mirror of
https://github.com/openjdk/jdk.git
synced 2026-02-28 11:10:26 +00:00
8074068: Cleanup in java.base/share/classes/sun/security/x509/
Reviewed-by: mullan, ahgross, coffeys
This commit is contained in:
Ivan Gerasimov
parent
be335f3af5
commit
3febcc8b75
@ -588,7 +588,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
|
||||
}
|
||||
|
||||
if (oidTable == null) {
|
||||
oidTable = new HashMap<>(1);
|
||||
oidTable = Collections.<String,ObjectIdentifier>emptyMap();
|
||||
}
|
||||
initOidTable = true;
|
||||
}
|
||||
|
||||
@ -29,6 +29,7 @@ import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.Collections;
|
||||
|
||||
import sun.security.util.DerOutputStream;
|
||||
import sun.security.util.DerValue;
|
||||
@ -255,11 +256,12 @@ public class CRLDistributionPointsExtension extends Extension
|
||||
*/
|
||||
public void delete(String name) throws IOException {
|
||||
if (name.equalsIgnoreCase(POINTS)) {
|
||||
distributionPoints = new ArrayList<DistributionPoint>();
|
||||
distributionPoints =
|
||||
Collections.<DistributionPoint>emptyList();
|
||||
} else {
|
||||
throw new IOException("Attribute name [" + name +
|
||||
"] not recognized by " +
|
||||
"CertAttrSet:" + extensionName + ".");
|
||||
"] not recognized by " +
|
||||
"CertAttrSet:" + extensionName + '.');
|
||||
}
|
||||
encodeThis();
|
||||
}
|
||||
|
||||
@ -157,11 +157,10 @@ implements CertAttrSet<String> {
|
||||
*/
|
||||
public BigInteger get(String name) throws IOException {
|
||||
if (name.equalsIgnoreCase(NUMBER)) {
|
||||
if (crlNumber == null) return null;
|
||||
else return crlNumber;
|
||||
return crlNumber;
|
||||
} else {
|
||||
throw new IOException("Attribute name not recognized by"
|
||||
+ " CertAttrSet:" + extensionName + ".");
|
||||
throw new IOException("Attribute name not recognized by" +
|
||||
" CertAttrSet:" + extensionName + '.');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -232,15 +232,15 @@ public class DNSName implements GeneralNameInterface {
|
||||
* @throws UnsupportedOperationException if not supported for this name type
|
||||
*/
|
||||
public int subtreeDepth() throws UnsupportedOperationException {
|
||||
String subtree=name;
|
||||
int i=1;
|
||||
// subtree depth is always at least 1
|
||||
int sum = 1;
|
||||
|
||||
/* count dots */
|
||||
for (; subtree.lastIndexOf('.') >= 0; i++) {
|
||||
subtree=subtree.substring(0,subtree.lastIndexOf('.'));
|
||||
// count dots
|
||||
for (int i = name.indexOf('.'); i >= 0; i = name.indexOf('.', i + 1)) {
|
||||
++sum;
|
||||
}
|
||||
|
||||
return i;
|
||||
return sum;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -197,7 +197,7 @@ public class EDIPartyName implements GeneralNameInterface {
|
||||
*/
|
||||
public int hashCode() {
|
||||
if (myhash == -1) {
|
||||
myhash = 37 + party.hashCode();
|
||||
myhash = 37 + (party == null ? 1 : party.hashCode());
|
||||
if (assigner != null) {
|
||||
myhash = 37 * myhash + assigner.hashCode();
|
||||
}
|
||||
|
||||
@ -189,7 +189,7 @@ public class GeneralSubtrees implements Cloneable {
|
||||
// the list: if any subsequent entry matches or widens entry n,
|
||||
// remove entry n. If any subsequent entries narrow entry n, remove
|
||||
// the subsequent entries.
