Return-Path: Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: (qmail 20961 invoked from network); 1 Feb 2008 19:06:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 1 Feb 2008 19:06:12 -0000 Received: (qmail 90340 invoked by uid 500); 1 Feb 2008 19:06:02 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 90296 invoked by uid 500); 1 Feb 2008 19:06:02 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 90208 invoked by uid 99); 1 Feb 2008 19:06:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Feb 2008 11:06:02 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Feb 2008 19:05:50 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CEC081A985B; Fri, 1 Feb 2008 11:05:19 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r617610 [9/13] - in /geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto: ./ asn1/ asn1/cryptopro/ asn1/misc/ asn1/oiw/ asn1/pkcs/ asn1/sec/ asn1/util/ asn1/x509/ asn1/x9/ crypto/ crypto/digests/... Date: Fri, 01 Feb 2008 19:02:36 -0000 To: scm@geronimo.apache.org From: kevan@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20080201190519.CEC081A985B@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java?rev=617610&view=auto ============================================================================== --- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java (added) +++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java Fri Feb 1 11:01:39 2008 @@ -0,0 +1,401 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geronimo.crypto.asn1.x509; + +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Vector; + +import org.apache.geronimo.crypto.asn1.ASN1Encodable; +import org.apache.geronimo.crypto.asn1.ASN1EncodableVector; +import org.apache.geronimo.crypto.asn1.ASN1OctetString; +import org.apache.geronimo.crypto.asn1.ASN1Sequence; +import org.apache.geronimo.crypto.asn1.ASN1TaggedObject; +import org.apache.geronimo.crypto.asn1.DERBoolean; +import org.apache.geronimo.crypto.asn1.DERObject; +import org.apache.geronimo.crypto.asn1.DERObjectIdentifier; +import org.apache.geronimo.crypto.asn1.DERSequence; + +public class X509Extensions + extends ASN1Encodable +{ + /** + * Subject Directory Attributes + */ + public static final DERObjectIdentifier SubjectDirectoryAttributes = new DERObjectIdentifier("2.5.29.9"); + + /** + * Subject Key Identifier + */ + public static final DERObjectIdentifier SubjectKeyIdentifier = new DERObjectIdentifier("2.5.29.14"); + + /** + * Key Usage + */ + public static final DERObjectIdentifier KeyUsage = new DERObjectIdentifier("2.5.29.15"); + + /** + * Private Key Usage Period + */ + public static final DERObjectIdentifier PrivateKeyUsagePeriod = new DERObjectIdentifier("2.5.29.16"); + + /** + * Subject Alternative Name + */ + public static final DERObjectIdentifier SubjectAlternativeName = new DERObjectIdentifier("2.5.29.17"); + + /** + * Issuer Alternative Name + */ + public static final DERObjectIdentifier IssuerAlternativeName = new DERObjectIdentifier("2.5.29.18"); + + /** + * Basic Constraints + */ + public static final DERObjectIdentifier BasicConstraints = new DERObjectIdentifier("2.5.29.19"); + + /** + * CRL Number + */ + public static final DERObjectIdentifier CRLNumber = new DERObjectIdentifier("2.5.29.20"); + + /** + * Reason code + */ + public static final DERObjectIdentifier ReasonCode = new DERObjectIdentifier("2.5.29.21"); + + /** + * Hold Instruction Code + */ + public static final DERObjectIdentifier InstructionCode = new DERObjectIdentifier("2.5.29.23"); + + /** + * Invalidity Date + */ + public static final DERObjectIdentifier InvalidityDate = new DERObjectIdentifier("2.5.29.24"); + + /** + * Delta CRL indicator + */ + public static final DERObjectIdentifier DeltaCRLIndicator = new DERObjectIdentifier("2.5.29.27"); + + /** + * Issuing Distribution Point + */ + public static final DERObjectIdentifier IssuingDistributionPoint = new DERObjectIdentifier("2.5.29.28"); + + /** + * Certificate Issuer + */ + public static final DERObjectIdentifier CertificateIssuer = new DERObjectIdentifier("2.5.29.29"); + + /** + * Name Constraints + */ + public static final DERObjectIdentifier NameConstraints = new DERObjectIdentifier("2.5.29.30"); + + /** + * CRL Distribution Points + */ + public static final DERObjectIdentifier CRLDistributionPoints = new DERObjectIdentifier("2.5.29.31"); + + /** + * Certificate Policies + */ + public static final DERObjectIdentifier CertificatePolicies = new DERObjectIdentifier("2.5.29.32"); + + /** + * Policy Mappings + */ + public static final DERObjectIdentifier PolicyMappings = new DERObjectIdentifier("2.5.29.33"); + + /** + * Authority Key Identifier + */ + public static final DERObjectIdentifier AuthorityKeyIdentifier = new DERObjectIdentifier("2.5.29.35"); + + /** + * Policy Constraints + */ + public static final DERObjectIdentifier PolicyConstraints = new DERObjectIdentifier("2.5.29.36"); + + /** + * Extended Key Usage + */ + public static final DERObjectIdentifier ExtendedKeyUsage = new DERObjectIdentifier("2.5.29.37"); + + /** + * Freshest CRL + */ + public static final DERObjectIdentifier FreshestCRL = new DERObjectIdentifier("2.5.29.46"); + + /** + * Inhibit Any Policy + */ + public static final DERObjectIdentifier InhibitAnyPolicy = new DERObjectIdentifier("2.5.29.54"); + + /** + * Authority Info Access + */ + public static final DERObjectIdentifier AuthorityInfoAccess= new DERObjectIdentifier("1.3.6.1.5.5.7.1.1"); + + /** + * Subject Info Access + */ + public static final DERObjectIdentifier SubjectInfoAccess= new DERObjectIdentifier("1.3.6.1.5.5.7.1.11"); + + private Hashtable extensions = new Hashtable(); + private Vector ordering = new Vector(); + + public static X509Extensions getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + return getInstance(ASN1Sequence.getInstance(obj, explicit)); + } + + public static X509Extensions getInstance( + Object obj) + { + if (obj == null || obj instanceof X509Extensions) + { + return (X509Extensions)obj; + } + + if (obj instanceof ASN1Sequence) + { + return new X509Extensions((ASN1Sequence)obj); + } + + if (obj instanceof ASN1TaggedObject) + { + return getInstance(((ASN1TaggedObject)obj).getObject()); + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * Constructor from ASN1Sequence. + * + * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) + */ + public X509Extensions( + ASN1Sequence seq) + { + Enumeration e = seq.getObjects(); + + while (e.hasMoreElements()) + { + ASN1Sequence s = (ASN1Sequence)e.nextElement(); + + if (s.size() == 3) + { + extensions.put(s.getObjectAt(0), new X509Extension((DERBoolean)s.getObjectAt(1), (ASN1OctetString)s.getObjectAt(2))); + } + else + { + extensions.put(s.getObjectAt(0), new X509Extension(false, (ASN1OctetString)s.getObjectAt(1))); + } + + ordering.addElement(s.getObjectAt(0)); + } + } + + /** + * constructor from a table of extensions. + *

