8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
Refactored code to use java.util.Base64 Mime Encoder and Decoder as a replacement for sun.misc.BASE64Encoder and sun.misc.BASE64Decoder Reviewed-by: vinnie, chegar, sherman
This commit is contained in:
Mark Sheppard
parent
835c35dc91
commit
ec9e303630
@ -37,7 +37,7 @@ import java.security.Signature;
|
||||
import java.security.SignatureException;
|
||||
import java.security.PublicKey;
|
||||
|
||||
import sun.misc.BASE64Encoder;
|
||||
import java.util.Base64;
|
||||
|
||||
import sun.security.util.*;
|
||||
import sun.security.x509.AlgorithmId;
|
||||
@ -289,10 +289,9 @@ public class PKCS10 {
|
||||
if (encoded == null)
|
||||
throw new SignatureException("Cert request was not signed");
|
||||
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
|
||||
out.println("-----BEGIN NEW CERTIFICATE REQUEST-----");
|
||||
encoder.encodeBuffer(encoded, out);
|
||||
out.println(Base64.getMimeEncoder().encodeToString(encoded));
|
||||
out.println("-----END NEW CERTIFICATE REQUEST-----");
|
||||
}
|
||||
|
||||
|
||||
@ -35,7 +35,7 @@ import sun.security.provider.certpath.X509CertPath;
|
||||
import sun.security.provider.certpath.X509CertificatePair;
|
||||
import sun.security.util.DerValue;
|
||||
import sun.security.util.Cache;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
import sun.security.pkcs.ParsingException;
|
||||
|
||||
/**
|
||||
@ -512,7 +512,7 @@ public class X509Factory extends CertificateFactorySpi {
|
||||
hyphen = 0;
|
||||
last = next;
|
||||
}
|
||||
if (hyphen == 5 && (last==-1 || last=='\r' || last=='\n')) {
|
||||
if (hyphen == 5 && (last == -1 || last == '\r' || last == '\n')) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
@ -575,8 +575,7 @@ public class X509Factory extends CertificateFactorySpi {
|
||||
|
||||
checkHeaderFooter(header.toString(), footer.toString());
|
||||
|
||||
BASE64Decoder decoder = new BASE64Decoder();
|
||||
return decoder.decodeBuffer(new String(data, 0, pos));
|
||||
return Base64.getMimeDecoder().decode(new String(data, 0, pos));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -57,7 +57,7 @@ import sun.security.tools.KeyStoreUtil;
|
||||
import sun.security.tools.PathList;
|
||||
import sun.security.x509.*;
|
||||
import sun.security.util.*;
|
||||
import sun.misc.BASE64Encoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
/**
|
||||
@ -1120,7 +1120,6 @@ public class Main {
|
||||
* different, replace the hash in the manifest with the newly
|
||||
* generated one. (This may invalidate existing signatures!)
|
||||
*/
|
||||
BASE64Encoder encoder = new JarBASE64Encoder();
|
||||
Vector<ZipEntry> mfFiles = new Vector<>();
|
||||
|
||||
boolean wasSigned = false;
|
||||
@ -1148,15 +1147,14 @@ public class Main {
|
||||
if (manifest.getAttributes(ze.getName()) != null) {
|
||||
// jar entry is contained in manifest, check and
|
||||
// possibly update its digest attributes
|
||||
if (updateDigests(ze, zipFile, digests, encoder,
|
||||
if (updateDigests(ze, zipFile, digests,
|
||||
manifest) == true) {
|
||||
mfModified = true;
|
||||
}
|
||||
} else if (!ze.isDirectory()) {
|
||||
// Add entry to manifest
|
||||
Attributes attrs = getDigestAttributes(ze, zipFile,
|
||||
digests,
|
||||
encoder);
|
||||
digests);
|
||||
mfEntries.put(ze.getName(), attrs);
|
||||
mfModified = true;
|
||||
}
|
||||
@ -1955,8 +1953,7 @@ public class Main {
|
||||
* of base64-encoded strings.
