Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove unused jdk* spongycastle source files

Browse Source
This commit is contained in:
Daniel Martí 2015-04-06 22:30:41 +02:00
parent c7b16c6713
commit 3d55c0b45b
336 changed files with 0 additions and 77338 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
extern/spongycastle/core/src/main/jdk1.1/java/lang/UnsupportedOperationException.java vendored
View File

@ -1,14 +0,0 @@
package java.lang;
public class UnsupportedOperationException extends RuntimeException
{
public UnsupportedOperationException()
{
}
public UnsupportedOperationException(String msg)
{
super(msg);
}
}

96
extern/spongycastle/core/src/main/jdk1.1/java/security/AlgorithmParameterGenerator.java vendored
View File

@ -1,96 +0,0 @@
package java.security;
import java.security.spec.AlgorithmParameterSpec;
public class AlgorithmParameterGenerator
{
AlgorithmParameterGeneratorSpi spi;
Provider provider;
String algorithm;
protected AlgorithmParameterGenerator(
AlgorithmParameterGeneratorSpi paramGenSpi,
Provider provider,
String algorithm)
{
this.spi = paramGenSpi;
this.provider = provider;
this.algorithm = algorithm;
}
public final AlgorithmParameters generateParameters()
{
return spi.engineGenerateParameters();
}
public final String getAlgorithm()
{
return algorithm;
}
public static AlgorithmParameterGenerator getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("AlgorithmParameterGenerator", algorithm, null);
if (imp != null)
{
return new AlgorithmParameterGenerator((AlgorithmParameterGeneratorSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
catch (NoSuchProviderException e)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
public static AlgorithmParameterGenerator getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("AlgorithmParameterGenerator", algorithm, provider);
if (imp != null)
{
return new AlgorithmParameterGenerator((AlgorithmParameterGeneratorSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
public final Provider getProvider()
{
return provider;
}
public final void init(
AlgorithmParameterSpec genParamSpec)
throws InvalidAlgorithmParameterException
{
spi.engineInit(genParamSpec, new SecureRandom());
}
public final void init(
AlgorithmParameterSpec genParamSpec,
SecureRandom random)
throws InvalidAlgorithmParameterException
{
spi.engineInit(genParamSpec, random);
}
public final void init(
int size)
{
spi.engineInit(size, new SecureRandom());
}
public final void init(
int size,
SecureRandom random)
{
spi.engineInit(size, random);
}
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/AlgorithmParameterGeneratorSpi.java vendored
View File

@ -1,16 +0,0 @@
package java.security;
import java.security.spec.AlgorithmParameterSpec;
public abstract class AlgorithmParameterGeneratorSpi
{
public AlgorithmParameterGeneratorSpi()
{
}
protected abstract AlgorithmParameters engineGenerateParameters();
protected abstract void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) throws InvalidAlgorithmParameterException;
protected abstract void engineInit(int size, SecureRandom random);
}

103
extern/spongycastle/core/src/main/jdk1.1/java/security/AlgorithmParameters.java vendored
View File

@ -1,103 +0,0 @@
package java.security;
import java.io.IOException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
public class AlgorithmParameters extends Object
{
private AlgorithmParametersSpi spi;
private Provider provider;
private String algorithm;
protected AlgorithmParameters(
AlgorithmParametersSpi paramSpi,
Provider provider,
String algorithm)
{
this.spi = paramSpi;
this.provider = provider;
this.algorithm = algorithm;
}
public final String getAlgorithm()
{
return algorithm;
}
public final byte[] getEncoded() throws IOException
{
return spi.engineGetEncoded();
}
public final byte[] getEncoded(String format) throws IOException
{
return spi.engineGetEncoded(format);
}
public static AlgorithmParameters getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("AlgorithmParameters", algorithm, null);
if (imp != null)
{
return new AlgorithmParameters((AlgorithmParametersSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
catch (NoSuchProviderException e)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
public static AlgorithmParameters getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("AlgorithmParameters", algorithm, provider);
if (imp != null)
{
return new AlgorithmParameters((AlgorithmParametersSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
public final AlgorithmParameterSpec getParameterSpec(Class paramSpec)
throws InvalidParameterSpecException
{
return spi.engineGetParameterSpec(paramSpec);
}
public final Provider getProvider()
{
return provider;
}
public final void init(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException
{
spi.engineInit(paramSpec);
}
public final void init(byte[] params) throws IOException
{
spi.engineInit(params);
}
public final void init(byte[] params, String format) throws IOException
{
spi.engineInit(params, format);
}
public final String toString()
{
return spi.engineToString();
}
}

27
extern/spongycastle/core/src/main/jdk1.1/java/security/AlgorithmParametersSpi.java vendored
View File

@ -1,27 +0,0 @@
package java.security;
import java.io.IOException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
public abstract class AlgorithmParametersSpi extends Object
{
public AlgorithmParametersSpi()
{
}
protected abstract byte[] engineGetEncoded()
throws IOException;
protected abstract byte[] engineGetEncoded(String format)
throws IOException;
protected abstract AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec)
throws InvalidParameterSpecException;
protected abstract void engineInit(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException;
protected abstract void engineInit(byte[] params)
throws IOException;
protected abstract void engineInit(byte[] params, String format)
throws IOException;
protected abstract String engineToString();
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/GeneralSecurityException.java vendored
View File

@ -1,14 +0,0 @@
package java.security;
public class GeneralSecurityException extends Exception
{
public GeneralSecurityException()
{
}
public GeneralSecurityException(String msg)
{
super(msg);
}
}

13
extern/spongycastle/core/src/main/jdk1.1/java/security/InvalidAlgorithmParameterException.java vendored
View File

@ -1,13 +0,0 @@
package java.security;
public class InvalidAlgorithmParameterException extends GeneralSecurityException {
public InvalidAlgorithmParameterException()
{
}
public InvalidAlgorithmParameterException(String msg)
{
super(msg);
}
}

89
extern/spongycastle/core/src/main/jdk1.1/java/security/KeyFactory.java vendored
View File

@ -1,89 +0,0 @@
package java.security;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
public class KeyFactory extends Object
{
private KeyFactorySpi keyFacSpi;
private Provider provider;
private String algorithm;
protected KeyFactory(
KeyFactorySpi keyFacSpi,
Provider provider,
String algorithm)
{
this.keyFacSpi = keyFacSpi;
this.provider = provider;
this.algorithm = algorithm;
}
public final PrivateKey generatePrivate(KeySpec keySpec)
throws InvalidKeySpecException
{
return keyFacSpi.engineGeneratePrivate(keySpec);
}
public final PublicKey generatePublic(KeySpec keySpec)
throws InvalidKeySpecException
{
return keyFacSpi.engineGeneratePublic(keySpec);
}
public final String getAlgorithm()
{
return algorithm;
}
public static KeyFactory getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("KeyFactory", algorithm, null);
if (imp != null)
{
return new KeyFactory((KeyFactorySpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
catch (NoSuchProviderException e)
{
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
public static KeyFactory getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("KeyFactory", algorithm, null);
if (imp != null)
{
return new KeyFactory((KeyFactorySpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
public final KeySpec getKeySpec(Key key, Class keySpec)
throws InvalidKeySpecException
{
return keyFacSpi.engineGetKeySpec(key, keySpec);
}
public final Provider getProvider()
{
return provider;
}
public final Key translateKey(Key key)
throws InvalidKeyException
{
return keyFacSpi.engineTranslateKey(key);
}
}

24
extern/spongycastle/core/src/main/jdk1.1/java/security/KeyFactorySpi.java vendored
View File

@ -1,24 +0,0 @@
package java.security;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
public abstract class KeyFactorySpi extends Object
{
public KeyFactorySpi()
{
}
protected abstract PrivateKey engineGeneratePrivate(KeySpec keySpec)
throws InvalidKeySpecException;
protected abstract PublicKey engineGeneratePublic(KeySpec keySpec)
throws InvalidKeySpecException;
protected abstract KeySpec engineGetKeySpec(Key key, Class keySpec)
throws InvalidKeySpecException;
protected abstract Key engineTranslateKey(Key key)
throws InvalidKeyException;
}

225
extern/spongycastle/core/src/main/jdk1.1/java/security/KeyStore.java vendored
View File

@ -1,225 +0,0 @@
package java.security;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
public class KeyStore extends Object
{
private KeyStoreSpi keyStoreSpi;
private Provider provider;
private String type;
private boolean initialised;
protected KeyStore(
KeyStoreSpi keyStoreSpi,
Provider provider,
String type)
{
this.keyStoreSpi = keyStoreSpi;
this.provider = provider;
this.type = type;
this.initialised = false;
}
public final Enumeration aliases() throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineAliases();
}
public final boolean containsAlias(String alias) throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineContainsAlias(alias);
}
public final void deleteEntry(String alias) throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
keyStoreSpi.engineDeleteEntry(alias);
}
public final Certificate getCertificate(String alias)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineGetCertificate(alias);
}
public final String getCertificateAlias(Certificate cert)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineGetCertificateAlias(cert);
}
public final Certificate[] getCertificateChain(String alias)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineGetCertificateChain(alias);
}
public final Date getCreationDate(String alias) throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineGetCreationDate(alias);
}
public static final String getDefaultType()
{
return "JKS";
}
public static KeyStore getInstance(String type) throws KeyStoreException
{
try
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("KeyStore", type, null);
if (imp != null)
{
return new KeyStore((KeyStoreSpi)imp.getEngine(), imp.getProvider(), type);
}
throw new KeyStoreException("can't find type " + type);
}
catch (NoSuchProviderException e)
{
throw new KeyStoreException(type + " not found");
}
}
public static KeyStore getInstance(String type, String provider)
throws KeyStoreException, NoSuchProviderException
{
SecurityUtil.Implementation imp = SecurityUtil.getImplementation("KeyStore", type, provider);
if (imp != null)
{
return new KeyStore((KeyStoreSpi)imp.getEngine(), imp.getProvider(), type);
}
throw new KeyStoreException("can't find type " + type);
}
public final Key getKey(String alias, char[] password)
throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineGetKey(alias, password);
}
public final Provider getProvider()
{
return provider;
}
public final String getType()
{
return type;
}
public final boolean isCertificateEntry(String alias)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineIsCertificateEntry(alias);
}
public final boolean isKeyEntry(String alias) throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineIsKeyEntry(alias);
}
public final void load(
InputStream stream,
char[] password)
throws IOException, NoSuchAlgorithmException, CertificateException
{
keyStoreSpi.engineLoad(stream, password);
initialised = true;
}
public final void setCertificateEntry(String alias, Certificate cert)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
keyStoreSpi.engineSetCertificateEntry(alias, cert);
}
public final void setKeyEntry(
String alias,
Key key,
char[] password,
Certificate[] chain)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
keyStoreSpi.engineSetKeyEntry(alias, key, password, chain);
}
public final void setKeyEntry(
String alias,
byte[] key,
Certificate[] chain)
throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
keyStoreSpi.engineSetKeyEntry(alias, key, chain);
}
public final int size() throws KeyStoreException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
return keyStoreSpi.engineSize();
}
public final void store(
OutputStream stream,
char[] password)
throws KeyStoreException, IOException, NoSuchAlgorithmException,
CertificateException
{
if ( !initialised )
throw new KeyStoreException("KeyStore not initialised.");
keyStoreSpi.engineStore(stream, password);
}
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/KeyStoreException.java vendored
View File

@ -1,14 +0,0 @@
package java.security;
public class KeyStoreException extends GeneralSecurityException
{
public KeyStoreException()
{
}
public KeyStoreException(String msg)
{
super(msg);
}
}

59
extern/spongycastle/core/src/main/jdk1.1/java/security/KeyStoreSpi.java vendored
View File

@ -1,59 +0,0 @@
package java.security;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
public abstract class KeyStoreSpi extends Object
{
public KeyStoreSpi()
{
}
public abstract Enumeration engineAliases();
public abstract boolean engineContainsAlias(String alias);
public abstract void engineDeleteEntry(String alias)
throws KeyStoreException;
public abstract Certificate engineGetCertificate(String alias);
public abstract String engineGetCertificateAlias(Certificate cert);
public abstract Certificate[] engineGetCertificateChain(String alias);
public abstract Date engineGetCreationDate(String alias);
public abstract Key engineGetKey(String alias, char[] password)
throws NoSuchAlgorithmException, UnrecoverableKeyException;
public abstract boolean engineIsCertificateEntry(String alias);
public abstract boolean engineIsKeyEntry(String alias);
public abstract void engineLoad(InputStream stream, char[] password)
throws IOException, NoSuchAlgorithmException, CertificateException;
public abstract void engineSetCertificateEntry(
String alias, Certificate cert)
throws KeyStoreException;
public abstract void engineSetKeyEntry(
String alias, Key key, char[] password, Certificate[] chain)
throws KeyStoreException;
public abstract void engineSetKeyEntry(
String alias, byte[] key, Certificate[] chain)
throws KeyStoreException;
public abstract int engineSize();
public abstract void engineStore(OutputStream stream, char[] password)
throws IOException, NoSuchAlgorithmException, CertificateException;
}

114
extern/spongycastle/core/src/main/jdk1.1/java/security/SecurityUtil.java vendored
View File

@ -1,114 +0,0 @@
package java.security;
class SecurityUtil
{
static class Implementation
{
Object engine;
Provider provider;
Implementation(
Object engine,
Provider provider)
{
this.engine = engine;
this.provider = provider;
}
Object getEngine()
{
return engine;
}
Provider getProvider()
{
return provider;
}
}
/**
* see if we can find an algorithm (or its alias and what it represents) in
* the property table for the given provider.
*
* @return null if no algorithm found, an Implementation if it is.
*/
static private Implementation getImplementation(
String baseName,
String algorithm,
Provider prov)
{
String alias;
while ((alias = prov.getProperty("Alg.Alias." + baseName + "." + algorithm)) != null)
{
algorithm = alias;
}
String className = prov.getProperty(baseName + "." + algorithm);
if (className != null)
{
try
{
return new Implementation(Class.forName(className).newInstance(), prov);
}
catch (ClassNotFoundException e)
{
throw new IllegalStateException(
"algorithm " + algorithm + " in provider " + prov.getName() + " but no class found!");
}
catch (Exception e)
{
throw new IllegalStateException(
"algorithm " + algorithm + " in provider " + prov.getName() + " but class inaccessible!");
}
}
return null;
}
/**
* return an implementation for a given algorithm/provider.
* If the provider is null, we grab the first avalaible who has the required algorithm.
*
* @return null if no algorithm found, an Implementation if it is.
* @exception NoSuchProviderException if a provider is specified and not found.
*/
static Implementation getImplementation(
String baseName,
String algorithm,
String provider)
throws NoSuchProviderException
{
if (provider == null)
{
Provider[] prov = Security.getProviders();
//
// search every provider looking for the algorithm we want.
//
for (int i = 0; i != prov.length; i++)
{
Implementation imp = getImplementation(baseName, algorithm, prov[i]);
if (imp != null)
{
return imp;
}
}
}
else
{
Provider prov = Security.getProvider(provider);
if (prov == null)
{
throw new NoSuchProviderException("Provider " + provider + " not found");
}
return getImplementation(baseName, algorithm, prov);
}
return null;
}
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/UnrecoverableKeyException.java vendored
View File

@ -1,14 +0,0 @@
package java.security;
public class UnrecoverableKeyException extends GeneralSecurityException
{
public UnrecoverableKeyException()
{
}
public UnrecoverableKeyException(String msg)
{
super(msg);
}
}

20
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CRL.java vendored
View File

@ -1,20 +0,0 @@
package java.security.cert;
public abstract class CRL
{
private String type;
protected CRL(String type)
{
this.type = type;
}
public final String getType()
{
return type;
}
public abstract boolean isRevoked(Certificate cert);
public abstract String toString();
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CRLException.java vendored
View File

@ -1,16 +0,0 @@
package java.security.cert;
import java.security.GeneralSecurityException;
public class CRLException extends GeneralSecurityException
{
public CRLException()
{
}
public CRLException(String msg)
{
super(msg);
}
}

39
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CRLSelector.java vendored
View File

@ -1,39 +0,0 @@
package java.security.cert;
/**
* A selector that defines a set of criteria for selecting <code>CRL</code>s.
* Classes that implement this interface are often used to specify
* which <code>CRL</code>s should be retrieved from a <code>CertStore</code>.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this interface are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CRL
* @see CertStore
* @see CertStore#getCRLs
**/
public interface CRLSelector extends Cloneable
{
/**
* Decides whether a <code>CRL</code> should be selected.
*
* @param crl the <code>CRL</code> to be checked
*
* @return <code>true</code> if the <code>CRL</code> should be selected,
* <code>false</code> otherwise
*/
public boolean match(CRL crl);
/**
* Makes a copy of this <code>CRLSelector</code>. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>CRLSelector</code>
*/
public Object clone();
}

283
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPath.java vendored
View File

@ -1,283 +0,0 @@
package java.security.cert;
import java.io.ByteArrayInputStream;
import java.io.NotSerializableException;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
/**
* An immutable sequence of certificates (a certification path).<br />
* <br />
* This is an abstract class that defines the methods common to all
* CertPaths. Subclasses can handle different kinds of certificates
* (X.509, PGP, etc.).<br />
* <br />
* All CertPath objects have a type, a list of Certificates, and one
* or more supported encodings. Because the CertPath class is
* immutable, a CertPath cannot change in any externally visible way
* after being constructed. This stipulation applies to all public
* fields and methods of this class and any added or overridden by
* subclasses.<br />
* <br />
* The type is a String that identifies the type of Certificates in
* the certification path. For each certificate cert in a
* certification path certPath,
* cert.getType().equals(certPath.getType()) must be true.<br />
* <br />
* The list of Certificates is an ordered List of zero or more
* Certificates. This List and all of the Certificates contained in it
* must be immutable.<br />
* <br />
* Each CertPath object must support one or more encodings so that the
* object can be translated into a byte array for storage or
* transmission to other parties. Preferably, these encodings should
* be well-documented standards (such as PKCS#7). One of the encodings
* supported by a CertPath is considered the default encoding. This
* encoding is used if no encoding is explicitly requested (for the
* {@link #getEncoded()} method, for instance).<br />
* <br />
* All CertPath objects are also Serializable. CertPath objects are
* resolved into an alternate {@link CertPathRep} object during
* serialization. This allows a CertPath object to be serialized into
* an equivalent representation regardless of its underlying
* implementation.<br />
* <br />
* CertPath objects can be created with a CertificateFactory or they
* can be returned by other classes, such as a CertPathBuilder.<br />
* <br />
* By convention, X.509 CertPaths (consisting of X509Certificates),
* are ordered starting with the target certificate and ending with a
* certificate issued by the trust anchor. That is, the issuer of one
* certificate is the subject of the following one. The certificate
* representing the {@link TrustAnchor TrustAnchor} should not be included in the
* certification path. Unvalidated X.509 CertPaths may not follow
* these conventions. PKIX CertPathValidators will detect any
* departure from these conventions that cause the certification path
* to be invalid and throw a CertPathValidatorException.<br />
* <br />
* <strong>Concurrent Access</strong><br />
* <br />
* All CertPath objects must be thread-safe. That is, multiple threads
* may concurrently invoke the methods defined in this class on a
* single CertPath object (or more than one) with no ill effects. This
* is also true for the List returned by CertPath.getCertificates.<br />
* <br />
* Requiring CertPath objects to be immutable and thread-safe allows
* them to be passed around to various pieces of code without worrying
* about coordinating access. Providing this thread-safety is
* generally not difficult, since the CertPath and List objects in
* question are immutable.
*
* @see CertificateFactory
* @see CertPathBuilder
*/
public abstract class CertPath extends Object implements Serializable
{
private String type;
/**
* Alternate <code>CertPath</code> class for serialization.
**/
protected static class CertPathRep
implements Serializable
{
private String type;
private byte[] data;
/**
* Creates a <code>CertPathRep</code> with the specified
* type and encoded form of a certification path.
*
* @param type the standard name of a CertPath
* @param typedata the encoded form of the certification
* path
**/
protected CertPathRep(String type, byte[] data)
{
this.type = type;
this.data = data;
}
/**
* Returns a CertPath constructed from the type and data.
*
* @return the resolved CertPath object
* @exception ObjectStreamException if a CertPath could not be constructed
**/
protected Object readResolve()
throws ObjectStreamException
{
try {
ByteArrayInputStream inStream = new ByteArrayInputStream(data);
CertificateFactory cf = CertificateFactory.getInstance(type);
return cf.generateCertPath(inStream);
} catch ( CertificateException ce ) {
throw new NotSerializableException(" java.security.cert.CertPath: " + type);
}
}
}
/**
* Creates a CertPath of the specified type.
* This constructor is protected because most users should use
* a CertificateFactory to create CertPaths.
* @param type the standard name of the type of Certificatesin this path
**/
protected CertPath(String type)
{
this.type = type;
}
/**
* Returns the type of Certificates in this certification
* path. This is the same string that would be returned by
* {@link Certificate#getType() cert.getType()} for all
* Certificates in the certification path.
*
* @return the type of Certificates in this certification path (never null)
**/
public String getType()
{
return type;
}
/**
* Returns an iteration of the encodings supported by this
* certification path, with the default encoding
* first. Attempts to modify the returned Iterator via its
* remove method result in an UnsupportedOperationException.
*
* @return an Iterator over the names of the supported encodings (as Strings)
**/
public abstract Iterator getEncodings();
/**
* Compares this certification path for equality with the
* specified object. Two CertPaths are equal if and only if
* their types are equal and their certificate Lists (and by
* implication the Certificates in those Lists) are equal. A
* CertPath is never equal to an object that is not a
* CertPath.<br />
* <br />
* This algorithm is implemented by this method. If it is
* overridden, the behavior specified here must be maintained.
*
* @param other the object to test for equality with this
* certification path
*
* @return true if the specified object is equal to this
* certification path, false otherwise
*
* @see Object#hashCode() Object.hashCode()
**/
public boolean equals(Object other)
{
if (!( other instanceof CertPath ) )
return false;
CertPath otherCertPath = (CertPath)other;
if ( ! getType().equals(otherCertPath.getType()) )
return false;
return getCertificates().equals(otherCertPath.getCertificates());
}
/**
* Returns the hashcode for this certification path. The hash
* code of a certification path is defined to be the result of
* the following calculation:
* <pre>
* hashCode = path.getType().hashCode();
* hashCode = 31 * hashCode + path.getCertificates().hashCode();
* </pre>
* This ensures that path1.equals(path2) implies that
* path1.hashCode()==path2.hashCode() for any two
* certification paths, path1 and path2, as required by the
* general contract of Object.hashCode.
*
* @return The hashcode value for this certification path
*
* @see #equals(Object)
**/
public int hashCode()
{
return getType().hashCode() * 31 + getCertificates().hashCode();
}
/**
* Returns a string representation of this certification
* path. This calls the toString method on each of the
* Certificates in the path.
*
* @return a string representation of this certification path
**/
public String toString()
{
StringBuffer s = new StringBuffer();
List certs = getCertificates();
ListIterator iter = certs.listIterator();
s.append('\n').append(getType()).append(" Cert Path: length = ").append(certs.size()).append("\n[\n");
while ( iter.hasNext() ) {
s.append("=========================================================Certificate ").append(iter.nextIndex()).append('\n');
s.append(iter.next()).append('\n');
s.append("========================================================Certificate end\n\n\n");
}
s.append("\n]");
return s.toString();
}
/**
* Returns the encoded form of this certification path, using
* the default encoding.
*
* @return the encoded bytes
*
* @exception CertificateEncodingException if an encoding error occurs
**/
public abstract byte[] getEncoded()
throws CertificateEncodingException;
/**
* Returns the encoded form of this certification path, using
* the specified encoding.
*
* @param encoding the name of the encoding to use
*
* @return the encoded bytes
*
* @exception CertificateEncodingException if an encoding error
* occurs or the encoding requested is not supported
**/
public abstract byte[] getEncoded(String encoding)
throws CertificateEncodingException;
/**
* Returns the list of certificates in this certification
* path. The List returned must be immutable and thread-safe.
*
* @return an immutable List of Certificates (may be empty, but not null)
**/
public abstract List getCertificates();
/**
* Replaces the CertPath to be serialized with a CertPathRep
* object.
*
* @return the CertPathRep to be serialized
*
* @exception ObjectStreamException if a CertPathRep object
* representing this certification path could not be created
**/
protected Object writeReplace()
throws ObjectStreamException
{
try {
return new CertPathRep( getType(), getEncoded() );
} catch ( CertificateException ce ) {
throw new NotSerializableException( " java.security.cert.CertPath: " + getType() );
}
}
}

243
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathBuilder.java vendored
View File

@ -1,243 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
/**
* A class for building certification paths (also known as certificate
* chains).<br />
* <br />
* This class uses a provider-based architecture, as described in the
* Java Cryptography Architecture. To create a
* <code>CertPathBuilder</code>, call one of the static
* <code>getInstance</code> methods, passing in the algorithm name of
* the CertPathBuilder desired and optionally the name of the provider
* desired.<br />
* <br />
* Once a <code>CertPathBuilder</code> object has been created,
* certification paths can be constructed by calling the
* {@link #build build} method and passing it an algorithm-specific set
* of parameters. If successful, the result (including the CertPath
* that was built) is returned in an object that implements the
* <code>CertPathBuilderResult</code> interface.<br />
* <br />
* <strong>Concurrent Access</strong><br />
* <br />
* The static methods of this class are guaranteed to be
* thread-safe. Multiple threads may concurrently invoke the static
* methods defined in this class with no ill effects.<br />
* <br />
* However, this is not true for the non-static methods defined by
* this class. Unless otherwise documented by a specific provider,
* threads that need to access a single <code>CertPathBuilder</code>
* instance concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating a
* different <code>CertPathBuilder</code> instance need not
* synchronize.<br />
* <br />
* Uses {@link CertUtil CertUtil} to actualiy load the SPI classes.
*
* @see CertUtil
**/
public class CertPathBuilder extends Object
{
private CertPathBuilderSpi builderSpi;
private Provider provider;
private String algorithm;
/**
* Creates a CertPathBuilder object of the given algorithm, and
* encapsulates the given provider implementation (SPI object)
* in it.
*
* @param builderSpi the provider implementation
* @param provider the provider
* @param algorithm the algorithm name
**/
protected CertPathBuilder(CertPathBuilderSpi builderSpi,
Provider provider,
String algorithm)
{
this.builderSpi = builderSpi;
this.provider = provider;
this.algorithm = algorithm;
}
/**
* Returns a CertPathBuilder object that implements the
* specified algorithm.<br />
* <br />
* If the default provider package provides an implementation
* of the specified CertPathBuilder algorithm, an instance of
* CertPathBuilder containing that implementation is
* returned. If the requested algorithm is not available in
* the default package, other packages are searched.<br />
* <br />
* @param algorithm the name of the requested CertPathBuilder algorithm
*
* @return a CertPathBuilder object that implements the
* specified algorithm
*
* @exception NoSuchAlgorithmException if the requested
* algorithm is not available in the default provider package
* or any of the other provider packages that were searched
**/
public static CertPathBuilder getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try {
CertUtil.Implementation imp =
CertUtil.getImplementation("CertPathBuilder", algorithm, (String)null);
if (imp != null)
{
return new CertPathBuilder((CertPathBuilderSpi)imp.getEngine(),
imp.getProvider(), algorithm);
}
} catch ( NoSuchProviderException ex ) {}
throw new NoSuchAlgorithmException("can't find type " + algorithm);
}
/**
* Returns a CertPathBuilder object that implements the
* specified algorithm, as supplied by the specified provider.
*
* @param algorithm the name of the requested CertPathBuilder
* algorithm
* @param provider the name of the provider
*
* @return a CertPathBuilder object that implements the
* specified algorithm, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested algorithm
* is not available from the specified provider
* @exception NoSuchProviderException if the provider has not
* been configured
* @exception IllegalArgumentException if the provider is null
**/
public static CertPathBuilder getInstance(String algorithm,
String provider)
throws NoSuchAlgorithmException,
NoSuchProviderException
{
if ( provider == null )
throw new IllegalArgumentException("provider must be non-null");
CertUtil.Implementation imp =
CertUtil.getImplementation("CertPathBuilder", algorithm, provider);
if (imp != null)
{
return new CertPathBuilder((CertPathBuilderSpi)imp.getEngine(),
imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find type " + algorithm);
}
/**
* Returns a CertPathBuilder object that implements the
* specified algorithm, as supplied by the specified
* provider. Note: the provider doesn't have to be registered.
*
* @param algorithm the name of the requested CertPathBuilder
* algorithm
* @param provider the provider
* @return a CertPathBuilder object that implements the
* specified algorithm, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested algorithm
* is not available from the specified provider
* @exception IllegalArgumentException if the provider is null.
**/
public static CertPathBuilder getInstance(String algorithm,
Provider provider)
throws NoSuchAlgorithmException
{
if ( provider == null )
throw new IllegalArgumentException("provider must be non-null");
CertUtil.Implementation imp =
CertUtil.getImplementation("CertPathBuilder", algorithm, provider);
if (imp != null)
{
return new CertPathBuilder((CertPathBuilderSpi)imp.getEngine(),
provider, algorithm);
}
throw new NoSuchAlgorithmException("can't find type " + algorithm);
}
/**
* Returns the provider of this <code>CertPathBuilder</code>.
*
* @return the provider of this <code>CertPathBuilder</code>
**/
public final Provider getProvider()
{
return provider;
}
/**
* Returns the name of the algorithm of this
* <code>CertPathBuilder</code>.
*
* @return the name of the algorithm of this <code>CertPathBuilder</code>
**/
public final String getAlgorithm()
{
return algorithm;
}
/**
* Attempts to build a certification path using the specified algorithm
* parameter set.
*
* @param params the algorithm parameters
*
* @return the result of the build algorithm
*
* @exception CertPathBuilderException if the builder is unable to construct
* a certification path that satisfies the specified parameters
* @exception InvalidAlgorithmParameterException if the specified parameters * are inappropriate for this <code>CertPathBuilder</code>
*/
public final CertPathBuilderResult build(CertPathParameters params)
throws CertPathBuilderException,
InvalidAlgorithmParameterException
{
return builderSpi.engineBuild(params);
}
/**
* Returns the default <code>CertPathBuilder</code> type as specified in
* the Java security properties file, or the string &quot;PKIX&quot;
* if no such property exists. The Java security properties file is
* located in the file named &lt;JAVA_HOME&gt;/lib/security/java.security,
* where &lt;JAVA_HOME&gt; refers to the directory where the SDK was
* installed.<br />
* <br />
* The default <code>CertPathBuilder</code> type can be used by
* applications that do not want to use a hard-coded type when calling one
* of the <code>getInstance</code> methods, and want to provide a default
* type in case a user does not specify its own.<br />
* <br />
* The default <code>CertPathBuilder</code> type can be changed by
* setting the value of the "certpathbuilder.type" security property
* (in the Java security properties file) to the desired type.
*
* @return the default <code>CertPathBuilder</code> type as specified
* in the Java security properties file, or the string &quot;PKIX&quot;
* if no such property exists.
*/
public static final String getDefaultType()
{
String defaulttype = null;
defaulttype = Security.getProperty("certpathbuilder.type");
if ( defaulttype == null || defaulttype.length() <= 0 )
return "PKIX";
else
return defaulttype;
}
}

182
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathBuilderException.java vendored
View File

@ -1,182 +0,0 @@
package java.security.cert;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.security.GeneralSecurityException;
/**
* An exception indicating one of a variety of problems encountered
* when building a certification path with a
* <code>CertPathBuilder</code>.<br />
* <br />
* A <code>CertPathBuilderException</code> provides support for
* wrapping exceptions. The {@link #getCause() getCause} method
* returns the throwable, if any, that caused this exception to be
* thrown.<br />
* <br />
* <strong>Concurrent Access</strong><br />
* <br />
* Unless otherwise specified, the methods defined in this class are
* not thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathBuilder
**/
public class CertPathBuilderException extends GeneralSecurityException
{
private Throwable cause;
/**
* Creates a <code>CertPathBuilderException</code> with <code>null</code>
* as its detail message.
*/
public CertPathBuilderException()
{
}
/**
* Creates a <code>CertPathBuilderException</code> with the given detail
* message. The detail message is a <code>String</code> that describes
* this particular exception in more detail.
*
* @param msg
* the detail message
*/
public CertPathBuilderException(String message)
{
super(message);
}
/**
* Creates a <code>CertPathBuilderException</code> that wraps the
* specified throwable. This allows any exception to be converted into a
* <code>CertPathBuilderException</code>, while retaining information
* about the wrapped exception, which may be useful for debugging. The
* detail message is set to
* <code>(cause==null ? null : cause.toString())</code> (which typically
* contains the class and detail message of cause).
*
* @param cause
* the cause (which is saved for later retrieval by the
* {@link #getCause()} method). (A null value is permitted, and
* indicates that the cause is nonexistent or unknown.)
*/
public CertPathBuilderException(String message, Throwable cause)
{
super(message);
this.cause = cause;
}
/**
* Creates a <code>CertPathBuilderException</code> with the specified
* detail message and cause.
*
* @param msg
* the detail message
* @param cause
* the cause (which is saved for later retrieval by the
* {@link #getCause()} method). (A null value is permitted, and
* indicates that the cause is nonexistent or unknown.)
*/
public CertPathBuilderException(Throwable cause)
{
this.cause = cause;
}
/**
* Returns the internal (wrapped) cause, or null if the cause is nonexistent
* or unknown.
*
* @return the cause of this throwable or <code>null</code> if the cause
* is nonexistent or unknown.
*/
public Throwable getCause()
{
return cause;
}
/**
* Returns the detail message for this CertPathBuilderException.
*
* @return the detail message, or <code>null</code> if neither the message
* nor internal cause were specified
*/
public String getMessage()
{
String message = super.getMessage();
if (message == null && cause == null)
{
return null;
}
if (cause != null)
{
return cause.getMessage();
}
return message;
}
/**
* Returns a string describing this exception, including a description of
* the internal (wrapped) cause if there is one.
*
* @return a string representation of this
* <code>CertPathBuilderException</code>
*/
public String toString()
{
String message = getMessage();
if (message == null)
{
return "";
}
return message;
}
/**
* Prints a stack trace to <code>System.err</code>, including the
* backtrace of the cause, if any.
*/
public void printStackTrace()
{
printStackTrace(System.err);
}
/**
* Prints a stack trace to a <code>PrintStream</code>, including the
* backtrace of the cause, if any.
*
* @param ps
* the <code>PrintStream</code> to use for output
*/
public void printStackTrace(PrintStream ps)
{
super.printStackTrace(ps);
if (getCause() != null)
{
getCause().printStackTrace(ps);
}
}
/**
* Prints a stack trace to a <code>PrintWriter</code>, including the
* backtrace of the cause, if any.
*
* @param ps
* the <code>PrintWriter</code> to use for output
*/
public void printStackTrace(PrintWriter pw)
{
super.printStackTrace(pw);
if (getCause() != null)
{
getCause().printStackTrace(pw);
}
}
}

38
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathBuilderResult.java vendored
View File

@ -1,38 +0,0 @@
package java.security.cert;
/**
* A specification of the result of a certification path builder algorithm.
* All results returned by the {@link CertPathBuilder#build CertPathBuilder.build} method
* must implement this interface.<br />
* <br />
* At a minimum, a CertPathBuilderResult contains the CertPath built by the
* CertPathBuilder instance. Implementations of this interface may add methods
* to return implementation or algorithm specific information, such as
* debugging information or certification path validation results.<br />
* <br />
* <strong>Concurrent Access</strong><br />
* <br />
* Unless otherwise specified, the methods defined in this interface are not
* thread-safe. Multiple threads that need to access a single object
* concurrently should synchronize amongst themselves and provide the
* necessary locking. Multiple threads each manipulating separate objects
* need not synchronize.
**/
public interface CertPathBuilderResult extends Cloneable
{
/**
* Returns the built certification path.
*
* @return the certification path (never <code>null</code>)
*/
public CertPath getCertPath();
/**
* Makes a copy of this <code>CertPathBuilderResult</code>.
* Changes to the copy will not affect the original and vice
* versa.
*
* @return a copy of this CertPathBuilderResult
*/
public Object clone();
}

50
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathBuilderSpi.java vendored
View File

@ -1,50 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
/**
* The Service Provider Interface (SPI) for the CertPathBuilder
* class. All CertPathBuilder implementations must include a class
* (the SPI class) that extends this class (CertPathBuilderSpi) and
* implements all of its methods. In general, instances of this class
* should only be accessed through the CertPathBuilder class. For
* details, see the Java Cryptography Architecture.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Instances of this class need not be protected against concurrent
* access from multiple threads. Threads that need to access a single
* CertPathBuilderSpi instance concurrently should synchronize amongst
* themselves and provide the necessary locking before calling the
* wrapping CertPathBuilder object.<br />
* <br />
* However, implementations of CertPathBuilderSpi may still encounter
* concurrency issues, since multiple threads each manipulating a
* different CertPathBuilderSpi instance need not synchronize.
**/
public abstract class CertPathBuilderSpi
extends Object
{
/**
* The default constructor.
*/
public CertPathBuilderSpi() {}
/**
* Attempts to build a certification path using the specified
* algorithm parameter set.
*
* @param params the algorithm parameters
*
* @return the result of the build algorithm
*
* @exception CertPathBuilderException if the builder is unable
* to construct a certification path that satisfies the
* specified
* @exception parametersInvalidAlgorithmParameterException if the
* specified parameters are inappropriate for this CertPathBuilder
*/
public abstract CertPathBuilderResult engineBuild( CertPathParameters params )
throws CertPathBuilderException,
InvalidAlgorithmParameterException;
}

18
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathParameters.java vendored
View File