+ * it's is assumed the table contains OID/String pairs. + */ + public X509Extensions( + Hashtable extensions) + { + this(null, extensions); + } + + /** + * Constructor from a table of extensions with ordering. + *

+ * It's is assumed the table contains OID/String pairs. + */ + public X509Extensions( + Vector ordering, + Hashtable extensions) + { + Enumeration e; + + if (ordering == null) + { + e = extensions.keys(); + } + else + { + e = ordering.elements(); + } + + while (e.hasMoreElements()) + { + this.ordering.addElement(e.nextElement()); + } + + e = this.ordering.elements(); + + while (e.hasMoreElements()) + { + DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); + X509Extension ext = (X509Extension)extensions.get(oid); + + this.extensions.put(oid, ext); + } + } + + /** + * Constructor from two vectors + * + * @param objectIDs a vector of the object identifiers. + * @param values a vector of the extension values. + */ + public X509Extensions( + Vector objectIDs, + Vector values) + { + Enumeration e = objectIDs.elements(); + + while (e.hasMoreElements()) + { + this.ordering.addElement(e.nextElement()); + } + + int count = 0; + + e = this.ordering.elements(); + + while (e.hasMoreElements()) + { + DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); + X509Extension ext = (X509Extension)values.elementAt(count); + + this.extensions.put(oid, ext); + count++; + } + } + + /** + * return an Enumeration of the extension field's object ids. + */ + public Enumeration oids() + { + return ordering.elements(); + } + + /** + * return the extension represented by the object identifier + * passed in. + * + * @return the extension if it's present, null otherwise. + */ + public X509Extension getExtension( + DERObjectIdentifier oid) + { + return (X509Extension)extensions.get(oid); + } + + /** + * 

+     *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
+     *
+     *     Extension         ::=   SEQUENCE {
+     *        extnId            EXTENSION.&id ({ExtensionSet}),
+     *        critical          BOOLEAN DEFAULT FALSE,
+     *        extnValue         OCTET STRING }
+     *
+ */ + public DERObject toASN1Object() + { + ASN1EncodableVector vec = new ASN1EncodableVector(); + Enumeration e = ordering.elements(); + + while (e.hasMoreElements()) + { + DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); + X509Extension ext = (X509Extension)extensions.get(oid); + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(oid); + + if (ext.isCritical()) + { + v.add(new DERBoolean(true)); + } + + v.add(ext.getValue()); + + vec.add(new DERSequence(v)); + } + + return new DERSequence(vec); + } + + public int hashCode() + { + Enumeration e = extensions.keys(); + int hashCode = 0; + + while (e.hasMoreElements()) + { + Object o = e.nextElement(); + + hashCode ^= o.hashCode(); + hashCode ^= extensions.get(o).hashCode(); + } + + return hashCode; + } + + public boolean equals( + Object o) + { + if (o == null || !(o instanceof X509Extensions)) + { + return false; + } + + X509Extensions other = (X509Extensions)o; + + Enumeration e1 = extensions.keys(); + Enumeration e2 = other.extensions.keys(); + + while (e1.hasMoreElements() && e2.hasMoreElements()) + { + Object o1 = e1.nextElement(); + Object o2 = e2.nextElement(); + + if (!o1.equals(o2)) + { + return false; + } + } + + if (e1.hasMoreElements() || e2.hasMoreElements()) + { + return false; + } + + return true; + } +} Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java ------------------------------------------------------------------------------ svn:keywords = Date Revision Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Extensions.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java?rev=617610&view=auto ============================================================================== --- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java (added) +++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java Fri Feb 1 11:01:39 2008 @@ -0,0 +1,988 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geronimo.crypto.asn1.x509; + +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Vector; + +import org.apache.geronimo.crypto.asn1.*; +import org.apache.geronimo.crypto.asn1.pkcs.PKCSObjectIdentifiers; + +/** + * 
+ *     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ *     RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
+ *
+ *     AttributeTypeAndValue ::= SEQUENCE {
+ *                                   type  OBJECT IDENTIFIER,
+ *                                   value ANY }
+ *
+ */ +public class X509Name + extends ASN1Encodable +{ + /** + * country code - StringType(SIZE(2)) + */ + public static final DERObjectIdentifier C = new DERObjectIdentifier("2.5.4.6"); + + /** + * organization - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier O = new DERObjectIdentifier("2.5.4.10"); + + /** + * organizational unit name - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier OU = new DERObjectIdentifier("2.5.4.11"); + + /** + * Title + */ + public static final DERObjectIdentifier T = new DERObjectIdentifier("2.5.4.12"); + + /** + * common name - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier CN = new DERObjectIdentifier("2.5.4.3"); + + /** + * device serial number name - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier SN = new DERObjectIdentifier("2.5.4.5"); + + /** + * locality name - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier L = new DERObjectIdentifier("2.5.4.7"); + + /** + * state, or province name - StringType(SIZE(1..64)) + */ + public static final DERObjectIdentifier ST = new DERObjectIdentifier("2.5.4.8"); + + /** + * Naming attributes of type X520name + */ + public static final DERObjectIdentifier SURNAME = new DERObjectIdentifier("2.5.4.4"); + public static final DERObjectIdentifier GIVENNAME = new DERObjectIdentifier("2.5.4.42"); + public static final DERObjectIdentifier INITIALS = new DERObjectIdentifier("2.5.4.43"); + public static final DERObjectIdentifier GENERATION = new DERObjectIdentifier("2.5.4.44"); + public static final DERObjectIdentifier UNIQUE_IDENTIFIER = new DERObjectIdentifier("2.5.4.45"); + + /** + * Email address (RSA PKCS#9 extension) - IA5String. + *

Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here. + */ + public static final DERObjectIdentifier EmailAddress = PKCSObjectIdentifiers.pkcs_9_at_emailAddress; + + /** + * more from PKCS#9 + */ + public static final DERObjectIdentifier UnstructuredName = PKCSObjectIdentifiers.pkcs_9_at_unstructuredName; + public static final DERObjectIdentifier UnstructuredAddress = PKCSObjectIdentifiers.pkcs_9_at_unstructuredAddress; + + /** + * email address in Verisign certificates + */ + public static final DERObjectIdentifier E = EmailAddress; + + /* + * others... + */ + public static final DERObjectIdentifier DC = new DERObjectIdentifier("0.9.2342.19200300.100.1.25"); + + /** + * LDAP User id. + */ + public static final DERObjectIdentifier UID = new DERObjectIdentifier("0.9.2342.19200300.100.1.1"); + + /** + * look up table translating OID values into their common symbols - this static is scheduled for deletion + */ + public static Hashtable OIDLookUp = new Hashtable(); + + /** + * determines whether or not strings should be processed and printed + * from back to front. + */ + public static boolean DefaultReverse = false; + + /** + * default look up table translating OID values into their common symbols following + * the convention in RFC 2253 with a few extras + */ + public static Hashtable DefaultSymbols = OIDLookUp; + + /** + * look up table translating OID values into their common symbols following the convention in RFC 2253 + * with a few extras + */ + public static Hashtable RFC2253Symbols = new Hashtable(); + + /** + * look up table translating string values into their OIDS - + * this static is scheduled for deletion + */ + public static Hashtable SymbolLookUp = new Hashtable(); + + /** + * look up table translating common symbols into their OIDS. + */ + public static Hashtable DefaultLookUp = SymbolLookUp; + + static + { + DefaultSymbols.put(C, "C"); + DefaultSymbols.put(O, "O"); + DefaultSymbols.put(T, "T"); + DefaultSymbols.put(OU, "OU"); + DefaultSymbols.put(CN, "CN"); + DefaultSymbols.put(L, "L"); + DefaultSymbols.put(ST, "ST"); + DefaultSymbols.put(SN, "SN"); + DefaultSymbols.put(EmailAddress, "E"); + DefaultSymbols.put(DC, "DC"); + DefaultSymbols.put(UID, "UID"); + DefaultSymbols.put(SURNAME, "SURNAME"); + DefaultSymbols.put(GIVENNAME, "GIVENNAME"); + DefaultSymbols.put(INITIALS, "INITIALS"); + DefaultSymbols.put(GENERATION, "GENERATION"); + DefaultSymbols.put(UnstructuredAddress, "unstructuredAddress"); + DefaultSymbols.put(UnstructuredName, "unstructuredName"); + + RFC2253Symbols.put(C, "C"); + RFC2253Symbols.put(O, "O"); + RFC2253Symbols.put(T, "T"); + RFC2253Symbols.put(OU, "OU"); + RFC2253Symbols.put(CN, "CN"); + RFC2253Symbols.put(L, "L"); + RFC2253Symbols.put(ST, "ST"); + RFC2253Symbols.put(SN, "SN"); + RFC2253Symbols.put(EmailAddress, "EMAILADDRESS"); + RFC2253Symbols.put(DC, "DC"); + RFC2253Symbols.put(UID, "UID"); + RFC2253Symbols.put(SURNAME, "SURNAME"); + RFC2253Symbols.put(GIVENNAME, "GIVENNAME"); + RFC2253Symbols.put(INITIALS, "INITIALS"); + RFC2253Symbols.put(GENERATION, "GENERATION"); + + DefaultLookUp.put("c", C); + DefaultLookUp.put("o", O); + DefaultLookUp.put("t", T); + DefaultLookUp.put("ou", OU); + DefaultLookUp.put("cn", CN); + DefaultLookUp.put("l", L); + DefaultLookUp.put("st", ST); + DefaultLookUp.put("sn", SN); + DefaultLookUp.put("emailaddress", E); + DefaultLookUp.put("dc", DC); + DefaultLookUp.put("e", E); + DefaultLookUp.put("uid", UID); + DefaultLookUp.put("surname", SURNAME); + DefaultLookUp.put("givenname", GIVENNAME); + DefaultLookUp.put("initials", INITIALS); + DefaultLookUp.put("generation", GENERATION); + DefaultLookUp.put("unstructuredaddress", UnstructuredAddress); + DefaultLookUp.put("unstructuredname", UnstructuredName); + } + + private X509NameEntryConverter converter = null; + private Vector ordering = new Vector(); + private Vector values = new Vector(); + private Vector added = new Vector(); + + private ASN1Sequence seq; + + /** + * Return a X509Name based on the passed in tagged object. + * + * @param obj tag object holding name. + * @param explicit true if explicitly tagged false otherwise. + * @return the X509Name + */ + public static X509Name getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + return getInstance(ASN1Sequence.getInstance(obj, explicit)); + } + + public static X509Name getInstance( + Object obj) + { + if (obj == null || obj instanceof X509Name) + { + return (X509Name)obj; + } + else if (obj instanceof ASN1Sequence) + { + return new X509Name((ASN1Sequence)obj); + } + + throw new IllegalArgumentException("unknown object in factory"); + } + + /** + * Constructor from ASN1Sequence + * + * the principal will be a list of constructed sets, each containing an (OID, String) pair. + */ + public X509Name( + ASN1Sequence seq) + { + this.seq = seq; + + Enumeration e = seq.getObjects(); + + while (e.hasMoreElements()) + { + ASN1Set set = (ASN1Set)e.nextElement(); + + for (int i = 0; i < set.size(); i++) + { + ASN1Sequence s = (ASN1Sequence)set.getObjectAt(i); + + ordering.addElement(s.getObjectAt(0)); + values.addElement(((DERString) s.getObjectAt(1)).getString()); + added.addElement((i != 0) ? new Boolean(true) : new Boolean(false)); + } + } + } + + /** + * constructor from a table of attributes. + *

+ * it's is assumed the table contains OID/String pairs, and the contents + * of the table are copied into an internal table as part of the + * construction process. + *

+ * Note: if the name you are trying to generate should be + * following a specific ordering, you should use the constructor + * with the ordering specified below. + */ + public X509Name( + Hashtable attributes) + { + this(null, attributes); + } + + /** + * Constructor from a table of attributes with ordering. + *

+ * it's is assumed the table contains OID/String pairs, and the contents + * of the table are copied into an internal table as part of the + * construction process. The ordering vector should contain the OIDs + * in the order they are meant to be encoded or printed in toString. + */ + public X509Name( + Vector ordering, + Hashtable attributes) + { + this(ordering, attributes, new X509DefaultEntryConverter()); + } + + /** + * Constructor from a table of attributes with ordering. + *

+ * it's is assumed the table contains OID/String pairs, and the contents + * of the table are copied into an internal table as part of the + * construction process. The ordering vector should contain the OIDs + * in the order they are meant to be encoded or printed in toString. + *

