exts.getContent(); + exts_seq = (SEQUENCE)exts.getContent(); } else { exts_seq = null; } - return new TBSRequest(v, requestorname, - (SEQUENCE) seq.elementAt(2), exts_seq); + return new TBSRequest( + v, + requestorname, + (SEQUENCE) seq.elementAt(2), + exts_seq); } } } diff --git a/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java b/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java index c92ece596..d9891f5a5 100644 --- a/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java +++ b/pki/base/util/src/com/netscape/cmsutil/ocsp/UnknownInfo.java @@ -30,66 +30,76 @@ import org.mozilla.jss.asn1.Tag; /** * RFC 2560: - * + * * 
  * UnknownInfo ::= NULL -- this can be replaced with an enumeration
  *
- * + * * @version $Revision$ $Date$ */ -public class UnknownInfo implements CertStatus { - private static final Tag TAG = SEQUENCE.TAG; +public class UnknownInfo implements CertStatus +{ + private static final Tag TAG = SEQUENCE.TAG; - public UnknownInfo() { - } + public UnknownInfo() + { + } - public Tag getTag() { - return Tag.get(2); - } + public Tag getTag() + { + return Tag.get(2); + } - public void encode(Tag t, OutputStream os) throws IOException { - NULL.getInstance().encode(getTag(), os); - } + public void encode(Tag t, OutputStream os) throws IOException + { + NULL.getInstance().encode(getTag(), os); + } - public void encode(OutputStream os) throws IOException { - encode(getTag(), os); - } + public void encode(OutputStream os) throws IOException + { + encode(getTag(), os); + } - private static final Template templateInstance = new Template(); + private static final Template templateInstance = new Template(); - public static Template getTemplate() { - return templateInstance; - } + public static Template getTemplate() { + return templateInstance; + } - /** - * A Template for decoding ResponseBytes. - */ - public static class Template implements ASN1Template { + /** + * A Template for decoding ResponseBytes. + */ + public static class Template implements ASN1Template + { - private SEQUENCE.Template seqt; + private SEQUENCE.Template seqt; - public Template() { - // seqt = new SEQUENCE.Template(); - // seqt.addElement(new NULL.Template() ); + public Template() + { +// seqt = new SEQUENCE.Template(); + // seqt.addElement(new NULL.Template() ); - } + } - public boolean tagMatch(Tag tag) { - return TAG.equals(tag); - } + public boolean tagMatch(Tag tag) + { + return TAG.equals(tag); + } - public ASN1Value decode(InputStream istream) - throws InvalidBERException, IOException { - return decode(TAG, istream); - } + public ASN1Value decode(InputStream istream) + throws InvalidBERException, IOException + { + return decode(TAG, istream); + } - public ASN1Value decode(Tag implicitTag, InputStream istream) - throws InvalidBERException, IOException { - // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, - // istream); + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws InvalidBERException, IOException + { + // SEQUENCE seq = (SEQUENCE) seqt.decode(implicitTag, + // istream); - return new UnknownInfo(); + return new UnknownInfo(); + } } - } } diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java index 357ae0a6c..1a6a026ba 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordReader.java @@ -16,14 +16,11 @@ // All rights reserved. // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.password; - import java.io.IOException; import java.util.Enumeration; public interface IPasswordReader { public void init(String pwdPath) throws IOException; - public String getPassword(String tag); - public Enumeration getTags(); } diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java index 7dc002809..3d7a8d80c 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordStore.java @@ -22,13 +22,9 @@ import java.util.Enumeration; public interface IPasswordStore { public void init(String pwdPath) throws IOException; - public String getPassword(String tag); - public Enumeration getTags(); - public Object putPassword(String tag, String password); - - public void commit() throws IOException, ClassCastException, - NullPointerException; + public void commit() + throws IOException, ClassCastException, NullPointerException; } diff --git a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java index 007efd16a..2f42e02cb 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/IPasswordWriter.java @@ -16,14 +16,12 @@ // All rights reserved. // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.password; - import java.io.IOException; public interface IPasswordWriter { - public void init(String pwdPath) throws IOException;; - + public void init(String pwdPath) + throws IOException;; public Object putPassword(String tag, String password); - - public void commit() throws IOException, ClassCastException, - NullPointerException; + public void commit() + throws IOException, ClassCastException, NullPointerException; } diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java index 9a9009e4b..c9cec1df6 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordFile.java @@ -23,7 +23,7 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Properties; -public class PlainPasswordFile implements IPasswordStore { +public class PlainPasswordFile implements IPasswordStore{ private String mPwdPath = ""; private Properties mPwdStore; private static final String PASSWORD_WRITER_HEADER = ""; @@ -31,31 +31,34 @@ public class PlainPasswordFile implements IPasswordStore { public PlainPasswordFile() { } - public void init(String pwdPath) throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; + public void init(String pwdPath) + throws IOException + { + mPwdStore = new Properties(); + // initialize mPwdStore + mPwdPath = pwdPath; - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); + FileInputStream file = new FileInputStream(mPwdPath); + mPwdStore.load(file); + file.close(); } public String getPassword(String tag) { - return (String) mPwdStore.getProperty(tag); + return (String) mPwdStore.getProperty(tag); } // return an array of String-based tag public Enumeration getTags() { - return mPwdStore.propertyNames(); + return mPwdStore.propertyNames(); } public Object putPassword(String tag, String password) { return mPwdStore.setProperty(tag, password); } - public void commit() throws IOException, ClassCastException, - NullPointerException { + public void commit() + throws IOException, ClassCastException, NullPointerException + { FileOutputStream file = new FileOutputStream(mPwdPath); mPwdStore.store(file, PASSWORD_WRITER_HEADER); file.close(); diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java index 42e38af54..27a39cb6f 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordReader.java @@ -22,30 +22,32 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Properties; -public class PlainPasswordReader implements IPasswordReader { +public class PlainPasswordReader implements IPasswordReader{ private String mPwdPath = ""; private Properties mPwdStore; public PlainPasswordReader() { } - public void init(String pwdPath) throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; - mPwdStore = new Properties(); + public void init(String pwdPath) + throws IOException + { + mPwdStore = new Properties(); + // initialize mPwdStore + mPwdPath = pwdPath; + mPwdStore = new Properties(); - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); + FileInputStream file = new FileInputStream(mPwdPath); + mPwdStore.load(file); + file.close(); } public String getPassword(String tag) { - return (String) mPwdStore.getProperty(tag); + return (String) mPwdStore.getProperty(tag); } // return an array of String-based tag public Enumeration getTags() { - return mPwdStore.propertyNames(); + return mPwdStore.propertyNames(); } } diff --git a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java index e42ea2fbb..0cd29a181 100644 --- a/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java +++ b/pki/base/util/src/com/netscape/cmsutil/password/PlainPasswordWriter.java @@ -22,7 +22,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.util.Properties; -public class PlainPasswordWriter implements IPasswordWriter { +public class PlainPasswordWriter implements IPasswordWriter{ private static final String PASSWORD_WRITER_HEADER = ""; private String mPwdPath = ""; private Properties mPwdStore; @@ -30,26 +30,29 @@ public class PlainPasswordWriter implements IPasswordWriter { public PlainPasswordWriter() { } - public void init(String pwdPath) throws IOException { - mPwdStore = new Properties(); - // initialize mPwdStore - mPwdPath = pwdPath; - mPwdStore = new Properties(); - - FileInputStream file = new FileInputStream(mPwdPath); - mPwdStore.load(file); - file.close(); + public void init(String pwdPath) + throws IOException + { + mPwdStore = new Properties(); + // initialize mPwdStore + mPwdPath = pwdPath; + mPwdStore = new Properties(); + + FileInputStream file = new FileInputStream(mPwdPath); + mPwdStore.load(file); + file.close(); } public Object putPassword(String tag, String password) { - return mPwdStore.setProperty(tag, password); + return mPwdStore.setProperty(tag, password); } - public void commit() throws IOException, ClassCastException, - NullPointerException { - FileOutputStream file = new FileOutputStream(mPwdPath); - mPwdStore.store(file, PASSWORD_WRITER_HEADER); - file.close(); + public void commit() + throws IOException, ClassCastException, NullPointerException + { + FileOutputStream file = new FileOutputStream(mPwdPath); + mPwdStore.store(file, PASSWORD_WRITER_HEADER); + file.close(); } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java index 4824c885f..c5f9828c1 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AccessAccept.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class AccessAccept extends ServerPacket { public AccessAccept(byte data[]) throws IOException { super(data); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java index c06f809b1..bab34ffe9 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AccessChallenge.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class AccessChallenge extends ServerPacket { public AccessChallenge(byte data[]) throws IOException { super(data); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java index 5f32ef349..12081a6b9 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AccessReject.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class AccessReject extends ServerPacket { public AccessReject(byte data[]) throws IOException { super(data); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java b/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java index 7856b0cc8..5075f9325 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AccessRequest.java @@ -17,6 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + + + public class AccessRequest extends NASPacket { public AccessRequest(short id, Authenticator auth) { super(ACCESS_REQUEST, id, auth); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java index 7a37c936a..33c1f3929 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/Attribute.java @@ -17,11 +17,13 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.ByteArrayOutputStream; import java.io.IOException; + public abstract class Attribute { - public static final int USER_NAME = 1; + public static final int USER_NAME = 1; public static final int USER_PASSWORD = 2; public static final int CHAP_PASSWORD = 3; public static final int NAS_IP_ADDRESS = 4; @@ -79,10 +81,12 @@ public abstract class Attribute { return _t; } - public abstract byte[] getValue() throws IOException; + public abstract byte[] getValue() + throws IOException; - public byte[] getData() throws IOException { - ByteArrayOutputStream attrOS = new ByteArrayOutputStream(); + public byte[] getData() + throws IOException { + ByteArrayOutputStream attrOS = new ByteArrayOutputStream(); attrOS.write(_t); // type byte value[] = getValue(); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java index 663b5c549..bf2369721 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeFactory.java @@ -17,10 +17,13 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class AttributeFactory { - public static Attribute createAttribute(byte data[]) throws IOException { + public static Attribute createAttribute(byte data[]) + throws IOException { switch (data[0] & 0xFF) { case Attribute.USER_NAME: // 1 return new UserNameAttribute(data); @@ -49,13 +52,13 @@ public class AttributeFactory { case Attribute.FRAMED_IP_NETMASK: // 9 return new FramedIPNetmaskAttribute(data); - case Attribute.FRAMED_ROUTING: // 10 + case Attribute.FRAMED_ROUTING: // 10 return new FramedRoutingAttribute(data); - case Attribute.FILTER_ID: // 11 + case Attribute.FILTER_ID: // 11 return