@ -1,18 +0,0 @@
package java.security.cert;
/**
* A specification of certification path algorithm parameters. The purpose
* of this interface is to group (and provide type safety for) all CertPath
* parameter specifications. All <code>CertPath</code> parameter specifications must
* implement this interface.
**/
public interface CertPathParameters extends Cloneable
{
/**
* Makes a copy of this <code>CertPathParameters</code>. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>CertPathParameters</code>
**/
public Object clone();
}

250
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java vendored
View File

@ -1,250 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
/**
* A class for validating certification paths (also known as certificate
* chains).<br />
* <br />
* This class uses a provider-based architecture, as described in the Java
* Cryptography Architecture. To create a <code>CertPathValidator</code>,
* call one of the static <code>getInstance</code> methods, passing in the
* algorithm name of the <code>CertPathValidator</code> desired and
* optionally the name of the provider desired. <br />
* <br />
* Once a <code>CertPathValidator</code> object has been created, it can
* be used to validate certification paths by calling the {@link #validate
* validate} method and passing it the <code>CertPath</code> to be validated
* and an algorithm-specific set of parameters. If successful, the result is
* returned in an object that implements the
* <code>CertPathValidatorResult</code> interface.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* The static methods of this class are guaranteed to be thread-safe.
* Multiple threads may concurrently invoke the static methods defined in
* this class with no ill effects.<br />
* <br />
* However, this is not true for the non-static methods defined by this class.
* Unless otherwise documented by a specific provider, threads that need to
* access a single <code>CertPathValidator</code> instance concurrently should
* synchronize amongst themselves and provide the necessary locking. Multiple
* threads each manipulating a different <code>CertPathValidator</code>
* instance need not synchronize.<br />
* <br />
* Uses {@link CertUtil CertUtil} to actualiy load the SPI classes.
*
* @see CertPath
* @see CertUtil
**/
public class CertPathValidator extends Object
{
private CertPathValidatorSpi validatorSpi;
private Provider provider;
private String algorithm;
/**
* Creates a <code>CertPathValidator</code> object of the given algorithm,
* and encapsulates the given provider implementation (SPI object) in it.
*
* @param validatorSpi the provider implementation
* @param provider the provider
* @param algorithm the algorithm name
*/
protected CertPathValidator( CertPathValidatorSpi validatorSpi,
Provider provider,
String algorithm)
{
this.validatorSpi = validatorSpi;
this.provider = provider;
this.algorithm = algorithm;
}
/**
* Returns a <code>CertPathValidator</code> object that implements the
* specified algorithm.<br />
* <br />
* If the default provider package provides an implementation of the
* specified <code>CertPathValidator</code> algorithm, an instance of
* <code>CertPathValidator</code> containing that implementation is
* returned. If the requested algorithm is not available in the default
* package, other packages are searched.
*
* @param algorithm the name of the requested <code>CertPathValidator</code>
* algorithm
*
* @return a <code>CertPathValidator</code> object that implements the
* specified algorithm
*
* @exception NoSuchAlgorithmException if the requested algorithm
* is not available in the default provider package or any of the other
* provider packages that were searched
*/
public static CertPathValidator getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try {
CertUtil.Implementation imp =
CertUtil.getImplementation("CertPathValidator", algorithm, (String)null );
if (imp != null)
{
return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
} catch (NoSuchProviderException ex ) {}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
/**
* Returns a <code>CertPathValidator</code> object that implements the
* specified algorithm, as supplied by the specified provider.
*
* @param algorithm the name of the requested <code>CertPathValidator</code>
* algorithm
* @param provider the name of the provider
*
* @return a <code>CertPathValidator</code> object that implements the
* specified algorithm, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested algorithm
* is not available from the specified provider
* @exception NoSuchProviderException if the provider has not been
* configured
* @exception IllegalArgumentException if the <code>provider</code> is
* null
*/
public static CertPathValidator getInstance(String algorithm,
String provider)
throws NoSuchAlgorithmException,
NoSuchProviderException
{
if ( provider == null )
throw new IllegalArgumentException("provider must be non-null");
CertUtil.Implementation imp = CertUtil.getImplementation("CertPathValidator", algorithm, provider );
if (imp != null)
{
return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), imp.getProvider(), algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
/**
* Returns a <code>CertPathValidator</code> object that implements the
* specified algorithm, as supplied by the specified provider.
* Note: the <code>provider</code> doesn't have to be registered.
*
* @param algorithm the name of the requested
* <code>CertPathValidator</code> algorithm
* @param provider the provider
*
* @return a <code>CertPathValidator</code> object that implements the
* specified algorithm, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested algorithm
* is not available from the specified provider
* @exception IllegalArgumentException if the <code>provider</code> is
* null
*/
public static CertPathValidator getInstance(String algorithm,
Provider provider)
throws NoSuchAlgorithmException
{
if ( provider == null )
throw new IllegalArgumentException("provider must be non-null");
CertUtil.Implementation imp = CertUtil.getImplementation("CertPathValidator", algorithm, provider );
if (imp != null)
{
return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), provider, algorithm);
}
throw new NoSuchAlgorithmException("can't find algorithm " + algorithm);
}
/**
* Returns the <code>Provider</code> of this
* <code>CertPathValidator</code>.
*
* @return the <code>Provider</code> of this <code>CertPathValidator</code>
*/
public final Provider getProvider()
{
return provider;
}
/**
* Returns the algorithm name of this <code>CertPathValidator</code>.
*
* @return the algorithm name of this <code>CertPathValidator</code>
*/
public final String getAlgorithm()
{
return algorithm;
}
/**
* Validates the specified certification path using the specified
* algorithm parameter set.<br />
* <br />
* The <code>CertPath</code> specified must be of a type that is
* supported by the validation algorithm, otherwise an
* <code>InvalidAlgorithmParameterException</code> will be thrown. For
* example, a <code>CertPathValidator</code> that implements the PKIX
* algorithm validates <code>CertPath</code> objects of type X.509.
*
* @param certPath the <code>CertPath</code> to be validated
* @param params the algorithm parameters
*
* @return the result of the validation algorithm
*
* @exception CertPathValidatorException if the <code>CertPath</code>
* does not validate
* @exception InvalidAlgorithmParameterException if the specified
* parameters or the type of the specified <code>CertPath</code> are
* inappropriate for this <code>CertPathValidator</code>
*/
public final CertPathValidatorResult validate( CertPath certPath,
CertPathParameters params)
throws CertPathValidatorException,
InvalidAlgorithmParameterException
{
return validatorSpi.engineValidate( certPath, params );
}
/**
* Returns the default <code>CertPathValidator</code> type as specified in
* the Java security properties file, or the string &quot;PKIX&quot;
* if no such property exists. The Java security properties file is
* located in the file named &lt;JAVA_HOME&gt;/lib/security/java.security,
* where &lt;JAVA_HOME&gt; refers to the directory where the SDK was
* installed.<br />
* <br />
* The default <code>CertPathValidator</code> type can be used by
* applications that do not want to use a hard-coded type when calling one
* of the <code>getInstance</code> methods, and want to provide a default
* type in case a user does not specify its own.<br />
* <br />
* The default <code>CertPathValidator</code> type can be changed by
* setting the value of the "certpathvalidator.type" security property
* (in the Java security properties file) to the desired type.
*
* @return the default <code>CertPathValidator</code> type as specified
* in the Java security properties file, or the string &quot;PKIX&quot;
* if no such property exists.
*/
public static final String getDefaultType()
{
String defaulttype = null;
defaulttype = Security.getProperty("certpathvalidator.type");
if ( defaulttype == null || defaulttype.length() <= 0 )
return "PKIX";
else
return defaulttype;
}
}

248
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidatorException.java vendored
View File

@ -1,248 +0,0 @@
package java.security.cert;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.security.GeneralSecurityException;
/**
* An exception indicating one of a variety of problems encountered when
* validating a certification path. <br />
* <br />
* A <code>CertPathValidatorException</code> provides support for wrapping
* exceptions. The {@link #getCause getCause} method returns the throwable,
* if any, that caused this exception to be thrown. <br />
* <br />
* A <code>CertPathValidatorException</code> may also include the
* certification path that was being validated when the exception was thrown
* and the index of the certificate in the certification path that caused the
* exception to be thrown. Use the {@link #getCertPath getCertPath} and
* {@link #getIndex getIndex} methods to retrieve this information.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathValidator
**/
public class CertPathValidatorException extends GeneralSecurityException
{
private Throwable cause;
private CertPath certPath;
private int index = -1;
/**
* Creates a <code>CertPathValidatorException</code> with
* no detail message.
*/
public CertPathValidatorException()
{
super();
}
/**
* Creates a <code>CertPathValidatorException</code> with the given
* detail message. A detail message is a <code>String</code> that
* describes this particular exception.
*
* @param messag the detail message
*/
public CertPathValidatorException(String message)
{
super(message);
}
/**
* Creates a <code>CertPathValidatorException</code> with the specified
* detail message and cause.
*
* @param msg the detail message
* @param cause the cause (which is saved for later retrieval by the
* {@link #getCause getCause()} method). (A <code>null</code> value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathValidatorException(String message, Throwable cause)
{
super(message);
this.cause = cause;
}
/**
* Creates a <code>CertPathValidatorException</code> with the specified
* detail message, cause, certification path, and index.
*
* @param msg the detail message (or <code>null</code> if none)
* @param cause the cause (or <code>null</code> if none)
* @param certPath the certification path that was in the process of
* being validated when the error was encountered
* @param index the index of the certificate in the certification path
* that caused the error (or -1 if not applicable). Note that
* the list of certificates in a <code>CertPath</code> is zero based.
*
* @exception IndexOutOfBoundsException if the index is out of range
* <code>(index < -1 || (certPath != null && index >=
* certPath.getCertificates().size())</code>
* @exception IllegalArgumentException if <code>certPath</code> is
* <code>null</code> and <code>index</code> is not -1
*/
public CertPathValidatorException(String message, Throwable cause, CertPath certPath, int index)
{
super( message );
if ( certPath == null && index != -1 )
throw new IllegalArgumentException( "certPath = null and index != -1" );
if ( index < -1 || ( certPath != null && index >= certPath.getCertificates().size() ) )
throw new IndexOutOfBoundsException( " index < -1 or out of bound of certPath.getCertificates()" );
this.cause = cause;
this.certPath = certPath;
this.index = index;
}
/**
* Creates a <code>CertPathValidatorException</code> that wraps the
* specified throwable. This allows any exception to be converted into a
* <code>CertPathValidatorException</code>, while retaining information
* about the wrapped exception, which may be useful for debugging. The
* detail message is set to (<code>cause==null ? null : cause.toString()
* </code>) (which typically contains the class and detail message of
* cause).
*
* @param cause the cause (which is saved for later retrieval by the
* {@link #getCause getCause()} method). (A <code>null</code> value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathValidatorException(Throwable cause)
{
this.cause = cause;
}
/**
* Returns the detail message for this
* <code>CertPathValidatorException</code>.
*
* @return the detail message, or <code>null</code> if neither the message
* nor cause were specified
*/
public String getMessage()
{
String message = super.getMessage();
if ( message == null && cause == null )
return null;
StringBuffer s = new StringBuffer();
if ( message != null )
{
s.append(message).append('\n');
}
if ( cause != null )
{
s.append("Cause:\n").append(cause.getMessage()).append('\n');
}
return s.toString();
}
/**
* Returns the certification path that was being validated when
* the exception was thrown.
*
* @return the <code>CertPath</code> that was being validated when
* the exception was thrown (or <code>null</code> if not specified)
*/
public CertPath getCertPath()
{
return certPath;
}
/**
* Returns the index of the certificate in the certification path
* that caused the exception to be thrown. Note that the list of
* certificates in a <code>CertPath</code> is zero based. If no
* index has been set, -1 is returned.
*
* @return the index that has been set, or -1 if none has been set
*/
public int getIndex()
{
return index;
}
/**
* Returns the cause of this <code>CertPathValidatorException</code> or
* <code>null</code> if the cause is nonexistent or unknown.
*
* @return the cause of this throwable or <code>null</code> if the cause
* is nonexistent or unknown.
*/
public Throwable getCause()
{
return cause;
}
/**
* Returns a string describing this exception, including a description
* of the internal (wrapped) cause if there is one.
*
* @return a string representation of this
* <code>CertPathValidatorException</code>
*/
public String toString()
{
StringBuffer sb = new StringBuffer();
String s = getMessage();
if ( s != null )
{
sb.append( s );
}
if ( getIndex() >= 0 )
{
sb.append("index in certpath: ").append(getIndex()).append('\n');
sb.append(getCertPath());
}
return sb.toString();
}
/**
* Prints a stack trace to <code>System.err</code>, including the backtrace
* of the cause, if any.
*/
public void printStackTrace()
{
printStackTrace(System.err);
}
/**
* Prints a stack trace to a <code>PrintStream</code>, including the
* backtrace of the cause, if any.
*
* @param ps the <code>PrintStream</code> to use for output
*/
public void printStackTrace(PrintStream ps)
{
super.printStackTrace(ps);
if ( getCause() != null )
{
getCause().printStackTrace(ps);
}
}
/**
* Prints a stack trace to a <code>PrintWriter</code>, including the
* backtrace of the cause, if any.
*
* @param pw the <code>PrintWriter</code> to use for output
*/
public void printStackTrace(PrintWriter pw)
{
super.printStackTrace(pw);
if ( getCause() != null )
{
getCause().printStackTrace(pw);
}
}
}

22
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidatorResult.java vendored
View File

@ -1,22 +0,0 @@
package java.security.cert;
/**
* A specification of the result of a certification path validator algorithm.<br />
* <br />
* The purpose of this interface is to group (and provide type safety
* for) all certification path validator results. All results returned
* by the {@link CertPathValidator#validate CertPathValidator.validate}
* method must implement this interface.
*
* @see CertPathValidator
**/
public interface CertPathValidatorResult extends Cloneable
{
/**
* Makes a copy of this <code>CertPathValidatorResult</code>. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>CertPathValidatorResult</code>
*/
public Object clone();
}

59
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidatorSpi.java vendored
View File

@ -1,59 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
/**
*
* The <i>Service Provider Interface</i> (<b>SPI</b>)
* for the {@link CertPathValidator CertPathValidator} class. All
* <code>CertPathValidator</code> implementations must include a class (the
* SPI class) that extends this class (<code>CertPathValidatorSpi</code>)
* and implements all of its methods. In general, instances of this class
* should only be accessed through the <code>CertPathValidator</code> class.
* For details, see the Java Cryptography Architecture.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Instances of this class need not be protected against concurrent
* access from multiple threads. Threads that need to access a single
* <code>CertPathValidatorSpi</code> instance concurrently should synchronize
* amongst themselves and provide the necessary locking before calling the
* wrapping <code>CertPathValidator</code> object.<br />
* <br />
* However, implementations of <code>CertPathValidatorSpi</code> may still
* encounter concurrency issues, since multiple threads each
* manipulating a different <code>CertPathValidatorSpi</code> instance need not
* synchronize.
**/
public abstract class CertPathValidatorSpi extends Object
{
/**
* The default constructor.
*/
public CertPathValidatorSpi() {}
/**
* Validates the specified certification path using the specified
* algorithm parameter set.<br />
* <br />
* The <code>CertPath</code> specified must be of a type that is
* supported by the validation algorithm, otherwise an
* <code>InvalidAlgorithmParameterException</code> will be thrown. For
* example, a <code>CertPathValidator</code> that implements the PKIX
* algorithm validates <code>CertPath</code> objects of type X.509.
*
* @param certPath the <code>CertPath</code> to be validated
* @param params the algorithm parameters
*
* @return the result of the validation algorithm
*
* @exception CertPathValidatorException if the <code>CertPath</code>
* does not validate
* @exception InvalidAlgorithmParameterException if the specified
* parameters or the type of the specified <code>CertPath</code> are
* inappropriate for this <code>CertPathValidator</code>
*/
public abstract CertPathValidatorResult engineValidate(CertPath certPath, CertPathParameters params)
throws CertPathValidatorException,
InvalidAlgorithmParameterException;
}

39
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertSelector.java vendored
View File

@ -1,39 +0,0 @@
package java.security.cert;
/**
* A selector that defines a set of criteria for selecting
* <code>Certificate</code>s. Classes that implement this interface
* are often used to specify which <code>Certificate</code>s should
* be retrieved from a <code>CertStore</code>.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this interface are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see Certificate
* @see CertStore
* @see CertStore#getCertificates
*/
public interface CertSelector extends Cloneable
{
/**
* Decides whether a <code>Certificate</code> should be selected.
*
* @param cert the <code>Certificate</code> to be checked
* @return <code>true</code> if the <code>Certificate</code>
* should be selected, <code>false</code> otherwise
*/
public boolean match(Certificate cert);
/**
* Makes a copy of this <code>CertSelector</code>. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>CertSelector</code>
*/
public Object clone();
}

352
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java vendored
View File

@ -1,352 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.util.Collection;
/**
* A class for retrieving <code>Certificate</code>s and <code>CRL</code>s
* from a repository.<br />
* <br />
* This class uses a provider-based architecture, as described in the
* Java Cryptography Architecture.
* To create a <code>CertStore</code>, call one of the static
* <code>getInstance</code> methods, passing in the type of
* <code>CertStore</code> desired, any applicable initialization parameters
* and optionally the name of the provider desired. <br />
* <br />
* Once the <code>CertStore</code> has been created, it can be used to
* retrieve <code>Certificate</code>s and <code>CRL</code>s by calling its
* {@link #getCertificates(CertSelector selector) getCertificates} and
* {@link #getCRLs(CRLSelector selector) getCRLs} methods.<br />
* <br />
* Unlike a {@link java.security.KeyStore KeyStore}, which provides access
* to a cache of private keys and trusted certificates, a
* <code>CertStore</code> is designed to provide access to a potentially
* vast repository of untrusted certificates and CRLs. For example, an LDAP
* implementation of <code>CertStore</code> provides access to certificates
* and CRLs stored in one or more directories using the LDAP protocol and the
* schema as defined in the RFC service attribute. See Appendix A in the
* Java Certification Path API Programmer's Guide for more information about
* standard <code>CertStore</code> types.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* All public methods of <code>CertStore</code> objects must be thread-safe.
* That is, multiple threads may concurrently invoke these methods on a
* single <code>CertStore</code> object (or more than one) with no
* ill effects. This allows a <code>CertPathBuilder</code> to search for a
* CRL while simultaneously searching for further certificates, for instance.<br />
* <br />
* The static methods of this class are also guaranteed to be thread-safe.
* Multiple threads may concurrently invoke the static methods defined in
* this class with no ill effects.<br />
* <br />
* Uses {@link CertUtil CertUtil} to actualiy load the SPI classes.
*
* @see CertUtil
**/
public class CertStore extends Object
{
private CertStoreSpi storeSpi;
private Provider provider;
private String type;
private CertStoreParameters params;
/**
* Creates a <code>CertStore</code> object of the given type, and
* encapsulates the given provider implementation (SPI object) in it.
*
* @param storeSpi the provider implementation
* @param provider the provider
* @param type the type
* @param params the initialization parameters (may be <code>null</code>)
*/
protected CertStore( CertStoreSpi storeSpi,
Provider provider,
String type,
CertStoreParameters params )
{
this.storeSpi = storeSpi;
this.provider = provider;
this.type = type;
this.params = params;
}
/**
* Returns a <code>Collection</code> of <code>Certificate</code>s that
* match the specified selector. If no <code>Certificate</code>s
* match the selector, an empty <code>Collection</code> will be returned.<br />
* <br />
* For some <code>CertStore</code> types, the resulting
* <code>Collection</code> may not contain <b>all</b> of the
* <code>Certificate</code>s that match the selector. For instance,
* an LDAP <code>CertStore</code> may not search all entries in the
* directory. Instead, it may just search entries that are likely to
* contain the <code>Certificate</code>s it is looking for.<br />
* <br />
* Some <code>CertStore</code> implementations (especially LDAP
* <code>CertStore</code>s) may throw a <code>CertStoreException</code>
* unless a non-null <code>CertSelector</code> is provided that
* includes specific criteria that can be used to find the certificates.
* Issuer and/or subject names are especially useful criteria.
*
* @param selector A <code>CertSelector</code> used to select which
* <code>Certificate</code>s should be returned. Specify <code>null</code>
* to return all <code>Certificate</code>s (if supported).
*
* @return A <code>Collection</code> of <code>Certificate</code>s that
* match the specified selector (never <code>null</code>)
* @exception CertStoreException if an exception occurs
*/
public final Collection getCertificates( CertSelector selector )
throws CertStoreException
{
return storeSpi.engineGetCertificates( selector );
}
/**
* Returns a <code>Collection</code> of <code>CRL</code>s that
* match the specified selector. If no <code>CRL</code>s
* match the selector, an empty <code>Collection</code> will be returned.<br />
* <br />
* For some <code>CertStore</code> types, the resulting
* <code>Collection</code> may not contain <b>all</b> of the
* <code>CRL</code>s that match the selector. For instance,
* an LDAP <code>CertStore</code> may not search all entries in the
* directory. Instead, it may just search entries that are likely to
* contain the <code>CRL</code>s it is looking for.<br />
* <br />
* Some <code>CertStore</code> implementations (especially LDAP
* <code>CertStore</code>s) may throw a <code>CertStoreException</code>
* unless a non-null <code>CRLSelector</code> is provided that
* includes specific criteria that can be used to find the CRLs.
* Issuer names and/or the certificate to be checked are especially useful.
*
* @param selector A <code>CRLSelector</code> used to select which
* <code>CRL</code>s should be returned. Specify <code>null</code>
* to return all <code>CRL</code>s (if supported).
*
* @return A <code>Collection</code> of <code>CRL</code>s that
* match the specified selector (never <code>null</code>)
*
* @exception CertStoreException if an exception occurs
*/
public final Collection getCRLs( CRLSelector selector )
throws CertStoreException
{
return storeSpi.engineGetCRLs( selector );
}
/**
* Returns a <code>CertStore</code> object that implements the specified
* <code>CertStore</code> type and is initialized with the specified
* parameters.<br />
* <br />
* If the default provider package provides an implementation
* of the specified <code>CertStore</code> type, an instance of
* <code>CertStore</code> containing that implementation is returned.
* If the requested type is not available in the default package, other
* packages are searched.<br />
* <br />
* The <code>CertStore</code> that is returned is initialized with the
* specified <code>CertStoreParameters</code>. The type of parameters
* needed may vary between different types of <code>CertStore</code>s.
* Note that the specified <code>CertStoreParameters</code> object is
* cloned.
*
* @param type the name of the requested <code>CertStore</code> type
* @param params the initialization parameters (may be <code>null</code>)
*
* @return a <code>CertStore</code> object that implements the specified
* <code>CertStore</code> type
*
* @exception NoSuchAlgorithmException if the requested type is not
* available in the default provider package or any of the other provider
* packages that were searched
* @exception InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
* <code>CertStore</code>
*/
public static CertStore getInstance( String type,
CertStoreParameters params)
throws InvalidAlgorithmParameterException,
NoSuchAlgorithmException
{
try {
CertUtil.Implementation imp =
CertUtil.getImplementation( "CertStore", type, (String)null,
new Class[] { CertStoreParameters.class },
new Object[] { params } );
if (imp != null)
{
return new CertStore((CertStoreSpi)imp.getEngine(), imp.getProvider(), type, params );
}
} catch ( NoSuchProviderException ex ) {}
throw new NoSuchAlgorithmException("can't find type " + type);
}
/**
* Returns a <code>CertStore</code> object that implements the specified
* <code>CertStore</code> type, as supplied by the specified provider
* and initialized with the specified parameters.<br />
* <br />
* The <code>CertStore</code> that is returned is initialized with the
* specified <code>CertStoreParameters</code>. The type of parameters
* needed may vary between different types of <code>CertStore</code>s.
* Note that the specified <code>CertStoreParameters</code> object is
* cloned.
*
* @param type the requested <code>CertStore</code> type
* @param params the initialization parameters (may be <code>null</code>)
* @param provider the name of the provider
*
* @return a <code>CertStore</code> object that implements the
* specified type, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested type is not
* available from the specified provider
* @exception InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
* <code>CertStore</code>
* @exception NoSuchProviderException if the provider has not been configured
* @exception IllegalArgumentException if the <code>provider</code> is
* null
*/
public static CertStore getInstance( String type,
CertStoreParameters params,
String provider)
throws InvalidAlgorithmParameterException,
NoSuchAlgorithmException,
NoSuchProviderException,
IllegalArgumentException
{
if ( provider == null )
throw new IllegalArgumentException( "provider must be non-null" );
CertUtil.Implementation imp =
CertUtil.getImplementation( "CertStore", type, provider,
new Class[] { CertStoreParameters.class },
new Object[] { params } );
if (imp != null)
{
return new CertStore((CertStoreSpi)imp.getEngine(), imp.getProvider(), type, params );
}
throw new NoSuchAlgorithmException("can't find type " + type);
}
/**
* Returns a <code>CertStore</code> object that implements the specified
* <code>CertStore</code> type, as supplied by the specified provider and
* initialized with the specified parameters.
* Note: the <code>provider</code> doesn't have to be registered.<br />
* <br />
* The <code>CertStore</code> that is returned is initialized with the
* specified <code>CertStoreParameters</code>. The type of parameters
* needed may vary between different types of <code>CertStore</code>s.
* Note that the specified <code>CertStoreParameters</code> object is
* cloned.
*
* @param type the requested <code>CertStore</code> type
* @param params the initialization parameters (may be <code>null</code>)
* @param provider the provider
*
* @return a <code>CertStore</code> object that implements the
* specified type, as supplied by the specified provider
*
* @exception NoSuchAlgorithmException if the requested type is not
* available from the specified provider
* @exception InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
* <code>CertStore</code>
* @exception IllegalArgumentException if the <code>provider</code> is
* null
*/
public static CertStore getInstance( String type,
CertStoreParameters params,
Provider provider )
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException,
IllegalArgumentException
{
if ( provider == null )
throw new IllegalArgumentException( "provider must be non-null" );
CertUtil.Implementation imp =
CertUtil.getImplementation( "CertStore", type, provider,
new Class[] { CertStoreParameters.class },
new Object[] { params } );
if (imp != null)
{
return new CertStore((CertStoreSpi)imp.getEngine(), provider, type, params );
}
throw new NoSuchAlgorithmException("can't find type " + type);
}
/**
* Returns the parameters used to initialize this <code>CertStore</code>.
* Note that the <code>CertStoreParameters</code> object is cloned before
* it is returned.
*
* @return the parameters used to initialize this <code>CertStore</code>
* (may be <code>null</code>)
*/
public final CertStoreParameters getCertStoreParameters()
{
return params;
}
/**
* Returns the type of this <code>CertStore</code>.
*
* @return the type of this <code>CertStore</code>
*/
public final String getType()
{
return type;
}
/**
* Returns the provider of this <code>CertStore</code>.
*
* @return the provider of this <code>CertStore</code>
*/
public final Provider getProvider()
{
return provider;
}
/**
* Returns the default <code>CertStore</code> type as specified in the
* Java security properties file, or the string &quot;LDAP&quot; if no
* such property exists. The Java security properties file is located in
* the file named &lt;JAVA_HOME&gt;/lib/security/java.security, where
* &lt;JAVA_HOME&gt; refers to the directory where the SDK was installed.<br />
* <br />
* The default <code>CertStore</code> type can be used by applications
* that do not want to use a hard-coded type when calling one of the
* <code>getInstance</code> methods, and want to provide a default
* <code>CertStore</code> type in case a user does not specify its own.<br />
* <br />
* The default <code>CertStore</code> type can be changed by setting
* the value of the "certstore.type" security property (in the Java
* security properties file) to the desired type.
*
* @return the default <code>CertStore</code> type as specified in the
* Java security properties file, or the string &quot;LDAP&quot;
* if no such property exists.
*/
public static final String getDefaultType()
{
String defaulttype = null;
defaulttype = Security.getProperty("certstore.type");
if ( defaulttype == null || defaulttype.length() <= 0 )
return "LDAP";
else
return defaulttype;
}
}

172
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStoreException.java vendored
View File

@ -1,172 +0,0 @@
package java.security.cert;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.security.GeneralSecurityException;
/**
* An exception indicating one of a variety of problems retrieving
* certificates and CRLs from a <code>CertStore</code>.<br />
* <br />
* A <code>CertStoreException</code> provides support for wrapping
* exceptions. The {@link #getCause getCause} method returns the throwable,
* if any, that caused this exception to be thrown.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertStore
**/
public class CertStoreException extends GeneralSecurityException
{
private Throwable cause;
/**
* Creates a <code>CertStoreException</code> with <code>null</code> as
* its detail message.
*/
public CertStoreException()
{
super();
}
/**
* Creates a <code>CertStoreException</code> with the given detail
* message. A detail message is a <code>String</code> that describes this
* particular exception.
*
* @param messag the detail message
*/
public CertStoreException(String message)
{
super(message);
}
/**
* Creates a <code>CertStoreException</code> with the specified detail
* message and cause.
*
* @param messag the detail message
* @param cause the cause (which is saved for later retrieval by the
* {@link #getCause getCause()} method). (A <code>null</code> value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertStoreException(String message, Throwable cause)
{
super(message);
this.cause = cause;
}
/**
* Creates a <code>CertStoreException</code> that wraps the specified
* throwable. This allows any exception to be converted into a
* <code>CertStoreException</code>, while retaining information about the
* cause, which may be useful for debugging. The detail message is
* set to (<code>cause==null ? null : cause.toString()</code>) (which
* typically contains the class and detail message of cause).
*
* @param cause the cause (which is saved for later retrieval by the
* {@link #getCause getCause()} method). (A <code>null</code> value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertStoreException(Throwable cause)
{
this.cause = cause;
}
/**
* Returns the detail message for this <code>CertStoreException</code>.
*
* @return the detail message, or <code>null</code> if neither the message
* nor cause were specified
*/
public String getMessage()
{
String message = super.getMessage();
if ( message == null && cause == null )
return null;
StringBuffer s = new StringBuffer();
if ( message != null )
{
s.append(message).append('\n');
}
if ( cause != null )
{
s.append("Cause:\n").append(cause.getMessage());
}
return s.toString();
}
/**
* Returns the cause of this <code>CertStoreException</code> or
* <code>null</code> if the cause is nonexistent or unknown.
*
* @return the cause of this throwable or <code>null</code> if the cause
* is nonexistent or unknown.
*/
public Throwable getCause()
{
return cause;
}
/**
* Returns a string describing this exception, including a description
* of the internal (wrapped) cause if there is one.
*
* @return a string representation of this
* <code>CertStoreException</code>
*/
public String toString()
{
String message = getMessage();
if ( message == null )
return "";
return message;
}
/**
* Prints a stack trace to <code>System.err</code>, including the backtrace
* of the cause, if any.
*/
public void printStackTrace() {
printStackTrace(System.err);
}
/**
* Prints a stack trace to a <code>PrintStream</code>, including the
* backtrace of the cause, if any.
*
* @param ps the <code>PrintStream</code> to use for output
*/
public void printStackTrace(PrintStream ps) {
super.printStackTrace(ps);
if ( cause != null ) {
cause.printStackTrace(ps);
}
}
/**
* Prints a stack trace to a <code>PrintWriter</code>, including the
* backtrace of the cause, if any.
*
* @param pw the <code>PrintWriter</code> to use for output
*/
public void printStackTrace(PrintWriter pw) {
if ( cause != null ) {
cause.printStackTrace(pw);
}
super.printStackTrace(pw);
if ( cause != null ) {
cause.printStackTrace(pw);
}
}
}

52
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStoreParameters.java vendored
View File

@ -1,52 +0,0 @@
package java.security.cert;
/**
* A specification of <code>CertStore</code> parameters.<br />
* <br />
* The purpose of this interface is to group (and provide type safety for)
* all <code>CertStore</code> parameter specifications. All
* <code>CertStore</code> parameter specifications must implement this
* interface. <br />
* <br />
* Typically, a <code>CertStoreParameters</code> object is passed as a parameter
* to one of the {@link CertStore#getInstance CertStore.getInstance} methods.
* The <code>getInstance</code> method returns a <code>CertStore</code> that
* is used for retrieving <code>Certificate</code>s and <code>CRL</code>s. The
* <code>CertStore</code> that is returned is initialized with the specified
* parameters. The type of parameters needed may vary between different types
* of <code>CertStore</code>s.
*
* @see CertStore#getInstance
**/
public interface CertStoreParameters extends Cloneable
{
/**
* Makes a copy of this <code>CertStoreParameters</code>.<br />
* <br />
* The precise meaning of "copy" may depend on the class of
* the <code>CertStoreParameters</code> object. A typical implementation
* performs a "deep copy" of this object, but this is not an absolute
* requirement. Some implementations may perform a "shallow copy" of some
* or all of the fields of this object.<br />
* <br />
* Note that the <code>CertStore.getInstance</code> methods make a copy
* of the specified <code>CertStoreParameters</code>. A deep copy
* implementation of <code>clone</code> is safer and more robust, as it
* prevents the caller from corrupting a shared <code>CertStore</code> by
* subsequently modifying the contents of its initialization parameters.
* However, a shallow copy implementation of <code>clone</code> is more
* appropriate for applications that need to hold a reference to a
* parameter contained in the <code>CertStoreParameters</code>. For example,
* a shallow copy clone allows an application to release the resources of
* a particular <code>CertStore</code> initialization parameter immediately,
* rather than waiting for the garbage collection mechanism. This should
* be done with the utmost care, since the <code>CertStore</code> may still
* be in use by other threads.<br />
* <br />
* Each subclass should state the precise behavior of this method so
* that users and developers know what to expect.
*
* @return a copy of this <code>CertStoreParameters</code>
*/
public Object clone();
}

104
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStoreSpi.java vendored
View File

@ -1,104 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.util.Collection;
/**
* The <i>Service Provider Interface</i> (<b>SPI</b>)
* for the {@link CertStore CertStore} class. All <code>CertStore</code>
* implementations must include a class (the SPI class) that extends
* this class (<code>CertStoreSpi</code>), provides a constructor with
* a single argument of type <code>CertStoreParameters</code>, and implements
* all of its methods. In general, instances of this class should only be
* accessed through the <code>CertStore</code> class.
* For details, see the Java Cryptography Architecture.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* The public methods of all <code>CertStoreSpi</code> objects must be
* thread-safe. That is, multiple threads may concurrently invoke these
* methods on a single <code>CertStoreSpi</code> object (or more than one)
* with no ill effects. This allows a <code>CertPathBuilder</code> to search
* for a CRL while simultaneously searching for further certificates, for
* instance.<br />
* <br />
* Simple <code>CertStoreSpi</code> implementations will probably ensure
* thread safety by adding a <code>synchronized</code> keyword to their
* <code>engineGetCertificates</code> and <code>engineGetCRLs</code> methods.
* More sophisticated ones may allow truly concurrent access.
**/
public abstract class CertStoreSpi
extends Object
{
/**
* The sole constructor.
*
* @param params the initialization parameters (may be <code>null</code>)
* @exception InvalidAlgorithmParameterException if the initialization
* parameters are inappropriate for this <code>CertStoreSpi</code>
*/
public CertStoreSpi( CertStoreParameters params )
throws InvalidAlgorithmParameterException {}
/**
* Returns a <code>Collection</code> of <code>Certificate</code>s that
* match the specified selector. If no <code>Certificate</code>s
* match the selector, an empty <code>Collection</code> will be returned.<br />
* <br />
* For some <code>CertStore</code> types, the resulting
* <code>Collection</code> may not contain <b>all</b> of the
* <code>Certificate</code>s that match the selector. For instance,
* an LDAP <code>CertStore</code> may not search all entries in the
* directory. Instead, it may just search entries that are likely to
* contain the <code>Certificate</code>s it is looking for.<br />
* <br />
* Some <code>CertStore</code> implementations (especially LDAP
* <code>CertStore</code>s) may throw a <code>CertStoreException</code>
* unless a non-null <code>CertSelector</code> is provided that includes
* specific criteria that can be used to find the certificates. Issuer
* and/or subject names are especially useful criteria.
*
* @param selector A <code>CertSelector</code> used to select which
* <code>Certificate</code>s should be returned. Specify <code>null</code>
* to return all <code>Certificate</code>s (if supported).
*
* @return A <code>Collection</code> of <code>Certificate</code>s that
* match the specified selector (never <code>null</code>)
*
* @exception CertStoreException if an exception occurs
*/
public abstract Collection engineGetCertificates( CertSelector selector )
throws CertStoreException;
/**
* Returns a <code>Collection</code> of <code>CRL</code>s that
* match the specified selector. If no <code>CRL</code>s
* match the selector, an empty <code>Collection</code> will be returned.<br />
* <br />
* For some <code>CertStore</code> types, the resulting
* <code>Collection</code> may not contain <b>all</b> of the
* <code>CRL</code>s that match the selector. For instance,
* an LDAP <code>CertStore</code> may not search all entries in the
* directory. Instead, it may just search entries that are likely to
* contain the <code>CRL</code>s it is looking for. <br />
* <br />
* Some <code>CertStore</code> implementations (especially LDAP
* <code>CertStore</code>s) may throw a <code>CertStoreException</code>
* unless a non-null <code>CRLSelector</code> is provided that includes
* specific criteria that can be used to find the CRLs. Issuer names
* and/or the certificate to be checked are especially useful.
*
* @param selector A <code>CRLSelector</code> used to select which
* <code>CRL</code>s should be returned. Specify <code>null</code>
* to return all <code>CRL</code>s (if supported).
*
* @return A <code>Collection</code> of <code>CRL</code>s that
* match the specified selector (never <code>null</code>)
*
* @exception CertStoreException if an exception occurs
*/
public abstract Collection engineGetCRLs( CRLSelector selector )
throws CertStoreException;
}

556
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertUtil.java vendored
View File

