directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Li, Jiajia" <jiajia...@intel.com>
Subject RE: directory-kerby git commit: DIRKRB-496. Fully decoding the test signed data
Date Mon, 14 Dec 2015 01:29:44 GMT
It's great news for implementing the PKINIT feature.

Thanks
Jiajia

-----Original Message-----
From: Zheng, Kai 
Sent: Saturday, December 12, 2015 10:34 AM
To: Li, Jiajia; kerby@directory.apache.org
Subject: FW: directory-kerby git commit: DIRKRB-496. Fully decoding the test signed data

Hi Jiajia, and all

In my recent commits I have fixed various issues exposed by our newly added tests. Now the
complicated CMS SignedData can be fully recursively decoded, which may mean we're now able
to process the PKINIT request and response messages from MIT Kerberos now. I thought we're
approaching very near to the PKINIT feature. From now on I'll move on and work on the PKINIT
branch, hopefully we can merge the branch back to master soon.

Regards,
Kai

-----Original Message-----
From: drankye@apache.org [mailto:drankye@apache.org] 
Sent: Saturday, December 12, 2015 10:22 AM
To: commits@directory.apache.org
Subject: directory-kerby git commit: DIRKRB-496. Fully decoding the test signed data

Repository: directory-kerby
Updated Branches:
  refs/heads/master 47c420cab -> 56f1cee7a


DIRKRB-496. Fully decoding the test signed data


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/56f1cee7
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/56f1cee7
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/56f1cee7

Branch: refs/heads/master
Commit: 56f1cee7ab2d916b3a8dc8ca405d919ac2043790
Parents: 47c420c
Author: Kai Zheng <kai.zheng@intel.com>
Authored: Sat Dec 12 10:21:48 2015 +0800
Committer: Kai Zheng <kai.zheng@intel.com>
Committed: Sat Dec 12 10:21:48 2015 +0800

----------------------------------------------------------------------
 .../kerby/asn1/type/Asn1CollectionOf.java       |  3 +-
 .../kerby/asn1/type/Asn1CollectionType.java     | 47 ++++++----
 .../org/apache/kerby/cms/type/Attribute.java    |  2 +-
 .../apache/kerby/cms/type/CertificateList.java  | 91 --------------------
 .../kerby/cms/type/RevocationInfoChoice.java    |  2 +
 .../kerby/x500/type/AttributeTypeAndValue.java  |  4 +-
 .../org/apache/kerby/x509/type/Attribute.java   |  3 +
 .../apache/kerby/x509/type/AttributeValues.java | 15 +++-
 .../org/apache/kerby/cms/TestSignedData.java    | 14 ++-
 9 files changed, 59 insertions(+), 122 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
index 4e0d7a0..5c9d3a2 100644
--- a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionOf.java
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection
+++ Of.java
@@ -81,7 +81,8 @@ public abstract class Asn1CollectionOf<T extends Asn1Type>
             T result = (T) eleType.newInstance();
             return result;
         } catch (Exception e) {
-            throw new IOException("Failed to create element type", e);
+            throw new IOException("Failed to create element type, "
+                + "no default constructor? " + eleType.getName(), e);
         }
     }
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
----------------------------------------------------------------------
diff --git a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
index ae9322e..dab2e48 100644
--- a/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1CollectionType.java
+++ b/kerby-asn1/src/main/java/org/apache/kerby/asn1/type/Asn1Collection
+++ Type.java
@@ -55,7 +55,7 @@ public abstract class Asn1CollectionType
     protected int encodingBodyLength() {
         int allLen = 0;
         for (int i = 0; i < fields.length; ++i) {
-            AbstractAsn1Type<?> field = (AbstractAsn1Type<?>) fields[i];
+            Asn1Encodeable field = (Asn1Encodeable) fields[i];
             if (field != null) {
                 if (fieldInfos[i].isTagged()) {
                     TaggingOption taggingOption = @@ -105,18 +105,25 @@ public abstract class
Asn1CollectionType
             }
             lastPos = foundPos;
 
