Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9883510BA6 for ; Sat, 12 Dec 2015 22:02:12 +0000 (UTC) Received: (qmail 69861 invoked by uid 500); 12 Dec 2015 22:02:12 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 69810 invoked by uid 500); 12 Dec 2015 22:02:12 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 69799 invoked by uid 99); 12 Dec 2015 22:02:12 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Dec 2015 22:02:12 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 4D254E0061; Sat, 12 Dec 2015 22:02:12 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: drankye@apache.org To: commits@directory.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: directory-kerby git commit: DIRKRB-497. Bring back PKI/X509 related tests based on new ASN1 parser in the not-so-commons-ssl module Date: Sat, 12 Dec 2015 22:02:12 +0000 (UTC) Repository: directory-kerby Updated Branches: refs/heads/pkinit-support 3d117415d -> 802b4bca8 DIRKRB-497. Bring back PKI/X509 related tests based on new ASN1 parser in the not-so-commons-ssl module Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/802b4bca Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/802b4bca Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/802b4bca Branch: refs/heads/pkinit-support Commit: 802b4bca86a2e17063cfe03b504da20a15d0659b Parents: 3d11741 Author: Kai Zheng Authored: Sun Dec 13 06:01:45 2015 +0800 Committer: Kai Zheng Committed: Sun Dec 13 06:01:45 2015 +0800 ---------------------------------------------------------------------- .../org/apache/commons/ssl/Asn1PkcsUtil.java | 41 +++++++++----------- .../java/org/apache/commons/ssl/PKCS8Key.java | 8 +++- .../main/java/org/apache/kerby/asn1/Asn1.java | 2 +- .../org/apache/kerby/asn1/Asn1Converter.java | 10 +++-- .../apache/kerby/asn1/type/Asn1Constructed.java | 2 +- 5 files changed, 34 insertions(+), 29 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/802b4bca/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java ---------------------------------------------------------------------- diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java index b2871f9..d4b0464 100644 --- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java +++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java @@ -26,11 +26,8 @@ package org.apache.commons.ssl; import org.apache.kerby.asn1.Asn1; -import org.apache.kerby.asn1.Asn1Converter; -import org.apache.kerby.asn1.parse.Asn1Container; -import org.apache.kerby.asn1.parse.Asn1Item; -import org.apache.kerby.asn1.parse.Asn1ParseResult; import org.apache.kerby.asn1.type.Asn1Collection; +import org.apache.kerby.asn1.type.Asn1Encodeable; import org.apache.kerby.asn1.type.Asn1Integer; import org.apache.kerby.asn1.type.Asn1ObjectIdentifier; import org.apache.kerby.asn1.type.Asn1OctetString; @@ -60,39 +57,39 @@ public class Asn1PkcsUtil { public static Asn1PkcsStructure analyze(byte[] asn1) throws IOException { - Asn1Type parseResult = Asn1.decode(asn1); + Asn1.dump(asn1, true); + Asn1Type aObj = Asn1.decode(asn1); + Asn1.dump(aObj); + Asn1PkcsStructure pkcs8 = new Asn1PkcsStructure(); - if (parseResult instanceof Asn1Collection) { - Asn1PkcsUtil.analyze(((Asn1Collection) parseResult).getContainer(), pkcs8, 0); + if (aObj instanceof Asn1Collection) { + Asn1PkcsUtil.analyze(((Asn1Collection) aObj), pkcs8, 0); } else { - Asn1PkcsUtil.analyze(parseResult, pkcs8, 0); + Asn1PkcsUtil.analyze(aObj, pkcs8, 0); } return pkcs8; } - public static void analyze(Asn1Container asn1Container, Asn1PkcsStructure pkcs8, int depth) { + public static void analyze(Asn1Collection asn1Coll, + Asn1PkcsStructure pkcs8, int depth) { if (depth >= 2) { pkcs8.derIntegers = null; } - List items = asn1Container.getChildren(); - for (Asn1ParseResult item : items) { - if (item instanceof Asn1Container) { - analyze((Asn1Container) item, pkcs8, depth + 1); - } else if (item instanceof Asn1Item) { - Asn1Type type = null; - try { - type = Asn1Converter.convert(item); - } catch (IOException e) { - e.printStackTrace(); - } - analyze(type, pkcs8, depth); + List items = asn1Coll.getValue(); + for (Asn1Type item : items) { + Asn1Encodeable aObj = (Asn1Encodeable) item; + if (!aObj.isCollection()) { + analyze(item, pkcs8, depth); + } else { + analyze((Asn1Collection) aObj, pkcs8, depth + 1); } } } - public static void analyze(Asn1Type obj, Asn1PkcsStructure pkcs8, int depth) { + public static void analyze(Asn1Type obj, + Asn1PkcsStructure pkcs8, int depth) { String tag = null; if (depth >= 2) { http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/802b4bca/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java ---------------------------------------------------------------------- diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java index 7bbf3c3..5469528 100644 --- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java +++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java @@ -440,7 +440,13 @@ public class PKCS8Key { } else { // DES, DESede, AES, BlowFish require IVParams (when in CBC, CFB, // or OFB mode). (In ECB mode they don't require IVParams). - c.init(cipherMode, secret, ivParams); + try { + c.init(cipherMode, secret, ivParams); + } catch (InvalidKeyException e) { + // TO BE FIXED: + // Handling for larger key size beyond the JRE supported strength limit. + throw e; + } } return c; } http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/802b4bca/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1.java ---------------------------------------------------------------------- diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1.java index 80bf9db..cf911de 100644 --- a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1.java +++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1.java @@ -51,7 +51,7 @@ public final class Asn1 { public static Asn1Type decode(ByteBuffer content) throws IOException { Asn1ParseResult parseResult = Asn1Parser.parse(content); - return Asn1Converter.convert(parseResult); + return Asn1Converter.convert(parseResult, false); } public static Asn1ParseResult parse(byte[] content) throws IOException { http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/802b4bca/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Converter.java ---------------------------------------------------------------------- diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Converter.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Converter.java index 8f79b28..072784b 100644 --- a/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Converter.java +++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/Asn1Converter.java @@ -38,11 +38,12 @@ public final class Asn1Converter { } - public static Asn1Type convert(Asn1ParseResult parseResult) throws IOException { + public static Asn1Type convert(Asn1ParseResult parseResult, + boolean isLazy) throws IOException { if (Asn1Simple.isSimple(parseResult.tag())) { return Asn1Converter.convertAsSimple(parseResult); } else if (Asn1Collection.isCollection(parseResult.tag())) { - return Asn1Converter.convertAsCollection(parseResult); + return Asn1Converter.convertAsCollection(parseResult, isLazy); } else if (!parseResult.tag().isPrimitive()) { Asn1Encodeable tmpValue = new Asn1Constructed(parseResult.tag()); tmpValue.decode(parseResult); @@ -63,10 +64,11 @@ public final class Asn1Converter { return value; } - public static Asn1Type convertAsCollection(Asn1ParseResult parseResult) throws IOException { + public static Asn1Type convertAsCollection(Asn1ParseResult parseResult, + boolean isLazy) throws IOException { Asn1Collection value = Asn1Collection.createCollection(parseResult.tag()); value.useDefinitiveLength(parseResult.isDefinitiveLength()); - value.setLazy(true); + value.setLazy(isLazy); Asn1Binder.bind(parseResult, value); return value; } http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/802b4bca/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Constructed.java ---------------------------------------------------------------------- diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Constructed.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Constructed.java index 65c10f3..67e9514 100644 --- a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Constructed.java +++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Constructed.java @@ -106,7 +106,7 @@ public class Asn1Constructed continue; } - Asn1Type tmpValue = Asn1Converter.convert(parsingItem); + Asn1Type tmpValue = Asn1Converter.convert(parsingItem, lazy); addItem(tmpValue); } }