@ -1,556 +0,0 @@
package java.security.cert;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERIA5String;
import org.spongycastle.asn1.DEROutputStream;
import org.spongycastle.asn1.OIDTokenizer;
import org.spongycastle.asn1.x509.X509Name;
import org.spongycastle.util.Strings;
class CertUtil
{
static class Implementation
{
Object engine;
Provider provider;
Implementation(
Object engine,
Provider provider)
{
this.engine = engine;
this.provider = provider;
}
Object getEngine()
{
return engine;
}
Provider getProvider()
{
return provider;
}
}
/**
* see if we can find an algorithm (or its alias and what it represents) in
* the property table for the given provider.
*
* @return null if no algorithm found, an Implementation if it is.
*/
static Implementation getImplementation(
String baseName,
String algorithm,
Provider prov)
{
if (prov == null)
{
Provider[] provider = Security.getProviders();
//
// search every provider looking for the algorithm we want.
//
for (int i = 0; i != provider.length; i++)
{
Implementation imp = getImplementation(baseName, algorithm, provider[i]);
if (imp != null)
{
return imp;
}
}
return null;
}
String alias;
while ((alias = prov.getProperty("Alg.Alias." + baseName + "." + algorithm)) != null)
{
algorithm = alias;
}
String className = prov.getProperty(baseName + "." + algorithm);
if (className != null)
{
try
{
return new Implementation(Class.forName(className).newInstance(), prov);
}
catch (ClassNotFoundException e)
{
throw new IllegalStateException(
"algorithm " + algorithm + " in provider " + prov.getName() + " but no class found!");
}
catch (Exception e)
{
throw new IllegalStateException(
"algorithm " + algorithm + " in provider " + prov.getName() + " but class inaccessible: " + e.toString());
}
}
return null;
}
/**
* return an implementation for a given algorithm/provider.
* If the provider is null, we grab the first avalaible who has the required algorithm.
*
* @return null if no algorithm found, an Implementation if it is.
* @exception NoSuchProviderException if a provider is specified and not found.
*/
static Implementation getImplementation(
String baseName,
String algorithm,
String provider)
throws NoSuchProviderException
{
if (provider == null)
{
Provider[] prov = Security.getProviders();
//
// search every provider looking for the algorithm we want.
//
for (int i = 0; i != prov.length; i++)
{
Implementation imp = getImplementation(baseName, algorithm, prov[i]);
if (imp != null)
{
return imp;
}
}
}
else
{
Provider prov = Security.getProvider(provider);
if (prov == null)
{
throw new NoSuchProviderException("Provider " + provider + " not found");
}
return getImplementation(baseName, algorithm, prov);
}
return null;
}
/**
* see if we can find an algorithm (or its alias and what it represents) in
* the property table for the given provider.
*
* @return null if no algorithm found, an Implementation if it is.
*/
static Implementation getImplementation(String baseName, String algorithm,
Provider prov, Class[] ctorparamtype, Object[] ctorparam)
throws InvalidAlgorithmParameterException
{
String alias;
while ((alias = prov.getProperty("Alg.Alias." + baseName + "."
+ algorithm)) != null)
{
algorithm = alias;
}
String className = prov.getProperty(baseName + "." + algorithm);
if (className != null)
{
try
{
return new Implementation(Class.forName(className)
.getConstructor(ctorparamtype).newInstance(ctorparam),
prov);
}
catch (ClassNotFoundException e)
{
throw new IllegalStateException("algorithm " + algorithm
+ " in provider " + prov.getName()
+ " but no class found!");
}
catch (Exception e)
{
if (e instanceof InvalidAlgorithmParameterException)
{
throw (InvalidAlgorithmParameterException)e;
}
throw new IllegalStateException("algorithm " + algorithm
+ " in provider " + prov.getName()
+ " but class inaccessible!");
}
}
return null;
}
/**
* return an implementation for a given algorithm/provider. If the provider
* is null, we grab the first avalaible who has the required algorithm.
*
* @return null if no algorithm found, an Implementation if it is.
*
* @exception NoSuchProviderException
* if a provider is specified and not found.
*/
static Implementation getImplementation(String baseName, String algorithm,
String provider, Class[] ctorparamtype, Object[] ctorparam)
throws NoSuchProviderException, InvalidAlgorithmParameterException
{
if (provider == null)
{
Provider[] prov = Security.getProviders();
//
// search every provider looking for the algorithm we want.
//
for (int i = 0; i != prov.length; i++)
{
Implementation imp = getImplementation(baseName, algorithm,
prov[i], ctorparamtype, ctorparam);
if (imp != null)
{
return imp;
}
}
}
else
{
Provider prov = Security.getProvider(provider);
if (prov == null)
{
throw new NoSuchProviderException("Provider " + provider
+ " not found");
}
return getImplementation(baseName, algorithm, prov, ctorparamtype,
ctorparam);
}
return null;
}
static byte[] parseGeneralName(int type, String data) throws IOException
{
byte[] encoded = null;
switch (type)
{
case 0:
throw new IOException(
"unable to parse OtherName String representation");
case 1:
encoded = parseRfc822(data.trim());
break;
case 2:
encoded = parseDNSName(data.trim());
break;
case 3:
throw new IOException(
"unable to parse ORAddress String representation");
case 4:
encoded = parseX509Name(data.trim());
break;
case 5:
throw new IOException(
"unable to parse EDIPartyName String representation");
case 6:
encoded = parseURI(data.trim());
break;
case 7:
encoded = parseIP(data.trim());
break;
case 8:
encoded = parseOID(data.trim());
break;
default:
throw new IOException(
"unable to parse unkown type String representation");
}
return encoded;
}
/**
* Check the format of an OID.<br />
* Throw an IOException if the first component is not 0, 1 or 2 or the
* second component is greater than 39.<br />
* <br />
* User {@link org.spongycastle.asn1.OIDTokenizer OIDTokenizer}
*
* @param the
* OID to be checked.
*
* @exception IOException
* if the first component is not 0, 1 or 2 or the second
* component is greater than 39.
*/
static byte[] parseOID(String oid) throws IOException
{
OIDTokenizer tokenizer = new OIDTokenizer(oid);
String token;
if (!tokenizer.hasMoreTokens())
{
throw new IOException("OID contains no tokens");
}
token = tokenizer.nextToken();
if (token == null)
{
throw new IOException("OID contains no tokens");
}
try
{
int test = (Integer.valueOf(token)).intValue();
if (test < 0 || test > 2)
{
throw new IOException("first token is not >= 0 and <=2");
}
if (!tokenizer.hasMoreTokens())
{
throw new IOException("OID contains only one token");
}
token = tokenizer.nextToken();
if (token == null)
{
throw new IOException("OID contains only one token");
}
test = (Integer.valueOf(token)).intValue();
if (test < 0 || test > 39)
{
throw new IOException("secon token is not >= 0 and <=39");
}
}
catch (NumberFormatException ex)
{
throw new IOException("token: " + token + ": " + ex.toString());
}
ASN1Object derData = new ASN1ObjectIdentifier(oid);
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(derData);
derOutStream.close();
return outStream.toByteArray();
}
/**
* Parse the given IPv4 or IPv6 into DER encoded byte array representation.
*
* @param the
* IP in well known String format
*
* @return the IP as byte array
*
* @exception IOException
* if the String could not be parsed
*/
private static byte[] parseIP(String data) throws IOException
{
byte[] encoded = parseIPv4(data);
if (encoded == null)
{
encoded = parseIPv6(data);
}
if (encoded == null)
{
throw new IOException(
"unable to parse IP to DER encoded byte array");
}
return encoded;
}
/**
* Parse the given IPv4 into DER encoded byte array representation.
*
* @param the
* IP in well known String format
*
* @return the IP as byte array or <code>null</code> if not parseable
*/
private static byte[] parseIPv4(String data)
{
if (data.length() == 0)
{
return null;
}
int octet;
int octets = 0;
byte[] dst = new byte[4];
int pos = 0;
int start = 0;
while (start < data.length()
&& (pos = data.indexOf('.', start)) > start && pos - start > 3)
{
try
{
octet = (Integer.valueOf(data.substring(start, pos - start)))
.intValue();
}
catch (NumberFormatException ex)
{
return null;
}
if (octet < 0 || octet > 255)
{
return null;
}
dst[octets++] = (byte)(octet & 0xff);
start = pos + 1;
}
if (octets < 4)
{
return null;
}
return dst;
}
/**
* Parse the given IPv6 into DER encoded byte array representation.<br />
* <br />
* <b>TODO: implement this</b>
*
* @param the
* IP in well known String format
*
* @return the IP as byte array or <code>null</code> if not parseable
*/
private static byte[] parseIPv6(String data)
{
return null;
}
/**
* Parse the given URI into DER encoded byte array representation.
*
* @param the
* URI in well known String format
*
* @return the URI as byte array
*
* @exception IOException
* if the String could not be parsed
*/
private static byte[] parseURI(String data) throws IOException
{
// TODO do parsing test
ASN1Object derData = new DERIA5String(data);
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(derData);
derOutStream.close();
return outStream.toByteArray();
}
/**
* Parse the given rfc822 addr-spec into DER encoded byte array
* representation.
*
* @param the
* rfc822 addr-spec in well known String format
*
* @return the rfc822 addr-spec as byte array
*
* @exception IOException
* if the String could not be parsed
*/
private static byte[] parseRfc822(String data) throws IOException
{
int tmpInt = data.indexOf('@');
if (tmpInt < 0 || tmpInt >= data.length() - 1)
{
throw new IOException("wrong format of rfc822Name:" + data);
}
// TODO more test for illegal charateers
ASN1Object derData = new DERIA5String(data);
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(derData);
derOutStream.close();
return outStream.toByteArray();
}
/**
* Parse the given DNS name into DER encoded byte array representation. The
* String must be in den preffered name syntax as defined in RFC 1034.
*
* @param the
* DNS name in well known String format
*
* @return the DNS name as byte array
*
* @exception IOException
* if the String could not be parsed
*/
private static byte[] parseDNSName(String data) throws IOException
{
// TODO more test for illegal charateers
ASN1Object derData = new DERIA5String(data);
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(derData);
derOutStream.close();
return outStream.toByteArray();
}
/**
* Parse the given X.509 name into DER encoded byte array representation.
*
* @param the
* X.509 name in well known String format
*
* @return the X.509 name as byte array
*
* @exception IOException
* if the String could not be parsed
*/
private static byte[] parseX509Name(String data) throws IOException
{
// TODO more test for illegal charateers
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(new X509Name(trimX509Name(data)));
derOutStream.close();
return outStream.toByteArray();
}
/**
* Returns the given name converted to upper case and all multi spaces squezed
* to one space.
**/
static String trimX509Name(String name)
{
String data = Strings.toUpperCase(name.trim());
int pos;
while ((pos = data.indexOf(" ")) >= 0)
{
data = data.substring(0, pos) + data.substring(pos + 1);
}
while ((pos = data.indexOf(" =")) >= 0)
{
data = data.substring(0, pos) + data.substring(pos + 1);
}
while ((pos = data.indexOf("= ")) >= 0)
{
data = data.substring(0, pos + 1) + data.substring(pos + 2);
}
return data;
}
}

80
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/Certificate.java vendored
View File

@ -1,80 +0,0 @@
package java.security.cert;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SignatureException;
public abstract class Certificate extends Object
{
private String type;
protected Certificate(String type)
{
this.type = type;
}
public boolean equals(Object other)
{
if ( !(other instanceof Certificate) )
return false;
if ( other == this )
return true;
try
{
byte[] enc1 = getEncoded();
byte[] enc2 = ((Certificate)other).getEncoded();
return MessageDigest.isEqual(enc1, enc2);
}
catch (CertificateEncodingException e)
{
return false;
}
}
public final String getType()
{
return type;
}
// XXX
public int hashCode()
{
try
{
byte[] enc1 = getEncoded();
int hc = 0;
for (int i = 0; i < enc1.length; i++)
{
hc += enc1[i];
}
return hc;
}
catch (CertificateEncodingException e)
{
return 0;
}
}
public abstract byte[] getEncoded()
throws CertificateEncodingException;
public abstract PublicKey getPublicKey();
public abstract String toString();
public abstract void verify(PublicKey key)
throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException;
public abstract void verify(PublicKey key, String sigProvider)
throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException;
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateEncodingException.java vendored
View File

@ -1,14 +0,0 @@
package java.security.cert;
public class CertificateEncodingException extends CertificateException
{
public CertificateEncodingException()
{
}
public CertificateEncodingException(String msg)
{
super(msg);
}
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateException.java vendored
View File

@ -1,16 +0,0 @@
package java.security.cert;
import java.security.GeneralSecurityException;
public class CertificateException extends GeneralSecurityException
{
public CertificateException()
{
}
public CertificateException(String msg)
{
super(msg);
}
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateExpiredException.java vendored
View File

@ -1,14 +0,0 @@
package java.security.cert;
public class CertificateExpiredException extends CertificateException
{
public CertificateExpiredException()
{
}
public CertificateExpiredException(String msg)
{
super(msg);
}
}

183
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateFactory.java vendored
View File

@ -1,183 +0,0 @@
package java.security.cert;
import java.io.InputStream;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
/**
* Uses {@link CertUtil CertUtil} to actualiy load the SPI classes.
*
* @see CertUtil
**/
public class CertificateFactory
{
private CertificateFactorySpi certFacSpi;
private Provider provider;
private String type;
protected CertificateFactory(
CertificateFactorySpi certFacSpi,
Provider provider,
String type)
{
this.certFacSpi = certFacSpi;
this.provider = provider;
this.type = type;
}
public final CRL generateCRL(InputStream inStream)
throws CRLException
{
return certFacSpi.engineGenerateCRL(inStream);
}
public final Collection generateCRLs(InputStream inStream)
throws CRLException
{
return certFacSpi.engineGenerateCRLs(inStream);
}
public final Certificate generateCertificate(InputStream inStream)
throws CertificateException
{
return certFacSpi.engineGenerateCertificate(inStream);
}
public final /*Sk13 Vector*/ Collection generateCertificates(InputStream inStream)
throws CertificateException
{
return certFacSpi.engineGenerateCertificates(inStream);
}
/**
* Returns an iteration of the <code>CertPath</code> encodings supported
* by this certificate factory, with the default encoding first. See
* Appendix A in the
* Java Certification Path API Programmer's Guide for information about
* standard encoding names and their formats.<br />
* <br />
* Attempts to modify the returned <code>Iterator</code> via its
* <code>remove</code> method result in an
* <code>UnsupportedOperationException</code>.
*
* @return an <code>Iterator</code> over the names of the supported
* <code>CertPath</code> encodings (as <code>String</code>s)
*/
public final Iterator getCertPathEncodings()
{
return certFacSpi.engineGetCertPathEncodings();
}
/**
* Generates a <code>CertPath</code> object and initializes it with
* the data read from the <code>InputStream</code> inStream. The data
* is assumed to be in the default encoding. The name of the default
* encoding is the first element of the <code>Iterator</code> returned by
* the {@link #getCertPathEncodings getCertPathEncodings} method.
*
* @param inStream an <code>InputStream</code> containing the data
*
* @return a <code>CertPath</code> initialized with the data from the
* <code>InputStream</code>
*
* @exception CertificateException if an exception occurs while decoding
*/
public final CertPath generateCertPath(InputStream inStream)
throws CertificateException
{
return certFacSpi.engineGenerateCertPath(inStream);
}
/**
* Generates a <code>CertPath</code> object and initializes it with
* the data read from the <code>InputStream</code> inStream. The data
* is assumed to be in the specified encoding. See Appendix A in the
* <a href="../../../../guide/security/certpath/CertPathProgGuide.html#AppA">
* Java Certification Path API Programmer's Guide</a>
* for information about standard encoding names and their formats.
*
* @param inStream an <code>InputStream</code> containing the data
* @param encoding the encoding used for the data
*
* @return a <code>CertPath</code> initialized with the data from the
* <code>InputStream</code>
*
* @exception CertificateException if an exception occurs while decoding or
* the encoding requested is not supported
*/
public final CertPath generateCertPath(InputStream inStream, String encoding)
throws CertificateException
{
return certFacSpi.engineGenerateCertPath(inStream, encoding);
}
/**
* Generates a <code>CertPath</code> object and initializes it with
* a <code>List</code> of <code>Certificate</code>s.<br />
* <br />
* The certificates supplied must be of a type supported by the
* <code>CertificateFactory</code>. They will be copied out of the supplied
* <code>List</code> object.
*
* @param certificates a <code>List</code> of <code>Certificate</code>s
*
* @return a <code>CertPath</code> initialized with the supplied list of
* certificates
*
* @exception CertificateException if an exception occurs
*/
public final CertPath generateCertPath(List certificates)
throws CertificateException
{
return certFacSpi.engineGenerateCertPath( certificates );
}
public static final CertificateFactory getInstance(String type)
throws CertificateException
{
try
{
CertUtil.Implementation imp = CertUtil.getImplementation("CertificateFactory", type, (String)null);
if (imp != null)
{
return new CertificateFactory((CertificateFactorySpi)imp.getEngine(), imp.getProvider(), type);
}
throw new CertificateException("can't find type " + type);
}
catch (NoSuchProviderException e)
{
throw new CertificateException(type + " not found");
}
}
public static final CertificateFactory getInstance(
String type,
String provider)
throws CertificateException, NoSuchProviderException
{
CertUtil.Implementation imp = CertUtil.getImplementation("CertificateFactory", type, provider);
if (imp != null)
{
return new CertificateFactory((CertificateFactorySpi)imp.getEngine(), imp.getProvider(), type);
}
throw new CertificateException("can't find type " + type);
}
public final Provider getProvider()
{
return provider;
}
public final String getType()
{
return type;
}
}

111
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateFactorySpi.java vendored
View File

@ -1,111 +0,0 @@
package java.security.cert;
import java.io.InputStream;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
public abstract class CertificateFactorySpi
{
public CertificateFactorySpi()
{
}
public abstract CRL engineGenerateCRL(InputStream inStream)
throws CRLException;
public abstract Collection engineGenerateCRLs(InputStream inStream)
throws CRLException;
public abstract Certificate engineGenerateCertificate(InputStream inStream)
throws CertificateException;
public abstract /*SK13 Vector*/ Collection engineGenerateCertificates(InputStream inStream)
throws CertificateException;
/**
* Returns an iteration of the <code>CertPath</code> encodings supported
* by this certificate factory, with the default encoding first. See
* Appendix A in the
* Java Certification Path API Programmer's Guide
* for information about standard encoding names.<br />
* <br />
* Attempts to modify the returned <code>Iterator</code> via its
* <code>remove</code> method result in an
* <code>UnsupportedOperationException</code>.<br />
* <br />
* This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
* existing service providers, this method cannot be <code>abstract</code>
* and by default throws an <code>UnsupportedOperationException</code>.
*
* @return an <code>Iterator</code> over the names of the supported
* <code>CertPath</code> encodings (as <code>String</code>s)
*
* @exception UnsupportedOperationException if the method is not supported
*/
public abstract Iterator engineGetCertPathEncodings();
/**
* Generates a <code>CertPath</code> object and initializes it with
* the data read from the <code>InputStream</code> inStream. The data
* is assumed to be in the default encoding.
*
* @param inStream an <code>InputStream</code> containing the data
*
* @return a <code>CertPath</code> initialized with the data from the
* <code>InputStream</code>
*
* @exception CertificateException if an exception occurs while decoding
*/
public abstract CertPath engineGenerateCertPath(InputStream inStream)
throws CertificateException;
/**
* Generates a <code>CertPath</code> object and initializes it with
* the data read from the <code>InputStream</code> inStream. The data
* is assumed to be in the specified encoding.<br />
* <br />
* This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
* existing service providers, this method cannot be <code>abstract</code>
* and by default throws an <code>UnsupportedOperationException</code>.
*
* @param inStream an <code>InputStream</code> containing the data
* @param encoding the encoding used for the data
*
* @return a <code>CertPath</code> initialized with the data from the
* <code>InputStream</code>
*
* @exception CertificateException if an exception occurs while decoding or
* the encoding requested is not supported
* @exception UnsupportedOperationException if the method is not supported
*/
public abstract CertPath engineGenerateCertPath(InputStream inStream, String encoding)
throws CertificateException;
/**
* Generates a <code>CertPath</code> object and initializes it with
* a <code>List</code> of <code>Certificate</code>s.<br />
* <br />
* The certificates supplied must be of a type supported by the
* <code>CertificateFactory</code>. They will be copied out of the supplied
* <code>List</code> object.<br />
* <br />
* This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
* existing service providers, this method cannot be <code>abstract</code>
* and by default throws an <code>UnsupportedOperationException</code>.
*
* @param certificates a <code>List</code> of <code>Certificate</code>s
*
* @return a <code>CertPath</code> initialized with the supplied list of
* certificates
*
* @exception CertificateException if an exception occurs
* @exception UnsupportedOperationException if the method is not supported
*/
public abstract CertPath engineGenerateCertPath(List certificates)
throws CertificateException;
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateNotYetValidException.java vendored
View File

@ -1,14 +0,0 @@
package java.security.cert;
public class CertificateNotYetValidException extends CertificateException
{
public CertificateNotYetValidException()
{
}
public CertificateNotYetValidException(String msg)
{
super(msg);
}
}

14
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CertificateParsingException.java vendored
View File

@ -1,14 +0,0 @@
package java.security.cert;
public class CertificateParsingException extends CertificateException
{
public CertificateParsingException()
{
}
public CertificateParsingException(String msg)
{
super(msg);
}
}

117
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/CollectionCertStoreParameters.java vendored
View File

@ -1,117 +0,0 @@
package java.security.cert;
import java.util.ArrayList;
import java.util.Collection;
/**
* Parameters used as input for the Collection <code>CertStore</code>
* algorithm.<br />
* <br />
* This class is used to provide necessary configuration parameters
* to implementations of the Collection <code>CertStore</code>
* algorithm. The only parameter included in this class is the
* <code>Collection</code> from which the <code>CertStore</code> will
* retrieve certificates and CRLs.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see java.util.Collection
* @see CertStore
**/
public class CollectionCertStoreParameters implements CertStoreParameters
{
private Collection collection;
/**
* Creates an instance of <code>CollectionCertStoreParameters</code>
* which will allow certificates and CRLs to be retrieved from the
* specified <code>Collection</code>. If the specified
* <code>Collection</code> contains an object that is not a
* <code>Certificate</code> or <code>CRL</code>, that object will be
* ignored by the Collection <code>CertStore</code>.<br />
* <br />
* The <code>Collection</code> is <b>not</b> copied. Instead, a
* reference is used. This allows the caller to subsequently add or
* remove <code>Certificates</code> or <code>CRL</code>s from the
* <code>Collection</code>, thus changing the set of
* <code>Certificates</code> or <code>CRL</code>s available to the
* Collection <code>CertStore</code>. The Collection <code>CertStore</code>
* will not modify the contents of the <code>Collection</code>.<br />
* <br />
* If the <code>Collection</code> will be modified by one thread while
* another thread is calling a method of a Collection <code>CertStore</code>
* that has been initialized with this <code>Collection</code>, the
* <code>Collection</code> must have fail-fast iterators.
*
* @param collection a <code>Collection</code> of
* <code>Certificate</code>s and <code>CRL</code>s
*
* @exception NullPointerException if <code>collection</code> is
* <code>null</code>
*/
public CollectionCertStoreParameters(Collection collection)
{
if ( collection == null )
throw new NullPointerException("collection must be non-null");
this.collection = collection;
}
/**
* Creates an instance of <code>CollectionCertStoreParameters</code> with
* the an empty Collection.
*/
public CollectionCertStoreParameters()
{
collection = new ArrayList();
}
/**
* Returns the <code>Collection</code> from which <code>Certificate</code>s
* and <code>CRL</code>s are retrieved. This is <b>not</b> a copy of the
* <code>Collection</code>, it is a reference. This allows the caller to
* subsequently add or remove <code>Certificates</code> or
* <code>CRL</code>s from the <code>Collection</code>.
*
* @return the <code>Collection</code> (never null)
*/
public Collection getCollection()
{
return collection;
}
/**
* Returns a copy of this object. Note that only a reference to the
* <code>Collection</code> is copied, and not the contents.
*
* @return the copy
*/
public Object clone()
{
try {
return super.clone();
} catch (CloneNotSupportedException e) {
/* Cannot happen */
throw new InternalError(e.toString());
}
}
/**
* Returns a formatted string describing the parameters.
*
* @return a formatted string describing the parameters
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append("CollectionCertStoreParameters: [\n collections:\n");
s.append( getCollection());
s.append("\n]" );
return s.toString();
}
}

130
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/LDAPCertStoreParameters.java vendored
View File

@ -1,130 +0,0 @@
package java.security.cert;
/**
* Parameters used as input for the LDAP <code>CertStore</code> algorithm.<br />
* <br />
* This class is used to provide necessary configuration parameters (server
* name and port number) to implementations of the LDAP <code>CertStore</code>
* algorithm.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertStore
**/
public class LDAPCertStoreParameters implements CertStoreParameters
{
private static final int LDAP_DEFAULT_PORT = 389;
/**
* the port number of the LDAP server
*/
private String serverName;
/**
* the DNS name of the LDAP server
*/
private int port;
/**
* Creates an instance of <code>LDAPCertStoreParameters</code> with the
* default parameter values (server name "localhost", port 389).
*/
public LDAPCertStoreParameters()
{
this("localhost", LDAP_DEFAULT_PORT);
}
/**
* Creates an instance of <code>LDAPCertStoreParameters</code> with the
* specified server name and a default port of 389.
*
* @param serverName the DNS name of the LDAP server
*
* @exception NullPointerException if <code>serverName</code> is
* <code>null</code>
*/
public LDAPCertStoreParameters(String serverName)
{
this(serverName, LDAP_DEFAULT_PORT);
}
/**
* Creates an instance of <code>LDAPCertStoreParameters</code> with the
* specified parameter values.
*
* @param serverName the DNS name of the LDAP server
* @param port the port number of the LDAP server
*
* @exception NullPointerException if <code>serverName</code> is
* <code>null</code>
*/
public LDAPCertStoreParameters(String serverName, int port)
{
if (serverName == null)
throw new NullPointerException("serverName must be non-null");
this.serverName = serverName;
this.port = port;
}
/**
* Returns the DNS name of the LDAP server.
*
* @return the name (not <code>null</code>)
*/
public String getServerName()
{
return serverName;
}
/**
* Returns the port number of the LDAP server.
*
* @return the port number
*/
public int getPort()
{
return port;
}
/**
* Returns a copy of this object. Changes to the copy will not affect
* the original and vice versa.<br />
* <br />
* Note: this method currently performs a shallow copy of the object
* (simply calls <code>Object.clone()</code>). This may be changed in a
* future revision to perform a deep copy if new parameters are added
* that should not be shared.
*
* @return the copy
*/
public Object clone()
{
try {
return super.clone();
} catch (CloneNotSupportedException e) {
/* Cannot happen */
throw new InternalError(e.toString());
}
}
/**
* Returns a formatted string describing the parameters.
*
* @return a formatted string describing the parameters
*/
public String toString()
{
StringBuffer sb = new StringBuffer();
sb.append("LDAPCertStoreParameters: [\n");
sb.append(" serverName: ").append(serverName).append('\n');
sb.append(" port: ").append(port).append('\n');
sb.append(']');
return sb.toString();
}
}

179
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PKIXBuilderParameters.java vendored
View File

@ -1,179 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.Set;
/**
* Parameters used as input for the PKIX <code>CertPathBuilder</code>
* algorithm.<br />
* <br />
* A PKIX <code>CertPathBuilder</code> uses these parameters to {@link
* CertPathBuilder#build build} a <code>CertPath</code> which has been
* validated according to the PKIX certification path validation algorithm.<br />
* <br />
* To instantiate a <code>PKIXBuilderParameters</code> object, an
* application must specify one or more <i>most-trusted CAs</i> as defined by
* the PKIX certification path validation algorithm. The most-trusted CA
* can be specified using one of two constructors. An application
* can call {@link #PKIXBuilderParameters(Set, CertSelector)
* PKIXBuilderParameters(Set, CertSelector)}, specifying a
* <code>Set</code> of <code>TrustAnchor</code> objects, each of which
* identifies a most-trusted CA. Alternatively, an application can call
* {@link #PKIXBuilderParameters(KeyStore, CertSelector)
* PKIXBuilderParameters(KeyStore, CertSelector)}, specifying a
* <code>KeyStore</code> instance containing trusted certificate entries, each
* of which will be considered as a most-trusted CA.<br />
* <br />
* In addition, an application must specify constraints on the target
* certificate that the <code>CertPathBuilder</code> will attempt
* to build a path to. The constraints are specified as a
* <code>CertSelector</code> object. These constraints should provide the
* <code>CertPathBuilder</code> with enough search criteria to find the target
* certificate. Minimal criteria for an <code>X509Certificate</code> usually
* include the subject name and/or one or more subject alternative names.
* If enough criteria is not specified, the <code>CertPathBuilder</code>
* may throw a <code>CertPathBuilderException</code>.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathBuilder
**/
public class PKIXBuilderParameters extends PKIXParameters
{
private int maxPathLength = 5;
/**
* Creates an instance of <code>PKIXBuilderParameters</code> with
* the specified <code>Set</code> of most-trusted CAs.
* Each element of the set is a {@link TrustAnchor TrustAnchor}.<br />
* <br />
* Note that the <code>Set</code> is copied to protect against
* subsequent modifications.
*
* @param trustAnchors a <code>Set</code> of <code>TrustAnchor</code>s
* @param targetConstraints a <code>CertSelector</code> specifying the
* constraints on the target certificate
*
* @exception InvalidAlgorithmParameterException if <code>trustAnchors</code>
* is empty <code>(trustAnchors.isEmpty() == true)</code>
* @exception NullPointerException if <code>trustAnchors</code> is
* <code>null</code>
* @exception ClassCastException if any of the elements of
* <code>trustAnchors</code> are not of type
* <code>java.security.cert.TrustAnchor</code>
*/
public PKIXBuilderParameters(
Set trustAnchors,
CertSelector targetConstraints)
throws InvalidAlgorithmParameterException
{
super( trustAnchors );
setTargetCertConstraints( targetConstraints );
}
/**
* Creates an instance of <code>PKIXBuilderParameters</code> that
* populates the set of most-trusted CAs from the trusted
* certificate entries contained in the specified <code>KeyStore</code>.
* Only keystore entries that contain trusted <code>X509Certificate</code>s
* are considered; all other certificate types are ignored.
*
* @param keystore a <code>KeyStore</code> from which the set of
* most-trusted CAs will be populated
* @param targetConstraints a <code>CertSelector</code> specifying the
* constraints on the target certificate
*
* @exception KeyStoreException if <code>keystore</code> has not been
* initialized
* @exception InvalidAlgorithmParameterException if <code>keystore</code> does
* not contain at least one trusted certificate entry
* @exception NullPointerException if <code>keystore</code> is
* <code>null</code>
*/
public PKIXBuilderParameters(KeyStore keystore,
CertSelector targetConstraints)
throws KeyStoreException,
InvalidAlgorithmParameterException
{
super( keystore );
setTargetCertConstraints( targetConstraints );
}
/**
* Sets the value of the maximum number of non-self-issued intermediate
* certificates that may exist in a certification path. A certificate
* is self-issued if the DNs that appear in the subject and issuer
* fields are identical and are not empty. Note that the last certificate
* in a certification path is not an intermediate certificate, and is not
* included in this limit. Usually the last certificate is an end entity
* certificate, but it can be a CA certificate. A PKIX
* <code>CertPathBuilder</code> instance must not build
* paths longer than the length specified.<br />
* <br />
* A value of 0 implies that the path can only contain
* a single certificate. A value of -1 implies that the
* path length is unconstrained (i.e. there is no maximum).
* The default maximum path length, if not specified, is 5.
* Setting a value less than -1 will cause an exception to be thrown.<br />
* <br />
* If any of the CA certificates contain the
* <code>BasicConstraintsExtension</code>, the value of the
* <code>pathLenConstraint</code> field of the extension overrides
* the maximum path length parameter whenever the result is a
* certification path of smaller length.
*
* @param maxPathLength the maximum number of non-self-issued intermediate
* certificates that may exist in a certification path
*
* @exception InvalidParameterException if <code>maxPathLength</code> is set
* to a value less than -1
*
* @see #getMaxPathLength
*/
public void setMaxPathLength(int maxPathLength)
{
if ( maxPathLength < -1 )
throw new InvalidParameterException("the maximum path length parameter can not be less than -1");
this.maxPathLength = maxPathLength;
}
/**
* Returns the value of the maximum number of intermediate non-self-issued
* certificates that may exist in a certification path. See
* the {@link #setMaxPathLength} method for more details.
*
* @return the maximum number of non-self-issued intermediate certificates
* that may exist in a certification path, or -1 if there is no limit
*
* @see #setMaxPathLength
*/
public int getMaxPathLength()
{
return maxPathLength;
}
/**
* Returns a formatted string describing the parameters.
*
* @return a formatted string describing the parameters
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append( "PKIXBuilderParameters [\n" );
s.append( super.toString() );
s.append( " Maximum Path Length: " );
s.append( getMaxPathLength() );
s.append( "\n]\n" );
return s.toString();
}
}

93
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PKIXCertPathBuilderResult.java vendored
View File

@ -1,93 +0,0 @@
package java.security.cert;
import java.security.PublicKey;
/**
* This class represents the successful result of the PKIX certification
* path builder algorithm. All certification paths that are built and
* returned using this algorithm are also validated according to the PKIX
* certification path validation algorithm.<br />
* <br />
* Instances of <code>PKIXCertPathBuilderResult</code> are returned by
* the <code>build</code> method of <code>CertPathBuilder</code>
* objects implementing the PKIX algorithm.<br />
* <br />
* All <code>PKIXCertPathBuilderResult</code> objects contain the
* certification path constructed by the build algorithm, the
* valid policy tree and subject public key resulting from the build
* algorithm, and a <code>TrustAnchor</code> describing the certification
* authority (CA) that served as a trust anchor for the certification path.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathBuilderResult
*
**/
public class PKIXCertPathBuilderResult extends PKIXCertPathValidatorResult
implements CertPathBuilderResult
{
private CertPath certPath;
/**
* Creates an instance of <code>PKIXCertPathBuilderResult</code>
* containing the specified parameters.
*
* @param certPath the validated <code>CertPath</code>
* @param trustAnchor a <code>TrustAnchor</code> describing the CA that
* served as a trust anchor for the certification path
* @param policyTree the immutable valid policy tree, or <code>null</code>
* if there are no valid policies
* @param subjectPublicKey the public key of the subject
*
* @exception NullPointerException if the <code>certPath</code>,
* <code>trustAnchor</code> or <code>subjectPublicKey</code> parameters
* are <code>null</code>
*/
public PKIXCertPathBuilderResult(CertPath certPath, TrustAnchor trustAnchor,
PolicyNode policyTree, PublicKey subjectPublicKey)
{
super(trustAnchor, policyTree, subjectPublicKey);
if ( certPath == null )
throw new NullPointerException( "certPath must be non-null" );
this.certPath = certPath;
}
/**
* Returns the built and validated certification path. The
* <code>CertPath</code> object does not include the trust anchor.
* Instead, use the {@link #getTrustAnchor() getTrustAnchor()} method to
* obtain the <code>TrustAnchor</code> that served as the trust anchor
* for the certification path.
*
* @return the built and validated <code>CertPath</code> (never
* <code>null</code>)
*/
public CertPath getCertPath()
{
return certPath;
}
/**
* Return a printable representation of this
* <code>PKIXCertPathBuilderResult</code>.
*
* @return a <code>String</code> describing the contents of this
* <code>PKIXCertPathBuilderResult</code>
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append( "PKIXCertPathBuilderResult: [\n" );
s.append( " Certification Path: ").append(getCertPath()).append('\n' );
s.append( " Trust Anchor: ").append(getTrustAnchor()).append('\n' );
s.append( " Policy Tree: ").append(getPolicyTree()).append('\n' );
s.append( " Subject Public Key: ").append(getPublicKey()).append("\n]");
return s.toString();
}
}

155
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PKIXCertPathChecker.java vendored
View File

