|
|
commons-ssl16:34:54.187 INFO jd.cli.Main - Decompiling commons-ssl.jar package org.apache.commons.httpclient.contrib.ssl; import java.io.IOException; import java.net.URL; import java.security.GeneralSecurityException; import org.apache.commons.ssl.HttpSecureProtocol; import org.apache.commons.ssl.KeyMaterial; import org.apache.commons.ssl.TrustMaterial; public class AuthSSLProtocolSocketFactory extends HttpSecureProtocol { public AuthSSLProtocolSocketFactory(URL keystoreUrl, String keystorePassword, URL truststoreUrl, String truststorePassword) throws GeneralSecurityException, IOException { if (keystoreUrl != null) { char[] ksPass = null; if (keystorePassword != null) { ksPass = keystorePassword.toCharArray(); } KeyMaterial km = new KeyMaterial(keystoreUrl, ksPass); super.setKeyMaterial(km); } if (truststoreUrl != null) { char[] tsPass = null; if (truststorePassword != null) { tsPass = truststorePassword.toCharArray(); } TrustMaterial tm = new KeyMaterial(truststoreUrl, tsPass); super.setTrustMaterial(tm); } } } /* Location: * Qualified Name: org.apache.commons.httpclient.contrib.ssl.AuthSSLProtocolSocketFactory * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.httpclient.contrib.ssl; import java.io.IOException; import java.security.GeneralSecurityException; import org.apache.commons.ssl.HttpSecureProtocol; import org.apache.commons.ssl.TrustMaterial; public class EasySSLProtocolSocketFactory extends HttpSecureProtocol { public EasySSLProtocolSocketFactory() throws GeneralSecurityException, IOException { super.setTrustMaterial(TrustMaterial.TRUST_ALL); super.setCheckHostname(false); super.setCheckExpiry(false); super.setCheckCRL(false); } } /* Location: * Qualified Name: org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.httpclient.contrib.ssl; import java.io.IOException; import java.security.GeneralSecurityException; import org.apache.commons.ssl.HttpSecureProtocol; public class StrictSSLProtocolSocketFactory extends HttpSecureProtocol { public StrictSSLProtocolSocketFactory(boolean verifyHostname) throws GeneralSecurityException, IOException { super.setCheckHostname(verifyHostname); } public StrictSSLProtocolSocketFactory() throws GeneralSecurityException, IOException { this(true); } public void setHostnameVerification(boolean verifyHostname) { super.setCheckHostname(verifyHostname); } public boolean getHostnameVerification() { return super.getCheckHostname(); } } /* Location: * Qualified Name: org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.httpclient.contrib.ssl; import java.io.IOException; import java.security.GeneralSecurityException; import org.apache.commons.ssl.HttpSecureProtocol; import org.apache.commons.ssl.KeyMaterial; public class TrustSSLProtocolSocketFactory extends HttpSecureProtocol { public TrustSSLProtocolSocketFactory(String pathToTrustStore) throws GeneralSecurityException, IOException { this(pathToTrustStore, null); } public TrustSSLProtocolSocketFactory(String pathToTrustStore, char[] password) throws GeneralSecurityException, IOException { KeyMaterial km = new KeyMaterial(pathToTrustStore, password); super.setTrustMaterial(km); } } /* Location: * Qualified Name: org.apache.commons.httpclient.contrib.ssl.TrustSSLProtocolSocketFactory * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Set; import java.util.TreeSet; class ASN1Structure { List derIntegers = new LinkedList(); Set oids = new TreeSet(); String oid1; String oid2; String oid3; byte[] salt; byte[] iv; int iterationCount; int keySize; byte[] bigPayload; byte[] smallPayload; public String toString() { StringBuffer buf = new StringBuffer(256); buf.append("------ ASN.1 PKCS Structure ------"); buf.append("\noid1: "); buf.append(oid1); if (oid2 != null) { buf.append("\noid2: "); buf.append(oid2); } buf.append("\nsalt: "); if (salt != null) { buf.append(PEMUtil.bytesToHex(salt)); } else { buf.append("[null]"); } buf.append("\nic: "); buf.append(Integer.toString(iterationCount)); if (keySize != 0) { buf.append("\nkeySize: "); buf.append(Integer.toString(keySize * 8)); } if (oid2 != null) { buf.append("\noid3: "); buf.append(oid3); } if (oid2 != null) { buf.append("\niv: "); if (iv != null) { buf.append(PEMUtil.bytesToHex(iv)); } else { buf.append("[null]"); } } if (bigPayload != null) { buf.append("\nbigPayload-length: "); buf.append(bigPayload.length); } if (smallPayload != null) { buf.append("\nsmallPayload-length: "); buf.append(smallPayload.length); } if (!oids.isEmpty()) { Iterator it = oids.iterator(); buf.append("\nAll oids:"); while (it.hasNext()) { buf.append("\n"); buf.append((String)it.next()); } } return buf.toString(); } } /* Location: * Qualified Name: org.apache.commons.ssl.ASN1Structure * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.FileInputStream; import java.io.IOException; import java.io.PrintStream; import java.math.BigInteger; import java.util.Enumeration; import java.util.List; import java.util.Set; import java.util.Vector; import org.apache.commons.ssl.asn1.ASN1InputStream; import org.apache.commons.ssl.asn1.DEREncodable; import org.apache.commons.ssl.asn1.DERInteger; import org.apache.commons.ssl.asn1.DERObjectIdentifier; import org.apache.commons.ssl.asn1.DEROctetString; import org.apache.commons.ssl.asn1.DERPrintableString; import org.apache.commons.ssl.asn1.DERSequence; import org.apache.commons.ssl.asn1.DERSet; import org.apache.commons.ssl.asn1.DERTaggedObject; public class ASN1Util { public static boolean DEBUG = false; public static final BigInteger BIGGEST = new BigInteger(Integer.toString(Integer.MAX_VALUE)); public static ASN1Structure analyze(byte[] asn1) throws IOException { ASN1InputStream asn = new ASN1InputStream(asn1); DERSequence seq = (DERSequence)asn.readObject(); ASN1Structure pkcs8 = new ASN1Structure(); analyze(seq, pkcs8, 0); return pkcs8; } public static void main(String[] args) throws Exception { DEBUG = true; FileInputStream in = new FileInputStream(args[0]); byte[] bytes = Util.streamToBytes(in); List list = PEMUtil.decode(bytes); if (!list.isEmpty()) { bytes = ((PEMItem)list.get(0)).getDerBytes(); } ASN1Structure asn1 = analyze(bytes); while (bigPayload != null) { System.out.println("------------------------------------------"); System.out.println(asn1); System.out.println("------------------------------------------"); asn1 = analyze(bigPayload); } } public static void analyze(DEREncodable seq, ASN1Structure pkcs8, int depth) { String tag = null; if (depth >= 2) { derIntegers = null; } Enumeration en; Enumeration en; if ((seq instanceof DERSequence)) { en = ((DERSequence)seq).getObjects(); } else { Enumeration en; if ((seq instanceof DERSet)) { en = ((DERSet)seq).getObjects(); } else if ((seq instanceof DERTaggedObject)) { DERTaggedObject derTag = (DERTaggedObject)seq; tag = Integer.toString(derTag.getTagNo()); Vector v = new Vector(); v.add(derTag.getObject()); en = v.elements(); } else { throw new IllegalArgumentException("DEREncodable must be one of: DERSequence, DERSet, DERTaggedObject"); } } while ((en != null) && (en.hasMoreElements())) { DEREncodable obj = (DEREncodable)en.nextElement(); if ((!(obj instanceof DERSequence)) && (!(obj instanceof DERSet)) && (!