new FilterIdAttribute(data); - case Attribute.FRAMED_MTU: // 12 + case Attribute.FRAMED_MTU: // 12 return new FramedMTUAttribute(data); case Attribute.FRAMED_COMPRESSION: // 13 @@ -76,73 +79,73 @@ public class AttributeFactory { case Attribute.CALLBACK_NUMBER: // 19 return new CallbackNumberAttribute(data); - case Attribute.CALLBACK_ID: // 20 + case Attribute.CALLBACK_ID: // 20 return new CallbackIdAttribute(data); - case Attribute.FRAMED_ROUTE: // 22 + case Attribute.FRAMED_ROUTE: // 22 return new FramedRouteAttribute(data); - case Attribute.FRAMED_IPX_NETWORK: // 23 + case Attribute.FRAMED_IPX_NETWORK: // 23 return new FramedIPXNetworkAttribute(data); - case Attribute.STATE: // 24 + case Attribute.STATE: // 24 return new StateAttribute(data); - case Attribute.NAS_CLASS: // 25 + case Attribute.NAS_CLASS: // 25 return new NASClassAttribute(data); - case Attribute.VENDOR_SPECIFIC: // 26 + case Attribute.VENDOR_SPECIFIC: // 26 return new VendorSpecificAttribute(data); - case Attribute.SESSION_TIMEOUT: // 27 + case Attribute.SESSION_TIMEOUT: // 27 return new SessionTimeoutAttribute(data); - case Attribute.IDLE_TIMEOUT: // 28 + case Attribute.IDLE_TIMEOUT: // 28 return new IdleTimeoutAttribute(data); - case Attribute.TERMINATION_ACTION: // 29 + case Attribute.TERMINATION_ACTION: // 29 return new TerminationActionAttribute(data); - case Attribute.CALLER_STATION_ID: // 30 + case Attribute.CALLER_STATION_ID: // 30 return new CallerStationIdAttribute(data); - case Attribute.CALLING_STATION_ID: // 31 + case Attribute.CALLING_STATION_ID: // 31 return new CallingStationIdAttribute(data); - case Attribute.NAS_IDENTIFIER: // 32 + case Attribute.NAS_IDENTIFIER: // 32 return new NASIdentifierAttribute(data); - case Attribute.PROXY_STATE: // 33 + case Attribute.PROXY_STATE: // 33 return new ProxyStateAttribute(data); - case Attribute.LOGIN_LAT_SERVICE: // 34 + case Attribute.LOGIN_LAT_SERVICE: // 34 return new LoginLATServiceAttribute(data); - case Attribute.LOGIN_LAT_NODE: // 35 + case Attribute.LOGIN_LAT_NODE: // 35 return new LoginLATNodeAttribute(data); - case Attribute.LOGIN_LAT_GROUP: // 36 + case Attribute.LOGIN_LAT_GROUP: // 36 return new LoginLATGroupAttribute(data); - case Attribute.FRAMED_APPLETALK_LINK: // 37 + case Attribute.FRAMED_APPLETALK_LINK: // 37 return new FramedAppleTalkLinkAttribute(data); - case Attribute.FRAMED_APPLETALK_NETWORK: // 38 + case Attribute.FRAMED_APPLETALK_NETWORK: // 38 return new FramedAppleTalkNetworkAttribute(data); - case Attribute.FRAMED_APPLETALK_ZONE: // 39 + case Attribute.FRAMED_APPLETALK_ZONE: // 39 return new FramedAppleTalkZoneAttribute(data); - case Attribute.CHAP_CHALLENGE: // 60 + case Attribute.CHAP_CHALLENGE: // 60 return new CHAPChallengeAttribute(data); - case Attribute.NAS_PORT_TYPE: // 61 + case Attribute.NAS_PORT_TYPE: // 61 return new NASPortTypeAttribute(data); - case Attribute.PORT_LIMIT: // 62 + case Attribute.PORT_LIMIT: // 62 return new PortLimitAttribute(data); - case Attribute.LOGIN_LAT_PORT: // 63 + case Attribute.LOGIN_LAT_PORT: // 63 return new LoginLATPortAttribute(data); default: diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java index 46860de19..e79b96f7c 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/AttributeSet.java @@ -17,9 +17,11 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.util.Enumeration; import java.util.Vector; + public class AttributeSet { private Vector _attrs = new Vector(); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java index 008af489a..3236d9b65 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/Authenticator.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public abstract class Authenticator { public abstract byte[] getData() throws IOException; } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java index cd715a031..8b2655c2e 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPChallengeAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CHAPChallengeAttribute extends Attribute { private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java index 3f0ef1793..90ebea144 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CHAPPasswordAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CHAPPasswordAttribute extends Attribute { private byte _value[] = null; private int _ident = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java index 5fd806003..894ae9c89 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackIdAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CallbackIdAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java index d6e45cecd..96e4af79e 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CallbackNumberAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CallbackNumberAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java index 3b5eec804..05e4836d6 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CallerStationIdAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CallerStationIdAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java index 9a57f8089..b1f77b694 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/CallingStationIdAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class CallingStationIdAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java b/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java index ef38df439..de1222a3b 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ChallengeException.java @@ -17,6 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + + + public class ChallengeException extends Exception { /** * @@ -33,12 +36,10 @@ public class ChallengeException extends Exception { } public String getState() { - return ((StateAttribute) (_res.getAttributeSet() - .getAttributeByType(Attribute.STATE))).getString(); + return ((StateAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.STATE))).getString(); } public String getReplyMessage() { - return ((ReplyMessageAttribute) (_res.getAttributeSet() - .getAttributeByType(Attribute.REPLY_MESSAGE))).getString(); + return ((ReplyMessageAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.REPLY_MESSAGE))).getString(); } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java index 879d7d5c7..c8d9abf8e 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FilterIdAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FilterIdAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java index 05273780f..2176fbc02 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkLinkAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedAppleTalkLinkAttribute extends Attribute { public static int UN_NUMBERED = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java index cea0d936a..6ea0c05ff 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkNetworkAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedAppleTalkNetworkAttribute extends Attribute { private byte _value[] = null; private int _type = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java index 54ee47c45..3ea8c654f 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedAppleTalkZoneAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedAppleTalkZoneAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java index b57c030b5..cf21b9fda 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedCompressionAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedCompressionAttribute extends Attribute { public static final int NONE = 1; public static final int VJ_TCP_IP_HEADER = 2; @@ -31,9 +33,9 @@ public class FramedCompressionAttribute extends Attribute { public FramedCompressionAttribute(byte value[]) { super(); _t = FRAMED_COMPRESSION; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); + _type = value[5] & 0xFF; + _type |= ((value[4] << 8) & 0xFF00); + _type |= ((value[3] << 16) & 0xFF0000); _type |= ((value[2] << 24) & 0xFF000000); _value = value; } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java index 2f66ee8c2..1fac0a3f0 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPAddressAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedIPAddressAttribute extends Attribute { private byte _value[] = null; private byte _addr[] = new byte[4]; @@ -26,10 +28,10 @@ public class FramedIPAddressAttribute extends Attribute { public FramedIPAddressAttribute(byte value[]) { super(); _t = FRAMED_IP_ADDRESS; - _addr[0] = value[2]; - _addr[1] = value[3]; - _addr[2] = value[4]; - _addr[3] = value[5]; + _addr[0] = value[2]; + _addr[1] = value[3]; + _addr[2] = value[4]; + _addr[3] = value[5]; _value = value; } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java index f8e1980c7..9350fac11 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPNetmaskAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedIPNetmaskAttribute extends Attribute { private byte _value[] = null; private byte _mask[] = new byte[4]; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java index 92f47eec1..900c46c00 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedIPXNetworkAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedIPXNetworkAttribute extends Attribute { private byte _value[] = null; private byte _net[] = new byte[4]; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java index 5cd9551a2..b3a362337 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedMTUAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedMTUAttribute extends Attribute { private byte _value[] = null; private int _type = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java index 5af219b9a..1acee4ce7 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedProtocolAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedProtocolAttribute extends Attribute { public static final int PPP = 1; public static final int SLIP = 2; @@ -33,9 +35,9 @@ public class FramedProtocolAttribute extends Attribute { public FramedProtocolAttribute(byte value[]) { super(); _t = SERVICE_TYPE; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); + _type = value[5] & 0xFF; + _type |= ((value[4] << 8) & 0xFF00); + _type |= ((value[3] << 16) & 0xFF0000); _type |= ((value[2] << 24) & 0xFF000000); _value = value; } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java index 9b123fe2a..bc49adb06 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRouteAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedRouteAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java index 14d2b0cc8..1ea4e334f 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/FramedRoutingAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class FramedRoutingAttribute extends Attribute { public static final int NONE = 0; public static final int SEND_ROUTING_PACKETS = 1; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java index ac1798ae3..c368a2712 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/GenericAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class GenericAttribute extends Attribute { private byte _value[] = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java index 44b0c5087..38b45a6c8 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/IdleTimeoutAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class IdleTimeoutAttribute extends Attribute { private int _timeout = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java index 0d1c0565a..7bfe179ff 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginIPHostAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginIPHostAttribute extends Attribute { public static final int NAS_ALLOW_SELECT = 0xFFFFFFFF; public static final int NAS_SELECT = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java index 4cee6bc3a..93a507661 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATGroupAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginLATGroupAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java index 2c2d3411e..38b4b315f 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATNodeAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginLATNodeAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java index 330161ec8..056b0fc43 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATPortAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginLATPortAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java index 158630d27..7409a83a4 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginLATServiceAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginLATServiceAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java index 73f49d39f..88f5623be 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginServiceAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginServiceAttribute extends Attribute { public static final int TELNET = 0; public static final int RLOGIN = 1; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java index 6b44f50c6..0c924f695 