@ -1,155 +0,0 @@
package java.security.cert;
import java.util.Collection;
import java.util.Set;
/**
* An abstract class that performs one or more checks on an
* <code>X509Certificate</code>. <br />
* <br />
* A concrete implementation of the <code>PKIXCertPathChecker</code> class
* can be created to extend the PKIX certification path validation algorithm.
* For example, an implementation may check for and process a critical private
* extension of each certificate in a certification path.<br />
* <br />
* Instances of <code>PKIXCertPathChecker</code> are passed as parameters
* using the {@link PKIXParameters#setCertPathCheckers setCertPathCheckers}
* or {@link PKIXParameters#addCertPathChecker addCertPathChecker} methods
* of the <code>PKIXParameters</code> and <code>PKIXBuilderParameters</code>
* class. Each of the <code>PKIXCertPathChecker</code>s {@link #check check}
* methods will be called, in turn, for each certificate processed by a PKIX
* <code>CertPathValidator</code> or <code>CertPathBuilder</code>
* implementation.<br />
* <br />
* A <code>PKIXCertPathChecker</code> may be called multiple times on
* successive certificates in a certification path. Concrete subclasses
* are expected to maintain any internal state that may be necessary to
* check successive certificates. The {@link #init init} method is used
* to initialize the internal state of the checker so that the certificates
* of a new certification path may be checked. A stateful implementation
* <b>must</b> override the {@link #clone clone} method if necessary in
* order to allow a PKIX <code>CertPathBuilder</code> to efficiently
* backtrack and try other paths. In these situations, the
* <code>CertPathBuilder</code> is able to restore prior path validation
* states by restoring the cloned <code>PKIXCertPathChecker</code>s.<br />
* <br />
* The order in which the certificates are presented to the
* <code>PKIXCertPathChecker</code> may be either in the forward direction
* (from target to most-trusted CA) or in the reverse direction (from
* most-trusted CA to target). A <code>PKIXCertPathChecker</code> implementation
* <b>must</b> support reverse checking (the ability to perform its checks when
* it is presented with certificates in the reverse direction) and <b>may</b>
* support forward checking (the ability to perform its checks when it is
* presented with certificates in the forward direction). The
* {@link #isForwardCheckingSupported isForwardCheckingSupported} method
* indicates whether forward checking is supported.<br />
* <br />
* Additional input parameters required for executing the check may be
* specified through constructors of concrete implementations of this class.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see PKIXParameters
* @see PKIXBuilderParameters
**/
public abstract class PKIXCertPathChecker implements Cloneable
{
/**
* Default constructor.
*/
protected PKIXCertPathChecker() {}
/**
* Initializes the internal state of this <code>PKIXCertPathChecker</code>.
* <p>
* The <code>forward</code> flag specifies the order that
* certificates will be passed to the {@link #check check} method
* (forward or reverse). A <code>PKIXCertPathChecker</code> <b>must</b>
* support reverse checking and <b>may</b> support forward checking.
*
* @param forward the order that certificates are presented to
* the <code>check</code> method. If <code>true</code>, certificates
* are presented from target to most-trusted CA (forward); if
* <code>false</code>, from most-trusted CA to target (reverse).
* @exception CertPathValidatorException if this
* <code>PKIXCertPathChecker</code> is unable to check certificates in
* the specified order; it should never be thrown if the forward flag
* is false since reverse checking must be supported
*/
public abstract void init(boolean forward)
throws CertPathValidatorException;
/**
* Indicates if forward checking is supported. Forward checking refers
* to the ability of the <code>PKIXCertPathChecker</code> to perform
* its checks when certificates are presented to the <code>check</code>
* method in the forward direction (from target to most-trusted CA).
*
* @return <code>true</code> if forward checking is supported,
* <code>false</code> otherwise
*/
public abstract boolean isForwardCheckingSupported();
/**
* Returns an immutable <code>Set</code> of X.509 certificate extensions
* that this <code>PKIXCertPathChecker</code> supports (i.e. recognizes, is
* able to process), or <code>null</code> if no extensions are supported.
* <p>
* Each element of the set is a <code>String</code> representing the
* Object Identifier (OID) of the X.509 extension that is supported.
* The OID is represented by a set of nonnegative integers separated by
* periods.
* <p>
* All X.509 certificate extensions that a <code>PKIXCertPathChecker</code>
* might possibly be able to process should be included in the set.
*
* @return an immutable <code>Set</code> of X.509 extension OIDs (in
* <code>String</code> format) supported by this
* <code>PKIXCertPathChecker</code>, or <code>null</code> if no
* extensions are supported
*/
public abstract Set getSupportedExtensions();
/**
* Performs the check(s) on the specified certificate using its internal
* state and removes any critical extensions that it processes from the
* specified collection of OID strings that represent the unresolved
* critical extensions. The certificates are presented in the order
* specified by the <code>init</code> method.
*
* @param cert the <code>Certificate</code> to be checked
* @param unresolvedCritExts a <code>Collection</code> of OID strings
* representing the current set of unresolved critical extensions
* @exception CertPathValidatorException if the specified certificate does
* not pass the check
*/
public abstract void check(
Certificate cert,
Collection unresolvedCritExts)
throws CertPathValidatorException;
/**
* Returns a clone of this object. Calls the <code>Object.clone()</code>
* method.
* All subclasses which maintain state must support and
* override this method, if necessary.
*
* @return a copy of this <code>PKIXCertPathChecker</code>
*/
public Object clone()
{
try {
return super.clone();
} catch ( CloneNotSupportedException ex ) {
/* Cannot happen */
throw new InternalError( ex.toString() );
}
}
}

136
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PKIXCertPathValidatorResult.java vendored
View File

@ -1,136 +0,0 @@
package java.security.cert;
import java.security.PublicKey;
/**
* This class represents the successful result of the PKIX certification
* path validation algorithm. <br />
* <br />
* Instances of <code>PKIXCertPathValidatorResult</code> are returned by the
* {@link CertPathValidator#validate validate} method of
* <code>CertPathValidator</code> objects implementing the PKIX algorithm.<br />
* <br />
* All <code>PKIXCertPathValidatorResult</code> objects contain the
* valid policy tree and subject public key resulting from the
* validation algorithm, as well as a <code>TrustAnchor</code> describing
* the certification authority (CA) that served as a trust anchor for the
* certification path.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathValidatorResult
**/
public class PKIXCertPathValidatorResult implements CertPathValidatorResult
{
private TrustAnchor trustAnchor;
private PolicyNode policyTree;
private PublicKey subjectPublicKey;
/**
* Creates an instance of <code>PKIXCertPathValidatorResult</code>
* containing the specified parameters.
*
* @param trustAnchor a <code>TrustAnchor</code> describing the CA that
* served as a trust anchor for the certification path
* @param policyTree the immutable valid policy tree, or <code>null</code>
* if there are no valid policies
* @param subjectPublicKey the public key of the subject
*
* @exception NullPointerException if the <code>subjectPublicKey</code> or
* <code>trustAnchor</code> parameters are <code>null</code>
*/
public PKIXCertPathValidatorResult(TrustAnchor trustAnchor,
PolicyNode policyTree,
PublicKey subjectPublicKey)
{
if ( subjectPublicKey == null )
throw new NullPointerException( "subjectPublicKey must be non-null" );
if ( trustAnchor == null )
throw new NullPointerException( "trustAnchor must be non-null" );
this.trustAnchor = trustAnchor;
this.policyTree = policyTree;
this.subjectPublicKey = subjectPublicKey;
}
/**
* Returns the <code>TrustAnchor</code> describing the CA that served
* as a trust anchor for the certification path.
*
* @return the <code>TrustAnchor</code> (never <code>null</code>)
*/
public TrustAnchor getTrustAnchor()
{
return trustAnchor;
}
/**
* Returns the root node of the valid policy tree resulting from the
* PKIX certification path validation algorithm. The
* <code>PolicyNode</code> object that is returned and any objects that
* it returns through public methods are immutable.<br />
* <br />
* Most applications will not need to examine the valid policy tree.
* They can achieve their policy processing goals by setting the
* policy-related parameters in <code>PKIXParameters</code>. However, more
* sophisticated applications, especially those that process policy
* qualifiers, may need to traverse the valid policy tree using the
* {@link PolicyNode#getParent PolicyNode.getParent} and
* {@link PolicyNode#getChildren PolicyNode.getChildren} methods.
*
* @return the root node of the valid policy tree, or <code>null</code>
* if there are no valid policies
*/
public PolicyNode getPolicyTree()
{
return policyTree;
}
/**
* Returns the public key of the subject (target) of the certification
* path, including any inherited public key parameters if applicable.
*
* @return the public key of the subject (never <code>null</code>)
*/
public PublicKey getPublicKey()
{
return subjectPublicKey;
}
/**
* Returns a copy of this object.
*
* @return the copy
*/
public Object clone()
{
try {
return super.clone();
} catch ( CloneNotSupportedException ex ) {
throw new InternalError( ex.toString() );
}
}
/**
* Return a printable representation of this
* <code>PKIXCertPathValidatorResult</code>.
*
* @return a <code>String</code> describing the contents of this
* <code>PKIXCertPathValidatorResult</code>
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append( "PKIXCertPathValidatorResult: [ \n" );
s.append( " Trust Anchor: ").append(getTrustAnchor()).append('\n' );
s.append( " Policy Tree: ").append(getPolicyTree()).append('\n' );
s.append( " Subject Public Key: ").append(getPublicKey()).append("\n]" );
return s.toString();
}
}

770
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PKIXParameters.java vendored
View File

@ -1,770 +0,0 @@
package java.security.cert;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
/**
* Parameters used as input for the PKIX CertPathValidator algorithm.<br />
* <br />
* A PKIX <code>CertPathValidator</code> uses these parameters to validate a
* <code>CertPath</code> according to the PKIX certification path validation
* algorithm.<br />
* <br />
* To instantiate a <code>PKIXParameters</code> object, an application must specify
* one or more <i>most-trusted CAs</i> as defined by the PKIX certification
* path validation algorithm. The most-trusted CAs can be specified
* using one of two constructors. An application can call
* {@link #PKIXParameters(Set)}, specifying a Set of <code>TrustAnchor</code> objects, each
* of which identify a most-trusted CA. Alternatively, an application
* can call {@link #PKIXParameters(KeyStore)}, specifying a <code>KeyStore</code> instance
* containing trusted certificate entries, each of which will be
* considered as a most-trusted CA.<br />
* <br />
* Once a <code>PKIXParameters</code> object has been created, other parameters can
* be specified (by calling {@link #setInitialPolicies} or {@link #setDate}, for
* instance) and then the <code>PKIXParameters</code> is passed along with the
* <code>CertPath</code> to be validated to {@link CertPathValidator#validate}.<br />
* <br />
* Any parameter that is not set (or is set to null) will be set to the
* default value for that parameter. The default value for the date
* parameter is null, which indicates the current time when the path is
* validated. The default for the remaining parameters is the least
* constrained.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are
* not thread-safe. Multiple threads that need to access a single
* object concurrently should synchronize amongst themselves and
* provide the necessary locking. Multiple threads each manipulating
* separate objects need not synchronize.
*
* @see CertPathValidator
**/
public class PKIXParameters implements CertPathParameters {
private Set trustAnchors;
private Set initialPolicies = new HashSet();
private List certStores = new ArrayList();
private CertSelector certSelector;
private List certPathCheckers = new ArrayList();
private boolean revocationEnabled = true;
private boolean explicitPolicyRequired = false;
private boolean policyMappingInhibited = false;
private boolean anyPolicyInhibited = false;
private boolean policyQualifiersRejected = true;
private Date date;
private String sigProvider;
/**
* Creates an instance of PKIXParameters with the specified
* Set of most-trusted CAs. Each element of the set is a
* TrustAnchor.<br />
* <br />
* Note that the Set is copied to protect against subsequent
* modifications.
*
* @param trustAnchors a Set of TrustAnchors
*
* @exception InvalidAlgorithmParameterException if the
* specified Set is empty <code>(trustAnchors.isEmpty() == true)</code>
* @exception NullPointerException if the specified Set is <code>null</code>
* @exception ClassCastException if any of the elements in the
* Set are not of type
* <code>java.security.cert.TrustAnchor</code>
**/
public PKIXParameters(Set trustAnchors)
throws InvalidAlgorithmParameterException
{
setTrustAnchors( trustAnchors );
}
/**
* Creates an instance of PKIXParameters that populates the
* set of most-trusted CAs from the trusted certificate
* entries contained in the specified KeyStore. Only keystore
* entries that contain trusted X509Certificates are
* considered; all other certificate types are ignored.
*
* @param keystore a KeyStore from which the set of
* most-trusted CAs will be populated
*
* @exception KeyStoreException if the keystore has not been
* initialized
* @exception InvalidAlgorithmParameterException if the keystore
* does not contain at least one trusted certificate entry
* @exception NullPointerException if the keystore is null
**/
public PKIXParameters(KeyStore keystore)
throws KeyStoreException,
InvalidAlgorithmParameterException
{
if ( keystore == null )
throw new NullPointerException( "the keystore parameter must be non-null" );
Set trustAnchors = new HashSet();
String alias;
Certificate cert;
Enumeration enum = keystore.aliases();
while ( enum.hasMoreElements() ) {
alias = (String)enum.nextElement();
if ( keystore.isCertificateEntry( alias ) ) {
cert = keystore.getCertificate( alias );
if ( cert instanceof X509Certificate )
trustAnchors.add( new TrustAnchor( (X509Certificate)cert, null ) );
}
}
setTrustAnchors( trustAnchors );
}
/**
* Returns an immutable Set of the most-trusted CAs.
*
* @return an immutable <code>Set</code> of
* <code>TrustAnchors</code> (never <code>null</code>)
*
* @see #setTrustAnchors
**/
public Set getTrustAnchors()
{
return Collections.unmodifiableSet(trustAnchors);
}
/**
* Sets the Set of most-trusted CAs.<br />
* <br />
* Note that the Set is copied to protect against subsequent
* modifications.<br />
* <br />
* @param trustAnchors a Set of TrustAnchors
*
* @exception InvalidAlgorithmParameterException if the specified Set is empty <code>(trustAnchors.isEmpty() == true)</code>
* @exception NullPointerException if the specified Set is <code>null</code>
* @exception ClassCastException if any of the elements in
* the set are not of type java.security.cert.TrustAnchor
*
* @see #getTrustAnchors
**/
public void setTrustAnchors(Set trustAnchors)
throws InvalidAlgorithmParameterException
{
if ( trustAnchors == null )
throw new NullPointerException("the trustAnchors parameter must be non-null");
if ( trustAnchors.isEmpty() )
throw new InvalidAlgorithmParameterException("the trustAnchors parameter must be non-empty");
Iterator iter = trustAnchors.iterator();
TrustAnchor obj;
this.trustAnchors = new HashSet();
while( iter.hasNext() ) {
obj = (TrustAnchor)iter.next();
if ( obj != null ) {
this .trustAnchors.add( obj );
}
}
}
/**
* Returns an immutable Set of initial policy identifiers (OID
* strings), indicating that any one of these policies would
* be acceptable to the certificate user for the purposes of
* certification path processing. The default return value is
* an empty <code>Set</code>, which is interpreted as meaning that any
* policy would be acceptable.
*
* @return an immutable <code>Set</code> of initial policy
* OIDs in String format, or an empty <code>Set</code> (implying any policy
* is acceptable). Never returns <code>null</code>.
*
* @see #setInitialPolicies(java.util.Set)
**/
public Set getInitialPolicies()
{
Set returnSet = initialPolicies;
if ( initialPolicies == null )
returnSet = new HashSet();
return Collections.unmodifiableSet( returnSet );
}
/**
* Sets the <code>Set</code> of initial policy identifiers (OID strings),
* indicating that any one of these policies would be
* acceptable to the certificate user for the purposes of
* certification path processing. By default, any policy is
* acceptable (i.e. all policies), so a user that wants to
* allow any policy as acceptable does not need to call this
* method, or can call it with an empty <code>Set</code> (or <code>null</code>).<br />
* <br />
* Note that the Set is copied to protect against subsequent
* modifications.<br />
* <br />
* @param initialPolicies a Set of initial policy OIDs in String format (or <code>null</code>)
*
* @exception ClassCastException if any of the elements in the
* set are not of type String
*
* @see #getInitialPolicies()
**/
public void setInitialPolicies(Set initialPolicies)
{
if ( initialPolicies == null || initialPolicies.isEmpty() )
{
this.initialPolicies = null;
}
else
{
Iterator iter = initialPolicies.iterator();
this.initialPolicies = new HashSet();
String obj;
while ( iter.hasNext() )
{
obj = (String)iter.next();
if ( obj != null ) {
this.initialPolicies.add( obj );
}
}
}
}
/**
* Sets the list of CertStores to be used in finding
* certificates and CRLs. May be null, in which case no
* CertStores will be used. The first CertStores in the list
* may be preferred to those that appear later.<br />
* <br />
* Note that the List is copied to protect against subsequent
* modifications.<br />
* <br />
* @param stores a List of CertStores (or <code>null</code>)
*
* @exception ClassCastException if any of the elements in the
* list are not of type <code>java.security.cert.CertStore</code>
*
* @see #getCertStores()
**/
public void setCertStores(List stores)
{
certStores = new ArrayList();
if ( stores != null && ! stores.isEmpty() )
{
Iterator iter = stores.iterator();
CertStore obj;
while ( iter.hasNext() )
{
obj = (CertStore)iter.next();
if ( obj != null )
{
certStores.add( obj );
}
}
}
}
/**
* Adds a CertStore to the end of the list of CertStores used
* in finding certificates and CRLs.
*
* @param store the <code>CertStore</code> to add. If
* <code>null</code<, the store is ignored (not added to
* list).
**/
public void addCertStore(CertStore store)
{
if ( store != null )
certStores.add( store );
}
/**
* Returns an immutable List of CertStores that are used to
* find certificates and CRLs.
*
* @return an immutable List of CertStores (may be empty, but never <code>null</code>)
*
* @see #setCertStores(java.util.List)
**/
public List getCertStores()
{
return Collections.unmodifiableList(certStores);
}
/**
* Sets the RevocationEnabled flag. If this flag is true, the default
* revocation checking mechanism of the underlying PKIX service provider
* will be used. If this flag is false, the default revocation checking
* mechanism will be disabled (not used).<br />
* <br />
* When a <code>PKIXParameters</code> object is created, this flag is set
* to true. This setting reflects the most common strategy for checking
* revocation, since each service provider must support revocation
* checking to be PKIX compliant. Sophisticated applications should set
* this flag to false when it is not practical to use a PKIX service
* provider's default revocation checking mechanism or when an alternative
* revocation checking mechanism is to be substituted (by also calling the
* {@link #addCertPathChecker addCertPathChecker} or {@link
* #setCertPathCheckers setCertPathCheckers} methods).
*
* @param val the new value of the RevocationEnabled flag
**/
public void setRevocationEnabled(boolean val)
{
revocationEnabled = val;
}
/**
* Checks the RevocationEnabled flag. If this flag is true,
* the default revocation checking mechanism of the underlying
* PKIX service provider will be used. If this flag is false,
* the default revocation checking mechanism will be disabled
* (not used). See the setRevocationEnabled method for more
* details on setting the value of this flag.
*
* @return the current value of the RevocationEnabled flag
**/
public boolean isRevocationEnabled()
{
return revocationEnabled;
}
/**
* Sets the ExplicitPolicyRequired flag. If this flag is true,
* an acceptable policy needs to be explicitly identified in
* every certificate. By default, the ExplicitPolicyRequired
* flag is false.
*
* @param val true if explicit policy is to be required, false
* otherwise
**/
public void setExplicitPolicyRequired(boolean val)
{
explicitPolicyRequired = val;
}
/**
* Checks if explicit policy is required. If this flag is
* true, an acceptable policy needs to be explicitly
* identified in every certificate. By default, the
* ExplicitPolicyRequired flag is false.
*
* @return true if explicit policy is required, false otherwise
**/
public boolean isExplicitPolicyRequired()
{
return explicitPolicyRequired;
}
/**
* Sets the PolicyMappingInhibited flag. If this flag is true,
* policy mapping is inhibited. By default, policy mapping is
* not inhibited (the flag is false).
*
* @param val true if policy mapping is to be inhibited, false otherwise
**/
public void setPolicyMappingInhibited(boolean val)
{
policyMappingInhibited = val;
}
/**
* Checks if policy mapping is inhibited. If this flag is
* true, policy mapping is inhibited. By default, policy
* mapping is not inhibited (the flag is false).
*
* @return true if policy mapping is inhibited, false otherwise
**/
public boolean isPolicyMappingInhibited()
{
return policyMappingInhibited;
}
/**
* Sets state to determine if the any policy OID should be
* processed if it is included in a certificate. By default,
* the any policy OID is not inhibited ({@link #isAnyPolicyInhibited()}
* returns false).
*
* @return val - <code>true</code> if the any policy OID is to be inhibited, <code>false</code> otherwise
**/
public void setAnyPolicyInhibited(boolean val)
{
anyPolicyInhibited = val;
}
/**
* Checks whether the any policy OID should be processed if it
* is included in a certificate.
*
* @return <code>true</code> if the any policy OID is inhibited, <code>false</code> otherwise
**/
public boolean isAnyPolicyInhibited()
{
return anyPolicyInhibited;
}
/**
* Sets the PolicyQualifiersRejected flag. If this flag is
* true, certificates that include policy qualifiers in a
* certificate policies extension that is marked critical are
* rejected. If the flag is false, certificates are not
* rejected on this basis.<br />
* <br />
* When a <code>PKIXParameters</code> object is created, this flag is set
* to true. This setting reflects the most common (and
* simplest) strategy for processing policy
* qualifiers. Applications that want to use a more
* sophisticated policy must set this flag to false.<br />
* <br />
* Note that the PKIX certification path validation algorithm
* specifies that any policy qualifier in a certificate
* policies extension that is marked critical must be
* processed and validated. Otherwise the certification path
* must be rejected. If the policyQualifiersRejected flag is
* set to false, it is up to the application to validate all
* policy qualifiers in this manner in order to be PKIX
* compliant.
*
* @param qualifiersRejected the new value of the PolicyQualifiersRejected flag
*
* @see #getPolicyQualifiersRejected()
* @see PolicyQualifierInfo
**/
public void setPolicyQualifiersRejected(boolean qualifiersRejected)
{
policyQualifiersRejected = qualifiersRejected;
}
/**
* Gets the PolicyQualifiersRejected flag. If this flag is
* true, certificates that include policy qualifiers in a
* certificate policies extension that is marked critical are
* rejected. If the flag is false, certificates are not
* rejected on this basis.<br />
* <br />
* When a PKIXParameters object is created, this flag is set to
* true. This setting reflects the most common (and simplest)
* strategy for processing policy qualifiers. Applications that
* want to use a more sophisticated policy must set this flag
* to false.
*
* @return the current value of the PolicyQualifiersRejected flag
*
* @see #setPolicyQualifiersRejected(boolean)
**/
public boolean getPolicyQualifiersRejected()
{
return policyQualifiersRejected;
}
/**
* Returns the time for which the validity of the
* certification path should be determined. If null, the
* current time is used.<br />
* <br />
* Note that the Date returned is copied to protect against
* subsequent modifications.
*
* @return the Date, or <code>null</code> if not set
*
* @see #setDate(java.util.Date)
**/
public Date getDate()
{
if ( date == null )
return null;
return new Date( date.getTime() );
}
/**
* Sets the time for which the validity of the certification
* path should be determined. If null, the current time is
* used.<br />
* <br />
* Note that the Date supplied here is copied to protect
* against subsequent modifications.
*
* @param date the Date, or <code>null</code> for the current time
*
* @see #getDate()
**/
public void setDate(Date date)
{
if ( date == null )
this.date = null;
else
this.date = new Date( date.getTime() );
}
/**
* Sets a <code>List</code> of additional certification path checkers. If
* the specified List contains an object that is not a
* PKIXCertPathChecker, it is ignored.<br />
* <br />
* Each <code>PKIXCertPathChecker</code> specified implements additional
* checks on a certificate. Typically, these are checks to
* process and verify private extensions contained in
* certificates. Each <code>PKIXCertPathChecker</code> should be
* instantiated with any initialization parameters needed to
* execute the check.<br />
* <br />
* This method allows sophisticated applications to extend a
* PKIX <code>CertPathValidator</code> or <code>CertPathBuilder</code>. Each of the
* specified PKIXCertPathCheckers will be called, in turn, by
* a PKIX <code>CertPathValidator</code> or <code>CertPathBuilder</code> for each
* certificate processed or validated.<br />
* <br />
* Regardless of whether these additional PKIXCertPathCheckers
* are set, a PKIX <code>CertPathValidator</code> or <code>CertPathBuilder</code> must
* perform all of the required PKIX checks on each
* certificate. The one exception to this rule is if the
* RevocationEnabled flag is set to false (see the
* {@link #setRevocationEnabled(boolean) setRevocationEnabled} method).<br />
* <br />
* Note that the List supplied here is copied and each
* PKIXCertPathChecker in the list is cloned to protect against
* subsequent modifications.
*
* @param checkers a List of PKIXCertPathCheckers. May be
* null, in which case no additional checkers will be used.
* @exception ClassCastException if any of the elements in the
* list are not of type
* <code>java.security.cert.PKIXCertPathChecker</code>
* @see #getCertPathCheckers()
**/
public void setCertPathCheckers(List checkers)
{
certPathCheckers = new ArrayList();
if ( checkers == null )
return;
Iterator iter = checkers.iterator();
while ( iter.hasNext() )
certPathCheckers.add( (PKIXCertPathChecker)((PKIXCertPathChecker)iter.next()).clone() );
}
/**
* Returns the List of certification path checkers. The
* returned List is immutable, and each PKIXCertPathChecker in
* the List is cloned to protect against subsequent
* modifications.
*
* @return an immutable List of PKIXCertPathCheckers (may be empty, but not <code>null</code>)
*
* @see #setCertPathCheckers(java.util.List)
**/
public List getCertPathCheckers()
{
List checkers = new ArrayList();
Iterator iter = certPathCheckers.iterator();
while ( iter.hasNext() )
{
checkers.add( (PKIXCertPathChecker)((PKIXCertPathChecker)iter.next()).clone() );
}
return Collections.unmodifiableList(checkers);
}
/**
* Adds a PKIXCertPathChecker to the list of certification
* path checkers. See the {@link #setCertPathCheckers} method for more
* details.<br />
* <br />
* Note that the <code>PKIXCertPathChecker</code> is cloned to protect
* against subsequent modifications.
*
* @param checker a <code>PKIXCertPathChecker</code> to add
* to the list of checks. If <code>null</code>, the checker is
* ignored (not added to list).
**/
public void addCertPathChecker( PKIXCertPathChecker checker )
{
if ( checker != null )
{
certPathCheckers.add( checker.clone() );
}
}
/**
* Returns the signature provider's name, or <code>null</code> if not set.
*
* @return the signature provider's name (or <code>null</code>)
*
* @see #setSigProvider(java.lang.String)
**/
public String getSigProvider()
{
return sigProvider;
}
/**
* Sets the signature provider's name. The specified provider
* will be preferred when creating Signature objects. If null
* or not set, the first provider found supporting the
* algorithm will be used.
*
* @param sigProvider the signature provider's name (or <code>null</code>)
*
* @see #getSigProvider()
**/
public void setSigProvider(String sigProvider)
{
this.sigProvider = sigProvider;
}
/**
* Returns the required constraints on the target
* certificate. The constraints are returned as an instance of
* CertSelector. If <code>null</code>, no constraints are defined.<br />
* <br />
* Note that the CertSelector returned is cloned to protect
* against subsequent modifications.
*
* @return a CertSelector specifying the constraints on the target certificate (or <code>null</code>)
*
* @see #setTargetCertConstraints(java.security.cert.CertSelector)
**/
public CertSelector getTargetCertConstraints()
{
if ( certSelector == null )
return null;
return (CertSelector)certSelector.clone();
}
/**
* Sets the required constraints on the target
* certificate. The constraints are specified as an instance
* of CertSelector. If null, no constraints are defined.<br />
* <br />
* Note that the CertSelector specified is cloned to protect
* against subsequent modifications.
*
* @param selector a CertSelector specifying the constraints
* on the target certificate (or <code>null</code>)
*
* @see #getTargetCertConstraints()
**/
public void setTargetCertConstraints(CertSelector selector)
{
if ( selector == null )
certSelector = null;
else
certSelector = (CertSelector)selector.clone();
}
/**
* Makes a copy of this PKIXParameters object. Changes to the
* copy will not affect the original and vice versa.
*
* @return a copy of this <code>PKIXParameters</code> object
**/
public Object clone()
{
try {
PKIXParameters obj = (PKIXParameters)super.clone();
obj.certStores = new ArrayList( certStores );
Iterator iter = certPathCheckers.iterator();
obj.certPathCheckers = new ArrayList();
while ( iter.hasNext() )
{
obj.certPathCheckers.add( ((PKIXCertPathChecker)iter.next()).clone() );
}
if ( initialPolicies != null )
{
obj.initialPolicies = new HashSet( initialPolicies );
}
if ( trustAnchors != null )
{
obj.trustAnchors = new HashSet( trustAnchors );
}
if ( certSelector != null )
{
obj.certSelector = (CertSelector)certSelector.clone();
}
return obj;
} catch ( CloneNotSupportedException ex ) {
throw new InternalError();
}
}
/**
* Returns a formatted string describing the parameters.
*
* @return a formatted string describing the parameters.
**/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append("[\n");
if ( trustAnchors != null )
{
s.append(" Trust Anchors: ").append(trustAnchors).append('\n');
}
if ( initialPolicies != null )
{
if ( initialPolicies.isEmpty() )
{
s.append(" Initial Policy OIDs: any\n" );
}
else
{
s.append(" Initial Policy OIDs: [").append(initialPolicies).append("]\n");
}
}
s.append(" Validity Date: ");
if ( date != null )
s.append(date);
else
s.append("null");
s.append('\n');
s.append(" Signature Provider: ");
if ( sigProvider != null )
s.append(sigProvider);
else
s.append("null");
s.append('\n');
s.append(" Default Revocation Enabled: ");
s.append(revocationEnabled);
s.append('\n' );
s.append(" Explicit Policy Required: ");
s.append(explicitPolicyRequired);
s.append('\n');
s.append(" Policy Mapping Inhibited: ");
s.append(policyMappingInhibited);
s.append('\n');
s.append(" Any Policy Inhibited: ");
s.append(anyPolicyInhibited);
s.append('\n');
s.append(" Policy Qualifiers Rejected: ");
s.append(policyQualifiersRejected);
s.append('\n');
s.append(" Target Cert Constraints: ");
s.append(certSelector);
s.append('\n');
s.append(" Certification Path Checkers: [");
s.append(certPathCheckers);
s.append( "}\n");
s.append(" CertStores: [");
s.append(certStores);
s.append("}\n");
s.append("]\n");
return s.toString();
}
}

107
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PolicyNode.java vendored
View File

@ -1,107 +0,0 @@
package java.security.cert;
import java.util.Iterator;
import java.util.Set;
/**
* An immutable valid policy tree node as defined by the PKIX certification
* path validation algorithm.<br />
* <br />
* One of the outputs of the PKIX certification path validation
* algorithm is a valid policy tree, which includes the policies that
* were determined to be valid, how this determination was reached,
* and any policy qualifiers encountered. This tree is of depth
* <i>n</i>, where <i>n</i> is the length of the certification
* path that has been validated.<br />
* <br />
* Most applications will not need to examine the valid policy tree.
* They can achieve their policy processing goals by setting the
* policy-related parameters in <code>PKIXParameters</code>. However,
* the valid policy tree is available for more sophisticated applications,
* especially those that process policy qualifiers.<br />
* <br />
* {@link PKIXCertPathValidatorResult#getPolicyTree()
* PKIXCertPathValidatorResult.getPolicyTree} returns the root node of the
* valid policy tree. The tree can be traversed using the
* {@link #getChildren getChildren} and {@link #getParent getParent} methods.
* Data about a particular node can be retrieved using other methods of
* <code>PolicyNode</code>.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* All <code>PolicyNode</code> objects must be immutable and
* thread-safe. Multiple threads may concurrently invoke the methods defined
* in this class on a single <code>PolicyNode</code> object (or more than one)
* with no ill effects. This stipulation applies to all public fields and
* methods of this class and any added or overridden by subclasses.
**/
public interface PolicyNode
{
/**
* Returns the parent of this node, or <code>null</code> if this is the
* root node.
*
* @return the parent of this node, or <code>null</code> if this is the
* root node
*/
public PolicyNode getParent();
/**
* Returns an iterator over the children of this node. Any attempts to
* modify the children of this node through the
* <code>Iterator</code>'s remove method must throw an
* <code>UnsupportedOperationException</code>.
*
* @return an iterator over the children of this node
*/
public Iterator getChildren();
/**
* Returns the depth of this node in the valid policy tree.
*
* @return the depth of this node (0 for the root node, 1 for its
* children, and so on)
*/
public int getDepth();
/**
* Returns the valid policy represented by this node.
*
* @return the <code>String</code> OID of the valid policy
* represented by this node, or the special value "any-policy". For
* the root node, this method always returns the special value "any-policy".
*/
public String getValidPolicy();
/**
* Returns the set of policy qualifiers associated with the
* valid policy represented by this node.
*
* @return an immutable <code>Set</code> of
* <code>PolicyQualifierInfo</code>s. For the root node, this
* is always an empty <code>Set</code>.
*/
public Set getPolicyQualifiers();
/**
* Returns the set of expected policies that would satisfy this
* node's valid policy in the next certificate to be processed.
*
* @return an immutable <code>Set</code> of expected policy
* <code>String</code> OIDs, or an immutable <code>Set</code> with
* the single special value "any-policy". For the root node, this method
* always returns a <code>Set</code> with the single value "any-policy".
*/
public Set getExpectedPolicies();
/**
* Returns the criticality indicator of the certificate policy extension
* in the most recently processed certificate.
*
* @return <code>true</code> if extension marked critical,
* <code>false</code> otherwise. For the root node, <code>false</code>
* is always returned.
*/
public boolean isCritical();
}

196
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/PolicyQualifierInfo.java vendored
View File

@ -1,196 +0,0 @@
package java.security.cert;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.DEROutputStream;
import org.spongycastle.asn1.util.ASN1Dump;
/**
* An immutable policy qualifier represented by the ASN.1 PolicyQualifierInfo
* structure.<br />
* <br />
* The ASN.1 definition is as follows:<br />
* <br />
*
* <pre>
* PolicyQualifierInfo ::= SEQUENCE {
* policyQualifierId PolicyQualifierId,
* qualifier ANY DEFINED BY policyQualifierId }
* </pre>
*
* <br />
* <br />
* A certificate policies extension, if present in an X.509 version 3
* certificate, contains a sequence of one or more policy information terms,
* each of which consists of an object identifier (OID) and optional qualifiers.
* In an end-entity certificate, these policy information terms indicate the
* policy under which the certificate has been issued and the purposes for which
* the certificate may be used. In a CA certificate, these policy information
* terms limit the set of policies for certification paths which include this
* certificate.<br />
* <br />
* A <code>Set</code> of <code>PolicyQualifierInfo</code> objects are
* returned by the
* {@link PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers} method.
* This allows applications with specific policy requirements to process and
* validate each policy qualifier. Applications that need to process policy
* qualifiers should explicitly set the <code>policyQualifiersRejected</code>
* flag to false (by calling the
* {@link PKIXParameters#setPolicyQualifiersRejected
* PKIXParameters.setPolicyQualifiersRejected} method) before validating a
* certification path.<br />
* <br />
* Note that the PKIX certification path validation algorithm specifies that any
* policy qualifier in a certificate policies extension that is marked critical
* must be processed and validated. Otherwise the certification path must be
* rejected. If the <code>policyQualifiersRejected</code> flag is set to
* false, it is up to the application to validate all policy qualifiers in this
* manner in order to be PKIX compliant.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* All <code>PolicyQualifierInfo</code> objects must be immutable and
* thread-safe. That is, multiple threads may concurrently invoke the methods
* defined in this class on a single <code>PolicyQualifierInfo</code> object
* (or more than one) with no ill effects. Requiring
* <code>PolicyQualifierInfo</code> objects to be immutable and thread-safe
* allows them to be passed around to various pieces of code without worrying
* about coordinating access.<br />
* <br />
* Uses {@link org.spongycastle.asn1.ASN1InputStream ASN1InputStream},
* {@link org.spongycastle.asn1.ASN1Sequence ASN1Sequence},
* {@link org.spongycastle.asn1.ASN1ObjectIdentifier ASN1ObjectIdentifier},
* {@link org.spongycastle.asn1.DEROutputStream DEROutputStream},
* {@link org.spongycastle.asn1.ASN1Object ASN1Object}
*/
public final class PolicyQualifierInfo
{
private String id;
private byte[] encoded;
private byte[] qualifier;
/**
* Creates an instance of <code>PolicyQualifierInfo</code> from the
* encoded bytes. The encoded byte array is copied on construction.<br />
* <br />
* Uses {@link org.spongycastle.asn1.ASN1InputStream ASN1InputStream},
* {@link org.spongycastle.asn1.ASN1Sequence ASN1Sequence},
* {@link org.spongycastle.asn1.ASN1ObjectIdentifier ASN1ObjectIdentifier} and
* {@link org.spongycastle.asn1.DEROutputStream DEROutputStream}
*
* @param encoded
* a byte array containing the qualifier in DER encoding
*
* @exception IOException
* thrown if the byte array does not represent a valid and
* parsable policy qualifier
*/
public PolicyQualifierInfo(byte[] encoded) throws IOException
{
this.encoded = (byte[])encoded.clone();
try
{
ByteArrayInputStream inStream = new ByteArrayInputStream(
this.encoded);
ASN1InputStream derInStream = new ASN1InputStream(inStream);
ASN1Sequence obj = (ASN1Sequence)derInStream.readObject();
id = ((ASN1ObjectIdentifier)obj.getObjectAt(0)).getId();
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
DEROutputStream derOutStream = new DEROutputStream(outStream);
derOutStream.writeObject(obj.getObjectAt(1));
derOutStream.close();
qualifier = outStream.toByteArray();
}
catch (Exception ex)
{
throw new IOException("parsing exception : " + ex.toString());
}
}
/**
* Returns the <code>policyQualifierId</code> field of this
* <code>PolicyQualifierInfo</code>. The <code>policyQualifierId</code>
* is an Object Identifier (OID) represented by a set of nonnegative
* integers separated by periods.
*
* @return the OID (never <code>null</code>)
*/
public String getPolicyQualifierId()
{
return id;
}
/**
* Returns the ASN.1 DER encoded form of this
* <code>PolicyQualifierInfo</code>.
*
* @return the ASN.1 DER encoded bytes (never <code>null</code>). Note
* that a copy is returned, so the data is cloned each time this
* method is called.
*/
public byte[] getEncoded()
{
return (byte[])encoded.clone();
}
/**
* Returns the ASN.1 DER encoded form of the <code>qualifier</code> field
* of this <code>PolicyQualifierInfo</code>.
*
* @return the ASN.1 DER encoded bytes of the <code>qualifier</code>
* field. Note that a copy is returned, so the data is cloned each
* time this method is called.
*/
public byte[] getPolicyQualifier()
{
if (qualifier == null)
{
return null;
}
return (byte[])qualifier.clone();
}
/**
* Return a printable representation of this
* <code>PolicyQualifierInfo</code>.<br />
* <br />
* Uses {@link org.spongycastle.asn1.ASN1InputStream ASN1InputStream},
* {@link org.spongycastle.asn1.ASN1Object ASN1Object}
*
* @return a <code>String</code> describing the contents of this
* <code>PolicyQualifierInfo</code>
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append("PolicyQualifierInfo: [\n");
s.append("qualifierID: ").append(id).append('\n');
try
{
ByteArrayInputStream inStream = new ByteArrayInputStream(qualifier);
ASN1InputStream derInStream = new ASN1InputStream(inStream);
ASN1Object derObject = derInStream.readObject();
s
.append(" qualifier:\n").append(ASN1Dump.dumpAsString(derObject))
.append('\n');
}
catch (IOException ex)
{
s.append(ex.getMessage());
}
s.append("qualifier: ").append(id).append('\n');
s.append(']');
return s.toString();
}
}