|
||||
*/
|
||||
private synchronized String[] getDigests(ZipEntry ze, ZipFile zf,
|
||||
MessageDigest[] digests,
|
||||
BASE64Encoder encoder)
|
||||
MessageDigest[] digests)
|
||||
throws IOException {
|
||||
|
||||
int n, i;
|
||||
@ -1980,7 +1977,7 @@ public class Main {
|
||||
// complete the digests
|
||||
String[] base64Digests = new String[digests.length];
|
||||
for (i=0; i<digests.length; i++) {
|
||||
base64Digests[i] = encoder.encode(digests[i].digest());
|
||||
base64Digests[i] = Base64.getEncoder().encodeToString(digests[i].digest());
|
||||
}
|
||||
return base64Digests;
|
||||
}
|
||||
@ -1990,11 +1987,10 @@ public class Main {
|
||||
* attributes
|
||||
*/
|
||||
private Attributes getDigestAttributes(ZipEntry ze, ZipFile zf,
|
||||
MessageDigest[] digests,
|
||||
BASE64Encoder encoder)
|
||||
MessageDigest[] digests)
|
||||
throws IOException {
|
||||
|
||||
String[] base64Digests = getDigests(ze, zf, digests, encoder);
|
||||
String[] base64Digests = getDigests(ze, zf, digests);
|
||||
Attributes attrs = new Attributes();
|
||||
|
||||
for (int i=0; i<digests.length; i++) {
|
||||
@ -2016,12 +2012,11 @@ public class Main {
|
||||
*/
|
||||
private boolean updateDigests(ZipEntry ze, ZipFile zf,
|
||||
MessageDigest[] digests,
|
||||
BASE64Encoder encoder,
|
||||
Manifest mf) throws IOException {
|
||||
boolean update = false;
|
||||
|
||||
Attributes attrs = mf.getAttributes(ze.getName());
|
||||
String[] base64Digests = getDigests(ze, zf, digests, encoder);
|
||||
String[] base64Digests = getDigests(ze, zf, digests);
|
||||
|
||||
for (int i=0; i<digests.length; i++) {
|
||||
// The entry name to be written into attrs
|
||||
@ -2094,19 +2089,6 @@ public class Main {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This is a BASE64Encoder that does not insert a default newline at the end of
|
||||
* every output line. This is necessary because java.util.jar does its own
|
||||
* line management (see Manifest.make72Safe()). Inserting additional new lines
|
||||
* can cause line-wrapping problems (see CR 6219522).
|
||||
*/
|
||||
class JarBASE64Encoder extends BASE64Encoder {
|
||||
/**
|
||||
* Encode the suffix that ends every output line.
|
||||
*/
|
||||
protected void encodeLineSuffix(OutputStream aStream) throws IOException { }
|
||||
}
|
||||
|
||||
class SignatureFile {
|
||||
|
||||
/** SignatureFile */
|
||||
@ -2129,7 +2111,6 @@ class SignatureFile {
|
||||
|
||||
sf = new Manifest();
|
||||
Attributes mattr = sf.getMainAttributes();
|
||||
BASE64Encoder encoder = new JarBASE64Encoder();
|
||||
|
||||
mattr.putValue(Attributes.Name.SIGNATURE_VERSION.toString(), "1.0");
|
||||
mattr.putValue("Created-By", version + " (" + javaVendor + ")");
|
||||
@ -2138,7 +2119,7 @@ class SignatureFile {
|
||||
// sign the whole manifest
|
||||
for (int i=0; i < digests.length; i++) {
|
||||
mattr.putValue(digests[i].getAlgorithm()+"-Digest-Manifest",
|
||||
encoder.encode(md.manifestDigest(digests[i])));
|
||||
Base64.getEncoder().encodeToString(md.manifestDigest(digests[i])));
|
||||
}
|
||||
}
|
||||
|
||||
@ -2149,7 +2130,7 @@ class SignatureFile {
|
||||
for (int i=0; i < digests.length; i++) {
|
||||
mattr.putValue(digests[i].getAlgorithm() +
|
||||
"-Digest-" + ManifestDigester.MF_MAIN_ATTRS,
|
||||
encoder.encode(mde.digest(digests[i])));
|
||||
Base64.getEncoder().encodeToString(mde.digest(digests[i])));
|
||||
}
|
||||
} else {
|
||||
throw new IllegalStateException
|
||||
@ -2170,7 +2151,7 @@ class SignatureFile {