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/LoginTCPPortAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class LoginTCPPortAttribute extends Attribute { private int _port = 0; @@ -41,12 +43,12 @@ public class LoginTCPPortAttribute extends Attribute { } public byte[] getValue() throws IOException { - byte[] p = new byte[4]; + byte[] p = new byte[4]; - p[0] = (byte) ((_port >>> 24) & 0xFF); - p[1] = (byte) ((_port >>> 16) & 0xFF); - p[2] = (byte) ((_port >>> 8) & 0xFF); - p[3] = (byte) (_port & 0xFF); + p[0] = (byte) ((_port >>> 24) & 0xFF); + p[1] = (byte) ((_port >>> 16) & 0xFF); + p[2] = (byte) ((_port >>> 8) & 0xFF); + p[3] = (byte) (_port & 0xFF); return p; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java index 57b983028..ba644f201 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASClassAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class NASClassAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java index d4022b3dd..42dc1a19b 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASIPAddressAttribute.java @@ -17,9 +17,11 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; import java.net.InetAddress; + public class NASIPAddressAttribute extends Attribute { private InetAddress _ip = null; private byte _value[] = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java index 0a3a62cd8..99917cac7 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASIdentifierAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class NASIdentifierAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java index 70d143989..b270eadde 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASPacket.java @@ -17,9 +17,11 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.ByteArrayOutputStream; import java.io.IOException; + public abstract class NASPacket extends Packet { public NASPacket(int c, short id, Authenticator auth) { super(c, id, auth); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java index 0f7b31e75..949fa4759 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class NASPortAttribute extends Attribute { private int _port = 0; @@ -37,12 +39,12 @@ public class NASPortAttribute extends Attribute { } public byte[] getValue() throws IOException { - byte[] p = new byte[4]; + byte[] p = new byte[4]; - p[0] = (byte) ((_port >>> 24) & 0xFF); - p[1] = (byte) ((_port >>> 16) & 0xFF); - p[2] = (byte) ((_port >>> 8) & 0xFF); - p[3] = (byte) (_port & 0xFF); + p[0] = (byte) ((_port >>> 24) & 0xFF); + p[1] = (byte) ((_port >>> 16) & 0xFF); + p[2] = (byte) ((_port >>> 8) & 0xFF); + p[3] = (byte) (_port & 0xFF); return p; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java index 84ccc3ae1..ca7cf7b09 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/NASPortTypeAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class NASPortTypeAttribute extends Attribute { public static final int ASYNC = 0; public static final int SYNC = 1; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java b/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java index 902da857d..4af445639 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/Packet.java @@ -17,14 +17,17 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + + + public abstract class Packet { - public static final int ACCESS_REQUEST = 1; - public static final int ACCESS_ACCEPT = 2; - public static final int ACCESS_REJECT = 3; - // public static final int ACCOUNTING_REQUEST = 4; - // public static final int ACCOUNTING_RESPONSE = 5; + public static final int ACCESS_REQUEST = 1; + public static final int ACCESS_ACCEPT = 2; + public static final int ACCESS_REJECT = 3; + // public static final int ACCOUNTING_REQUEST = 4; + // public static final int ACCOUNTING_RESPONSE = 5; public static final int ACCESS_CHALLENGE = 11; - public static final int RESERVED = 255; + public static final int RESERVED = 255; protected int _c = 0; protected short _id = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java b/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java index 8d2e20e74..c9dd1620a 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/PacketFactory.java @@ -17,11 +17,13 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class PacketFactory { public static ServerPacket createServerPacket(byte data[]) - throws IOException { + throws IOException { switch (data[0] & 0xFF) { case Packet.ACCESS_ACCEPT: return new AccessAccept(data); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java index 7903bb1fd..602603cb6 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/PortLimitAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class PortLimitAttribute extends Attribute { private int _port = 0; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java index 83831b652..ef04ae0ca 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ProxyStateAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class ProxyStateAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java b/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java index 56f620576..1c09ea2c4 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/RadiusConn.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; import java.io.InterruptedIOException; import java.net.DatagramPacket; @@ -27,9 +28,10 @@ import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Properties; + /** - * This class implements RFC2865 - Remote Authentication Dial In User Service - * (RADIUS), June 2000. + * This class implements RFC2865 - Remote Authentication Dial In + * User Service (RADIUS), June 2000. */ public class RadiusConn { public static int MAX_RETRIES = 10; @@ -50,19 +52,20 @@ public class RadiusConn { private int _maxRetries = MAX_RETRIES; private SecureRandom _rand = null; - public RadiusConn(String host1, String host2, int port, String secret, - int timeout) throws SocketException { + public RadiusConn(String host1, String host2, int port, String secret, + int timeout) throws SocketException { this(host1, port, host2, port, secret, timeout, null, null); } public RadiusConn(String host, int port, String secret, byte seed[], - Properties options) throws SocketException { + Properties options) + throws SocketException { this(host, port, host, port, secret, DEFAULT_TIMEOUT, seed, options); } - public RadiusConn(String host1, int port1, String host2, int port2, - String secret, int timeout, byte seed[], Properties options) - throws SocketException { + public RadiusConn(String host1, int port1, String host2, int port2, + String secret, int timeout, byte seed[], Properties options) + throws SocketException { _host[0] = host1; _port[0] = port1; _host[1] = host2; @@ -70,7 +73,7 @@ public class RadiusConn { _selected = 0; _secret = secret; _options = options; - _socket = new DatagramSocket(); + _socket = new DatagramSocket(); _socket.setSoTimeout(timeout * 1000); if (seed == null) { _rand = new SecureRandom(); @@ -83,8 +86,9 @@ public class RadiusConn { _socket.disconnect(); } - public void authenticate(String name, String password) throws IOException, - NoSuchAlgorithmException, RejectException, ChallengeException { + public void authenticate(String name, String password) + throws IOException, NoSuchAlgorithmException, + RejectException, ChallengeException { int retries = 0; Packet res = null; @@ -94,14 +98,13 @@ public class RadiusConn { req.addAttribute(new UserNameAttribute(name)); req.addAttribute(new UserPasswordAttribute(req.getAuthenticator(), _secret, password)); - req.addAttribute(new NASIPAddressAttribute(InetAddress - .getLocalHost())); + req.addAttribute(new NASIPAddressAttribute(InetAddress.getLocalHost())); req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); send(req, _host[_selected], _port[_selected]); try { retries++; - res = receive(); + res = receive(); if (res instanceof AccessReject) { throw new RejectException((AccessReject) res); } else if (res instanceof AccessChallenge) { @@ -118,22 +121,24 @@ public class RadiusConn { } // throw e; } - + } - } while (res == null); + } + while (res == null); } public void replyChallenge(String password, ChallengeException ce) - throws IOException, NoSuchAlgorithmException, RejectException, - ChallengeException { + throws IOException, NoSuchAlgorithmException, + RejectException, ChallengeException { replyChallenge(null, password, ce); } - public void replyChallenge(String name, String password, - ChallengeException ce) throws IOException, - NoSuchAlgorithmException, RejectException, ChallengeException { - StateAttribute state = (StateAttribute) ce.getAttributeSet() - .getAttributeByType(Attribute.STATE); + public void replyChallenge(String name, String password, + ChallengeException ce) + throws IOException, NoSuchAlgorithmException, + RejectException, ChallengeException { + StateAttribute state = (StateAttribute) + ce.getAttributeSet().getAttributeByType(Attribute.STATE); if (state == null) throw new IOException("State not found in challenge"); @@ -149,7 +154,7 @@ public class RadiusConn { req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); send(req, _host[_selected], _port[_selected]); - Packet res = receive(); + Packet res = receive(); if (res instanceof AccessReject) { throw new RejectException((AccessReject) res); @@ -159,8 +164,8 @@ public class RadiusConn { } public void replyChallenge(String name, String password, String state) - throws IOException, NoSuchAlgorithmException, RejectException, - ChallengeException { + throws IOException, NoSuchAlgorithmException, + RejectException, ChallengeException { if (state == null) throw new IOException("State not found in challenge"); AccessRequest req = createAccessRequest(); @@ -173,7 +178,7 @@ public class RadiusConn { req.addAttribute(new NASPortAttribute(_socket.getLocalPort())); send(req, _host[_selected], _port[_selected]); - Packet res = receive(); + Packet res = receive(); if (res instanceof AccessReject) { throw new RejectException((AccessReject) res); @@ -187,12 +192,12 @@ public class RadiusConn { } private void send(NASPacket packet, String host, int port) - throws IOException { - DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); + throws IOException { + DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); - dp.setPort(port); - dp.setAddress(InetAddress.getByName(host)); - byte data[] = packet.getData(); + dp.setPort(port); + dp.setAddress(InetAddress.getByName(host)); + byte data[] = packet.getData(); dp.setLength(data.length); dp.setData(data); @@ -201,10 +206,11 @@ public class RadiusConn { trace("Sent " + packet); } - private ServerPacket receive() throws IOException { - DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); + private ServerPacket receive() + throws IOException { + DatagramPacket dp = new DatagramPacket(new byte[4096], 4096); - _socket.receive(dp); + _socket.receive(dp); byte data[] = dp.getData(); ServerPacket p = PacketFactory.createServerPacket(data); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java b/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java index 7d6ecb5b5..d80b045e3 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/RejectException.java @@ -17,6 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + + + public class RejectException extends Exception { /** * @@ -33,7 +36,6 @@ public class RejectException extends Exception { } public String getReplyMessage() { - return ((ReplyMessageAttribute) (_res.getAttributeSet() - .getAttributeByType(Attribute.REPLY_MESSAGE))).getString(); - } + return ((ReplyMessageAttribute) (_res.getAttributeSet().getAttributeByType(Attribute.REPLY_MESSAGE))).getString(); + } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java index 5ec4ea052..094a51730 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ReplyMessageAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class ReplyMessageAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java index 5d82752dd..108b51451 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/RequestAuthenticator.java @@ -17,16 +17,18 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; + public class RequestAuthenticator extends Authenticator { private byte _ra[] = null; - public RequestAuthenticator(SecureRandom rand, String secret) - throws NoSuchAlgorithmException { + public RequestAuthenticator(SecureRandom rand, String secret) + throws NoSuchAlgorithmException { byte[] authenticator = new byte[16]; rand.nextBytes(authenticator); diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java b/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java index 3c3de33c4..93fd46c39 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ResponseAuthenticator.