|
||||
for (int i = 0; i < size(); i++) {
|
||||
for (int i = 0; i < (size() - 1); i++) {
|
||||
GeneralNameInterface current = getGeneralNameInterface(i);
|
||||
boolean remove1 = false;
|
||||
|
||||
|
||||
@ -197,8 +197,10 @@ public class IPAddressName implements GeneralNameInterface {
|
||||
|
||||
// append a mask corresponding to the num of prefix bits specified
|
||||
int prefixLen = Integer.parseInt(name.substring(slashNdx+1));
|
||||
if (prefixLen > 128)
|
||||
throw new IOException("IPv6Address prefix is longer than 128");
|
||||
if (prefixLen < 0 || prefixLen > 128) {
|
||||
throw new IOException("IPv6Address prefix length (" +
|
||||
prefixLen + ") in out of valid range [0,128]");
|
||||
}
|
||||
|
||||
// create new bit array initialized to zeros
|
||||
BitArray bitArray = new BitArray(MASKSIZE * 8);
|
||||
@ -317,7 +319,8 @@ public class IPAddressName implements GeneralNameInterface {
|
||||
if (!(obj instanceof IPAddressName))
|
||||
return false;
|
||||
|
||||
byte[] other = ((IPAddressName)obj).getBytes();
|
||||
IPAddressName otherName = (IPAddressName)obj;
|
||||
byte[] other = otherName.address;
|
||||
|
||||
if (other.length != address.length)
|
||||
return false;
|
||||
@ -326,12 +329,10 @@ public class IPAddressName implements GeneralNameInterface {
|
||||
// Two subnet addresses
|
||||
// Mask each and compare masked values
|
||||
int maskLen = address.length/2;
|
||||
byte[] maskedThis = new byte[maskLen];
|
||||
byte[] maskedOther = new byte[maskLen];
|
||||
for (int i=0; i < maskLen; i++) {
|
||||
maskedThis[i] = (byte)(address[i] & address[i+maskLen]);
|
||||
maskedOther[i] = (byte)(other[i] & other[i+maskLen]);
|
||||
if (maskedThis[i] != maskedOther[i]) {
|
||||
byte maskedThis = (byte)(address[i] & address[i+maskLen]);
|
||||
byte maskedOther = (byte)(other[i] & other[i+maskLen]);
|
||||
if (maskedThis != maskedOther) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@ -400,7 +401,8 @@ public class IPAddressName implements GeneralNameInterface {
|
||||
else if (((IPAddressName)inputName).equals(this))
|
||||
constraintType = NAME_MATCH;
|
||||
else {
|
||||
byte[] otherAddress = ((IPAddressName)inputName).getBytes();
|
||||
IPAddressName otherName = (IPAddressName)inputName;
|
||||
byte[] otherAddress = otherName.address;
|
||||
if (otherAddress.length == 4 && address.length == 4)
|
||||
// Two host addresses
|
||||
constraintType = NAME_SAME_TYPE;
|
||||
|
||||
@ -261,6 +261,7 @@ public class IssuingDistributionPointExtension extends Extension
|
||||
throw new IOException(
|
||||
"Attribute value should be of type ReasonFlags.");
|
||||
}
|
||||
revocationReasons = (ReasonFlags)obj;
|
||||
|
||||
} else if (name.equalsIgnoreCase(INDIRECT_CRL)) {
|
||||
if (!(obj instanceof Boolean)) {
|
||||
@ -290,7 +291,6 @@ public class IssuingDistributionPointExtension extends Extension
|
||||
}
|
||||
hasOnlyAttributeCerts = ((Boolean)obj).booleanValue();
|
||||
|
||||
|
||||
} else {
|
||||
throw new IOException("Attribute name [" + name +
|
||||
"] not recognized by " +
|
||||
|
||||
@ -148,7 +148,7 @@ public class KeyIdentifier {
|
||||
return true;
|
||||
if (!(other instanceof KeyIdentifier))
|
||||
return false;
|
||||
return java.util.Arrays.equals(octetString,
|
||||
((KeyIdentifier)other).getIdentifier());
|
||||
byte[] otherString = ((KeyIdentifier)other).octetString;
|
||||