|
||||
Attributes attr = new Attributes();
|
||||
for (int i=0; i < digests.length; i++) {
|
||||
attr.putValue(digests[i].getAlgorithm()+"-Digest",
|
||||
encoder.encode(mde.digest(digests[i])));
|
||||
Base64.getEncoder().encodeToString(mde.digest(digests[i])));
|
||||
}
|
||||
entries.put(name, attr);
|
||||
}
|
||||
|
||||
@ -63,7 +63,7 @@ import java.security.cert.X509CRL;
|
||||
import java.security.cert.X509CRLEntry;
|
||||
import java.security.cert.X509CRLSelector;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import sun.misc.BASE64Encoder;
|
||||
import java.util.Base64;
|
||||
import sun.security.util.ObjectIdentifier;
|
||||
import sun.security.pkcs10.PKCS10;
|
||||
import sun.security.pkcs10.PKCS10Attribute;
|
||||
@ -73,7 +73,6 @@ import sun.security.util.Password;
|
||||
import javax.crypto.KeyGenerator;
|
||||
import javax.crypto.SecretKey;
|
||||
|
||||
import sun.misc.BASE64Decoder;
|
||||
import sun.security.pkcs.PKCS9Attribute;
|
||||
import sun.security.tools.KeyStoreUtil;
|
||||
import sun.security.tools.PathList;
|
||||
@ -555,11 +554,11 @@ public final class Main {
|
||||
return cmd != PRINTCERT && cmd != PRINTCERTREQ;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Execute the commands.
|
||||
*/
|
||||
void doCommands(PrintStream out) throws Exception {
|
||||
|
||||
if (storetype == null) {
|
||||
storetype = KeyStore.getDefaultType();
|
||||
}
|
||||
@ -1189,7 +1188,7 @@ public final class Main {
|
||||
sb.append(s);
|
||||
}
|
||||
}
|
||||
byte[] rawReq = new BASE64Decoder().decodeBuffer(new String(sb));
|
||||
byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb));
|
||||
PKCS10 req = new PKCS10(rawReq);
|
||||
|
||||
info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo()));
|
||||
@ -1266,7 +1265,7 @@ public final class Main {
|
||||
crl.sign(privateKey, sigAlgName);
|
||||
if (rfc) {
|
||||
out.println("-----BEGIN X509 CRL-----");
|
||||
new BASE64Encoder().encodeBuffer(crl.getEncodedInternal(), out);
|
||||
out.println(Base64.getMimeEncoder().encodeToString(crl.getEncodedInternal()));
|
||||
out.println("-----END X509 CRL-----");
|
||||
} else {
|
||||
out.write(crl.getEncodedInternal());
|
||||
@ -2148,7 +2147,7 @@ public final class Main {
|
||||
if (rfc) {
|
||||
X509CRL xcrl = (X509CRL)crl;
|
||||
out.println("-----BEGIN X509 CRL-----");
|
||||
new BASE64Encoder().encodeBuffer(xcrl.getEncoded(), out);
|
||||
out.println(Base64.getMimeEncoder().encodeToString(xcrl.getEncoded()));
|
||||
out.println("-----END X509 CRL-----");
|
||||
} else {
|
||||
out.println(crl.toString());
|
||||
@ -2175,7 +2174,7 @@ public final class Main {
|
||||
sb.append(s);
|
||||
}
|
||||
}
|
||||
PKCS10 req = new PKCS10(new BASE64Decoder().decodeBuffer(new String(sb)));
|
||||
PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb)));
|
||||
|
||||
PublicKey pkey = req.getSubjectPublicKeyInfo();
|
||||
out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."),
|
||||
@ -2227,8 +2226,10 @@ public final class Main {
|
||||
Object[] source = {new Integer(i + 1)};
|
||||
out.println(form.format(source));
|
||||
}
|
||||
if (rfc) dumpCert(x509Cert, out);
|
||||
else printX509Cert(x509Cert, out);
|
||||
if (rfc)
|
||||
dumpCert(x509Cert, out);
|
||||
else
|
||||
printX509Cert(x509Cert, out);
|
||||
if (i < (certs.length-1)) {
|
||||
out.println();
|
||||
}
|
||||
@ -2946,9 +2947,8 @@ public final class Main {
|
||||
throws IOException, CertificateException
|
||||
{
|
||||