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class ResponseAuthenticator extends Authenticator { private byte _data[] = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java b/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java index f7d7fa302..abbe255fc 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ServerPacket.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public abstract class ServerPacket extends Packet { public ServerPacket(byte data[]) throws IOException { super(); @@ -39,8 +41,8 @@ public abstract class ServerPacket extends Packet { int attrLen = (data[startp + 1] & 0xFF); byte attrData[] = new byte[attrLen]; - System.arraycopy(data, startp, attrData, 0, attrData.length); - addAttribute(AttributeFactory.createAttribute(attrData)); + System.arraycopy(data, startp, attrData, 0, attrData.length); + addAttribute(AttributeFactory.createAttribute(attrData)); startp += attrData.length; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java index f31c74f9a..7ab143f79 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/ServiceTypeAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class ServiceTypeAttribute extends Attribute { public static final int LOGIN = 1; public static final int FRAMED = 2; @@ -38,9 +40,9 @@ public class ServiceTypeAttribute extends Attribute { public ServiceTypeAttribute(byte value[]) { super(); _t = SERVICE_TYPE; - _type = value[5] & 0xFF; - _type |= ((value[4] << 8) & 0xFF00); - _type |= ((value[3] << 16) & 0xFF0000); + _type = value[5] & 0xFF; + _type |= ((value[4] << 8) & 0xFF00); + _type |= ((value[3] << 16) & 0xFF0000); _type |= ((value[2] << 24) & 0xFF000000); _value = value; } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java index 2809aee4b..fcbf69425 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/SessionTimeoutAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class SessionTimeoutAttribute extends Attribute { private int _timeout = 0; @@ -37,12 +39,12 @@ public class SessionTimeoutAttribute extends Attribute { } public byte[] getValue() throws IOException { - byte[] p = new byte[4]; + byte[] p = new byte[4]; - p[0] = (byte) ((_timeout >>> 24) & 0xFF); - p[1] = (byte) ((_timeout >>> 16) & 0xFF); - p[2] = (byte) ((_timeout >>> 8) & 0xFF); - p[3] = (byte) (_timeout & 0xFF); + p[0] = (byte) ((_timeout >>> 24) & 0xFF); + p[1] = (byte) ((_timeout >>> 16) & 0xFF); + p[2] = (byte) ((_timeout >>> 8) & 0xFF); + p[3] = (byte) (_timeout & 0xFF); return p; } } diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java index 027f95620..4408819a6 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/StateAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class StateAttribute extends Attribute { private byte _value[] = null; private String _str = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java index b47a70d8c..67f214adf 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/TerminationActionAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class TerminationActionAttribute extends Attribute { public static final int DEFAULT = 0; public static final int RADIUS_REQUEST = 1; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java index af7ce6bbe..ccc715e54 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/UserNameAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class UserNameAttribute extends Attribute { private String _name = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java index 000b837b5..938652e09 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/UserPasswordAttribute.java @@ -17,10 +17,12 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; + public class UserPasswordAttribute extends Attribute { private Authenticator _ra = null; private String _secret = null; @@ -30,8 +32,7 @@ public class UserPasswordAttribute extends Attribute { // } - public UserPasswordAttribute(Authenticator ra, String secret, - String password) { + public UserPasswordAttribute(Authenticator ra, String secret, String password) { super(USER_PASSWORD); _ra = ra; _secret = secret; @@ -42,7 +43,7 @@ public class UserPasswordAttribute extends Attribute { MessageDigest md5 = null; try { - md5 = MessageDigest.getInstance("MD5"); + md5 = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { throw new IOException(e.getMessage()); } @@ -56,7 +57,7 @@ public class UserPasswordAttribute extends Attribute { for (int i = 0; i < ret.length; i++) { if ((i % 16) == 0) { - md5.reset(); + md5.reset(); md5.update(_secret.getBytes()); } if (i < up.length) { diff --git a/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java b/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java index 5f3d9f170..e3f174160 100644 --- a/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java +++ b/pki/base/util/src/com/netscape/cmsutil/radius/VendorSpecificAttribute.java @@ -17,8 +17,10 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.radius; + import java.io.IOException; + public class VendorSpecificAttribute extends Attribute { private byte _value[] = null; private String _id = null; diff --git a/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java b/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java index a65620e9f..16406e2a7 100644 --- a/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java +++ b/pki/base/util/src/com/netscape/cmsutil/scep/CRSPKIMessage.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.scep; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.CharConversionException; @@ -48,53 +49,70 @@ import org.mozilla.jss.pkix.cert.Certificate; import org.mozilla.jss.pkix.cert.CertificateInfo; import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier; -public class CRSPKIMessage { +public class CRSPKIMessage { + // OIDs for authenticated attributes - public static OBJECT_IDENTIFIER CRS_MESSAGETYPE = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 2 }); - public static OBJECT_IDENTIFIER CRS_PKISTATUS = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 3 }); - public static OBJECT_IDENTIFIER CRS_FAILINFO = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 4 }); - public static OBJECT_IDENTIFIER CRS_SENDERNONCE = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 5 }); - public static OBJECT_IDENTIFIER CRS_RECIPIENTNONCE = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 6 }); - public static OBJECT_IDENTIFIER CRS_TRANSID = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 7 }); - public static OBJECT_IDENTIFIER CRS_EXTENSIONREQ = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 113733, 1, 9, 8 }); - + public static OBJECT_IDENTIFIER CRS_MESSAGETYPE = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 2} + ); + public static OBJECT_IDENTIFIER CRS_PKISTATUS = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 3} + ); + public static OBJECT_IDENTIFIER CRS_FAILINFO = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 4} + ); + public static OBJECT_IDENTIFIER CRS_SENDERNONCE = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 5} + ); + public static OBJECT_IDENTIFIER CRS_RECIPIENTNONCE = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 6} + ); + public static OBJECT_IDENTIFIER CRS_TRANSID = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 7} + ); + public static OBJECT_IDENTIFIER CRS_EXTENSIONREQ = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 113733, 1, 9, 8} + ); + // PKCS9 defined OIDs - public static OBJECT_IDENTIFIER PKCS9_CONTENT_TYPE = new OBJECT_IDENTIFIER( - new long[] { 1, 2, 840, 113549, 1, 9, 3 }); + public static OBJECT_IDENTIFIER PKCS9_CONTENT_TYPE = + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 1, 9, 3} + ); - public static OBJECT_IDENTIFIER PKCS9_MESSAGE_DIGEST = new OBJECT_IDENTIFIER( - new long[] { 1, 2, 840, 113549, 1, 9, 4 }); + public static OBJECT_IDENTIFIER PKCS9_MESSAGE_DIGEST = + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 1, 9, 4} + ); /* PKCS 1 - rsaEncryption */ - public static OBJECT_IDENTIFIER RSA_ENCRYPTION = new OBJECT_IDENTIFIER( - new long[] { 1, 2, 840, 113549, 1, 1, 1 }); - - public static OBJECT_IDENTIFIER DES_CBC_ENCRYPTION = new OBJECT_IDENTIFIER( - new long[] { 1, 3, 14, 3, 2, 7 }); - - public static OBJECT_IDENTIFIER DES_EDE3_CBC_ENCRYPTION = new OBJECT_IDENTIFIER( - new long[] { 1, 2, 840, 113549, 3, 7 }); - - public static OBJECT_IDENTIFIER MD5_DIGEST = new OBJECT_IDENTIFIER( - new long[] { 1, 2, 840, 113549, 2, 5 }); - - public static OBJECT_IDENTIFIER SHA1_DIGEST = new OBJECT_IDENTIFIER( - new long[] { 1, 3, 14, 3, 2, 26 }); - - public static OBJECT_IDENTIFIER SHA256_DIGEST = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 101, 3, 4, 2, 1 }); - - public static OBJECT_IDENTIFIER SHA512_DIGEST = new OBJECT_IDENTIFIER( - new long[] { 2, 16, 840, 1, 101, 3, 4, 2, 3 }); + public static OBJECT_IDENTIFIER RSA_ENCRYPTION = + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 1, 1, 1} + ); + + public static OBJECT_IDENTIFIER DES_CBC_ENCRYPTION = + new OBJECT_IDENTIFIER(new long[] {1, 3, 14, 3, 2, 7} + ); + + public static OBJECT_IDENTIFIER DES_EDE3_CBC_ENCRYPTION = + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 3, 7} + ); + + public static OBJECT_IDENTIFIER MD5_DIGEST = + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 2, 5} + ); + + public static OBJECT_IDENTIFIER SHA1_DIGEST = + new OBJECT_IDENTIFIER(new long[] {1, 3, 14, 3, 2, 26} + ); + + public static OBJECT_IDENTIFIER SHA256_DIGEST = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 101, 3, 4, 2, 1} + ); + + public static OBJECT_IDENTIFIER SHA512_DIGEST = + new OBJECT_IDENTIFIER(new long[] {2, 16, 840, 1, 101, 3, 4, 2, 3} + ); // Strings given in 'messageType' authenticated attribute public final static String mType_PKCSReq = "19"; @@ -102,12 +120,12 @@ public class CRSPKIMessage { public final static String mType_GetCertInitial = "20"; public final static String mType_GetCert = "21"; public final static String mType_GetCRL = "22"; - + // Strings given in 'PKIStatus' authenticated attribute public final static String mStatus_SUCCESS = "0"; public final static String mStatus_FAILURE = "2"; public final static String mStatus_PENDING = "3"; - + // Strings given in 'failInfo' authenticated attribute public final static String mFailInfo_badAlg = "0"; public final static String mFailInfo_badMessageCheck = "1"; @@ -122,66 +140,65 @@ public class CRSPKIMessage { public final static String mFailInfo_noKeyReuse = "10"; public final static String mFailInfo_internalCAError = "11"; public final static String mFailInfo_tryLater = "12"; - + // ************************************************************************ // These private members represent the flattened structure of the PKIMessage // ************************************************************************ - + // top level is just a ContentInfo - private ContentInfo crsci; + private ContentInfo crsci; // it's content is a signedData - private SignedData sd; + private SignedData sd; // In the signed data, we have: - private int sdv; // Version - private ContentInfo data; // The data to be digested - private EnvelopedData sded; // Enveloped data inside of signed data - private byte[] signerCertBytes; + private int sdv; // Version + private ContentInfo data; // The data to be digested + private EnvelopedData sded; // Enveloped data inside of signed data + private byte[] signerCertBytes; org.mozilla.jss.pkix.cert.Certificate signerCert; - private SET sis; // set of SignerInfos - private SignerInfo si; // First SignerInfo + private SET sis; // set of SignerInfos + private SignerInfo si; // First SignerInfo private AlgorithmIdentifier digestAlgorithmId = null; - private int siv; // Version - private SET aa; // Authenticated Attributes - private SET aa_old; // Authenticated Attributes - private IssuerAndSerialNumber sgnIASN; // Signer's Issuer Name and Serialnum - private OCTET_STRING aa_digest; // digest of the authenticated attrs - - private String messageType; // these are all authenticated attributes - private String failInfo; - private String pkiStatus; - private String transactionID; - private byte[] senderNonce; - private byte[] recipientNonce; + private int siv; // Version + private SET aa; // Authenticated Attributes + private SET aa_old; // Authenticated Attributes + private IssuerAndSerialNumber sgnIASN; // Signer's Issuer Name and Serialnum + private OCTET_STRING aa_digest; // digest of the authenticated attrs + + private String messageType; // these are all authenticated attributes + private String failInfo; + private String pkiStatus; + private String transactionID; + private byte[] senderNonce; + private byte[] recipientNonce; private OCTET_STRING msg_digest; // digest of the message // Inside the sded Enveloped data - private RecipientInfo ri; // First RecipientInfo - private int riv; // Version - private AlgorithmIdentifier riAlgid; // alg that the bulk