return java.util.Arrays.equals(octetString, otherString);
|
||||
}
|
||||
}
|
||||
|
||||
@ -102,7 +102,7 @@ implements CertAttrSet<String> {
|
||||
public PolicyMappingsExtension() {
|
||||
extensionId = PKIXExtensions.PolicyMappings_Id;
|
||||
critical = true;
|
||||
maps = new ArrayList<CertificatePolicyMap>();
|
||||
maps = Collections.<CertificatePolicyMap>emptyList();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -33,6 +33,7 @@ import java.security.cert.CertificateExpiredException;
|
||||
import java.security.cert.CertificateNotYetValidException;
|
||||
import java.util.Date;
|
||||
import java.util.Enumeration;
|
||||
import java.util.Objects;
|
||||
|
||||
import sun.security.util.*;
|
||||
|
||||
@ -217,16 +218,17 @@ implements CertAttrSet<String> {
|
||||
*/
|
||||
public void valid(Date now)
|
||||
throws CertificateNotYetValidException, CertificateExpiredException {
|
||||
Objects.requireNonNull(now);
|
||||
/*
|
||||
* we use the internal Dates rather than the passed in Date
|
||||
* because someone could override the Date methods after()
|
||||
* and before() to do something entirely different.
|
||||
*/
|
||||
if (notBefore.after(now)) {
|
||||
if (notBefore != null && notBefore.after(now)) {
|
||||
throw new CertificateNotYetValidException("NotBefore: " +
|
||||
notBefore.toString());
|
||||
}
|
||||
if (notAfter.before(now)) {
|
||||
if (notAfter != null && notAfter.before(now)) {
|
||||
throw new CertificateExpiredException("NotAfter: " +
|
||||
notAfter.toString());
|
||||
}
|
||||
|
||||
@ -27,6 +27,8 @@ package sun.security.x509;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.StringReader;
|
||||
import java.util.Arrays;
|
||||
import java.util.StringJoiner;
|
||||
import java.util.*;
|
||||
|
||||
import sun.security.util.*;
|
||||
@ -436,31 +438,19 @@ public class RDN {
|
||||
assertion[0].toRFC2253String(oidMap);
|
||||
}
|
||||
|
||||
StringBuilder relname = new StringBuilder();
|
||||
if (!canonical) {
|
||||
for (int i = 0; i < assertion.length; i++) {
|
||||
if (i > 0) {
|
||||
relname.append('+');
|
||||
}
|
||||
relname.append(assertion[i].toRFC2253String(oidMap));
|
||||
}
|
||||
} else {
|
||||
AVA[] toOutput = assertion;
|
||||
if (canonical) {
|
||||
// order the string type AVA's alphabetically,
|
||||
// followed by the oid type AVA's numerically
|
||||
List<AVA> avaList = new ArrayList<>(assertion.length);
|
||||
for (int i = 0; i < assertion.length; i++) {
|
||||
avaList.add(assertion[i]);
|
||||
}
|
||||
java.util.Collections.sort(avaList, AVAComparator.getInstance());
|
||||
|
||||
for (int i = 0; i < avaList.size(); i++) {
|
||||
if (i > 0) {
|
||||
relname.append('+');
|
||||
}
|
||||
relname.append(avaList.get(i).toRFC2253CanonicalString());
|
||||
}
|
||||
toOutput = assertion.clone();
|
||||
Arrays.sort(toOutput, AVAComparator.getInstance());
|
||||
}
|
||||
return relname.toString();
|
||||
StringJoiner sj = new StringJoiner("+");
|
||||
for (AVA ava : toOutput) {
|
||||
sj.add(canonical ? ava.toRFC2253CanonicalString()
|
||||
: ava.toRFC2253String(oidMap));
|
||||
}
|
||||
return sj.toString();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -28,6 +28,7 @@ package sun.security.x509;
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.*;
|
||||
|
||||
import sun.security.util.DerOutputStream;
|
||||
@ -200,7 +201,8 @@ public class SubjectInfoAccessExtension extends Extension
|
||||
*/
|
||||