if (rfc) {
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
out.println(X509Factory.BEGIN_CERT);
|
||||
encoder.encodeBuffer(cert.getEncoded(), out);
|
||||
out.println(Base64.getMimeEncoder().encodeToString(cert.getEncoded()));
|
||||
out.println(X509Factory.END_CERT);
|
||||
} else {
|
||||
out.write(cert.getEncoded()); // binary
|
||||
|
||||
@ -31,7 +31,7 @@ import java.security.CodeSigner;
|
||||
import java.util.*;
|
||||
import java.util.jar.*;
|
||||
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
import sun.security.jca.Providers;
|
||||
|
||||
@ -63,7 +63,6 @@ public class ManifestEntryVerifier {
|
||||
/** the manifest hashes for the digests in use */
|
||||
ArrayList<byte[]> manifestHashes;
|
||||
|
||||
private BASE64Decoder decoder = null;
|
||||
private String name = null;
|
||||
private Manifest man;
|
||||
|
||||
@ -81,7 +80,6 @@ public class ManifestEntryVerifier {
|
||||
createdDigests = new HashMap<String, MessageDigest>(11);
|
||||
digests = new ArrayList<MessageDigest>();
|
||||
manifestHashes = new ArrayList<byte[]>();
|
||||
decoder = new BASE64Decoder();
|
||||
this.man = man;
|
||||
}
|
||||
|
||||
@ -147,7 +145,7 @@ public class ManifestEntryVerifier {
|
||||
digest.reset();
|
||||
digests.add(digest);
|
||||
manifestHashes.add(
|
||||
decoder.decodeBuffer((String)se.getValue()));
|
||||
Base64.getMimeDecoder().decode((String)se.getValue()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,7 +35,7 @@ import java.util.*;
|
||||
import java.util.jar.*;
|
||||
|
||||
import sun.security.pkcs.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
import sun.security.jca.Providers;
|
||||
|
||||
@ -220,7 +220,6 @@ public class SignatureFileVerifier {
|
||||
name);
|
||||
}
|
||||
|
||||
BASE64Decoder decoder = new BASE64Decoder();
|
||||
|
||||
CodeSigner[] newSigners = getSigners(infos, block);
|
||||
|
||||
@ -232,10 +231,10 @@ public class SignatureFileVerifier {
|
||||
sf.getEntries().entrySet().iterator();
|
||||
|
||||
// see if we can verify the whole manifest first
|
||||
boolean manifestSigned = verifyManifestHash(sf, md, decoder, manifestDigests);
|
||||
boolean manifestSigned = verifyManifestHash(sf, md, manifestDigests);
|
||||
|
||||
// verify manifest main attributes
|
||||
if (!manifestSigned && !verifyManifestMainAttrs(sf, md, decoder)) {
|
||||
if (!manifestSigned && !verifyManifestMainAttrs(sf, md)) {
|
||||
throw new SecurityException
|
||||
("Invalid signature file digest for Manifest main attributes");
|
||||
}
|
||||
@ -247,7 +246,7 @@ public class SignatureFileVerifier {
|
||||
String name = e.getKey();
|
||||
|
||||
if (manifestSigned ||
|
||||
(verifySection(e.getValue(), name, md, decoder))) {
|
||||
(verifySection(e.getValue(), name, md))) {
|
||||
|
||||
if (name.startsWith("./"))
|
||||
name = name.substring(2);
|
||||
@ -275,7 +274,6 @@ public class SignatureFileVerifier {
|
||||
*/
|
||||
private boolean verifyManifestHash(Manifest sf,
|
||||
ManifestDigester md,
|
||||
BASE64Decoder decoder,
|
||||
List<Object> manifestDigests)
|
||||
throws IOException
|
||||
{
|
||||
@ -297,7 +295,7 @@ public class SignatureFileVerifier {
|
||||
if (digest != null) {
|
||||
byte[] computedHash = md.manifestDigest(digest);
|
||||
byte[] expectedHash =
|
||||
decoder.decodeBuffer((String)se.getValue());
|
||||
Base64.getMimeDecoder().decode((String)se.getValue());
|
||||
|
||||
if (debug != null) {
|
||||
debug.println("Signature File: Manifest digest " +
|
||||