293
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/TrustAnchor.java vendored
View File

@ -1,293 +0,0 @@
package java.security.cert;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1Sequence;
/**
* A trust anchor or most-trusted Certification Authority (CA). <br />
* <br />
* This class represents a "most-trusted CA", which is used as a trust anchor
* for validating X.509 certification paths. A most-trusted CA includes the
* public key of the CA, the CA's name, and any constraints upon the set of
* paths which may be validated using this key. These parameters can be
* specified in the form of a trusted X509Certificate or as individual
* parameters. <br />
* <br />
* <strong>Concurrent Access</strong><br />
* <br />
* All TrustAnchor objects must be immutable and thread-safe. That is, multiple
* threads may concurrently invoke the methods defined in this class on a
* single TrustAnchor object (or more than one) with no ill effects. Requiring
* TrustAnchor objects to be immutable and thread-safe allows them to be passed
* around to various pieces of code without worrying about coordinating access.
* This stipulation applies to all public fields and methods of this class and
* any added or overridden by subclasses.<br />
* <br />
* <b>TODO: implement better nameConstraints testing.</b>
**/
public class TrustAnchor
{
private X509Certificate trustCert = null;
private PublicKey trustPublicKey = null;
private String trustName = null;
private byte[] nameConstraints = null;
/**
* Creates an instance of TrustAnchor with the specified X509Certificate and
* optional name constraints, which are intended to be used as additional
* constraints when validating an X.509 certification path.<br />
* <br />
* The name constraints are specified as a byte array. This byte array
* should contain the DER encoded form of the name constraints, as they
* would appear in the NameConstraints structure defined in RFC 2459 and
* X.509. The ASN.1 definition of this structure appears below.<br />
* <br />
*
* <pre>
* NameConstraints ::= SEQUENCE {
* permittedSubtrees [0] GeneralSubtrees OPTIONAL,
* excludedSubtrees [1] GeneralSubtrees OPTIONAL }
*
* GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
*
* GeneralSubtree ::= SEQUENCE {
* base GeneralName,
* minimum [0] BaseDistance DEFAULT 0,
* maximum [1] BaseDistance OPTIONAL }
*
* BaseDistance ::= INTEGER (0..MAX)
*
* GeneralName ::= CHOICE {
* otherName [0] OtherName,
* rfc822Name [1] IA5String,
* dNSName [2] IA5String,
* x400Address [3] ORAddress,
* directoryName [4] Name,
* ediPartyName [5] EDIPartyName,
* uniformResourceIdentifier [6] IA5String,
* iPAddress [7] OCTET STRING,
* registeredID [8] OBJECT IDENTIFIER}
* </pre>
*
* <br />
* <br />
* Note that the name constraints byte array supplied is cloned to protect
* against subsequent modifications.
*
* @param trustedCert
* a trusted X509Certificate
* @param nameConstraints
* a byte array containing the ASN.1 DER encoding of a
* NameConstraints extension to be used for checking name
* constraints. Only the value of the extension is included, not
* the OID or criticality flag. Specify null to omit the
* parameter.
*
* @exception IllegalArgumentException
* if the name constraints cannot be decoded
* @exception NullPointerException
* if the specified X509Certificate is null
*/
public TrustAnchor(X509Certificate trustedCert, byte[] nameConstraints)
{
if (trustedCert == null)
{
throw new NullPointerException("trustedCert must be non-null");
}
this.trustCert = trustedCert;
if (nameConstraints != null)
{
this.nameConstraints = (byte[])nameConstraints.clone();
checkNameConstraints(this.nameConstraints);
}
}
/**
* Creates an instance of <code>TrustAnchor</code> where the most-trusted
* CA is specified as a distinguished name and public key. Name constraints
* are an optional parameter, and are intended to be used as additional
* constraints when validating an X.509 certification path.
*
* The name constraints are specified as a byte array. This byte array
* contains the DER encoded form of the name constraints, as they would
* appear in the NameConstraints structure defined in RFC 2459 and X.509.
* The ASN.1 notation for this structure is supplied in the documentation
* for {@link #TrustAnchor(X509Certificate trustedCert, byte[]
* nameConstraints) TrustAnchor(X509Certificate trustedCert, byte[]
* nameConstraints) }.
*
* Note that the name constraints byte array supplied here is cloned to
* protect against subsequent modifications.
*
* @param caName
* the X.500 distinguished name of the most-trusted CA in RFC
* 2253 String format
* @param pubKey
* the public key of the most-trusted CA
* @param nameConstraints
* a byte array containing the ASN.1 DER encoding of a
* NameConstraints extension to be used for checking name
* constraints. Only the value of the extension is included, not
* the OID or criticality flag. Specify null to omit the
* parameter.
*
* @exception IllegalArgumentException
* if the specified caName parameter is empty (<code>caName.length() == 0</code>)
* or incorrectly formatted or the name constraints cannot be
* decoded
* @exception NullPointerException
* if the specified caName or pubKey parameter is null
*/
public TrustAnchor(String caName, PublicKey pubKey, byte[] nameConstraints)
{
if (caName == null)
{
throw new NullPointerException("caName must be non-null");
}
if (pubKey == null)
{
throw new NullPointerException("pubKey must be non-null");
}
if (caName.length() == 0)
{
throw new IllegalArgumentException(
"caName can not be an empty string");
}
this.trustName = caName;
this.trustPublicKey = pubKey;
if (nameConstraints != null)
{
this.nameConstraints = (byte[])nameConstraints.clone();
checkNameConstraints(this.nameConstraints);
}
}
/**
* Returns the most-trusted CA certificate.
*
* @return a trusted <code>X509Certificate</code> or <code>null</code>
* if the trust anchor was not specified as a trusted certificate
*/
public final X509Certificate getTrustedCert()
{
return trustCert;
}
/**
* Returns the name of the most-trusted CA in RFC 2253 String format.
*
* @return the X.500 distinguished name of the most-trusted CA, or
* <code>null</code> if the trust anchor was not specified as a
* trusted public key and name pair
*/
public final String getCAName()
{
return trustName;
}
/**
* Returns the public key of the most-trusted CA.
*
* @return the public key of the most-trusted CA, or null if the trust
* anchor was not specified as a trusted public key and name pair
*/
public final PublicKey getCAPublicKey()
{
return trustPublicKey;
}
/**
* Returns the name constraints parameter. The specified name constraints
* are associated with this trust anchor and are intended to be used as
* additional constraints when validating an X.509 certification path.<br />
* <br />
* The name constraints are returned as a byte array. This byte array
* contains the DER encoded form of the name constraints, as they would
* appear in the NameConstraints structure defined in RFC 2459 and X.509.
* The ASN.1 notation for this structure is supplied in the documentation
* for <code>TrustAnchor(X509Certificate trustedCert, byte[]
* nameConstraints)</code>.<br />
* <br />
* Note that the byte array returned is cloned to protect against subsequent
* modifications.
*
* @return a byte array containing the ASN.1 DER encoding of a
* NameConstraints extension used for checking name constraints, or
* <code>null</code> if not set.
*/
public final byte[] getNameConstraints()
{
return (byte[])nameConstraints.clone();
}
/**
* Returns a formatted string describing the <code>TrustAnchor</code>.
*
* @return a formatted string describing the <code>TrustAnchor</code>
*/
public String toString()
{
StringBuffer sb = new StringBuffer();
sb.append("[\n");
if (getCAPublicKey() != null)
{
sb.append(" Trusted CA Public Key: ").append(getCAPublicKey()).append('\n');
sb.append(" Trusted CA Issuer Name: ").append(getCAName()).append('\n');
}
else
{
sb.append(" Trusted CA cert: ").append(getTrustedCert()).append('\n');
}
if (nameConstraints != null)
{
sb.append(" Name Constraints: ").append(nameConstraints).append('\n');
}
return sb.toString();
}
/**
* Check given DER encoded nameConstraints for correct decoding. Currently
* only basic DER decoding test.<br />
* <br />
* <b>TODO: implement more testing.</b>
*
* @param data
* the DER encoded nameConstrains to be checked or
* <code>null</code>
* @exception IllegalArgumentException
* if the check failed.
*/
private void checkNameConstraints(byte[] data)
{
if (data != null)
{
try
{
ByteArrayInputStream inStream = new ByteArrayInputStream(data);
ASN1InputStream derInStream = new ASN1InputStream(inStream);
ASN1Object derObject = derInStream.readObject();
if (!(derObject instanceof ASN1Sequence))
{
throw new IllegalArgumentException(
"nameConstraints parameter decoding error");
}
}
catch (IOException ex)
{
throw new IllegalArgumentException(
"nameConstraints parameter decoding error: " + ex);
}
}
}
}

77
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509CRL.java vendored
View File

@ -1,77 +0,0 @@
package java.security.cert;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.util.Date;
import java.util.Set;
public abstract class X509CRL extends CRL implements X509Extension
{
protected X509CRL()
{
super("X.509");
}
public boolean equals(Object other)
{
if ( this == other )
return true;
if ( !(other instanceof X509CRL) )
return false;
try
{
byte[] enc1 = getEncoded();
byte[] enc2 = ((X509CRL)other).getEncoded();
return MessageDigest.isEqual(enc1, enc2);
}
catch (CRLException e)
{
return false;
}
}
public int hashCode()
{
int hashcode = 0;
try
{
byte[] encoded = getEncoded();
for (int i = 1; i < encoded.length; i++)
{
hashcode += encoded[i] * i;
}
}
catch (CRLException ce)
{
return(hashcode);
}
return(hashcode);
}
public abstract byte[] getEncoded() throws CRLException;
public abstract Principal getIssuerDN();
public abstract Date getNextUpdate();
public abstract X509CRLEntry getRevokedCertificate(BigInteger serialNumber);
public abstract Set getRevokedCertificates();
public abstract String getSigAlgName();
public abstract String getSigAlgOID();
public abstract byte[] getSigAlgParams();
public abstract byte[] getSignature();
public abstract byte[] getTBSCertList() throws CRLException;
public abstract Date getThisUpdate();
public abstract int getVersion();
public abstract void verify(PublicKey key) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException;
public abstract void verify(PublicKey key, String sigProvider) throws CRLException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException;
}

56
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509CRLEntry.java vendored
View File

@ -1,56 +0,0 @@
package java.security.cert;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.util.Date;
public abstract class X509CRLEntry implements X509Extension
{
public boolean equals(Object other)
{
if ( this == other )
return true;
if ( !(other instanceof X509CRLEntry) )
return false;
try
{
byte[] enc1 = getEncoded();
byte[] enc2 = ((X509CRLEntry)other).getEncoded();
return MessageDigest.isEqual(enc1, enc2);
}
catch (CRLException e)
{
return false;
}
}
public int hashCode()
{
int hashcode = 0;
try
{
byte[] encoded = getEncoded();
for (int i = 1; i < encoded.length; i++)
{
hashcode += encoded[i] * i;
}
}
catch (CRLException ce)
{
return(hashcode);
}
return(hashcode);
}
public abstract byte[] getEncoded() throws CRLException;
public abstract Date getRevocationDate();
public abstract BigInteger getSerialNumber();
public abstract boolean hasExtensions();
public abstract String toString();
}

717
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509CRLSelector.java vendored
View File

@ -1,717 +0,0 @@
package java.security.cert;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CRL;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1OctetString;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.x509.X509Extensions;
import org.spongycastle.asn1.x509.X509Name;
import org.spongycastle.jce.PrincipalUtil;
/**
* A <code>CRLSelector</code> that selects <code>X509CRLs</code> that match
* all specified criteria. This class is particularly useful when selecting CRLs
* from a <code>CertStore</code> to check revocation status of a particular
* certificate.<br />
* <br />
* When first constructed, an <code>X509CRLSelector</code> has no criteria
* enabled and each of the <code>get</code> methods return a default value (<code>null</code>).
* Therefore, the {@link #match match} method would return <code>true</code>
* for any <code>X509CRL</code>. Typically, several criteria are enabled (by
* calling {@link #setIssuerNames setIssuerNames} or
* {@link #setDateAndTime setDateAndTime}, for instance) and then the
* <code>X509CRLSelector</code> is passed to
* {@link CertStore#getCRLs CertStore.getCRLs} or some similar method.<br />
* <br />
* Please refer to RFC 2459 for definitions of the X.509 CRL fields and
* extensions mentioned below.<br />
* <br />
* <b>Concurrent Access</b><br />
* <br />
* Unless otherwise specified, the methods defined in this class are not
* thread-safe. Multiple threads that need to access a single object
* concurrently should synchronize amongst themselves and provide the necessary
* locking. Multiple threads each manipulating separate objects need not
* synchronize.<br />
* <br />
* Uses {@link org.spongycastle.asn1.ASN1InputStream ASN1InputStream},
* {@link org.spongycastle.asn1.ASN1Sequence ASN1Sequence},
* {@link org.spongycastle.asn1.ASN1ObjectIdentifier ASN1ObjectIdentifier},
* {@link org.spongycastle.asn1.DEROutputStream DEROutputStream},
* {@link org.spongycastle.asn1.ASN1Object ASN1Object},
* {@link org.spongycastle.asn1.x509.X509Name X509Name}
*
* @see CRLSelector
* @see X509CRL
*/
public class X509CRLSelector implements CRLSelector
{
private Set issuerNames = null;
private Set issuerNamesX509 = null;
private BigInteger minCRL = null;
private BigInteger maxCRL = null;
private Date dateAndTime = null;
private X509Certificate certChecking = null;
/**
* Creates an <code>X509CRLSelector</code>. Initially, no criteria are
* set so any <code>X509CRL</code> will match.
*/
public X509CRLSelector()
{
}
/**
* Sets the issuerNames criterion. The issuer distinguished name in the
* <code>X509CRL</code> must match at least one of the specified
* distinguished names. If <code>null</code>, any issuer distinguished
* name will do.<br />
* <br />
* This method allows the caller to specify, with a single method call, the
* complete set of issuer names which <code>X509CRLs</code> may contain.
* The specified value replaces the previous value for the issuerNames
* criterion.<br />
* <br />
* The <code>names</code> parameter (if not <code>null</code>) is a
* <code>Collection</code> of names. Each name is a <code>String</code>
* or a byte array representing a distinguished name (in RFC 2253 or ASN.1
* DER encoded form, respectively). If <code>null</code> is supplied as
* the value for this argument, no issuerNames check will be performed.<br />
* <br />
* Note that the <code>names</code> parameter can contain duplicate
* distinguished names, but they may be removed from the
* <code>Collection</code> of names returned by the
* {@link #getIssuerNames getIssuerNames} method.<br />
* <br />
* If a name is specified as a byte array, it should contain a single DER
* encoded distinguished name, as defined in X.501. The ASN.1 notation for
* this structure is as follows.
*
* <pre><code>
* Name ::= CHOICE {
* RDNSequence }
*
* RDNSequence ::= SEQUENCE OF RDN
*
* RDN ::=
* SET SIZE (1 .. MAX) OF AttributeTypeAndValue
*
* AttributeTypeAndValue ::= SEQUENCE {
* type AttributeType,
* value AttributeValue }
*
* AttributeType ::= OBJECT IDENTIFIER
*
* AttributeValue ::= ANY DEFINED BY AttributeType
* ....
* DirectoryString ::= CHOICE {
* teletexString TeletexString (SIZE (1..MAX)),
* printableString PrintableString (SIZE (1..MAX)),
* universalString UniversalString (SIZE (1..MAX)),
* utf8String UTF8String (SIZE (1.. MAX)),
* bmpString BMPString (SIZE (1..MAX)) }
* </code></pre>
*
* <br />
* <br />
* Note that a deep copy is performed on the <code>Collection</code> to
* protect against subsequent modifications.
*
* @param names
* a <code>Collection</code> of names (or <code>null</code>)
*
* @exception IOException
* if a parsing error occurs
*
* @see #getIssuerNames
*/
public void setIssuerNames(Collection names) throws IOException
{
if (names == null || names.isEmpty())
{
issuerNames = null;
issuerNamesX509 = null;
}
else
{
Object item;
Iterator iter = names.iterator();
while (iter.hasNext())
{
item = iter.next();
if (item instanceof String)
{
addIssuerName((String)item);
}
else if (item instanceof byte[])
{
addIssuerName((byte[])item);
}
else
{
throw new IOException("name not byte[]or String: "
+ item.toString());
}
}
}
}
/**
* Adds a name to the issuerNames criterion. The issuer distinguished name
* in the <code>X509CRL</code> must match at least one of the specified
* distinguished names.<br />
* <br />
* This method allows the caller to add a name to the set of issuer names
* which <code>X509CRLs</code> may contain. The specified name is added to
* any previous value for the issuerNames criterion. If the specified name
* is a duplicate, it may be ignored.<br />
* <br />
* Uses {@link org.spongycastle.asn1.x509.X509Name X509Name} for parsing the
* name
*
* @param name
* the name in RFC 2253 form
*
* @exception IOException
* if a parsing error occurs
*/
public void addIssuerName(String name) throws IOException
{
if (issuerNames == null)
{
issuerNames = new HashSet();
issuerNamesX509 = new HashSet();
}
X509Name nameX509;
try
{
nameX509 = new X509Name(name);
}
catch (IllegalArgumentException ex)
{
throw new IOException(ex.getMessage());
}
issuerNamesX509.add(nameX509);
issuerNames.add(name);
}
/**
* Adds a name to the issuerNames criterion. The issuer distinguished name
* in the <code>X509CRL</code> must match at least one of the specified
* distinguished names.<br />
* <br />
* This method allows the caller to add a name to the set of issuer names
* which <code>X509CRLs</code> may contain. The specified name is added to
* any previous value for the issuerNames criterion. If the specified name
* is a duplicate, it may be ignored. If a name is specified as a byte
* array, it should contain a single DER encoded distinguished name, as
* defined in X.501. The ASN.1 notation for this structure is as follows.<br />
* <br />
* The name is provided as a byte array. This byte array should contain a
* single DER encoded distinguished name, as defined in X.501. The ASN.1
* notation for this structure appears in the documentation for
* {@link #setIssuerNames setIssuerNames(Collection names)}.<br />
* <br />
* Note that the byte array supplied here is cloned to protect against
* subsequent modifications.<br />
* <br />
* Uses {@link org.spongycastle.asn1.x509.X509Name X509Name} for parsing the
* name, {@link org.spongycastle.asn1.ASN1InputStream ASN1InputStream},
* {@link org.spongycastle.asn1.ASN1Object ASN1Object} and
* {@link org.spongycastle.asn1.ASN1Sequence ASN1Sequence}
*
* @param name
* a byte array containing the name in ASN.1 DER encoded form
*
* @exception IOException
* if a parsing error occurs
*/
public void addIssuerName(byte[] name) throws IOException
{
if (issuerNames == null)
{
issuerNames = new HashSet();
issuerNamesX509 = new HashSet();
}
ByteArrayInputStream inStream = new ByteArrayInputStream(name);
ASN1InputStream derInStream = new ASN1InputStream(inStream);
ASN1Object obj = derInStream.readObject();
if (obj instanceof ASN1Sequence)
{
issuerNamesX509.add(new X509Name((ASN1Sequence)obj));
}
else
{
throw new IOException("parsing error");
}
issuerNames.add(name.clone());
}
/**
* Sets the minCRLNumber criterion. The <code>X509CRL</code> must have a
* CRL number extension whose value is greater than or equal to the
* specified value. If <code>null</code>, no minCRLNumber check will be
* done.
*
* @param minCRL
* the minimum CRL number accepted (or <code>null</code>)
*/
public void setMinCRLNumber(BigInteger minCRL)
{
this.minCRL = minCRL;
}
/**
* Sets the maxCRLNumber criterion. The <code>X509CRL</code> must have a
* CRL number extension whose value is less than or equal to the specified
* value. If <code>null</code>, no maxCRLNumber check will be done.
*
* @param maxCRL
* the maximum CRL number accepted (or <code>null</code>)
*/
public void setMaxCRLNumber(BigInteger maxCRL)
{
this.maxCRL = maxCRL;
}
/**
* Sets the dateAndTime criterion. The specified date must be equal to or
* later than the value of the thisUpdate component of the
* <code>X509CRL</code> and earlier than the value of the nextUpdate
* component. There is no match if the <code>X509CRL</code> does not
* contain a nextUpdate component. If <code>null</code>, no dateAndTime
* check will be done.<br />
* <br />
* Note that the <code>Date</code> supplied here is cloned to protect
* against subsequent modifications.
*
* @param dateAndTime
* the <code>Date</code> to match against (or <code>null</code>)
*
* @see #getDateAndTime
*/
public void setDateAndTime(Date dateAndTime)
{
if (dateAndTime == null)
{
this.dateAndTime = null;
}
else
{
this.dateAndTime = new Date(dateAndTime.getTime());
}
}
/**
* Sets the certificate being checked. This is not a criterion. Rather, it
* is optional information that may help a <code>CertStore</code> find
* CRLs that would be relevant when checking revocation for the specified
* certificate. If <code>null</code> is specified, then no such optional
* information is provided.
*
* @param cert
* the <code>X509Certificate</code> being checked (or
* <code>null</code>)
*
* @see #getCertificateChecking
*/
public void setCertificateChecking(X509Certificate cert)
{
certChecking = cert;
}
/**
* Returns a copy of the issuerNames criterion. The issuer distinguished
* name in the <code>X509CRL</code> must match at least one of the
* specified distinguished names. If the value returned is <code>null</code>,
* any issuer distinguished name will do.<br />
* <br />
* If the value returned is not <code>null</code>, it is a
* <code>Collection</code> of names. Each name is a <code>String</code>
* or a byte array representing a distinguished name (in RFC 2253 or ASN.1
* DER encoded form, respectively). Note that the <code>Collection</code>
* returned may contain duplicate names.<br />
* <br />
* If a name is specified as a byte array, it should contain a single DER
* encoded distinguished name, as defined in X.501. The ASN.1 notation for
* this structure is given in the documentation for
* {@link #setIssuerNames setIssuerNames(Collection names)}.<br />
* <br />
* Note that a deep copy is performed on the <code>Collection</code> to
* protect against subsequent modifications.
*
* @return a <code>Collection</code> of names (or <code>null</code>)
* @see #setIssuerNames
*/
public Collection getIssuerNames()
{
if (issuerNames == null)
{
return null;
}
Collection set = new HashSet();
Iterator iter = issuerNames.iterator();
Object item;
while (iter.hasNext())
{
item = iter.next();
if (item instanceof String)
{
set.add(new String((String)item));
}
else if (item instanceof byte[])
{
set.add(((byte[])item).clone());
}
}
return set;
}
/**
* Returns the minCRLNumber criterion. The <code>X509CRL</code> must have
* a CRL number extension whose value is greater than or equal to the
* specified value. If <code>null</code>, no minCRLNumber check will be
* done.
*
* @return the minimum CRL number accepted (or <code>null</code>)
*/
public BigInteger getMinCRL()
{
return minCRL;
}
/**
* Returns the maxCRLNumber criterion. The <code>X509CRL</code> must have
* a CRL number extension whose value is less than or equal to the specified
* value. If <code>null</code>, no maxCRLNumber check will be done.
*
* @return the maximum CRL number accepted (or <code>null</code>)
*/
public BigInteger getMaxCRL()
{
return maxCRL;
}
/**
* Returns the dateAndTime criterion. The specified date must be equal to or
* later than the value of the thisUpdate component of the
* <code>X509CRL</code> and earlier than the value of the nextUpdate
* component. There is no match if the <code>X509CRL</code> does not
* contain a nextUpdate component. If <code>null</code>, no dateAndTime
* check will be done.<br />
* <br />
* Note that the <code>Date</code> returned is cloned to protect against
* subsequent modifications.
*
* @return the <code>Date</code> to match against (or <code>null</code>)
*
* @see #setDateAndTime
*/
public Date getDateAndTime()
{
if (dateAndTime == null)
{
return null;
}
return new Date(dateAndTime.getTime());
}
/**
* Returns the certificate being checked. This is not a criterion. Rather,
* it is optional information that may help a <code>CertStore</code> find
* CRLs that would be relevant when checking revocation for the specified
* certificate. If the value returned is <code>null</code>, then no such
* optional information is provided.
*
* @return the certificate being checked (or <code>null</code>)
*
* @see #setCertificateChecking
*/
public X509Certificate getCertificateChecking()
{
return certChecking;
}
/**
* Returns a printable representation of the <code>X509CRLSelector</code>.<br />
* <br />
* Uses
* {@link org.spongycastle.asn1.x509.X509Name#toString X509Name.toString} to
* format the output
*
* @return a <code>String</code> describing the contents of the
* <code>X509CRLSelector</code>.
*/
public String toString()
{
StringBuffer s = new StringBuffer();
s.append("X509CRLSelector: [\n");
if (issuerNamesX509 != null)
{
s.append(" IssuerNames:\n");
Iterator iter = issuerNamesX509.iterator();
while (iter.hasNext())
{
s.append(" ").append(iter.next()).append('\n');
}
}
if (minCRL != null)
{
s.append(" minCRLNumber: ").append(minCRL).append('\n');
}
if (maxCRL != null)
{
s.append(" maxCRLNumber: ").append(maxCRL).append('\n');
}
if (dateAndTime != null)
{
s.append(" dateAndTime: ").append(dateAndTime).append('\n');
}
if (certChecking != null)
{
s.append(" Certificate being checked: ").append(certChecking).append('\n');
}
s.append(']');
return s.toString();
}
/**
* Decides whether a <code>CRL</code> should be selected.<br />
* <br />
* Uses
* {@link org.spongycastle.asn1.x509.X509Name#toString X509Name.toString} to
* parse and to compare the crl parameter issuer and
* {@link org.spongycastle.asn1.x509.X509Extensions#CRLNumber CRLNumber} to
* access the CRL number extension.
*
* @param crl
* the <code>CRL</code> to be checked
*
* @return <code>true</code> if the <code>CRL</code> should be selected,
* <code>false</code> otherwise
*/
public boolean match(CRL crl)
{
if (!(crl instanceof X509CRL))
{
return false;
}
X509CRL crlX509 = (X509CRL)crl;
boolean test;
if (issuerNamesX509 != null)
{
Iterator iter = issuerNamesX509.iterator();
test = false;
X509Name crlIssuer = null;
try
{
crlIssuer = PrincipalUtil.getIssuerX509Principal(crlX509);
}
catch (Exception ex)
{
return false;
}
while (iter.hasNext())
{
if (crlIssuer.equals(iter.next(), true))
{
test = true;
break;
}
}
if (!test)
{
return false;
}
}
byte[] data = crlX509.getExtensionValue(X509Extensions.CRLNumber
.getId());
if (data != null)
{
try
{
ByteArrayInputStream inStream = new ByteArrayInputStream(data);
ASN1InputStream derInputStream = new ASN1InputStream(inStream);
inStream = new ByteArrayInputStream(
((ASN1OctetString)derInputStream.readObject())
.getOctets());
derInputStream = new ASN1InputStream(inStream);
BigInteger crlNumber = ((ASN1Integer)derInputStream.readObject())
.getPositiveValue();
if (minCRL != null && minCRL.compareTo(crlNumber) > 0)
{
return false;
}
if (maxCRL != null && maxCRL.compareTo(crlNumber) < 0)
{
return false;
}
}
catch (IOException ex)
{
return false;
}
}
else if (minCRL != null || maxCRL != null)
{
return false;
}
if (dateAndTime != null)
{
Date check = crlX509.getThisUpdate();
if (check == null)
{
return false;
}
else if (dateAndTime.before(check))
{
return false;
}
check = crlX509.getNextUpdate();
if (check == null)
{
return false;
}
else if (!dateAndTime.before(check))
{
return false;
}
}
return true;
}
/**
* Returns a copy of this object.
*
* @return the copy
*/
public Object clone()
{
try
{
X509CRLSelector copy = (X509CRLSelector)super.clone();
if (issuerNames != null)
{
copy.issuerNames = new HashSet();
Iterator iter = issuerNames.iterator();
Object obj;
while (iter.hasNext())
{
obj = iter.next();
if (obj instanceof byte[])
{
copy.issuerNames.add(((byte[])obj).clone());
}
else
{
copy.issuerNames.add(obj);
}
}
copy.issuerNamesX509 = new HashSet(issuerNamesX509);
}
return copy;
}
catch (CloneNotSupportedException e)
{
/* Cannot happen */
throw new InternalError(e.toString());
}
}
/**
* Decides whether a <code>CRL</code> should be selected.
*
* @param crl
* the <code>CRL</code> to be checked
*
* @return <code>true</code> if the <code>CRL</code> should be selected,
* <code>false</code> otherwise
*/
public boolean equals(Object obj)
{
if (!(obj instanceof X509CRLSelector))
{
return false;
}
X509CRLSelector equalsCRL = (X509CRLSelector)obj;
if (!equals(dateAndTime, equalsCRL.dateAndTime))
{
return false;
}
if (!equals(minCRL, equalsCRL.minCRL))
{
return false;
}
if (!equals(maxCRL, equalsCRL.maxCRL))
{
return false;
}
if (!equals(issuerNamesX509, equalsCRL.issuerNamesX509))
{
return false;
}
if (!equals(certChecking, equalsCRL.certChecking))
{
return false;
}
return true;
}
/**
* Return <code>true</code> if two Objects are unequal.
* This means that one is <code>null</code> and the other is
* not or <code>obj1.equals(obj2)</code> returns
* <code>false</code>.
**/
private boolean equals(Object obj1, Object obj2)
{
if (obj1 == null)
{
if (obj2 != null)
{
return true;
}
}
else if (!obj1.equals(obj2))
{
return true;
}
return false;
}
}

2462
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509CertSelector.java vendored
View File

File diff suppressed because it is too large Load Diff

33
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509Certificate.java vendored
View File

@ -1,33 +0,0 @@
package java.security.cert;
import java.math.BigInteger;
import java.security.Principal;
import java.util.Date;
public abstract class X509Certificate extends Certificate
implements X509Extension
{
protected X509Certificate()
{
super("X.509");
}
public abstract void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException;
public abstract void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException;
public abstract int getBasicConstraints();
public abstract Principal getIssuerDN();
public abstract boolean[] getIssuerUniqueID();
public abstract boolean[] getKeyUsage();
public abstract Date getNotAfter();
public abstract Date getNotBefore();
public abstract BigInteger getSerialNumber();
public abstract String getSigAlgName();
public abstract String getSigAlgOID();
public abstract byte[] getSigAlgParams();
public abstract byte[] getSignature();
public abstract Principal getSubjectDN();
public abstract boolean[] getSubjectUniqueID();
public abstract byte[] getTBSCertificate() throws CertificateEncodingException;
public abstract int getVersion();
}

12
extern/spongycastle/core/src/main/jdk1.1/java/security/cert/X509Extension.java vendored
View File

@ -1,12 +0,0 @@
package java.security.cert;
import java.util.Set;
public interface X509Extension
{
public abstract Set getCriticalExtensionOIDs();
public abstract byte[] getExtensionValue(String oid);
public abstract Set getNonCriticalExtensionOIDs();
public abstract boolean hasUnsupportedCriticalExtension();
}

67
extern/spongycastle/core/src/main/jdk1.1/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java vendored
View File

@ -1,67 +0,0 @@
package java.security.interfaces;
import java.math.BigInteger;
import java.security.spec.RSAOtherPrimeInfo;
/**
* The interface to an RSA multi-prime private key, as defined in the
* PKCS#1 v2.1, using the Chinese Remainder Theorem (CRT) information values.
*
* @since 1.4
* @see RSAPrivateKeySpec, RSAMultiPrimePrivateCrtKeySpec, RSAPrivateKey,
* RSAPrivateCrtKey
*/
public interface RSAMultiPrimePrivateCrtKey
extends RSAPrivateKey
{
/**
* Returns the public exponent.
*
* @returns the public exponent.
*/
public BigInteger getPublicExponent();
/**
* Returns the primeP.
*
* @returns the primeP.
*/
public BigInteger getPrimeP();
/**
* Returns the primeQ.
*
* @returns the primeQ.
*/
public BigInteger getPrimeQ();
/**
* Returns the primeExponentP.
*
* @returns the primeExponentP.
*/
public BigInteger getPrimeExponentP();
/**
* Returns the primeExponentQ.
*
* @returns the primeExponentQ.
*/
public BigInteger getPrimeExponentQ();
/**
* Returns the crtCoefficient.
*
* @returns the crtCoefficient.
*/
public BigInteger getCrtCoefficient();
/**
* Returns the otherPrimeInfo or null if there are only two prime
* factors (p and q).
*
* @returns the otherPrimeInfo.
*/
public RSAOtherPrimeInfo[] getOtherPrimeInfo();
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/interfaces/RSAPrivateCrtKey.java vendored
View File

@ -1,16 +0,0 @@
package java.security.interfaces;
import java.math.BigInteger;
public interface RSAPrivateCrtKey extends RSAPrivateKey
{
public static final long serialVersionUID = 6034044314589513430L;
public abstract BigInteger getCrtCoefficient();
public abstract BigInteger getPrimeExponentP();
public abstract BigInteger getPrimeExponentQ();
public abstract BigInteger getPrimeP();
public abstract BigInteger getPrimeQ();
public abstract BigInteger getPublicExponent();
}

13
extern/spongycastle/core/src/main/jdk1.1/java/security/interfaces/RSAPrivateKey.java vendored
View File

@ -1,13 +0,0 @@
package java.security.interfaces;
import java.math.BigInteger;
import java.security.PrivateKey;
public interface RSAPrivateKey extends PrivateKey
{
public static final long serialVersionUID = 6034044314589513430L;
public abstract BigInteger getModulus();
public abstract BigInteger getPrivateExponent();
}

13
extern/spongycastle/core/src/main/jdk1.1/java/security/interfaces/RSAPublicKey.java vendored
View File

@ -1,13 +0,0 @@
package java.security.interfaces;
import java.math.BigInteger;
import java.security.PublicKey;
public interface RSAPublicKey extends PublicKey
{
public static final long serialVersionUID = 7187392471159151072L;
public abstract BigInteger getModulus();
public abstract BigInteger getPublicExponent();
}

6
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/AlgorithmParameterSpec.java vendored
View File

@ -1,6 +0,0 @@
package java.security.spec;
public interface AlgorithmParameterSpec
{
}

34
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/DSAParameterSpec.java vendored
View File

@ -1,34 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
import java.security.interfaces.DSAParams;
public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
{
private BigInteger p;
private BigInteger q;
private BigInteger g;
public DSAParameterSpec(BigInteger p, BigInteger q, BigInteger g)
{
this.p = p;
this.q = q;
this.g = g;
}
public BigInteger getG()
{
return g;
}
public BigInteger getP()
{
return p;
}
public BigInteger getQ()
{
return q;
}
}

40
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/DSAPrivateKeySpec.java vendored
View File

@ -1,40 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
public class DSAPrivateKeySpec implements KeySpec
{
private BigInteger x;
private BigInteger p;
private BigInteger q;
private BigInteger g;
public DSAPrivateKeySpec(BigInteger x, BigInteger p, BigInteger q, BigInteger g)
{
this.x = x;
this.p = p;
this.q = q;
this.g = g;
}
public BigInteger getG()
{
return g;
}
public BigInteger getP()
{
return p;
}
public BigInteger getQ()
{
return q;
}
public BigInteger getX()
{
return x;
}
}

40
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/DSAPublicKeySpec.java vendored
View File

@ -1,40 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
public class DSAPublicKeySpec implements KeySpec
{
private BigInteger y;
private BigInteger p;
private BigInteger q;
private BigInteger g;
public DSAPublicKeySpec(BigInteger y, BigInteger p, BigInteger q, BigInteger g)
{
this.y = y;
this.p = p;
this.q = q;
this.g = g;
}
public BigInteger getG()
{
return g;
}
public BigInteger getP()
{
return p;
}
public BigInteger getQ()
{
return q;
}
public BigInteger getY()
{
return y;
}
}

19
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/EncodedKeySpec.java vendored
View File

@ -1,19 +0,0 @@
package java.security.spec;
public abstract class EncodedKeySpec implements KeySpec
{
private byte[] encodedKey;
public EncodedKeySpec(byte[] encodedKey)
{
this.encodedKey = (byte[])encodedKey.clone();
}
public byte[] getEncoded()
{
return (byte[])encodedKey.clone();
}
public abstract String getFormat();
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/InvalidKeySpecException.java vendored
View File

@ -1,16 +0,0 @@
package java.security.spec;
import java.security.GeneralSecurityException;
public class InvalidKeySpecException extends GeneralSecurityException
{
public InvalidKeySpecException()
{
}
public InvalidKeySpecException(String msg)
{
super(msg);
}
}

16
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/InvalidParameterSpecException.java vendored
View File

@ -1,16 +0,0 @@
package java.security.spec;
import java.security.GeneralSecurityException;
public class InvalidParameterSpecException extends GeneralSecurityException
{
public InvalidParameterSpecException()
{
}
public InvalidParameterSpecException(String msg)
{
super(msg);
}
}

6
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/KeySpec.java vendored
View File

@ -1,6 +0,0 @@
package java.security.spec;
public interface KeySpec
{
}

20
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/PKCS8EncodedKeySpec.java vendored
View File