+ * The passed in converter will be used to convert the strings into their + * ASN.1 counterparts. + */ + public X509Name( + Vector ordering, + Hashtable attributes, + X509DefaultEntryConverter converter) + { + this.converter = converter; + + if (ordering != null) + { + for (int i = 0; i != ordering.size(); i++) + { + this.ordering.addElement(ordering.elementAt(i)); + this.added.addElement(new Boolean(false)); + } + } + else + { + Enumeration e = attributes.keys(); + + while (e.hasMoreElements()) + { + this.ordering.addElement(e.nextElement()); + this.added.addElement(new Boolean(false)); + } + } + + for (int i = 0; i != this.ordering.size(); i++) + { + DERObjectIdentifier oid = (DERObjectIdentifier)this.ordering.elementAt(i); + + if (attributes.get(oid) == null) + { + throw new IllegalArgumentException("No attribute for object id - " + oid.getId() + " - passed to distinguished name"); + } + + this.values.addElement(attributes.get(oid)); // copy the hash table + } + } + + /** + * Takes two vectors one of the oids and the other of the values. + */ + public X509Name( + Vector oids, + Vector values) + { + this(oids, values, new X509DefaultEntryConverter()); + } + + /** + * Takes two vectors one of the oids and the other of the values. + *

+ * The passed in converter will be used to convert the strings into their + * ASN.1 counterparts. + */ + public X509Name( + Vector oids, + Vector values, + X509NameEntryConverter converter) + { + this.converter = converter; + + if (oids.size() != values.size()) + { + throw new IllegalArgumentException("oids vector must be same length as values."); + } + + for (int i = 0; i < oids.size(); i++) + { + this.ordering.addElement(oids.elementAt(i)); + this.values.addElement(values.elementAt(i)); + this.added.addElement(new Boolean(false)); + } + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. + */ + public X509Name( + String dirName) + { + this(DefaultReverse, DefaultLookUp, dirName); + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes with each + * string value being converted to its associated ASN.1 type using the passed + * in converter. + */ + public X509Name( + String dirName, + X509NameEntryConverter converter) + { + this(DefaultReverse, DefaultLookUp, dirName, converter); + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. If reverse + * is true, create the encoded version of the sequence starting from the + * last element in the string. + */ + public X509Name( + boolean reverse, + String dirName) + { + this(reverse, DefaultLookUp, dirName); + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes with each + * string value being converted to its associated ASN.1 type using the passed + * in converter. If reverse is true the ASN.1 sequence representing the DN will + * be built by starting at the end of the string, rather than the start. + */ + public X509Name( + boolean reverse, + String dirName, + X509NameEntryConverter converter) + { + this(reverse, DefaultLookUp, dirName, converter); + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. lookUp + * should provide a table of lookups, indexed by lowercase only strings and + * yielding a DERObjectIdentifier, other than that OID. and numeric oids + * will be processed automatically. + *
+ * If reverse is true, create the encoded version of the sequence + * starting from the last element in the string. + * @param reverse true if we should start scanning from the end (RFC 2553). + * @param lookUp table of names and their oids. + * @param dirName the X.500 string to be parsed. + */ + public X509Name( + boolean reverse, + Hashtable lookUp, + String dirName) + { + this(reverse, lookUp, dirName, new X509DefaultEntryConverter()); + } + + private DERObjectIdentifier decodeOID( + String name, + Hashtable lookUp) + { + if (name.toUpperCase().startsWith("OID.")) + { + return new DERObjectIdentifier(name.substring(4)); + } + else if (name.charAt(0) >= '0' && name.charAt(0) <= '9') + { + return new DERObjectIdentifier(name); + } + + DERObjectIdentifier oid = (DERObjectIdentifier)lookUp.get(name.toLowerCase()); + if (oid == null) + { + throw new IllegalArgumentException("Unknown object id - " + name + " - passed to distinguished name"); + } + + return oid; + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. lookUp + * should provide a table of lookups, indexed by lowercase only strings and + * yielding a DERObjectIdentifier, other than that OID. and numeric oids + * will be processed automatically. The passed in converter is used to convert the + * string values to the right of each equals sign to their ASN.1 counterparts. + *
+ * @param reverse true if we should start scanning from the end, false otherwise. + * @param lookUp table of names and oids. + * @param dirName the string dirName + * @param converter the converter to convert string values into their ASN.1 equivalents + */ + public X509Name( + boolean reverse, + Hashtable lookUp, + String dirName, + X509NameEntryConverter converter) + { + this.converter = converter; + X509NameTokenizer nTok = new X509NameTokenizer(dirName); + + while (nTok.hasMoreTokens()) + { + String token = nTok.nextToken(); + int index = token.indexOf('='); + + if (index == -1) + { + throw new IllegalArgumentException("badly formated directory string"); + } + + String name = token.substring(0, index); + String value = token.substring(index + 1); + DERObjectIdentifier oid = decodeOID(name, lookUp); + + if (value.indexOf('+') > 0) + { + X509NameTokenizer vTok = new X509NameTokenizer(value, '+'); + + this.ordering.addElement(oid); + this.values.addElement(vTok.nextToken()); + this.added.addElement(new Boolean(false)); + + while (vTok.hasMoreTokens()) + { + String sv = vTok.nextToken(); + int ndx = sv.indexOf('='); + + String nm = sv.substring(0, ndx); + String vl = sv.substring(ndx + 1); + this.ordering.addElement(decodeOID(nm, lookUp)); + this.values.addElement(vl); + this.added.addElement(new Boolean(true)); + } + } + else + { + this.ordering.addElement(oid); + this.values.addElement(value); + this.added.addElement(new Boolean(false)); + } + } + + if (reverse) + { + Vector o = new Vector(); + Vector v = new Vector(); + Vector a = new Vector(); + + for (int i = this.ordering.size() - 1; i >= 0; i--) + { + o.addElement(this.ordering.elementAt(i)); + v.addElement(this.values.elementAt(i)); + a.addElement(this.added.elementAt(i)); + } + + this.ordering = o; + this.values = v; + this.added = a; + } + } + + /** + * return a vector of the oids in the name, in the order they were found. + */ + public