-            Asn1Type fieldValue = fields[foundPos];
-            if (fieldValue instanceof Asn1Any) {
-                Asn1Any any = (Asn1Any) fieldValue;
-                any.setFieldInfo(fieldInfos[foundPos]);
-                Asn1Binder.bind(parseItem, any);
+            attemptBinding(parseItem, foundPos);
+        }
+    }
+
+    private void attemptBinding(Asn1ParseResult parseItem,
+                                int foundPos) throws IOException {
+        Asn1Type fieldValue = fields[foundPos];
+        Asn1FieldInfo fieldInfo = fieldInfos[foundPos];
+
+        if (fieldValue instanceof Asn1Any) {
+            Asn1Any any = (Asn1Any) fieldValue;
+            any.setFieldInfo(fieldInfo);
+            Asn1Binder.bind(parseItem, any);
+        } else {
+            if (parseItem.isContextSpecific()) {
+                Asn1Binder.bindWithTagging(parseItem, fieldValue,
+                    fieldInfo.getTaggingOption());
             } else {
-                if (parseItem.isContextSpecific()) {
-                    Asn1Binder.bindWithTagging(parseItem, fieldValue,
-                            fieldInfos[foundPos].getTaggingOption());
-                } else {
-                    Asn1Binder.bind(parseItem, fieldValue);
-                }
+                Asn1Binder.bind(parseItem, fieldValue);
             }
         }
     }
@@ -124,21 +131,27 @@ public abstract class Asn1CollectionType
     private int match(int lastPos, Asn1ParseResult parseItem) {
         int foundPos = -1;
         for (int i = lastPos + 1; i < fieldInfos.length; ++i) {
-            if (parseItem.isContextSpecific()) {
-                if (fieldInfos[i].getTagNo() == parseItem.tagNo()) {
+            Asn1Type fieldValue = fields[i];
+            Asn1FieldInfo fieldInfo = fieldInfos[i];
+
+            if (fieldInfo.isTagged()) {
+                if (!parseItem.isContextSpecific()) {
+                    continue;
+                }
+                if (fieldInfo.getTagNo() == parseItem.tagNo()) {
                     foundPos = i;
                     break;
                 }
-            } else if (fields[i].tag().equals(parseItem.tag())) {
+            } else if (fieldValue.tag().equals(parseItem.tag())) {
                 foundPos = i;
                 break;
-            } else if (fields[i] instanceof Asn1Choice) {
+            } else if (fieldValue instanceof Asn1Choice) {
                 Asn1Choice aChoice = (Asn1Choice) fields[i];
                 if (aChoice.matchAndSetValue(parseItem.tag())) {
                     foundPos = i;
                     break;
                 }
-            } else if (fields[i] instanceof Asn1Any) {
+            } else if (fieldValue instanceof Asn1Any) {
                 foundPos = i;
                 break;
             }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/cms/type/Attribute.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/Attribute.java b/kerby-pkix/src/main/java/org/apache/kerby/cms/type/Attribute.java
index e91cf9e..f9a4615 100644
--- a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/Attribute.java
+++ b/kerby-pkix/src/main/java/org/apache/kerby/cms/type/Attribute.java
@@ -33,7 +33,7 @@ import static org.apache.kerby.cms.type.Attribute.MyEnum.*;
  *     attrType OBJECT IDENTIFIER,
  *     attrValues SET OF AttributeValue
  * }
- * 
+ *
  * AttributeValue ::= ANY
  * </pre>
  */