(obj instanceof DERTaggedObject))) { String str = obj.toString(); String name = obj.getClass().getName(); name = name.substring(name.lastIndexOf('.') + 1); if (tag != null) { name = " [tag=" + tag + "] " + name; } for (int i = 0; i < depth; i++) { name = " " + name; } if ((obj instanceof DERInteger)) { DERInteger dInt = (DERInteger)obj; if (derIntegers != null) { derIntegers.add(dInt); } BigInteger big = dInt.toBigInteger(); int intValue = big.intValue(); if ((BIGGEST.compareTo(big) >= 0) && (intValue > 0)) { if (iterationCount == 0) { iterationCount = intValue; } else if (keySize == 0) { keySize = intValue; } } str = dInt.toBigInteger().toString(); } else if ((obj instanceof DERObjectIdentifier)) { DERObjectIdentifier id = (DERObjectIdentifier)obj; str = id.getIdentifier(); oids.add(str); if (oid1 == null) { oid1 = str; } else if (oid2 == null) { oid2 = str; } else if (oid3 == null) { oid3 = str; } } else { derIntegers = null; if ((obj instanceof DEROctetString)) { DEROctetString oct = (DEROctetString)obj; byte[] octets = oct.getOctets(); int len = Math.min(10, octets.length); boolean probablyBinary = false; for (int i = 0; i < len; i++) { byte b = octets[i]; boolean isBinary = (b > 128) || (b < 0); if (isBinary) { probablyBinary = true; break; } } if ((probablyBinary) && (octets.length > 64)) { if (bigPayload == null) { bigPayload = octets; } str = "probably binary"; } else { str = PEMUtil.bytesToHex(octets); if (octets.length <= 64) { if (octets.length % 8 == 0) { if (salt == null) { salt = octets; } else if (iv == null) { iv = octets; } } else if (smallPayload == null) { smallPayload = octets; } } } str = str + " (length=" + octets.length + ")"; } else if ((obj instanceof DERPrintableString)) { DERPrintableString dps = (DERPrintableString)obj; str = dps.getString(); } } if (DEBUG) { System.out.println(name + ": [" + str + "]"); } } else { if ((tag != null) && (DEBUG)) { String name = obj.getClass().getName(); name = name.substring(name.lastIndexOf('.') + 1); name = " [tag=" + tag + "] " + name; for (int i = 0; i < depth; i++) { name = " " + name; } System.out.println(name); } analyze(obj, pkcs8, depth + 1); } } } } /* Location: * Qualified Name: org.apache.commons.ssl.ASN1Util * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; public class Base64 { static final int CHUNK_SIZE = 76; static final byte[] CHUNK_SEPARATOR = "\r\n".getBytes(); static final int BASELENGTH = 255; static final int LOOKUPLENGTH = 64; static final int EIGHTBIT = 8; static final int SIXTEENBIT = 16; static final int TWENTYFOURBITGROUP = 24; static final int FOURBYTE = 4; static final int SIGN = -128; static final byte PAD = 61; private static byte[] base64Alphabet = new byte['�']; private static byte[] lookUpBase64Alphabet = new byte[64]; static { for (int i = 0; i < 255; i++) { base64Alphabet[i] = -1; } for (int i = 90; i >= 65; i--) { base64Alphabet[i] = ((byte)(i - 65)); } for (int i = 122; i >= 97; i--) { base64Alphabet[i] = ((byte)(i - 97 + 26)); } for (int i = 57; i >= 48; i--) { base64Alphabet[i] = ((byte)(i - 48 + 52)); } base64Alphabet[43] = 62; base64Alphabet[47] = 63; for (int i = 0; i <= 25; i++) { lookUpBase64Alphabet[i] = ((byte)(65 + i)); } int i = 26; for (int j = 0; i <= 51; j++) { lookUpBase64Alphabet[i] = ((byte)(97 + j));i++; } int i = 52; for (int j = 0; i <= 61; j++) { lookUpBase64Alphabet[i] = ((byte)(48 + j));i++; } lookUpBase64Alphabet[62] = 43; lookUpBase64Alphabet[63] = 47; } public static boolean isBase64(byte b) { return (b == 61) || ((b >= 0) && (base64Alphabet[b] >= 0)); } public static boolean isArrayByteBase64(byte[] arrayOctect) { arrayOctect = discardWhitespace(arrayOctect); int length = arrayOctect.length; if (length == 0) { return true; } for (int i = 0; i < length; i++) { if (!isBase64(arrayOctect[i])) { return false; } } return true; } public static byte[] encodeBase64(byte[] binaryData) { return encodeBase64(binaryData, false); } public static byte[] encodeBase64Chunked(byte[] binaryData) { return encodeBase64(binaryData, true); } public Object decode(Object pObject) throws IllegalArgumentException { if (!