@ -320,8 +318,7 @@ public class SignatureFileVerifier {
|
||||
}
|
||||
|
||||
private boolean verifyManifestMainAttrs(Manifest sf,
|
||||
ManifestDigester md,
|
||||
BASE64Decoder decoder)
|
||||
ManifestDigester md)
|
||||
throws IOException
|
||||
{
|
||||
Attributes mattr = sf.getMainAttributes();
|
||||
@ -342,7 +339,7 @@ public class SignatureFileVerifier {
|
||||
md.get(ManifestDigester.MF_MAIN_ATTRS, false);
|
||||
byte[] computedHash = mde.digest(digest);
|
||||
byte[] expectedHash =
|
||||
decoder.decodeBuffer((String)se.getValue());
|
||||
Base64.getMimeDecoder().decode((String)se.getValue());
|
||||
|
||||
if (debug != null) {
|
||||
debug.println("Signature File: " +
|
||||
@ -387,8 +384,7 @@ public class SignatureFileVerifier {
|
||||
|
||||
private boolean verifySection(Attributes sfAttr,
|
||||
String name,
|
||||
ManifestDigester md,
|
||||
BASE64Decoder decoder)
|
||||
ManifestDigester md)
|
||||
throws IOException
|
||||
{
|
||||
boolean oneDigestVerified = false;
|
||||
@ -418,7 +414,7 @@ public class SignatureFileVerifier {
|
||||
boolean ok = false;
|
||||
|
||||
byte[] expected =
|
||||
decoder.decodeBuffer((String)se.getValue());
|
||||
Base64.getMimeDecoder().decode((String)se.getValue());
|
||||
byte[] computed;
|
||||
if (workaround) {
|
||||
computed = mde.digestWorkaround(digest);
|
||||
|
||||
@ -41,7 +41,7 @@ import java.util.*;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
|
||||
import sun.misc.HexDumpEncoder;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
import sun.security.util.*;
|
||||
import sun.security.provider.X509Factory;
|
||||
|
||||
@ -263,7 +263,6 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
|
||||
}
|
||||
if (line.equals(X509Factory.BEGIN_CERT)) {
|
||||
/* stream appears to be hex-encoded bytes */
|
||||
BASE64Decoder decoder = new BASE64Decoder();
|
||||
ByteArrayOutputStream decstream = new ByteArrayOutputStream();
|
||||
try {
|
||||
while ((line = certBufferedReader.readLine()) != null) {
|
||||
@ -271,7 +270,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
|
||||
der = new DerValue(decstream.toByteArray());
|
||||
break;
|
||||
} else {
|
||||
decstream.write(decoder.decodeBuffer(line));
|
||||
decstream.write(Base64.getMimeDecoder().decode(line));
|
||||
}
|
||||
}
|
||||
} catch (IOException ioe2) {
|
||||
|
||||
@ -30,8 +30,7 @@ import java.util.*;
|
||||
import java.security.*;
|
||||
|
||||
import sun.net.www.MessageHeader;
|
||||
import sun.misc.BASE64Encoder;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
/**
|
||||
* This is OBSOLETE. DO NOT USE THIS. Use java.util.jar.Manifest
|
||||
@ -178,7 +177,6 @@ public class Manifest {
|
||||
return;
|
||||
}
|
||||
|
||||
BASE64Encoder enc = new BASE64Encoder();
|
||||
|
||||
/* compute hashes, write over any other "Hash-Algorithms" (?) */
|
||||
for (int j = 0; j < hashes.length; ++j) {
|
||||
@ -190,7 +188,7 @@ public class Manifest {
|
||||
while ((len = is.read(tmpbuf, 0, tmpbuf.length)) != -1) {
|
||||
dig.update(tmpbuf, 0, len);
|
||||
}
|
||||
mh.set(hashes[j] + "-Digest", enc.encode(dig.digest()));
|
||||
mh.set(hashes[j] + "-Digest", Base64.getMimeEncoder().encodeToString(dig.digest()));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new JarException("Digest algorithm " + hashes[j] +
|
||||
" not available.");
|
||||
|
||||
@ -30,8 +30,8 @@ import java.util.*;
|
||||
import java.security.*;
|
||||
|
||||
import sun.net.www.MessageHeader;
|
||||
import sun.misc.BASE64Encoder;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