Vector getOIDs() + { + Vector v = new Vector(); + + for (int i = 0; i != ordering.size(); i++) + { + v.addElement(ordering.elementAt(i)); + } + + return v; + } + + /** + * return a vector of the values found in the name, in the order they + * were found. + */ + public Vector getValues() + { + Vector v = new Vector(); + + for (int i = 0; i != values.size(); i++) + { + v.addElement(values.elementAt(i)); + } + + return v; + } + + public DERObject toASN1Object() + { + if (seq == null) + { + ASN1EncodableVector vec = new ASN1EncodableVector(); + ASN1EncodableVector sVec = new ASN1EncodableVector(); + DERObjectIdentifier lstOid = null; + + for (int i = 0; i != ordering.size(); i++) + { + ASN1EncodableVector v = new ASN1EncodableVector(); + DERObjectIdentifier oid = (DERObjectIdentifier)ordering.elementAt(i); + + v.add(oid); + + String str = (String)values.elementAt(i); + + v.add(converter.getConvertedValue(oid, str)); + + if (lstOid == null + || ((Boolean)this.added.elementAt(i)).booleanValue()) + { + sVec.add(new DERSequence(v)); + } + else + { + vec.add(new DERSet(sVec)); + sVec = new ASN1EncodableVector(); + + sVec.add(new DERSequence(v)); + } + + lstOid = oid; + } + + vec.add(new DERSet(sVec)); + + seq = new DERSequence(vec); + } + + return seq; + } + + /** + * @param inOrder if true the order of both X509 names must be the same, + * as well as the values associated with each element. + */ + public boolean equals(Object _obj, boolean inOrder) + { + if (_obj == this) + { + return true; + } + + if (!inOrder) + { + return this.equals(_obj); + } + + if (_obj == null || !(_obj instanceof X509Name)) + { + return false; + } + + X509Name _oxn = (X509Name)_obj; + int _orderingSize = ordering.size(); + + if (_orderingSize != _oxn.ordering.size()) + { + return false; + } + + for(int i = 0; i < _orderingSize; i++) + { + String _oid = ((DERObjectIdentifier)ordering.elementAt(i)).getId(); + String _val = (String)values.elementAt(i); + + String _oOID = ((DERObjectIdentifier)_oxn.ordering.elementAt(i)).getId(); + String _oVal = (String)_oxn.values.elementAt(i); + + if (_oid.equals(_oOID)) + { + _val = _val.trim().toLowerCase(); + _oVal = _oVal.trim().toLowerCase(); + if (_val.equals(_oVal)) + { + continue; + } + else + { + StringBuffer v1 = new StringBuffer(); + StringBuffer v2 = new StringBuffer(); + + if (_val.length() != 0) + { + char c1 = _val.charAt(0); + + v1.append(c1); + + for (int k = 1; k < _val.length(); k++) + { + char c2 = _val.charAt(k); + if (!(c1 == ' ' && c2 == ' ')) + { + v1.append(c2); + } + c1 = c2; + } + } + + if (_oVal.length() != 0) + { + char c1 = _oVal.charAt(0); + + v2.append(c1); + + for (int k = 1; k < _oVal.length(); k++) + { + char c2 = _oVal.charAt(k); + if (!(c1 == ' ' && c2 == ' ')) + { + v2.append(c2); + } + c1 = c2; + } + } + + if (!v1.toString().equals(v2.toString())) + { + return false; + } + } + } + else + { + return false; + } + } + + return true; + } + + /** + * test for equality - note: case is ignored. + */ + public boolean equals(Object _obj) + { + if (_obj == this) + { + return true; + } + + if (_obj == null || !(_obj instanceof X509Name)) + { + return false; + } + + X509Name _oxn = (X509Name)_obj; + + if (this.getDERObject().equals(_oxn.getDERObject())) + { + return true; + } + + int _orderingSize = ordering.size(); + + if (_orderingSize != _oxn.ordering.size()) + { + return false; + } + + boolean[] _indexes = new boolean[_orderingSize]; + + for(int i = 0; i < _orderingSize; i++) + { + boolean _found = false; + String _oid = ((DERObjectIdentifier)ordering.elementAt(i)).getId(); + String _val = (String)values.elementAt(i); + + for(int j = 0; j < _orderingSize; j++) + { + if(_indexes[j] == true) + { + continue; + } + + String _oOID = ((DERObjectIdentifier)_oxn.ordering.elementAt(j)).getId(); + String _oVal = (String)_oxn.values.elementAt(j); + + if (_oid.equals(_oOID)) + { + _val = _val.trim().toLowerCase(); + _oVal = _oVal.trim().toLowerCase(); + if (_val.equals(_oVal)) + { + _indexes[j] = true; + _found = true; + break; + } + else + { + StringBuffer v1 = new StringBuffer(); + StringBuffer v2 = new StringBuffer(); + + if (_val.length() != 0) + { + char c1 = _val.charAt(0); + + v1.append(c1); + + for (int k = 1; k < _val.length(); k++) + { + char c2 = _val.charAt(k); + if (!(c1 == ' ' && c2 == ' ')) + { + v1.append(c2); + } + c1 = c2; + } + } + + if (_oVal.length() != 0) + { + char c1 = _oVal.charAt(0); + + v2.append(c1); + + for (int k = 1; k < _oVal.length(); k++) + { + char c2 = _oVal.charAt(k); + if (!(c1 == ' ' && c2 == ' ')) + { + v2.append(c2); + } + c1 = c2; + } + } + + if (v1.toString().equals(v2.toString())) + { + _indexes[j] = true; + _found = true; + break; + } + } + } + } + + if(!_found) + { + return false; + } + } + + return true; + } + + public int hashCode() + { + ASN1Sequence seq = (ASN1Sequence)this.getDERObject(); + Enumeration e = seq.getObjects(); + int hashCode = 0; + + while (e.hasMoreElements()) + { + hashCode ^= e.nextElement().hashCode(); + } + + return hashCode; + } + + private void appendValue( + StringBuffer buf, + Hashtable oidSymbols, + DERObjectIdentifier oid, + String value) + { + String sym = (String)oidSymbols.get(oid); + + if (sym != null) + { + buf.append(sym); + } + else + { + buf.append(oid.getId()); + } + + buf.append("="); + + int index = buf.length(); + + buf.append(value); + + int end = buf.length(); + + while (index != end) + { + if ((buf.charAt(index) == ',') + || (buf.charAt(index) == '"') + || (buf.charAt(index) == '\\') + || (buf.charAt(index) == '+') + || (buf.charAt(index) == '<') + || (buf.charAt(index) == '>') + || (buf.charAt(index) == ';')) + { + buf.insert(index, "\\"); + index++; + end++; + } + + index++; + } + } + + /** + * convert the structure to a string - if reverse is true the + * oids and values are listed out starting with the last element + * in the sequence (ala RFC 2253), otherwise the string will begin + * with the first element of the structure. If no string definition + * for the oid is found in oidSymbols the string value of the oid is + * added. Two standard symbol tables are provided DefaultSymbols, and + * RFC2253Symbols as part of this class. + * + * @param reverse if true start at the end of the sequence and work back. + * @param oidSymbols look up table strings for oids. + */ + public String toString( + boolean reverse, + Hashtable oidSymbols) + { + StringBuffer buf = new StringBuffer(); + boolean first = true; + + if (reverse) + { + for (int i = ordering.size() - 1; i >= 0; i--) + { + if (first) + { + first = false; + } + else + { + if (((Boolean)added.elementAt(i + 1)).booleanValue()) + { + buf.append("+"); + } + else + { + buf.append(","); + } + } + + appendValue(buf, oidSymbols, + (DERObjectIdentifier)ordering.elementAt(i), + (String)values.elementAt(i)); + } + } + else + { + for (int i = 0; i < ordering.size(); i++) + { + if (first) + { + first = false; + } + else + { + if (((Boolean)added.elementAt(i)).booleanValue()) + { + buf.append("+"); + } + else + { + buf.append(","); + } + } + + appendValue(buf, oidSymbols, + (DERObjectIdentifier)ordering.elementAt(i), + (String)values.elementAt(i)); + } + } + + return buf.toString(); + } + + public String toString() + { + return toString(DefaultReverse, DefaultSymbols); + } +} Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java ------------------------------------------------------------------------------ svn:keywords = Date Revision Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509Name.