(pObject instanceof byte[])) { throw new IllegalArgumentException("Parameter supplied to Base64 decode is not a byte[]"); } return decode((byte[])pObject); } public byte[] decode(byte[] pArray) { return decodeBase64(pArray); } public static byte[] encodeBase64(byte[] binaryData, boolean isChunked) { int lengthDataBits = binaryData.length * 8; int fewerThan24bits = lengthDataBits % 24; int numberTriplets = lengthDataBits / 24; int nbrChunks = 0; int encodedDataLength; int encodedDataLength; if (fewerThan24bits != 0) { encodedDataLength = (numberTriplets + 1) * 4; } else { encodedDataLength = numberTriplets * 4; } if (isChunked) { nbrChunks = CHUNK_SEPARATOR.length == 0 ? 0 : (int)Math.ceil(encodedDataLength / 76.0F); encodedDataLength += nbrChunks * CHUNK_SEPARATOR.length; } byte[] encodedData = new byte[encodedDataLength]; int encodedIndex = 0; int nextSeparatorIndex = 76; int chunksSoFar = 0; for (int i = 0; i < numberTriplets; i++) { int dataIndex = i * 3; byte b1 = binaryData[dataIndex]; byte b2 = binaryData[(dataIndex + 1)]; byte b3 = binaryData[(dataIndex + 2)]; byte l = (byte)(b2 & 0xF); byte k = (byte)(b1 & 0x3); byte val1 = (b1 & 0xFFFFFF80) == 0 ? (byte)(b1 >> 2) : (byte)(b1 >> 2 ^ 0xC0); byte val2 = (b2 & 0xFFFFFF80) == 0 ? (byte)(b2 >> 4) : (byte)(b2 >> 4 ^ 0xF0); byte val3 = (b3 & 0xFFFFFF80) == 0 ? (byte)(b3 >> 6) : (byte)(b3 >> 6 ^ 0xFC); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; encodedData[(encodedIndex + 1)] = lookUpBase64Alphabet[(val2 | k << 4)]; encodedData[(encodedIndex + 2)] = lookUpBase64Alphabet[(l << 2 | val3)]; encodedData[(encodedIndex + 3)] = lookUpBase64Alphabet[(b3 & 0x3F)]; encodedIndex += 4; if (isChunked) { if (encodedIndex == nextSeparatorIndex) { System.arraycopy(CHUNK_SEPARATOR, 0, encodedData, encodedIndex, CHUNK_SEPARATOR.length); chunksSoFar++; nextSeparatorIndex = 76 * (chunksSoFar + 1) + chunksSoFar * CHUNK_SEPARATOR.length; encodedIndex += CHUNK_SEPARATOR.length; } } } int dataIndex = i * 3; if (fewerThan24bits == 8) { byte b1 = binaryData[dataIndex]; byte k = (byte)(b1 & 0x3); byte val1 = (b1 & 0xFFFFFF80) == 0 ? (byte)(b1 >> 2) : (byte)(b1 >> 2 ^ 0xC0); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; encodedData[(encodedIndex + 1)] = lookUpBase64Alphabet[(k << 4)]; encodedData[(encodedIndex + 2)] = 61; encodedData[(encodedIndex + 3)] = 61; } else if (fewerThan24bits == 16) { byte b1 = binaryData[dataIndex]; byte b2 = binaryData[(dataIndex + 1)]; byte l = (byte)(b2 & 0xF); byte k = (byte)(b1 & 0x3); byte val1 = (b1 & 0xFFFFFF80) == 0 ? (byte)(b1 >> 2) : (byte)(b1 >> 2 ^ 0xC0); byte val2 = (b2 & 0xFFFFFF80) == 0 ? (byte)(b2 >> 4) : (byte)(b2 >> 4 ^ 0xF0); encodedData[encodedIndex] = lookUpBase64Alphabet[val1]; encodedData[(encodedIndex + 1)] = lookUpBase64Alphabet[(val2 | k << 4)]; encodedData[(encodedIndex + 2)] = lookUpBase64Alphabet[(l << 2)]; encodedData[(encodedIndex + 3)] = 61; } if (isChunked) { if (chunksSoFar < nbrChunks) { System.arraycopy(CHUNK_SEPARATOR, 0, encodedData, encodedDataLength - CHUNK_SEPARATOR.length, CHUNK_SEPARATOR.length); } } return encodedData; } public static byte[] decodeBase64(byte[] base64Data) { base64Data = discardNonBase64(base64Data); if (base64Data.length == 0) { return new byte[0]; } int numberQuadruple = base64Data.length / 4; int encodedIndex = 0; int lastData = base64Data.length; while (base64Data[(lastData - 1)] == 61) { lastData--; if (lastData == 0) { return new byte[0]; } } byte[] decodedData = new byte[lastData - numberQuadruple]; for (int i = 0; i < numberQuadruple; i++) { int dataIndex = i * 4; byte marker0 = base64Data[(dataIndex + 2)]; byte marker1 = base64Data[(dataIndex + 3)]; byte b1 = base64Alphabet[base64Data[dataIndex]]; byte b2 = base64Alphabet[base64Data[(dataIndex + 1)]]; if ((marker0 != 61) && (marker1 != 61)) { byte b3 = base64Alphabet[marker0]; byte b4 = base64Alphabet[marker1]; decodedData[encodedIndex] = ((byte)(b1 << 2 | b2 >> 4)); decodedData[(encodedIndex + 1)] = ((byte)((b2 & 0xF) << 4 | b3 >> 2 & 0xF)); decodedData[(encodedIndex + 2)] = ((byte)(b3 << 6 | b4)); } else if (marker0 == 