import sun.security.pkcs.*;
|
||||
import sun.security.x509.AlgorithmId;
|
||||
@ -305,7 +305,6 @@ public class SignatureFile {
|
||||
}
|
||||
smh.set("Name", name);
|
||||
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
try {
|
||||
for (int i = 0; i < hashes.length; ++i) {
|
||||
MessageDigest dig = getDigest(hashes[i]);
|
||||
@ -314,7 +313,7 @@ public class SignatureFile {
|
||||
mh.print(ps);
|
||||
byte[] headerBytes = baos.toByteArray();
|
||||
byte[] digest = dig.digest(headerBytes);
|
||||
smh.set(hashes[i] + "-Digest", encoder.encode(digest));
|
||||
smh.set(hashes[i] + "-Digest", Base64.getMimeEncoder().encodeToString(digest));
|
||||
}
|
||||
return smh;
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
|
||||
@ -34,7 +34,7 @@ import java.io.*;
|
||||
import javax.security.auth.kerberos.KerberosKey;
|
||||
import javax.security.auth.kerberos.KerberosPrincipal;
|
||||
import javax.security.auth.kerberos.KerberosTicket;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
public class KerberosTixDateTest {
|
||||
|
||||
@ -127,7 +127,7 @@ public class KerberosTixDateTest {
|
||||
|
||||
System.out.println("Testing against KerberosTicket from JDK6...");
|
||||
byte[] serializedBytes =
|
||||
new BASE64Decoder().decodeBuffer(serializedKerberosTix);
|
||||
Base64.getMimeDecoder().decode(serializedKerberosTix);
|
||||
checkEqualsAndHashCode(serializedBytes, t);
|
||||
|
||||
System.out.println("Testing against KerberosTicket from current rel...");
|
||||
|
||||
@ -55,6 +55,7 @@ import org.ietf.jgss.GSSCredential;
|
||||
import org.ietf.jgss.GSSManager;
|
||||
import sun.security.jgss.GSSUtil;
|
||||
import sun.security.krb5.Config;
|
||||
import java.util.Base64;
|
||||
|
||||
/**
|
||||
* Basic JGSS/krb5 test with 3 parties: client, server, backend server. Each
|
||||
@ -341,12 +342,11 @@ public class HttpNegotiateServer {
|
||||
exch.getHttpContext().getAttributes().put("GSSContext", c);
|
||||
return new com.sun.net.httpserver.Authenticator.Retry(err);
|
||||
} else { // Later requests
|
||||
byte[] token = new sun.misc.BASE64Decoder()
|
||||
.decodeBuffer(auth.split(" ")[1]);
|
||||
byte[] token = Base64.getMimeDecoder().decode(auth.split(" ")[1]);
|
||||
token = c.acceptSecContext(token, 0, token.length);
|
||||
Headers map = exch.getResponseHeaders();
|
||||
map.set (reqHdr, scheme + " " + new sun.misc.BASE64Encoder()
|
||||
.encode(token).replaceAll("\\s", ""));
|
||||
map.set (reqHdr, scheme + " " + Base64.getMimeEncoder()
|
||||
.encodeToString(token).replaceAll("\\s", ""));
|
||||
if (c.isEstablished()) {
|
||||
return new com.sun.net.httpserver.Authenticator.Success(
|
||||
new HttpPrincipal(c.getSrcName().toString(), ""));
|
||||
|
||||
@ -46,8 +46,7 @@ import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
|
||||
import java.util.Base64;
|
||||
|
||||
public class MD2InTrustAnchor {
|
||||
|
||||
@ -238,7 +237,7 @@ public class MD2InTrustAnchor {
|
||||
if (keyCertStr != null) {
|
||||
// generate the private key.
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(keySpecStr));
|
||||
Base64.getMimeDecoder().decode(keySpecStr));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -44,7 +44,7 @@ import java.security.*;
|
||||
import java.security.cert.*;
|
||||
import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
public class TrustTrustedCert {
|
||||
@ -230,7 +230,7 @@ public class TrustTrustedCert {
|
||||
|
||||
// generate the private key.