@ -1,20 +0,0 @@
package java.security.spec;
public class PKCS8EncodedKeySpec extends EncodedKeySpec
{
public PKCS8EncodedKeySpec(byte[] encodedKey)
{
super(encodedKey);
}
public byte[] getEncoded()
{
return super.getEncoded();
}
public final String getFormat()
{
return "PKCS#8";
}
}

45
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/PSSParameterSpec.java vendored
View File

@ -1,45 +0,0 @@
package java.security.spec;
/**
* This class specifies a parameter spec for RSA PSS encoding scheme,
* as defined in the PKCS#1 v2.1.
*
* @since 1.4
* @see AlgorithmParameterSpec, Signature
*/
public class PSSParameterSpec
extends Object
implements AlgorithmParameterSpec
{
private int saltLen;
/**
* Creates a new PSSParameterSpec given the salt length as defined
* in PKCS#1.
*
* @param saltLen - the length of salt in bits to be used in PKCS#1
* PSS encoding.
* @throws IllegalArgumentException - if saltLen is less than 0.
*/
public PSSParameterSpec(int saltLen)
{
if ( saltLen < 0 )
{
throw new IllegalArgumentException("Salt length must be >= 0");
}
this.saltLen = saltLen;
}
/**
* Returns the salt length in bits.
*
* @returns the salt length.
*/
public int getSaltLength()
{
return saltLen;
}
}

35
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAKeyGenParameterSpec.java vendored
View File

@ -1,35 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
/**
* specifies parameters to be used for the generation of
* a RSA key pair.
*/
public class RSAKeyGenParameterSpec
implements AlgorithmParameterSpec
{
static BigInteger F0 = BigInteger.valueOf(3);
static BigInteger F4 = BigInteger.valueOf(65537);
private int keysize;
private BigInteger publicExponent;
public RSAKeyGenParameterSpec(
int keysize,
BigInteger publicExponent)
{
this.keysize = keysize;
this.publicExponent = publicExponent;
}
public int getKeysize()
{
return keysize;
}
public BigInteger getPublicExponent()
{
return publicExponent;
}
}

159
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java vendored
View File

@ -1,159 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
/**
* This class specifies an RSA multi-prime private key, as defined in
* the PKCS#1 v2.1, using the Chinese Remainder Theorem (CRT) information
* values for efficiency.
*
* @since 1.4
* @see Key, KeyFactory, KeySpec, PKCS8EncodedKeySpec, RSAPrivateKeySpec,
* RSAPublicKeySpec, RSAOtherPrimeInfo
*/
public class RSAMultiPrimePrivateCrtKeySpec
extends RSAPrivateKeySpec
{
private BigInteger publicExponent;
private BigInteger privateExponent;
private BigInteger primeP;
private BigInteger primeQ;
private BigInteger primeExponentP;
private BigInteger primeExponentQ;
private BigInteger crtCoefficient;
private RSAOtherPrimeInfo[] otherPrimeInfo;
/**
* Creates a new RSAMultiPrimePrivateCrtKeySpec given the modulus,
* publicExponent, privateExponent, primeP, primeQ, primeExponentP,
* primeExponentQ, crtCoefficient, and otherPrimeInfo as defined in
* PKCS#1 v2.1.
*
* Note that otherPrimeInfo is cloned when constructing this object.
*
* @param modulus - the modulus n.
* @param publicExponent - the public exponent e.
* @param privateExponent - the private exponent d.
* @param primeP - the prime factor p of n.
* @param primeQ - the prime factor q of n.
* @param primeExponentP - this is d mod (p-1).
* @param primeExponentQ - this is d mod (q-1).
* @param crtCoefficient - the Chinese Remainder Theorem coefficient q-1
* mod p.
* @param otherPrimeInfo - triplets of the rest of primes, null can be
* specified if there are only two prime factors (p and q).
* @throws NullPointerException - if any of the parameters, i.e. modulus,
* publicExponent, privateExponent, primeP, primeQ, primeExponentP,
* primeExponentQ, crtCoefficient, is null.
* @throws IllegalArgumentException - if an empty, i.e. 0-length,
* otherPrimeInfo is specified.
*/
public RSAMultiPrimePrivateCrtKeySpec(
BigInteger modulus,
BigInteger publicExponent,
BigInteger privateExponent,
BigInteger primeP,
BigInteger primeQ,
BigInteger primeExponentP,
BigInteger primeExponentQ,
BigInteger crtCoefficient,
RSAOtherPrimeInfo[] otherPrimeInfo)
{
super(modulus, privateExponent);
if ( publicExponent == null || primeP == null || primeQ == null
|| primeExponentP == null || primeExponentQ == null
|| crtCoefficient == null )
{
throw new NullPointerException("Invalid null argument");
}
if ( otherPrimeInfo != null )
{
if ( otherPrimeInfo.length == 0 )
{
throw new IllegalArgumentException("Invalid length for otherPrimeInfo");
}
this.otherPrimeInfo = (RSAOtherPrimeInfo[])otherPrimeInfo.clone();
}
}
/**
* Returns the public exponent.
*
* @returns the public exponent.
*/
public BigInteger getPublicExponent()
{
return publicExponent;
}
/**
* Returns the primeP.
*
* @returns the primeP.
*/
public BigInteger getPrimeP()
{
return primeP;
}
/**
* Returns the primeQ.
*
* @returns the primeQ.
*/
public BigInteger getPrimeQ()
{
return primeQ;
}
/**
* Returns the primeExponentP.
*
* @returns the primeExponentP.
*/
public BigInteger getPrimeExponentP()
{
return primeExponentP;
}
/**
* Returns the primeExponentQ.
*
* @returns the primeExponentQ.
*/
public BigInteger getPrimeExponentQ()
{
return primeExponentQ;
}
/**
* Returns the crtCofficient.
*
* @returns the crtCofficient.
*/
public BigInteger getCrtCoefficient()
{
return crtCoefficient;
}
/**
* Returns a copy of the otherPrimeInfo or null if there are only
* two prime factors (p and q).
*
* @returns the otherPrimeInfo.
*/
public RSAOtherPrimeInfo[] getOtherPrimeInfo()
{
if ( otherPrimeInfo != null )
{
return (RSAOtherPrimeInfo[])otherPrimeInfo.clone();
}
return null;
}
}

80
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAOtherPrimeInfo.java vendored
View File

@ -1,80 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
/**
* This class represents the triplet (prime, exponent, and coefficient)
* inside RSA's OtherPrimeInfo structure, as defined in the PKCS#1 v2.1.
* The ASN.1 syntax of RSA's OtherPrimeInfo is as follows:
*
* <pre>
* OtherPrimeInfo ::= SEQUENCE {
* prime INTEGER,
* exponent INTEGER,
* coefficient INTEGER
* }
* </pre>
*/
public class RSAOtherPrimeInfo
extends Object
{
private BigInteger prime;
private BigInteger primeExponent;
private BigInteger crtCoefficient;
/**
* Creates a new RSAOtherPrimeInfo given the prime, primeExponent,
* and crtCoefficient as defined in PKCS#1.
*
* @param prime - the prime factor of n.
* @param primeExponent - the exponent.
* @param crtCoefficient - the Chinese Remainder Theorem coefficient.
* @throws NullPointerException - if any of the parameters, i.e. prime,
* primeExponent, crtCoefficient, is null.
*/
public RSAOtherPrimeInfo(
BigInteger prime,
BigInteger primeExponent,
BigInteger crtCoefficient)
{
if ( prime == null || primeExponent == null || crtCoefficient == null )
{
throw new NullPointerException("Null parameter");
}
this.prime = prime;
this.primeExponent = primeExponent;
this.crtCoefficient = crtCoefficient;
}
/**
* Returns the prime.
*
* @returns the prime.
*/
public final BigInteger getPrime()
{
return prime;
}
/**
* Returns the prime's exponent.
*
* @returns the primeExponent.
*/
public final BigInteger getExponent()
{
return primeExponent;
}
/**
* Returns the prime's crtCoefficient.
*
* @returns the crtCoefficient.
*/
public final BigInteger getCrtCoefficient()
{
return crtCoefficient;
}
}

64
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAPrivateCrtKeySpec.java vendored
View File

@ -1,64 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
public class RSAPrivateCrtKeySpec extends RSAPrivateKeySpec
{
private BigInteger publicExponent;
private BigInteger primeP;
private BigInteger primeQ;
private BigInteger primeExponentP;
private BigInteger primeExponentQ;
private BigInteger crtCoefficient;
public RSAPrivateCrtKeySpec(
BigInteger modulus,
BigInteger publicExponent,
BigInteger privateExponent,
BigInteger primeP,
BigInteger primeQ,
BigInteger primeExponentP,
BigInteger primeExponentQ,
BigInteger crtCoefficient)
{
super(modulus, privateExponent);
this.publicExponent = publicExponent;
this.primeP = primeP;
this.primeQ = primeQ;
this.primeExponentP = primeExponentP;
this.primeExponentQ = primeExponentQ;
this.crtCoefficient = crtCoefficient;
}
public BigInteger getCrtCoefficient()
{
return crtCoefficient;
}
public BigInteger getPrimeExponentP()
{
return primeExponentP;
}
public BigInteger getPrimeExponentQ()
{
return primeExponentQ;
}
public BigInteger getPrimeP()
{
return primeP;
}
public BigInteger getPrimeQ()
{
return primeQ;
}
public BigInteger getPublicExponent()
{
return publicExponent;
}
}

28
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAPrivateKeySpec.java vendored
View File

@ -1,28 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
public class RSAPrivateKeySpec extends Object implements KeySpec
{
private BigInteger modulus;
private BigInteger privateExponent;
public RSAPrivateKeySpec(
BigInteger modulus,
BigInteger privateExponent)
{
this.modulus = modulus;
this.privateExponent = privateExponent;
}
public BigInteger getModulus()
{
return modulus;
}
public BigInteger getPrivateExponent()
{
return privateExponent;
}
}

28
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/RSAPublicKeySpec.java vendored
View File

@ -1,28 +0,0 @@
package java.security.spec;
import java.math.BigInteger;
public class RSAPublicKeySpec extends Object implements KeySpec
{
private BigInteger modulus;
private BigInteger publicExponent;
public RSAPublicKeySpec(
BigInteger modulus,
BigInteger publicExponent)
{
this.modulus = modulus;
this.publicExponent = publicExponent;
}
public BigInteger getModulus()
{
return modulus;
}
public BigInteger getPublicExponent()
{
return publicExponent;
}
}

20
extern/spongycastle/core/src/main/jdk1.1/java/security/spec/X509EncodedKeySpec.java vendored
View File

@ -1,20 +0,0 @@
package java.security.spec;
public class X509EncodedKeySpec extends EncodedKeySpec
{
public X509EncodedKeySpec(byte[] encodedKey)
{
super(encodedKey);
}
public byte[] getEncoded()
{
return super.getEncoded();
}
public final String getFormat()
{
return "X.509";
}
}

242
extern/spongycastle/core/src/main/jdk1.1/java/util/AbstractCollection.java vendored
View File

@ -1,242 +0,0 @@
package java.util;
import java.lang.reflect.Array;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public abstract class AbstractCollection implements Collection
{
protected AbstractCollection()
{
}
public abstract Iterator iterator();
public abstract int size();
public boolean isEmpty()
{
return size()==0;
}
public boolean contains(Object o)
{
Iterator it=iterator();
while(it.hasNext())
{
Object e=it.next();
if(o==null)
{
if(e==null)
return true;
}
else
{
if(o.equals(e))
return true;
}
}
return false;
}
public Object[] toArray()
{
Object[] arObjects=new Object[size()];
Iterator it=iterator();
int i=0;
while(it.hasNext())
{
arObjects[i++]=it.next();
}
return arObjects;
}
public Object[] toArray(Object[] a) throws NullPointerException,ArrayStoreException
//TODO: Check if this is realy compatible to SUN!!!
{
if(a==null)
throw new NullPointerException();
if (isEmpty()) return a;
Object[] arObjects=null;
int size=size();
if(a.length<size)
{
Iterator it=iterator();
Object o=it.next();
if(o==null) //no object or object is null
throw new ArrayStoreException(); //correct ?
arObjects=(Object[])Array.newInstance(o.getClass(),size);
}
else
{
arObjects=a;
if(a.length>size)
arObjects[size]=null;
}
Iterator it=iterator();
int i=0;
while(it.hasNext())
{
Object o=it.next();
arObjects[i++]=o;
}
return arObjects;
}
public boolean add(Object o) throws UnsupportedOperationException,NullPointerException,ClassCastException,IllegalArgumentException
{
throw new UnsupportedOperationException();
}
public boolean remove(Object o) throws UnsupportedOperationException
{
Iterator it=iterator();
while(it.hasNext())
{
Object e=it.next();
if(o==null)
{
if(e==null)
{
try
{
it.remove();
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
return true;
}
}
else
{
if(o.equals(e))
{
try
{
it.remove();
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
return true;
}
}
}
return false;
}
public boolean containsAll(Collection c)
{
Iterator it=c.iterator();
while(it.hasNext())
{
if(!contains(it.next()))
return false;
}
return true;
}
public boolean addAll(Collection c) throws UnsupportedOperationException
{
Iterator it=c.iterator();
boolean ret=false;
while(it.hasNext())
{
try
{
ret|=add(it.next());
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
return ret;
}
public boolean removeAll(Collection c) throws UnsupportedOperationException
{
Iterator it=iterator();
boolean ret=false;
while(it.hasNext())
{
if(c.contains(it.next()))
try
{
it.remove();
ret=true;
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
return ret;
}
public boolean retainAll(Collection c) throws UnsupportedOperationException
{
Iterator it=iterator();
boolean ret=false;
while(it.hasNext())
{
if(!c.contains(it.next()))
try
{
it.remove();
ret=true;
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
return ret;
}
public void clear() throws UnsupportedOperationException
{
Iterator it=iterator();
while(it.hasNext())
{
try
{
it.next();
it.remove();
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
}
public String toString()
{
String ret="[";
Iterator it=iterator();
if(it.hasNext())
ret+=String.valueOf(it.next());
while(it.hasNext())
{
ret+=", ";
ret+=String.valueOf(it.next());
}
ret+="]";
return ret;
}
}

281
extern/spongycastle/core/src/main/jdk1.1/java/util/AbstractList.java vendored
View File

@ -1,281 +0,0 @@
package java.util;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public abstract class AbstractList extends AbstractCollection implements List
{
protected AbstractList al = this;
protected AbstractList()
{
}
public boolean add(Object o) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException
{
try
{
add(size(),o);
return true;
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
public abstract Object get(int index) throws IndexOutOfBoundsException;
public Object set(int index,Object element) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException, IndexOutOfBoundsException
{
throw new UnsupportedOperationException();
}
public void add(int index,Object element) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException, IndexOutOfBoundsException
{
throw new UnsupportedOperationException();
}
public Object remove(int index) throws UnsupportedOperationException, IndexOutOfBoundsException
{
Object o = get(index);
removeRange(index,index+1);
return o;
}
public int indexOf(Object o)
{
ListIterator li = listIterator();
Object e;
while(li.hasNext())
{
int index=li.nextIndex();
e=li.next();
System.out.println(e);
if(o==null)
{
if(e==null)
return index;
}
else
{
if(o.equals(e))
return index;
}
}
return -1;
}
public int lastIndexOf(Object o)
{
ListIterator li=listIterator(size());
while(li.hasPrevious())
{
int index=li.previousIndex();
Object e=li.previous();
if(o==null)
{
if(e==null)
return index;
}
else
{
if(o.equals(e))
return index;
}
}
return -1;
}
public void clear() throws UnsupportedOperationException
{
try
{
removeRange(0,size());
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
public boolean addAll(int index,Collection c) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException, IndexOutOfBoundsException
{
Iterator it=c.iterator();
boolean ret=false;
while(it.hasNext())
{
try
{
add(index++,it.next());
ret=true;
}
catch(UnsupportedOperationException ue)
{
throw ue;
}
}
return ret;
}
public Iterator iterator()
{
return new AbstractListIterator(this,0);
}
public ListIterator listIterator()
{
return listIterator(0);
}
public ListIterator listIterator(int index) throws IndexOutOfBoundsException
{
if(index<0||index>size()) throw new IndexOutOfBoundsException();
return new AbstractListListIterator(this,index);
}
public List subList(int fromIndex,int toIndex) throws IndexOutOfBoundsException,IllegalArgumentException
{
if(fromIndex < 0 || toIndex > size())
throw new IndexOutOfBoundsException();
if(fromIndex>toIndex)
throw new IllegalArgumentException();
return (List) new Sublist(this,fromIndex,toIndex);
}
public boolean equals(Object o)
{
if(o==this)
return true;
if(!(o instanceof List))
return false;
Iterator it1=iterator();
Iterator it2=((List)o).iterator();
while(it1.hasNext())
{
if(!it2.hasNext())
return false;
Object e1=it1.next();
Object e2=it2.next();
if(e1==null)
{
if(e2!=null)
return false;
}
if(!e1.equals(e2))
return false;
}
return true;
}
public int hashCode()
{
int hashCode = 1;
Iterator it = iterator();
while (it.hasNext())
{
Object o = it.next();
hashCode = 31*hashCode + (o==null ? 0 : o.hashCode());
}
return hashCode;
}
protected void removeRange(int fromIndex,int toIndex)
{
System.out.println("breakpoint 1");
if(fromIndex==toIndex) return;
System.out.println("breakpoint 2");
ListIterator li=listIterator(fromIndex);
System.out.println("breakpoint 3");
int i=fromIndex;
do
{
li.next();
li.remove();
i++;
}while(li.hasNext()&&i<toIndex);
}
////////////////////////////////////////////////////////////
/////////////innere Klasse AbstractIterator/////////////////
////////////////////////////////////////////////////////////
private class AbstractListIterator implements Iterator
{
AbstractList m_al=null;
int m_nextIndex=0;
public AbstractListIterator(AbstractList al,int index)
{
m_al=al;
m_nextIndex=index;
}
public boolean hasNext()
{
return m_nextIndex < m_al.size();
}
public Object next()
{
return m_al.get(m_nextIndex++);
}
public void remove()
{
m_al.remove(m_nextIndex - 1);
}
}
///////////////////////////////////////////////////////////////////////////////
//////////// innere Klasse AbstraktListListIterator
///////////////////////////////////////////////////////////////////////////////
private class AbstractListListIterator extends AbstractListIterator implements ListIterator
{
public AbstractListListIterator(AbstractList al,int index)
{
super(al,index);
}
public boolean hasPrevious()
{
return m_nextIndex>0;
}
public Object previous()// throws NoSuchElementException;
{
return m_al.get(--m_nextIndex);
}
public int nextIndex()
{
return m_nextIndex;
}
public int previousIndex()
{
return m_nextIndex-1;
}
public void set(Object o) //throws UnsupportedOperationException, ClassCastException, IllegalArgumentException,IllegalStateException;
{
m_al.set(m_nextIndex-1,o);
}
public void add(Object o)// throws UnsupportedOperationException, ClassCastException, IllegalArgumentException;
{
m_al.add(m_nextIndex-1,o);
}
}
}

164
extern/spongycastle/core/src/main/jdk1.1/java/util/AbstractMap.java vendored
View File

@ -1,164 +0,0 @@
package java.util;
/*************
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public abstract class AbstractMap implements Map{
protected AbstractMap()
{
}
public int size()
{
return entrySet().size();
}
public boolean isEmpty()
{
return size()==0;
}
public boolean containsValue(Object value)
{
Iterator it=entrySet().iterator();
while(it.hasNext())
{
Map.Entry v=(Map.Entry)it.next();
if(value==null)
{
if(v.getValue()==null)
return true;
}
else
{
if(value.equals(v.getValue()))
return true;
}
}
return false;
}
public boolean containsKey(Object key) throws ClassCastException,NullPointerException
{
Iterator it=entrySet().iterator();
while(it.hasNext())
{
Map.Entry v=(Map.Entry)it.next();
if(key==null)
{
if(v.getKey()==null)
return true;
}
else
{
if(key.equals(v.getKey()))
return true;
}
}
return false;
}
public Object get(Object key)throws ClassCastException,NullPointerException
{
Iterator it=entrySet().iterator();
while(it.hasNext())
{
Map.Entry v=(Map.Entry)it.next();
if(key==null)
{
if(v.getKey()==null)
return v.getValue();
}
else
{
if(key.equals(v.getKey()))
return v.getValue();
}
}
return null;
}
public Object put(Object key,Object value) throws UnsupportedOperationException
{
throw new UnsupportedOperationException();
}
public Object remove(Object key)
{
Iterator it=entrySet().iterator();
Object o=null;
while(it.hasNext())
{
Map.Entry v=(Map.Entry)it.next();
if(key==null)
{
if(v.getKey()==null)
{
o=v.getValue();
it.remove();
return o;
}
}
else
{
if(key.equals(v.getKey()))
{
o=v.getValue();
it.remove();
return o;
}
}
}
return null;
}
public void putAll(Map t)
{
Iterator it=t.entrySet().iterator();
while(it.hasNext())
{
Map.Entry v=(Map.Entry)it.next();
put(v.getKey(),v.getValue());
}
}
public void clear()
{
entrySet().clear();
}
public Set keySet()
{
throw new UnsupportedOperationException("no keySet in AbstractMap()");
}
public Collection values()
{
throw new UnsupportedOperationException("no values in AbstractMap()");
}
public abstract Set entrySet();
public boolean equals(Object o)
{
throw new UnsupportedOperationException("no equals in AbstractMap()");
}
public int hashCode()
{
throw new UnsupportedOperationException("no hashCode in AbstractMap()");
}
public String toString()
{
throw new UnsupportedOperationException("no toString in AbstractMap()");
}
}

42
extern/spongycastle/core/src/main/jdk1.1/java/util/AbstractSet.java vendored
View File

@ -1,42 +0,0 @@
package java.util;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public abstract class AbstractSet extends AbstractCollection implements Set
{
protected AbstractSet()
{
}
public boolean equals(Object o)
{
if(this==o)
return true;
if(o==null)
return false;
if(!(o instanceof Set))
return false;
if(((Set)o).size()!=size())
return false;
return containsAll((Collection)o);
}
public int hashCode()
{
int hashCode=0;
Iterator it=iterator();
while(it.hasNext())
{
Object o=it.next();
if(o!=null)
hashCode+=o.hashCode();
}
return hashCode;
}
}

107
extern/spongycastle/core/src/main/jdk1.1/java/util/ArrayList.java vendored
View File

@ -1,107 +0,0 @@
package java.util;
public class ArrayList extends AbstractList
implements List
{
Vector m_Vector=null;
public ArrayList()
{
m_Vector=new Vector();
}
public ArrayList(Collection c)
{
m_Vector=new Vector((int)(c.size()*1.1));
addAll(c);
}
public ArrayList(int initialCapacity)
{
m_Vector=new Vector(initialCapacity);
}
public void trimToSize()
{
m_Vector.trimToSize();
}
public void ensureCapacity(int minCapacity)
{
m_Vector.ensureCapacity(minCapacity);
}
public int size()
{
return m_Vector.size();
}
public boolean contains(Object elem)
{
return m_Vector.contains(elem);
}
public int indexOf(Object elem)
{
return m_Vector.indexOf(elem);
}
public int lastIndexOf(Object elem)
{
return m_Vector.lastIndexOf(elem);
}
public Object clone()
{
ArrayList al=new ArrayList();
al.m_Vector=(Vector)m_Vector.clone();
return al;
}
public Object[] toArray()
{
Object[] o=new Object[m_Vector.size()];
m_Vector.copyInto(o);
return o;
}
public Object get(int index)
{
return m_Vector.elementAt(index);
}
public Object set(int index,Object elem)
{
Object o=m_Vector.elementAt(index);
m_Vector.setElementAt(elem,index);
return o;
}
public boolean add(Object o)
{
m_Vector.addElement(o);
return true;
}
public void add(int index,Object elem)
{
m_Vector.insertElementAt(elem,index);
}
public Object remove(int index)
{
Object o=m_Vector.elementAt(index);
m_Vector.removeElementAt(index);
return o;
}
public void clear()
{
m_Vector.removeAllElements();
}
}

90
extern/spongycastle/core/src/main/jdk1.1/java/util/Arrays.java vendored
View File

@ -1,90 +0,0 @@
package java.util;
public class Arrays
{
private Arrays() {}
public static void fill(byte[] ret, byte v)
{
for (int i = 0; i != ret.length; i++)
{
ret[i] = v;
}
}
public static boolean equals(byte[] a, byte[] a2) {
if (a==a2)
return true;
if (a==null || a2==null)
return false;
int length = a.length;
if (a2.length != length)
return false;
for (int i=0; i<length; i++)
if (a[i] != a2[i])
return false;
return true;
}
public static List asList(Object[] a) {
return new ArrayList(a);
}
private static class ArrayList extends AbstractList implements java.io.Serializable
{
private Object[] a;
ArrayList(Object[] array)
{
a = array;
}
public int size()
{
return a.length;
}
public Object[] toArray()
{
return (Object[]) a.clone();
}
public Object get(int index)
{
return a[index];
}
public Object set(int index, Object element)
{
Object oldValue = a[index];
a[index] = element;
return oldValue;
}
public int indexOf(Object o)
{
if (o==null)
{
for (int i=0; i<a.length; i++)
if (a[i]==null)
return i;
}
else
{
for (int i=0; i<a.length; i++)
if (o.equals(a[i]))
return i;
}
return -1;
}
public boolean contains(Object o)
{
return indexOf(o) != -1;
}
}
}

21
extern/spongycastle/core/src/main/jdk1.1/java/util/Collection.java vendored
View File

@ -1,21 +0,0 @@
package java.util;
public interface Collection
{
public boolean add(Object o) throws UnsupportedOperationException,ClassCastException,IllegalArgumentException;
public boolean addAll(Collection c) throws UnsupportedOperationException,ClassCastException,IllegalArgumentException;
public void clear() throws UnsupportedOperationException;
public boolean contains(Object o);
public boolean containsAll(Collection c);
public boolean equals(Object o);
public int hashCode();
public boolean isEmpty();
public Iterator iterator();
public /*SK13*/boolean remove(Object o) throws UnsupportedOperationException;
public boolean removeAll(Collection c) throws UnsupportedOperationException;
public boolean retainAll(Collection c) throws UnsupportedOperationException;
public int size();
public Object[] toArray();
public Object[] toArray(Object[] a) throws ArrayStoreException;
}

377
extern/spongycastle/core/src/main/jdk1.1/java/util/Collections.java vendored
View File

@ -1,377 +0,0 @@
package java.util;
import java.io.Serializable;
public class Collections
{
public static final List EMPTY_LIST = unmodifiableList(new ArrayList());
public static final Set EMPTY_SET = unmodifiableSet(new HashSet());
private Collections()
{
}
public static Collection unmodifiableCollection(Collection c)
{
return new UnmodifiableCollection(c);
}
static class UnmodifiableCollection
implements Collection, Serializable
{
Collection c;
UnmodifiableCollection(Collection c)
{
this.c = c;
}
public int size()
{
return c.size();
}
public boolean isEmpty()
{
return c.isEmpty();
}
public boolean contains(Object o)
{
return c.contains(o);
}
public Object[] toArray()
{
return c.toArray();
}
public Object[] toArray(Object[] a)
{
return c.toArray(a);
}
public Iterator iterator()
{
return new Iterator()
{
Iterator i = c.iterator();
public boolean hasNext()
{
return i.hasNext();
}
public Object next()
{
return i.next();
}
public void remove()
{
throw new UnsupportedOperationException();
}
};
}
public boolean add(Object o)
{
throw new UnsupportedOperationException();
}
public boolean remove(Object o)
{
throw new UnsupportedOperationException();
}
public boolean containsAll(Collection coll)
{
return c.containsAll(coll);
}
public boolean addAll(Collection coll)
{
throw new UnsupportedOperationException();
}
public boolean removeAll(Collection coll)
{
throw new UnsupportedOperationException();
}
public boolean retainAll(Collection coll)
{
throw new UnsupportedOperationException();
}
public void clear()
{
throw new UnsupportedOperationException();
}
public String toString()
{
return c.toString();
}
}
public static Set unmodifiableSet(Set s)
{
return new UnmodifiableSet(s);
}
static class UnmodifiableSet
extends UnmodifiableCollection
implements Set, Serializable
{
UnmodifiableSet(Set s)
{
super(s);
}
public boolean equals(Object o)
{
return c.equals(o);
}
public int hashCode()
{
return c.hashCode();
}
}
public static List unmodifiableList(List list)
{
return new UnmodifiableList(list);
}
static class UnmodifiableList
extends UnmodifiableCollection
implements List
{
private List list;
UnmodifiableList(List list)
{
super(list);
this.list = list;
}
public boolean equals(Object o)
{
return list.equals(o);
}
public int hashCode()
{
return list.hashCode();
}
public Object get(int index)
{
return list.get(index);
}
public Object set(int index, Object element)
{
throw new UnsupportedOperationException();
}
public void add(int index, Object element)
{
throw new UnsupportedOperationException();
}
public Object remove(int index)
{
throw new UnsupportedOperationException();
}
public int indexOf(Object o)
{
return list.indexOf(o);
}
public int lastIndexOf(Object o)
{
return list.lastIndexOf(o);
}
public boolean addAll(int index, Collection c)
{
throw new UnsupportedOperationException();
}
public ListIterator listIterator()
{
return listIterator(0);
}
public ListIterator listIterator(final int index)
{
return new ListIterator()
{
ListIterator i = list.listIterator(index);
public boolean hasNext()
{
return i.hasNext();
}
public Object next()
{
return i.next();
}
public boolean hasPrevious()
{
return i.hasPrevious();
}
public Object previous()
{
return i.previous();
}
public int nextIndex()
{
return i.nextIndex();
}
public int previousIndex()
{
return i.previousIndex();
}
public void remove()
{
throw new UnsupportedOperationException();
}
public void set(Object o)
{
throw new UnsupportedOperationException();
}
public void add(Object o)
{
throw new UnsupportedOperationException();
}
};
}
public List subList(int fromIndex, int toIndex)
{
return new UnmodifiableList(list.subList(fromIndex, toIndex));
}
}
public static Enumeration enumeration(final Collection c)
{
return new Enumeration()
{
Iterator i = c.iterator();
public boolean hasMoreElements()
{
return i.hasNext();
}
public Object nextElement()
{
return i.next();
}
};
}
public static Map unmodifiableMap(Map s)
{
return new UnmodifiableMap(s);
}
static class UnmodifiableMap
implements Map
{
private Map c;
UnmodifiableMap(Map map)
{
this.c = map;
}
public int size()
{
return c.size();
}
public boolean isEmpty()
{
return c.isEmpty();
}
public boolean containsKey(Object o)
{
return c.containsKey(o);
}
public boolean containsValue(Object o)
{
return c.containsValue(o);
}
public Object get(Object o)
{
return c.get(o);
}
public Object put(Object o, Object o2)
{
throw new UnsupportedOperationException();
}
public Object remove(Object o)
{
throw new UnsupportedOperationException();
}
public void putAll(Map map)
{
throw new UnsupportedOperationException();
}
public void clear()
{
throw new UnsupportedOperationException();
}
public Set keySet()
{
return Collections.unmodifiableSet(c.keySet());
}
public Collection values()
{
return new UnmodifiableCollection(c.values());
}
public Set entrySet()
{
return Collections.unmodifiableSet(c.entrySet());
}
public boolean equals(Object o)
{
return c.equals(o);
}
public int hashCode()
{
return c.hashCode();
}
public String toString()
{
return c.toString();
}
}
}

285
extern/spongycastle/core/src/main/jdk1.1/java/util/HashMap.java vendored
View File

@ -1,285 +0,0 @@
package java.util;
public class HashMap extends AbstractMap{
//////////////////////////////////////////////////////////////
///// innere Klasse Null ////////////////////////////////////
//////////////////////////////////////////////////////////////
public class Null extends Object
{
public Null()
{
}
public String toString()
{
return "Nullobject";
}
}
//////////////////////////////////////////////////////////////
///// innere Klasse innerSet ////////////////////////////////////
//////////////////////////////////////////////////////////////
class ISet extends AbstractSet implements java.util.Set
{
Vector vec = null;
public ISet()
{
vec = new Vector();
}
public boolean add(Object o)
{
vec.addElement(o);
return true;
}
public int size()
{
return vec.size();
}
public Iterator iterator()
{
return new IIterator(vec);
}
}
//////////////////////////////////////////////////////////////
///// innere Klasse Iterator ////////////////////////////////////
//////////////////////////////////////////////////////////////
class IIterator implements java.util.Iterator
{
int index = 0;
Vector vec = null;
public IIterator(Vector ve)
{
vec = ve;
}
public boolean hasNext()
{
if (vec.size() > index) return true;
return false;
}
public Object next()
{
Object o = vec.elementAt(index);
if (o==Nullobject) o=null;
index++;
return o;
}
public void remove()
{
index--;
vec.removeElementAt(index);
}
}
//////////////////////////////////////////////////////////////
///// innere Klasse Entry ////////////////////////////////////
//////////////////////////////////////////////////////////////
class Entry implements Map.Entry
{
public Object key=null;
public Object value=null;
public Entry(Object ke,Object valu)
{
key = ke;
value = valu;
}
public boolean equals(Object o)
{
if (value == ((Entry)o).value && key == ((Entry)o).key ) return true;
else return false;
}
public Object getValue()
{
return value;
}
public Object getKey()
{
return (Object)key;
}
public int hashCode()
{
return value.hashCode() + key.hashCode();
}
public Object setValue(Object valu)
{
value = (String)valu;
return this;
}
}
////////////////////////////////////////////////////////////////////
private Hashtable m_HashTable=null;
private Null Nullobject = null;
public HashMap()
{
Nullobject = new Null();
m_HashTable=new Hashtable();
}
public HashMap(int initialCapacity)
{
Nullobject = new Null();
m_HashTable=new Hashtable(initialCapacity);
}
public HashMap(int initialCapacity, float loadFactor)
{
Nullobject = new Null();
m_HashTable=new Hashtable(initialCapacity, loadFactor);
}
public HashMap(Map t)
{
Nullobject = new Null();
m_HashTable=new Hashtable();
this.putAll(t);
}
public void clear()
{
m_HashTable.clear();
}
public Object clone()
{
HashMap hm=new HashMap();
hm.m_HashTable=(Hashtable)m_HashTable.clone();
return hm;
}
public boolean containsKey(Object key)
{
if (key == null) key = Nullobject;
boolean b = m_HashTable.containsKey(key);
return b;
}
public boolean containsValue(Object value)
{
if (value == null ) value = Nullobject;
boolean b = m_HashTable.contains(value);
return b;
}
public Set entrySet()
{
Object Key = null;
ISet s = new ISet();
Enumeration enum = m_HashTable.keys();
while (enum.hasMoreElements())
{
Key = enum.nextElement();
s.add(new Entry(Key,m_HashTable.get(Key)));
}
return s;
}
public Object get(Object key)
{
if (key==null) key= Nullobject;
Object o = m_HashTable.get(key);
if (o == Nullobject) o=null;
return o;
}
public boolean isEmpty()
{
return m_HashTable.isEmpty();
}
public Set keySet()
{
ISet s=new ISet();
Enumeration enum = m_HashTable.keys();
while (enum.hasMoreElements())
{
s.add(enum.nextElement());
}
return s;
}
public Object put(Object key, Object value)
{
if (key==null) key=Nullobject;
if (value==null) value = Nullobject;
return m_HashTable.put(key,value);
}
public void putAll(Map m)
{
Iterator it = m.entrySet().iterator();
Object key=null;
Object value=null;
while (it.hasNext())
{
Map.Entry me = (Map.Entry)it.next();
if (me.getKey() == null) key = Nullobject;
else key= me.getKey();
if (me.getValue()==null) value = Nullobject;
else value = me.getValue();
m_HashTable.put(key,value);
}
}
public Object remove(Object key)
{
return m_HashTable.remove(key);
}
public int size()
{
return m_HashTable.size();
}
public Collection values()
{
ISet s=new ISet();
Enumeration enum = m_HashTable.keys();
while (enum.hasMoreElements())
{
Object Key = enum.nextElement();
//s.add(((Map.Entry)m_HashTable.get(Key)).getValue());
s.add(m_HashTable.get(Key));
}
return s;
}
}

83
extern/spongycastle/core/src/main/jdk1.1/java/util/HashSet.java vendored
View File

@ -1,83 +0,0 @@
package java.util;
import java.io.*;
///*sk13*/import java.util.Hashtable;
public class HashSet extends /*sk13*/AbstractSet
/*sk13*/ /*extends Hashmap*/
{
private HashMap m_HashMap=null;
public HashSet()
{
m_HashMap=new HashMap();
}
public HashSet(Collection c)
{
m_HashMap=new HashMap(Math.max(11,c.size()*2));
addAll(c);
}
public HashSet(int initialCapacity, float loadFactor)
{
m_HashMap=new HashMap(initialCapacity,loadFactor);
}
public HashSet(int initialCapacity)
{
m_HashMap=new HashMap(initialCapacity);
}
public Iterator iterator()
{
return (m_HashMap.keySet()).iterator();
}
public int size()
{
return m_HashMap.size();
}
public boolean contains(Object o)
{
return m_HashMap.containsKey(o);
}
public boolean add(Object o)
{
if (!m_HashMap.containsValue(o))
{
m_HashMap.put(o, o);
return true;
}
return false;
}
public boolean remove(Object o)
{
return (m_HashMap.remove(o)!=null);
}
public void clear()
{
m_HashMap.clear();
}
public Object clone()
{
HashSet hs=new HashSet();
hs.m_HashMap=(HashMap)m_HashMap.clone();
return hs;
}
}

9
extern/spongycastle/core/src/main/jdk1.1/java/util/Iterator.java vendored
View File