61) { decodedData[encodedIndex] = ((byte)(b1 << 2 | b2 >> 4)); } else { byte b3 = base64Alphabet[marker0]; decodedData[encodedIndex] = ((byte)(b1 << 2 | b2 >> 4)); decodedData[(encodedIndex + 1)] = ((byte)((b2 & 0xF) << 4 | b3 >> 2 & 0xF)); } encodedIndex += 3; } return decodedData; } static byte[] discardWhitespace(byte[] data) { byte[] groomedData = new byte[data.length]; int bytesCopied = 0; for (int i = 0; i < data.length; i++) { switch (data[i]) { case 9: case 10: case 13: case 32: break; default: groomedData[(bytesCopied++)] = data[i]; } } byte[] packedData = new byte[bytesCopied]; System.arraycopy(groomedData, 0, packedData, 0, bytesCopied); return packedData; } static byte[] discardNonBase64(byte[] data) { byte[] groomedData = new byte[data.length]; int bytesCopied = 0; for (int i = 0; i < data.length; i++) { if (isBase64(data[i])) { groomedData[(bytesCopied++)] = data[i]; } } byte[] packedData = new byte[bytesCopied]; System.arraycopy(groomedData, 0, packedData, 0, bytesCopied); return packedData; } public Object encode(Object pObject) throws IllegalArgumentException { if (!(pObject instanceof byte[])) { throw new IllegalArgumentException("Parameter supplied to Base64 encode is not a byte[]"); } return encode((byte[])pObject); } public byte[] encode(byte[] pArray) { return encodeBase64(pArray, false); } } /* Location: * Qualified Name: org.apache.commons.ssl.Base64 * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.FilterInputStream; import java.io.IOException; import java.io.InputStream; public class Base64InputStream extends FilterInputStream { private static final byte[] LINE_ENDING = System.getProperty("line.separator").getBytes(); final boolean decodeMode; byte[] currentLine = null; int pos = 0; public Base64InputStream(InputStream base64, boolean decodeMode) { super(base64); this.decodeMode = decodeMode; } public int read() throws IOException { getLine(); if (currentLine == null) { return -1; } byte b = currentLine[(pos++)]; if (pos >= currentLine.length) { currentLine = null; } return b; } public int read(byte[] b, int off, int len) throws IOException { if (b == null) { throw new NullPointerException(); } if ((off < 0) || (off > b.length) || (len < 0) || (off + len > b.length) || (off + len < 0)) { throw new IndexOutOfBoundsException(); } if (len == 0) { return 0; } getLine(); if (currentLine == null) { return -1; } int size = Math.min(currentLine.length - pos, len); System.arraycopy(currentLine, pos, b, off, size); if (size >= currentLine.length - pos) { currentLine = null; } else { pos += size; } return size; } private void getLine() throws IOException { if (currentLine == null) { if (decodeMode) { String line = Util.readLine(in); if (line != null) { byte[] b = line.getBytes(); currentLine = Base64.decodeBase64(b); pos = 0; } } else { byte[] b = Util.streamToBytes(in, 48); if (b.length > 0) { b = Base64.encodeBase64(b); int lfLen = LINE_ENDING.length; currentLine = new byte[b.length + lfLen]; System.arraycopy(b, 0, currentLine, 0, b.length); System.arraycopy(LINE_ENDING, 0, currentLine, b.length, lfLen); } } } } } /* Location: * Qualified Name: org.apache.commons.ssl.Base64InputStream * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.IOException; public class CRLUtil { public static String getURLToCRL(byte[] extension2_5_29_31) throws IOException { throw new UnsupportedOperationException("not yet implemented"); } } /* Location: * Qualified Name: org.apache.commons.ssl.CRLUtil * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.math.BigInteger; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Date; class Certificates$1 implements Certificates.SerializableComparator { public int compare(Object o1, Object o2) { X509Certificate c1 = (X509Certificate)o1; X509Certificate c2 = (X509Certificate)o2; if (c1 == c2) { return 0; } if (c1 == null) { return -1; } if (c2 == null) { return 1; } if (c1.equals(c2)) { return 0; } Date d1 = c1.getNotAfter(); Date d2 = c2.getNotAfter(); int c = d1.compareTo(d2); if (c == 0) { String s1 = JavaImpl.getSubjectX500(c1); String s2 = JavaImpl.getSubjectX500(c2); c = s1.compareTo(s2); if (c == 0) { s1 = JavaImpl.getIssuerX500(c1); s2 = JavaImpl.getIssuerX500(c2); c = s1.compareTo(s2); if (c == 0) { BigInteger big1 = c1.getSerialNumber(); BigInteger big2 = c2.getSerialNumber(); c = big1.compareTo(big2); if (c == 0) { try { byte[] b1 = c1.getEncoded(); byte[] b2 = c2.getEncoded(); int len1 = b1.length; int len2 = b2.length; for (int i = 0; (i < len1) && (i < len2); i++) { c = b1[i] - b2[i]; if (c != 0) { break; } } if (c == 0) { c = b1.length - b2.length; } } catch (CertificateEncodingException cee) { c = 0; } } } } } return c; } } /* Location: * Qualified Name: org.apache.commons.ssl.Certificates.1 * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.math.BigInteger; import java.net.URL; import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.HashSet; import java.util.Set; class Certificates$CRLHolder { private final String urlString; private File tempCRLFile; private long creationTime; private Set passedTest = new HashSet(); private Set failedTest = new HashSet(); Certificates$CRLHolder(String urlString) { if (urlString == null) { throw new NullPointerException("urlString can't be null"); } this.urlString = urlString; } public synchronized boolean checkCRL(X509Certificate cert) throws CertificateException { CRL crl = null; long now = System.currentTimeMillis(); if (now - creationTime > 86400000L) { if ((tempCRLFile != null) && (tempCRLFile.exists())) { tempCRLFile.delete(); } tempCRLFile = null; passedTest.clear(); } BigInteger fingerprint = Certificates.getFingerprint(cert); if (failedTest.contains(fingerprint)) { throw new CertificateException("Revoked by CRL (cached response)"); } if (passedTest.contains(fingerprint)) { return true; } if (tempCRLFile == null) { try { URL url = new URL(urlString); File tempFile = File.createTempFile("crl", ".tmp"); tempFile.deleteOnExit(); OutputStream out = new FileOutputStream(tempFile); out = new BufferedOutputStream(out); InputStream in = new BufferedInputStream(url.openStream()); try { Util.pipeStream(in, out); } catch (IOException ioe) { tempFile.delete(); throw ioe; } tempCRLFile = tempFile; creationTime = System.currentTimeMillis(); } catch (IOException ioe) {} } if ((tempCRLFile != null) && (tempCRLFile.exists())) { try { InputStream in = new FileInputStream(tempCRLFile); in = new BufferedInputStream(in); synchronized (Certificates.CF) { crl = Certificates.CF.generateCRL(in); } in.close(); if (crl.isRevoked(cert)) { passedTest.remove(fingerprint); failedTest.add(fingerprint); throw new CertificateException("Revoked by CRL"); } passedTest.add(fingerprint); } catch (IOException ioe) {}catch (CRLException crle) {} } return crl != null; } } /* Location: * Qualified Name: org.apache.commons.ssl.Certificates.CRLHolder * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.Serializable; import java.util.Comparator; public abstract interface Certificates$SerializableComparator extends Comparator, Serializable {} /* Location: * Qualified Name: org.apache.commons.ssl.Certificates.SerializableComparator * Java Class Version: 1.2 (46.0) * JD-Core Version: 0.7.1 */ package org.apache.commons.ssl; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.PrintStream; import java.io.Serializable; import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.net.URL; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; import java.security.cert.X509Extension; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Arrays; import java.util.Collection; import java.util.Comparator; import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Set; import