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java?rev=617610&view=auto ============================================================================== --- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java (added) +++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java Fri Feb 1 11:01:39 2008 @@ -0,0 +1,193 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geronimo.crypto.asn1.x509; + +import java.io.ByteArrayInputStream; +import java.io.IOException; + +import org.apache.geronimo.crypto.asn1.ASN1InputStream; +import org.apache.geronimo.crypto.asn1.DERObject; +import org.apache.geronimo.crypto.asn1.DERObjectIdentifier; + +/** + * It turns out that the number of standard ways the fields in a DN should be + * encoded into their ASN.1 counterparts is rapidly approaching the + * number of machines on the internet. By default the X509Name class + * will produce PrintableStrings if the field value will decode to that, + * next UTF8Strings if the field value will decode to that, and finally BMPStrings + * if 16 bit characters are required. + *

+ * The way this is done is with a default encoder which is + * implemented as follows: + * 

+ * public class X509DefaultEntryConverter
+ *     extends X509NameEntryConverter
+ * {
+ *     public DERObject getConvertedValue(
+ *         DERObjectIdentifier  oid,
+ *         String               value)
+ *     {
+ *         if (str.length() != 0 && str.charAt(0) == '#')
+ *         {
+ *             return convertHexEncoded(str, 1);
+ *         }
+ *         if (oid.equals(EmailAddress))
+ *         {
+ *             return new DERIA5String(str);
+ *         }
+ *         else if (canBePrintable(str))
+ *         {
+ *             return new DERPrintableString(str);
+ *         }
+ *         else if (canBeUTF8(str))
+ *         {
+ *             return new DERUTF8String(str);
+ *         }
+ *         else
+ *         {
+ *             return new DERBMPString(str);
+ *         }
+ *     }
+ * }
+ */
+public abstract class X509NameEntryConverter
+{
+    /**
+     * Convert an inline encoded hex string rendition of an ASN.1
+     * object back into its corresponding ASN.1 object.
+     *
+     * @param str the hex encoded object
+     * @param off the index at which the encoding starts
+     * @return the decoded object
+     */
+    protected DERObject convertHexEncoded(
+        String  str,
+        int     off)
+        throws IOException
+    {
+        str = str.toLowerCase();
+        byte[]    data = new byte[str.length() / 2];
+        for (int index = 0; index != data.length; index++)
+        {
+            char left = str.charAt((index * 2) + off);
+            char right = str.charAt((index * 2) + off + 1);
+
+            if (left < 'a')
+            {
+                data[index] = (byte)((left - '0') << 4);
+            }
+            else
+            {
+                data[index] = (byte)((left - 'a' + 10) << 4);
+            }
+            if (right < 'a')
+            {
+                data[index] |= (byte)(right - '0');
+            }
+            else
+            {
+                data[index] |= (byte)(right - 'a' + 10);
+            }
+        }
+
+        ASN1InputStream aIn = new ASN1InputStream(
+                                            new ByteArrayInputStream(data));
+
+        return aIn.readObject();
+    }
+
+    /**
+     * return true if the passed in String can be represented without
+     * loss as a PrintableString, false otherwise.
+     */
+    protected boolean canBePrintable(
+        String  str)
+    {
+        for (int i = str.length() - 1; i >= 0; i--)
+        {
+            char    ch = str.charAt(i);
+
+            if (str.charAt(i) > 0x007f)
+            {
+                return false;
+            }
+
+            if ('a' <= ch && ch <= 'z')
+            {
+                continue;
+            }
+
+            if ('A' <= ch && ch <= 'Z')
+            {
+                continue;
+            }
+
+            if ('0' <= ch && ch <= '9')
+            {
+                continue;
+            }
+
+            switch (ch)
+            {
+            case ' ':
+            case '\'':
+            case '(':
+            case ')':
+            case '+':
+            case '-':
+            case '.':
+            case ':':
+            case '=':
+            case '?':
+                continue;
+            }
+
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * return true if the passed in String can be represented without
+     * loss as a UTF8String, false otherwise.
+     */
+    protected boolean canBeUTF8(
+        String  str)
+    {
+        for (int i = str.length() - 1; i >= 0; i--)
+        {
+            if (str.charAt(i) > 0x00ff)
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Convert the passed in String value into the appropriate ASN.1
+     * encoded object.
+     *
+     * @param oid the oid associated with the value in the DN.
+     * @param value the value of the particular DN component.
+     * @return the ASN.1 equivalent for the value.
+     */
+    public abstract DERObject getConvertedValue(DERObjectIdentifier oid, String value);
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameEntryConverter.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,108 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.asn1.x509;
+
+/**
+ * class for breaking up an X500 Name into it's component tokens, ala
+ * java.util.StringTokenizer. We need this class as some of the
+ * lightweight Java environment don't support classes like
+ * StringTokenizer.