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/cms/type/CertificateList.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/CertificateList.java b/kerby-pkix/src/main/java/org/apache/kerby/cms/type/CertificateList.java
deleted file mode 100644
index e528451..0000000
--- a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/CertificateList.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- *  Licensed to the Apache Software Foundation (ASF) under one
- *  or more contributor license agreements.  See the NOTICE file
- *  distributed with this work for additional information
- *  regarding copyright ownership.  The ASF licenses this file
- *  to you under the Apache License, Version 2.0 (the
- *  "License"); you may not use this file except in compliance
- *  with the License.  You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing,
- *  software distributed under the License is distributed on an
- *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *  KIND, either express or implied.  See the License for the
- *  specific language governing permissions and limitations
- *  under the License.
- *
- */
-package org.apache.kerby.cms.type;
-
-import org.apache.kerby.asn1.EnumType;
-import org.apache.kerby.asn1.type.Asn1BitString;
-import org.apache.kerby.asn1.Asn1FieldInfo;
-import org.apache.kerby.asn1.type.Asn1SequenceType;
-import org.apache.kerby.x509.type.AlgorithmIdentifier;
-import org.apache.kerby.x509.type.TBSCertList;
-import static org.apache.kerby.cms.type.CertificateList.MyEnum.*;
-
-/**
- * Ref. RFC-2459
- *
- * <pre>
- * CertificateList  ::=  SEQUENCE  {
- *      tbsCertList          TBSCertList,
- *      signatureAlgorithm   AlgorithmIdentifier,
- *      signatureValue       BIT STRING
- * }
- * </pre>
- */
-public class CertificateList extends Asn1SequenceType {
-    protected enum MyEnum implements EnumType {
-        TBS_CERT_LIST,
-        SIGNATURE_ALGORITHMS,
-        SIGNATURE_VALUE;
-
-        @Override
-        public int getValue() {
-            return ordinal();
-        }
-
-        @Override
-        public String getName() {
-            return name();
-        }
-    }
-
-    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
-            new Asn1FieldInfo(TBS_CERT_LIST, TBSCertList.class),
-            new Asn1FieldInfo(SIGNATURE_ALGORITHMS, AlgorithmIdentifier.class),
-            new Asn1FieldInfo(SIGNATURE_VALUE, Asn1BitString.class)
-    };
-
-    public CertificateList() {
-        super(fieldInfos);
-    }
-
-    public TBSCertList getTBSCertList() {
-        return getFieldAs(TBS_CERT_LIST, TBSCertList.class);
-    }
-
-    public void setTBSCertList(TBSCertList tbsCertList) {
-        setFieldAs(TBS_CERT_LIST, tbsCertList);
-    }
-
-    public AlgorithmIdentifier getSignatureAlgorithm() {
-        return getFieldAs(SIGNATURE_ALGORITHMS, AlgorithmIdentifier.class);
-    }
-
-    public void setSignatureAlgorithms(AlgorithmIdentifier signatureAlgorithms) {
-        setFieldAs(SIGNATURE_ALGORITHMS, signatureAlgorithms);
-    }
-
-    public Asn1BitString getSignature() {
-        return getFieldAs(SIGNATURE_VALUE, Asn1BitString.class);
-    }
-
-    public void setSignatureValue(Asn1BitString signatureValue) {
-        setFieldAs(SIGNATURE_VALUE, signatureValue);
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/cms/type/RevocationInfoChoice.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/RevocationInfoChoice.java
b/kerby-pkix/src/main/java/org/apache/kerby/cms/type/RevocationInfoChoice.java
index 9e64470..57be933 100644
--- a/kerby-pkix/src/main/java/org/apache/kerby/cms/type/RevocationInfoChoice.java
+++ b/kerby-pkix/src/main/java/org/apache/kerby/cms/type/RevocationInfoC
+++ hoice.java
@@ -23,6 +23,8 @@ import org.apache.kerby.asn1.EnumType;  import org.apache.kerby.asn1.type.Asn1Choice;
 import org.apache.kerby.asn1.Asn1FieldInfo;
 import org.apache.kerby.asn1.ImplicitField;
+import org.apache.kerby.x509.type.CertificateList;
+
 import static org.apache.kerby.cms.type.RevocationInfoChoice.MyEnum.*;
 