public void delete(String name) throws IOException {
|
||||
if (name.equalsIgnoreCase(DESCRIPTIONS)) {
|
||||
accessDescriptions = new ArrayList<AccessDescription>();
|
||||
accessDescriptions =
|
||||
Collections.<AccessDescription>emptyList();
|
||||
} else {
|
||||
throw new IOException("Attribute name [" + name +
|
||||
"] not recognized by " +
|
||||
|
||||
@ -165,7 +165,7 @@ public class URIName implements GeneralNameInterface {
|
||||
String host = uri.getSchemeSpecificPart();
|
||||
try {
|
||||
DNSName hostDNS;
|
||||
if (host.charAt(0) == '.') {
|
||||
if (host.startsWith(".")) {
|
||||
hostDNS = new DNSName(host.substring(1));
|
||||
} else {
|
||||
hostDNS = new DNSName(host);
|
||||
|
||||
@ -347,6 +347,8 @@ public class X500Name implements GeneralNameInterface, Principal {
|
||||
for (int i = 0; i < names.length; i++) {
|
||||
list.addAll(names[i].avas());
|
||||
}
|
||||
list = Collections.unmodifiableList(list);
|
||||
allAvaList = list;
|
||||
}
|
||||
return list;
|
||||
}
|
||||
@ -365,9 +367,6 @@ public class X500Name implements GeneralNameInterface, Principal {
|
||||
*/
|
||||
public boolean isEmpty() {
|
||||
int n = names.length;
|
||||
if (n == 0) {
|
||||
return true;
|
||||
}
|
||||
for (int i = 0; i < n; i++) {
|
||||
if (names[i].assertion.length != 0) {
|
||||
return false;
|
||||
@ -1103,12 +1102,8 @@ public class X500Name implements GeneralNameInterface, Principal {
|
||||
* and speed recognition of common X.500 attributes.
|
||||
*/
|
||||
static ObjectIdentifier intern(ObjectIdentifier oid) {
|
||||
ObjectIdentifier interned = internedOIDs.get(oid);
|
||||
if (interned != null) {
|
||||
return interned;
|
||||
}
|
||||
internedOIDs.put(oid, oid);
|
||||
return oid;
|
||||
ObjectIdentifier interned = internedOIDs.putIfAbsent(oid, oid);
|
||||
return (interned == null) ? oid : interned;
|
||||
}
|
||||
|
||||
private static final Map<ObjectIdentifier,ObjectIdentifier> internedOIDs
|
||||
|
||||
@ -47,7 +47,7 @@ public class X509AttributeName {
|
||||
*/
|
||||
public X509AttributeName(String name) {
|
||||
int i = name.indexOf(SEPARATOR);
|
||||
if (i == (-1)) {
|
||||
if (i < 0) {
|
||||
prefix = name;
|
||||
} else {
|
||||
prefix = name.substring(0, i);
|
||||
|
||||
@ -762,9 +762,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
|
||||
public byte[] getTBSCertList() throws CRLException {
|
||||
if (tbsCertList == null)
|
||||
throw new CRLException("Uninitialized CRL");
|
||||
byte[] dup = new byte[tbsCertList.length];
|
||||
System.arraycopy(tbsCertList, 0, dup, 0, dup.length);
|
||||
return dup;
|
||||
return tbsCertList.clone();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -775,9 +773,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
|
||||
public byte[] getSignature() {
|
||||
if (signature == null)
|
||||
return null;
|
||||
byte[] dup = new byte[signature.length];
|
||||
System.arraycopy(signature, 0, dup, 0, dup.length);
|
||||
return dup;
|
||||
return signature.clone();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -1001,9 +1001,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
|
||||
public byte[] getSignature() {
|
||||
if (signature == null)
|
||||
return null;
|
||||
byte[] dup = new byte[signature.length];
|
||||
System.arraycopy(signature, 0, dup, 0, dup.length);
|
||||
return dup;
|
||||
return signature.clone();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user