+ */
+public class X509NameTokenizer
+{
+    private String          value;
+    private int             index;
+    private char            seperator;
+    private StringBuffer    buf = new StringBuffer();
+
+    public X509NameTokenizer(
+        String  oid)
+    {
+        this(oid, ',');
+    }
+
+    public X509NameTokenizer(
+        String  oid,
+        char    seperator)
+    {
+        this.value = oid;
+        this.index = -1;
+        this.seperator = seperator;
+    }
+
+    public boolean hasMoreTokens()
+    {
+        return (index != value.length());
+    }
+
+    public String nextToken()
+    {
+        if (index == value.length())
+        {
+            return null;
+        }
+
+        int     end = index + 1;
+        boolean quoted = false;
+        boolean escaped = false;
+
+        buf.setLength(0);
+
+        while (end != value.length())
+        {
+            char    c = value.charAt(end);
+
+            if (c == '"')
+            {
+                if (!escaped)
+                {
+                    quoted = !quoted;
+                }
+                else
+                {
+                    buf.append(c);
+                }
+                escaped = false;
+            }
+            else
+            {
+                if (escaped || quoted)
+                {
+                    buf.append(c);
+                    escaped = false;
+                }
+                else if (c == '\\')
+                {
+                    escaped = true;
+                }
+                else if (c == seperator)
+                {
+                    break;
+                }
+                else
+                {
+                    buf.append(c);
+                }
+            }
+            end++;
+        }
+
+        index = end;
+        return buf.toString().trim();
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509NameTokenizer.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,60 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.asn1.x509;
+
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+
+public interface X509ObjectIdentifiers
+{
+    //
+    // base id
+    //
+    static final String                 id                      = "2.5.4";
+
+    static final DERObjectIdentifier    commonName              = new DERObjectIdentifier(id + ".3");
+    static final DERObjectIdentifier    countryName             = new DERObjectIdentifier(id + ".6");
+    static final DERObjectIdentifier    localityName            = new DERObjectIdentifier(id + ".7");
+    static final DERObjectIdentifier    stateOrProvinceName     = new DERObjectIdentifier(id + ".8");
+    static final DERObjectIdentifier    organization            = new DERObjectIdentifier(id + ".10");
+    static final DERObjectIdentifier    organizationalUnitName  = new DERObjectIdentifier(id + ".11");
+
+    // id-SHA1 OBJECT IDENTIFIER ::=
+    //   {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }    //
+    static final DERObjectIdentifier    id_SHA1                 = new DERObjectIdentifier("1.3.14.3.2.26");
+
+    //
+    // ripemd160 OBJECT IDENTIFIER ::=
+    //      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RIPEMD-160(1)}
+    //
+    static final DERObjectIdentifier    ripemd160               = new DERObjectIdentifier("1.3.36.3.2.1");
+
+    //
+    // ripemd160WithRSAEncryption OBJECT IDENTIFIER ::=
+    //      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) }
+    //
+    static final DERObjectIdentifier    ripemd160WithRSAEncryption = new DERObjectIdentifier("1.3.36.3.3.1.2");
+
+
+    static final DERObjectIdentifier    id_ea_rsa = new DERObjectIdentifier("2.5.8.1.1");
+
+    //
+    //    OID for ocsp uri in AuthorityInformationAccess extension
+    //
+     static final DERObjectIdentifier ocspAccessMethod = new DERObjectIdentifier("1.3.6.1.5.5.7.48.1");
+}
+

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x509/X509ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,123 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.asn1.x9;
+
+import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
+
+public interface X9ObjectIdentifiers
+{
+    //
+    // X9.62
+    //
+    // ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+    //            us(840) ansi-x962(10045) }
+    //
+    static final String    ansi_X9_62 = "1.2.840.10045";
+    static final String    id_fieldType = ansi_X9_62 + ".1";
+
+    static final DERObjectIdentifier    prime_field
+                    = new DERObjectIdentifier(id_fieldType + ".1");
+
+    static final DERObjectIdentifier    characteristic_two_field
+                    = new DERObjectIdentifier(id_fieldType + ".2");
+
+    static final DERObjectIdentifier    gnBasis
+                    = new DERObjectIdentifier(id_fieldType + ".2.3.1");
+
+    static final DERObjectIdentifier    tpBasis
+                    = new DERObjectIdentifier(id_fieldType + ".2.3.2");
+
+    static final DERObjectIdentifier    ppBasis
+                    = new DERObjectIdentifier(id_fieldType + ".2.3.3");
+
+    static final String    id_ecSigType = ansi_X9_62 + ".4";
+
+    static final DERObjectIdentifier    ecdsa_with_SHA1
+                    = new DERObjectIdentifier(id_ecSigType + ".1");
+
+    static final String    id_publicKeyType = ansi_X9_62 + ".2";
+
+    static final DERObjectIdentifier    id_ecPublicKey
+                    = new DERObjectIdentifier(id_publicKeyType + ".1");
+
+    //
+    // named curves
+    //
+    static final String     ellipticCurve = ansi_X9_62 + ".3";
+
+    //
+    // Two Curves
+    //
+    static final String     cTwoCurve = ellipticCurve + ".0";
+
+    static final DERObjectIdentifier    c2pnb163v1 = new DERObjectIdentifier(cTwoCurve + ".1");
+    static final DERObjectIdentifier    c2pnb163v2 = new DERObjectIdentifier(cTwoCurve + ".2");
+    static final DERObjectIdentifier    c2pnb163v3 = new DERObjectIdentifier(cTwoCurve + ".3");
+    static final DERObjectIdentifier    c2pnb176w1 = new DERObjectIdentifier(cTwoCurve + ".4");
+    static final DERObjectIdentifier    c2tnb191v1 = new DERObjectIdentifier(cTwoCurve + ".5");
+    static final DERObjectIdentifier    c2tnb191v2 = new DERObjectIdentifier(cTwoCurve + ".6");
+    static final DERObjectIdentifier    c2tnb191v3 = new DERObjectIdentifier(cTwoCurve + ".7");
+    static final DERObjectIdentifier    c2onb191v4 = new DERObjectIdentifier(cTwoCurve + ".8");
+    static final DERObjectIdentifier    c2onb191v5 = new DERObjectIdentifier(cTwoCurve + ".9");
+    static final DERObjectIdentifier    c2pnb208w1 = new DERObjectIdentifier(cTwoCurve + ".10");
+    static final DERObjectIdentifier    c2tnb239v1 = new DERObjectIdentifier(cTwoCurve + ".11");
+    static final DERObjectIdentifier    c2tnb239v2 = new DERObjectIdentifier(cTwoCurve + ".12");
+    static final DERObjectIdentifier    c2tnb239v3 = new DERObjectIdentifier(cTwoCurve + ".13");
+    static final DERObjectIdentifier    c2onb239v4 = new DERObjectIdentifier(cTwoCurve + ".14");
+    static final DERObjectIdentifier    c2onb239v5 = new DERObjectIdentifier(cTwoCurve + ".15");
+    static final DERObjectIdentifier    c2pnb272w1 = new DERObjectIdentifier(cTwoCurve + ".16");
+    static final DERObjectIdentifier    c2png304v1 = new DERObjectIdentifier(cTwoCurve + ".17");
+    static final DERObjectIdentifier    c2tnb359v1 = new DERObjectIdentifier(cTwoCurve + ".18");
+    static final DERObjectIdentifier    c2pnb368w1 = new DERObjectIdentifier(cTwoCurve + ".19");
+    static final DERObjectIdentifier    c2tnb431r1 = new DERObjectIdentifier(cTwoCurve + ".20");
+
+    //
+    // Prime