java.util.SortedSet; import java.util.StringTokenizer; import javax.security.auth.x500.X500Principal; public class Certificates { public static final CertificateFactory CF; public static final String LINE_ENDING = System.getProperty("line.separator"); private static final HashMap crl_cache = new HashMap(); public static final String CRL_EXTENSION = "2.5.29.31"; public static final String OCSP_EXTENSION = "1.3.6.1.5.5.7.1.1"; private static final DateFormat DF = new SimpleDateFormat("yyyy/MMM/dd"); public static final SerializableComparator COMPARE_BY_EXPIRY = new SerializableComparator() { public int compare(Object o1, Object o2) { X509Certificate c1 = (X509Certificate)o1; X509Certificate c2 = (X509Certificate)o2; if (c1 == c2) { return 0; } if (c1 == null) { return -1; } if (c2 == null) { return 1; } if (c1.equals(c2)) { return 0; } Date d1 = c1.getNotAfter(); Date d2 = c2.getNotAfter(); int c = d1.compareTo(d2); if (c == 0) { String s1 = JavaImpl.getSubjectX500(c1); String s2 = JavaImpl.getSubjectX500(c2); c = s1.compareTo(s2); if (c == 0) { s1 = JavaImpl.getIssuerX500(c1); s2 = JavaImpl.getIssuerX500(c2); c = s1.compareTo(s2); if (c == 0) { BigInteger big1 = c1.getSerialNumber(); BigInteger big2 = c2.getSerialNumber(); c = big1.compareTo(big2); if (c == 0) { try { byte[] b1 = c1.getEncoded(); byte[] b2 = c2.getEncoded(); int len1 = b1.length; int len2 = b2.length; for (int i = 0; (i < len1) && (i < len2); i++) { c = b1[i] - b2[i]; if (c != 0) { break; } } if (c == 0) { c = b1.length - b2.length; } } catch (CertificateEncodingException cee) { c = 0; } } } } } return c; } }; static { CertificateFactory cf = null; try { cf = CertificateFactory.getInstance("X.509"); } catch (CertificateException ce) { ce.printStackTrace(System.out); } finally { CF = cf; } } public static String toPEMString(X509Certificate cert) throws CertificateEncodingException { return toString(cert.getEncoded()); } public static String toString(byte[] x509Encoded) { byte[] encoded = Base64.encodeBase64(x509Encoded); StringBuffer buf = new StringBuffer(encoded.length + 100); buf.append("-----BEGIN CERTIFICATE-----\n"); for (int i = 0; i < encoded.length; i += 64) { if (encoded.length - i >= 64) { buf.append(new String(encoded, i, 64)); } else { buf.append(new String(encoded, i, encoded.length - i)); } buf.append(LINE_ENDING); } buf.append("-----END CERTIFICATE-----"); buf.append(LINE_ENDING); return buf.toString(); } public static String toString(X509Certificate cert) { return toString(cert, false); } public static String toString(X509Certificate cert, boolean htmlStyle) { String cn = getCN(cert); String startStart = DF.format(cert.getNotBefore()); String endDate = DF.format(cert.getNotAfter()); String subject = JavaImpl.getSubjectX500(cert); String issuer = JavaImpl.getIssuerX500(cert); Iterator crls = getCRLs(cert).iterator(); if (subject.equals(issuer)) { issuer = "self-signed"; } StringBuffer buf = new StringBuffer(128); if (htmlStyle) { buf.append("<strong class=\"cn\">"); } buf.append(cn); if (htmlStyle) { buf.append("</strong>"); } buf.append(LINE_ENDING); buf.append("Valid: "); buf.append(startStart); buf.append(" - "); buf.append(endDate); buf.append(LINE_ENDING); buf.append("s: "); buf.append(subject); buf.append(LINE_ENDING); buf.append("i: "); buf.append(issuer); while (crls.hasNext()) { buf.append(LINE_ENDING); buf.append("CRL: "); buf.append((String)crls.next()); } buf.append(LINE_ENDING); return buf.toString(); } public static List getCRLs(X509Extension cert) { byte[] bytes = cert.getExtensionValue("2.5.29.31"); LinkedList httpCRLS = new LinkedList(); LinkedList ftpCRLS = new LinkedList(); LinkedList otherCRLS = new LinkedList(); if (bytes == null) { return httpCRLS; } String s; try { s = new String(bytes, "UTF-8"); } catch (UnsupportedEncodingException uee) { String s; s = new String(bytes); } int