@ -1,9 +0,0 @@
package java.util;
public interface Iterator
{
public abstract boolean hasNext();
public abstract Object next() throws NoSuchElementException;
public abstract void remove() throws UnsupportedOperationException,IllegalStateException;
}

15
extern/spongycastle/core/src/main/jdk1.1/java/util/List.java vendored
View File

@ -1,15 +0,0 @@
package java.util;
public interface List extends Collection
{
void add(int index, Object element)throws UnsupportedOperationException,ClassCastException,IllegalArgumentException,IndexOutOfBoundsException;
boolean addAll(int index, Collection c) throws UnsupportedOperationException,ClassCastException,IllegalArgumentException,IndexOutOfBoundsException;
Object get(int index) throws IndexOutOfBoundsException;
int indexOf(Object o);
int lastIndexOf(Object o);
ListIterator listIterator();
ListIterator listIterator(int index)throws IndexOutOfBoundsException;
Object remove(int index)throws UnsupportedOperationException,IndexOutOfBoundsException;
Object set(int index, Object element) throws UnsupportedOperationException,ClassCastException,IllegalArgumentException,IndexOutOfBoundsException;
List subList(int fromIndex, int toIndex) throws IndexOutOfBoundsException;
}

19
extern/spongycastle/core/src/main/jdk1.1/java/util/ListIterator.java vendored
View File

@ -1,19 +0,0 @@
package java.util;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public interface ListIterator extends Iterator
{
public boolean hasPrevious();
public Object previous() throws NoSuchElementException;
public int nextIndex();
public int previousIndex();
public void set(Object o) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException,IllegalStateException;
public void add(Object o) throws UnsupportedOperationException, ClassCastException, IllegalArgumentException;
}

37
extern/spongycastle/core/src/main/jdk1.1/java/util/Map.java vendored
View File

@ -1,37 +0,0 @@
package java.util;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public interface Map {
public static interface Entry
{
public Object getKey();
public Object getValue();
public Object setValue(Object value) throws UnsupportedOperationException, ClassCastException,IllegalArgumentException,NullPointerException;
public boolean equals(Object o);
public int hashCode();
};
public int size();
public boolean isEmpty();
public boolean containsKey(Object Key) throws ClassCastException,NullPointerException;
public boolean containsValue(Object value);
public Object get(Object key)throws ClassCastException,NullPointerException;
public Object put(Object key,Object value)throws UnsupportedOperationException, ClassCastException,IllegalArgumentException,NullPointerException;
public Object remove(Object key)throws UnsupportedOperationException;
public void putAll(Map t)throws UnsupportedOperationException, ClassCastException,IllegalArgumentException,NullPointerException;
public void clear()throws UnsupportedOperationException;
public Set keySet();
public Collection values();
public Set entrySet();
public boolean equals(Object o);
public int hashCode();
}

26
extern/spongycastle/core/src/main/jdk1.1/java/util/Set.java vendored
View File

@ -1,26 +0,0 @@
package java.util;
public interface Set extends Collection
{
public int size();
public boolean isEmpty();
public boolean contains(Object o);
public Iterator iterator();
public Object[] toArray();
public Object[] toArray(Object[] a);
public boolean add(Object o);
public boolean remove(Object o);
public boolean containsAll(Collection c);
public boolean addAll(Collection c);
public boolean retainAll(Collection c);
public boolean removeAll(Collection c);
public void clear();
public boolean equals(Object o);
public int hashCode();
}

125
extern/spongycastle/core/src/main/jdk1.1/java/util/Sublist.java vendored
View File

@ -1,125 +0,0 @@
package java.util;
/**
* Title:
* Description:
* Copyright: Copyright (c) 2001
* Company:
* @version 1.0
*/
public class Sublist extends AbstractList
{
AbstractList m_al=null;
int m_fromIndex=0;
int m_toIndex=0;
int size=0;
public Sublist(AbstractList ali,int fromIndex,int toIndex)
{
m_al=ali;
m_toIndex=toIndex;
m_fromIndex=fromIndex;
size = size();
}
public Object set(int index,Object o)
{
if (index < size)
{
o = m_al.set(index+m_fromIndex,o);
if (o != null)
{
size++;
m_toIndex++;
}
return o;
}
else throw new IndexOutOfBoundsException();
}
public Object get(int index) throws IndexOutOfBoundsException
{
if (index < size) return m_al.get(index+m_fromIndex);
else throw new IndexOutOfBoundsException();
}
public void add (int index,Object o)
{
if (index <= size)
{
m_al.add(index + m_fromIndex,o);
m_toIndex++;
size++;
}
else throw new IndexOutOfBoundsException();
}
public Object remove(int index,Object o)
{
if (index < size)
{
Object ob = m_al.remove(index + m_fromIndex);
if (ob !=null)
{
m_toIndex--;
size--;
}
return ob;
}
else throw new IndexOutOfBoundsException();
}
public boolean addAll(int index, Collection c)
{
if (index < size)
{
boolean bool = m_al.addAll(index + m_fromIndex,c);
if (bool)
{
int lange = c.size();
m_toIndex = m_toIndex + lange;
size = size + lange;
}
return bool;
}
else throw new IndexOutOfBoundsException();
}
public boolean addAll(Collection c)
{
boolean bool = m_al.addAll(m_toIndex,c);
if (bool)
{
int lange = c.size();
m_toIndex = m_toIndex + lange;
size = size + lange;
}
return bool;
}
public void removeRange (int from,int to)
{
if ((from <= to) && (from <= size) && (to <= size))
{
m_al.removeRange(from,to);
int lange = to - from;
m_toIndex = m_toIndex - lange;
size = size - lange;
}
else
{
if (from > to) throw new IllegalArgumentException();
else throw new IndexOutOfBoundsException();
}
}
public int size()
{
return (m_toIndex - m_fromIndex);
}
}

466
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/asn1/ASN1InputStream.java vendored
View File

@ -1,466 +0,0 @@
package org.spongycastle.asn1;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.FilterInputStream;
import java.io.IOException;
import java.io.InputStream;
import org.spongycastle.util.io.Streams;
/**
* a general purpose ASN.1 decoder - note: this class differs from the
* others in that it returns null after it has read the last object in
* the stream. If an ASN.1 NULL is encountered a DER/BER Null object is
* returned.
*/
public class ASN1InputStream
extends FilterInputStream
implements BERTags
{
private int limit;
private boolean lazyEvaluate;
private byte[][] tmpBuffers;
public ASN1InputStream(
InputStream is)
{
this(is, StreamUtil.findLimit(is));
}
/**
* Create an ASN1InputStream based on the input byte array. The length of DER objects in
* the stream is automatically limited to the length of the input array.
*
* @param input array containing ASN.1 encoded data.
*/
public ASN1InputStream(
byte[] input)
{
this(new ByteArrayInputStream(input), input.length);
}
/**
* Create an ASN1InputStream based on the input byte array. The length of DER objects in
* the stream is automatically limited to the length of the input array.
*
* @param input array containing ASN.1 encoded data.
* @param lazyEvaluate true if parsing inside constructed objects can be delayed.
*/
public ASN1InputStream(
byte[] input,
boolean lazyEvaluate)
{
this(new ByteArrayInputStream(input), input.length, lazyEvaluate);
}
/**
* Create an ASN1InputStream where no DER object will be longer than limit.
*
* @param input stream containing ASN.1 encoded data.
* @param limit maximum size of a DER encoded object.
*/
public ASN1InputStream(
InputStream input,
int limit)
{
this(input, limit, false);
}
/**
* Create an ASN1InputStream where no DER object will be longer than limit, and constructed
* objects such as sequences will be parsed lazily.
*
* @param input stream containing ASN.1 encoded data.
* @param lazyEvaluate true if parsing inside constructed objects can be delayed.
*/
public ASN1InputStream(
InputStream input,
boolean lazyEvaluate)
{
this(input, StreamUtil.findLimit(input), lazyEvaluate);
}
/**
* Create an ASN1InputStream where no DER object will be longer than limit, and constructed
* objects such as sequences will be parsed lazily.
*
* @param input stream containing ASN.1 encoded data.
* @param limit maximum size of a DER encoded object.
* @param lazyEvaluate true if parsing inside constructed objects can be delayed.
*/
public ASN1InputStream(
InputStream input,
int limit,
boolean lazyEvaluate)
{
super(input);
this.limit = limit;
this.lazyEvaluate = lazyEvaluate;
this.tmpBuffers = new byte[11][];
}
int getLimit()
{
return limit;
}
protected int readLength()
throws IOException
{
return readLength(this, limit);
}
protected void readFully(
byte[] bytes)
throws IOException
{
if (Streams.readFully(this, bytes) != bytes.length)
{
throw new EOFException("EOF encountered in middle of object");
}
}
/**
* build an object given its tag and the number of bytes to construct it from.
*/
protected ASN1Primitive buildObject(
int tag,
int tagNo,
int length)
throws IOException
{
boolean isConstructed = (tag & CONSTRUCTED) != 0;
DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(this, length);
if ((tag & APPLICATION) != 0)
{
return new DERApplicationSpecific(isConstructed, tagNo, defIn.toByteArray());
}
if ((tag & TAGGED) != 0)
{
return new ASN1StreamParser(defIn).readTaggedObject(isConstructed, tagNo);
}
if (isConstructed)
{
// TODO There are other tags that may be constructed (e.g. BIT_STRING)
switch (tagNo)
{
case OCTET_STRING:
//
// yes, people actually do this...
//
ASN1EncodableVector v = buildDEREncodableVector(defIn);
ASN1OctetString[] strings = new ASN1OctetString[v.size()];
for (int i = 0; i != strings.length; i++)
{
strings[i] = (ASN1OctetString)v.get(i);
}
return new BEROctetString(strings);
case SEQUENCE:
if (lazyEvaluate)
{
return new LazyEncodedSequence(defIn.toByteArray());
}
else
{
return DERFactory.createSequence(buildDEREncodableVector(defIn));
}
case SET:
return DERFactory.createSet(buildDEREncodableVector(defIn));
case EXTERNAL:
return new DERExternal(buildDEREncodableVector(defIn));
default:
throw new IOException("unknown tag " + tagNo + " encountered");
}
}
return createPrimitiveDERObject(tagNo, defIn, tmpBuffers);
}
ASN1EncodableVector buildEncodableVector()
throws IOException
{
ASN1EncodableVector v = new ASN1EncodableVector();
ASN1Primitive o;
while ((o = readObject()) != null)
{
v.add(o);
}
return v;
}
ASN1EncodableVector buildDEREncodableVector(
DefiniteLengthInputStream dIn) throws IOException
{
return new ASN1InputStream(dIn).buildEncodableVector();
}
public ASN1Primitive readObject()
throws IOException
{
int tag = read();
if (tag <= 0)
{
if (tag == 0)
{
throw new IOException("unexpected end-of-contents marker");
}
return null;
}
//
// calculate tag number
//
int tagNo = readTagNumber(this, tag);
boolean isConstructed = (tag & CONSTRUCTED) != 0;
//
// calculate length
//
int length = readLength();
if (length < 0) // indefinite length method
{
if (!isConstructed)
{
throw new IOException("indefinite length primitive encoding encountered");
}
IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(this, limit);
ASN1StreamParser sp = new ASN1StreamParser(indIn, limit);
if ((tag & APPLICATION) != 0)
{
return new BERApplicationSpecificParser(tagNo, sp).getLoadedObject();
}
if ((tag & TAGGED) != 0)
{
return new BERTaggedObjectParser(true, tagNo, sp).getLoadedObject();
}
// TODO There are other tags that may be constructed (e.g. BIT_STRING)
switch (tagNo)
{
case OCTET_STRING:
return new BEROctetStringParser(sp).getLoadedObject();
case SEQUENCE:
return new BERSequenceParser(sp).getLoadedObject();
case SET:
return new BERSetParser(sp).getLoadedObject();
case EXTERNAL:
return new DERExternalParser(sp).getLoadedObject();
default:
throw new IOException("unknown BER object encountered");
}
}
else
{
try
{
return buildObject(tag, tagNo, length);
}
catch (IllegalArgumentException e)
{
throw new ASN1Exception("corrupted stream detected", e);
}
}
}
static int readTagNumber(InputStream s, int tag)
throws IOException
{
int tagNo = tag & 0x1f;
//
// with tagged object tag number is bottom 5 bits, or stored at the start of the content
//
if (tagNo == 0x1f)
{
tagNo = 0;
int b = s.read();
// X.690-0207 8.1.2.4.2
// "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
if ((b & 0x7f) == 0) // Note: -1 will pass
{
throw new IOException("corrupted stream - invalid high tag number found");
}
while ((b >= 0) && ((b & 0x80) != 0))
{
tagNo |= (b & 0x7f);
tagNo <<= 7;
b = s.read();
}
if (b < 0)
{
throw new EOFException("EOF found inside tag value.");
}
tagNo |= (b & 0x7f);
}
return tagNo;
}
static int readLength(InputStream s, int limit)
throws IOException
{
int length = s.read();
if (length < 0)
{
throw new EOFException("EOF found when length expected");
}
if (length == 0x80)
{
return -1; // indefinite-length encoding
}
if (length > 127)
{
int size = length & 0x7f;
// Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
if (size > 4)
{
throw new IOException("DER length more than 4 bytes: " + size);
}
length = 0;
for (int i = 0; i < size; i++)
{
int next = s.read();
if (next < 0)
{
throw new EOFException("EOF found reading length");
}
length = (length << 8) + next;
}
if (length < 0)
{
throw new IOException("corrupted stream - negative length found");
}
if (length >= limit) // after all we must have read at least 1 byte
{
throw new IOException("corrupted stream - out of bounds length found");
}
}
return length;
}
private static byte[] getBuffer(DefiniteLengthInputStream defIn, byte[][] tmpBuffers)
throws IOException
{
int len = defIn.getRemaining();
if (defIn.getRemaining() < tmpBuffers.length)
{
byte[] buf = tmpBuffers[len];
if (buf == null)
{
buf = tmpBuffers[len] = new byte[len];
}
Streams.readFully(defIn, buf);
return buf;
}
else
{
return defIn.toByteArray();
}
}
private static char[] getBMPCharBuffer(DefiniteLengthInputStream defIn)
throws IOException
{
int len = defIn.getRemaining() / 2;
char[] buf = new char[len];
int totalRead = 0;
while (totalRead < len)
{
int ch1 = defIn.read();
if (ch1 < 0)
{
break;
}
int ch2 = defIn.read();
if (ch2 < 0)
{
break;
}
buf[totalRead++] = (char)((ch1 << 8) | (ch2 & 0xff));
}
return buf;
}
static ASN1Primitive createPrimitiveDERObject(
int tagNo,
DefiniteLengthInputStream defIn,
byte[][] tmpBuffers)
throws IOException
{
switch (tagNo)
{
case BIT_STRING:
return DERBitString.fromInputStream(defIn.getRemaining(), defIn);
case BMP_STRING:
return new DERBMPString(getBMPCharBuffer(defIn));
case BOOLEAN:
return ASN1Boolean.fromOctetString(getBuffer(defIn, tmpBuffers));
case ENUMERATED:
return ASN1Enumerated.fromOctetString(getBuffer(defIn, tmpBuffers));
case GENERALIZED_TIME:
return new ASN1GeneralizedTime(defIn.toByteArray());
case GENERAL_STRING:
return new DERGeneralString(defIn.toByteArray());
case IA5_STRING:
return new DERIA5String(defIn.toByteArray());
case INTEGER:
return new ASN1Integer(defIn.toByteArray(), false);
case NULL:
return DERNull.INSTANCE; // actual content is ignored (enforce 0 length?)
case NUMERIC_STRING:
return new DERNumericString(defIn.toByteArray());
case OBJECT_IDENTIFIER:
return ASN1ObjectIdentifier.fromOctetString(getBuffer(defIn, tmpBuffers));
case OCTET_STRING:
return new DEROctetString(defIn.toByteArray());
case PRINTABLE_STRING:
return new DERPrintableString(defIn.toByteArray());
case T61_STRING:
return new DERT61String(defIn.toByteArray());
case UNIVERSAL_STRING:
return new DERUniversalString(defIn.toByteArray());
case UTC_TIME:
return new ASN1UTCTime(defIn.toByteArray());
case UTF8_STRING:
return new DERUTF8String(defIn.toByteArray());
case VISIBLE_STRING:
return new DERVisibleString(defIn.toByteArray());
default:
throw new IOException("unknown tag " + tagNo + " encountered");
}
}
}

247
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/asn1/ASN1StreamParser.java vendored
View File

@ -1,247 +0,0 @@
package org.spongycastle.asn1;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
public class ASN1StreamParser
{
private InputStream _in;
private int _limit;
private byte[][] tmpBuffers;
public ASN1StreamParser(
InputStream in)
{
this(in, StreamUtil.findLimit(in));
}
public ASN1StreamParser(
InputStream in,
int limit)
{
this._in = in;
this._limit = limit;
this.tmpBuffers = new byte[11][];
}
public ASN1StreamParser(
byte[] encoding)
{
this(new ByteArrayInputStream(encoding), encoding.length);
}
ASN1Encodable readIndef(int tagValue) throws IOException
{
// Note: INDEF => CONSTRUCTED
// TODO There are other tags that may be constructed (e.g. BIT_STRING)
switch (tagValue)
{
case BERTags.EXTERNAL:
return new DERExternalParser(this);
case BERTags.OCTET_STRING:
return new BEROctetStringParser(this);
case BERTags.SEQUENCE:
return new BERSequenceParser(this);
case BERTags.SET:
return new BERSetParser(this);
default:
throw new ASN1Exception("unknown BER object encountered: 0x" + Integer.toHexString(tagValue));
}
}
ASN1Encodable readImplicit(boolean constructed, int tag) throws IOException
{
if (_in instanceof IndefiniteLengthInputStream)
{
if (!constructed)
{
throw new IOException("indefinite length primitive encoding encountered");
}
return readIndef(tag);
}
if (constructed)
{
switch (tag)
{
case BERTags.SET:
return new DERSetParser(this);
case BERTags.SEQUENCE:
return new DERSequenceParser(this);
case BERTags.OCTET_STRING:
return new BEROctetStringParser(this);
}
}
else
{
switch (tag)
{
case BERTags.SET:
throw new ASN1Exception("sequences must use constructed encoding (see X.690 8.9.1/8.10.1)");
case BERTags.SEQUENCE:
throw new ASN1Exception("sets must use constructed encoding (see X.690 8.11.1/8.12.1)");
case BERTags.OCTET_STRING:
return new DEROctetStringParser((DefiniteLengthInputStream)_in);
}
}
// TODO ASN1Exception
throw new RuntimeException("implicit tagging not implemented");
}
ASN1Primitive readTaggedObject(boolean constructed, int tag) throws IOException
{
if (!constructed)
{
// Note: !CONSTRUCTED => IMPLICIT
DefiniteLengthInputStream defIn = (DefiniteLengthInputStream)_in;
return new DERTaggedObject(false, tag, new DEROctetString(defIn.toByteArray()));
}
ASN1EncodableVector v = readVector();
if (_in instanceof IndefiniteLengthInputStream)
{
return v.size() == 1
? new BERTaggedObject(true, tag, v.get(0))
: new BERTaggedObject(false, tag, BERFactory.createSequence(v));
}
return v.size() == 1
? new DERTaggedObject(true, tag, v.get(0))
: new DERTaggedObject(false, tag, DERFactory.createSequence(v));
}
public ASN1Encodable readObject()
throws IOException
{
int tag = _in.read();
if (tag == -1)
{
return null;
}
//
// turn of looking for "00" while we resolve the tag
//
set00Check(false);
//
// calculate tag number
//
int tagNo = ASN1InputStream.readTagNumber(_in, tag);
boolean isConstructed = (tag & BERTags.CONSTRUCTED) != 0;
//
// calculate length
//
int length = ASN1InputStream.readLength(_in, _limit);
if (length < 0) // indefinite length method
{
if (!isConstructed)
{
throw new IOException("indefinite length primitive encoding encountered");
}
IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(_in, _limit);
ASN1StreamParser sp = new ASN1StreamParser(indIn, _limit);
if ((tag & BERTags.APPLICATION) != 0)
{
return new BERApplicationSpecificParser(tagNo, sp);
}
if ((tag & BERTags.TAGGED) != 0)
{
return new BERTaggedObjectParser(true, tagNo, sp);
}
return sp.readIndef(tagNo);
}
else
{
DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(_in, length);
if ((tag & BERTags.APPLICATION) != 0)
{
return new DERApplicationSpecific(isConstructed, tagNo, defIn.toByteArray());
}
if ((tag & BERTags.TAGGED) != 0)
{
return new BERTaggedObjectParser(isConstructed, tagNo, new ASN1StreamParser(defIn));
}
if (isConstructed)
{
// TODO There are other tags that may be constructed (e.g. BIT_STRING)
switch (tagNo)
{
case BERTags.OCTET_STRING:
//
// yes, people actually do this...
//
return new BEROctetStringParser(new ASN1StreamParser(defIn));
case BERTags.SEQUENCE:
return new DERSequenceParser(new ASN1StreamParser(defIn));
case BERTags.SET:
return new DERSetParser(new ASN1StreamParser(defIn));
case BERTags.EXTERNAL:
return new DERExternalParser(new ASN1StreamParser(defIn));
default:
throw new IOException("unknown tag " + tagNo + " encountered");
}
}
// Some primitive encodings can be handled by parsers too...
switch (tagNo)
{
case BERTags.OCTET_STRING:
return new DEROctetStringParser(defIn);
}
try
{
return ASN1InputStream.createPrimitiveDERObject(tagNo, defIn, tmpBuffers);
}
catch (IllegalArgumentException e)
{
throw new ASN1Exception("corrupted stream detected", e);
}
}
}
private void set00Check(boolean enabled)
{
if (_in instanceof IndefiniteLengthInputStream)
{
((IndefiniteLengthInputStream)_in).setEofOn00(enabled);
}
}
ASN1EncodableVector readVector() throws IOException
{
ASN1EncodableVector v = new ASN1EncodableVector();
ASN1Encodable obj;
while ((obj = readObject()) != null)
{
if (obj instanceof InMemoryRepresentable)
{
v.add(((InMemoryRepresentable)obj).getLoadedObject());
}
else
{
v.add(obj.toASN1Primitive());
}
}
return v;
}
}

276
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/asn1/DERApplicationSpecific.java vendored
View File

@ -1,276 +0,0 @@
package org.spongycastle.asn1;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import org.spongycastle.util.Arrays;
/**
* Base class for an application specific object
*/
public class DERApplicationSpecific
extends ASN1Primitive
{
private boolean isConstructed;
private int tag;
private byte[] octets;
DERApplicationSpecific(
boolean isConstructed,
int tag,
byte[] octets)
{
this.isConstructed = isConstructed;
this.tag = tag;
this.octets = octets;
}
public DERApplicationSpecific(
int tag,
byte[] octets)
{
this(false, tag, octets);
}
public DERApplicationSpecific(
int tag,
ASN1Encodable object)
throws IOException
{
this(true, tag, object);
}
public DERApplicationSpecific(
boolean explicit,
int tag,
ASN1Encodable object)
throws IOException
{
ASN1Primitive primitive = object.toASN1Primitive();
byte[] data = primitive.getEncoded(ASN1Encoding.DER);
this.isConstructed = explicit || (primitive instanceof ASN1Set || primitive instanceof ASN1Sequence);
this.tag = tag;
if (explicit)
{
this.octets = data;
}
else
{
int lenBytes = getLengthOfHeader(data);
byte[] tmp = new byte[data.length - lenBytes];
System.arraycopy(data, lenBytes, tmp, 0, tmp.length);
this.octets = tmp;
}
}
public DERApplicationSpecific(int tagNo, ASN1EncodableVector vec)
{
this.tag = tagNo;
this.isConstructed = true;
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
for (int i = 0; i != vec.size(); i++)
{
try
{
bOut.write(((ASN1Object)vec.get(i)).getEncoded(ASN1Encoding.DER));
}
catch (IOException e)
{
throw new ASN1ParsingException("malformed object: " + e, e);
}
}
this.octets = bOut.toByteArray();
}
public static DERApplicationSpecific getInstance(Object obj)
{
if (obj == null || obj instanceof DERApplicationSpecific)
{
return (DERApplicationSpecific)obj;
}
else if (obj instanceof byte[])
{
try
{
return DERApplicationSpecific.getInstance(ASN1Primitive.fromByteArray((byte[])obj));
}
catch (IOException e)
{
throw new IllegalArgumentException("failed to construct object from byte[]: " + e.getMessage());
}
}
else if (obj instanceof ASN1Encodable)
{
ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive();
if (primitive instanceof ASN1Sequence)
{
return (DERApplicationSpecific)primitive;
}
}
throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
}
private int getLengthOfHeader(byte[] data)
{
int length = data[1] & 0xff; // TODO: assumes 1 byte tag
if (length == 0x80)
{
return 2; // indefinite-length encoding
}
if (length > 127)
{
int size = length & 0x7f;
// Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
if (size > 4)
{
throw new IllegalStateException("DER length more than 4 bytes: " + size);
}
return size + 2;
}
return 2;
}
public boolean isConstructed()
{
return isConstructed;
}
public byte[] getContents()
{
return octets;
}
public int getApplicationTag()
{
return tag;
}
/**
* Return the enclosed object assuming explicit tagging.
*
* @return the resulting object
* @throws IOException if reconstruction fails.
*/
public ASN1Primitive getObject()
throws IOException
{
return new ASN1InputStream(getContents()).readObject();
}
/**
* Return the enclosed object assuming implicit tagging.
*
* @param derTagNo the type tag that should be applied to the object's contents.
* @return the resulting object
* @throws IOException if reconstruction fails.
*/
public ASN1Primitive getObject(int derTagNo)
throws IOException
{
if (derTagNo >= 0x1f)
{
throw new IOException("unsupported tag number");
}
byte[] orig = this.getEncoded();
byte[] tmp = replaceTagNumber(derTagNo, orig);
if ((orig[0] & BERTags.CONSTRUCTED) != 0)
{
tmp[0] |= BERTags.CONSTRUCTED;
}
return new ASN1InputStream(tmp).readObject();
}
int encodedLength()
throws IOException
{
return StreamUtil.calculateTagLength(tag) + StreamUtil.calculateBodyLength(octets.length) + octets.length;
}
/* (non-Javadoc)
* @see org.spongycastle.asn1.ASN1Primitive#encode(org.spongycastle.asn1.DEROutputStream)
*/
void encode(ASN1OutputStream out) throws IOException
{
int classBits = BERTags.APPLICATION;
if (isConstructed)
{
classBits |= BERTags.CONSTRUCTED;
}
out.writeEncoded(classBits, tag, octets);
}
boolean asn1Equals(
ASN1Primitive o)
{
if (!(o instanceof DERApplicationSpecific))
{
return false;
}
DERApplicationSpecific other = (DERApplicationSpecific)o;
return isConstructed == other.isConstructed
&& tag == other.tag
&& Arrays.areEqual(octets, other.octets);
}
public int hashCode()
{
return (isConstructed ? 1 : 0) ^ tag ^ Arrays.hashCode(octets);
}
private byte[] replaceTagNumber(int newTag, byte[] input)
throws IOException
{
int tagNo = input[0] & 0x1f;
int index = 1;
//
// with tagged object tag number is bottom 5 bits, or stored at the start of the content
//
if (tagNo == 0x1f)
{
tagNo = 0;
int b = input[index++] & 0xff;
// X.690-0207 8.1.2.4.2
// "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
if ((b & 0x7f) == 0) // Note: -1 will pass
{
throw new ASN1ParsingException("corrupted stream - invalid high tag number found");
}
while ((b >= 0) && ((b & 0x80) != 0))
{
tagNo |= (b & 0x7f);
tagNo <<= 7;
b = input[index++] & 0xff;
}
tagNo |= (b & 0x7f);
}
byte[] tmp = new byte[input.length - index + 1];
System.arraycopy(input, index, tmp, 1, tmp.length - 1);
tmp[0] = (byte)newTag;
return tmp;
}
}

481
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/asn1/x500/style/BCStyle.java vendored
View File

@ -1,481 +0,0 @@
package org.spongycastle.asn1.x500.style;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Hashtable;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1GeneralizedTime;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERIA5String;
import org.spongycastle.asn1.DERPrintableString;
import org.spongycastle.asn1.DERUTF8String;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x500.AttributeTypeAndValue;
import org.spongycastle.asn1.x500.RDN;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameStyle;
import org.spongycastle.asn1.x509.X509ObjectIdentifiers;
public class BCStyle
implements X500NameStyle
{
/**
* country code - StringType(SIZE(2))
*/
public static final ASN1ObjectIdentifier C = new ASN1ObjectIdentifier("2.5.4.6");
/**
* organization - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier O = new ASN1ObjectIdentifier("2.5.4.10");
/**
* organizational unit name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier OU = new ASN1ObjectIdentifier("2.5.4.11");
/**
* Title
*/
public static final ASN1ObjectIdentifier T = new ASN1ObjectIdentifier("2.5.4.12");
/**
* common name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3");
/**
* device serial number name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier SN = new ASN1ObjectIdentifier("2.5.4.5");
/**
* street - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier STREET = new ASN1ObjectIdentifier("2.5.4.9");
/**
* device serial number name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier SERIALNUMBER = SN;
/**
* locality name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier L = new ASN1ObjectIdentifier("2.5.4.7");
/**
* state, or province name - StringType(SIZE(1..64))
*/
public static final ASN1ObjectIdentifier ST = new ASN1ObjectIdentifier("2.5.4.8");
/**
* Naming attributes of type X520name
*/
public static final ASN1ObjectIdentifier SURNAME = new ASN1ObjectIdentifier("2.5.4.4");
public static final ASN1ObjectIdentifier GIVENNAME = new ASN1ObjectIdentifier("2.5.4.42");
public static final ASN1ObjectIdentifier INITIALS = new ASN1ObjectIdentifier("2.5.4.43");
public static final ASN1ObjectIdentifier GENERATION = new ASN1ObjectIdentifier("2.5.4.44");
public static final ASN1ObjectIdentifier UNIQUE_IDENTIFIER = new ASN1ObjectIdentifier("2.5.4.45");
/**
* businessCategory - DirectoryString(SIZE(1..128)
*/
public static final ASN1ObjectIdentifier BUSINESS_CATEGORY = new ASN1ObjectIdentifier(
"2.5.4.15");
/**
* postalCode - DirectoryString(SIZE(1..40)
*/
public static final ASN1ObjectIdentifier POSTAL_CODE = new ASN1ObjectIdentifier(
"2.5.4.17");
/**
* dnQualifier - DirectoryString(SIZE(1..64)
*/
public static final ASN1ObjectIdentifier DN_QUALIFIER = new ASN1ObjectIdentifier(
"2.5.4.46");
/**
* RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
*/
public static final ASN1ObjectIdentifier PSEUDONYM = new ASN1ObjectIdentifier(
"2.5.4.65");
/**
* RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z
*/
public static final ASN1ObjectIdentifier DATE_OF_BIRTH = new ASN1ObjectIdentifier(
"1.3.6.1.5.5.7.9.1");
/**
* RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
*/
public static final ASN1ObjectIdentifier PLACE_OF_BIRTH = new ASN1ObjectIdentifier(
"1.3.6.1.5.5.7.9.2");
/**
* RFC 3039 Gender - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
*/
public static final ASN1ObjectIdentifier GENDER = new ASN1ObjectIdentifier(
"1.3.6.1.5.5.7.9.3");
/**
* RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
* codes only
*/
public static final ASN1ObjectIdentifier COUNTRY_OF_CITIZENSHIP = new ASN1ObjectIdentifier(
"1.3.6.1.5.5.7.9.4");
/**
* RFC 3039 CountryOfResidence - PrintableString (SIZE (2)) -- ISO 3166
* codes only
*/
public static final ASN1ObjectIdentifier COUNTRY_OF_RESIDENCE = new ASN1ObjectIdentifier(
"1.3.6.1.5.5.7.9.5");
/**
* ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64)
*/
public static final ASN1ObjectIdentifier NAME_AT_BIRTH = new ASN1ObjectIdentifier("1.3.36.8.3.14");
/**
* RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
* DirectoryString(SIZE(1..30))
*/
public static final ASN1ObjectIdentifier POSTAL_ADDRESS = new ASN1ObjectIdentifier("2.5.4.16");
/**
* RFC 2256 dmdName
*/
public static final ASN1ObjectIdentifier DMD_NAME = new ASN1ObjectIdentifier("2.5.4.54");
/**
* id-at-telephoneNumber
*/
public static final ASN1ObjectIdentifier TELEPHONE_NUMBER = X509ObjectIdentifiers.id_at_telephoneNumber;
/**
* id-at-name
*/
public static final ASN1ObjectIdentifier NAME = X509ObjectIdentifiers.id_at_name;
/**
* Email address (RSA PKCS#9 extension) - IA5String.
* <p>Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.
*/
public static final ASN1ObjectIdentifier EmailAddress = PKCSObjectIdentifiers.pkcs_9_at_emailAddress;
/**
* more from PKCS#9
*/
public static final ASN1ObjectIdentifier UnstructuredName = PKCSObjectIdentifiers.pkcs_9_at_unstructuredName;
public static final ASN1ObjectIdentifier UnstructuredAddress = PKCSObjectIdentifiers.pkcs_9_at_unstructuredAddress;
/**
* email address in Verisign certificates
*/
public static final ASN1ObjectIdentifier E = EmailAddress;
/*
* others...
*/
public static final ASN1ObjectIdentifier DC = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25");
/**
* LDAP User id.
*/
public static final ASN1ObjectIdentifier UID = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1");
/**
* default look up table translating OID values into their common symbols following
* the convention in RFC 2253 with a few extras
*/
private static final Hashtable DefaultSymbols = new Hashtable();
/**
* look up table translating common symbols into their OIDS.
*/
private static final Hashtable DefaultLookUp = new Hashtable();
static
{
DefaultSymbols.put(C, "C");
DefaultSymbols.put(O, "O");
DefaultSymbols.put(T, "T");
DefaultSymbols.put(OU, "OU");
DefaultSymbols.put(CN, "CN");
DefaultSymbols.put(L, "L");
DefaultSymbols.put(ST, "ST");
DefaultSymbols.put(SN, "SERIALNUMBER");
DefaultSymbols.put(EmailAddress, "E");
DefaultSymbols.put(DC, "DC");
DefaultSymbols.put(UID, "UID");
DefaultSymbols.put(STREET, "STREET");
DefaultSymbols.put(SURNAME, "SURNAME");
DefaultSymbols.put(GIVENNAME, "GIVENNAME");
DefaultSymbols.put(INITIALS, "INITIALS");
DefaultSymbols.put(GENERATION, "GENERATION");
DefaultSymbols.put(UnstructuredAddress, "unstructuredAddress");
DefaultSymbols.put(UnstructuredName, "unstructuredName");
DefaultSymbols.put(UNIQUE_IDENTIFIER, "UniqueIdentifier");
DefaultSymbols.put(DN_QUALIFIER, "DN");
DefaultSymbols.put(PSEUDONYM, "Pseudonym");
DefaultSymbols.put(POSTAL_ADDRESS, "PostalAddress");
DefaultSymbols.put(NAME_AT_BIRTH, "NameAtBirth");
DefaultSymbols.put(COUNTRY_OF_CITIZENSHIP, "CountryOfCitizenship");
DefaultSymbols.put(COUNTRY_OF_RESIDENCE, "CountryOfResidence");
DefaultSymbols.put(GENDER, "Gender");
DefaultSymbols.put(PLACE_OF_BIRTH, "PlaceOfBirth");
DefaultSymbols.put(DATE_OF_BIRTH, "DateOfBirth");
DefaultSymbols.put(POSTAL_CODE, "PostalCode");
DefaultSymbols.put(BUSINESS_CATEGORY, "BusinessCategory");
DefaultSymbols.put(TELEPHONE_NUMBER, "TelephoneNumber");
DefaultSymbols.put(NAME, "Name");
DefaultLookUp.put("c", C);
DefaultLookUp.put("o", O);
DefaultLookUp.put("t", T);
DefaultLookUp.put("ou", OU);
DefaultLookUp.put("cn", CN);
DefaultLookUp.put("l", L);
DefaultLookUp.put("st", ST);
DefaultLookUp.put("sn", SN);
DefaultLookUp.put("serialnumber", SN);
DefaultLookUp.put("street", STREET);
DefaultLookUp.put("emailaddress", E);
DefaultLookUp.put("dc", DC);
DefaultLookUp.put("e", E);
DefaultLookUp.put("uid", UID);
DefaultLookUp.put("surname", SURNAME);
DefaultLookUp.put("givenname", GIVENNAME);
DefaultLookUp.put("initials", INITIALS);
DefaultLookUp.put("generation", GENERATION);
DefaultLookUp.put("unstructuredaddress", UnstructuredAddress);
DefaultLookUp.put("unstructuredname", UnstructuredName);
DefaultLookUp.put("uniqueidentifier", UNIQUE_IDENTIFIER);
DefaultLookUp.put("dn", DN_QUALIFIER);
DefaultLookUp.put("pseudonym", PSEUDONYM);
DefaultLookUp.put("postaladdress", POSTAL_ADDRESS);
DefaultLookUp.put("nameofbirth", NAME_AT_BIRTH);
DefaultLookUp.put("countryofcitizenship", COUNTRY_OF_CITIZENSHIP);
DefaultLookUp.put("countryofresidence", COUNTRY_OF_RESIDENCE);
DefaultLookUp.put("gender", GENDER);
DefaultLookUp.put("placeofbirth", PLACE_OF_BIRTH);
DefaultLookUp.put("dateofbirth", DATE_OF_BIRTH);
DefaultLookUp.put("postalcode", POSTAL_CODE);
DefaultLookUp.put("businesscategory", BUSINESS_CATEGORY);
DefaultLookUp.put("telephonenumber", TELEPHONE_NUMBER);
DefaultLookUp.put("name", NAME);
}
/**
* Singleton instance.
*/
public static final X500NameStyle INSTANCE = new BCStyle();
protected Hashtable defaultLookUp;
protected Hashtable defaultSymbols;
protected BCStyle()
{
defaultSymbols = copyHashTable(DefaultSymbols);
defaultLookUp = copyHashTable(DefaultLookUp);
}
public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value)
{
if (value.length() != 0 && value.charAt(0) == '#')
{
try
{
return IETFUtils.valueFromHexString(value, 1);
}
catch (IOException e)
{
throw new RuntimeException("can't recode value for oid " + oid.getId());
}
}
else
{
if (value.length() != 0 && value.charAt(0) == '\\')
{
value = value.substring(1);
}
if (oid.equals(EmailAddress) || oid.equals(DC))
{
return new DERIA5String(value);
}
else if (oid.equals(DATE_OF_BIRTH)) // accept time string as well as # (for compatibility)
{
return new ASN1GeneralizedTime(value);
}
else if (oid.equals(C) || oid.equals(SN) || oid.equals(DN_QUALIFIER)
|| oid.equals(TELEPHONE_NUMBER))
{
return new DERPrintableString(value);
}
}
return new DERUTF8String(value);
}
public String oidToDisplayName(ASN1ObjectIdentifier oid)
{
return (String)DefaultSymbols.get(oid);
}
public String[] oidToAttrNames(ASN1ObjectIdentifier oid)
{
return IETFUtils.findAttrNamesForOID(oid, defaultLookUp);
}
public ASN1ObjectIdentifier attrNameToOID(String attrName)
{
return IETFUtils.decodeAttrName(attrName, defaultLookUp);
}
public boolean areEqual(X500Name name1, X500Name name2)
{
RDN[] rdns1 = name1.getRDNs();
RDN[] rdns2 = name2.getRDNs();
if (rdns1.length != rdns2.length)
{
return false;
}
boolean reverse = false;
if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null)
{
reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType()); // guess forward
}
for (int i = 0; i != rdns1.length; i++)
{
if (!foundMatch(reverse, rdns1[i], rdns2))
{
return false;
}
}
return true;
}
private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs)
{
if (reverse)
{
for (int i = possRDNs.length - 1; i >= 0; i--)
{
if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
{
possRDNs[i] = null;
return true;
}
}
}
else
{
for (int i = 0; i != possRDNs.length; i++)
{
if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
{
possRDNs[i] = null;
return true;
}
}
}
return false;
}
protected boolean rdnAreEqual(RDN rdn1, RDN rdn2)
{
return IETFUtils.rDNAreEqual(rdn1, rdn2);
}
public RDN[] fromString(String dirName)
{
return IETFUtils.rDNsFromString(dirName, this);
}
public int calculateHashCode(X500Name name)
{
int hashCodeValue = 0;
RDN[] rdns = name.getRDNs();
// this needs to be order independent, like equals
for (int i = 0; i != rdns.length; i++)
{
if (rdns[i].isMultiValued())
{
AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
for (int j = 0; j != atv.length; j++)
{
hashCodeValue ^= atv[j].getType().hashCode();
hashCodeValue ^= calcHashCode(atv[j].getValue());
}
}
else
{
hashCodeValue ^= rdns[i].getFirst().getType().hashCode();
hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue());
}
}
return hashCodeValue;
}
private int calcHashCode(ASN1Encodable enc)
{
String value = IETFUtils.valueToString(enc);
value = IETFUtils.canonicalize(value);
return value.hashCode();
}
public String toString(X500Name name)
{
StringBuffer buf = new StringBuffer();
boolean first = true;
RDN[] rdns = name.getRDNs();
for (int i = 0; i < rdns.length; i++)
{
if (first)
{
first = false;
}
else
{
buf.append(',');
}
IETFUtils.appendRDN(buf, rdns[i], defaultSymbols);
}
return buf.toString();
}
private static Hashtable copyHashTable(Hashtable paramsMap)
{
Hashtable newTable = new Hashtable();
Enumeration keys = paramsMap.keys();
while (keys.hasMoreElements())
{
Object key = keys.nextElement();
newTable.put(key, paramsMap.get(key));
}
return newTable;
}
}