 /**

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/x500/type/AttributeTypeAndValue.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x500/type/AttributeTypeAndValue.java
b/kerby-pkix/src/main/java/org/apache/kerby/x500/type/AttributeTypeAndValue.java
index bb2ab11..2da8077 100644
--- a/kerby-pkix/src/main/java/org/apache/kerby/x500/type/AttributeTypeAndValue.java
+++ b/kerby-pkix/src/main/java/org/apache/kerby/x500/type/AttributeTypeA
+++ ndValue.java
@@ -50,8 +50,8 @@ public class AttributeTypeAndValue extends Asn1SequenceType {
     }
 
     static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[]{
-            new Asn1FieldInfo(TYPE, Asn1ObjectIdentifier.class, true),
-            new Asn1FieldInfo(VALUE, Asn1Any.class, true)
+            new Asn1FieldInfo(TYPE, -1, Asn1ObjectIdentifier.class, true),
+            new Asn1FieldInfo(VALUE, -1, Asn1Any.class, true)
     };
 
     public AttributeTypeAndValue() {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/x509/type/Attribute.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/Attribute.java b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/Attribute.java
index f9878cd..772468b 100644
--- a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/Attribute.java
+++ b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/Attribute.java
@@ -31,6 +31,9 @@ import static org.apache.kerby.x509.type.Attribute.MyEnum.*;
  *     attrType OBJECT IDENTIFIER,
  *     attrValues SET OF AttributeValue
  * }
+ *
+ * AttributeValue ::= ANY
+ *
  * </pre>
  */
 public class Attribute extends Asn1SequenceType {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AttributeValues.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AttributeValues.java b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AttributeValues.java
index f407856..027ade3 100644
--- a/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AttributeValues.java
+++ b/kerby-pkix/src/main/java/org/apache/kerby/x509/type/AttributeValue
+++ s.java
@@ -19,9 +19,20 @@
  */
 package org.apache.kerby.x509.type;
 
+import org.apache.kerby.asn1.type.Asn1Any;
 import org.apache.kerby.asn1.type.Asn1SetOf;
-import org.apache.kerby.asn1.type.Asn1Type;
 
-public class AttributeValues extends Asn1SetOf<Asn1Type> {
+/**
+ * Ref. RFC 5652
+ * <pre>
+ * Attribute ::= SEQUENCE {
+ *     attrType OBJECT IDENTIFIER,
+ *     attrValues SET OF AttributeValue
+ * }
+ *
+ * AttributeValue ::= ANY
+ * </pre>
+ */
+public class AttributeValues extends Asn1SetOf<Asn1Any> {
 
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f1cee7/kerby-pkix/src/test/java/org/apache/kerby/cms/TestSignedData.java
----------------------------------------------------------------------
diff --git a/kerby-pkix/src/test/java/org/apache/kerby/cms/TestSignedData.java b/kerby-pkix/src/test/java/org/apache/kerby/cms/TestSignedData.java
index 900dab8..a169421 100644
--- a/kerby-pkix/src/test/java/org/apache/kerby/cms/TestSignedData.java
+++ b/kerby-pkix/src/test/java/org/apache/kerby/cms/TestSignedData.java
@@ -41,14 +41,13 @@ public class TestSignedData extends CmsTestBase {
             contentInfo.decode(data);
             Asn1.dump(contentInfo);
 
-            /** TO BE FIXED AFTER choice supported
             SignedData signedData =
                 contentInfo.getContentAs(SignedData.class);
             Asn1.dump(signedData);
 
-            byte[] encodedData = contentInfo.encode();
-            Asn1.dump(encodedData, true);
-             */
+            //TO BE FIXED
+            //byte[] encodedData = contentInfo.encode();
+            //Asn1.dump(encodedData, true);
         } catch (Exception e) {
             e.printStackTrace();
             Assert.fail();
@@ -87,10 +86,9 @@ public class TestSignedData extends CmsTestBase {
             ContentInfo contentInfo = new ContentInfo();
             contentInfo.decode(data);
             Asn1.dump(contentInfo);
-/** Failed in DigestAlgorithmIdentifiers*/
-//            SignedData signedData =
-//                    contentInfo.getContentAs(SignedData.class);
-//            Asn1.dump(signedData);
+            SignedData signedData =
+                    contentInfo.getContentAs(SignedData.class);
+            Asn1.dump(signedData);
         } catch (Exception e) {
             e.printStackTrace();
             Assert.fail();


Mime
View raw message