+    //
+    static final String     primeCurve = ellipticCurve + ".1";
+
+    static final DERObjectIdentifier    prime192v1 = new DERObjectIdentifier(primeCurve + ".1");
+    static final DERObjectIdentifier    prime192v2 = new DERObjectIdentifier(primeCurve + ".2");
+    static final DERObjectIdentifier    prime192v3 = new DERObjectIdentifier(primeCurve + ".3");
+    static final DERObjectIdentifier    prime239v1 = new DERObjectIdentifier(primeCurve + ".4");
+    static final DERObjectIdentifier    prime239v2 = new DERObjectIdentifier(primeCurve + ".5");
+    static final DERObjectIdentifier    prime239v3 = new DERObjectIdentifier(primeCurve + ".6");
+    static final DERObjectIdentifier    prime256v1 = new DERObjectIdentifier(primeCurve + ".7");
+
+    //
+    // Diffie-Hellman
+    //
+    // dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+    //            us(840) ansi-x942(10046) number-type(2) 1 }
+    //
+    static final DERObjectIdentifier    dhpublicnumber = new DERObjectIdentifier("1.2.840.10046.2.1");
+
+    //
+    // DSA
+    //
+    // dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+    //            us(840) ansi-x957(10040) number-type(4) 1 }
+    static final DERObjectIdentifier    id_dsa = new DERObjectIdentifier("1.2.840.10040.4.1");
+
+    /**
+     *   id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
+     *         us(840) x9-57 (10040) x9cm(4) 3 }
+     */
+    public static final DERObjectIdentifier id_dsa_with_sha1 = new DERObjectIdentifier("1.2.840.10040.4.3");
+}
+

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/asn1/x9/X9ObjectIdentifiers.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,73 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.crypto;
+
+
+/**
+ * Block cipher engines are expected to conform to this interface.
+ */
+public interface BlockCipher
+{
+    /**
+     * Initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(boolean forEncryption, CipherParameters params)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm the cipher implements.
+     *
+     * @return the name of the algorithm the cipher implements.
+     */
+    public String getAlgorithmName();
+
+    /**
+     * Return the block size for this cipher (in bytes).
+     *
+     * @return the block size for this cipher in bytes.
+     */
+    public int getBlockSize();
+
+    /**
+     * Process one block of input from the array in and write it to
+     * the out array.
+     *
+     * @param in the array containing the input data.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the output data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
+        throws DataLengthException, IllegalStateException;
+
+    /**
+     * Reset the cipher. After resetting the cipher is in the same state
+     * as it was after the last init (if there was one).
+     */
+    public void reset();
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/BlockCipher.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,25 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.crypto;
+
+/**
+ * all parameter classes implement this.
+ */
+public interface CipherParameters
+{
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/CipherParameters.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,53 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.crypto;
+
+import java.math.BigInteger;
+
+/**
+ * interface for classes implementing algorithms modeled similar to the Digital Signature Alorithm.
+ */
+public interface DSA
+{
+    /**
+     * initialise the signer for signature generation or signature
+     * verification.
+     *
+     * @param forSigning true if we are generating a signature, false
+     * otherwise.
+     * @param param key parameters for signature generation.
+     */
+    public void init(boolean forSigning, CipherParameters param);
+
+    /**
+     * sign the passed in message (usually the output of a hash function).
+     *
+     * @param message the message to be signed.
+     * @return two big integers representing the r and s values respectively.
+     */
+    public BigInteger[] generateSignature(byte[] message);
+
+    /**
+     * verify the message message against the signature values r and s.
+     *
+     * @param message the message that was supposed to have been signed.
+     * @param r the r signature value.
+     * @param s the s signature value.
+     */
+    public boolean verifySignature(byte[] message, BigInteger  r, BigInteger s);
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DSA.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,46 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.crypto;
+
+/**
+ * this exception is thrown if a buffer that is meant to have output
+ * copied into it turns out to be too short, or if we've been given
+ * insufficient input. In general this exception will get thrown rather
+ * than an ArrayOutOfBounds exception.
+ */
+public class DataLengthException
+    extends RuntimeCryptoException
+{
+    /**
+     * base constructor.
+     */
+    public DataLengthException()
+    {
+    }
+
+    /**
+     * create a DataLengthException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     */
+    public DataLengthException(
+        String  message)
+    {
+        super(message);
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/DataLengthException.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,68 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.crypto.crypto;
+
+/**
+ * interface that a message digest conforms to.
+ */
+public interface Digest
+{
+    /**
+     * return the algorithm name
+     *
+     * @return the algorithm name
+     */
+    public String getAlgorithmName();
+
+    /**
+     * return the size, in bytes, of the digest produced by this message digest.
+     *
+     * @return the size, in bytes, of the digest produced by this message digest.
+     */
+    public int getDigestSize();
+
+    /**
+     * update the message digest with a single byte.
+     *
+     * @param in the input byte to be entered.
+     */
+    public void update(byte in);
+
+    /**
+     * update the message digest with a block of bytes.
+     *
+     * @param in the byte array containing the data.
+     * @param inOff the offset into the byte array where the data starts.
+     * @param len the length of the data.
+     */
+    public void update(byte[] in, int inOff, int len);
+
+    /**
+     * close the digest, producing the final digest value. The doFinal
+     * call leaves the digest reset.
+     *
+     * @param out the array the digest is to be copied into.
+     * @param outOff the offset into the out array the digest is to start at.
+     */
+    public int doFinal(byte[] out, int outOff);
+
+    /**
+     * reset the digest back to it's initial state.
+     */
+    public void reset();
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/Digest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java?rev=617610&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java (added)
+++ geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java Fri Feb  1 11:01:39 2008
@@ -0,0 +1,30 @@
+
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.crypto.crypto;
+
+public interface ExtendedDigest 
+    extends Digest
+{
+    /**
+     * Return the size in bytes of the internal buffer the digest applies it's compression
+     * function to.
+     * 
+     * @return byte length of the digests internal buffer.
+     */
+    public int getByteLength();
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/crypto/ExtendedDigest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain