Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
f01a2151
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
f01a2151
编写于
7月 27, 2009
作者:
Y
yan
浏览文件
操作
浏览文件
下载
差异文件
Merge
上级
95137105
2e76bfac
变更
77
展开全部
隐藏空白更改
内联
并排
Showing
77 changed file
with
3694 addition
and
526 deletion
+3694
-526
.hgtags
.hgtags
+3
-0
make/common/Defs-linux.gmk
make/common/Defs-linux.gmk
+1
-1
make/common/Defs-windows.gmk
make/common/Defs-windows.gmk
+1
-1
src/share/classes/com/sun/beans/finder/BeanInfoFinder.java
src/share/classes/com/sun/beans/finder/BeanInfoFinder.java
+102
-0
src/share/classes/com/sun/beans/finder/InstanceFinder.java
src/share/classes/com/sun/beans/finder/InstanceFinder.java
+111
-0
src/share/classes/com/sun/beans/finder/PersistenceDelegateFinder.java
...asses/com/sun/beans/finder/PersistenceDelegateFinder.java
+63
-0
src/share/classes/com/sun/beans/finder/PropertyEditorFinder.java
...re/classes/com/sun/beans/finder/PropertyEditorFinder.java
+81
-0
src/share/classes/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java
...ses/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java
+2
-2
src/share/classes/java/beans/Encoder.java
src/share/classes/java/beans/Encoder.java
+18
-16
src/share/classes/java/beans/IndexedPropertyDescriptor.java
src/share/classes/java/beans/IndexedPropertyDescriptor.java
+6
-1
src/share/classes/java/beans/Introspector.java
src/share/classes/java/beans/Introspector.java
+32
-75
src/share/classes/java/beans/MetaData.java
src/share/classes/java/beans/MetaData.java
+4
-2
src/share/classes/java/beans/PropertyDescriptor.java
src/share/classes/java/beans/PropertyDescriptor.java
+6
-1
src/share/classes/java/beans/PropertyEditorManager.java
src/share/classes/java/beans/PropertyEditorManager.java
+33
-63
src/share/classes/java/beans/Statement.java
src/share/classes/java/beans/Statement.java
+2
-1
src/share/classes/java/lang/Byte.java
src/share/classes/java/lang/Byte.java
+2
-2
src/share/classes/java/lang/Character.java
src/share/classes/java/lang/Character.java
+4
-0
src/share/classes/java/lang/Class.java
src/share/classes/java/lang/Class.java
+7
-7
src/share/classes/java/lang/Integer.java
src/share/classes/java/lang/Integer.java
+3
-0
src/share/classes/java/lang/Long.java
src/share/classes/java/lang/Long.java
+5
-0
src/share/classes/java/lang/Short.java
src/share/classes/java/lang/Short.java
+3
-0
src/share/classes/java/net/URLClassLoader.java
src/share/classes/java/net/URLClassLoader.java
+42
-22
src/share/classes/java/nio/file/LinkPermission.java
src/share/classes/java/nio/file/LinkPermission.java
+1
-1
src/share/classes/java/nio/file/NotLinkException.java
src/share/classes/java/nio/file/NotLinkException.java
+1
-1
src/share/classes/java/nio/file/Path.java
src/share/classes/java/nio/file/Path.java
+40
-39
src/share/classes/java/nio/file/SecureDirectoryStream.java
src/share/classes/java/nio/file/SecureDirectoryStream.java
+6
-5
src/share/classes/java/nio/file/attribute/Attributes.java
src/share/classes/java/nio/file/attribute/Attributes.java
+5
-5
src/share/classes/java/nio/file/attribute/BasicFileAttributes.java
.../classes/java/nio/file/attribute/BasicFileAttributes.java
+2
-2
src/share/classes/sun/net/www/http/HttpCapture.java
src/share/classes/sun/net/www/http/HttpCapture.java
+72
-0
src/share/classes/sun/net/www/http/HttpClient.java
src/share/classes/sun/net/www/http/HttpClient.java
+2
-8
src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java
...e/classes/sun/net/www/protocol/http/HttpLogFormatter.java
+1
-2
src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
.../classes/sun/net/www/protocol/http/HttpURLConnection.java
+30
-35
src/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java
...re/classes/sun/security/jgss/krb5/Krb5InitCredential.java
+1
-1
src/share/classes/sun/security/krb5/Config.java
src/share/classes/sun/security/krb5/Config.java
+21
-14
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
.../security/provider/certpath/DistributionPointFetcher.java
+91
-5
src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
...lasses/sun/security/provider/certpath/ForwardBuilder.java
+170
-8
src/share/classes/sun/security/provider/certpath/OCSPChecker.java
...e/classes/sun/security/provider/certpath/OCSPChecker.java
+16
-7
src/share/classes/sun/security/timestamp/HttpTimestamper.java
...share/classes/sun/security/timestamp/HttpTimestamper.java
+20
-9
src/share/classes/sun/tools/jar/Main.java
src/share/classes/sun/tools/jar/Main.java
+205
-140
src/share/demo/jfc/Notepad/resources/Notepad_ja.properties
src/share/demo/jfc/Notepad/resources/Notepad_ja.properties
+13
-13
src/share/demo/jvmti/java_crw_demo/java_crw_demo.c
src/share/demo/jvmti/java_crw_demo/java_crw_demo.c
+2
-2
src/solaris/native/java/net/Inet4AddressImpl.c
src/solaris/native/java/net/Inet4AddressImpl.c
+1
-0
src/solaris/native/java/net/Inet6AddressImpl.c
src/solaris/native/java/net/Inet6AddressImpl.c
+1
-0
src/windows/native/java/lang/java_props_md.c
src/windows/native/java/lang/java_props_md.c
+10
-13
src/windows/native/sun/windows/ShellFolder2.cpp
src/windows/native/sun/windows/ShellFolder2.cpp
+10
-1
test/demo/jvmti/hprof/HelloWorld.java
test/demo/jvmti/hprof/HelloWorld.java
+1
-1
test/demo/jvmti/hprof/StackMapTableTest.java
test/demo/jvmti/hprof/StackMapTableTest.java
+2
-2
test/java/beans/Introspector/6380849/TestBeanInfo.java
test/java/beans/Introspector/6380849/TestBeanInfo.java
+102
-0
test/java/beans/Introspector/6380849/beans/FirstBean.java
test/java/beans/Introspector/6380849/beans/FirstBean.java
+4
-0
test/java/beans/Introspector/6380849/beans/FirstBeanBeanInfo.java
...a/beans/Introspector/6380849/beans/FirstBeanBeanInfo.java
+11
-0
test/java/beans/Introspector/6380849/beans/SecondBean.java
test/java/beans/Introspector/6380849/beans/SecondBean.java
+4
-0
test/java/beans/Introspector/6380849/beans/ThirdBean.java
test/java/beans/Introspector/6380849/beans/ThirdBean.java
+4
-0
test/java/beans/Introspector/6380849/infos/SecondBeanBeanInfo.java
.../beans/Introspector/6380849/infos/SecondBeanBeanInfo.java
+13
-0
test/java/beans/Introspector/6380849/infos/ThirdBeanBeanInfo.java
...a/beans/Introspector/6380849/infos/ThirdBeanBeanInfo.java
+11
-0
test/java/beans/Introspector/Test6723447.java
test/java/beans/Introspector/Test6723447.java
+88
-0
test/java/beans/PropertyEditor/6380849/FirstBean.java
test/java/beans/PropertyEditor/6380849/FirstBean.java
+2
-0
test/java/beans/PropertyEditor/6380849/FirstBeanEditor.java
test/java/beans/PropertyEditor/6380849/FirstBeanEditor.java
+4
-0
test/java/beans/PropertyEditor/6380849/SecondBean.java
test/java/beans/PropertyEditor/6380849/SecondBean.java
+2
-0
test/java/beans/PropertyEditor/6380849/TestPropertyEditor.java
...java/beans/PropertyEditor/6380849/TestPropertyEditor.java
+141
-0
test/java/beans/PropertyEditor/6380849/ThirdBean.java
test/java/beans/PropertyEditor/6380849/ThirdBean.java
+2
-0
test/java/beans/PropertyEditor/6380849/editors/SecondBeanEditor.java
...eans/PropertyEditor/6380849/editors/SecondBeanEditor.java
+6
-0
test/java/beans/PropertyEditor/6380849/editors/ThirdBeanEditor.java
...beans/PropertyEditor/6380849/editors/ThirdBeanEditor.java
+6
-0
test/java/beans/XMLEncoder/6329581/Test6329581.java
test/java/beans/XMLEncoder/6329581/Test6329581.java
+75
-0
test/java/beans/XMLEncoder/6380849/Bean.java
test/java/beans/XMLEncoder/6380849/Bean.java
+2
-0
test/java/beans/XMLEncoder/6380849/BeanPersistenceDelegate.java
...ava/beans/XMLEncoder/6380849/BeanPersistenceDelegate.java
+5
-0
test/java/beans/XMLEncoder/6380849/TestPersistenceDelegate.java
...ava/beans/XMLEncoder/6380849/TestPersistenceDelegate.java
+60
-0
test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java
...ty/cert/CertPathBuilder/selfIssued/DisableRevocation.java
+260
-0
test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
...rity/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
+303
-0
test/java/security/cert/CertPathBuilder/selfIssued/README
test/java/security/cert/CertPathBuilder/selfIssued/README
+382
-0
test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java
...cert/CertPathBuilder/selfIssued/StatusLoopDependency.java
+309
-0
test/java/security/cert/CertPathBuilder/selfIssued/generate.sh
...java/security/cert/CertPathBuilder/selfIssued/generate.sh
+221
-0
test/java/security/cert/CertPathBuilder/selfIssued/openssl.cnf
...java/security/cert/CertPathBuilder/selfIssued/openssl.cnf
+205
-0
test/sun/security/krb5/ConfPlusProp.java
test/sun/security/krb5/ConfPlusProp.java
+94
-0
test/sun/security/krb5/auto/LifeTimeInSeconds.java
test/sun/security/krb5/auto/LifeTimeInSeconds.java
+50
-0
test/sun/security/krb5/confplusprop.conf
test/sun/security/krb5/confplusprop.conf
+11
-0
test/sun/security/krb5/confplusprop2.conf
test/sun/security/krb5/confplusprop2.conf
+7
-0
test/tools/jar/index/MetaInf.java
test/tools/jar/index/MetaInf.java
+55
-18
未找到文件。
.hgtags
浏览文件 @
f01a2151
...
...
@@ -38,3 +38,6 @@ d5a1223e961891564de25c39fba6f2442d0fb045 jdk7-b57
f72c0dc047b9b2e797beee68ae0b50decb1f020d jdk7-b61
12e11fab9a839a9666a996a8f9a02fd8fa03aab6 jdk7-b62
2ed6ed6b5bfc7dd724925b90dbb31223df59c25d jdk7-b63
a50217eb3ee10b9f9547e0708e5c9625405083ef jdk7-b64
382a27aa78d3236fa123c60577797a887fe93e09 jdk7-b65
bd31b30a5b21f20e42965b1633f18a5c7946d398 jdk7-b66
make/common/Defs-linux.gmk
浏览文件 @
f01a2151
...
...
@@ -193,7 +193,7 @@ ifeq ($(ARCH_DATA_MODEL), 64)
CPPFLAGS_COMMON += -D_LP64=1
endif
CPPFLAGS_OPT =
CPPFLAGS_OPT =
-DNDEBUG
CPPFLAGS_DBG = -DDEBUG
ifneq ($(PRODUCT), java)
CPPFLAGS_DBG += -DLOGGING
...
...
make/common/Defs-windows.gmk
浏览文件 @
f01a2151
...
...
@@ -363,7 +363,7 @@ ifeq ($(COMPILER_WARNINGS_FATAL),true)
CFLAGS_COMMON += -WX
endif
CPPFLAGS_OPT =
CPPFLAGS_OPT =
-DNDEBUG
CPPFLAGS_DBG = -DDEBUG -DLOGGING
CXXFLAGS_COMMON = $(CFLAGS_COMMON)
...
...
src/share/classes/com/sun/beans/finder/BeanInfoFinder.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.beans.finder
;
import
java.beans.BeanDescriptor
;
import
java.beans.BeanInfo
;
import
java.beans.MethodDescriptor
;
import
java.beans.PropertyDescriptor
;
import
java.lang.reflect.Method
;
/**
* This is utility class that provides functionality
* to find a {@link BeanInfo} for a JavaBean specified by its type.
*
* @since 1.7
*
* @author Sergey A. Malenkov
*/
public
final
class
BeanInfoFinder
extends
InstanceFinder
<
BeanInfo
>
{
private
static
final
String
DEFAULT
=
"sun.beans.infos"
;
public
BeanInfoFinder
()
{
super
(
BeanInfo
.
class
,
true
,
"BeanInfo"
,
DEFAULT
);
}
private
static
boolean
isValid
(
Class
<?>
type
,
Method
method
)
{
return
(
method
!=
null
)
&&
type
.
equals
(
method
.
getDeclaringClass
());
}
@Override
protected
BeanInfo
instantiate
(
Class
<?>
type
,
String
name
)
{
BeanInfo
info
=
super
.
instantiate
(
type
,
name
);
if
(
info
!=
null
)
{
// make sure that the returned BeanInfo matches the class
BeanDescriptor
bd
=
info
.
getBeanDescriptor
();
if
(
bd
!=
null
)
{
if
(
type
.
equals
(
bd
.
getBeanClass
()))
{
return
info
;
}
}
else
{
PropertyDescriptor
[]
pds
=
info
.
getPropertyDescriptors
();
if
(
pds
!=
null
)
{
for
(
PropertyDescriptor
pd
:
pds
)
{
Method
method
=
pd
.
getReadMethod
();
if
(
method
==
null
)
{
method
=
pd
.
getWriteMethod
();
}
if
(
isValid
(
type
,
method
))
{
return
info
;
}
}
}
else
{
MethodDescriptor
[]
mds
=
info
.
getMethodDescriptors
();
if
(
mds
!=
null
)
{
for
(
MethodDescriptor
md
:
mds
)
{
if
(
isValid
(
type
,
md
.
getMethod
()))
{
return
info
;
}
}
}
}
}
}
return
null
;
}
@Override
protected
BeanInfo
instantiate
(
Class
<?>
type
,
String
prefix
,
String
name
)
{
// this optimization will only use the BeanInfo search path
// if is has changed from the original
// or trying to get the ComponentBeanInfo
return
!
DEFAULT
.
equals
(
prefix
)
||
"ComponentBeanInfo"
.
equals
(
name
)
?
super
.
instantiate
(
type
,
prefix
,
name
)
:
null
;
}
}
src/share/classes/com/sun/beans/finder/InstanceFinder.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.beans.finder
;
/**
* This is utility class that provides basic functionality
* to find an auxiliary class for a JavaBean specified by its type.
*
* @since 1.7
*
* @author Sergey A. Malenkov
*/
class
InstanceFinder
<
T
>
{
private
static
final
String
[]
EMPTY
=
{
};
private
final
Class
<?
extends
T
>
type
;
private
final
boolean
allow
;
private
final
String
suffix
;
private
String
[]
packages
;
InstanceFinder
(
Class
<?
extends
T
>
type
,
boolean
allow
,
String
suffix
,
String
...
packages
)
{
this
.
type
=
type
;
this
.
allow
=
allow
;
this
.
suffix
=
suffix
;
this
.
packages
=
packages
.
clone
();
}
public
String
[]
getPackages
()
{
return
(
this
.
packages
.
length
>
0
)
?
this
.
packages
.
clone
()
:
this
.
packages
;
}
public
void
setPackages
(
String
...
packages
)
{
this
.
packages
=
(
packages
!=
null
)
&&
(
packages
.
length
>
0
)
?
packages
.
clone
()
:
EMPTY
;
}
public
T
find
(
Class
<?>
type
)
{
if
(
type
==
null
)
{
return
null
;
}
String
name
=
type
.
getName
()
+
this
.
suffix
;
T
object
=
instantiate
(
type
,
name
);
if
(
object
!=
null
)
{
return
object
;
}
if
(
this
.
allow
)
{
object
=
instantiate
(
type
,
null
);
if
(
object
!=
null
)
{
return
object
;
}
}
int
index
=
name
.
lastIndexOf
(
'.'
)
+
1
;
if
(
index
>
0
)
{
name
=
name
.
substring
(
index
);
}
for
(
String
prefix
:
this
.
packages
)
{
object
=
instantiate
(
type
,
prefix
,
name
);
if
(
object
!=
null
)
{
return
object
;
}
}
return
null
;
}
protected
T
instantiate
(
Class
<?>
type
,
String
name
)
{
if
(
type
!=
null
)
{
try
{
if
(
name
!=
null
)
{
type
=
ClassFinder
.
findClass
(
name
,
type
.
getClassLoader
());
}
if
(
this
.
type
.
isAssignableFrom
(
type
))
{
return
(
T
)
type
.
newInstance
();
}
}
catch
(
Exception
exception
)
{
// ignore any exceptions
}
}
return
null
;
}
protected
T
instantiate
(
Class
<?>
type
,
String
prefix
,
String
name
)
{
return
instantiate
(
type
,
prefix
+
'.'
+
name
);
}
}
src/share/classes/com/sun/beans/finder/PersistenceDelegateFinder.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.beans.finder
;
import
java.beans.PersistenceDelegate
;
import
java.util.HashMap
;
import
java.util.Map
;
/**
* This is utility class that provides functionality
* to find a {@link PersistenceDelegate} for a JavaBean specified by its type.
*
* @since 1.7
*
* @author Sergey A. Malenkov
*/
public
final
class
PersistenceDelegateFinder
extends
InstanceFinder
<
PersistenceDelegate
>
{
private
final
Map
<
Class
<?>,
PersistenceDelegate
>
registry
;
public
PersistenceDelegateFinder
()
{
super
(
PersistenceDelegate
.
class
,
true
,
"PersistenceDelegate"
);
this
.
registry
=
new
HashMap
<
Class
<?>,
PersistenceDelegate
>();
}
public
void
register
(
Class
<?>
type
,
PersistenceDelegate
delegate
)
{
if
(
delegate
!=
null
)
{
this
.
registry
.
put
(
type
,
delegate
);
}
else
{
this
.
registry
.
remove
(
type
);
}
}
@Override
public
PersistenceDelegate
find
(
Class
<?>
type
)
{
PersistenceDelegate
delegate
=
this
.
registry
.
get
(
type
);
return
(
delegate
!=
null
)
?
delegate
:
super
.
find
(
type
);
}
}
src/share/classes/com/sun/beans/finder/PropertyEditorFinder.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
com.sun.beans.finder
;
import
com.sun.beans.WeakCache
;
import
java.beans.PropertyEditor
;
import
sun.beans.editors.BooleanEditor
;
import
sun.beans.editors.ByteEditor
;
import
sun.beans.editors.DoubleEditor
;
import
sun.beans.editors.EnumEditor
;
import
sun.beans.editors.FloatEditor
;
import
sun.beans.editors.IntegerEditor
;
import
sun.beans.editors.LongEditor
;
import
sun.beans.editors.ShortEditor
;
/**
* This is utility class that provides functionality
* to find a {@link PropertyEditor} for a JavaBean specified by its type.
*
* @since 1.7
*
* @author Sergey A. Malenkov
*/
public
final
class
PropertyEditorFinder
extends
InstanceFinder
<
PropertyEditor
>
{
private
final
WeakCache
<
Class
<?>,
Class
<?>>
registry
;
public
PropertyEditorFinder
()
{
super
(
PropertyEditor
.
class
,
false
,
"Editor"
,
"sun.beans.editors"
);
this
.
registry
=
new
WeakCache
<
Class
<?>,
Class
<?>>();
this
.
registry
.
put
(
Byte
.
TYPE
,
ByteEditor
.
class
);
this
.
registry
.
put
(
Short
.
TYPE
,
ShortEditor
.
class
);
this
.
registry
.
put
(
Integer
.
TYPE
,
IntegerEditor
.
class
);
this
.
registry
.
put
(
Long
.
TYPE
,
LongEditor
.
class
);
this
.
registry
.
put
(
Boolean
.
TYPE
,
BooleanEditor
.
class
);
this
.
registry
.
put
(
Float
.
TYPE
,
FloatEditor
.
class
);
this
.
registry
.
put
(
Double
.
TYPE
,
DoubleEditor
.
class
);
}
public
void
register
(
Class
<?>
type
,
Class
<?>
editor
)
{
this
.
registry
.
put
(
type
,
editor
);
}
@Override
public
PropertyEditor
find
(
Class
<?>
type
)
{
PropertyEditor
editor
=
instantiate
(
this
.
registry
.
get
(
type
),
null
);
if
(
editor
==
null
)
{
editor
=
super
.
find
(
type
);
if
((
editor
==
null
)
&&
(
null
!=
type
.
getEnumConstants
()))
{
editor
=
new
EnumEditor
(
type
);
}
}
return
editor
;
}
}
src/share/classes/com/sun/jndi/toolkit/ctx/PartialCompositeContext.java
浏览文件 @
f01a2151
...
...
@@ -493,9 +493,9 @@ public abstract class PartialCompositeContext implements Context, Resolver {
* Tests whether a name contains a nonempty component.
*/
protected
static
boolean
allEmpty
(
Name
name
)
{
Enumeration
enum_
=
name
.
getAll
();
Enumeration
<
String
>
enum_
=
name
.
getAll
();
while
(
enum_
.
hasMoreElements
())
{
if
(!
enum_
.
equals
(
""
))
{
if
(!
enum_
.
nextElement
().
isEmpty
(
))
{
return
false
;
}
}
...
...
src/share/classes/java/beans/Encoder.java
浏览文件 @
f01a2151
/*
* Copyright 2000-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -24,7 +24,8 @@
*/
package
java.beans
;
import
java.util.Collections
;
import
com.sun.beans.finder.PersistenceDelegateFinder
;
import
java.util.HashMap
;
import
java.util.IdentityHashMap
;
import
java.util.Map
;
...
...
@@ -45,8 +46,7 @@ import java.util.Map;
*/
public
class
Encoder
{
private
final
Map
<
Class
<?>,
PersistenceDelegate
>
delegates
=
Collections
.
synchronizedMap
(
new
HashMap
<
Class
<?>,
PersistenceDelegate
>());
private
final
PersistenceDelegateFinder
finder
=
new
PersistenceDelegateFinder
();
private
Map
bindings
=
new
IdentityHashMap
();
private
ExceptionListener
exceptionListener
;
boolean
executeStatements
=
true
;
...
...
@@ -166,8 +166,13 @@ public class Encoder {
* @see java.beans.BeanInfo#getBeanDescriptor
*/
public
PersistenceDelegate
getPersistenceDelegate
(
Class
<?>
type
)
{
PersistenceDelegate
pd
=
this
.
delegates
.
get
(
type
);
return
(
pd
!=
null
)
?
pd
:
MetaData
.
getPersistenceDelegate
(
type
);
synchronized
(
this
.
finder
)
{
PersistenceDelegate
pd
=
this
.
finder
.
find
(
type
);
if
(
pd
!=
null
)
{
return
pd
;
}
}
return
MetaData
.
getPersistenceDelegate
(
type
);
}
/**
...
...
@@ -184,10 +189,8 @@ public class Encoder {
public
void
setPersistenceDelegate
(
Class
<?>
type
,
PersistenceDelegate
persistenceDelegate
)
{
if
(
persistenceDelegate
!=
null
)
{
this
.
delegates
.
put
(
type
,
persistenceDelegate
);
}
else
{
this
.
delegates
.
remove
(
type
);
synchronized
(
this
.
finder
)
{
this
.
finder
.
register
(
type
,
persistenceDelegate
);
}
}
...
...
@@ -243,12 +246,11 @@ public class Encoder {
for
(
int
i
=
0
;
i
<
oldArgs
.
length
;
i
++)
{
newArgs
[
i
]
=
writeObject1
(
oldArgs
[
i
]);
}
if
(
oldExp
.
getClass
()
==
Statement
.
class
)
{
return
new
Statement
(
newTarget
,
oldExp
.
getMethodName
(),
newArgs
);
}
else
{
return
new
Expression
(
newTarget
,
oldExp
.
getMethodName
(),
newArgs
);
}
Statement
newExp
=
Statement
.
class
.
equals
(
oldExp
.
getClass
())
?
new
Statement
(
newTarget
,
oldExp
.
getMethodName
(),
newArgs
)
:
new
Expression
(
newTarget
,
oldExp
.
getMethodName
(),
newArgs
);
newExp
.
loader
=
oldExp
.
loader
;
return
newExp
;
}
/**
...
...
src/share/classes/java/beans/IndexedPropertyDescriptor.java
浏览文件 @
f01a2151
/*
* Copyright 1996-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -274,6 +274,11 @@ perty.
}
indexedWriteMethod
=
Introspector
.
findMethod
(
cls
,
indexedWriteMethodName
,
2
,
(
type
==
null
)
?
null
:
new
Class
[]
{
int
.
class
,
type
});
if
(
indexedWriteMethod
!=
null
)
{
if
(!
indexedWriteMethod
.
getReturnType
().
equals
(
void
.
class
))
{
indexedWriteMethod
=
null
;
}
}
setIndexedWriteMethod0
(
indexedWriteMethod
);
}
return
indexedWriteMethod
;
...
...
src/share/classes/java/beans/Introspector.java
浏览文件 @
f01a2151
/*
* Copyright 1996-200
6
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,6 +25,7 @@
package
java.beans
;
import
com.sun.beans.finder.BeanInfoFinder
;
import
com.sun.beans.finder.ClassFinder
;
import
java.lang.ref.Reference
;
...
...
@@ -45,6 +46,8 @@ import java.util.EventListener;
import
java.util.List
;
import
java.util.WeakHashMap
;
import
java.util.TreeMap
;
import
sun.awt.AppContext
;
import
sun.reflect.misc.ReflectUtil
;
/**
...
...
@@ -137,10 +140,6 @@ public class Introspector {
// events maps from String names to EventSetDescriptors
private
Map
events
;
private
final
static
String
DEFAULT_INFO_PATH
=
"sun.beans.infos"
;
private
static
String
[]
searchPath
=
{
DEFAULT_INFO_PATH
};
private
final
static
EventSetDescriptor
[]
EMPTY_EVENTSETDESCRIPTORS
=
new
EventSetDescriptor
[
0
];
static
final
String
ADD_PREFIX
=
"add"
;
...
...
@@ -149,7 +148,7 @@ public class Introspector {
static
final
String
SET_PREFIX
=
"set"
;
static
final
String
IS_PREFIX
=
"is"
;
private
static
final
String
BEANINFO_SUFFIX
=
"BeanInfo"
;
private
static
final
Object
FINDER_KEY
=
new
Object
()
;
//======================================================================
// Public methods
...
...
@@ -309,13 +308,11 @@ public class Introspector {
* Sun implementation initially sets to {"sun.beans.infos"}.
*/
public
static
synchronized
String
[]
getBeanInfoSearchPath
()
{
// Return a copy of the searchPath.
String
result
[]
=
new
String
[
searchPath
.
length
];
for
(
int
i
=
0
;
i
<
searchPath
.
length
;
i
++)
{
result
[
i
]
=
searchPath
[
i
];
public
static
String
[]
getBeanInfoSearchPath
()
{
BeanInfoFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
return
finder
.
getPackages
();
}
return
result
;
}
/**
...
...
@@ -334,12 +331,15 @@ public class Introspector {
* @see SecurityManager#checkPropertiesAccess
*/
public
static
synchronized
void
setBeanInfoSearchPath
(
String
path
[]
)
{
public
static
void
setBeanInfoSearchPath
(
String
[]
path
)
{
SecurityManager
sm
=
System
.
getSecurityManager
();
if
(
sm
!=
null
)
{
sm
.
checkPropertiesAccess
();
}
searchPath
=
path
;
BeanInfoFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
finder
.
setPackages
(
path
);
}
}
...
...
@@ -447,67 +447,14 @@ public class Introspector {
* then it checks to see if the class is its own BeanInfo. Finally,
* the BeanInfo search path is prepended to the class and searched.
*
* @param beanClass the class type of the bean
* @return Instance of an explicit BeanInfo class or null if one isn't found.
*/
private
static
synchronized
BeanInfo
findExplicitBeanInfo
(
Class
beanClass
)
{
String
name
=
beanClass
.
getName
()
+
BEANINFO_SUFFIX
;
try
{
return
(
java
.
beans
.
BeanInfo
)
instantiate
(
beanClass
,
name
);
}
catch
(
Exception
ex
)
{
// Just drop through
}
// Now try checking if the bean is its own BeanInfo.
try
{
if
(
isSubclass
(
beanClass
,
java
.
beans
.
BeanInfo
.
class
))
{
return
(
java
.
beans
.
BeanInfo
)
beanClass
.
newInstance
();
}
}
catch
(
Exception
ex
)
{
// Just drop through
private
static
BeanInfo
findExplicitBeanInfo
(
Class
beanClass
)
{
BeanInfoFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
return
finder
.
find
(
beanClass
);
}
// Now try looking for <searchPath>.fooBeanInfo
name
=
name
.
substring
(
name
.
lastIndexOf
(
'.'
)+
1
);
for
(
int
i
=
0
;
i
<
searchPath
.
length
;
i
++)
{
// This optimization will only use the BeanInfo search path if is has changed
// from the original or trying to get the ComponentBeanInfo.
if
(!
DEFAULT_INFO_PATH
.
equals
(
searchPath
[
i
])
||
DEFAULT_INFO_PATH
.
equals
(
searchPath
[
i
])
&&
"ComponentBeanInfo"
.
equals
(
name
))
{
try
{
String
fullName
=
searchPath
[
i
]
+
"."
+
name
;
java
.
beans
.
BeanInfo
bi
=
(
java
.
beans
.
BeanInfo
)
instantiate
(
beanClass
,
fullName
);
// Make sure that the returned BeanInfo matches the class.
if
(
bi
.
getBeanDescriptor
()
!=
null
)
{
if
(
bi
.
getBeanDescriptor
().
getBeanClass
()
==
beanClass
)
{
return
bi
;
}
}
else
if
(
bi
.
getPropertyDescriptors
()
!=
null
)
{
PropertyDescriptor
[]
pds
=
bi
.
getPropertyDescriptors
();
for
(
int
j
=
0
;
j
<
pds
.
length
;
j
++)
{
Method
method
=
pds
[
j
].
getReadMethod
();
if
(
method
==
null
)
{
method
=
pds
[
j
].
getWriteMethod
();
}
if
(
method
!=
null
&&
method
.
getDeclaringClass
()
==
beanClass
)
{
return
bi
;
}
}
}
else
if
(
bi
.
getMethodDescriptors
()
!=
null
)
{
MethodDescriptor
[]
mds
=
bi
.
getMethodDescriptors
();
for
(
int
j
=
0
;
j
<
mds
.
length
;
j
++)
{
Method
method
=
mds
[
j
].
getMethod
();
if
(
method
!=
null
&&
method
.
getDeclaringClass
()
==
beanClass
)
{
return
bi
;
}
}
}
}
catch
(
Exception
ex
)
{
// Silently ignore any errors.
}
}
}
return
null
;
}
/**
...
...
@@ -577,9 +524,9 @@ public class Introspector {
pd
=
new
PropertyDescriptor
(
this
.
beanClass
,
name
.
substring
(
2
),
method
,
null
);
}
}
else
if
(
argCount
==
1
)
{
if
(
argTypes
[
0
]
==
int
.
class
&&
name
.
startsWith
(
GET_PREFIX
))
{
if
(
int
.
class
.
equals
(
argTypes
[
0
])
&&
name
.
startsWith
(
GET_PREFIX
))
{
pd
=
new
IndexedPropertyDescriptor
(
this
.
beanClass
,
name
.
substring
(
3
),
null
,
null
,
method
,
null
);
}
else
if
(
resultType
==
void
.
class
&&
name
.
startsWith
(
SET_PREFIX
))
{
}
else
if
(
void
.
class
.
equals
(
resultType
)
&&
name
.
startsWith
(
SET_PREFIX
))
{
// Simple setter
pd
=
new
PropertyDescriptor
(
this
.
beanClass
,
name
.
substring
(
3
),
null
,
method
);
if
(
throwsException
(
method
,
PropertyVetoException
.
class
))
{
...
...
@@ -587,7 +534,7 @@ public class Introspector {
}
}
}
else
if
(
argCount
==
2
)
{
if
(
argTypes
[
0
]
==
int
.
class
&&
name
.
startsWith
(
SET_PREFIX
))
{
if
(
void
.
class
.
equals
(
resultType
)
&&
int
.
class
.
equals
(
argTypes
[
0
])
&&
name
.
startsWith
(
SET_PREFIX
))
{
pd
=
new
IndexedPropertyDescriptor
(
this
.
beanClass
,
name
.
substring
(
3
),
null
,
null
,
null
,
method
);
if
(
throwsException
(
method
,
PropertyVetoException
.
class
))
{
pd
.
setConstrained
(
true
);
...
...
@@ -1483,6 +1430,16 @@ public class Introspector {
return
false
;
}
private
static
BeanInfoFinder
getFinder
()
{
AppContext
context
=
AppContext
.
getAppContext
();
Object
object
=
context
.
get
(
FINDER_KEY
);
if
(
object
instanceof
BeanInfoFinder
)
{
return
(
BeanInfoFinder
)
object
;
}
BeanInfoFinder
finder
=
new
BeanInfoFinder
();
context
.
put
(
FINDER_KEY
,
finder
);
return
finder
;
}
/**
* Try to create an instance of a named class.
...
...
src/share/classes/java/beans/MetaData.java
浏览文件 @
f01a2151
/*
* Copyright 2000-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -219,7 +219,9 @@ class java_lang_Class_PersistenceDelegate extends PersistenceDelegate {
return
new
Expression
(
oldInstance
,
String
.
class
,
"getClass"
,
new
Object
[]{});
}
else
{
return
new
Expression
(
oldInstance
,
Class
.
class
,
"forName"
,
new
Object
[]{
c
.
getName
()});
Expression
newInstance
=
new
Expression
(
oldInstance
,
Class
.
class
,
"forName"
,
new
Object
[]
{
c
.
getName
()
});
newInstance
.
loader
=
c
.
getClassLoader
();
return
newInstance
;
}
}
}
...
...
src/share/classes/java/beans/PropertyDescriptor.java
浏览文件 @
f01a2151
/*
* Copyright 1996-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -294,6 +294,11 @@ public class PropertyDescriptor extends FeatureDescriptor {
writeMethod
=
Introspector
.
findMethod
(
cls
,
writeMethodName
,
1
,
(
type
==
null
)
?
null
:
new
Class
[]
{
type
});
if
(
writeMethod
!=
null
)
{
if
(!
writeMethod
.
getReturnType
().
equals
(
void
.
class
))
{
writeMethod
=
null
;
}
}
try
{
setWriteMethod
(
writeMethod
);
}
catch
(
IntrospectionException
ex
)
{
...
...
src/share/classes/java/beans/PropertyEditorManager.java
浏览文件 @
f01a2151
/*
* Copyright 1996-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,8 +25,8 @@
package
java.beans
;
import
com.sun.beans.
WeakCache
;
import
sun.
beans.editors.*
;
import
com.sun.beans.
finder.PropertyEditorFinder
;
import
sun.
awt.AppContext
;
/**
* The PropertyEditorManager can be used to locate a property editor for
...
...
@@ -55,6 +55,8 @@ import sun.beans.editors.*;
public
class
PropertyEditorManager
{
private
static
final
Object
FINDER_KEY
=
new
Object
();
/**
* Registers an editor class to edit values of the given target class.
* If the editor class is {@code null},
...
...
@@ -74,12 +76,15 @@ public class PropertyEditorManager {
*
* @see SecurityManager#checkPropertiesAccess
*/
public
static
synchronized
void
registerEditor
(
Class
<?>
targetType
,
Class
<?>
editorClass
)
{
public
static
void
registerEditor
(
Class
<?>
targetType
,
Class
<?>
editorClass
)
{
SecurityManager
sm
=
System
.
getSecurityManager
();
if
(
sm
!=
null
)
{
sm
.
checkPropertiesAccess
();
}
registry
.
put
(
targetType
,
editorClass
);
PropertyEditorFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
finder
.
register
(
targetType
,
editorClass
);
}
}
/**
...
...
@@ -89,46 +94,11 @@ public class PropertyEditorManager {
* @return An editor object for the given target class.
* The result is null if no suitable editor can be found.
*/
public
static
synchronized
PropertyEditor
findEditor
(
Class
<?>
targetType
)
{
Class
editorClass
=
registry
.
get
(
targetType
);
if
(
editorClass
!=
null
)
{
try
{
Object
o
=
editorClass
.
newInstance
();
return
(
PropertyEditor
)
o
;
}
catch
(
Exception
ex
)
{
System
.
err
.
println
(
"Couldn't instantiate type editor \""
+
editorClass
.
getName
()
+
"\" : "
+
ex
);
}
}
// Now try adding "Editor" to the class name.
String
editorName
=
targetType
.
getName
()
+
"Editor"
;
try
{
return
(
PropertyEditor
)
Introspector
.
instantiate
(
targetType
,
editorName
);
}
catch
(
Exception
ex
)
{
// Silently ignore any errors.
}
// Now try looking for <searchPath>.fooEditor
int
index
=
editorName
.
lastIndexOf
(
'.'
)
+
1
;
if
(
index
>
0
)
{
editorName
=
editorName
.
substring
(
index
);
public
static
PropertyEditor
findEditor
(
Class
<?>
targetType
)
{
PropertyEditorFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
return
finder
.
find
(
targetType
);
}
for
(
String
path
:
searchPath
)
{
String
name
=
path
+
'.'
+
editorName
;
try
{
return
(
PropertyEditor
)
Introspector
.
instantiate
(
targetType
,
name
);
}
catch
(
Exception
ex
)
{
// Silently ignore any errors.
}
}
if
(
null
!=
targetType
.
getEnumConstants
())
{
return
new
EnumEditor
(
targetType
);
}
// We couldn't find a suitable Editor.
return
null
;
}
/**
...
...
@@ -139,8 +109,11 @@ public class PropertyEditorManager {
* <p> The default value for this array is implementation-dependent,
* e.g. Sun implementation initially sets to {"sun.beans.editors"}.
*/
public
static
synchronized
String
[]
getEditorSearchPath
()
{
return
searchPath
.
clone
();
public
static
String
[]
getEditorSearchPath
()
{
PropertyEditorFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
return
finder
.
getPackages
();
}
}
/**
...
...
@@ -156,28 +129,25 @@ public class PropertyEditorManager {
* of system properties.
* @see SecurityManager#checkPropertiesAccess
*/
public
static
synchronized
void
setEditorSearchPath
(
String
[]
path
)
{
public
static
void
setEditorSearchPath
(
String
[]
path
)
{
SecurityManager
sm
=
System
.
getSecurityManager
();
if
(
sm
!=
null
)
{
sm
.
checkPropertiesAccess
();
}
searchPath
=
(
path
!=
null
)
?
path
.
clone
()
:
EMPTY
;
PropertyEditorFinder
finder
=
getFinder
();
synchronized
(
finder
)
{
finder
.
setPackages
(
path
);
}
}
private
static
String
[]
searchPath
=
{
"sun.beans.editors"
};
private
static
final
String
[]
EMPTY
=
{};
private
static
final
WeakCache
<
Class
<?>,
Class
<?>>
registry
;
static
{
registry
=
new
WeakCache
<
Class
<?>,
Class
<?>>();
registry
.
put
(
Byte
.
TYPE
,
ByteEditor
.
class
);
registry
.
put
(
Short
.
TYPE
,
ShortEditor
.
class
);
registry
.
put
(
Integer
.
TYPE
,
IntegerEditor
.
class
);
registry
.
put
(
Long
.
TYPE
,
LongEditor
.
class
);
registry
.
put
(
Boolean
.
TYPE
,
BooleanEditor
.
class
);
registry
.
put
(
Float
.
TYPE
,
FloatEditor
.
class
);
registry
.
put
(
Double
.
TYPE
,
DoubleEditor
.
class
);
private
static
PropertyEditorFinder
getFinder
()
{
AppContext
context
=
AppContext
.
getAppContext
();
Object
object
=
context
.
get
(
FINDER_KEY
);
if
(
object
instanceof
PropertyEditorFinder
)
{
return
(
PropertyEditorFinder
)
object
;
}
PropertyEditorFinder
finder
=
new
PropertyEditorFinder
();
context
.
put
(
FINDER_KEY
,
finder
);
return
finder
;
}
}
src/share/classes/java/beans/Statement.java
浏览文件 @
f01a2151
...
...
@@ -66,6 +66,7 @@ public class Statement {
Object
target
;
String
methodName
;
Object
[]
arguments
;
ClassLoader
loader
;
/**
* Creates a new <code>Statement</code> object with a <code>target</code>,
...
...
@@ -157,7 +158,7 @@ public class Statement {
// of core from a class inside core. Special
// case this method.
if
(
target
==
Class
.
class
&&
methodName
.
equals
(
"forName"
))
{
return
ClassFinder
.
resolveClass
((
String
)
arguments
[
0
]);
return
ClassFinder
.
resolveClass
((
String
)
arguments
[
0
]
,
this
.
loader
);
}
Class
[]
argClasses
=
new
Class
[
arguments
.
length
];
for
(
int
i
=
0
;
i
<
arguments
.
length
;
i
++)
{
...
...
src/share/classes/java/lang/Byte.java
浏览文件 @
f01a2151
...
...
@@ -90,8 +90,8 @@ public final class Byte extends Number implements Comparable<Byte> {
* If a new {@code Byte} instance is not required, this method
* should generally be used in preference to the constructor
* {@link #Byte(byte)}, as this method is likely to yield
* significantly better space and time performance
by caching
*
frequently requested values
.
* significantly better space and time performance
since
*
all byte values are cached
.
*
* @param b a byte value.
* @return a {@code Byte} instance representing {@code b}.
...
...
src/share/classes/java/lang/Character.java
浏览文件 @
f01a2151
...
...
@@ -2571,6 +2571,10 @@ class Character extends Object implements java.io.Serializable, Comparable<Chara
* significantly better space and time performance by caching
* frequently requested values.
*
* This method will always cache values in the range '\u0000'
* to '\u007f'", inclusive, and may cache other values outside
* of this range.
*
* @param c a char value.
* @return a <tt>Character</tt> instance representing <tt>c</tt>.
* @since 1.5
...
...
src/share/classes/java/lang/Class.java
浏览文件 @
f01a2151
...
...
@@ -627,7 +627,7 @@ public final
*
* @return an array of {@code TypeVariable} objects that represent
* the type variables declared by this generic declaration
* @throws GenericSignatureFormatError if the generic
* @throws
java.lang.reflect.
GenericSignatureFormatError if the generic
* signature of this generic declaration does not conform to
* the format specified in the Java Virtual Machine Specification,
* 3rd edition
...
...
@@ -673,12 +673,12 @@ public final
* {@code Class} object representing the {@code Object} class is
* returned.
*
* @throws GenericSignatureFormatError if the generic
* @throws
java.lang.reflect.
GenericSignatureFormatError if the generic
* class signature does not conform to the format specified in the
* Java Virtual Machine Specification, 3rd edition
* @throws TypeNotPresentException if the generic superclass
* refers to a non-existent type declaration
* @throws MalformedParameterizedTypeException if the
* @throws
java.lang.reflect.
MalformedParameterizedTypeException if the
* generic superclass refers to a parameterized type that cannot be
* instantiated for any reason
* @return the superclass of the class represented by this object
...
...
@@ -795,14 +795,14 @@ public final
* <p>If this object represents a primitive type or void, the
* method returns an array of length 0.
*
* @throws GenericSignatureFormatError
* @throws
java.lang.reflect.
GenericSignatureFormatError
* if the generic class signature does not conform to the format
* specified in the Java Virtual Machine Specification, 3rd edition
* @throws TypeNotPresentException if any of the generic
* superinterfaces refers to a non-existent type declaration
* @throws
MalformedParameterizedTypeException if any of the
*
generic superinterfaces refer to a parameterized type that cannot
*
be instantiated
for any reason
* @throws
java.lang.reflect.MalformedParameterizedTypeException
*
if any of the generic superinterfaces refer to a parameterized
*
type that cannot be instantiated
for any reason
* @return an array of interfaces implemented by this class
* @since 1.5
*/
...
...
src/share/classes/java/lang/Integer.java
浏览文件 @
f01a2151
...
...
@@ -638,6 +638,9 @@ public final class Integer extends Number implements Comparable<Integer> {
* to yield significantly better space and time performance by
* caching frequently requested values.
*
* This method will always cache values in the range -128 to 127,
* inclusive, and may cache other values outside of this range.
*
* @param i an {@code int} value.
* @return an {@code Integer} instance representing {@code i}.
* @since 1.5
...
...
src/share/classes/java/lang/Long.java
浏览文件 @
f01a2151
...
...
@@ -560,6 +560,11 @@ public final class Long extends Number implements Comparable<Long> {
* significantly better space and time performance by caching
* frequently requested values.
*
* Note that unlike the {@linkplain Integer#valueOf(int)
* corresponding method} in the {@code Integer} class, this method
* is <em>not</em> required to cache values within a particular
* range.
*
* @param l a long value.
* @return a {@code Long} instance representing {@code l}.
* @since 1.5
...
...
src/share/classes/java/lang/Short.java
浏览文件 @
f01a2151
...
...
@@ -219,6 +219,9 @@ public final class Short extends Number implements Comparable<Short> {
* significantly better space and time performance by caching
* frequently requested values.
*
* This method will always cache values in the range -128 to 127,
* inclusive, and may cache other values outside of this range.
*
* @param s a short value.
* @return a {@code Short} instance representing {@code s}.
* @since 1.5
...
...
src/share/classes/java/net/URLClassLoader.java
浏览文件 @
f01a2151
...
...
@@ -305,6 +305,35 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
}
}
/*
* Retrieve the package using the specified package name.
* If non-null, verify the package using the specified code
* source and manifest.
*/
private
Package
getAndVerifyPackage
(
String
pkgname
,
Manifest
man
,
URL
url
)
{
Package
pkg
=
getPackage
(
pkgname
);
if
(
pkg
!=
null
)
{
// Package found, so check package sealing.
if
(
pkg
.
isSealed
())
{
// Verify that code source URL is the same.
if
(!
pkg
.
isSealed
(
url
))
{
throw
new
SecurityException
(
"sealing violation: package "
+
pkgname
+
" is sealed"
);
}
}
else
{
// Make sure we are not attempting to seal the package
// at this code source URL.
if
((
man
!=
null
)
&&
isSealed
(
pkgname
,
man
))
{
throw
new
SecurityException
(
"sealing violation: can't seal package "
+
pkgname
+
": already loaded"
);
}
}
}
return
pkg
;
}
/*
* Defines a Class using the class bytes obtained from the specified
* Resource. The resulting Class must be resolved before it can be
...
...
@@ -316,32 +345,23 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
if
(
i
!=
-
1
)
{
String
pkgname
=
name
.
substring
(
0
,
i
);
// Check if package already loaded.
Package
pkg
=
getPackage
(
pkgname
);
Manifest
man
=
res
.
getManifest
();
if
(
pkg
!=
null
)
{
// Package found, so check package sealing.
if
(
pkg
.
isSealed
())
{
// Verify that code source URL is the same.
if
(!
pkg
.
isSealed
(
url
))
{
throw
new
SecurityException
(
"sealing violation: package "
+
pkgname
+
" is sealed"
);
if
(
getAndVerifyPackage
(
pkgname
,
man
,
url
)
==
null
)
{
try
{
if
(
man
!=
null
)
{
definePackage
(
pkgname
,
man
,
url
);
}
else
{
definePackage
(
pkgname
,
null
,
null
,
null
,
null
,
null
,
null
,
null
);
}
}
else
{
// Make sure we are not attempting to seal the package
// at this code source URL.
if
((
man
!=
null
)
&&
isSealed
(
pkgname
,
man
))
{
throw
new
SecurityException
(
"sealing violation: can't seal package "
+
pkgname
+
": already loaded"
);
}
catch
(
IllegalArgumentException
iae
)
{
// parallel-capable class loaders: re-verify in case of a
// race condition
if
(
getAndVerifyPackage
(
pkgname
,
man
,
url
)
==
null
)
{
// Should never happen
throw
new
AssertionError
(
"Cannot find package "
+
pkgname
);
}
}
}
else
{
if
(
man
!=
null
)
{
definePackage
(
pkgname
,
man
,
url
);
}
else
{
definePackage
(
pkgname
,
null
,
null
,
null
,
null
,
null
,
null
,
null
);
}
}
}
// Now read the class bytes and define the class
...
...
src/share/classes/java/nio/file/LinkPermission.java
浏览文件 @
f01a2151
...
...
@@ -46,7 +46,7 @@ import java.security.BasicPermission;
* known as creating a link, or hard link. </td>
* <td> Extreme care should be taken when granting this permission. It allows
* linking to any file or directory in the file system thus allowing the
* attacker
to
access to all files. </td>
* attacker access to all files. </td>
* </tr>
* <tr>
* <td>symbolic</td>
...
...
src/share/classes/java/nio/file/NotLinkException.java
浏览文件 @
f01a2151
...
...
@@ -27,7 +27,7 @@ package java.nio.file;
/**
* Checked exception thrown when a file system operation fails because a file
* is not a link.
* is not a
symbolic
link.
*
* @since 1.7
*/
...
...
src/share/classes/java/nio/file/Path.java
浏览文件 @
f01a2151
...
...
@@ -91,8 +91,8 @@ import java.util.Set;
* iterate over the entries in the directory. </p></li>
* <li><p> Files can be {@link #copyTo(Path,CopyOption[]) copied} or
* {@link #moveTo(Path,CopyOption[]) moved}. </p></li>
* <li><p> Symbolic
-
links may be {@link #createSymbolicLink created}, or the
* target of a link may be {@link #readSymbolicLink read}. </p></li>
* <li><p> Symbolic
links may be {@link #createSymbolicLink created}, or the
* target of a
symbolic
link may be {@link #readSymbolicLink read}. </p></li>
* <li><p> The {@link #toRealPath real} path of an existing file may be
* obtained. </li></p>
* </ul>
...
...
@@ -403,12 +403,12 @@ public abstract class Path
* <i>p</i><tt>.relativize(</tt><i>p</i><tt>.resolve(</tt><i>q</i><tt>)).equals(</tt><i>q</i><tt>)</tt>
* </blockquote>
*
* <p> When symbolic
-
links are supported, then whether the resulting path,
* <p> When symbolic
links are supported, then whether the resulting path,
* when resolved against this path, yields a path that can be used to locate
* the {@link #isSameFile same} file as {@code other} is implementation
* dependent. For example, if this path is {@code "/a/b"} and the given
* path is {@code "/a/x"} then the resulting relative path may be {@code
* "../x"}. If {@code "b"} is a symbolic
-
link then is implementation
* "../x"}. If {@code "b"} is a symbolic
link then is implementation
* dependent if {@code "a/b/../x"} would locate the same file as {@code "/a/x"}.
*
* @param other
...
...
@@ -430,8 +430,8 @@ public abstract class Path
*
* <p> An implementation may require to examine the file to determine if the
* file is a directory. Consequently this method may not be atomic with respect
* to other file system operations. If the file is a symbolic
-
link then the
*
link is deleted and not the final target of the link
.
* to other file system operations. If the file is a symbolic
link then the
*
symbolic link itself, not the final target of the link, is deleted
.
*
* <p> If the file is a directory then the directory must be empty. In some
* implementations a directory has entries for special files or links that
...
...
@@ -459,11 +459,11 @@ public abstract class Path
/**
* Deletes the file located by this path, if it exists.
*
* <p> As with the {@link #delete delete()} method, an implementation
*
may require
to examine the file to determine if the file is a directory.
* <p> As with the {@link #delete delete()} method, an implementation
may
*
need
to examine the file to determine if the file is a directory.
* Consequently this method may not be atomic with respect to other file
* system operations. If the file is a symbolic
-link then the link is
*
deleted and not the final target of the link
.
* system operations. If the file is a symbolic
link, then the symbolic
*
link itself, not the final target of the link, is deleted
.
*
* <p> If the file is a directory then the directory must be empty. In some
* implementations a directory has entries for special files or links that
...
...
@@ -507,7 +507,7 @@ public abstract class Path
* create symbolic links, in which case this method may throw {@code IOException}.
*
* @param target
* the target of the link
* the target of the
symbolic
link
* @param attrs
* the array of attributes to set atomically when creating the
* symbolic link
...
...
@@ -573,9 +573,9 @@ public abstract class Path
* Reads the target of a symbolic link <i>(optional operation)</i>.
*
* <p> If the file system supports <a href="package-summary.html#links">symbolic
* links</a> then this method is used read the target of the link, failing
* if the file is not a
link. The target of the link need not exist. The
* returned {@code Path} object will be associated with the same file
* links</a> then this method is used
to
read the target of the link, failing
* if the file is not a
symbolic link. The target of the link need not exist.
*
The
returned {@code Path} object will be associated with the same file
* system as this {@code Path}.
*
* @return a {@code Path} object representing the target of the link
...
...
@@ -584,7 +584,7 @@ public abstract class Path
* if the implementation does not support symbolic links
* @throws NotLinkException
* if the target could otherwise not be read because the file
* is not a link <i>(optional specific exception)</i>
* is not a
symbolic
link <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
...
...
@@ -724,8 +724,8 @@ public abstract class Path
* exists, except if the source and target are the {@link #isSameFile same}
* file, in which case this method has no effect. File attributes are not
* required to be copied to the target file. If symbolic links are supported,
* and the file is a
link, then the final target of the link is copied. If
* the file is a directory then it creates an empty directory in the target
* and the file is a
symbolic link, then the final target of the link is copied.
*
If
the file is a directory then it creates an empty directory in the target
* location (entries in the directory are not copied). This method can be
* used with the {@link Files#walkFileTree Files.walkFileTree} utility
* method to copy a directory and all entries in the directory, or an entire
...
...
@@ -740,8 +740,8 @@ public abstract class Path
* <td> {@link StandardCopyOption#REPLACE_EXISTING REPLACE_EXISTING} </td>
* <td> If the target file exists, then the target file is replaced if it
* is not a non-empty directory. If the target file exists and is a
* symbolic
-link then the symbolic-link is replaced (
not the target of
* the link. </td>
* symbolic
link, then the symbolic link itself,
not the target of
* the link
, is replaced
. </td>
* </tr>
* <tr>
* <td> {@link StandardCopyOption#COPY_ATTRIBUTES COPY_ATTRIBUTES} </td>
...
...
@@ -755,11 +755,11 @@ public abstract class Path
* </tr>
* <tr>
* <td> {@link LinkOption#NOFOLLOW_LINKS NOFOLLOW_LINKS} </td>
* <td> Symbolic
-
links are not followed. If the file, located by this path,
* is a symbolic
-link then the link is copied rather than
the target of
* the link
. It is implementation specific if file attributes can be
* c
opied to the new link. In other words, the {@code COPY_ATTRIBUTES}
*
option may be ignored when copying a
link. </td>
* <td> Symbolic
links are not followed. If the file, located by this path,
* is a symbolic
link, then the symbolic link itself, not
the target of
* the link
, is copied. It is implementation specific if file attributes
* c
an be copied to the new link. In other words, the {@code
*
COPY_ATTRIBUTES} option may be ignored when copying a symbolic
link. </td>
* </tr>
* </table>
*
...
...
@@ -807,18 +807,19 @@ public abstract class Path
* <p> By default, this method attempts to move the file to the target
* location, failing if the target file exists except if the source and
* target are the {@link #isSameFile same} file, in which case this method
* has no effect. If the file is a symbolic link then the link is moved and
* not the target of the link. This method may be invoked to move an empty
* directory. In some implementations a directory has entries for special
* files or links that are created when the directory is created. In such
* implementations a directory is considered empty when only the special
* entries exist. When invoked to move a directory that is not empty then the
* directory is moved if it does not require moving the entries in the directory.
* For example, renaming a directory on the same {@link FileStore} will usually
* not require moving the entries in the directory. When moving a directory
* requires that its entries be moved then this method fails (by throwing
* an {@code IOException}). To move a <i>file tree</i> may involve copying
* rather than moving directories and this can be done using the {@link
* has no effect. If the file is a symbolic link then the symbolic link
* itself, not the target of the link, is moved. This method may be
* invoked to move an empty directory. In some implementations a directory
* has entries for special files or links that are created when the
* directory is created. In such implementations a directory is considered
* empty when only the special entries exist. When invoked to move a
* directory that is not empty then the directory is moved if it does not
* require moving the entries in the directory. For example, renaming a
* directory on the same {@link FileStore} will usually not require moving
* the entries in the directory. When moving a directory requires that its
* entries be moved then this method fails (by throwing an {@code
* IOException}). To move a <i>file tree</i> may involve copying rather
* than moving directories and this can be done using the {@link
* #copyTo copyTo} method in conjunction with the {@link
* Files#walkFileTree Files.walkFileTree} utility method.
*
...
...
@@ -831,8 +832,8 @@ public abstract class Path
* <td> {@link StandardCopyOption#REPLACE_EXISTING REPLACE_EXISTING} </td>
* <td> If the target file exists, then the target file is replaced if it
* is not a non-empty directory. If the target file exists and is a
* symbolic
-link then the symbolic-link is replaced and
not the target of
* the link. </td>
* symbolic
link, then the symbolic link itself,
not the target of
* the link
, is replaced
. </td>
* </tr>
* <tr>
* <td> {@link StandardCopyOption#ATOMIC_MOVE ATOMIC_MOVE} </td>
...
...
@@ -1495,7 +1496,7 @@ public abstract class Path
*
* <p> Where a file is registered with a watch service by means of a symbolic
* link then it is implementation specific if the watch continues to depend
* on the existence of the link after it is registered.
* on the existence of the
symbolic
link after it is registered.
*
* @param watcher
* the watch service to which this object is to be registered
...
...
src/share/classes/java/nio/file/SecureDirectoryStream.java
浏览文件 @
f01a2151
...
...
@@ -166,12 +166,13 @@ public abstract class SecureDirectoryStream<T>
/**
* Deletes a file.
*
* <p> Unlike the {@link Path#delete delete()} method, this method
*
does
not first examine the file to determine if the file is a directory.
* <p> Unlike the {@link Path#delete delete()} method, this method
does
* not first examine the file to determine if the file is a directory.
* Whether a directory is deleted by this method is system dependent and
* therefore not specified. If the file is a symbolic-link then the link is
* deleted (not the final target of the link). When the parameter is a
* relative path then the file to delete is relative to this open directory.
* therefore not specified. If the file is a symbolic link, then the link
* itself, not the final target of the link, is deleted. When the
* parameter is a relative path then the file to delete is relative to
* this open directory.
*
* @param path
* the path of the file to delete
...
...
src/share/classes/java/nio/file/attribute/Attributes.java
浏览文件 @
f01a2151
...
...
@@ -48,9 +48,9 @@ public final class Attributes {
* symbolic links are followed and the file attributes of the final target
* of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS
* NOFOLLOW_LINKS} is present then symbolic links are not followed and so
* the method returns the file attributes of the symbolic link
. This option
*
should be used where there is a need to determine if a file is
a
* symbolic link:
* the method returns the file attributes of the symbolic link
itself.
*
This option should be used where there is a need to determine if
a
*
file is a
symbolic link:
* <pre>
* boolean isSymbolicLink = Attributes.readBasicFileAttributes(file, NOFOLLOW_LINKS).isSymbolicLink();
* </pre>
...
...
@@ -98,7 +98,7 @@ public final class Attributes {
* symbolic links are followed and the file attributes of the final target
* of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS
* NOFOLLOW_LINKS} is present then symbolic links are not followed and so
* the method returns the file attributes of the symbolic link.
* the method returns the file attributes of the symbolic link
itself
.
*
* @param file
* A file reference that locates the file
...
...
@@ -145,7 +145,7 @@ public final class Attributes {
* symbolic links are followed and the file attributes of the final target
* of the link are read. If the option {@link LinkOption#NOFOLLOW_LINKS
* NOFOLLOW_LINKS} is present then symbolic links are not followed and so
* the method returns the file attributes of the symbolic link.
* the method returns the file attributes of the symbolic link
itself
.
*
* @param file
* A file reference that locates the file
...
...
src/share/classes/java/nio/file/attribute/BasicFileAttributes.java
浏览文件 @
f01a2151
...
...
@@ -81,13 +81,13 @@ public interface BasicFileAttributes {
boolean
isDirectory
();
/**
* Tells whether the file is a symbolic
-
link.
* Tells whether the file is a symbolic
link.
*/
boolean
isSymbolicLink
();
/**
* Tells whether the file is something other than a regular file, directory,
* or link.
* or
symbolic
link.
*/
boolean
isOther
();
...
...
src/share/classes/sun/net/www/http/HttpCapture.java
浏览文件 @
f01a2151
...
...
@@ -25,6 +25,8 @@
package
sun.net.www.http
;
import
java.io.*
;
import
java.lang.reflect.InvocationTargetException
;
import
java.lang.reflect.Method
;
import
java.util.ArrayList
;
import
java.util.logging.Level
;
import
java.util.logging.Logger
;
...
...
@@ -60,6 +62,76 @@ public class HttpCapture {
private
static
boolean
initialized
=
false
;
private
static
volatile
ArrayList
<
Pattern
>
patterns
=
null
;
private
static
volatile
ArrayList
<
String
>
capFiles
=
null
;
/* Logging is done in an ugly way so that it does not require the presence
* the java.util.logging package. If the Logger class is not available, then
* logging is turned off. This is for helping the modularization effort.
*/
private
static
Object
logger
=
null
;
private
static
boolean
logging
=
false
;
static
{
Class
cl
;
try
{
cl
=
Class
.
forName
(
"java.util.logging.Logger"
);
}
catch
(
ClassNotFoundException
ex
)
{
cl
=
null
;
}
if
(
cl
!=
null
)
{
try
{
Method
m
=
cl
.
getMethod
(
"getLogger"
,
String
.
class
);
logger
=
m
.
invoke
(
null
,
"sun.net.www.protocol.http.HttpURLConnection"
);
logging
=
true
;
}
catch
(
NoSuchMethodException
noSuchMethodException
)
{
}
catch
(
SecurityException
securityException
)
{
}
catch
(
IllegalAccessException
illegalAccessException
)
{
}
catch
(
IllegalArgumentException
illegalArgumentException
)
{
}
catch
(
InvocationTargetException
invocationTargetException
)
{
}
}
}
public
static
void
fine
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
fine
(
s
);
}
}
public
static
void
finer
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
finer
(
s
);
}
}
public
static
void
finest
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
finest
(
s
);
}
}
public
static
void
severe
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
finest
(
s
);
}
}
public
static
void
info
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
info
(
s
);
}
}
public
static
void
warning
(
String
s
)
{
if
(
logging
)
{
((
Logger
)
logger
).
warning
(
s
);
}
}
public
static
boolean
isLoggable
(
String
level
)
{
if
(!
logging
)
{
return
false
;
}
return
((
Logger
)
logger
).
isLoggable
(
Level
.
parse
(
level
));
}
private
static
synchronized
void
init
()
{
initialized
=
true
;
...
...
src/share/classes/sun/net/www/http/HttpClient.java
浏览文件 @
f01a2151
...
...
@@ -28,8 +28,6 @@ package sun.net.www.http;
import
java.io.*
;
import
java.net.*
;
import
java.util.Locale
;
import
java.util.logging.Level
;
import
java.util.logging.Logger
;
import
sun.net.NetworkClient
;
import
sun.net.ProgressSource
;
import
sun.net.www.MessageHeader
;
...
...
@@ -66,10 +64,6 @@ public class HttpClient extends NetworkClient {
/** Default port number for http daemons. REMIND: make these private */
static
final
int
httpPortNumber
=
80
;
// Use same logger as HttpURLConnection since we want to combine both event
// streams into one single HTTP log
private
static
Logger
logger
=
Logger
.
getLogger
(
"sun.net.www.protocol.http.HttpURLConnection"
);
/** return default port number (subclasses may override) */
protected
int
getDefaultPort
()
{
return
httpPortNumber
;
}
...
...
@@ -810,8 +804,8 @@ public class HttpClient extends NetworkClient {
if
(
isKeepingAlive
())
{
// Wrap KeepAliveStream if keep alive is enabled.
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"KeepAlive stream used: "
+
url
);
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"KeepAlive stream used: "
+
url
);
}
serverInput
=
new
KeepAliveStream
(
serverInput
,
pi
,
cl
,
this
);
failedOnce
=
false
;
...
...
src/share/classes/sun/net/www/protocol/http/HttpLogFormatter.java
浏览文件 @
f01a2151
...
...
@@ -49,8 +49,7 @@ public class HttpLogFormatter extends java.util.logging.SimpleFormatter {
@Override
public
String
format
(
LogRecord
record
)
{
if
(!
"sun.net.www.protocol.http.HttpURLConnection"
.
equalsIgnoreCase
(
record
.
getSourceClassName
())
&&
!
"sun.net.www.http.HttpClient"
.
equalsIgnoreCase
(
record
.
getSourceClassName
()))
{
if
(!
"sun.net.www.http.HttpCapture"
.
equalsIgnoreCase
(
record
.
getSourceClassName
()))
{
// Don't change format for stuff that doesn't concern us
return
super
.
format
(
record
);
}
...
...
src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
浏览文件 @
f01a2151
...
...
@@ -51,14 +51,13 @@ import java.util.List;
import
java.util.Locale
;
import
java.util.StringTokenizer
;
import
java.util.Iterator
;
import
java.util.logging.Level
;
import
java.util.logging.Logger
;
import
sun.net.*
;
import
sun.net.www.*
;
import
sun.net.www.http.HttpClient
;
import
sun.net.www.http.PosterOutputStream
;
import
sun.net.www.http.ChunkedInputStream
;
import
sun.net.www.http.ChunkedOutputStream
;
import
sun.net.www.http.HttpCapture
;
import
java.text.SimpleDateFormat
;
import
java.util.TimeZone
;
import
java.net.MalformedURLException
;
...
...
@@ -71,8 +70,6 @@ import java.nio.ByteBuffer;
public
class
HttpURLConnection
extends
java
.
net
.
HttpURLConnection
{
private
static
Logger
logger
=
Logger
.
getLogger
(
"sun.net.www.protocol.http.HttpURLConnection"
);
static
String
HTTP_CONNECT
=
"CONNECT"
;
static
final
String
version
;
...
...
@@ -304,14 +301,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return
java
.
security
.
AccessController
.
doPrivileged
(
new
java
.
security
.
PrivilegedAction
<
PasswordAuthentication
>()
{
public
PasswordAuthentication
run
()
{
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"Requesting Authentication: host ="
+
host
+
" url = "
+
url
);
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"Requesting Authentication: host ="
+
host
+
" url = "
+
url
);
}
PasswordAuthentication
pass
=
Authenticator
.
requestPasswordAuthentication
(
host
,
addr
,
port
,
protocol
,
prompt
,
scheme
,
url
,
authType
);
if
(
pass
!=
null
&&
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"Authentication returned: "
+
pass
.
toString
(
));
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"Authentication returned: "
+
(
pass
!=
null
?
pass
.
toString
()
:
"null"
));
}
return
pass
;
}
...
...
@@ -466,8 +463,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
setRequests
=
true
;
}
if
(
logger
.
isLoggable
(
Level
.
FINE
))
{
logger
.
fine
(
requests
.
toString
());
if
(
HttpCapture
.
isLoggable
(
"FINE"
))
{
HttpCapture
.
fine
(
requests
.
toString
());
}
http
.
writeRequests
(
requests
,
poster
);
if
(
ps
.
checkError
())
{
...
...
@@ -723,11 +720,9 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
&&
!(
cachedResponse
instanceof
SecureCacheResponse
))
{
cachedResponse
=
null
;
}
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"Cache Request for "
+
uri
+
" / "
+
getRequestMethod
());
if
(
cachedResponse
!=
null
)
{
logger
.
finest
(
"From cache: "
+
cachedResponse
.
toString
());
}
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"Cache Request for "
+
uri
+
" / "
+
getRequestMethod
());
HttpCapture
.
finest
(
"From cache: "
+
(
cachedResponse
!=
null
?
cachedResponse
.
toString
()
:
"null"
));
}
if
(
cachedResponse
!=
null
)
{
cachedHeaders
=
mapToMessageHeader
(
cachedResponse
.
getHeaders
());
...
...
@@ -766,8 +761,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
});
if
(
sel
!=
null
)
{
URI
uri
=
sun
.
net
.
www
.
ParseUtil
.
toURI
(
url
);
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"ProxySelector Request for "
+
uri
);
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"ProxySelector Request for "
+
uri
);
}
Iterator
<
Proxy
>
it
=
sel
.
select
(
uri
).
iterator
();
Proxy
p
;
...
...
@@ -783,9 +778,9 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
http
=
getNewHttpClient
(
url
,
p
,
connectTimeout
,
false
);
http
.
setReadTimeout
(
readTimeout
);
}
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
if
(
p
!=
null
)
{
logger
.
finest
(
"Proxy used: "
+
p
.
toString
());
HttpCapture
.
finest
(
"Proxy used: "
+
p
.
toString
());
}
}
break
;
...
...
@@ -1015,15 +1010,15 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
URI
uri
=
ParseUtil
.
toURI
(
url
);
if
(
uri
!=
null
)
{
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"CookieHandler request for "
+
uri
);
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"CookieHandler request for "
+
uri
);
}
Map
<
String
,
List
<
String
>>
cookies
=
cookieHandler
.
get
(
uri
,
requests
.
getHeaders
(
EXCLUDE_HEADERS
));
if
(!
cookies
.
isEmpty
())
{
if
(
logger
.
isLoggable
(
Level
.
FINEST
))
{
logger
.
finest
(
"Cookies retrieved: "
+
cookies
.
toString
());
if
(
HttpCapture
.
isLoggable
(
"FINEST"
))
{
HttpCapture
.
finest
(
"Cookies retrieved: "
+
cookies
.
toString
());
}
for
(
Map
.
Entry
<
String
,
List
<
String
>>
entry
:
cookies
.
entrySet
())
{
...
...
@@ -1154,8 +1149,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
writeRequests
();
}
http
.
parseHTTP
(
responses
,
pi
,
this
);
if
(
logger
.
isLoggable
(
Level
.
FINE
))
{
logger
.
fine
(
responses
.
toString
());
if
(
HttpCapture
.
isLoggable
(
"FINE"
))
{
HttpCapture
.
fine
(
responses
.
toString
());
}
inputStream
=
http
.
getInputStream
();
...
...
@@ -1599,8 +1594,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
http
.
parseHTTP
(
responses
,
null
,
this
);
/* Log the response to the CONNECT */
if
(
logger
.
isLoggable
(
Level
.
FINE
))
{
logger
.
fine
(
responses
.
toString
());
if
(
HttpCapture
.
isLoggable
(
"FINE"
))
{
HttpCapture
.
fine
(
responses
.
toString
());
}
statusLine
=
responses
.
getValue
(
0
);
...
...
@@ -1727,8 +1722,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
setPreemptiveProxyAuthentication
(
requests
);
/* Log the CONNECT request */
if
(
logger
.
isLoggable
(
Level
.
FINE
))
{
logger
.
fine
(
requests
.
toString
());
if
(
HttpCapture
.
isLoggable
(
"FINE"
))
{
HttpCapture
.
fine
(
requests
.
toString
());
}
http
.
writeRequests
(
requests
,
null
);
...
...
@@ -1872,8 +1867,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
}
if
(
logger
.
isLoggable
(
Level
.
FINER
))
{
logger
.
finer
(
"Proxy Authentication for "
+
authhdr
.
toString
()
+
" returned "
+
ret
.
toString
(
));
if
(
HttpCapture
.
isLoggable
(
"FINER"
))
{
HttpCapture
.
finer
(
"Proxy Authentication for "
+
authhdr
.
toString
()
+
" returned "
+
(
ret
!=
null
?
ret
.
toString
()
:
"null"
));
}
return
ret
;
}
...
...
@@ -2002,8 +1997,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
}
if
(
logger
.
isLoggable
(
Level
.
FINER
))
{
logger
.
finer
(
"Server Authentication for "
+
authhdr
.
toString
()
+
" returned "
+
ret
.
toString
(
));
if
(
HttpCapture
.
isLoggable
(
"FINER"
))
{
HttpCapture
.
finer
(
"Server Authentication for "
+
authhdr
.
toString
()
+
" returned "
+
(
ret
!=
null
?
ret
.
toString
()
:
"null"
));
}
return
ret
;
}
...
...
@@ -2078,8 +2073,8 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if
(
streaming
())
{
throw
new
HttpRetryException
(
RETRY_MSG3
,
stat
,
loc
);
}
if
(
logger
.
isLoggable
(
Level
.
FINE
))
{
logger
.
fine
(
"Redirected from "
+
url
+
" to "
+
locUrl
);
if
(
HttpCapture
.
isLoggable
(
"FINE"
))
{
HttpCapture
.
fine
(
"Redirected from "
+
url
+
" to "
+
locUrl
);
}
// clear out old response headers!!!!
...
...
src/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java
浏览文件 @
f01a2151
...
...
@@ -238,7 +238,7 @@ public class Krb5InitCredential
retVal
=
(
int
)(
getEndTime
().
getTime
()
-
(
new
Date
().
getTime
()));
return
retVal
;
return
retVal
/
1000
;
}
/**
...
...
src/share/classes/sun/security/krb5/Config.java
浏览文件 @
f01a2151
...
...
@@ -123,7 +123,7 @@ public class Config {
java
.
security
.
AccessController
.
doPrivileged
(
new
sun
.
security
.
action
.
GetPropertyAction
(
"java.security.krb5.kdc"
));
defaultRealm
=
defaultRealm
=
java
.
security
.
AccessController
.
doPrivileged
(
new
sun
.
security
.
action
.
GetPropertyAction
(
"java.security.krb5.realm"
));
...
...
@@ -134,6 +134,16 @@ public class Config {
"java.security.krb5.realm both must be set or "
+
"neither must be set."
);
}
// Read the Kerberos configuration file
try
{
Vector
<
String
>
configFile
;
configFile
=
loadConfigFile
();
stanzaTable
=
parseStanzaTable
(
configFile
);
}
catch
(
IOException
ioe
)
{
// No krb5.conf, no problem. We'll use DNS etc.
}
if
(
kdchost
!=
null
)
{
/*
* If configuration information is only specified by
...
...
@@ -141,22 +151,19 @@ public class Config {
* java.security.krb5.realm, we put both in the hashtable
* under [libdefaults].
*/
Hashtable
<
String
,
String
>
kdcs
=
new
Hashtable
<
String
,
String
>
();
if
(
stanzaTable
==
null
)
{
stanzaTable
=
new
Hashtable
<
String
,
Object
>
();
}
Hashtable
<
String
,
String
>
kdcs
=
(
Hashtable
<
String
,
String
>)
stanzaTable
.
get
(
"libdefaults"
);
if
(
kdcs
==
null
)
{
kdcs
=
new
Hashtable
<
String
,
String
>
();
stanzaTable
.
put
(
"libdefaults"
,
kdcs
);
}
kdcs
.
put
(
"default_realm"
,
defaultRealm
);
// The user can specify a list of kdc hosts separated by ":"
kdchost
=
kdchost
.
replace
(
':'
,
' '
);
kdcs
.
put
(
"kdc"
,
kdchost
);
stanzaTable
=
new
Hashtable
<
String
,
Object
>
();
stanzaTable
.
put
(
"libdefaults"
,
kdcs
);
}
else
{
// Read the Kerberos configuration file
try
{
Vector
<
String
>
configFile
;
configFile
=
loadConfigFile
();
stanzaTable
=
parseStanzaTable
(
configFile
);
}
catch
(
IOException
ioe
)
{
// No krb5.conf, no problem. We'll use DNS etc.
}
}
}
...
...
@@ -294,7 +301,7 @@ public class Config {
* hashtable.
*/
if
(
name
.
equalsIgnoreCase
(
"kdc"
)
&&
(
!
section
.
equalsIgnoreCase
(
"libdefaults"
))
&&
(
section
.
equalsIgnoreCase
(
getDefault
(
"default_realm"
,
"libdefaults"
)
))
&&
(
java
.
security
.
AccessController
.
doPrivileged
(
new
sun
.
security
.
action
.
GetPropertyAction
(
"java.security.krb5.kdc"
))
!=
null
))
{
...
...
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
浏览文件 @
f01a2151
/*
* Copyright 2002-200
7
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2002-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -34,6 +34,7 @@ import javax.security.auth.x500.X500Principal;
import
sun.security.action.GetPropertyAction
;
import
sun.security.util.Debug
;
import
sun.security.util.DerOutputStream
;
import
sun.security.x509.*
;
/**
...
...
@@ -333,7 +334,15 @@ class DistributionPointFetcher {
if
(
match
==
false
)
{
return
false
;
}
indirectCRL
=
true
;
// we accept the case that a CRL issuer provide status
// information for itself.
if
(
ForwardBuilder
.
issues
(
certImpl
,
crlImpl
,
provider
))
{
// reset the public key used to verify the CRL's signature
prevKey
=
certImpl
.
getPublicKey
();
}
else
{
indirectCRL
=
true
;
}
}
else
if
(
crlIssuer
.
equals
(
certIssuer
)
==
false
)
{
if
(
debug
!=
null
)
{
debug
.
println
(
"crl issuer does not equal cert issuer"
);
...
...
@@ -347,7 +356,14 @@ class DistributionPointFetcher {
PKIXExtensions
.
AuthorityKey_Id
.
toString
());
if
(!
Arrays
.
equals
(
certAKID
,
crlAKID
))
{
indirectCRL
=
true
;
// we accept the case that a CRL issuer provide status
// information for itself.
if
(
ForwardBuilder
.
issues
(
certImpl
,
crlImpl
,
provider
))
{
// reset the public key used to verify the CRL's signature
prevKey
=
certImpl
.
getPublicKey
();
}
else
{
indirectCRL
=
true
;
}
}
}
...
...
@@ -542,10 +558,80 @@ class DistributionPointFetcher {
certSel
.
setSubject
(
crlIssuer
.
asX500Principal
());
boolean
[]
crlSign
=
{
false
,
false
,
false
,
false
,
false
,
false
,
true
};
certSel
.
setKeyUsage
(
crlSign
);
// Currently by default, forward builder does not enable
// subject/authority key identifier identifying for target
// certificate, instead, it only compares the CRL issuer and
// the target certificate subject. If the certificate of the
// delegated CRL issuer is a self-issued certificate, the
// builder is unable to find the proper CRL issuer by issuer
// name only, there is a potential dead loop on finding the
// proper issuer. It is of great help to narrow the target
// scope down to aware of authority key identifiers in the
// selector, for the purposes of breaking the dead loop.
AuthorityKeyIdentifierExtension
akidext
=
crlImpl
.
getAuthKeyIdExtension
();
if
(
akidext
!=
null
)
{
KeyIdentifier
akid
=
(
KeyIdentifier
)
akidext
.
get
(
akidext
.
KEY_ID
);
if
(
akid
!=
null
)
{
DerOutputStream
derout
=
new
DerOutputStream
();
derout
.
putOctetString
(
akid
.
getIdentifier
());
certSel
.
setSubjectKeyIdentifier
(
derout
.
toByteArray
());
}
SerialNumber
asn
=
(
SerialNumber
)
akidext
.
get
(
akidext
.
SERIAL_NUMBER
);
if
(
asn
!=
null
)
{
certSel
.
setSerialNumber
(
asn
.
getNumber
());
}
// the subject criterion will be set by builder automatically.
}
// by far, we have validated the previous certificate, we can
// trust it during validating the CRL issuer.
// Except the performance improvement, another benefit is to break
// the dead loop while looking for the issuer back and forth
// between the delegated self-issued certificate and its issuer.
Set
<
TrustAnchor
>
trustAnchors
=
new
HashSet
<
TrustAnchor
>();
if
(
anchor
!=
null
)
{
trustAnchors
.
add
(
anchor
);
}
if
(
prevKey
!=
null
)
{
// if the previous key is of the anchor, don't bother to
// duplicate the trust.
boolean
duplicated
=
false
;
PublicKey
publicKey
=
prevKey
;
X500Principal
principal
=
certImpl
.
getIssuerX500Principal
();
if
(
anchor
!=
null
)
{
X509Certificate
trustedCert
=
anchor
.
getTrustedCert
();
X500Principal
trustedPrincipal
;
PublicKey
trustedPublicKey
;
if
(
trustedCert
!=
null
)
{
trustedPrincipal
=
trustedCert
.
getSubjectX500Principal
();
trustedPublicKey
=
trustedCert
.
getPublicKey
();
}
else
{
trustedPrincipal
=
anchor
.
getCA
();
trustedPublicKey
=
anchor
.
getCAPublicKey
();
}
if
(
principal
.
equals
(
trustedPrincipal
)
&&
publicKey
.
equals
(
trustedPublicKey
))
{
duplicated
=
true
;
}
}
if
(!
duplicated
)
{
TrustAnchor
temporary
=
new
TrustAnchor
(
principal
,
publicKey
,
null
);
trustAnchors
.
add
(
temporary
);
}
}
PKIXBuilderParameters
params
=
null
;
try
{
params
=
new
PKIXBuilderParameters
(
Collections
.
singleton
(
anchor
),
certSel
);
params
=
new
PKIXBuilderParameters
(
trustAnchors
,
certSel
);
}
catch
(
InvalidAlgorithmParameterException
iape
)
{
throw
new
CRLException
(
iape
);
}
...
...
src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
浏览文件 @
f01a2151
/*
* Copyright 2000-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -30,6 +30,7 @@ import java.util.*;
import
java.security.GeneralSecurityException
;
import
java.security.InvalidKeyException
;
import
java.security.cert.Certificate
;
import
java.security.cert.CertificateException
;
import
java.security.cert.CertPathValidatorException
;
import
java.security.cert.PKIXReason
;
...
...
@@ -43,12 +44,22 @@ import java.security.cert.X509CertSelector;
import
javax.security.auth.x500.X500Principal
;
import
sun.security.util.Debug
;
import
sun.security.util.DerOutputStream
;
import
sun.security.x509.AccessDescription
;
import
sun.security.x509.AuthorityInfoAccessExtension
;
import
sun.security.x509.PKIXExtensions
;
import
sun.security.x509.PolicyMappingsExtension
;
import
sun.security.x509.X500Name
;
import
sun.security.x509.X509CertImpl
;
import
sun.security.x509.X509CRLImpl
;
import
sun.security.x509.AuthorityKeyIdentifierExtension
;
import
sun.security.x509.KeyIdentifier
;
import
sun.security.x509.SubjectKeyIdentifierExtension
;
import
sun.security.x509.SerialNumber
;
import
sun.security.x509.GeneralNames
;
import
sun.security.x509.GeneralName
;
import
sun.security.x509.GeneralNameInterface
;
import
java.math.BigInteger
;
/**
* This class represents a forward builder, which is able to retrieve
...
...
@@ -237,7 +248,7 @@ class ForwardBuilder extends Builder {
}
else
{
if
(
caSelector
==
null
)
{
caSelector
=
new
X509CertSelector
();
caSelector
=
new
Adaptable
X509CertSelector
();
/*
* Match on certificate validity date.
...
...
@@ -269,6 +280,29 @@ class ForwardBuilder extends Builder {
* at least as many CA certs that have already been traversed
*/
caSelector
.
setBasicConstraints
(
currentState
.
traversedCACerts
);
/*
* Facilitate certification path construction with authority
* key identifier and subject key identifier.
*/
AuthorityKeyIdentifierExtension
akidext
=
currentState
.
cert
.
getAuthorityKeyIdentifierExtension
();
if
(
akidext
!=
null
)
{
KeyIdentifier
akid
=
(
KeyIdentifier
)
akidext
.
get
(
akidext
.
KEY_ID
);
if
(
akid
!=
null
)
{
DerOutputStream
derout
=
new
DerOutputStream
();
derout
.
putOctetString
(
akid
.
getIdentifier
());
caSelector
.
setSubjectKeyIdentifier
(
derout
.
toByteArray
());
}
SerialNumber
asn
=
(
SerialNumber
)
akidext
.
get
(
akidext
.
SERIAL_NUMBER
);
if
(
asn
!=
null
)
{
caSelector
.
setSerialNumber
(
asn
.
getNumber
());
}
// the subject criterion was set previously.
}
sel
=
caSelector
;
}
...
...
@@ -817,13 +851,25 @@ class ForwardBuilder extends Builder {
}
else
{
continue
;
}
}
X500Principal
trustedCAName
=
anchor
.
getCA
();
}
else
{
X500Principal
principal
=
anchor
.
getCA
();
java
.
security
.
PublicKey
publicKey
=
anchor
.
getCAPublicKey
();
if
(
principal
!=
null
&&
publicKey
!=
null
&&
principal
.
equals
(
cert
.
getSubjectX500Principal
()))
{
if
(
publicKey
.
equals
(
cert
.
getPublicKey
()))
{
// the cert itself is a trust anchor
this
.
trustAnchor
=
anchor
;
return
true
;
}
// else, it is a self-issued certificate of the anchor
}
/* Check subject/issuer name chaining */
if
(!
trustedCAName
.
equals
(
cert
.
getIssuerX500Principal
()))
{
continue
;
// Check subject/issuer name chaining
if
(
principal
==
null
||
!
principal
.
equals
(
cert
.
getIssuerX500Principal
()))
{
continue
;
}
}
/* Check revocation if it is enabled */
...
...
@@ -890,4 +936,120 @@ class ForwardBuilder extends Builder {
void
removeFinalCertFromPath
(
LinkedList
<
X509Certificate
>
certPathList
)
{
certPathList
.
removeFirst
();
}
/** Verifies whether a CRL is issued by a certain certificate
*
* @param cert the certificate
* @param crl the CRL to be verified
* @param provider the name of the signature provider
*/
static
boolean
issues
(
X509CertImpl
cert
,
X509CRLImpl
crl
,
String
provider
)
throws
IOException
{
boolean
kidmatched
=
false
;
// check certificate's key usage
boolean
[]
usages
=
cert
.
getKeyUsage
();
if
(
usages
!=
null
&&
!
usages
[
6
])
{
return
false
;
}
// check certificate's SKID and CRL's AKID
AuthorityKeyIdentifierExtension
akidext
=
crl
.
getAuthKeyIdExtension
();
if
(
akidext
!=
null
)
{
// the highest priority, matching KID
KeyIdentifier
akid
=
(
KeyIdentifier
)
akidext
.
get
(
akidext
.
KEY_ID
);
if
(
akid
!=
null
)
{
SubjectKeyIdentifierExtension
skidext
=
cert
.
getSubjectKeyIdentifierExtension
();
if
(
skidext
!=
null
)
{
KeyIdentifier
skid
=
(
KeyIdentifier
)
skidext
.
get
(
skidext
.
KEY_ID
);
if
(!
akid
.
equals
(
skid
))
{
return
false
;
}
kidmatched
=
true
;
}
// conservatively, in case of X509 V1 certificate,
// does return false here if no SKID extension.
}
// the medium priority, matching issuer name/serial number
SerialNumber
asn
=
(
SerialNumber
)
akidext
.
get
(
akidext
.
SERIAL_NUMBER
);
GeneralNames
anames
=
(
GeneralNames
)
akidext
.
get
(
akidext
.
AUTH_NAME
);
if
(
asn
!=
null
&&
anames
!=
null
)
{
X500Name
subject
=
(
X500Name
)
cert
.
getSubjectDN
();
BigInteger
serial
=
cert
.
getSerialNumber
();
if
(
serial
!=
null
&&
subject
!=
null
)
{
if
(
serial
.
equals
(
asn
.
getNumber
()))
{
return
false
;
}
for
(
GeneralName
name
:
anames
.
names
())
{
GeneralNameInterface
gni
=
name
.
getName
();
if
(
subject
.
equals
(
gni
))
{
return
true
;
}
}
}
return
false
;
}
if
(
kidmatched
)
{
return
true
;
}
}
// the last priority, verify the CRL signature with the cert.
X500Principal
crlIssuer
=
crl
.
getIssuerX500Principal
();
X500Principal
certSubject
=
cert
.
getSubjectX500Principal
();
if
(
certSubject
!=
null
&&
certSubject
.
equals
(
crlIssuer
))
{
try
{
crl
.
verify
(
cert
.
getPublicKey
(),
provider
);
return
true
;
}
catch
(
Exception
e
)
{
// ignore all exceptions.
}
}
return
false
;
}
/**
* An adaptable X509 certificate selector for forward certification path
* building.
*/
private
static
class
AdaptableX509CertSelector
extends
X509CertSelector
{
public
AdaptableX509CertSelector
()
{
super
();
}
/**
* Decides whether a <code>Certificate</code> should be selected.
*
* For the purpose of compatibility, when a certificate is of
* version 1 and version 2, or the certificate does not include
* a subject key identifier extension, the selection criterion
* of subjectKeyIdentifier will be disabled.
*
* @Override
*/
public
boolean
match
(
Certificate
cert
)
{
if
(!(
cert
instanceof
X509Certificate
))
{
return
false
;
}
X509Certificate
xcert
=
(
X509Certificate
)
cert
;
if
(
xcert
.
getVersion
()
<
3
||
xcert
.
getExtensionValue
(
"2.5.29.14"
)
==
null
)
{
// disable the subjectKeyIdentifier criterion
setSubjectKeyIdentifier
(
null
);
}
return
super
.
match
(
cert
);
}
}
}
src/share/classes/sun/security/provider/certpath/OCSPChecker.java
浏览文件 @
f01a2151
/*
* Copyright 2003-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -351,18 +351,27 @@ class OCSPChecker extends PKIXCertPathChecker {
}
in
=
con
.
getInputStream
();
byte
[]
response
=
null
;
int
total
=
0
;
int
contentLength
=
con
.
getContentLength
();
if
(
contentLength
==
-
1
)
{
if
(
contentLength
!=
-
1
)
{
response
=
new
byte
[
contentLength
];
}
else
{
response
=
new
byte
[
2048
];
contentLength
=
Integer
.
MAX_VALUE
;
}
byte
[]
response
=
new
byte
[
contentLength
];
int
total
=
0
;
int
count
=
0
;
while
(
count
!=
-
1
&&
total
<
contentLength
)
{
count
=
in
.
read
(
response
,
total
,
response
.
length
-
total
);
while
(
total
<
contentLength
)
{
int
count
=
in
.
read
(
response
,
total
,
response
.
length
-
total
)
;
if
(
count
<
0
)
break
;
total
+=
count
;
if
(
total
>=
response
.
length
&&
total
<
contentLength
)
{
response
=
Arrays
.
copyOf
(
response
,
total
*
2
);
}
}
response
=
Arrays
.
copyOf
(
response
,
total
);
OCSPResponse
ocspResponse
=
new
OCSPResponse
(
response
,
pkixParams
,
responderCert
);
...
...
src/share/classes/sun/security/timestamp/HttpTimestamper.java
浏览文件 @
f01a2151
/*
* Copyright 2003-200
6
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -32,6 +32,7 @@ import java.net.URL;
import
java.net.HttpURLConnection
;
import
java.util.Iterator
;
import
java.util.Set
;
import
java.util.Arrays
;
import
sun.security.pkcs.*
;
...
...
@@ -137,23 +138,33 @@ public class HttpTimestamper implements Timestamper {
}
System
.
out
.
println
();
}
verifyMimeType
(
connection
.
getContentType
());
int
total
=
0
;
int
contentLength
=
connection
.
getContentLength
();
if
(
contentLength
==
-
1
)
{
if
(
contentLength
!=
-
1
)
{
replyBuffer
=
new
byte
[
contentLength
];
}
else
{
replyBuffer
=
new
byte
[
2048
];
contentLength
=
Integer
.
MAX_VALUE
;
}
verifyMimeType
(
connection
.
getContentType
());
replyBuffer
=
new
byte
[
contentLength
];
int
total
=
0
;
int
count
=
0
;
while
(
count
!=
-
1
&&
total
<
contentLength
)
{
count
=
input
.
read
(
replyBuffer
,
total
,
while
(
total
<
contentLength
)
{
int
count
=
input
.
read
(
replyBuffer
,
total
,
replyBuffer
.
length
-
total
);
if
(
count
<
0
)
break
;
total
+=
count
;
if
(
total
>=
replyBuffer
.
length
&&
total
<
contentLength
)
{
replyBuffer
=
Arrays
.
copyOf
(
replyBuffer
,
total
*
2
);
}
}
replyBuffer
=
Arrays
.
copyOf
(
replyBuffer
,
total
);
if
(
DEBUG
)
{
System
.
out
.
println
(
"received timestamp response (length="
+
replyBuffer
.
length
+
")"
);
total
+
")"
);
}
}
finally
{
if
(
input
!=
null
)
{
...
...
src/share/classes/sun/tools/jar/Main.java
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
src/share/demo/jfc/Notepad/resources/Notepad_ja.properties
浏览文件 @
f01a2151
...
...
@@ -9,7 +9,7 @@ ViewportBackingStore=false
#
# Each of the strings that follow form a key to be
# used to the actual menu definition.
menubar
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
\u
7de8
\u
96c6
\u
30c7
\u
30d0
\u
30c3
\u
30b0
menubar
=
file edit debug
# file Menu definition
#
...
...
@@ -20,15 +20,15 @@ menubar=\u30d5\u30a1\u30a4\u30eb\u7de8\u96c6\u30c7\u30d0\u30c3\u30b0
# new -> Notepad.newAction
# save -> Notepad.saveAction
# exit -> Notepad.exitAction
file
=
\u
65b0
\u
898f
\u
958b
\u
304f
\u
4fdd
\u
5b58 -
\u
7d42
\u
4e86
fileLabel
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
(F)
file
=
new open save - exit
fileLabel
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
openLabel
=
\u
958b
\u
304f
openImage
=
resources/open.gif
newLabel
=
\u
65b0
\u
898f
newImage
=
resources/new.gif
saveLabel
=
\u
4fdd
\u
5b58
saveImage
=
resources/save.gif
exitLabel
=
\u
7d42
\u
4e86
(X)
exitLabel
=
\u
7d42
\u
4e86
#
# edit Menu definition
...
...
@@ -36,26 +36,26 @@ exitLabel=\u7d42\u4e86 (X)
# cut -> JTextComponent.cutAction
# copy -> JTextComponent.copyAction
# paste -> JTextComponent.pasteAction
edit
=
\u
30ab
\u
30c3
\u
30c8
\u
30b3
\u
30d4
\u
30fc
\u
30da
\u
30fc
\u
30b9
\u
30c8 -
\u5143\u
306b
\u
623b
\u3059
\u
518d
\u
5b9f
\u
884c
edit
=
cut copy paste - undo redo
editLabel
=
\u
7de8
\u
96c6
cutLabel
=
Cut
cutLabel
=
\u
30ab
\u
30c3
\u
30c8
cutAction
=
cut-to-clipboard
cutImage
=
resources/cut.gif
copyLabel
=
Copy
copyAction
=
c
ut
-to-clipboard
copyLabel
=
\u
30b3
\u
30d4
\u
30fc
copyAction
=
c
opy
-to-clipboard
copyImage
=
resources/copy.gif
pasteLabel
=
Paste
pasteLabel
=
\u
30da
\u
30fc
\u
30b9
\u
30c8
pasteAction
=
paste-from-clipboard
pasteImage
=
resources/paste.gif
undoLabel
=
\u5143\u
306b
\u
623b
\u3059
undoAction
=
\u5143\u
306b
\u
623b
\u3059
undoAction
=
Undo
redoLabel
=
\u
518d
\u
5b9f
\u
884c
redoAction
=
\u
518d
\u
5b9f
\u
884c
redoAction
=
Redo
#
# debug Menu definition
#
debug
=
showElementTree
\u
306e
\u
30c0
\u
30f3
\u
30d7
debug
=
dump showElementTree
debugLabel
=
\u
30c7
\u
30d0
\u
30c3
\u
30b0
dumpLabel
=
\u
30e2
\u
30c7
\u
30eb
\u3092
System.err
\u
306b
\u
30c0
\u
30f3
\u
30d7
dumpAction
=
dump-model
...
...
@@ -67,7 +67,7 @@ showElementTreeLabel=\u8981\u7d20\u3092\u8868\u793a
# used as the basis of the tool definition. Actions
# are of course sharable, and in this case are shared
# with the menu items.
toolbar
=
\u
65b0
\u
898f
\u
958b
\u
304f
\u
4fdd
\u
5b58 -
\u
30ab
\u
30c3
\u
30c8
\u
30b3
\u
30d4
\u
30fc
\u
30da
\u
30fc
\u
30b9
\u
30c8
toolbar
=
new open save - cut copy paste
newTooltip
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
\u3092\u
65b0
\u
898f
\u
4f5c
\u6210\u3059\u
308b
openTooltip
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
\u3092\u
958b
\u
304f
saveTooltip
=
\u
30d5
\u
30a1
\u
30a4
\u
30eb
\u
306b
\u
4fdd
\u
5b58
...
...
src/share/demo/jvmti/java_crw_demo/java_crw_demo.c
浏览文件 @
f01a2151
...
...
@@ -263,8 +263,8 @@ assert_error(CrwClassImage *ci, const char *condition,
(
void
)
sprintf
(
buf
,
"CRW ASSERTION FAILURE: %s (%s:%s:%d)"
,
condition
,
ci
->
name
==
0
?
"?"
:
ci
->
name
,
mi
->
name
==
0
?
"?"
:
mi
->
name
,
ci
->
name
==
NULL
?
"?"
:
ci
->
name
,
(
mi
==
NULL
||
mi
->
name
==
NULL
)
?
"?"
:
mi
->
name
,
byte_code_offset
);
fatal_error
(
ci
,
buf
,
file
,
line
);
}
...
...
src/solaris/native/java/net/Inet4AddressImpl.c
浏览文件 @
f01a2151
...
...
@@ -24,6 +24,7 @@
*/
#include <errno.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in_systm.h>
...
...
src/solaris/native/java/net/Inet6AddressImpl.c
浏览文件 @
f01a2151
...
...
@@ -24,6 +24,7 @@
*/
#include <errno.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
...
...
src/windows/native/java/lang/java_props_md.c
浏览文件 @
f01a2151
...
...
@@ -714,10 +714,10 @@ GetJavaProperties(JNIEnv* env)
* Windows XP 64 bit 5 2
* where ((&ver.wServicePackMinor) + 2) = 1
* and si.wProcessorArchitecture = 9
* Windows Vista family 6 0
* Windows
2008 6 0
*
where ((&ver.wServicePackMinor) + 2) = 1
* Windows
7 6 1
* Windows Vista family 6 0
(VER_NT_WORKSTATION)
* Windows
Server 2008 6 0 (!VER_NT_WORKSTATION)
*
Windows 7 6 1 (VER_NT_WORKSTATION)
* Windows
Server 2008 R2 6 1 (!VER_NT_WORKSTATION)
*
* This mapping will presumably be augmented as new Windows
* versions are released.
...
...
@@ -768,14 +768,7 @@ GetJavaProperties(JNIEnv* env)
}
}
else
if
(
ver
.
dwMajorVersion
==
6
)
{
/*
* From MSDN OSVERSIONINFOEX documentation:
*
* "Because the version numbers for Windows Server 2008
* and Windows Vista are identical, you must also test
* whether the wProductType member is VER_NT_WORKSTATION.
* If wProductType is VER_NT_WORKSTATION, the operating
* system is Windows Vista or 7; otherwise, it is Windows
* Server 2008."
* See table in MSDN OSVERSIONINFOEX documentation.
*/
if
(
ver
.
wProductType
==
VER_NT_WORKSTATION
)
{
switch
(
ver
.
dwMinorVersion
)
{
...
...
@@ -784,7 +777,11 @@ GetJavaProperties(JNIEnv* env)
default:
sprops
.
os_name
=
"Windows NT (unknown)"
;
}
}
else
{
sprops
.
os_name
=
"Windows Server 2008"
;
switch
(
ver
.
dwMinorVersion
)
{
case
0
:
sprops
.
os_name
=
"Windows Server 2008"
;
break
;
case
1
:
sprops
.
os_name
=
"Windows Server 2008 R2"
;
break
;
default:
sprops
.
os_name
=
"Windows NT (unknown)"
;
}
}
}
else
{
sprops
.
os_name
=
"Windows NT (unknown)"
;
...
...
src/windows/native/sun/windows/ShellFolder2.cpp
浏览文件 @
f01a2151
/*
* Copyright 2003-200
8
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-200
9
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -981,6 +981,15 @@ JNIEXPORT jintArray JNICALL Java_sun_awt_shell_Win32ShellFolder2_getFileChooserB
hBitmap
=
(
HBITMAP
)
LoadImage
(
libShell32
,
IS_WINVISTA
?
TEXT
(
"IDB_TB_SH_DEF_16"
)
:
MAKEINTRESOURCE
(
216
),
IMAGE_BITMAP
,
0
,
0
,
LR_CREATEDIBSECTION
);
if
(
hBitmap
==
NULL
)
{
// version of shell32.dll doesn't match OS version.
// So we either are in a Vista Compatibility Mode
// or shell32.dll was copied from OS of another version
hBitmap
=
(
HBITMAP
)
LoadImage
(
libShell32
,
IS_WINVISTA
?
MAKEINTRESOURCE
(
216
)
:
TEXT
(
"IDB_TB_SH_DEF_16"
),
IMAGE_BITMAP
,
0
,
0
,
LR_CREATEDIBSECTION
);
}
}
if
(
hBitmap
==
NULL
)
{
libComCtl32
=
LoadLibrary
(
TEXT
(
"comctl32.dll"
));
...
...
test/demo/jvmti/hprof/HelloWorld.java
浏览文件 @
f01a2151
...
...
@@ -24,7 +24,7 @@
/* HelloWorld:
*
* Sample target appl
u
ication for HPROF tests
* Sample target application for HPROF tests
*
*/
...
...
test/demo/jvmti/hprof/StackMapTableTest.java
浏览文件 @
f01a2151
...
...
@@ -23,11 +23,11 @@
/* @test
* @bug 6266289 6299047
* @bug 6266289 6299047
6855180 6855551
* @summary Test jvmti hprof and java_crw_demo with StackMapTable attributes
*
* @compile ../DemoRun.java
* @compile -source
1.6
-g:lines HelloWorld.java
* @compile -source
7
-g:lines HelloWorld.java
* @build StackMapTableTest
* @run main StackMapTableTest HelloWorld
*/
...
...
test/java/beans/Introspector/6380849/TestBeanInfo.java
0 → 100644
浏览文件 @
f01a2151
/**
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6380849
* @summary Tests BeanInfo finder
* @author Sergey Malenkov
*/
import
beans.FirstBean
;
import
beans.FirstBeanBeanInfo
;
import
beans.SecondBean
;
import
beans.ThirdBean
;
import
infos.SecondBeanBeanInfo
;
import
infos.ThirdBeanBeanInfo
;
import
java.beans.BeanInfo
;
import
java.beans.Introspector
;
import
java.lang.reflect.Field
;
import
sun.awt.SunToolkit
;
public
class
TestBeanInfo
implements
Runnable
{
private
static
final
String
[]
SEARCH_PATH
=
{
"infos"
};
// NON-NLS: package name
public
static
void
main
(
String
[]
args
)
throws
InterruptedException
{
TestBeanInfo
test
=
new
TestBeanInfo
();
test
.
run
();
// the following tests fails on previous build
ThreadGroup
group
=
new
ThreadGroup
(
"$$$"
);
// NON-NLS: unique thread name
Thread
thread
=
new
Thread
(
group
,
test
);
thread
.
start
();
thread
.
join
();
}
private
static
void
test
(
Class
<?>
type
,
Class
<?
extends
BeanInfo
>
expected
)
{
BeanInfo
actual
;
try
{
actual
=
Introspector
.
getBeanInfo
(
type
);
type
=
actual
.
getClass
();
Field
field
=
type
.
getDeclaredField
(
"targetBeanInfo"
);
// NON-NLS: field name
field
.
setAccessible
(
true
);
actual
=
(
BeanInfo
)
field
.
get
(
actual
);
}
catch
(
Exception
exception
)
{
throw
new
Error
(
"unexpected error"
,
exception
);
}
if
((
actual
==
null
)
&&
(
expected
!=
null
))
{
throw
new
Error
(
"expected info is not found"
);
}
if
((
actual
!=
null
)
&&
!
actual
.
getClass
().
equals
(
expected
))
{
throw
new
Error
(
"found unexpected info"
);
}
}
private
boolean
passed
;
public
void
run
()
{
if
(
this
.
passed
)
{
SunToolkit
.
createNewAppContext
();
}
Introspector
.
flushCaches
();
test
(
FirstBean
.
class
,
FirstBeanBeanInfo
.
class
);
test
(
SecondBean
.
class
,
null
);
test
(
ThirdBean
.
class
,
null
);
test
(
ThirdBeanBeanInfo
.
class
,
ThirdBeanBeanInfo
.
class
);
Introspector
.
setBeanInfoSearchPath
(
SEARCH_PATH
);
Introspector
.
flushCaches
();
test
(
FirstBean
.
class
,
FirstBeanBeanInfo
.
class
);
test
(
SecondBean
.
class
,
SecondBeanBeanInfo
.
class
);
test
(
ThirdBean
.
class
,
null
);
test
(
ThirdBeanBeanInfo
.
class
,
ThirdBeanBeanInfo
.
class
);
this
.
passed
=
true
;
}
}
test/java/beans/Introspector/6380849/beans/FirstBean.java
0 → 100644
浏览文件 @
f01a2151
package
beans
;
public
class
FirstBean
{
}
test/java/beans/Introspector/6380849/beans/FirstBeanBeanInfo.java
0 → 100644
浏览文件 @
f01a2151
package
beans
;
import
java.beans.BeanDescriptor
;
import
java.beans.SimpleBeanInfo
;
public
class
FirstBeanBeanInfo
extends
SimpleBeanInfo
{
@Override
public
BeanDescriptor
getBeanDescriptor
()
{
return
new
BeanDescriptor
(
FirstBean
.
class
);
}
}
test/java/beans/Introspector/6380849/beans/SecondBean.java
0 → 100644
浏览文件 @
f01a2151
package
beans
;
public
class
SecondBean
{
}
test/java/beans/Introspector/6380849/beans/ThirdBean.java
0 → 100644
浏览文件 @
f01a2151
package
beans
;
public
class
ThirdBean
{
}
test/java/beans/Introspector/6380849/infos/SecondBeanBeanInfo.java
0 → 100644
浏览文件 @
f01a2151
package
infos
;
import
beans.SecondBean
;
import
java.beans.BeanDescriptor
;
import
java.beans.SimpleBeanInfo
;
public
class
SecondBeanBeanInfo
extends
SimpleBeanInfo
{
@Override
public
BeanDescriptor
getBeanDescriptor
()
{
return
new
BeanDescriptor
(
SecondBean
.
class
);
}
}
test/java/beans/Introspector/6380849/infos/ThirdBeanBeanInfo.java
0 → 100644
浏览文件 @
f01a2151
package
infos
;
import
java.beans.BeanDescriptor
;
import
java.beans.SimpleBeanInfo
;
public
class
ThirdBeanBeanInfo
extends
SimpleBeanInfo
{
@Override
public
BeanDescriptor
getBeanDescriptor
()
{
return
new
BeanDescriptor
(
ThirdBeanBeanInfo
.
class
);
}
}
test/java/beans/Introspector/Test6723447.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6723447
* @summary Tests return type for property setters
* @author Sergey Malenkov
*/
import
java.beans.IndexedPropertyDescriptor
;
import
java.beans.IntrospectionException
;
import
java.beans.Introspector
;
import
java.beans.PropertyDescriptor
;
import
java.lang.reflect.Method
;
import
java.math.BigDecimal
;
public
class
Test6723447
{
public
static
void
main
(
String
[]
args
)
{
test
(
Test6723447
.
class
);
test
(
BigDecimal
.
class
);
}
private
static
void
test
(
Class
<?>
type
)
{
for
(
PropertyDescriptor
pd
:
getPropertyDescriptors
(
type
))
{
test
(
pd
.
getWriteMethod
());
if
(
pd
instanceof
IndexedPropertyDescriptor
)
{
IndexedPropertyDescriptor
ipd
=
(
IndexedPropertyDescriptor
)
pd
;
test
(
ipd
.
getIndexedWriteMethod
());
}
}
}
private
static
void
test
(
Method
method
)
{
if
(
method
!=
null
)
{
Class
<?>
type
=
method
.
getReturnType
();
if
(!
type
.
equals
(
void
.
class
))
{
throw
new
Error
(
"unexpected return type: "
+
type
);
}
}
}
private
static
PropertyDescriptor
[]
getPropertyDescriptors
(
Class
<?>
type
)
{
try
{
return
Introspector
.
getBeanInfo
(
type
).
getPropertyDescriptors
();
}
catch
(
IntrospectionException
exception
)
{
throw
new
Error
(
"unexpected exception"
,
exception
);
}
}
public
Object
getValue
()
{
return
null
;
}
public
Object
setValue
(
Object
value
)
{
return
value
;
}
public
Object
getValues
(
int
index
)
{
return
null
;
}
public
Object
setValues
(
int
index
,
Object
value
)
{
return
value
;
}
}
test/java/beans/PropertyEditor/6380849/FirstBean.java
0 → 100644
浏览文件 @
f01a2151
public
class
FirstBean
{
}
test/java/beans/PropertyEditor/6380849/FirstBeanEditor.java
0 → 100644
浏览文件 @
f01a2151
import
java.beans.PropertyEditorSupport
;
public
class
FirstBeanEditor
extends
PropertyEditorSupport
{
}
test/java/beans/PropertyEditor/6380849/SecondBean.java
0 → 100644
浏览文件 @
f01a2151
public
class
SecondBean
{
}
test/java/beans/PropertyEditor/6380849/TestPropertyEditor.java
0 → 100644
浏览文件 @
f01a2151
/**
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6380849
* @summary Tests PropertyEditor finder
* @author Sergey Malenkov
*/
import
editors.SecondBeanEditor
;
import
editors.ThirdBeanEditor
;
import
java.awt.Color
;
import
java.awt.Font
;
import
java.beans.PropertyEditor
;
import
java.beans.PropertyEditorManager
;
import
sun.awt.SunToolkit
;
import
sun.beans.editors.BooleanEditor
;
import
sun.beans.editors.ByteEditor
;
import
sun.beans.editors.ColorEditor
;
import
sun.beans.editors.DoubleEditor
;
import
sun.beans.editors.EnumEditor
;
import
sun.beans.editors.FloatEditor
;
import
sun.beans.editors.FontEditor
;
import
sun.beans.editors.IntegerEditor
;
import
sun.beans.editors.LongEditor
;
import
sun.beans.editors.ShortEditor
;
import
sun.beans.editors.StringEditor
;
public
class
TestPropertyEditor
implements
Runnable
{
private
enum
Enumeration
{
FIRST
,
SECOND
,
THIRD
}
private
static
final
String
[]
SEARCH_PATH
=
{
"editors"
};
// NON-NLS: package name
public
static
void
main
(
String
[]
args
)
throws
InterruptedException
{
TestPropertyEditor
test
=
new
TestPropertyEditor
();
test
.
run
();
// the following tests fails on previous build
ThreadGroup
group
=
new
ThreadGroup
(
"$$$"
);
// NON-NLS: unique thread name
Thread
thread
=
new
Thread
(
group
,
test
);
thread
.
start
();
thread
.
join
();
}
private
static
void
test
(
Class
<?>
type
,
Class
<?
extends
PropertyEditor
>
expected
)
{
PropertyEditor
actual
=
PropertyEditorManager
.
findEditor
(
type
);
if
((
actual
==
null
)
&&
(
expected
!=
null
))
{
throw
new
Error
(
"expected editor is not found"
);
}
if
((
actual
!=
null
)
&&
!
actual
.
getClass
().
equals
(
expected
))
{
throw
new
Error
(
"found unexpected editor"
);
}
}
private
boolean
passed
;
public
void
run
()
{
if
(
this
.
passed
)
{
SunToolkit
.
createNewAppContext
();
}
PropertyEditorManager
.
registerEditor
(
ThirdBean
.
class
,
ThirdBeanEditor
.
class
);
test
(
FirstBean
.
class
,
FirstBeanEditor
.
class
);
test
(
SecondBean
.
class
,
null
);
test
(
ThirdBean
.
class
,
ThirdBeanEditor
.
class
);
// test editors for default primitive types
test
(
Byte
.
TYPE
,
ByteEditor
.
class
);
test
(
Short
.
TYPE
,
ShortEditor
.
class
);
test
(
Integer
.
TYPE
,
IntegerEditor
.
class
);
test
(
Long
.
TYPE
,
LongEditor
.
class
);
test
(
Boolean
.
TYPE
,
BooleanEditor
.
class
);
test
(
Float
.
TYPE
,
FloatEditor
.
class
);
test
(
Double
.
TYPE
,
DoubleEditor
.
class
);
// test editors for default object types
test
(
Byte
.
class
,
ByteEditor
.
class
);
test
(
Short
.
class
,
ShortEditor
.
class
);
test
(
Integer
.
class
,
IntegerEditor
.
class
);
test
(
Long
.
class
,
LongEditor
.
class
);
test
(
Boolean
.
class
,
BooleanEditor
.
class
);
test
(
Float
.
class
,
FloatEditor
.
class
);
test
(
Double
.
class
,
DoubleEditor
.
class
);
test
(
String
.
class
,
StringEditor
.
class
);
test
(
Color
.
class
,
ColorEditor
.
class
);
test
(
Font
.
class
,
FontEditor
.
class
);
test
(
Enumeration
.
class
,
EnumEditor
.
class
);
PropertyEditorManager
.
registerEditor
(
ThirdBean
.
class
,
null
);
PropertyEditorManager
.
setEditorSearchPath
(
SEARCH_PATH
);
test
(
FirstBean
.
class
,
FirstBeanEditor
.
class
);
test
(
SecondBean
.
class
,
SecondBeanEditor
.
class
);
test
(
ThirdBean
.
class
,
ThirdBeanEditor
.
class
);
// test editors for default primitive types
test
(
Byte
.
TYPE
,
ByteEditor
.
class
);
test
(
Short
.
TYPE
,
ShortEditor
.
class
);
test
(
Integer
.
TYPE
,
IntegerEditor
.
class
);
test
(
Long
.
TYPE
,
LongEditor
.
class
);
test
(
Boolean
.
TYPE
,
BooleanEditor
.
class
);
test
(
Float
.
TYPE
,
FloatEditor
.
class
);
test
(
Double
.
TYPE
,
DoubleEditor
.
class
);
// test editors for default object types
test
(
Byte
.
class
,
null
);
test
(
Short
.
class
,
null
);
test
(
Integer
.
class
,
null
);
test
(
Long
.
class
,
null
);
test
(
Boolean
.
class
,
null
);
test
(
Float
.
class
,
null
);
test
(
Double
.
class
,
null
);
test
(
String
.
class
,
null
);
test
(
Color
.
class
,
null
);
test
(
Font
.
class
,
null
);
test
(
Enumeration
.
class
,
EnumEditor
.
class
);
this
.
passed
=
true
;
}
}
test/java/beans/PropertyEditor/6380849/ThirdBean.java
0 → 100644
浏览文件 @
f01a2151
public
class
ThirdBean
{
}
test/java/beans/PropertyEditor/6380849/editors/SecondBeanEditor.java
0 → 100644
浏览文件 @
f01a2151
package
editors
;
import
java.beans.PropertyEditorSupport
;
public
class
SecondBeanEditor
extends
PropertyEditorSupport
{
}
test/java/beans/PropertyEditor/6380849/editors/ThirdBeanEditor.java
0 → 100644
浏览文件 @
f01a2151
package
editors
;
import
java.beans.PropertyEditorSupport
;
public
class
ThirdBeanEditor
extends
PropertyEditorSupport
{
}
test/java/beans/XMLEncoder/6329581/Test6329581.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6329581
* @summary Tests encoding of a class with custom ClassLoader
* @author Sergey Malenkov
*/
import
java.beans.ExceptionListener
;
import
java.beans.XMLDecoder
;
import
java.beans.XMLEncoder
;
import
java.io.ByteArrayInputStream
;
import
java.io.ByteArrayOutputStream
;
import
java.io.File
;
import
java.net.URL
;
import
java.net.URLClassLoader
;
public
class
Test6329581
implements
ExceptionListener
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
ExceptionListener
listener
=
new
Test6329581
();
// write bean to byte array
ByteArrayOutputStream
out
=
new
ByteArrayOutputStream
();
XMLEncoder
encoder
=
new
XMLEncoder
(
out
);
encoder
.
setExceptionListener
(
listener
);
encoder
.
writeObject
(
getClassLoader
(
"beans.jar"
).
loadClass
(
"test.Bean"
).
newInstance
());
encoder
.
close
();
// read bean from byte array
ByteArrayInputStream
in
=
new
ByteArrayInputStream
(
out
.
toByteArray
());
XMLDecoder
decoder
=
new
XMLDecoder
(
in
,
null
,
listener
,
getClassLoader
(
"beans.jar"
));
Object
object
=
decoder
.
readObject
();
decoder
.
close
();
if
(!
object
.
getClass
().
getClassLoader
().
getClass
().
equals
(
URLClassLoader
.
class
))
{
throw
new
Error
(
"bean is loaded with unexpected class loader"
);
}
}
private
static
ClassLoader
getClassLoader
(
String
name
)
throws
Exception
{
StringBuilder
sb
=
new
StringBuilder
(
256
);
sb
.
append
(
"file:"
);
sb
.
append
(
System
.
getProperty
(
"test.src"
,
"."
));
sb
.
append
(
File
.
separatorChar
);
sb
.
append
(
name
);
URL
[]
url
=
{
new
URL
(
sb
.
toString
())
};
return
new
URLClassLoader
(
url
);
}
public
void
exceptionThrown
(
Exception
exception
)
{
throw
new
Error
(
"unexpected exception"
,
exception
);
}
}
test/java/beans/XMLEncoder/6380849/Bean.java
0 → 100644
浏览文件 @
f01a2151
public
class
Bean
{
}
test/java/beans/XMLEncoder/6380849/BeanPersistenceDelegate.java
0 → 100644
浏览文件 @
f01a2151
import
java.beans.DefaultPersistenceDelegate
;
public
class
BeanPersistenceDelegate
extends
DefaultPersistenceDelegate
{
}
test/java/beans/XMLEncoder/6380849/TestPersistenceDelegate.java
0 → 100644
浏览文件 @
f01a2151
/**
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6380849
* @summary Tests PersistenceDelegate finder
* @author Sergey Malenkov
*/
import
java.beans.PersistenceDelegate
;
import
java.beans.XMLEncoder
;
import
java.beans.DefaultPersistenceDelegate
;
public
class
TestPersistenceDelegate
{
private
static
final
XMLEncoder
ENCODER
=
new
XMLEncoder
(
System
.
out
);
public
static
void
main
(
String
[]
args
)
throws
InterruptedException
{
Class
<?>
type
=
TestPersistenceDelegate
.
class
;
test
(
type
,
DefaultPersistenceDelegate
.
class
);
ENCODER
.
setPersistenceDelegate
(
type
,
new
BeanPersistenceDelegate
());
test
(
type
,
BeanPersistenceDelegate
.
class
);
ENCODER
.
setPersistenceDelegate
(
type
,
null
);
test
(
type
,
DefaultPersistenceDelegate
.
class
);
// the following tests fails on previous build
test
(
Bean
.
class
,
BeanPersistenceDelegate
.
class
);
test
(
BeanPersistenceDelegate
.
class
,
BeanPersistenceDelegate
.
class
);
}
private
static
void
test
(
Class
<?>
type
,
Class
<?
extends
PersistenceDelegate
>
expected
)
{
PersistenceDelegate
actual
=
ENCODER
.
getPersistenceDelegate
(
type
);
if
((
actual
==
null
)
&&
(
expected
!=
null
))
{
throw
new
Error
(
"expected delegate is not found"
);
}
if
((
actual
!=
null
)
&&
!
actual
.
getClass
().
equals
(
expected
))
{
throw
new
Error
(
"found unexpected delegate"
);
}
}
}
test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* @test
* @bug 6852744
* @summary PIT b61: PKI test suite fails because self signed certificates
* are being rejected
* @run main/othervm DisableRevocation subca
* @run main/othervm DisableRevocation subci
* @run main/othervm DisableRevocation alice
* @author Xuelei Fan
*/
import
java.io.*
;
import
java.net.SocketException
;
import
java.util.*
;
import
java.security.Security
;
import
java.security.cert.*
;
import
java.security.cert.CertPathValidatorException.BasicReason
;
import
sun.security.util.DerInputStream
;
/**
* A test case helps to ensure that a certification path building process is
* able to identify a self-issued certificate from its issuer when disable
* revocation checking.
*/
public
final
class
DisableRevocation
{
// the trust anchor
static
String
selfSignedCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8\n"
+
"81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7\n"
+
"m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID\n"
+
"AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME\n"
+
"QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n"
+
"BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n"
+
"DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey\n"
+
"ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj\n"
+
"DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9\n"
+
"v/E=\n"
+
"-----END CERTIFICATE-----"
;
// the sub-ca
static
String
subCaCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X\n"
+
"srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA\n"
+
"+csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v\n"
+
"E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES\n"
+
"KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n"
+
"HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n"
+
"AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv\n"
+
"MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb\n"
+
"RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP\n"
+
"iil34GktVl6gfMKGzUEW/Dh8OM4=\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of trust anchor
static
String
topCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN\n"
+
"/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3\n"
+
"hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID\n"
+
"AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME\n"
+
"QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n"
+
"BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n"
+
"DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk\n"
+
"xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0\n"
+
"rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP\n"
+
"G0c=\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of sub-ca
static
String
subCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw\n"
+
"OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX\n"
+
"obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG\n"
+
"GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN\n"
+
"xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n"
+
"HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n"
+
"AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh\n"
+
"Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc\n"
+
"pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV\n"
+
"Fu987DvLmZ2GuQA9FKJsnlD9pbU=\n"
+
"-----END CERTIFICATE-----"
;
// the target EE certificate
static
String
targetCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy\n"
+
"MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n"
+
"cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n"
+
"9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/\n"
+
"T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS\n"
+
"1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7\n"
+
"cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty\n"
+
"uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG\n"
+
"9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk\n"
+
"yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd\n"
+
"G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw==\n"
+
"-----END CERTIFICATE-----"
;
private
static
Set
<
TrustAnchor
>
generateTrustAnchors
()
throws
CertificateException
{
// generate certificate from cert string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
Certificate
selfSignedCert
=
cf
.
generateCertificate
(
is
);
// generate a trust anchor
TrustAnchor
anchor
=
new
TrustAnchor
((
X509Certificate
)
selfSignedCert
,
null
);
return
Collections
.
singleton
(
anchor
);
}
private
static
CertStore
generateCertificateStore
()
throws
Exception
{
Collection
entries
=
new
HashSet
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
;
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
Certificate
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
topCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
return
CertStore
.
getInstance
(
"Collection"
,
new
CollectionCertStoreParameters
(
entries
));
}
private
static
X509CertSelector
generateSelector
(
String
name
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
byte
[]
extVal
=
target
.
getExtensionValue
(
"2.5.29.14"
);
if
(
extVal
!=
null
)
{
DerInputStream
in
=
new
DerInputStream
(
extVal
);
byte
[]
subjectKID
=
in
.
getOctetString
();
selector
.
setSubjectKeyIdentifier
(
subjectKID
);
}
else
{
// unlikely to happen.
throw
new
Exception
(
"unexpected certificate: no SKID extension"
);
}
return
selector
;
}
private
static
boolean
match
(
String
name
,
Certificate
cert
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
return
target
.
equals
(
cert
);
}
public
static
void
main
(
String
[]
args
)
throws
Exception
{
CertPathBuilder
builder
=
CertPathBuilder
.
getInstance
(
"PKIX"
);
X509CertSelector
selector
=
generateSelector
(
args
[
0
]);
Set
<
TrustAnchor
>
anchors
=
generateTrustAnchors
();
CertStore
certs
=
generateCertificateStore
();
PKIXBuilderParameters
params
=
new
PKIXBuilderParameters
(
anchors
,
selector
);
params
.
addCertStore
(
certs
);
params
.
setRevocationEnabled
(
false
);
params
.
setDate
(
new
Date
(
109
,
7
,
1
));
// 2009-07-01
Security
.
setProperty
(
"ocsp.enable"
,
"false"
);
System
.
setProperty
(
"com.sun.security.enableCRLDP"
,
"false"
);
PKIXCertPathBuilderResult
result
=
(
PKIXCertPathBuilderResult
)
builder
.
build
(
params
);
if
(!
match
(
args
[
0
],
result
.
getCertPath
().
getCertificates
().
get
(
0
)))
{
throw
new
Exception
(
"unexpected certificate"
);
}
}
}
test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* @test
* @bug 6852744
* @summary PIT b61: PKI test suite fails because self signed certificates
* are being rejected
* @run main/othervm KeyUsageMatters subca
* @run main/othervm KeyUsageMatters subci
* @run main/othervm KeyUsageMatters alice
* @author Xuelei Fan
*/
import
java.io.*
;
import
java.net.SocketException
;
import
java.util.*
;
import
java.security.Security
;
import
java.security.cert.*
;
import
java.security.cert.CertPathValidatorException.BasicReason
;
import
sun.security.util.DerInputStream
;
/**
* KeyUsage extension plays a important rule during looking for the issuer
* of a certificate or CRL. A certificate issuer should have the keyCertSign
* bit set, and a CRL issuer should have the cRLSign bit set.
*
* Sometime, a delegated CRL issuer would also have the keyCertSign bit set,
* as would be troublesome to find the proper CRL issuer during certificate
* path build if the delegated CRL issuer is a self-issued certificate, for
* it is hard to identify it from its issuer by the "issuer" field only.
*
* The fix of 6852744 should addresses above issue, and allow a delegated CRL
* issuer to have keyCertSign bit set.
*
* In the test case, the delegated CRL issuers have cRLSign bit set only, and
* the CAs have the keyCertSign bit set only, it is expected to work before
* and after the bug fix of 6852744.
*/
public
final
class
KeyUsageMatters
{
// the trust anchor
static
String
selfSignedCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzJaFw0zMDA0MDcwMjI0MzJa\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQC4OTag24sTxL2tXTNuvpmUEtdxrYAZoFsslFQ60T+WD9wQ\n"
+
"Jeiw87FSPsR2vxRuv0j8DNm2a4h7LNNIFcLurfNldbz5pvgZ7VqdbbUMPE9qP85n\n"
+
"jgDl4woyRTSUeRI4A7O0CO6NpES21dtbdhroWQrEkHxpnrDPxsxrz5gf2m3gqwID\n"
+
"AQABo4GJMIGGMB0GA1UdDgQWBBSCJd0hpl5PdAD9IZS+Hzng4lXLGzBHBgNVHSME\n"
+
"QDA+gBSCJd0hpl5PdAD9IZS+Hzng4lXLG6EjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n"
+
"BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n"
+
"DQYJKoZIhvcNAQEEBQADgYEAluy6HIjWcq009lTLmhp+Np6dxU78pInBK8RZkza0\n"
+
"484qGaxFGD3UGyZkI5uWmsH2XuMbuox5khfIq6781gmkPBHXBIEtJN8eLusOHEye\n"
+
"iE8h7WI+N3qa6Pj56WionMrioqC/3X+b06o147bbhx8U0vkYv/HyPaITOFfMXTdz\n"
+
"Vjw=\n"
+
"-----END CERTIFICATE-----"
;
// the sub-ca
static
String
subCaCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzRaFw0yOTAxMTIwMjI0MzRa\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiAJnAQW2ad3ZMKUhSJVZj\n"
+
"8pBqxTcHSTwAVguQkDglsN/OIwUpvR5Jgp3lpRWUEt6idEp0FZzORpvtjt3pr5MG\n"
+
"Eg2CDptekC5BSPS+fIAIKlncB3HwOiFFhH6b3wTydDCdEd2fvsi4QMOSVrIYMeA8\n"
+
"P/mCz6kRhfUQPE0CMmOUewIDAQABo4GJMIGGMB0GA1UdDgQWBBT0/nNP8WpyxmYr\n"
+
"IBp4tN8y08jw2jBHBgNVHSMEQDA+gBSCJd0hpl5PdAD9IZS+Hzng4lXLG6EjpCEw\n"
+
"HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n"
+
"AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADgYEAS9PzI6B39R/U9fRj\n"
+
"UExzN1FXNP5awnAPtiv34kSCL6n6MryqkfG+8aaAOdZsSjmTylNFaF7cW/Xp1VBF\n"
+
"hq0bg/SbEAbK7+UwL8GSC3crhULHLbh+1iFdVTEwxCw5YmB8ji3BaZ/WKW/PkjCZ\n"
+
"7cXP6VDeZMG6oRQ4hbOcixoFPXo=\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of trust anchor
static
String
topCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICKzCCAZSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzNaFw0yOTAxMTIwMjI0MzNa\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQDMJeBMBybHykI/YpwUJ4O9euqDSLb1kpWpceBS8TVqvgBC\n"
+
"SgUJWtFZL0i6bdvF6mMdlbuBkGzhXqHiVAi96/zRLbUC9F8SMEJ6MuD+YhQ0ZFTQ\n"
+
"atKy8zf8O9XzztelLJ26Gqb7QPV133WY3haAqHtCXOhEKkCN16NOYNC37DTaJwID\n"
+
"AQABo3cwdTAdBgNVHQ4EFgQULXSWzXzUOIpOJpzbSCpW42IJUugwRwYDVR0jBEAw\n"
+
"PoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n"
+
"VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQAY\n"
+
"eMnf5AHSNlyUlzXk8o2S0h4gCuvKX6C3kFfKuZcWvFAbx4yQOWLS2s15/nzR4+AP\n"
+
"FGX3lgJjROyAh7fGedTQK+NFWwkM2ag1g3hXktnlnT1qHohi0w31nVBJxXEDO/Ck\n"
+
"uJTpJGt8XxxbFaw5v7cHy7XuTAeU/sekvjEiNHW00Q==\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of sub-ca
static
String
subCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPTCCAaagAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzRaFw0yOTAxMTIwMjI0MzRa\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWUtDQx2MB/7arDiquMJyd\n"
+
"LWwSg6p8sg5z6wKrC1v47MT4DBhFX+0RUgTMUdQgYpgxGpczn+6y4zfV76064S0N\n"
+
"4L/IQ+SunTW1w4yRGjB+xkyyJmWAqijG1nr+Dgkv5nxPI+9Er5lHcoVWVMEcvvRm\n"
+
"6jIBQdldVlSgv+VgUnFm5wIDAQABo3cwdTAdBgNVHQ4EFgQUkV3Qqtk7gIot9n60\n"
+
"jX6dloxrfMEwRwYDVR0jBEAwPoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8x\n"
+
"CzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjAN\n"
+
"BgkqhkiG9w0BAQQFAAOBgQADu4GM8EdmIKhC7FRvk5jF90zfvZ38wbXBzCjKI4jX\n"
+
"QJrhne1bfyeNNm5c1w+VKidT+XzBzBGH7ZqYzoZmzRIfcbLKX2brEBKiukeeAyL3\n"
+
"bctQtbp19tX+uu2dQberD188AAysKTkHcJUV+rRsTwVJ9vcYKxoRxKk8DhH7ZS3M\n"
+
"rg==\n"
+
"-----END CERTIFICATE-----"
;
// the target EE certificate
static
String
targetCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA0MjcwMjI0\n"
+
"MzZaFw0yOTAxMTIwMjI0MzZaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n"
+
"cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n"
+
"9w0BAQEFAAOBjQAwgYkCgYEAvYSaU3oiE4Pxp/aUIXwMqOwSiWkZ+O3aTu13hRtK\n"
+
"ZyR+Wtj63IuvaigAC4uC+zBypF93ThjwCzVR2qKDQaQzV8CLleO96gStt7Y+i3G2\n"
+
"V3IUGgrVCqeK7N6nNYu0wW84sibcPqG/TIy0UoaQMqgB21xtRF+1DUVlFh4Z89X/\n"
+
"pskCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSynMEdcal/e9TmvlNE\n"
+
"4suXGA4+hjAfBgNVHSMEGDAWgBT0/nNP8WpyxmYrIBp4tN8y08jw2jANBgkqhkiG\n"
+
"9w0BAQQFAAOBgQB/jru7E/+piSmUwByw5qbZsoQZVcgR97pd2TErNJpJMAX2oIHR\n"
+
"wJH6w4NuYs27+fEAX7wK4whc6EUH/w1SI6o28F2rG6HqYQPPZ2E2WqwbBQL9nYE3\n"
+
"Vfzu/G9axTUQXFbf90h80UErA+mZVxqc2xtymLuH0YEaMZImtRZ2MXHfXg==\n"
+
"-----END CERTIFICATE-----"
;
// CRL issued by the delegated CRL issuer, topCrlIssuerCertStr
static
String
topCrlStr
=
"-----BEGIN X509 CRL-----\n"
+
"MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n"
+
"ChMHRXhhbXBsZRcNMDkwNDI3MDIzODA0WhcNMjgwNjI2MDIzODA0WjAiMCACAQUX\n"
+
"DTA5MDQyNzAyMzgwMFowDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQIwDQYJ\n"
+
"KoZIhvcNAQEEBQADgYEAoarfzXEtw3ZDi4f9U8eSvRIipHSyxOrJC7HR/hM5VhmY\n"
+
"CErChny6x9lBVg9s57tfD/P9PSzBLusCcHwHMAbMOEcTltVVKUWZnnbumpywlYyg\n"
+
"oKLrE9+yCOkYUOpiRlz43/3vkEL5hjIKMcDSZnPKBZi1h16Yj2hPe9GMibNip54=\n"
+
"-----END X509 CRL-----"
;
// CRL issued by the delegated CRL issuer, subCrlIssuerCertStr
static
String
subCrlStr
=
"-----BEGIN X509 CRL-----\n"
+
"MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE\n"
+
"ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNDI3MDIzODA0WhcNMjgw\n"
+
"NjI2MDIzODA0WjAiMCACAQQXDTA5MDQyNzAyMzgwMVowDDAKBgNVHRUEAwoBBKAO\n"
+
"MAwwCgYDVR0UBAMCAQIwDQYJKoZIhvcNAQEEBQADgYEAeS+POqYEIHIIJcsLxuUr\n"
+
"aJFzQ/ujH0QmnyMNEL3Uavyq4VQuAahF+w6aTPb5UBzms0uX8NAvD2vNoUJvmJOX\n"
+
"nGKuq4Q1DFj82E7/9d25nXdWGOmFvFCRVO+St2Xe5n8CJuZNBiz388FDSIOiFSCa\n"
+
"ARGr6Qu68MYGtLMC6ZqP3u0=\n"
+
"-----END X509 CRL-----"
;
private
static
Set
<
TrustAnchor
>
generateTrustAnchors
()
throws
CertificateException
{
// generate certificate from cert string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
Certificate
selfSignedCert
=
cf
.
generateCertificate
(
is
);
// generate a trust anchor
TrustAnchor
anchor
=
new
TrustAnchor
((
X509Certificate
)
selfSignedCert
,
null
);
return
Collections
.
singleton
(
anchor
);
}
private
static
CertStore
generateCertificateStore
()
throws
Exception
{
Collection
entries
=
new
HashSet
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
;
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
Certificate
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
topCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
// generate CRL from CRL string
is
=
new
ByteArrayInputStream
(
topCrlStr
.
getBytes
());
Collection
mixes
=
cf
.
generateCRLs
(
is
);
entries
.
addAll
(
mixes
);
is
=
new
ByteArrayInputStream
(
subCrlStr
.
getBytes
());
mixes
=
cf
.
generateCRLs
(
is
);
entries
.
addAll
(
mixes
);
return
CertStore
.
getInstance
(
"Collection"
,
new
CollectionCertStoreParameters
(
entries
));
}
private
static
X509CertSelector
generateSelector
(
String
name
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
byte
[]
extVal
=
target
.
getExtensionValue
(
"2.5.29.14"
);
if
(
extVal
!=
null
)
{
DerInputStream
in
=
new
DerInputStream
(
extVal
);
byte
[]
subjectKID
=
in
.
getOctetString
();
selector
.
setSubjectKeyIdentifier
(
subjectKID
);
}
else
{
// unlikely to happen.
throw
new
Exception
(
"unexpected certificate: no SKID extension"
);
}
return
selector
;
}
private
static
boolean
match
(
String
name
,
Certificate
cert
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
return
target
.
equals
(
cert
);
}
public
static
void
main
(
String
[]
args
)
throws
Exception
{
CertPathBuilder
builder
=
CertPathBuilder
.
getInstance
(
"PKIX"
);
X509CertSelector
selector
=
generateSelector
(
args
[
0
]);
Set
<
TrustAnchor
>
anchors
=
generateTrustAnchors
();
CertStore
certs
=
generateCertificateStore
();
PKIXBuilderParameters
params
=
new
PKIXBuilderParameters
(
anchors
,
selector
);
params
.
addCertStore
(
certs
);
params
.
setRevocationEnabled
(
true
);
params
.
setDate
(
new
Date
(
109
,
5
,
1
));
// 2009-05-01
Security
.
setProperty
(
"ocsp.enable"
,
"false"
);
System
.
setProperty
(
"com.sun.security.enableCRLDP"
,
"true"
);
PKIXCertPathBuilderResult
result
=
(
PKIXCertPathBuilderResult
)
builder
.
build
(
params
);
if
(!
match
(
args
[
0
],
result
.
getCertPath
().
getCertificates
().
get
(
0
)))
{
throw
new
Exception
(
"unexpected certificate"
);
}
}
}
test/java/security/cert/CertPathBuilder/selfIssued/README
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
Certificates and CRLs
The certificates and CRLs used by KeyUsageMatters.java are copied from
test/java/security/cert/CertPathValidator/indirectCRL.
Here lists the local generated certificates and CRLs used in the test cases.
The generate.sh depends on openssl, and it should be run under ksh. The
script will create many directories and files, please run it in a
directory outside of JDK workspace.
1. root certifiate and key
-----BEGIN CERTIFICATE-----
MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha
MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8
81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7
m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID
AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME
QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO
BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw
DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey
ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj
DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9
v/E=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,46F13CECA9B38323
AVNWPH7jiPyJVq9KfL3IlGVCwD41KVapg12yJR2t/WWlLaKr19/0oWNvimcrd040
txFKvcFO9TFLxmaco33+actCoL0K/XbrCBICThZLybzcFTuYFMum8eqL61avQgBe
Kt4CCjcupWLzKWkKTMV/bP6nPnPUSB9U8QeGwutjJYnLDi0TuYx8YSqZo/36vM98
r3OvtcSA5XEN4guxxHusZJnhbclVb/Z1WtLVb4v2d5yBtPM2p3R0hK17L4Dnusjl
n56z6Z0AIYmfAggM/Fpge2uT3D/5n//l1lZRNoSvsX5UZipKswZKLpvx7IJ+AqgA
UO9lcmNLGnIXME3IS3smd83wPi7nxH3NCYWHbGAKLm6mkFMs5LOhofUMOBS3Rxmm
2RjCGtuzDxBPKveo9/Y80B//6sEce2gdi7fCKgWwtR4VFuJd0hWODD6CarK3edHH
rUG62Kt2aqiI/y/NLEbfHCHbyM37c9/OzS5Zy695dDl22r5EirVFsVgejQR1JGtP
ANdc6kkkJW+s6GiqimShssMTp1x0L8twT/+wEa38LafiaPKk4OweleBuyz7k2FxA
Rr2u9IOvGU3eKAeH8HSFWvaNE9S2lYFPiWWZ6O/LzVvnb847+gungQ7SPRzOkt4k
L4PtHIoKmLWFr5tzML1Q8wiaKcTWMb5LZbRbo+2XYGoIpilxkBBuhX7cMJFwOHEf
YJJRixBI97doPsnIQ3GkA8xY+INzQ4LWNQbnEtS7L7t26NA9tDlg4ILU/UfMoQIp
Ol4EZY1U7gD8BeMwo2vX3x/WA+a7R2N95klBFNqn9jSkm6a5yoeCZw==
-----END RSA PRIVATE KEY-----
2. root crl issuer and key
-----BEGIN CERTIFICATE-----
MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa
MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN
/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3
hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID
AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME
QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO
BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw
DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk
xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0
rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP
G0c=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,3881A5676C1AD5E5
KgaAtGlIQXVnsoifcd1oTi4hS1J+InHISFcZepI1h1hrU9KVAJAlwD1GIeM2qAkG
P1ABsA0TE0yRJpd3qHih2IPtD42osfc3HmNTw17nh4Trd3ESilrs4w/rrH8e6bR5
WlqG0OKsw8x57t44m9yX94+pP3tdPaJwnFk5M7pDCO44IZskmy10S0NHBn7wMwM/
mqlZ15mK6YZTwOuLzpdSDJqYPLiv77KpfeiqSN++ISXoNhIcNYHRVyErAS/DcBlx
mbrmBaGexhuagQYqVikEDIvg8kBDWD92EjOFbz94Z6eTvliauJ/+E1/Ffefe2cN5
LaVwuUsiyW9GjarWwBJDFrXesTikklshC9V35j/ACHVdh5CuO8FGfVijIwlbZ14N
xKWJdSlZlJgEjkwUlWfi1KmrFrob+yK20fGMWr3oY1rTKWZdYkrqnnKEYcMQV/TH
XNY77D5idJ3FLtvJyziqIFuohdatQsu6xFP5UEOeUi6OhptJDjjS+zDhiBlL4cqA
klThzvuycxjZT+5xno0f8GEnZkQNcC6xxPoP6vstNMKLz1rI1CVUSXZBHc5nfMaF
m75rrLbvf6F2NLUspaNXnW8TUMHxcu8nNCnM4/u6hkqebQo/N8X1/v1HImsewwWO
P5uJwqmqfuRz0vZyMKAk3FzQIfrjJouxDfkNV2YHM9VP/grPlDgzmgiN0+6bCbn+
RW2K8kvkSFZehQ1Ygdst9KYH3NEcEYVYY9pH1N1xRNAylcIDJNwrFwf9vfwjt9/q
AVsyDxUBT/KVCcqr15LNNq9HmmcP6IZZMRjdyf2BR+/cobxxDRZq1Q==
-----END RSA PRIVATE KEY-----
3. root CRL issued by root crl issuer.
-----BEGIN X509 CRL-----
MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHRXhhbXBsZRcNMDkwNjI4MTMzMjM4WhcNMjgwODI3MTMzMjM4WjAiMCACAQUX
DTA5MDYyODEzMzIzN1owDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQEwDQYJ
KoZIhvcNAQEEBQADgYEAVUIeu2x7ZwsliafoCBOg+u8Q4S/VFfTe/SQnRyTM3/V1
v+Vn5Acc7eo8Rh4AHcnFFbLNk38n6lllov/CaVR0IPZ6hnrNHVa7VYkNlRAwV2aN
GUUhkMMOLVLnN25UOrN9J637SHmRE6pB+TRMaEQ73V7UNlWxuSMK4KofWen0A34=
-----END X509 CRL-----
4. subca certificate and key
-----BEGIN CERTIFICATE-----
MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa
MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X
srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA
+csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v
E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES
KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw
HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv
MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb
RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP
iil34GktVl6gfMKGzUEW/Dh8OM4=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,35408AD3018F0049
4t6WfpFNqpOr47Wc/OAt8+KZK0+WX7d3nlJn47W+QN7AkPfBlLBpcQJkImhP4/eh
aJyk8fPOdUhT/4rgc5ORuKk4d9boD36KK5Iz/+/oNBxzuld6TybVb+Hvw41cIZTW
CtkvADQpR8XWbPre+3ZH2eAKoTeWX0xR7pYg1JsFk9vxee6U82iqsAYRdUOdot8D
9zdDbbeaLWs78UbZkxFtuXREuyNVX880Q17t8qszJL2KmmtMQpUvxTlW04Ope1Ug
uIuOxeannzpKRD+37fj+oacM3GRqVFOP47/NVaziOexDBn4b5nlW6OMro6t0qiHt
1GLJcw1oLXoFe8ycexfzYWUiHymSz5Vh3wIflsQY+Ik6dopL+fpk2cVD0bncKJlf
Ie9PvL04RwannRjgtPl9X05tzcgeyznp2Ix1/rsriZQQpdPTLGA6w6kUhQeK6TwT
eX7pXn3iLTGK+VoHRfbxBQR2Fvq1nRJbvsmJFhPOcJU5CYSaDPGGdA6NorbdVgbc
14DlkhzojhEpZ7DaUeFNUXUMlQOR5UUTZB+wL3zQoY/FzHci3JD1Gj4NlbC9mMEg
ncWZcpZWOnP2kHSz2o/UOxQM80gerukI7NOr020iJ+ZZRb/gyAAzLPnD+mCZ7/e2
JJ3x6yHOtVA6WzZiQH1d9/bm79rtcWaRH83X/idG1lHuKXQJFAaw5f7Z2n2/yuF1
9pZf7el1M7UoBf74oc68klAl46f4inroy8anAtc/qjSTXUYQrNvKZsWU9AZVS7oH
iEuYMVW4KiZh3SHsIg5TZdMbdVYtZpcTsl/Kh6XuY0o0Xsi+rTK5AA==
-----END RSA PRIVATE KEY-----
5. crl issuer of subca, the certificate and key
-----BEGIN CERTIFICATE-----
MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda
MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw
OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX
obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG
GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN
xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw
HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh
Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc
pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV
Fu987DvLmZ2GuQA9FKJsnlD9pbU=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4CD10EAA24AF8C25
6pTRc9jsn6CJ2EMYhuGX3aWrDThhacnqdtsKIqUzX8Ga7Jz9kq6HseTRlqPkzBfb
rCl+eVIkgugrPbf93375mP/ozY8LkEgD9TRAL1uXqha2N6TRLC2ozQJQSoIc441e
UZ9XkB6tPGRfPNvi1xE0WTP7bjOUkvkPU9wM9QFuBW6B7mRf3tG2nqkFiTpY6nz8
5X5+h9jafcCvMwYhfJm0JFTGWmX4WJWubs8QeYndvIriDDw2zpVNcno45sClSQCb
YVekMLgGlKPmNGub5iRfXsozykE3jbMnXRokxrvzk20jjo0XYPVGfCRe9IhJh8Ud
iCG/kPaJspbUkUlKXfvIOdp2pnoDFZI5hbfc75YrFYJ8x8dwRYBUl6yRtBkw5Yo/
VQDuNq3d7YpxiGxVTwFox6HQ5+rs6jwSGzOilgOCxPSs41fYcdAlogNqLzjvhn+e
0GU1XTVyMJbO0Ae6Sgm4PmxU7QM2bdzESuZWbYRFbH2ywwmoR8SahB3ICBhuIA/l
lsCrBbq+jL/K2IL1VXBKuaKBN1ShKUPZD/ABWNv4uENNg2AFq1XQ6kvTU8Glfhd9
tyK8YnJ0ViY4VLGhdf0s2eEPmbfxOv0HCW0sz/57eASoQSTJTdVApYopWHBOwaNq
8qQUEPDMTKaPNqCjA2m/NwGrLPHhU0d5dHmp+9gTbCTmWy4sVenhBPbOy6wvFpNA
F+35tJVaZQOOurm/KC2dLOYkKyAvqnB7D2q4zducpWkiyCweg7uYL14Mo5JQmGuq
2DwfRiMxdqqoqHFKEOxsoAMrKSwJlYojUknfz/LEaqxtMePQtNwhjw==
-----END RSA PRIVATE KEY-----
6. CLR issued by subca CRL issuer
-----BEGIN X509 CRL-----
MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNjI4MTMzMjQzWhcNMjgw
ODI3MTMzMjQzWjAiMCACAQQXDTA5MDYyODEzMzIzOFowDDAKBgNVHRUEAwoBBKAO
MAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEEBQADgYEACQZEf6ydb3fKTMPJ8DBO
oo630MsrT3P0x0AC4+aQOueCBaGpNqW/H379uZxXAad7yr+aXUBwaeBMYVKUbwOe
5TrN5QWPe2eCkU+MSQvh1SHASDDMH4jhWFMRdO3aPMDKKPlO/Q3s0G72eD7Zo5dr
N9AvUXxGxU4DruoJuFPcrCI=
-----END X509 CRL-----
7. dumca certificate and key
-----BEGIN CERTIFICATE-----
MIICUDCCAbmgAwIBAgIBBTANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjhaFw0yOTAzMTUxMzMyMjha
MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
cy1EMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeWn+ulgls9+dK3KzzfC1b
a9RMSf+gjv/Olw5386Vw6pJOVngR11RytWJoLiKbjYPyGhP1cms2FoUKuAEO31gD
3AoUCa+nXgaMLiDtmdC5ATqVv3Oap5aNgAqq0mxMxOylKgcUhfuH2icEnfBtHzEe
ST11S69zQr5GGfa/XslbDQIDAQABo4GJMIGGMB0GA1UdDgQWBBRCmXIsp4G3iP7Z
Qv4gS19W8W/cLzBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw
HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAkRiLpJesXyNQ34ZP
Oc4d0gvCl4pyNHx5gsV0yHtxP7oYoIa7Bw4setplQ9Y2YcH5xuXK84xvAby9csWp
cod1QOkFzZfb9qj10PXfD8bMoLOyrZfr5nsNAl2scvOtnM1TFL/ll5/S2PVcPthx
Z5t128UNQYMu93OmVjZANL5L6Jw=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,11485599004D2482
R+TgUoQo1Ksqpnwh1B1x3u7jxd1qJsfG5st7WJaeJzSY3v+ZnmTS4O008eKgw6Z1
eGJevsNW8Z8ButjChzlesCm+90jpKpOqA6MlvzeknAxtGdEfe8rUEytfNOorjJTy
1Mu9T8Tlk6tmmmXNTDX1lQytYaHA4e4VVEbYGNceMNcPonT1Y0SyebJwtfd4XKkG
Ty40kMnb+qrFr1ZxVRG+LWKDR/bS0S2K2zY6Ha45d8yoYZlgLZ7yVAlrp0T0PF4B
UWvSyNK9VOBLrvqXSofK5gNGkR/C63x8FU2V25ISicBQBXLNo9OgIsbrryHF330T
2TxhnOpFU1AwgTSfp4Fy/Htkvgo7/jmFRa3r4xelTdEUKvRrwaZeMjg0fT+24529
8o8MMOF0YWNtIDNUVRFg9/DgAsD/LoXbOGc/E2ryJdq1D4N914s4m/D5Sox27iu4
3op/dt+WMoA0g/YbjhWn2cAfWcH9P8p8/n/FUO8APmGI3aHbtOhJQ8qwxcalp6kO
fICWsW4ygWtdpnyJWzAY0Udtsl8mglTppGTl59OYZmlDQTLhJ1hWiXLeNKj0pGPz
bAJ5jGQN8zXAk83j019rI5WveAdWp+w1XRGvmPxLL3heojHrkutuYLQ0LOcFwNvg
OqmPvZneRBoy6Yshp0XyYy+qioxDm+Vd/NV1/aCWgQXJA3vFqUg3AURLFHHTh+7h
fa3DDCLtdg/wJkRtOWjFhq0hgx5sb9zVv8HCuMERbZJbWwDOfSrHJwXj4KaTHVqY
OWfBE9vzeAxRpdpe69SZWYg3tyu7uSf6a5Rp55iMI3kjuQMCanvsNA==
-----END RSA PRIVATE KEY-----
8. crl issuer for dumca, the certificate and key
-----BEGIN CERTIFICATE-----
MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjlaFw0yOTAzMTUxMzMyMjla
MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
cy1EMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF7NjUUWji4pPmFg3qx4HB
kjtInwe7i2lPjRUN0ZwTcWob2RaD1+fhc7seeNmnypjERTa9TXF5cs2PgSHWNISC
QbQpbobOUcSsV/6Lr0kvrHJuVowcX13VsApGSJavVs2oJqUiFGNpnch8yR/pMHJf
hsd/Go+nUXMOl2xN31DMFQIDAQABo4GJMIGGMB0GA1UdDgQWBBS1XVE2CYKHgO7t
1koYVTu2w7xgNTBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw
HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAHYraYtdetZFOiTUR
dhvUi556el1WT25O8pF21YAzRI7KI4yzl6deD29DtcIPiBc8H1A4U6OhwXSQsqTd
taOHHdZxnU+m078mb231OPVvo48uZwpnX35g/qItW+Nb/dIEb08537oQKoGgL0hV
sKZPWod70JBkJabDuUirorhlk4A=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,1E0E5983F90A10E0
KdPTRmJjeKXFTgdVIgP0eu+m0evwVD2QFMkT3pPI9HELRxtkgIQzjK8F0KIHK9vi
Ur0CMgJkX0zs2v7HIG7jvfQ2fREidRTk1g3xCjHXVbpwjWN2dbo+mR0J2zzxNILy
mSs13PlDPdV81Vkn1WkMY0lhdrEpR6senQ4KIiMJTMsWZabG3lyFM6d7ag7CDVC+
jnsUFg2XW5dYP/kb09p14+CdiQwruNVeVEWhWPG1pAjl7hXCEM5ssz9fNk6Gyh2X
OXB2mMysqTkt+qB+OIqLKj3NTUs2ovVQZnaCaynsnMYTcIEFmv3lC0gJHYAZtBXf
IkySb+VaB7wmk1CI1+texDU8+B2sq7wmqX0SLY7dMwkbxP1kydn9U5i4Gqmdxpw5
4+jn7dB6oKfVFlXIZTZzhmN44cIdai48qVmse1BRDxUdfmlgd9C2W1mw4N60BXbt
DeNr8ua5UtcUOXBGJk6VEJapDU/dnnANhVR4R48Y9t+g1qlhwHB4zbSrAIJ5Rsbg
6pvdt7BQmFXtm4flZbf21Lr8awWkNFdc/k/3uXA6xemgsFNxPZXlpXO26KpIP+nz
lt9Q82WxIkzE+BvO+qd5wMqQ/GC/ztO8GJeGdRIo6un7KkNKs2AZDoCELo2lO53B
EBWHeABtJpB1Fw3lW3iJn0A6YbYzK1omztoNMkesBIi0QI5L/e0tq4Mp+LUjLm+Y
ywdrofTiYTu8R7mgS1b5q3eFtwUR9MZuKJGvhsBcSfS41vH2hDezYHg8vW55UIE3
h7EhOUnTkHY43OKZnmXHwh3pTEmHv1TfMpeaktiU/w0=
-----END RSA PRIVATE KEY-----
9. end entity certificate issued by subca, Alice
-----BEGIN CERTIFICATE-----
MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy
MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/
T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS
1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7
cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty
uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG
9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk
yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd
G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,9E29E1901B338431
796Bj4/MwwHdy6+yZQcq3pS12EZPlEm7qsCCTl787y+DYEnnj+9W4WX4+1zWsUGV
1+39oe/KOUfi5O9ytMuKiroIrklmkskWHDoW6sr4VcDprnLYL+75AhTfgpOtY+gK
q+++N7P2o9V6YF7PiGxaBqGy/3bt0nTu0sjctfzbo4g0PniiId9sus2Y+iRHKebJ
r9V0b0jB8USuIsZ+4IQJFZ+/zeKuqqqPM/4v5VKNUahER8oykhRd4L9UactnVH5t
dsfowtHmOmKE6ObJX3m+HgJMvauMMf7zJVdqJquU2vy0bUk9ufCrA7t5ws7JDRzd
SG5gt7EVQzd5x/yXsQdKbDew5mXsYPB8vz4moTgj4YJU+m6k0t1PH00pz7LUrDHl
E8ZAmXIKLEBIih1AWkdASR/YZsfB3URIC8mLyDSZJN5iEVJxl/JWm6pbJlP3Xn3J
fraVEXP6uerf29CNhizq520AfGdsSqga6atdx6PXBVm67V0TZ+zmBMUQJrWmJUUC
NFGAac+M58lYX9uwsrO9x/x6GSZvhQQu1kfD1m8DHN3IV5m3uHxsEvhmuHaqFEMJ
uH336HbqWYENXwZfDHZvOU1o2FejsLZ7QmFjB72iAxhVNQt53pCXed2gF/bERGSn
qi0PsYtjyzfEUefqlVRSWVulbQfGwkvl8dX9s6BxmOG1q0BzlDu+cQLYXPS+XOww
H8GgkGp6XTd04qT/qCm8gcuxAvdkYkj2zgAIKaqeJ53S3Ua9lrIKnA3L3btiEG5F
JTYutSdRqB4liukkB1TciiDVSmOisszjrMHhRRYPfgeLfnRFdX9U9g==
-----END RSA PRIVATE KEY-----
10. end entity certificate issued by subca, Bob
-----BEGIN CERTIFICATE-----
MIICNTCCAZ6gAwIBAgIBAzANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy
MzVaFw0yOTAzMTUxMzMyMzVaMD8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQwwCgYDVQQDEwNCb2IwgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBALLrxd3DpXuH7yiAoyi/Rc1F7WsyyeNE1Ra2ymHpcee/
3sbldekcgPl6lGQF/JJ5ARBbfeDtaf6ZtAK3j6aXqxVFxDKKu86r96v74gWJB7Vv
CHcUPvmE/EGESq3VNFI998DbmvqICLC97nFLUIrKWDH1rRFZjjkmouln40UxQXvV
AgMBAAGjTzBNMAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUTXz1J2viNSKvRHIRVhD6
cJE4lgYwHwYDVR0jBBgwFoAUYnQvA7d3Qc2BEiqUdrUeetLGdPswDQYJKoZIhvcN
AQEEBQADgYEApsKyLf4FbXb26KsQrxgFn/w0d/7ck4cE8a6oXQqi5OLheNSWfD3S
fgD1dR28mGmhBiyOkdLmrhA1+6BuEr4FsuyLgrFnEqKL0ZhVhiqvwKLGqvasWxfU
Edaw4WXvRcfRWXfgjtwB6PSj/3nqGKSGRPif/OFIjO6UqHwEM7JEWO4=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,4A820975D251613F
GseD8MIztC0oYMxwpxeBO4/YPs9ZFFjgncXXcy+1oYZdlEsrS1xw87unjeHigL8m
QPIn8Guv3DiOsBdvweuMAgPPaA1zlophPClbGZMk7BB3T2acEfjBQH1DZz7kd7Bf
OmI2DrqcEg1yDi7l7YutBuTQPiy3nj3d7pbScuFd5YVMu6yH0YpS7JsPvviabFk2
eYVlkaiejtQwV+4rUb7sH/0iyqX2uqvnpnGAwVzGp+tfSOl71SByz240nOODBRgY
3Uvxkrw6XhCBAayJE0t7rkPMEe1KgZaGO2IU2jsJJbyHVjvNPSugdbsT28prZHN1
5M1J1NSOssq/kAq6S3f9sC5j7OzP7oUlx8uMUUSaz09/Ttq22tUoqmTue2IqqxAt
lDaeR8duHP5VV1wWnDsW/XaVYlBFQ4eFPJcXqmWsNAkDQVJp327GrcT6ngevP8fD
BcIxyX6J0rETPruAE+1+PAGjqy+C+oB0ssyZvKcjzdajHcNxSlRpCuOO2ekDvNPO
h+mVukNpHCEBsh3jYmk3z9i7VPLCM0BI+vheJ1TbM+homWP6bXyTQxtLfaKzXZJH
jRJ+zGTMBNJoPVKkou03uXFpT6hdWr9nYwbMT6G9hmC0If3wEl8nRjDKbmyMS29B
p3im1kPxVJA0DjhghC+7tACy42ffw6KZPALwaVDKHGeitrQBc3xTGfrjOGQOTTcm
hZ8icYCY0cjl5KQ2kq2GpXa2zQMujNV/Oj7D4sE0xcASMRXl3tst77R/j0eowx1M
niCTRphxx4iTPkieIbjWWeFTpVmSzUBrm4hSw3tiRapVWf6Zo3aAIg==
-----END RSA PRIVATE KEY-----
11. end entity certificate issued by subca, Susan
-----BEGIN CERTIFICATE-----
MIICNzCCAaCgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ
MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy
MzZaFw0yOTAzMTUxMzMyMzZaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVTdXNhbjCBnzANBgkqhkiG
9w0BAQEFAAOBjQAwgYkCgYEAr2u6mdjqAVtfcgPze+9OUFZu3pi+HqoNBoygm2gq
qRAe+FVNSUeNAMQesQBo/eB0F1Iv/BjnYJ/7pYMLaf90MLoYr0Q5vNKYlBdcyUee
Jn1WmfN2Qk+UoUaiM4HAKHNJnZk13vWpZW54mcW1q09oj0oMjAZtaZsqpY6CtW6/
+J8CAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBQVK9naug5W9pQlBqD2
fVaCXooa1TAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG
9w0BAQQFAAOBgQDKYoM8EbP78ucjtsdvw4ywyo21hhSeP9PmRnNz/U3F9sQATmn+
QBl6sBsrmbML2yrhkM1ctZTVUVp0S72fAbLgVjNk86p/CF+a2tmi0+lJh1aR7zQi
opt+68Nec2/52kgWi64ruF7YITmGHBxS/RDooFbscZbdrPgcow/Jw+5HnQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,9025CDB2AB43B0DE
q4hvYnqkhDSDCsbXfxtMjPvzT38ql5wscOsGwDM/xMANSyPk9h/aqAxvB8G+8v6E
63x9Q5jRi2YY6z2sOpvu0utu7Xn6KA/H1YrpYFURTEjBbK2Qd41vPQ/NYcIO3nQd
PR2Qm3kpNumBSZomyNfJk9oegGxfw+P0af2GIb6YqmTDot+LLCLwpqxrGyQQ1LYp
zc4A9D/b19Y0eD+TU9S2KEYszvfUo7RBxRFSZ6QN1rT2SEa7IJN9wb6TvgeB2lRB
Ds90tmLtkbuwLTZre+aqbM8mU40+RI9GHh+mPw0Qz55Kw2CUe+PnGsLQnOTm7p/I
mLiPTNMJKvwaR18Z88IE9UwL0zE/ND7vZfrhqTn9bHRnzHU4NtBCBsS8zloI+rXZ
EIWKMDyzMH3wpbNYq/AemSvvUz1wGOxit5TjG2QwwCNt8hPLl0Es6Q5aWdAPPrLM
EfX/6gL7bLTHNyLPz/U32o0H4hz5J7FQ7SuYUPLI3ybiPC2qL11jbtrZMesAYEAX
mvRnqO+6dPEpwGmKz8kUj2mC8X8FPKCCiy4kbc8NjLTMao+/vOgD+wBuIePaC3yE
vpuZrsUSFZWRJ824sDMmmZFoi2DKsp1zqCV1kXozaPGigaOxtkdp890nBcGkPijQ
8F+jCGwSFda6UfuJHCQ/eJB+8LQUWa8u1TeJ9zo98oD2OBfQ5maZU0Vfv1EXvwbp
pz2R6HXFaPrQDeGO0xVzD453AbY/fZCGnhIwrEYvPAbwpIKde397MP66gYFMNFhA
IaMimFnBv7IHL08Ka0KtqbVhLpEKWFpZ6LsOnyispeB4KF0md+lpGg==
-----END RSA PRIVATE KEY-----
test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/**
* @test
* @bug 6852744
* @summary PIT b61: PKI test suite fails because self signed certificates
* are being rejected
* @run main/othervm StatusLoopDependency subca
* @run main/othervm StatusLoopDependency subci
* @run main/othervm StatusLoopDependency alice
* @author Xuelei Fan
*/
import
java.io.*
;
import
java.net.SocketException
;
import
java.util.*
;
import
java.security.Security
;
import
java.security.cert.*
;
import
java.security.cert.CertPathValidatorException.BasicReason
;
import
sun.security.util.DerInputStream
;
/**
* KeyUsage extension plays a important rule during looking for the issuer
* of a certificate or CRL. A certificate issuer should have the keyCertSign
* bit set, and a CRL issuer should have the cRLSign bit set.
*
* Sometime, a delegated CRL issuer would also have the keyCertSign bit set,
* as would be troublesome to find the proper CRL issuer during certificate
* path build if the delegated CRL issuer is a self-issued certificate, for
* it is hard to identify it from its issuer by the "issuer" field only.
*
* In the test case, the delegated CRL issuers have keyCertSign bit set, and
* the CAs have the cRLSign bit set also. If we cannot identify the delegated
* CRL issuer from its issuer, there is a potential loop to find the correct
* CRL.
*
* And when revocation enabled, needs to check the status of the delegated
* CRL issuers. If the delegated CRL issuer issues itself status, there is
* a potential loop to verify the CRL and check the status of delegated CRL
* issuer.
*
* The fix of 6852744 should addresses above issues.
*/
public
final
class
StatusLoopDependency
{
// the trust anchor
static
String
selfSignedCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMThaFw0zMDA2MDgxMzMyMTha\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQDInJhXi0655bPXAVkz1n5I6fAcZejzPnOPuwq3hU3OxFw8\n"
+
"81Uf6o9oKI1h4w4XAD8u1cUNOgiX+wPwojronlp68bIfO6FVhNf287pLtLhNJo+7\n"
+
"m6Qxw3ymFvEKy+PVj20CHSggdKHxUa4MBZBmHMFNBuxfYmjwzn+yTMmCCXOvSwID\n"
+
"AQABo4GJMIGGMB0GA1UdDgQWBBSQ52Dpau+gtL+Kc31dusYnKj16ZTBHBgNVHSME\n"
+
"QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n"
+
"BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n"
+
"DQYJKoZIhvcNAQEEBQADgYEAjBt6ea65HCqbGsS2rs/HhlGusYXtThRVC5vwXSey\n"
+
"ZFYwSgukuq1KDzckqZFu1meNImEwdZjwxdN0e2p/nVREPC42rZliSj6V1ThayKXj\n"
+
"DWEZW1U5aR8T+3NYfDrdKcJGx4Hzfz0qKz1j4ssV1M9ptJxYYv4y2Da+592IN1S9\n"
+
"v/E=\n"
+
"-----END CERTIFICATE-----"
;
// the sub-ca
static
String
subCaCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjRaFw0yOTAzMTUxMzMyMjRa\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPFv24SK78VI0gWlyIrq/X\n"
+
"srl1431K5hJJxMYZtaQunyPmrYg3oI9KvKFykxnR0N4XDPaIi75p9dXGppVu80BA\n"
+
"+csvIPBwlBQoNmKDQWTziDOqfK4tE+IMuL/Y7pxnH6CDMY7VGpvatty2zcmH+m/v\n"
+
"E/n+HPyeELJQT2rT/3T+7wIDAQABo4GJMIGGMB0GA1UdDgQWBBRidC8Dt3dBzYES\n"
+
"KpR2tR560sZ0+zBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n"
+
"HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n"
+
"AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMeMKqrMr5d3eTQsv\n"
+
"MYOD15Dl3THQGLAa4ad5Eyq5/1eUeEOpztzCgDfi0iPD8YCubIEVasBTSqTiGXqb\n"
+
"RpGuPHOwwfWvHrTeHSludiFBAUiKj7aEV+oQa0FBn4U4TT8HA62HQ93FhzTDI3jP\n"
+
"iil34GktVl6gfMKGzUEW/Dh8OM4=\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of trust anchor
static
String
topCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICPjCCAaegAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjNaFw0yOTAzMTUxMzMyMjNa\n"
+
"MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n"
+
"AQUAA4GNADCBiQKBgQC99u93trf+WmpfiqunJy/P31ej1l4rESxft2JSGNjKuLFN\n"
+
"/BO3SAugGJSkCARAwXjB0c8eeXhXWhVVWdNpbKepRJTxrjDfnFIavLgtUvmFwn/3\n"
+
"hPXe+RQeA8+AJ99Y+o+10kY8JAZLa2j93C2FdmwOjUbo8aIz85yhbiV1tEDjLwID\n"
+
"AQABo4GJMIGGMB0GA1UdDgQWBBSyFyA3XWLbdL6W6hksmBn7RKsQmDBHBgNVHSME\n"
+
"QDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n"
+
"BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYw\n"
+
"DQYJKoZIhvcNAQEEBQADgYEAHTm8aRTeakgCfEBCgSWK9wvMW1c18ANGMm8OFDBk\n"
+
"xabVy9BT0MVFHlaneh89oIxTZN0FMTpg21GZMAvIzhEt7DGdO7HLsW7JniN7/OZ0\n"
+
"rACmpK5frmZrLS03zUm8c+rTbazNfYLoZVG3/mDZbKIi+4y8IGnFcgLVsHsYoBNP\n"
+
"G0c=\n"
+
"-----END CERTIFICATE-----"
;
// a delegated CRL issuer, it's a self-issued certificate of sub-ca
static
String
subCrlIssuerCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICUDCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA2MjgxMzMyMjdaFw0yOTAzMTUxMzMyMjda\n"
+
"MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n"
+
"cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+8AcLJtGAVUWvv3ifcyQw\n"
+
"OGqwzcPrBw/XCs6vTMlcdtFzcH1M+Z3/QHN9+5VT1gqeTIZ+b8g9005Og3XKy/HX\n"
+
"obXZeLv20VZsr+jm52ySghEYOVCTJ9OyFOAp5adp6nf0cA66Feh3LsmVhpTEcDOG\n"
+
"GnyntQm0DBYxRoOT/GBlvQIDAQABo4GJMIGGMB0GA1UdDgQWBBSRWhMuZLQoHSDN\n"
+
"xhxr+vdDmfAY8jBHBgNVHSMEQDA+gBSQ52Dpau+gtL+Kc31dusYnKj16ZaEjpCEw\n"
+
"HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n"
+
"AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAMIDZLdOLFiPyS1bh\n"
+
"Ch4eUYHT+K1WG93skbga3kVYg3GSe+gctwkKwKK13bwfi8zc7wwz6MtmQwEYhppc\n"
+
"pKKKEwi5QirBCP54rihLCvRQaj6ZqUJ6VP+zPAqHYMDbzlBbHtVF/1lQUP30I6SV\n"
+
"Fu987DvLmZ2GuQA9FKJsnlD9pbU=\n"
+
"-----END CERTIFICATE-----"
;
// the target EE certificate
static
String
targetCertStr
=
"-----BEGIN CERTIFICATE-----\n"
+
"MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n"
+
"MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA2MjgxMzMy\n"
+
"MzBaFw0yOTAzMTUxMzMyMzBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n"
+
"cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n"
+
"9w0BAQEFAAOBjQAwgYkCgYEA7wnsvR4XEOfVznf40l8ClLod+7L0y2/+smVV+GM/\n"
+
"T1/QF/stajAJxXNy08gK00WKZ6ruTHhR9vh/Z6+EQM2RZDCpU0A7LPa3kLE/XTmS\n"
+
"1MLDu8ntkdlpURpvhdDWem+rl2HU5oZgzV8Jkcov9vXuSjqEDfr45FlPuV40T8+7\n"
+
"cxsCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSBwsAhi6Z1kriOs3ty\n"
+
"uSIujv9a3DAfBgNVHSMEGDAWgBRidC8Dt3dBzYESKpR2tR560sZ0+zANBgkqhkiG\n"
+
"9w0BAQQFAAOBgQDEiBqd5AMy2SQopFaS3dYkzj8MHlwtbCSoNVYkOfDnewcatrbk\n"
+
"yFcp6FX++PMdOQFHWvvnDdkCUAzZQp8kCkF9tGLVLBtOK7XxQ1us1LZym7kOPzsd\n"
+
"G93Dcf0U1JRO77juc61Br5paAy8Bok18Y/MeG7uKgB2MAEJYKhGKbCrfMw==\n"
+
"-----END CERTIFICATE-----"
;
// CRL issued by the delegated CRL issuer, topCrlIssuerCertStr
static
String
topCrlStr
=
"-----BEGIN X509 CRL-----\n"
+
"MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n"
+
"ChMHRXhhbXBsZRcNMDkwNjI4MTMzMjM4WhcNMjgwODI3MTMzMjM4WjAiMCACAQUX\n"
+
"DTA5MDYyODEzMzIzN1owDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQEwDQYJ\n"
+
"KoZIhvcNAQEEBQADgYEAVUIeu2x7ZwsliafoCBOg+u8Q4S/VFfTe/SQnRyTM3/V1\n"
+
"v+Vn5Acc7eo8Rh4AHcnFFbLNk38n6lllov/CaVR0IPZ6hnrNHVa7VYkNlRAwV2aN\n"
+
"GUUhkMMOLVLnN25UOrN9J637SHmRE6pB+TRMaEQ73V7UNlWxuSMK4KofWen0A34=\n"
+
"-----END X509 CRL-----"
;
// CRL issued by the delegated CRL issuer, subCrlIssuerCertStr
static
String
subCrlStr
=
"-----BEGIN X509 CRL-----\n"
+
"MIIBLTCBlwIBATANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE\n"
+
"ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwNjI4MTMzMjQzWhcNMjgw\n"
+
"ODI3MTMzMjQzWjAiMCACAQQXDTA5MDYyODEzMzIzOFowDDAKBgNVHRUEAwoBBKAO\n"
+
"MAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEEBQADgYEACQZEf6ydb3fKTMPJ8DBO\n"
+
"oo630MsrT3P0x0AC4+aQOueCBaGpNqW/H379uZxXAad7yr+aXUBwaeBMYVKUbwOe\n"
+
"5TrN5QWPe2eCkU+MSQvh1SHASDDMH4jhWFMRdO3aPMDKKPlO/Q3s0G72eD7Zo5dr\n"
+
"N9AvUXxGxU4DruoJuFPcrCI=\n"
+
"-----END X509 CRL-----"
;
private
static
Set
<
TrustAnchor
>
generateTrustAnchors
()
throws
CertificateException
{
// generate certificate from cert string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
Certificate
selfSignedCert
=
cf
.
generateCertificate
(
is
);
// generate a trust anchor
TrustAnchor
anchor
=
new
TrustAnchor
((
X509Certificate
)
selfSignedCert
,
null
);
return
Collections
.
singleton
(
anchor
);
}
private
static
CertStore
generateCertificateStore
()
throws
Exception
{
Collection
entries
=
new
HashSet
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
;
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
Certificate
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
selfSignedCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
topCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
cert
=
cf
.
generateCertificate
(
is
);
entries
.
add
(
cert
);
// generate CRL from CRL string
is
=
new
ByteArrayInputStream
(
topCrlStr
.
getBytes
());
Collection
mixes
=
cf
.
generateCRLs
(
is
);
entries
.
addAll
(
mixes
);
is
=
new
ByteArrayInputStream
(
subCrlStr
.
getBytes
());
mixes
=
cf
.
generateCRLs
(
is
);
entries
.
addAll
(
mixes
);
return
CertStore
.
getInstance
(
"Collection"
,
new
CollectionCertStoreParameters
(
entries
));
}
private
static
X509CertSelector
generateSelector
(
String
name
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
byte
[]
extVal
=
target
.
getExtensionValue
(
"2.5.29.14"
);
if
(
extVal
!=
null
)
{
DerInputStream
in
=
new
DerInputStream
(
extVal
);
byte
[]
subjectKID
=
in
.
getOctetString
();
selector
.
setSubjectKeyIdentifier
(
subjectKID
);
}
else
{
// unlikely to happen.
throw
new
Exception
(
"unexpected certificate: no SKID extension"
);
}
return
selector
;
}
private
static
boolean
match
(
String
name
,
Certificate
cert
)
throws
Exception
{
X509CertSelector
selector
=
new
X509CertSelector
();
// generate certificate from certificate string
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
ByteArrayInputStream
is
=
null
;
if
(
name
.
equals
(
"subca"
))
{
is
=
new
ByteArrayInputStream
(
subCaCertStr
.
getBytes
());
}
else
if
(
name
.
equals
(
"subci"
))
{
is
=
new
ByteArrayInputStream
(
subCrlIssuerCertStr
.
getBytes
());
}
else
{
is
=
new
ByteArrayInputStream
(
targetCertStr
.
getBytes
());
}
X509Certificate
target
=
(
X509Certificate
)
cf
.
generateCertificate
(
is
);
return
target
.
equals
(
cert
);
}
public
static
void
main
(
String
[]
args
)
throws
Exception
{
CertPathBuilder
builder
=
CertPathBuilder
.
getInstance
(
"PKIX"
);
X509CertSelector
selector
=
generateSelector
(
args
[
0
]);
Set
<
TrustAnchor
>
anchors
=
generateTrustAnchors
();
CertStore
certs
=
generateCertificateStore
();
PKIXBuilderParameters
params
=
new
PKIXBuilderParameters
(
anchors
,
selector
);
params
.
addCertStore
(
certs
);
params
.
setRevocationEnabled
(
true
);
params
.
setDate
(
new
Date
(
109
,
7
,
1
));
// 2009-07-01
Security
.
setProperty
(
"ocsp.enable"
,
"false"
);
System
.
setProperty
(
"com.sun.security.enableCRLDP"
,
"true"
);
PKIXCertPathBuilderResult
result
=
(
PKIXCertPathBuilderResult
)
builder
.
build
(
params
);
if
(!
match
(
args
[
0
],
result
.
getCertPath
().
getCertificates
().
get
(
0
)))
{
throw
new
Exception
(
"unexpected certificate"
);
}
}
}
test/java/security/cert/CertPathBuilder/selfIssued/generate.sh
0 → 100644
浏览文件 @
f01a2151
#
# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation. Sun designates this
# particular file as subject to the "Classpath" exception as provided
# by Sun in the LICENSE file that accompanied this code.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
#!/bin/ksh
#
# needs ksh to run the script.
# generate a self-signed root certificate
if
[
!
-f
root/root_cert.pem
]
;
then
if
[
!
-d
root
]
;
then
mkdir
root
fi
openssl req
-x509
-newkey
rsa:1024
-keyout
root/root_key.pem
\
-out
root/root_cert.pem
-subj
"/C=US/O=Example"
\
-config
openssl.cnf
-reqexts
cert_issuer
-days
7650
\
-passin
pass:passphrase
-passout
pass:passphrase
fi
# generate a sele-issued root crl issuer certificate
if
[
!
-f
root/top_crlissuer_cert.pem
]
;
then
if
[
!
-d
root
]
;
then
mkdir
root
fi
openssl req
-newkey
rsa:1024
-keyout
root/top_crlissuer_key.pem
\
-out
root/top_crlissuer_req.pem
-subj
"/C=US/O=Example"
-days
7650
\
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
root/top_crlissuer_req.pem
-extfile
openssl.cnf
\
-extensions
crl_issuer
-CA
root/root_cert.pem
\
-CAkey
root/root_key.pem
-out
root/top_crlissuer_cert.pem
\
-CAcreateserial
-CAserial
root/root_cert.srl
-days
7200
\
-passin
pass:passphrase
fi
# generate subca cert issuer and crl iuuser certificates
if
[
!
-f
subca/subca_cert.pem
]
;
then
if
[
!
-d
subca
]
;
then
mkdir
subca
fi
openssl req
-newkey
rsa:1024
-keyout
subca/subca_key.pem
\
-out
subca/subca_req.pem
-subj
"/C=US/O=Example/OU=Class-1"
\
-days
7650
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
subca/subca_req.pem
-extfile
openssl.cnf
\
-extensions
cert_issuer
-CA
root/root_cert.pem
\
-CAkey
root/root_key.pem
-out
subca/subca_cert.pem
-CAcreateserial
\
-CAserial
root/root_cert.srl
-days
7200
-passin
pass:passphrase
openssl req
-newkey
rsa:1024
-keyout
subca/subca_crlissuer_key.pem
\
-out
subca/subca_crlissuer_req.pem
-subj
"/C=US/O=Example/OU=Class-1"
\
-days
7650
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
subca/subca_crlissuer_req.pem
-extfile
openssl.cnf
\
-extensions
crl_issuer
-CA
root/root_cert.pem
\
-CAkey
root/root_key.pem
-out
subca/subca_crlissuer_cert.pem
\
-CAcreateserial
-CAserial
root/root_cert.srl
-days
7200
\
-passin
pass:passphrase
fi
# generate dumca cert issuer and crl iuuser certificates
if
[
!
-f
dumca/dumca_cert.pem
]
;
then
if
[
!
-d
sumca
]
;
then
mkdir
dumca
fi
openssl req
-newkey
rsa:1024
-keyout
dumca/dumca_key.pem
\
-out
dumca/dumca_req.pem
-subj
"/C=US/O=Example/OU=Class-D"
\
-days
7650
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
dumca/dumca_req.pem
-extfile
openssl.cnf
\
-extensions
cert_issuer
-CA
root/root_cert.pem
\
-CAkey
root/root_key.pem
-out
dumca/dumca_cert.pem
\
-CAcreateserial
-CAserial
root/root_cert.srl
-days
7200
\
-passin
pass:passphrase
openssl req
-newkey
rsa:1024
-keyout
dumca/dumca_crlissuer_key.pem
\
-out
dumca/dumca_crlissuer_req.pem
-subj
"/C=US/O=Example/OU=Class-D"
\
-days
7650
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
dumca/dumca_crlissuer_req.pem
\
-extfile
openssl.cnf
-extensions
crl_issuer
-CA
root/root_cert.pem
\
-CAkey
root/root_key.pem
-out
dumca/dumca_crlissuer_cert.pem
\
-CAcreateserial
-CAserial
root/root_cert.srl
-days
7200
\
-passin
pass:passphrase
fi
# generate certifiacte for Alice
if
[
!
-f
subca/alice/alice_cert.pem
]
;
then
if
[
!
-d
subca/alice
]
;
then
mkdir
-p
subca/alice
fi
openssl req
-newkey
rsa:1024
-keyout
subca/alice/alice_key.pem
\
-out
subca/alice/alice_req.pem
\
-subj
"/C=US/O=Example/OU=Class-1/CN=Alice"
-days
7650
\
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
subca/alice/alice_req.pem
\
-extfile
openssl.cnf
-extensions
ee_of_subca
\
-CA
subca/subca_cert.pem
-CAkey
subca/subca_key.pem
\
-out
subca/alice/alice_cert.pem
-CAcreateserial
\
-CAserial
subca/subca_cert.srl
-days
7200
-passin
pass:passphrase
fi
# generate certifiacte for Bob
if
[
!
-f
subca/bob/bob_cert.pem
]
;
then
if
[
!
-d
subca/bob
]
;
then
mkdir
-p
subca/bob
fi
openssl req
-newkey
rsa:1024
-keyout
subca/bob/bob_key.pem
\
-out
subca/bob/bob_req.pem
\
-subj
"/C=US/O=Example/OU=Class-1/CN=Bob"
-days
7650
\
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
subca/bob/bob_req.pem
\
-extfile
openssl.cnf
-extensions
ee_of_subca
\
-CA
subca/subca_cert.pem
-CAkey
subca/subca_key.pem
\
-out
subca/bob/bob_cert.pem
-CAcreateserial
\
-CAserial
subca/subca_cert.srl
-days
7200
-passin
pass:passphrase
fi
# generate certifiacte for Susan
if
[
!
-f
subca/susan/susan_cert.pem
]
;
then
if
[
!
-d
subca/susan
]
;
then
mkdir
-p
subca/susan
fi
openssl req
-newkey
rsa:1024
-keyout
subca/susan/susan_key.pem
\
-out
subca/susan/susan_req.pem
\
-subj
"/C=US/O=Example/OU=Class-1/CN=Susan"
-days
7650
\
-passin
pass:passphrase
-passout
pass:passphrase
openssl x509
-req
-in
subca/susan/susan_req.pem
-extfile
openssl.cnf
\
-extensions
ee_of_subca
-CA
subca/subca_cert.pem
\
-CAkey
subca/subca_key.pem
-out
subca/susan/susan_cert.pem
\
-CAcreateserial
-CAserial
subca/subca_cert.srl
-days
7200
\
-passin
pass:passphrase
fi
# generate the top CRL
if
[
!
-f
root/top_crl.pem
]
;
then
if
[
!
-d
root
]
;
then
mkdir
root
fi
if
[
!
-f
root/index.txt
]
;
then
touch
root/index.txt
echo
00
>
root/crlnumber
fi
openssl ca
-gencrl
-config
openssl.cnf
-name
ca_top
-crldays
7000
\
-crl_reason
superseded
-keyfile
root/top_crlissuer_key.pem
\
-cert
root/top_crlissuer_cert.pem
-out
root/top_crl.pem
\
-passin
pass:passphrase
fi
# revoke dumca
openssl ca
-revoke
dumca/dumca_cert.pem
-config
openssl.cnf
\
-name
ca_top
-crl_reason
superseded
\
-keyfile
root/top_crlissuer_key.pem
-cert
root/top_crlissuer_cert.pem
\
-passin
pass:passphrase
openssl ca
-gencrl
-config
openssl.cnf
-name
ca_top
-crldays
7000
\
-crl_reason
superseded
-keyfile
root/top_crlissuer_key.pem
\
-cert
root/top_crlissuer_cert.pem
-out
root/top_crl.pem
\
-passin
pass:passphrase
# revoke for subca
if
[
!
-f
subca/subca_crl.pem
]
;
then
if
[
!
-d
subca
]
;
then
mkdir
subca
fi
if
[
!
-f
subca/index.txt
]
;
then
touch
subca/index.txt
echo
00
>
subca/crlnumber
fi
openssl ca
-gencrl
-config
openssl.cnf
-name
ca_subca
-crldays
7000
\
-crl_reason
superseded
-keyfile
subca/subca_crlissuer_key.pem
\
-cert
subca/subca_crlissuer_cert.pem
-out
subca/subca_crl.pem
\
-passin
pass:passphrase
fi
# revoke susan
openssl ca
-revoke
subca/susan/susan_cert.pem
-config
openssl.cnf
\
-name
ca_subca
-crl_reason
superseded
\
-keyfile
subca/subca_crlissuer_key.pem
\
-cert
subca/subca_crlissuer_cert.pem
-passin
pass:passphrase
openssl ca
-gencrl
-config
openssl.cnf
-name
ca_subca
-crldays
7000
\
-crl_reason
superseded
-keyfile
subca/subca_crlissuer_key.pem
\
-cert
subca/subca_crlissuer_cert.pem
-out
subca/subca_crl.pem
\
-passin
pass:passphrase
test/java/security/cert/CertPathBuilder/selfIssued/openssl.cnf
0 → 100644
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
test/sun/security/krb5/ConfPlusProp.java
0 → 100644
浏览文件 @
f01a2151
/*
* Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
/*
* @test
* @bug 6857795
* @summary krb5.conf ignored if system properties on realm and kdc are provided
*/
import
sun.security.krb5.Config
;
import
sun.security.krb5.KrbException
;
public
class
ConfPlusProp
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
System
.
setProperty
(
"java.security.krb5.realm"
,
"R2"
);
System
.
setProperty
(
"java.security.krb5.kdc"
,
"k2"
);
// Point to a file with existing default_realm
System
.
setProperty
(
"java.security.krb5.conf"
,
System
.
getProperty
(
"test.src"
,
"."
)
+
"/confplusprop.conf"
);
Config
config
=
Config
.
getInstance
();
if
(!
config
.
getDefaultRealm
().
equals
(
"R2"
))
{
throw
new
Exception
(
"Default realm error"
);
}
if
(!
config
.
getKDCList
(
"R1"
).
equals
(
"k1"
))
{
throw
new
Exception
(
"R1 kdc error"
);
}
if
(!
config
.
getKDCList
(
"R2"
).
equals
(
"k2"
))
{
throw
new
Exception
(
"R2 kdc error"
);
}
if
(!
config
.
getDefault
(
"forwardable"
,
"libdefaults"
).
equals
(
"well"
))
{
throw
new
Exception
(
"Extra config error"
);
}
// Point to a file with no libdefaults
System
.
setProperty
(
"java.security.krb5.conf"
,
System
.
getProperty
(
"test.src"
,
"."
)
+
"/confplusprop2.conf"
);
Config
.
refresh
();
config
=
Config
.
getInstance
();
if
(!
config
.
getDefaultRealm
().
equals
(
"R2"
))
{
throw
new
Exception
(
"Default realm error again"
);
}
if
(!
config
.
getKDCList
(
"R1"
).
equals
(
"k12"
))
{
throw
new
Exception
(
"R1 kdc error"
);
}
if
(!
config
.
getKDCList
(
"R2"
).
equals
(
"k2"
))
{
throw
new
Exception
(
"R2 kdc error"
);
}
// Point to a non-existing file
System
.
setProperty
(
"java.security.krb5.conf"
,
"i-am-not-a file"
);
Config
.
refresh
();
config
=
Config
.
getInstance
();
if
(!
config
.
getDefaultRealm
().
equals
(
"R2"
))
{
throw
new
Exception
(
"Default realm error"
);
}
try
{
config
.
getKDCList
(
"R1"
);
throw
new
Exception
(
"R1 is nowhere"
);
}
catch
(
KrbException
ke
)
{
// OK
}
if
(!
config
.
getKDCList
(
"R2"
).
equals
(
"k2"
))
{
throw
new
Exception
(
"R2 kdc error"
);
}
if
(
config
.
getDefault
(
"forwardable"
,
"libdefaults"
)
!=
null
)
{
throw
new
Exception
(
"Extra config error"
);
}
}
}
test/sun/security/krb5/auto/LifeTimeInSeconds.java
0 → 100644
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
test/sun/security/krb5/confplusprop.conf
0 → 100644
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
test/sun/security/krb5/confplusprop2.conf
0 → 100644
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
test/tools/jar/index/MetaInf.java
浏览文件 @
f01a2151
此差异已折叠。
点击以展开。
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录