key is wrapped - // with - private byte[] riKey; // bulk key, wrapped with above algorithm - private byte[] cKey; // * 'clear', unwrapped key (not in ASN.1) * - private IssuerAndSerialNumber rcpIASN; // Recipient's Issuer Name and Serial - // Number + private RecipientInfo ri; // First RecipientInfo + private int riv; // Version + private AlgorithmIdentifier riAlgid; // alg that the bulk key is wrapped with + private byte[] riKey; // bulk key, wrapped with above algorithm + private byte[] cKey; // * 'clear', unwrapped key (not in ASN.1) * + private IssuerAndSerialNumber rcpIASN; // Recipient's Issuer Name and Serial Number private EncryptedContentInfo eci; - private byte[] iv; // initialization vector for above key - private byte[] ec; // encrypted content (P10, in case of request) - private byte[] cc; // * 'clear' content (not in ASN.1) * - private String encryptionAlgorithm = null; + private byte[] iv; // initialization vector for above key + private byte[] ec; // encrypted content (P10, in case of request) + private byte[] cc; // * 'clear' content (not in ASN.1) * + private String encryptionAlgorithm = null; // For the CertRep, the enveloped content is another signed Data: - private SignedData crsd; - private int rsdVersion; - private byte[] rsdCert; // certificate to send in response + private SignedData crsd; + private int rsdVersion; + private byte[] rsdCert; // certificate to send in response + + private Object myP10; - private Object myP10; + private Hashtable attrs; // miscellanous - private Hashtable attrs; // miscellanous + // *** END *** // - // *** END *** // public void debug() { } @@ -194,28 +211,30 @@ public class CRSPKIMessage { return attrs.get(a); } - private SignatureAlgorithm getSignatureAlgorithm(String hashAlgorithm) { + private SignatureAlgorithm getSignatureAlgorithm (String hashAlgorithm) + { SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RSASignatureWithMD5Digest; if (hashAlgorithm != null) { if (hashAlgorithm.equals("SHA1")) { signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA1Digest; } else if (hashAlgorithm.equals("SHA256")) { signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA256Digest; - } else if (hashAlgorithm.equals("SHA512")) { + } else if (hashAlgorithm.equals("SHA512")) { signatureAlgorithm = SignatureAlgorithm.RSASignatureWithSHA512Digest; } } return signatureAlgorithm; } - private OBJECT_IDENTIFIER getAlgorithmOID(String hashAlgorithm) { + private OBJECT_IDENTIFIER getAlgorithmOID (String hashAlgorithm) + { OBJECT_IDENTIFIER oid = MD5_DIGEST; if (hashAlgorithm != null) { if (hashAlgorithm.equals("SHA1")) { oid = SHA1_DIGEST; } else if (hashAlgorithm.equals("SHA256")) { oid = SHA256_DIGEST; - } else if (hashAlgorithm.equals("SHA512")) { + } else if (hashAlgorithm.equals("SHA512")) { oid = SHA512_DIGEST; } } @@ -223,7 +242,8 @@ public class CRSPKIMessage { } // getHashAlgorithm is added to work around issue 636217 - private String getHashAlgorithm(OBJECT_IDENTIFIER algorithmOID) { + private String getHashAlgorithm (OBJECT_IDENTIFIER algorithmOID) + { String hashAlgorithm = null; OBJECT_IDENTIFIER oid = MD5_DIGEST; if (algorithmOID != null) { @@ -233,7 +253,7 @@ public class CRSPKIMessage { hashAlgorithm = "SHA1"; } else if (algorithmOID.equals(SHA256_DIGEST)) { hashAlgorithm = "SHA256"; - } else if (algorithmOID.equals(SHA512_DIGEST)) { + } else if (algorithmOID.equals(SHA512_DIGEST)) { hashAlgorithm = "SHA512"; } } @@ -242,38 +262,38 @@ public class CRSPKIMessage { // These functions are used to initialize the various blobs - public void makeSignedData(int version, byte[] certificate, - String hashAlgorithm) { + public void makeSignedData(int version, + byte[] certificate, String hashAlgorithm) { try { SET digest_algs = new SET(); - digest_algs.addElement(new AlgorithmIdentifier( - getAlgorithmOID(hashAlgorithm), new NULL())); - - // SET certs = new SET(); - // certs.addElement(new ANY(certificate)); - + digest_algs.addElement(new AlgorithmIdentifier(getAlgorithmOID(hashAlgorithm), new NULL())); + + // SET certs = new SET(); + // certs.addElement(new ANY(certificate)); + SET sis = new SET(); sis.addElement(si); - + ContentInfo data = this.data; - this.sd = new SignedData(digest_algs, data, null, // don't send the - // certs, he - // already has - // them - null, // crl's - sis); + this.sd = new SignedData( + digest_algs, + data, + null, // don't send the certs, he already has them + null, // crl's + sis); } catch (Exception e) { } } - + public byte[] getResponse() throws IOException, InvalidBERException { - crsci = new ContentInfo(ContentInfo.SIGNED_DATA, sd); + crsci = new ContentInfo(ContentInfo.SIGNED_DATA, + sd); return ASN1Util.encode(crsci); @@ -282,35 +302,39 @@ public class CRSPKIMessage { } /* - * public void makeSignerInfo_old(int version, // issuer and serialnumber - * byte[] digest) { - * - * si = new SignerInfo(new INTEGER(version), sgnIASN, // issuer and - * serialnum new AlgorithmIdentifier(MD5_DIGEST, new NULL()), // digest - * algorithm this.aa, // Authenticated Attributes new - * AlgorithmIdentifier(RSA_ENCRYPTION,new NULL()), // digest encryption - * algorithm new OCTET_STRING(digest), // digest null); // unauthenticated - * attributes - * - * } + public void makeSignerInfo_old(int version, + // issuer and serialnumber + byte[] digest) { + + si = new SignerInfo(new INTEGER(version), + sgnIASN, // issuer and serialnum + new AlgorithmIdentifier(MD5_DIGEST, new NULL()), // digest algorithm + this.aa, // Authenticated Attributes + new AlgorithmIdentifier(RSA_ENCRYPTION,new NULL()), // digest encryption algorithm + new OCTET_STRING(digest), // digest + null); // unauthenticated attributes + + } */ public void makeSignerInfo(int version, - // issuer and serialnumber - org.mozilla.jss.crypto.PrivateKey pk, String hashAlgorithm) - throws java.security.NoSuchAlgorithmException, TokenException, + // issuer and serialnumber + org.mozilla.jss.crypto.PrivateKey pk, String hashAlgorithm) + throws java.security.NoSuchAlgorithmException, + TokenException, java.security.InvalidKeyException, - java.security.SignatureException, + java.security.SignatureException, org.mozilla.jss.CryptoManager.NotInitializedException { - si = new SignerInfo(sgnIASN, // issuer and serialnum - this.aa, // Authenticated Attributes - null, // Unauthenticated Attrs - ContentInfo.ENVELOPED_DATA, // content type - msg_digest.toByteArray(), // digest - getSignatureAlgorithm(hashAlgorithm), pk); + si = new SignerInfo(sgnIASN, // issuer and serialnum + this.aa, // Authenticated Attributes + null, // Unauthenticated Attrs + ContentInfo.ENVELOPED_DATA, // content type + msg_digest.toByteArray(), // digest + getSignatureAlgorithm(hashAlgorithm), + pk); } - + public void makeAuthenticatedAttributes() { aa = new SET(); @@ -322,28 +346,28 @@ public class CRSPKIMessage { tidset.addElement((new PrintableString(transactionID))); aa.addElement(new Attribute(CRS_TRANSID, tidset)); } - + if (pkiStatus != null) { SET pkistatusset = new SET(); pkistatusset.addElement(new PrintableString(pkiStatus)); aa.addElement(new Attribute(CRS_PKISTATUS, pkistatusset)); } - + if (messageType != null) { SET aaset = new SET(); aaset.addElement(new PrintableString(messageType)); - aa.addElement(new Attribute(CRS_MESSAGETYPE, aaset)); + aa.addElement(new Attribute(CRS_MESSAGETYPE, aaset)); } if (failInfo != null) { SET fiset = new SET(); fiset.addElement(new PrintableString(failInfo)); - aa.addElement(new Attribute(CRS_FAILINFO, fiset)); + aa.addElement(new Attribute(CRS_FAILINFO, fiset)); } - + if (senderNonce != null) { SET snset = new SET(); @@ -359,27 +383,31 @@ public class CRSPKIMessage { } // XXX sender nonce - + } catch (CharConversionException e) { } } - + public byte[] makeEnvelopedData(int version) { byte[] r; try { - + if (this.ri != null) { ContentInfo ci; SET ris = new SET(); ris.addElement(this.ri); - - this.sded = new EnvelopedData(new INTEGER(version), ris, eci); - - ci = new ContentInfo(ContentInfo.ENVELOPED_DATA, sded); + + this.sded = new EnvelopedData( + new INTEGER(version), + ris, + eci); + + ci = new ContentInfo(ContentInfo.ENVELOPED_DATA, + sded); ByteArrayOutputStream ba = new ByteArrayOutputStream(); ci.encode(ba); @@ -388,11 +416,12 @@ public class CRSPKIMessage { r = new byte[0]; } - this.data = new ContentInfo(ContentInfo.DATA, new OCTET_STRING(r)); + this.data = new ContentInfo(ContentInfo.DATA, + new OCTET_STRING(r)); return r; - // return this.sded.getEncodedContents(); + // return this.sded.getEncodedContents(); } catch (Exception e) { return null; } @@ -403,10 +432,14 @@ public class CRSPKIMessage { this.riv = version; this.riAlgid = new AlgorithmIdentifier(RSA_ENCRYPTION, new NULL()); - this.riKey = riKey; - - this.ri = new RecipientInfo(new INTEGER(this.riv), rcpIASN, - this.riAlgid, new OCTET_STRING(this.riKey)); + this.riKey = riKey; + + this.ri = new RecipientInfo( + new INTEGER(this.riv), + rcpIASN, + this.riAlgid, + new OCTET_STRING(this.riKey) + ); } public void makeEncryptedContentInfo(byte[] iv, byte[] ec, String algorithm) { @@ -418,13 +451,13 @@ public class CRSPKIMessage { if (algorithm != null && algorithm.equals("DES3")) oid = DES_EDE3_CBC_ENCRYPTION; - AlgorithmIdentifier aid = new AlgorithmIdentifier(oid, - new OCTET_STRING(iv)); + AlgorithmIdentifier aid = new AlgorithmIdentifier(oid, new OCTET_STRING(iv)); - // eci = - // EncryptedContentInfo.createCRSCompatibleEncryptedContentInfo( - eci = new EncryptedContentInfo(ContentInfo.DATA, aid, - new OCTET_STRING(ec)); + //eci = EncryptedContentInfo.createCRSCompatibleEncryptedContentInfo( + eci = new EncryptedContentInfo(ContentInfo.DATA, + aid, + new OCTET_STRING(ec) + ); } catch (Exception e) { } @@ -436,28 +469,33 @@ public class CRSPKIMessage { try { SET certs = new SET(); ANY cert = new ANY(certificate); - + certs.addElement(cert); - - crsd = new SignedData(new SET(), // empty set of digestAlgorithmID's - new ContentInfo(new OBJECT_IDENTIFIER(new long[] { 1, 2, - 840, 113549, 1, 7, 1 }), null), // empty content - certs, null, // no CRL's - new SET() // empty SignerInfos - ); - ContentInfo wrap = new ContentInfo(ContentInfo.SIGNED_DATA, crsd); + + crsd = new SignedData( + new SET(), // empty set of digestAlgorithmID's + new ContentInfo( + new OBJECT_IDENTIFIER(new long[] {1, 2, 840, 113549, 1, 7, 1} + ), + null), //empty content + certs, + null, // no CRL's + new SET() // empty SignerInfos + ); + ContentInfo wrap = new ContentInfo(ContentInfo.SIGNED_DATA, + crsd); ByteArrayOutputStream baos = new ByteArrayOutputStream(); wrap.encode(baos); return baos.toByteArray(); - // return crsd.getEncodedContents(); + // return crsd.getEncodedContents(); } catch (Exception e) { return null; } } - + public String toString() { StringBuffer sb = new StringBuffer(); sb.append("{ messageType="); @@ -469,15 +507,15 @@ public class CRSPKIMessage { sb.append(", transactionID="); sb.append(getTransactionID()); sb.append(", senderNonce="); - sb.append(Arrays.toString(getSenderNonce())); + sb.append( Arrays.toString( getSenderNonce() ) ); sb.append(", recipientNonce="); - sb.append(Arrays.toString(getRecipientNonce())); + sb.append( Arrays.toString( getRecipientNonce() ) ); sb.append(" }"); - + String s = sb.toString(); return s; } - + public String getMessageType() { return messageType; } @@ -521,7 +559,7 @@ public class CRSPKIMessage { public String getDigestAlgorithmName() { String name = null; if (digestAlgorithmId != null) { - name = getHashAlgorithm(digestAlgorithmId.getOID()); + name = getHashAlgorithm(digestAlgorithmId.getOID()); } return name; } @@ -529,13 +567,12 @@ public class CRSPKIMessage { public PublicKey getSignerPublicKey() { try { - org.mozilla.jss.pkix.cert.Certificate.Template ct = new org.mozilla.jss.pkix.cert.Certificate.Template(); - - ByteArrayInputStream bais = new ByteArrayInputStream( - this.signerCertBytes); - - signerCert = (org.mozilla.jss.pkix.cert.Certificate) ct - .decode(bais); + org.mozilla.jss.pkix.cert.Certificate.Template ct = new + org.mozilla.jss.pkix.cert.Certificate.Template(); + + ByteArrayInputStream bais = new ByteArrayInputStream(this.signerCertBytes); + + signerCert = (org.mozilla.jss.pkix.cert.Certificate) ct.decode(bais); return signerCert.getInfo().getSubjectPublicKeyInfo().toPublicKey(); } catch (Exception e) { return null; @@ -554,7 +591,7 @@ public class CRSPKIMessage { } - public void setAA_old(SET auth_attrs) { + public void setAA_old( SET auth_attrs ) { aa_old = auth_attrs; } @@ -574,15 +611,15 @@ public class CRSPKIMessage { public byte[] getAADigest() { return aa_digest.toByteArray(); } - + public Object getP10() { return myP10; } - + public void setP10(Object p10) { myP10 = p10; } - + public void