pos = 0; while (pos >= 0) { int x = -1; int[] indexes = new int[4]; indexes[0] = s.indexOf("http", pos); indexes[1] = s.indexOf("ldap", pos); indexes[2] = s.indexOf("file", pos); indexes[3] = s.indexOf("ftp", pos); Arrays.sort(indexes); for (int i = 0; i < indexes.length; i++) { if (indexes[i] >= 0) { x = indexes[i]; break; } } if (x >= 0) { int y = s.indexOf(65533, x); String crl = y > x ? s.substring(x, y - 1) : s.substring(x); if ((y > x) && (crl.endsWith("0"))) { crl = crl.substring(0, crl.length() - 1); } String crlTest = crl.trim().toLowerCase(); if (crlTest.startsWith("http")) { httpCRLS.add(crl); } else if (crlTest.startsWith("ftp")) { ftpCRLS.add(crl); } else { otherCRLS.add(crl); } pos = y; } else { pos = -1; } } httpCRLS.addAll(ftpCRLS); httpCRLS.addAll(otherCRLS); return httpCRLS; } public static void checkCRL(X509Certificate cert) throws CertificateException { byte[] bytes = cert.getExtensionValue("2.5.29.31"); if (bytes != null) { List crlList = getCRLs(cert); Iterator it = crlList.iterator(); while (it.hasNext()) { String url = (String)it.next(); CRLHolder holder = (CRLHolder)crl_cache.get(url); if (holder == null) { holder = new CRLHolder(url); crl_cache.put(url, holder); } boolean success = holder.checkCRL(cert); if (success) { break; } } } } public static BigInteger getFingerprint(X509Certificate x509) throws CertificateEncodingException { return getFingerprint(x509.getEncoded()); } public static BigInteger getFingerprint(byte[] x509) throws CertificateEncodingException { try { sha1 = MessageDigest.getInstance("SHA1"); } catch (NoSuchAlgorithmException nsae) { MessageDigest sha1; throw JavaImpl.newRuntimeException(nsae); } MessageDigest sha1; sha1.reset(); byte[] result = sha1.digest(x509); return new BigInteger(result); } private static class CRLHolder { private final String urlString; private File tempCRLFile; private long creationTime; private Set passedTest = new HashSet(); private Set failedTest = new HashSet(); CRLHolder(String urlString) { if (urlString == null) { throw new NullPointerException("urlString can't be null"); } this.urlString = urlString; } public synchronized boolean checkCRL(X509Certificate cert) throws CertificateException { CRL crl = null; long now = System.currentTimeMillis(); if (now - creationTime > 86400000L) { if ((tempCRLFile != null) && (tempCRLFile.exists())) { tempCRLFile.delete(); } tempCRLFile = null; passedTest.clear(); } BigInteger fingerprint = Certificates.getFingerprint(cert); if (failedTest.contains(fingerprint)) { throw new CertificateException("Revoked by CRL (cached response)"); } if (passedTest.contains(fingerprint)) { return true; } if (tempCRLFile == null) { try { URL url = new URL(urlString); File tempFile = File.createTempFile("crl", ".tmp"); tempFile.deleteOnExit(); OutputStream out = new FileOutputStream(tempFile); out = new BufferedOutputStream(out); InputStream in = new BufferedInputStream(url.openStream()); try { Util.pipeStream(in, out); } catch (IOException ioe) { tempFile.delete(); throw ioe; } tempCRLFile = tempFile; creationTime = System.currentTimeMillis(); } catch (IOException ioe) {} } if ((tempCRLFile != null) && (tempCRLFile.exists())) { try { InputStream in = new FileInputStream(tempCRLFile); in = new BufferedInputStream(in); synchronized (Certificates.CF) { crl = Certificates.CF.generateCRL(in); } in.close(); if (crl.isRevoked(cert)) { passedTest.remove(fingerprint); failedTest.add(fingerprint); throw new CertificateException("Revoked by CRL"); } passedTest.add(fingerprint); } catch (IOException ioe) {}catch (CRLException crle) {} } return crl != null; } } public static String getCN(X509Certificate cert) { String[] cns = getCNs(cert); boolean foundSomeCNs = (cns != null) && (cns.length >= 1); Further reading...For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.New!JAR listings
|