380
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/asn1/x500/style/RFC4519Style.java vendored
View File

@ -1,380 +0,0 @@
package org.spongycastle.asn1.x500.style;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Hashtable;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERIA5String;
import org.spongycastle.asn1.DERPrintableString;
import org.spongycastle.asn1.DERUTF8String;
import org.spongycastle.asn1.x500.AttributeTypeAndValue;
import org.spongycastle.asn1.x500.RDN;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameStyle;
public class RFC4519Style
implements X500NameStyle
{
public static final ASN1ObjectIdentifier businessCategory = new ASN1ObjectIdentifier("2.5.4.15");
public static final ASN1ObjectIdentifier c = new ASN1ObjectIdentifier("2.5.4.6");
public static final ASN1ObjectIdentifier cn = new ASN1ObjectIdentifier("2.5.4.3");
public static final ASN1ObjectIdentifier dc = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25");
public static final ASN1ObjectIdentifier description = new ASN1ObjectIdentifier("2.5.4.13");
public static final ASN1ObjectIdentifier destinationIndicator = new ASN1ObjectIdentifier("2.5.4.27");
public static final ASN1ObjectIdentifier distinguishedName = new ASN1ObjectIdentifier("2.5.4.49");
public static final ASN1ObjectIdentifier dnQualifier = new ASN1ObjectIdentifier("2.5.4.46");
public static final ASN1ObjectIdentifier enhancedSearchGuide = new ASN1ObjectIdentifier("2.5.4.47");
public static final ASN1ObjectIdentifier facsimileTelephoneNumber = new ASN1ObjectIdentifier("2.5.4.23");
public static final ASN1ObjectIdentifier generationQualifier = new ASN1ObjectIdentifier("2.5.4.44");
public static final ASN1ObjectIdentifier givenName = new ASN1ObjectIdentifier("2.5.4.42");
public static final ASN1ObjectIdentifier houseIdentifier = new ASN1ObjectIdentifier("2.5.4.51");
public static final ASN1ObjectIdentifier initials = new ASN1ObjectIdentifier("2.5.4.43");
public static final ASN1ObjectIdentifier internationalISDNNumber = new ASN1ObjectIdentifier("2.5.4.25");
public static final ASN1ObjectIdentifier l = new ASN1ObjectIdentifier("2.5.4.7");
public static final ASN1ObjectIdentifier member = new ASN1ObjectIdentifier("2.5.4.31");
public static final ASN1ObjectIdentifier name = new ASN1ObjectIdentifier("2.5.4.41");
public static final ASN1ObjectIdentifier o = new ASN1ObjectIdentifier("2.5.4.10");
public static final ASN1ObjectIdentifier ou = new ASN1ObjectIdentifier("2.5.4.11");
public static final ASN1ObjectIdentifier owner = new ASN1ObjectIdentifier("2.5.4.32");
public static final ASN1ObjectIdentifier physicalDeliveryOfficeName = new ASN1ObjectIdentifier("2.5.4.19");
public static final ASN1ObjectIdentifier postalAddress = new ASN1ObjectIdentifier("2.5.4.16");
public static final ASN1ObjectIdentifier postalCode = new ASN1ObjectIdentifier("2.5.4.17");
public static final ASN1ObjectIdentifier postOfficeBox = new ASN1ObjectIdentifier("2.5.4.18");
public static final ASN1ObjectIdentifier preferredDeliveryMethod = new ASN1ObjectIdentifier("2.5.4.28");
public static final ASN1ObjectIdentifier registeredAddress = new ASN1ObjectIdentifier("2.5.4.26");
public static final ASN1ObjectIdentifier roleOccupant = new ASN1ObjectIdentifier("2.5.4.33");
public static final ASN1ObjectIdentifier searchGuide = new ASN1ObjectIdentifier("2.5.4.14");
public static final ASN1ObjectIdentifier seeAlso = new ASN1ObjectIdentifier("2.5.4.34");
public static final ASN1ObjectIdentifier serialNumber = new ASN1ObjectIdentifier("2.5.4.5");
public static final ASN1ObjectIdentifier sn = new ASN1ObjectIdentifier("2.5.4.4");
public static final ASN1ObjectIdentifier st = new ASN1ObjectIdentifier("2.5.4.8");
public static final ASN1ObjectIdentifier street = new ASN1ObjectIdentifier("2.5.4.9");
public static final ASN1ObjectIdentifier telephoneNumber = new ASN1ObjectIdentifier("2.5.4.20");
public static final ASN1ObjectIdentifier teletexTerminalIdentifier = new ASN1ObjectIdentifier("2.5.4.22");
public static final ASN1ObjectIdentifier telexNumber = new ASN1ObjectIdentifier("2.5.4.21");
public static final ASN1ObjectIdentifier title = new ASN1ObjectIdentifier("2.5.4.12");
public static final ASN1ObjectIdentifier uid = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1");
public static final ASN1ObjectIdentifier uniqueMember = new ASN1ObjectIdentifier("2.5.4.50");
public static final ASN1ObjectIdentifier userPassword = new ASN1ObjectIdentifier("2.5.4.35");
public static final ASN1ObjectIdentifier x121Address = new ASN1ObjectIdentifier("2.5.4.24");
public static final ASN1ObjectIdentifier x500UniqueIdentifier = new ASN1ObjectIdentifier("2.5.4.45");
/**
* default look up table translating OID values into their common symbols following
* the convention in RFC 2253 with a few extras
*/
private static final Hashtable DefaultSymbols = new Hashtable();
/**
* look up table translating common symbols into their OIDS.
*/
private static final Hashtable DefaultLookUp = new Hashtable();
static
{
DefaultSymbols.put(businessCategory, "businessCategory");
DefaultSymbols.put(c, "c");
DefaultSymbols.put(cn, "cn");
DefaultSymbols.put(dc, "dc");
DefaultSymbols.put(description, "description");
DefaultSymbols.put(destinationIndicator, "destinationIndicator");
DefaultSymbols.put(distinguishedName, "distinguishedName");
DefaultSymbols.put(dnQualifier, "dnQualifier");
DefaultSymbols.put(enhancedSearchGuide, "enhancedSearchGuide");
DefaultSymbols.put(facsimileTelephoneNumber, "facsimileTelephoneNumber");
DefaultSymbols.put(generationQualifier, "generationQualifier");
DefaultSymbols.put(givenName, "givenName");
DefaultSymbols.put(houseIdentifier, "houseIdentifier");
DefaultSymbols.put(initials, "initials");
DefaultSymbols.put(internationalISDNNumber, "internationalISDNNumber");
DefaultSymbols.put(l, "l");
DefaultSymbols.put(member, "member");
DefaultSymbols.put(name, "name");
DefaultSymbols.put(o, "o");
DefaultSymbols.put(ou, "ou");
DefaultSymbols.put(owner, "owner");
DefaultSymbols.put(physicalDeliveryOfficeName, "physicalDeliveryOfficeName");
DefaultSymbols.put(postalAddress, "postalAddress");
DefaultSymbols.put(postalCode, "postalCode");
DefaultSymbols.put(postOfficeBox, "postOfficeBox");
DefaultSymbols.put(preferredDeliveryMethod, "preferredDeliveryMethod");
DefaultSymbols.put(registeredAddress, "registeredAddress");
DefaultSymbols.put(roleOccupant, "roleOccupant");
DefaultSymbols.put(searchGuide, "searchGuide");
DefaultSymbols.put(seeAlso, "seeAlso");
DefaultSymbols.put(serialNumber, "serialNumber");
DefaultSymbols.put(sn, "sn");
DefaultSymbols.put(st, "st");
DefaultSymbols.put(street, "street");
DefaultSymbols.put(telephoneNumber, "telephoneNumber");
DefaultSymbols.put(teletexTerminalIdentifier, "teletexTerminalIdentifier");
DefaultSymbols.put(telexNumber, "telexNumber");
DefaultSymbols.put(title, "title");
DefaultSymbols.put(uid, "uid");
DefaultSymbols.put(uniqueMember, "uniqueMember");
DefaultSymbols.put(userPassword, "userPassword");
DefaultSymbols.put(x121Address, "x121Address");
DefaultSymbols.put(x500UniqueIdentifier, "x500UniqueIdentifier");
DefaultLookUp.put("businesscategory", businessCategory);
DefaultLookUp.put("c", c);
DefaultLookUp.put("cn", cn);
DefaultLookUp.put("dc", dc);
DefaultLookUp.put("description", description);
DefaultLookUp.put("destinationindicator", destinationIndicator);
DefaultLookUp.put("distinguishedname", distinguishedName);
DefaultLookUp.put("dnqualifier", dnQualifier);
DefaultLookUp.put("enhancedsearchguide", enhancedSearchGuide);
DefaultLookUp.put("facsimiletelephonenumber", facsimileTelephoneNumber);
DefaultLookUp.put("generationqualifier", generationQualifier);
DefaultLookUp.put("givenname", givenName);
DefaultLookUp.put("houseidentifier", houseIdentifier);
DefaultLookUp.put("initials", initials);
DefaultLookUp.put("internationalisdnnumber", internationalISDNNumber);
DefaultLookUp.put("l", l);
DefaultLookUp.put("member", member);
DefaultLookUp.put("name", name);
DefaultLookUp.put("o", o);
DefaultLookUp.put("ou", ou);
DefaultLookUp.put("owner", owner);
DefaultLookUp.put("physicaldeliveryofficename", physicalDeliveryOfficeName);
DefaultLookUp.put("postaladdress", postalAddress);
DefaultLookUp.put("postalcode", postalCode);
DefaultLookUp.put("postofficebox", postOfficeBox);
DefaultLookUp.put("preferreddeliverymethod", preferredDeliveryMethod);
DefaultLookUp.put("registeredaddress", registeredAddress);
DefaultLookUp.put("roleoccupant", roleOccupant);
DefaultLookUp.put("searchguide", searchGuide);
DefaultLookUp.put("seealso", seeAlso);
DefaultLookUp.put("serialnumber", serialNumber);
DefaultLookUp.put("sn", sn);
DefaultLookUp.put("st", st);
DefaultLookUp.put("street", street);
DefaultLookUp.put("telephonenumber", telephoneNumber);
DefaultLookUp.put("teletexterminalidentifier", teletexTerminalIdentifier);
DefaultLookUp.put("telexnumber", telexNumber);
DefaultLookUp.put("title", title);
DefaultLookUp.put("uid", uid);
DefaultLookUp.put("uniquemember", uniqueMember);
DefaultLookUp.put("userpassword", userPassword);
DefaultLookUp.put("x121address", x121Address);
DefaultLookUp.put("x500uniqueidentifier", x500UniqueIdentifier);
// TODO: need to add correct matching for equality comparisons.
}
/**
* Singleton instance.
*/
public static final X500NameStyle INSTANCE = new RFC4519Style();
protected Hashtable defaultLookUp;
protected Hashtable defaultSymbols;
protected RFC4519Style()
{
defaultSymbols = copyHashTable(DefaultSymbols);
defaultLookUp = copyHashTable(DefaultLookUp);
}
public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value)
{
if (value.length() != 0 && value.charAt(0) == '#')
{
try
{
return IETFUtils.valueFromHexString(value, 1);
}
catch (IOException e)
{
throw new RuntimeException("can't recode value for oid " + oid.getId());
}
}
else
{
if (value.length() != 0 && value.charAt(0) == '\\')
{
value = value.substring(1);
}
if (oid.equals(dc))
{
return new DERIA5String(value);
}
else if (oid.equals(c) || oid.equals(serialNumber) || oid.equals(dnQualifier)
|| oid.equals(telephoneNumber))
{
return new DERPrintableString(value);
}
}
return new DERUTF8String(value);
}
public String oidToDisplayName(ASN1ObjectIdentifier oid)
{
return (String)DefaultSymbols.get(oid);
}
public String[] oidToAttrNames(ASN1ObjectIdentifier oid)
{
return IETFUtils.findAttrNamesForOID(oid, defaultLookUp);
}
public ASN1ObjectIdentifier attrNameToOID(String attrName)
{
return IETFUtils.decodeAttrName(attrName, defaultLookUp);
}
public boolean areEqual(X500Name name1, X500Name name2)
{
RDN[] rdns1 = name1.getRDNs();
RDN[] rdns2 = name2.getRDNs();
if (rdns1.length != rdns2.length)
{
return false;
}
boolean reverse = false;
if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null)
{
reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType()); // guess forward
}
for (int i = 0; i != rdns1.length; i++)
{
if (!foundMatch(reverse, rdns1[i], rdns2))
{
return false;
}
}
return true;
}
private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs)
{
if (reverse)
{
for (int i = possRDNs.length - 1; i >= 0; i--)
{
if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
{
possRDNs[i] = null;
return true;
}
}
}
else
{
for (int i = 0; i != possRDNs.length; i++)
{
if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
{
possRDNs[i] = null;
return true;
}
}
}
return false;
}
protected boolean rdnAreEqual(RDN rdn1, RDN rdn2)
{
return IETFUtils.rDNAreEqual(rdn1, rdn2);
}
// parse backwards
public RDN[] fromString(String dirName)
{
RDN[] tmp = IETFUtils.rDNsFromString(dirName, this);
RDN[] res = new RDN[tmp.length];
for (int i = 0; i != tmp.length; i++)
{
res[res.length - i - 1] = tmp[i];
}
return res;
}
public int calculateHashCode(X500Name name)
{
int hashCodeValue = 0;
RDN[] rdns = name.getRDNs();
// this needs to be order independent, like equals
for (int i = 0; i != rdns.length; i++)
{
if (rdns[i].isMultiValued())
{
AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
for (int j = 0; j != atv.length; j++)
{
hashCodeValue ^= atv[j].getType().hashCode();
hashCodeValue ^= calcHashCode(atv[j].getValue());
}
}
else
{
hashCodeValue ^= rdns[i].getFirst().getType().hashCode();
hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue());
}
}
return hashCodeValue;
}
private int calcHashCode(ASN1Encodable enc)
{
String value = IETFUtils.valueToString(enc);
value = IETFUtils.canonicalize(value);
return value.hashCode();
}
// convert in reverse
public String toString(X500Name name)
{
StringBuffer buf = new StringBuffer();
boolean first = true;
RDN[] rdns = name.getRDNs();
for (int i = rdns.length - 1; i >= 0; i--)
{
if (first)
{
first = false;
}
else
{
buf.append(',');
}
IETFUtils.appendRDN(buf, rdns[i], defaultSymbols);
}
return buf.toString();
}
private static Hashtable copyHashTable(Hashtable paramsMap)
{
Hashtable newTable = new Hashtable();
Enumeration keys = paramsMap.keys();
while (keys.hasMoreElements())
{
Object key = keys.nextElement();
newTable.put(key, paramsMap.get(key));
}
return newTable;
}
}

573
extern/spongycastle/core/src/main/jdk1.1/org/spongycastle/crypto/agreement/jpake/JPAKEParticipant.java vendored
View File

@ -1,573 +0,0 @@
package org.spongycastle.crypto.agreement.jpake;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.spongycastle.crypto.CryptoException;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.util.Arrays;
/**
* A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange.
* <p/>
* <p/>
* The J-PAKE exchange is defined by Feng Hao and Peter Ryan in the paper
* <a href="http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf">
* "Password Authenticated Key Exchange by Juggling, 2008."</a>
* <p/>
* <p/>
* The J-PAKE protocol is symmetric.
* There is no notion of a <i>client</i> or <i>server</i>, but rather just two <i>participants</i>.
* An instance of {@link JPAKEParticipant} represents one participant, and
* is the primary interface for executing the exchange.
* <p/>
* <p/>
* To execute an exchange, construct a {@link JPAKEParticipant} on each end,
* and call the following 7 methods
* (once and only once, in the given order, for each participant, sending messages between them as described):
* <ol>
* <li>{@link #createRound1PayloadToSend()} - and send the payload to the other participant</li>
* <li>{@link #validateRound1PayloadReceived(JPAKERound1Payload)} - use the payload received from the other participant</li>
* <li>{@link #createRound2PayloadToSend()} - and send the payload to the other participant</li>
* <li>{@link #validateRound2PayloadReceived(JPAKERound2Payload)} - use the payload received from the other participant</li>
* <li>{@link #calculateKeyingMaterial()}</li>
* <li>{@link #createRound3PayloadToSend(BigInteger)} - and send the payload to the other participant</li>
* <li>{@link #validateRound3PayloadReceived(JPAKERound3Payload, BigInteger)} - use the payload received from the other participant</li>
* </ol>
* <p/>
* <p/>
* Each side should derive a session key from the keying material returned by {@link #calculateKeyingMaterial()}.
* The caller is responsible for deriving the session key using a secure key derivation function (KDF).
* <p/>
* <p/>
* Round 3 is an optional key confirmation process.
* If you do not execute round 3, then there is no assurance that both participants are using the same key.
* (i.e. if the participants used different passwords, then their session keys will differ.)
* <p/>
* <p/>
* If the round 3 validation succeeds, then the keys are guaranteed to be the same on both sides.
* <p/>
* <p/>
* The symmetric design can easily support the asymmetric cases when one party initiates the communication.
* e.g. Sometimes the round1 payload and round2 payload may be sent in one pass.
* Also, in some cases, the key confirmation payload can be sent together with the round2 payload.
* These are the trivial techniques to optimize the communication.
* <p/>
* <p/>
* The key confirmation process is implemented as specified in
* <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
* Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
* <p/>
* <p/>
* This class is stateful and NOT threadsafe.
* Each instance should only be used for ONE complete J-PAKE exchange
* (i.e. a new {@link JPAKEParticipant} should be constructed for each new J-PAKE exchange).
* <p/>
* <p/>
* See {@link JPAKEExample} for example usage.
*/
public class JPAKEParticipant
{
/*
* Possible internal states. Used for state checking.
*/
public static final int STATE_INITIALIZED = 0;
public static final int STATE_ROUND_1_CREATED = 10;
public static final int STATE_ROUND_1_VALIDATED = 20;
public static final int STATE_ROUND_2_CREATED = 30;
public static final int STATE_ROUND_2_VALIDATED = 40;
public static final int STATE_KEY_CALCULATED = 50;
public static final int STATE_ROUND_3_CREATED = 60;
public static final int STATE_ROUND_3_VALIDATED = 70;
/**
* Unique identifier of this participant.
* The two participants in the exchange must NOT share the same id.
*/
private String participantId;
/**
* Shared secret. This only contains the secret between construction
* and the call to {@link #calculateKeyingMaterial()}.
* <p/>
* i.e. When {@link #calculateKeyingMaterial()} is called, this buffer overwritten with 0's,
* and the field is set to null.
*/
private char[] password;
/**
* Digest to use during calculations.
*/
private Digest digest;
/**
* Source of secure random data.
*/
private SecureRandom random;
private BigInteger p;
private BigInteger q;
private BigInteger g;
/**
* The participantId of the other participant in this exchange.
*/
private String partnerParticipantId;
/**
* Alice's x1 or Bob's x3.
*/
private BigInteger x1;
/**
* Alice's x2 or Bob's x4.
*/
private BigInteger x2;
/**
* Alice's g^x1 or Bob's g^x3.
*/
private BigInteger gx1;
/**
* Alice's g^x2 or Bob's g^x4.
*/
private BigInteger gx2;
/**
* Alice's g^x3 or Bob's g^x1.
*/
private BigInteger gx3;
/**
* Alice's g^x4 or Bob's g^x2.
*/
private BigInteger gx4;
/**
* Alice's B or Bob's A.
*/
private BigInteger b;
/**
* The current state.
* See the <tt>STATE_*</tt> constants for possible values.
*/
private int state;
/**
* Convenience constructor for a new {@link JPAKEParticipant} that uses
* the {@link JPAKEPrimeOrderGroups#NIST_3072} prime order group,
* a SHA-256 digest, and a default {@link SecureRandom} implementation.
* <p/>
* After construction, the {@link #getState() state} will be {@link #STATE_INITIALIZED}.
*
* @param participantId unique identifier of this participant.
* The two participants in the exchange must NOT share the same id.
* @param password shared secret.
* A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
* Caller should clear the input password as soon as possible.
* @throws NullPointerException if any argument is null
* @throws IllegalArgumentException if password is empty
*/
public JPAKEParticipant(
String participantId,
char[] password)
{
this(
participantId,
password,
JPAKEPrimeOrderGroups.NIST_3072);
}
/**
* Convenience constructor for a new {@link JPAKEParticipant} that uses
* a SHA-256 digest and a default {@link SecureRandom} implementation.
* <p/>
* After construction, the {@link #getState() state} will be {@link #STATE_INITIALIZED}.
*
* @param participantId unique identifier of this participant.
* The two participants in the exchange must NOT share the same id.
* @param password shared secret.
* A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
* Caller should clear the input password as soon as possible.
* @param group prime order group.
* See {@link JPAKEPrimeOrderGroups} for standard groups
* @throws NullPointerException if any argument is null
* @throws IllegalArgumentException if password is empty
*/
public JPAKEParticipant(
String participantId,
char[] password,
JPAKEPrimeOrderGroup group)
{
this(
participantId,
password,
group,
new SHA256Digest(),
new SecureRandom());
}
/**
* Construct a new {@link JPAKEParticipant}.
* <p/>
* After construction, the {@link #getState() state} will be {@link #STATE_INITIALIZED}.
*
* @param participantId unique identifier of this participant.
* The two participants in the exchange must NOT share the same id.
* @param password shared secret.
* A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
* Caller should clear the input password as soon as possible.
* @param group prime order group.
* See {@link JPAKEPrimeOrderGroups} for standard groups
* @param digest digest to use during zero knowledge proofs and key confirmation (SHA-256 or stronger preferred)
* @param random source of secure random data for x1 and x2, and for the zero knowledge proofs
* @throws NullPointerException if any argument is null
* @throws IllegalArgumentException if password is empty
*/
public JPAKEParticipant(
String participantId,
char[] password,
JPAKEPrimeOrderGroup group,
Digest digest,
SecureRandom random)
{
JPAKEUtil.validateNotNull(participantId, "participantId");
JPAKEUtil.validateNotNull(password, "password");
JPAKEUtil.validateNotNull(group, "p");
JPAKEUtil.validateNotNull(digest, "digest");
JPAKEUtil.validateNotNull(random, "random");
if (password.length == 0)
{
throw new IllegalArgumentException("Password must not be empty.");
}
this.participantId = participantId;
/*
* Create a defensive copy so as to fully encapsulate the password.
*
* This array will contain the password for the lifetime of this
* participant BEFORE {@link #calculateKeyingMaterial()} is called.
*
* i.e. When {@link #calculateKeyingMaterial()} is called, the array will be cleared
* in order to remove the password from memory.
*
* The caller is responsible for clearing the original password array
* given as input to this constructor.
*/
this.password = Arrays.copyOf(password, password.length);
this.p = group.getP();
this.q = group.getQ();
this.g = group.getG();
this.digest = digest;
this.random = random;
this.state = STATE_INITIALIZED;
}
/**
* Gets the current state of this participant.
* See the <tt>STATE_*</tt> constants for possible values.
*/
public int getState()
{
return this.state;
}
/**
* Creates and returns the payload to send to the other participant during round 1.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_1_CREATED}.
*/
public JPAKERound1Payload createRound1PayloadToSend()
{
if (this.state >= STATE_ROUND_1_CREATED)
{
throw new IllegalStateException("Round1 payload already created for " + participantId);
}
this.x1 = JPAKEUtil.generateX1(q, random);
this.x2 = JPAKEUtil.generateX2(q, random);
this.gx1 = JPAKEUtil.calculateGx(p, g, x1);
this.gx2 = JPAKEUtil.calculateGx(p, g, x2);
BigInteger[] knowledgeProofForX1 = JPAKEUtil.calculateZeroKnowledgeProof(p, q, g, gx1, x1, participantId, digest, random);
BigInteger[] knowledgeProofForX2 = JPAKEUtil.calculateZeroKnowledgeProof(p, q, g, gx2, x2, participantId, digest, random);
this.state = STATE_ROUND_1_CREATED;
return new JPAKERound1Payload(participantId, gx1, gx2, knowledgeProofForX1, knowledgeProofForX2);
}
/**
* Validates the payload received from the other participant during round 1.
* <p/>
* <p/>
* Must be called prior to {@link #createRound2PayloadToSend()}.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_1_VALIDATED}.
*
* @throws CryptoException if validation fails.
* @throws IllegalStateException if called multiple times.
*/
public void validateRound1PayloadReceived(JPAKERound1Payload round1PayloadReceived)
throws CryptoException
{
if (this.state >= STATE_ROUND_1_VALIDATED)
{
throw new IllegalStateException("Validation already attempted for round1 payload for" + participantId);
}
this.partnerParticipantId = round1PayloadReceived.getParticipantId();
this.gx3 = round1PayloadReceived.getGx1();
this.gx4 = round1PayloadReceived.getGx2();
BigInteger[] knowledgeProofForX3 = round1PayloadReceived.getKnowledgeProofForX1();
BigInteger[] knowledgeProofForX4 = round1PayloadReceived.getKnowledgeProofForX2();
JPAKEUtil.validateParticipantIdsDiffer(participantId, round1PayloadReceived.getParticipantId());
JPAKEUtil.validateGx4(gx4);
JPAKEUtil.validateZeroKnowledgeProof(p, q, g, gx3, knowledgeProofForX3, round1PayloadReceived.getParticipantId(), digest);
JPAKEUtil.validateZeroKnowledgeProof(p, q, g, gx4, knowledgeProofForX4, round1PayloadReceived.getParticipantId(), digest);
this.state = STATE_ROUND_1_VALIDATED;
}
/**
* Creates and returns the payload to send to the other participant during round 2.
* <p/>
* <p/>
* {@link #validateRound1PayloadReceived(JPAKERound1Payload)} must be called prior to this method.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_2_CREATED}.
*
* @throws IllegalStateException if called prior to {@link #validateRound1PayloadReceived(JPAKERound1Payload)}, or multiple times
*/
public JPAKERound2Payload createRound2PayloadToSend()
{
if (this.state >= STATE_ROUND_2_CREATED)
{
throw new IllegalStateException("Round2 payload already created for " + this.participantId);
}
if (this.state < STATE_ROUND_1_VALIDATED)
{
throw new IllegalStateException("Round1 payload must be validated prior to creating Round2 payload for " + this.participantId);
}
BigInteger gA = JPAKEUtil.calculateGA(p, gx1, gx3, gx4);
BigInteger s = JPAKEUtil.calculateS(password);
BigInteger x2s = JPAKEUtil.calculateX2s(q, x2, s);
BigInteger A = JPAKEUtil.calculateA(p, q, gA, x2s);
BigInteger[] knowledgeProofForX2s = JPAKEUtil.calculateZeroKnowledgeProof(p, q, gA, A, x2s, participantId, digest, random);
this.state = STATE_ROUND_2_CREATED;
return new JPAKERound2Payload(participantId, A, knowledgeProofForX2s);
}
/**
* Validates the payload received from the other participant during round 2.
* <p/>
* <p/>
* Note that this DOES NOT detect a non-common password.
* The only indication of a non-common password is through derivation
* of different keys (which can be detected explicitly by executing round 3 and round 4)
* <p/>
* <p/>
* Must be called prior to {@link #calculateKeyingMaterial()}.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_2_VALIDATED}.
*
* @throws CryptoException if validation fails.
* @throws IllegalStateException if called prior to {@link #validateRound1PayloadReceived(JPAKERound1Payload)}, or multiple times
*/
public void validateRound2PayloadReceived(JPAKERound2Payload round2PayloadReceived)
throws CryptoException
{
if (this.state >= STATE_ROUND_2_VALIDATED)
{
throw new IllegalStateException("Validation already attempted for round2 payload for" + participantId);
}
if (this.state < STATE_ROUND_1_VALIDATED)
{
throw new IllegalStateException("Round1 payload must be validated prior to validating Round2 payload for " + this.participantId);
}
BigInteger gB = JPAKEUtil.calculateGA(p, gx3, gx1, gx2);
this.b = round2PayloadReceived.getA();
BigInteger[] knowledgeProofForX4s = round2PayloadReceived.getKnowledgeProofForX2s();
JPAKEUtil.validateParticipantIdsDiffer(participantId, round2PayloadReceived.getParticipantId());
JPAKEUtil.validateParticipantIdsEqual(this.partnerParticipantId, round2PayloadReceived.getParticipantId());
JPAKEUtil.validateGa(gB);
JPAKEUtil.validateZeroKnowledgeProof(p, q, gB, b, knowledgeProofForX4s, round2PayloadReceived.getParticipantId(), digest);
this.state = STATE_ROUND_2_VALIDATED;
}
/**
* Calculates and returns the key material.
* A session key must be derived from this key material using a secure key derivation function (KDF).
* The KDF used to derive the key is handled externally (i.e. not by {@link JPAKEParticipant}).
* <p/>
* <p/>
* The keying material will be identical for each participant if and only if
* each participant's password is the same. i.e. If the participants do not
* share the same password, then each participant will derive a different key.
* Therefore, if you immediately start using a key derived from
* the keying material, then you must handle detection of incorrect keys.
* If you want to handle this detection explicitly, you can optionally perform
* rounds 3 and 4. See {@link JPAKEParticipant} for details on how to execute
* rounds 3 and 4.
* <p/>
* <p/>
* The keying material will be in the range <tt>[0, p-1]</tt>.
* <p/>
* <p/>
* {@link #validateRound2PayloadReceived(JPAKERound2Payload)} must be called prior to this method.
* <p/>
* <p/>
* As a side effect, the internal {@link #password} array is cleared, since it is no longer needed.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_KEY_CALCULATED}.
*
* @throws IllegalStateException if called prior to {@link #validateRound2PayloadReceived(JPAKERound2Payload)},
* or if called multiple times.
*/
public BigInteger calculateKeyingMaterial()
{
if (this.state >= STATE_KEY_CALCULATED)
{
throw new IllegalStateException("Key already calculated for " + participantId);
}
if (this.state < STATE_ROUND_2_VALIDATED)
{
throw new IllegalStateException("Round2 payload must be validated prior to creating key for " + participantId);
}
BigInteger s = JPAKEUtil.calculateS(password);
/*
* Clear the password array from memory, since we don't need it anymore.
*
* Also set the field to null as a flag to indicate that the key has already been calculated.
*/
Arrays.fill(password, (char)0);
this.password = null;
BigInteger keyingMaterial = JPAKEUtil.calculateKeyingMaterial(p, q, gx4, x2, s, b);
/*
* Clear the ephemeral private key fields as well.
* Note that we're relying on the garbage collector to do its job to clean these up.
* The old objects will hang around in memory until the garbage collector destroys them.
*
* If the ephemeral private keys x1 and x2 are leaked,
* the attacker might be able to brute-force the password.
*/
this.x1 = null;
this.x2 = null;
this.b = null;
/*
* Do not clear gx* yet, since those are needed by round 3.
*/
this.state = STATE_KEY_CALCULATED;
return keyingMaterial;
}
/**
* Creates and returns the payload to send to the other participant during round 3.
* <p/>
* <p/>
* See {@link JPAKEParticipant} for more details on round 3.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_3_CREATED}.
*
* @param keyingMaterial The keying material as returned from {@link #calculateKeyingMaterial()}.
* @throws IllegalStateException if called prior to {@link #calculateKeyingMaterial()}, or multiple times
*/
public JPAKERound3Payload createRound3PayloadToSend(BigInteger keyingMaterial)
{
if (this.state >= STATE_ROUND_3_CREATED)
{
throw new IllegalStateException("Round3 payload already created for " + this.participantId);
}
if (this.state < STATE_KEY_CALCULATED)
{
throw new IllegalStateException("Keying material must be calculated prior to creating Round3 payload for " + this.participantId);
}
BigInteger macTag = JPAKEUtil.calculateMacTag(
this.participantId,
this.partnerParticipantId,
this.gx1,
this.gx2,
this.gx3,
this.gx4,
keyingMaterial,
this.digest);
this.state = STATE_ROUND_3_CREATED;
return new JPAKERound3Payload(participantId, macTag);
}
/**
* Validates the payload received from the other participant during round 3.
* <p/>
* <p/>
* See {@link JPAKEParticipant} for more details on round 3.
* <p/>
* <p/>
* After execution, the {@link #getState() state} will be {@link #STATE_ROUND_3_VALIDATED}.
*
* @param keyingMaterial The keying material as returned from {@link #calculateKeyingMaterial()}.
* @throws CryptoException if validation fails.
* @throws IllegalStateException if called prior to {@link #calculateKeyingMaterial()}, or multiple times
*/
public void validateRound3PayloadReceived(JPAKERound3Payload round3PayloadReceived, BigInteger keyingMaterial)
throws CryptoException
{
if (this.state >= STATE_ROUND_3_VALIDATED)
{
throw new IllegalStateException("Validation already attempted for round3 payload for" + participantId);
}
if (this.state < STATE_KEY_CALCULATED)
{
throw new IllegalStateException("Keying material must be calculated validated prior to validating Round3 payload for " + this.participantId);
}
JPAKEUtil.validateParticipantIdsDiffer(participantId, round3PayloadReceived.getParticipantId());
JPAKEUtil.validateParticipantIdsEqual(this.partnerParticipantId, round3PayloadReceived.getParticipantId());
JPAKEUtil.validateMacTag(
this.participantId,
this.partnerParticipantId,
this.gx1,
this.gx2,
this.gx3,
this.gx4,
keyingMaterial,
this.digest,
round3PayloadReceived.getMacTag());
/*
* Clear the rest of the fields.
*/
this.gx1 = null;
this.gx2 = null;
this.gx3 = null;
this.gx4 = null;
this.state = STATE_ROUND_3_VALIDATED;
}
}

Some files were not shown because too many files have changed in this diff Show More