setSgnIssuerAndSerialNumber(IssuerAndSerialNumber iasn) { this.sgnIASN = iasn; } @@ -592,7 +629,7 @@ public class CRSPKIMessage { } public IssuerAndSerialNumber getSgnIssuerAndSerialNumber() { - return this.sgnIASN; + return this.sgnIASN; } public IssuerAndSerialNumber getRcpIssuerAndSerialNumber() { @@ -623,7 +660,8 @@ public class CRSPKIMessage { this.senderNonce = sn; } - // public void setCertificate(byte [] cert) { this.certificate = cert; } + // public void setCertificate(byte [] cert) { this.certificate = cert; } + public void setMsgDigest(byte[] digest) { this.msg_digest = new OCTET_STRING(digest); @@ -635,91 +673,88 @@ public class CRSPKIMessage { public void setPending() { // setIssuerAndSerialNumber(); - + setMessageType(mType_CertRep); setPKIStatus(mStatus_PENDING); }; - + public void setFailure(String failInfo) { setMessageType(mType_CertRep); setPKIStatus(mStatus_FAILURE); setFailInfo(failInfo); } - + // Should add a Certificate to this call public void setSuccess() { setMessageType(mType_CertRep); setPKIStatus(mStatus_SUCCESS); } - + /** - * Gets a byte array which is the der-encoded blob which gets sent back to - * the router. + * Gets a byte array which is the der-encoded blob + * which gets sent back to the router. */ - + public byte[] getEncoded() { - // Assert.assert(messageType != null); - // Assert.assert(pkiStatus != null); - - return new byte[1]; // blagh + //Assert.assert(messageType != null); + //Assert.assert(pkiStatus != null); + + return new byte[1]; // blagh } + - private void decodeCRSPKIMessage(ByteArrayInputStream bais) - throws InvalidBERException, Exception { + private void decodeCRSPKIMessage (ByteArrayInputStream bais) throws InvalidBERException, Exception { org.mozilla.jss.pkcs7.ContentInfo.Template crscit; crscit = new ContentInfo.Template(); crsci = (ContentInfo) crscit.decode(bais); - - if (!ContentInfo.SIGNED_DATA.equals(crsci.getContentType())) { - throw new Exception("ContentType wasn't signed data, it was" - + crsci.getContentType()); + + if (!ContentInfo.SIGNED_DATA.equals(crsci.getContentType())) { + throw new Exception("ContentType wasn't signed data, it was" + crsci.getContentType()); } - - // Now that we know that the contentInfo is a SignedData, we can decode - // it + + // Now that we know that the contentInfo is a SignedData, we can decode it SignedData.Template sdt = new SignedData.Template(); - - sd = (SignedData) sdt.decode(new ByteArrayInputStream(((ANY) crsci - .getContent()).getEncoded())); + + sd = (SignedData) sdt.decode( + new ByteArrayInputStream( + ((ANY) crsci.getContent()).getEncoded() + )); this.decodeSD(); } public CRSPKIMessage() { attrs = new Hashtable(); } - - public CRSPKIMessage(ByteArrayInputStream bais) throws InvalidBERException, - Exception { + + public CRSPKIMessage (ByteArrayInputStream bais) throws InvalidBERException, Exception { attrs = new Hashtable(); decodeCRSPKIMessage(bais); } private void decodeSD() throws Exception { - ContentInfo sdci; + ContentInfo sdci; sis = sd.getSignerInfos(); - + decodeSI(); sdci = sd.getContentInfo(); - + // HACK to work with CRS ANY a = (ANY) sdci.getContent(); ByteArrayInputStream s = new ByteArrayInputStream(a.getEncoded()); - OCTET_STRING os = (OCTET_STRING) (new OCTET_STRING.Template()) - .decode(s); - + OCTET_STRING os = (OCTET_STRING) (new OCTET_STRING.Template()).decode(s); + ByteArrayInputStream s2 = new ByteArrayInputStream(os.toByteArray()); ContentInfo ci = (ContentInfo) (new ContentInfo.Template()).decode(s2); - ByteArrayInputStream s3 = new ByteArrayInputStream( - ((ANY) ci.getContent()).getEncoded()); - + ByteArrayInputStream s3 = new ByteArrayInputStream(((ANY) ci.getContent()).getEncoded()); + EnvelopedData.Template edt = new EnvelopedData.Template(); sded = (EnvelopedData) edt.decode(s3); - + SET signerCerts = (SET) sd.getCertificates(); Certificate firstCert = (Certificate) signerCerts.elementAt(0); @@ -728,11 +763,11 @@ public class CRSPKIMessage { CertificateInfo firstCertInfo = firstCert.getInfo(); sgnIASN = new IssuerAndSerialNumber(firstCertInfo.getIssuer(), - firstCertInfo.getSerialNumber()); - + firstCertInfo.getSerialNumber()); + decodeED(); } - + private void decodeSI() throws Exception { if (sis.size() == 0) { throw new Exception("SignerInfos is empty"); @@ -745,51 +780,51 @@ public class CRSPKIMessage { aa_digest = new OCTET_STRING(si.getEncryptedDigest()); } - + private void decodeED() throws Exception { SET ris; ris = (SET) sded.getRecipientInfos(); - + if (ris.size() == 0) { throw new Exception("RecipientInfos is empty"); } ri = (RecipientInfo) ris.elementAt(0); eci = sded.getEncryptedContentInfo(); - if (eci.getContentEncryptionAlgorithm().getOID() - .equals(DES_EDE3_CBC_ENCRYPTION)) { + if (eci.getContentEncryptionAlgorithm().getOID().equals(DES_EDE3_CBC_ENCRYPTION)) { encryptionAlgorithm = "DES3"; - } else if (eci.getContentEncryptionAlgorithm().getOID() - .equals(DES_CBC_ENCRYPTION)) { + } else if (eci.getContentEncryptionAlgorithm().getOID().equals(DES_CBC_ENCRYPTION)) { encryptionAlgorithm = "DES"; } else { - throw new Exception( - "P10 encrypted alg is not supported (not DES): " - + eci.getContentEncryptionAlgorithm().getOID()); + throw new Exception("P10 encrypted alg is not supported (not DES): " + eci.getContentEncryptionAlgorithm().getOID()); } - + ec = eci.getEncryptedContent().toByteArray(); OCTET_STRING.Template ost = new OCTET_STRING.Template(); - - OCTET_STRING os = (OCTET_STRING) ost.decode(new ByteArrayInputStream( - ((ANY) eci.getContentEncryptionAlgorithm().getParameters()) - .getEncoded())); + + OCTET_STRING os = (OCTET_STRING) + ost.decode(new ByteArrayInputStream( + ((ANY) eci.getContentEncryptionAlgorithm().getParameters()).getEncoded() + ) + ); iv = os.toByteArray(); decodeRI(); } - + /** - * The PKCS10 request is encrypt with a symmetric key. This key in turn is - * encrypted with the RSA key in the CA certificate. - * - * riAlgid is the algorithm the symm key is encrypted with. It had better be - * RSA riKey is the encrypted symmetric key + * The PKCS10 request is encrypt with a symmetric key. + * This key in turn is encrypted with the RSA key in the + * CA certificate. + * + * riAlgid is the algorithm the symm key is encrypted with. It had + * better be RSA + * riKey is the encrypted symmetric key */ - + private void decodeRI() throws Exception { // really should get issuer and serial number of our RI, as this @@ -797,19 +832,18 @@ public class CRSPKIMessage { // going to assume that the key is the Signing cert for the server. riAlgid = ri.getKeyEncryptionAlgorithmID(); - + if (!riAlgid.getOID().equals(RSA_ENCRYPTION)) { - throw new Exception( - "Request is protected by a key which we can't decrypt"); + throw new Exception("Request is protected by a key which we can't decrypt"); } - + riKey = ri.getEncryptedKey().toByteArray(); - + } - + private void decodeAA() throws InvalidBERException, IOException { aa = si.getAuthenticatedAttributes(); - + int count; for (count = 0; count < aa.size(); count++) { @@ -819,48 +853,42 @@ public class CRSPKIMessage { PrintableString ps; PrintableString.Template pst = new PrintableString.Template(); OCTET_STRING.Template ost = new OCTET_STRING.Template(); - + OBJECT_IDENTIFIER oid = a.getType(); if (oid.equals(CRS_MESSAGETYPE)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f - .getEncoded())); + ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); // We make a new string here messageType = ps.toString(); - + } else if (oid.equals(CRS_PKISTATUS)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f - .getEncoded())); - pkiStatus = new String(ps.toString()); + ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); + pkiStatus = new String (ps.toString()); } else if (oid.equals(CRS_FAILINFO)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f - .getEncoded())); - failInfo = new String(ps.toString()); + ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); + failInfo = new String (ps.toString()); } else if (oid.equals(CRS_SENDERNONCE)) { - OCTET_STRING oss = (OCTET_STRING) ost - .decode(new ByteArrayInputStream(f.getEncoded())); + OCTET_STRING oss = (OCTET_STRING) ost.decode(new ByteArrayInputStream(f.getEncoded())); senderNonce = oss.toByteArray(); } else if (oid.equals(CRS_RECIPIENTNONCE)) { - OCTET_STRING osr = (OCTET_STRING) ost - .decode(new ByteArrayInputStream(f.getEncoded())); + OCTET_STRING osr = (OCTET_STRING) ost.decode(new ByteArrayInputStream(f.getEncoded())); recipientNonce = osr.toByteArray(); } else if (oid.equals(CRS_TRANSID)) { - ps = (PrintableString) pst.decode(new ByteArrayInputStream(f - .getEncoded())); - transactionID = new String(ps.toString()); + ps = (PrintableString) pst.decode(new ByteArrayInputStream(f.getEncoded())); + transactionID = new String (ps.toString()); } - + } - - } // end of decodeAA(); - + + } // end of decodeAA(); + public String getMessageTypeString() { if (messageType == null) { return null; } - + if (messageType.equals(mType_PKCSReq)) { return "PKCSReq"; } @@ -877,7 +905,8 @@ public class CRSPKIMessage { return "GetCRL"; } // messageType should match one of the above - // Assert.assert(false); + //Assert.assert(false); return null; } -} +} + diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Cert.java b/pki/base/util/src/com/netscape/cmsutil/util/Cert.java index 021d6939e..d5689ac9d 100644 --- a/pki/base/util/src/com/netscape/cmsutil/util/Cert.java +++ b/pki/base/util/src/com/netscape/cmsutil/util/Cert.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.util; + import java.io.IOException; import java.security.cert.CertificateException; import java.security.cert.X509CRL; @@ -61,14 +62,14 @@ public class Cert { return s; } - if ((s.startsWith("-----BEGIN CERTIFICATE-----")) - && (s.endsWith("-----END CERTIFICATE-----"))) { + if ((s.startsWith("-----BEGIN CERTIFICATE-----")) && + (s.endsWith("-----END CERTIFICATE-----"))) { return (s.substring(27, (s.length() - 25))); } // To support Thawte's header and footer - if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) - && (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) { + if ((s.startsWith("-----BEGIN PKCS #7 SIGNED DATA-----")) && + (s.endsWith("-----END PKCS #7 SIGNED DATA-----"))) { return (s.substring(35, (s.length() - 33))); } @@ -79,23 +80,24 @@ public class Cert { if (s == null) { return s; } - if ((s.startsWith("-----BEGIN CERTIFICATE REVOCATION LIST-----")) - && (s.endsWith("-----END CERTIFICATE REVOCATION LIST-----"))) { + if ((s.startsWith("-----BEGIN CERTIFICATE REVOCATION LIST-----")) && + (s.endsWith("-----END CERTIFICATE REVOCATION LIST-----"))) { return (s.substring(43, (s.length() - 41))); } return s; } public static String stripCertBrackets(String s) { - return stripBrackets(s); + return stripBrackets(s); } - // private static BASE64Decoder mDecoder = new BASE64Decoder(); - public static X509CertImpl mapCert(String mime64) throws IOException { + // private static BASE64Decoder mDecoder = new BASE64Decoder(); + public static X509CertImpl mapCert(String mime64) + throws IOException { mime64 = stripCertBrackets(mime64.trim()); String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = OSUtil.AtoB(newval); + // byte rawPub[] = mDecoder.decodeBuffer(newval); + byte rawPub[] = OSUtil.AtoB( newval ); X509CertImpl cert = null; try { @@ -106,26 +108,27 @@ public class Cert { } public static X509Certificate[] mapCertFromPKCS7(String mime64) - throws IOException { + throws IOException { mime64 = stripCertBrackets(mime64.trim()); String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = OSUtil.AtoB(newval); + // byte rawPub[] = mDecoder.decodeBuffer(newval); + byte rawPub[] = OSUtil.AtoB( newval ); PKCS7 p7 = null; try { p7 = new PKCS7(rawPub); } catch (Exception e) { - throw new IOException("p7 is null"); + throw new IOException( "p7 is null" ); } return p7.getCertificates(); } - public static X509CRL mapCRL(String mime64) throws IOException { + public static X509CRL mapCRL(String mime64) + throws IOException { mime64 = stripCRLBrackets(mime64.trim()); String newval = normalizeCertStr(mime64); - // byte rawPub[] = mDecoder.decodeBuffer(newval); - byte rawPub[] = OSUtil.AtoB(newval); + // byte rawPub[] = mDecoder.decodeBuffer(newval); + byte rawPub[] = OSUtil.AtoB( newval ); X509CRL crl = null; try { @@ -135,7 +138,8 @@ public class Cert { return crl; } - public static X509CRL mapCRL1(String mime64) throws IOException { + public static X509CRL mapCRL1(String mime64) + throws IOException { mime64 = stripCRLBrackets(mime64.trim()); byte rawPub[] = OSUtil.AtoB(mime64); @@ -183,3 +187,4 @@ public class Cert { return val; } } + diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java b/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java index 29ec140d7..49b878c4c 100644 --- a/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java +++ b/pki/base/util/src/com/netscape/cmsutil/util/Fmt.java @@ -45,6 +45,7 @@ package com.netscape.cmsutil.util; // Visit the ACME Labs Java page for up-to-date versions of this and other // fine Java utilities: http://www.acme.com/java/ + /// Some simple single-arg sprintf-like routines. //

// It is apparently impossible to declare a Java method that accepts @@ -109,13 +110,13 @@ package com.netscape.cmsutil.util; public class Fmt { // Flags. - // / Zero-fill. + /// Zero-fill. public static final int ZF = 1; - // / Left justify. + /// Left justify. public static final int LJ = 2; - // / Hexadecimal. + /// Hexadecimal. public static final int HX = 4; - // / Octal. + /// Octal. public static final int OC = 8; // Was a number - internal use. private static final int WN = 16; @@ -155,9 +156,11 @@ public class Fmt { boolean octal = ((flags & OC) != 0); if (hexadecimal) - return fmt(Integer.toString(s & 0xffff, 16), minWidth, flags | WN); + return fmt( + Integer.toString(s & 0xffff, 16), minWidth, flags | WN); else if (octal) - return fmt(Integer.toString(s & 0xffff, 8), minWidth, flags | WN); + return fmt( + Integer.toString(s & 0xffff, 8), minWidth, flags | WN); else return fmt(Integer.toString(s), minWidth, flags | WN); } @@ -176,9 +179,11 @@ public class Fmt { boolean octal = ((flags & OC) != 0); if (hexadecimal) - return fmt(Long.toString(i & 0xffffffffL, 16), minWidth, flags | WN); + return fmt( + Long.toString(i & 0xffffffffL, 16), minWidth, flags | WN); else if (octal) - return fmt(Long.toString(i & 0xffffffffL, 8), minWidth, flags | WN); + return fmt( + Long.toString(i & 0xffffffffL, 8), minWidth, flags | WN); else return fmt(Integer.toString(i), minWidth, flags | WN); } @@ -199,16 +204,16 @@ public class Fmt { if (hexadecimal) { if ((l & 0xf000000000000000L) != 0) return fmt( - Long.toString(l >>> 60, 16) - + fmt(l & 0x0fffffffffffffffL, 15, HX | ZF), + Long.toString(l >>> 60, 16) + + fmt(l & 0x0fffffffffffffffL, 15, HX | ZF), minWidth, flags | WN); else return fmt(Long.toString(l, 16), minWidth, flags | WN); } else if (octal) { if ((l & 0x8000000000000000L) != 0) return fmt( - Long.toString(l >>> 63, 8) - + fmt(l & 0x7fffffffffffffffL, 21, OC | ZF), + Long.toString(l >>> 63, 8) + + fmt(l & 0x7fffffffffffffffL, 21, OC | ZF), minWidth, flags | WN); else return fmt(Long.toString(l, 8), minWidth, flags | WN); @@ -231,8 +236,9 @@ public class Fmt { public static String fmt(float f, int minWidth, int sigFigs, int flags) { if (sigFigs != 0) - return fmt(sigFigFix(Float.toString(f), sigFigs), minWidth, flags - | WN); + return fmt( + sigFigFix(Float.toString(f), sigFigs), minWidth, + flags | WN); else return fmt(Float.toString(f), minWidth, flags | WN); } @@ -252,8 +258,9 @@ public class Fmt { public static String fmt(double d, int minWidth, int sigFigs, int flags) { if (sigFigs != 0) - return fmt(sigFigFix(doubleToString(d), sigFigs), minWidth, flags - | WN); + return fmt( + sigFigFix(doubleToString(d), sigFigs), minWidth, + flags | WN); else return fmt(doubleToString(d), minWidth, flags | WN); } @@ -269,7 +276,7 @@ public class Fmt { public static String fmt(char c, int minWidth, int flags) { // return fmt( Character.toString( c ), minWidth, flags ); - // Character currently lacks a static toString method. Workaround + // Character currently lacks a static toString method. Workaround // is to make a temporary instance and use the instance toString. return fmt(Character.valueOf(c).toString(), minWidth, flags); } @@ -368,7 +375,8 @@ public class Fmt { int numFigs = number.length(); int fracFigs = fraction.length(); - if ((numFigs == 0 || number.toString().equals("0")) && fracFigs > 0) { + if( ( numFigs == 0 || number.toString().equals( "0" ) ) && + fracFigs > 0 ) { // Don't count leading zeros in the fraction. numFigs = 0; for (int i = 0; i < fraction.length(); ++i) { @@ -385,12 +393,12 @@ public class Fmt { fraction.append('0'); } else if (sigFigs < mantFigs && sigFigs >= numFigs) { // Want fewer figures in the fraction; chop. - fraction.setLength(fraction.length() - - (fracFigs - (sigFigs - numFigs))); + fraction.setLength( + fraction.length() - (fracFigs - (sigFigs - numFigs))); // Round? } else if (sigFigs < numFigs) { // Want fewer figures in the number; turn them to zeros. - fraction.setLength(0); // should already be zero, but make sure + fraction.setLength(0); // should already be zero, but make sure for (int i = sigFigs; i < numFigs; ++i) number.setCharAt(i, '0'); // Round? @@ -403,10 +411,10 @@ public class Fmt { return sign + number + "." + fraction + exponent; } - // / Improved version of Double.toString(), returns more decimal places. + /// Improved version of Double.toString(), returns more decimal places. //

// The JDK 1.0.2 version of Double.toString() returns only six decimal - // places on some systems. In JDK 1.1 full precision is returned on + // places on some systems. In JDK 1.1 full precision is returned on // all platforms. // @deprecated // @see java.lang.Double.toString @@ -419,7 +427,7 @@ public class Fmt { if (d == Double.POSITIVE_INFINITY) return "Inf"; - // Grab the sign, and then make the number positive for simplicity. + // Grab the sign, and then make the number positive for simplicity. boolean negative = false; if (d < 0.0D) { @@ -463,21 +471,19 @@ public class Fmt { else num = Integer.parseInt(numStr); - // Build the new mantissa. + // Build the new mantissa. StringBuffer newMantBuf = new StringBuffer(numStr + "."); double p = Math.pow(10, exp); double frac = d - num * p; String digits = "0123456789"; - int nDigits = 16 - numStr.length(); // about 16 digits in a double + int nDigits = 16 - numStr.length(); // about 16 digits in a double for (int i = 0; i < nDigits; ++i) { p /= 10.0D; int dig = (int) (frac / p); - if (dig < 0) - dig = 0; - if (dig > 9) - dig = 9; + if (dig < 0) dig = 0; + if (dig > 9) dig = 9; newMantBuf.append(digits.charAt(dig)); frac -= dig * p; } @@ -501,7 +507,7 @@ public class Fmt { break; } if (roundMore) { - // If this happens, we need to prepend a 1. But I haven't + // If this happens, we need to prepend a 1. But I haven't // found a test case yet, so I'm leaving it out for now. // But if you get this message, please let me know! newMantBuf.append("ROUNDMORE"); @@ -513,54 +519,86 @@ public class Fmt { while (newMantBuf.charAt(len - 1) == '0') newMantBuf.setLength(--len); - // And chop a trailing dot, if any. + // And chop a trailing dot, if any. if (newMantBuf.charAt(len - 1) == '.') newMantBuf.setLength(--len); - // Done. - return (negative ? "-" : "") + newMantBuf - + (expStr.length() != 0 ? ("e" + expStr) : ""); + // Done. + return (negative ? "-" : "") + + newMantBuf + + (expStr.length() != 0 ? ("e" + expStr) : ""); } /****************************************************************************** - * /// Test program. public static void main( String[] args ) { - * System.out.println( "Starting tests." ); show( Fmt.fmt( "Hello there." ) - * ); show( Fmt.fmt( 123 ) ); show( Fmt.fmt( 123, 10 ) ); show( Fmt.fmt( - * 123, 10, Fmt.ZF ) ); show( Fmt.fmt( 123, 10, Fmt.LJ ) ); show( Fmt.fmt( - * -123 ) ); show( Fmt.fmt( -123, 10 ) ); show( Fmt.fmt( -123, 10, Fmt.ZF ) - * ); show( Fmt.fmt( -123, 10, Fmt.LJ ) ); show( Fmt.fmt( (byte) 0xbe, 22, - * Fmt.OC ) ); show( Fmt.fmt( (short) 0xbabe, 22, Fmt.OC ) ); show( Fmt.fmt( - * 0xcafebabe, 22, Fmt.OC ) ); show( Fmt.fmt( 0xdeadbeefcafebabeL, 22, - * Fmt.OC ) ); show( Fmt.fmt( 0x8000000000000000L, 22, Fmt.OC ) ); show( - * Fmt.fmt( (byte) 0xbe, 16, Fmt.HX ) ); show( Fmt.fmt( (short) 0xbabe, 16, - * Fmt.HX ) ); show( Fmt.fmt( 0xcafebabe, 16, Fmt.HX ) ); show( Fmt.fmt( - * 0xdeadbeefcafebabeL, 16, Fmt.HX ) ); show( Fmt.fmt( 0x8000000000000000L, - * 16, Fmt.HX ) ); show( Fmt.fmt( 'c' ) ); show( Fmt.fmt( new - * java.util.Date() ) ); show( Fmt.fmt( 123.456F ) ); show( Fmt.fmt( - * 123456000000000000.0F ) ); show( Fmt.fmt( 123.456F, 0, 8 ) ); show( - * Fmt.fmt( 123.456F, 0, 7 ) ); show( Fmt.fmt( 123.456F, 0, 6 ) ); show( - * Fmt.fmt( 123.456F, 0, 5 ) ); show( Fmt.fmt( 123.456F, 0, 4 ) ); show( - * Fmt.fmt( 123.456F, 0, 3 ) ); show( Fmt.fmt( 123.456F, 0, 2 ) ); show( - * Fmt.fmt( 123.456F, 0, 1 ) ); show( Fmt.fmt( 123456000000000000.0F, 0, 4 ) - * ); show( Fmt.fmt( -123.456F, 0, 4 ) ); show( Fmt.fmt( - * -123456000000000000.0F, 0, 4 ) ); show( Fmt.fmt( 123.0F ) ); show( - * Fmt.fmt( 123.0D ) ); show( Fmt.fmt( 1.234567890123456789F ) ); show( - * Fmt.fmt( 1.234567890123456789D ) ); show( Fmt.fmt( 1234567890123456789F ) - * ); show( Fmt.fmt( 1234567890123456789D ) ); show( Fmt.fmt( - * 0.000000000000000000001234567890123456789F ) ); show( Fmt.fmt( - * 0.000000000000000000001234567890123456789D ) ); show( Fmt.fmt( 12300.0F ) - * ); show( Fmt.fmt( 12300.0D ) ); show( Fmt.fmt( 123000.0F ) ); show( - * Fmt.fmt( 123000.0D ) ); show( Fmt.fmt( 1230000.0F ) ); show( Fmt.fmt( - * 1230000.0D ) ); show( Fmt.fmt( 12300000.0F ) ); show( Fmt.fmt( - * 12300000.0D ) ); show( Fmt.fmt( Float.NaN ) ); show( Fmt.fmt( - * Float.POSITIVE_INFINITY ) ); show( Fmt.fmt( Float.NEGATIVE_INFINITY ) ); - * show( Fmt.fmt( Double.NaN ) ); show( Fmt.fmt( Double.POSITIVE_INFINITY ) - * ); show( Fmt.fmt( Double.NEGATIVE_INFINITY ) ); show( Fmt.fmt( 1.0F / - * 8.0F ) ); show( Fmt.fmt( 1.0D / 8.0D ) ); System.out.println( - * "Done with tests." ); } - * - * private static void show( String str ) { System.out.println( "#" + str + - * "#" ); } - ******************************************************************************/ + /// Test program. + public static void main( String[] args ) + { + System.out.println( "Starting tests." ); + show( Fmt.fmt( "Hello there." ) ); + show( Fmt.fmt( 123 ) ); + show( Fmt.fmt( 123, 10 ) ); + show( Fmt.fmt( 123, 10, Fmt.ZF ) ); + show( Fmt.fmt( 123, 10, Fmt.LJ ) ); + show( Fmt.fmt( -123 ) ); + show( Fmt.fmt( -123, 10 ) ); + show( Fmt.fmt( -123, 10, Fmt.ZF ) ); + show( Fmt.fmt( -123, 10, Fmt.LJ ) ); + show( Fmt.fmt( (byte) 0xbe, 22, Fmt.OC ) ); + show( Fmt.fmt( (short) 0xbabe, 22, Fmt.OC ) ); + show( Fmt.fmt( 0xcafebabe, 22, Fmt.OC ) ); + show( Fmt.fmt( 0xdeadbeefcafebabeL, 22, Fmt.OC ) ); + show( Fmt.fmt( 0x8000000000000000L, 22, Fmt.OC ) ); + show( Fmt.fmt( (byte) 0xbe, 16, Fmt.HX ) ); + show( Fmt.fmt( (short) 0xbabe, 16, Fmt.HX ) ); + show( Fmt.fmt( 0xcafebabe, 16, Fmt.HX ) ); + show( Fmt.fmt( 0xdeadbeefcafebabeL, 16, Fmt.HX ) ); + show( Fmt.fmt( 0x8000000000000000L, 16, Fmt.HX ) ); + show( Fmt.fmt( 'c' ) ); + show( Fmt.fmt( new java.util.Date() ) ); + show( Fmt.fmt( 123.456F ) ); + show( Fmt.fmt( 123456000000000000.0F ) ); + show( Fmt.fmt( 123.456F, 0, 8 ) ); + show( Fmt.fmt( 123.456F, 0, 7 ) ); + show( Fmt.fmt( 123.456F, 0, 6 ) ); + show( Fmt.fmt( 123.456F, 0, 5 ) ); + show( Fmt.fmt( 123.456F, 0, 4 ) ); + show( Fmt.fmt( 123.456F, 0, 3 ) ); + show( Fmt.fmt( 123.456F, 0, 2 ) ); + show( Fmt.fmt( 123.456F, 0, 1 ) ); + show( Fmt.fmt( 123456000000000000.0F, 0, 4 ) ); + show( Fmt.fmt( -123.456F, 0, 4 ) ); + show( Fmt.fmt( -123456000000000000.0F, 0, 4 ) ); + show( Fmt.fmt( 123.0F ) ); + show( Fmt.fmt( 123.0D ) ); + show( Fmt.fmt( 1.234567890123456789F ) ); + show( Fmt.fmt( 1.234567890123456789D ) ); + show( Fmt.fmt( 1234567890123456789F ) ); + show( Fmt.fmt( 1234567890123456789D ) ); + show( Fmt.fmt( 0.000000000000000000001234567890123456789F ) ); + show( Fmt.fmt( 0.000000000000000000001234567890123456789D ) ); + show( Fmt.fmt( 12300.0F ) ); + show( Fmt.fmt( 12300.0D ) ); + show( Fmt.fmt( 123000.0F ) ); + show( Fmt.fmt( 123000.0D ) ); + show( Fmt.fmt( 1230000.0F ) ); + show( Fmt.fmt( 1230000.0D ) ); + show( Fmt.fmt( 12300000.0F ) ); + show( Fmt.fmt( 12300000.0D ) ); + show( Fmt.fmt( Float.NaN ) ); + show( Fmt.fmt( Float.POSITIVE_INFINITY ) ); + show( Fmt.fmt( Float.NEGATIVE_INFINITY ) ); + show( Fmt.fmt( Double.NaN ) ); + show( Fmt.fmt( Double.POSITIVE_INFINITY ) ); + show( Fmt.fmt( Double.NEGATIVE_INFINITY ) ); + show( Fmt.fmt( 1.0F / 8.0F ) ); + show( Fmt.fmt( 1.0D / 8.0D ) ); + System.out.println( "Done with tests." ); + } + + private static void show( String str ) + { + System.out.println( "#" + str + "#" ); + } + ******************************************************************************/ } diff --git a/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java b/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java index eae8cc5f0..e77e37a50 100644 --- a/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java +++ b/pki/base/util/src/com/netscape/cmsutil/util/HMACDigest.java @@ -17,12 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.util; + import java.security.MessageDigest; + /** - * This class implements the HMAC algorithm specified in RFC 2104 using any - * MessageDigest. - * + * This class implements the HMAC algorithm specified in RFC 2104 using + * any MessageDigest. + * * @author mikep * @version $Revision$, $Date$ * @see java.security.MessageDigest @@ -49,20 +51,20 @@ public class HMACDigest implements Cloneable { /** * Creates an HMACDigest - * - * @param md The MessageDigest to be used for the HMAC calculation. It must - * be clonable. + * + * @param md The MessageDigest to be used for the HMAC calculation. It + * must be clonable. */ public HMACDigest(MessageDigest md) { mMD = md; } /** - * Creates an HMACDigest and initializes the HMAC function with the given - * key. - * - * @param md The MessageDigest to be used for the HMAC calculation. It must - * be clonable. + * Creates an HMACDigest and initializes the HMAC function + * with the given key. + * + * @param md The MessageDigest to be used for the HMAC calculation. It + * must be clonable. * @param key The key value to be used in the HMAC calculation */ public HMACDigest(MessageDigest md, byte[] key) { @@ -79,16 +81,18 @@ public class HMACDigest implements Cloneable { /** * Initialize the HMAC function - * + * * The HMAC transform looks like: - * - * hash(key XOR opad, hash(key XOR ipad, text)) - * - * where key is an n byte key ipad is the byte 0x36 repeated 64 times opad - * is the byte 0x5c repeated 64 times and text is the data being protected - * + * + * hash(key XOR opad, hash(key XOR ipad, text)) + * + * where key is an n byte key + * ipad is the byte 0x36 repeated 64 times + * opad is the byte 0x5c repeated 64 times + * and text is the data being protected + * * This routine must be called after every reset. - * + * * @param key The password used to protect the hash value */ public void init(byte[] key) { @@ -102,7 +106,7 @@ public class HMACDigest implements Cloneable { mMD.reset(); // Redundant? } - // Copy the key. Truncate if key is too long + // Copy the key. Truncate if key is too long for (i = 0; i < key.length && i < PAD_BYTES; i++) { mKeyIpad[i] = key[i]; mKeyOpad[i] = key[i]; @@ -129,7 +133,7 @@ public class HMACDigest implements Cloneable { /** * Updates the digest using the specified array of bytes. - * + * * @param input the array of bytes. */ public void update(byte[] input) { @@ -137,9 +141,9 @@ public class HMACDigest implements Cloneable { } /** - * Completes the HMAC computation with the outer pad The digest is reset - * after this call is made. - * + * Completes the HMAC computation with the outer pad + * The digest is reset after this call is made. + * * @return the array of bytes for the resulting hash value. */ public byte[] digest() { @@ -171,16 +175,16 @@ public class HMACDigest implements Cloneable { /** * Clone the HMACDigest - * + * * @return a clone if the implementation is cloneable. - * @exception CloneNotSupportedException if this is called on a - * MessageDigest implementation that does not support - * Cloneable. + * @exception CloneNotSupportedException if this is called on a + * MessageDigest implementation that does not support + * Cloneable. */ public Object clone() throws CloneNotSupportedException { int i; - HMACDigest hd = (HMACDigest) super.clone(); + HMACDigest hd = (HMACDigest) super.clone(); hd.mKeyOpad = new byte[PAD_BYTES]; hd.mKeyIpad = new byte[PAD_BYTES]; diff --git a/pki/base/util/src/com/netscape/cmsutil/util/Utils.java b/pki/base/util/src/com/netscape/cmsutil/util/Utils.java index dc1536cd1..36933da8e 100644 --- a/pki/base/util/src/com/netscape/cmsutil/util/Utils.java +++ b/pki/base/util/src/com/netscape/cmsutil/util/Utils.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.util; + import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.ByteArrayOutputStream; @@ -35,59 +36,64 @@ import java.util.Date; import java.util.Vector; public class Utils { - /** - * Checks if this is NT. - */ - public static boolean isNT() { - return ((File.separator).equals("\\")); - } + /** + * Checks if this is NT. + */ + public static boolean isNT() { + return ((File.separator).equals("\\")); + } - public static boolean exec(String cmd) { - try { - String cmds[] = null; - if (isNT()) { - // NT - cmds = new String[3]; - cmds[0] = "cmd"; - cmds[1] = "/c"; - cmds[2] = cmd; - } else { - // UNIX - cmds = new String[3]; - cmds[0] = "/bin/sh"; - cmds[1] = "-c"; - cmds[2] = cmd; - } - Process process = Runtime.getRuntime().exec(cmds); - process.waitFor(); - BufferedReader pOut = null; - String l = null; + public static boolean exec(String cmd) { + try { + String cmds[] = null; + if (isNT()) { + // NT + cmds = new String[3]; + cmds[0] = "cmd"; + cmds[1] = "/c"; + cmds[2] = cmd; + } else { + // UNIX + cmds = new String[3]; + cmds[0] = "/bin/sh"; + cmds[1] = "-c"; + cmds[2] = cmd; + } + Process process = Runtime.getRuntime().exec(cmds); + process.waitFor(); + BufferedReader pOut = null; + String l = null; - if (process.exitValue() == 0) { - /** - * pOut = new BufferedReader( new - * InputStreamReader(process.getInputStream())); while ((l = - * pOut.readLine()) != null) { System.out.println(l); } - **/ - return true; - } else { - /** - * pOut = new BufferedReader( new - * InputStreamReader(process.getErrorStream())); l = null; while - * ((l = pOut.readLine()) != null) { System.out.println(l); } - **/ - return false; - } - } catch (Exception e) { - return false; - } - } + if (process.exitValue() == 0) { + /** + pOut = new BufferedReader( + new InputStreamReader(process.getInputStream())); + while ((l = pOut.readLine()) != null) { + System.out.println(l); + } + **/ + return true; + } else { + /** + pOut = new BufferedReader( + new InputStreamReader(process.getErrorStream())); + l = null; + while ((l = pOut.readLine()) != null) { + System.out.println(l); + } + **/ + return false; + } + } catch (Exception e) { + return false; + } + } - public static String SpecialURLDecode(String s) { + public static String SpecialURLDecode(String s) { if (s == null) return null; ByteArrayOutputStream out = new ByteArrayOutputStream(s.length()); - + for (int i = 0; i < s.length(); i++) { int c = (int) s.charAt(i); @@ -105,11 +111,11 @@ public class Utils { return out.toString(); } - public static byte[] SpecialDecode(String s) { + public static byte[] SpecialDecode(String s) { if (s == null) return null; ByteArrayOutputStream out = new ByteArrayOutputStream(s.length()); - + for (int i = 0; i < s.length(); i++) { int c = (int) s.charAt(i); @@ -127,17 +133,17 @@ public class Utils { return out.toByteArray(); } - public static String SpecialEncode(byte data[]) { + public static String SpecialEncode(byte data[]) { StringBuffer sb = new StringBuffer(); for (int i = 0; i < data.length; i++) { - sb.append("%"); - if ((data[i] & 0xff) < 16) { - sb.append("0"); - } - sb.append(Integer.toHexString((data[i] & 0xff))); + sb.append("%"); + if ((data[i] & 0xff) < 16) { + sb.append("0"); + } + sb.append(Integer.toHexString((data[i] & 0xff))); } return sb.toString().toUpperCase(); - } + } public static void checkHost(String hostname) throws UnknownHostException { InetAddress addr = InetAddress.getByName(hostname); @@ -145,23 +151,22 @@ public class Utils { public static void copy(String orig, String dest) { try { - BufferedReader in = new BufferedReader(new FileReader(orig)); - PrintWriter out = new PrintWriter(new BufferedWriter( - new FileWriter(dest))); - String line = ""; - while (in.ready()) { - line = in.readLine(); - if (line != null) - out.println(line); - } - in.close(); - out.close(); + BufferedReader in = new BufferedReader(new FileReader(orig)); + PrintWriter out = new PrintWriter( + new BufferedWriter(new FileWriter(dest))); + String line = ""; + while (in.ready()) { + line = in.readLine(); + if (line != null) + out.println(line); + } + in.close(); + out.close(); } catch (Exception ee) { } } - public static void copyStream(InputStream in, OutputStream out) - throws IOException { + public static void copyStream(InputStream in, OutputStream out) throws IOException { byte[] buf = new byte[4096]; int len; @@ -170,8 +175,7 @@ public class Utils { } } - public static void copyStream(BufferedReader in, OutputStreamWriter out) - throws IOException { + public static void copyStream(BufferedReader in, OutputStreamWriter out) throws IOException { char[] buf = new char[4096]; int len; @@ -180,8 +184,8 @@ public class Utils { } } - // / Sorts an array of Strings. - // Java currently has no general sort function. Sorting Strings is + /// Sorts an array of Strings. + // Java currently has no general sort function. Sorting Strings is // common enough that it's worth making a special case. public static void sortStrings(String[] strings) { // Just does a bubblesort. @@ -197,8 +201,8 @@ public class Utils { } } - // / Returns a date string formatted in Unix ls style - if it's within - // six months of now, Mmm dd hh:ss, else Mmm dd yyyy. + /// Returns a date string formatted in Unix ls style - if it's within + // six months of now, Mmm dd hh:ss, else Mmm dd yyyy. public static String lsDateStr(Date date) { long dateTime = date.getTime(); @@ -226,10 +230,9 @@ public class Utils { } return true; } - + /** * strips out double quotes around String parameter - * * @param s the string potentially bracketed with double quotes * @return string stripped of surrounding double quotes */ @@ -246,8 +249,9 @@ public class Utils { } /** - * returns an array of strings from a vector of Strings there'll be trouble - * if the Vector contains something other than just Strings + * returns an array of strings from a vector of Strings + * there'll be trouble if the Vector contains something other + * than just Strings */ public static String[] getStringArrayFromVector(Vector v) { String s[] = new String[v.size()]; diff --git a/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java b/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java index 6787f1de6..a012f1a08 100644 --- a/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java +++ b/pki/base/util/src/com/netscape/cmsutil/xml/XMLObject.java @@ -16,7 +16,6 @@ // All rights reserved. // --- END COPYRIGHT BLOCK --- package com.netscape.cmsutil.xml; - import java.io.ByteArrayOutputStream; import java.io.File; import java.io.IOException; @@ -44,7 +43,8 @@ import org.w3c.dom.NodeList; import org.w3c.dom.Text; import org.xml.sax.SAXException; -public class XMLObject { +public class XMLObject +{ private Document mDoc = null; public XMLObject() throws ParserConfigurationException { @@ -53,15 +53,15 @@ public class XMLObject { mDoc = docBuilder.newDocument(); } - public XMLObject(InputStream s) throws SAXException, IOException, - ParserConfigurationException { + public XMLObject(InputStream s) + throws SAXException, IOException, ParserConfigurationException { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder docBuilder = factory.newDocumentBuilder(); mDoc = docBuilder.parse(s); } - public XMLObject(File f) throws SAXException, IOException, - ParserConfigurationException { + public XMLObject(File f) + throws SAXException, IOException, ParserConfigurationException { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder docBuilder = factory.newDocumentBuilder(); mDoc = docBuilder.parse(f); @@ -77,16 +77,16 @@ public class XMLObject { public Node createRoot(String name) { Element root = mDoc.createElement(name); mDoc.appendChild(root); - return (Node) root; + return (Node)root; } public Node getRoot() { return mDoc.getFirstChild(); } - /** - * If you have duplicate containers, then this method will return the first - * container in the list. + /** + * If you have duplicate containers, then this method will return the + * first container in the list. */ public Node getContainer(String tagname) { NodeList list = mDoc.getElementsByTagName(tagname); @@ -98,7 +98,7 @@ public class XMLObject { public Node createContainer(Node containerParent, String containerName) { Element node = mDoc.createElement(containerName); containerParent.appendChild(node); - return (Node) node; + return (Node)node; } public void addItemToContainer(Node container, String tagname, String value) { @@ -109,7 +109,7 @@ public class XMLObject { } public String getValue(String tagname) { - Node n = getContainer(tagname); + Node n = getContainer(tagname); if (n != null) { NodeList c = n.getChildNodes(); @@ -125,7 +125,7 @@ public class XMLObject { public Vector getAllValues(String tagname) { Vector v = new Vector(); NodeList nodes = mDoc.getElementsByTagName(tagname); - for (int i = 0; i < nodes.getLength(); i++) { + for (int i=0; i 0) { @@ -141,7 +141,7 @@ public class XMLObject { Vector v = new Vector(); NodeList c = container.getChildNodes(); int len = c.getLength(); - for (int i = 0; i < len; i++) { + for (int i=0; i