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(targetPrivateKey));
|
||||
Base64.getMimeDecoder().decode(targetPrivateKey));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -44,7 +44,7 @@ import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import java.math.BigInteger;
|
||||
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
public class BasicConstraints {
|
||||
|
||||
@ -400,11 +400,11 @@ public class BasicConstraints {
|
||||
PKCS8EncodedKeySpec priKeySpec = null;
|
||||
if (isServer) {
|
||||
priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(serverPrivateKey));
|
||||
Base64.getMimeDecoder().decode(serverPrivateKey));
|
||||
is = new ByteArrayInputStream(serverCertStr.getBytes());
|
||||
} else {
|
||||
priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(clientPrivateKey));
|
||||
Base64.getMimeDecoder().decode(clientPrivateKey));
|
||||
is = new ByteArrayInputStream(clientCertStr.getBytes());
|
||||
}
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
|
||||
@ -45,7 +45,7 @@ import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import java.math.BigInteger;
|
||||
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
public class SelfIssuedCert {
|
||||
|
||||
@ -242,7 +242,7 @@ public class SelfIssuedCert {
|
||||
if (keyCertStr != null) {
|
||||
// generate the private key.
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(keySpecStr));
|
||||
Base64.getMimeDecoder().decode(keySpecStr));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -33,6 +33,7 @@ import java.net.*;
|
||||
import javax.net.ssl.*;
|
||||
import javax.net.ServerSocketFactory;
|
||||
import sun.net.www.*;
|
||||
import java.util.Base64;
|
||||
|
||||
public class ProxyTunnelServer extends Thread {
|
||||
|
||||
@ -292,12 +293,12 @@ public class ProxyTunnelServer extends Thread {
|
||||
authInfo.trim();
|
||||
int ind = authInfo.indexOf(' ');
|
||||
String recvdUserPlusPass = authInfo.substring(ind + 1).trim();
|
||||
|
||||
// extract encoded (username:passwd
|
||||
if (userPlusPass.equals(
|
||||
new String(
|
||||
(new sun.misc.BASE64Decoder()).
|
||||
decodeBuffer(recvdUserPlusPass)
|
||||
))) {
|
||||
new String( Base64.getMimeDecoder()
|
||||
.decode(recvdUserPlusPass))))
|
||||
{
|
||||
matched = true;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
|
||||
@ -51,7 +51,7 @@ import java.security.cert.X509Certificate;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
public class SSLSocketSNISensitive {
|
||||
@ -391,7 +391,7 @@ public class SSLSocketSNISensitive {
|
||||
// generate the private key.
|
||||
String keySpecStr = keyStrs[i];
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(keySpecStr));
|
||||
Base64.getMimeDecoder().decode(keySpecStr));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -53,7 +53,7 @@ import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
public class DisabledShortRSAKeys {
|
||||
@ -244,7 +244,7 @@ public class DisabledShortRSAKeys {
|
||||
if (keyCertStr != null) {
|
||||
// generate the private key.
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(keySpecStr));
|
||||
Base64.getMimeDecoder().decode(keySpecStr));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -48,7 +48,7 @@ import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.spec.*;
|
||||
import java.security.interfaces.*;
|
||||
import sun.misc.BASE64Decoder;
|
||||
import java.util.Base64;
|
||||
|
||||
|
||||
public class ShortRSAKey512 {
|
||||
@ -229,7 +229,7 @@ public class ShortRSAKey512 {
|
||||
if (keyCertStr != null) {
|
||||
// generate the private key.
|
||||
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
|
||||
new BASE64Decoder().decodeBuffer(keySpecStr));
|
||||
Base64.getMimeDecoder().decode(keySpecStr));
|
||||
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||
RSAPrivateKey priKey =
|
||||
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||
|
||||
@ -35,6 +35,7 @@ import java.net.*;
|
||||
import javax.net.ssl.*;
|
||||
import javax.net.ServerSocketFactory;
|
||||
import sun.net.www.*;
|
||||
import java.util.Base64;
|
||||
|
||||
public class ProxyTunnelServer extends Thread {
|
||||
|
||||
@ -296,10 +297,9 @@ public class ProxyTunnelServer extends Thread {
|
||||
String recvdUserPlusPass = authInfo.substring(ind + 1).trim();
|
||||
// extract encoded (username:passwd
|
||||
if (userPlusPass.equals(
|
||||
new String(
|
||||
(new sun.misc.BASE64Decoder()).
|
||||
decodeBuffer(recvdUserPlusPass)
|
||||
))) {
|
||||
new String( Base64.getMimeDecoder()
|
||||
.decode(recvdUserPlusPass))))
|
||||
{
|
||||
matched = true;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user