changeset in /hg/icedtea: 2007-10-09 Lillian Angel <langel at red...

Lillian Angel langel at redhat.com
Thu Oct 18 03:02:34 PDT 2007 

changeset 2dfaecb0ab7c in /hg/icedtea
details: http://icedtea.classpath.org/hg/icedtea?cmd=changeset;node=2dfaecb0ab7c
description:
	2007-10-09  Lillian Angel  <langel at redhat.com>

	        * patches/icedtea-certbundle.patch: Added in
	        CertBundleKeyStoreImpl.java implementation which was previously in our
	        jce implementation. Also, added KeyStore.CertBundle to map in this
	        patch.

diffstat:

2 files changed, 220 insertions(+)
ChangeLog                        |    7 +
patches/icedtea-certbundle.patch |  213 ++++++++++++++++++++++++++++++++++++++

diffs (234 lines):

diff -r d4c291fa5add -r 2dfaecb0ab7c ChangeLog
--- a/ChangeLog	Tue Oct 09 13:01:03 2007 +0100
+++ b/ChangeLog	Tue Oct 09 11:16:52 2007 -0400
@@ -1,3 +1,10 @@ 2007-10-08  Andrew Haley  <aph at redhat.co
+2007-10-09  Lillian Angel  <langel at redhat.com>
+
+	* patches/icedtea-certbundle.patch: Added in
+	CertBundleKeyStoreImpl.java implementation which was previously in our
+	jce implementation. Also, added KeyStore.CertBundle to map in this
+	patch.
+
 2007-10-08  Andrew Haley  <aph at redhat.com>
 
 	* patches/icedtea-memory-limits.patch: New file.
diff -r d4c291fa5add -r 2dfaecb0ab7c patches/icedtea-certbundle.patch
--- a/patches/icedtea-certbundle.patch	Tue Oct 09 13:01:03 2007 +0100
+++ b/patches/icedtea-certbundle.patch	Tue Oct 09 11:16:52 2007 -0400
@@ -22,3 +22,216 @@
  #undef malloc
  #undef getenv
  #undef EXTENSIONS_DIR
+diff -ruN openjdk.old/j2se/src/share/classes/sun/security/provider/SunEntries.java openjdk/j2se/src/share/classes/sun/security/provider/SunEntries.java
+--- openjdk.old/j2se/src/share/classes/sun/security/provider/SunEntries.java	2007-09-27 04:07:14.000000000 -0400
++++ openjdk/j2se/src/share/classes/sun/security/provider/SunEntries.java	2007-10-09 10:34:59.000000000 -0400
+@@ -178,6 +178,7 @@
+ 	map.put("KeyStore.JKS", "sun.security.provider.JavaKeyStore$JKS");
+ 	map.put("KeyStore.CaseExactJKS", 
+ 			"sun.security.provider.JavaKeyStore$CaseExactJKS");
++	map.put("KeyStore.CertBundle", "sun.security.provider.CertBundleKeyStoreImpl");
+ 
+ 	/*
+ 	 * Policy
+--- openjdk.old/j2se/src/share/classes/sun/security/provider/CertBundleKeyStoreImpl.java	1969-12-31 19:00:00.000000000 -0500
++++ openjdk/j2se/src/share/classes/sun/security/provider/CertBundleKeyStoreImpl.java	2007-10-09 11:06:30.000000000 -0400
+@@ -0,0 +1,199 @@
++/* CertBundleKeyStoreImpl.java
++   Copyright (C) 2007  Casey Marshall <csm at gnu.org>
++
++This file is part of IcedTea.
++
++IcedTea is free software; you can redistribute it and/or 
++modify it under the terms of the GNU General Public License as
++published by the Free Software Foundation, version 2.
++
++IcedTea is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with IcedTea; see the file COPYING.  If not, write to
++the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
++Boston, MA 02110-1301 USA.
++
++Linking this library statically or dynamically with other modules is
++making a combined work based on this library.  Thus, the terms and
++conditions of the GNU General Public License cover the whole
++combination.
++
++As a special exception, the copyright holders of this library give you
++permission to link this library with independent modules to produce an
++executable, regardless of the license terms of these independent
++modules, and to copy and distribute the resulting executable under
++terms of your choice, provided that you also meet, for each linked
++independent module, the terms and conditions of the license of that
++module.  An independent module is a module which is not derived from
++or based on this library.  If you modify this library, you may extend
++this exception to your version of the library, but you are not
++obligated to do so.  If you do not wish to do so, delete this
++exception statement from your version.  */
++
++
++package sun.security.provider;
++
++import java.io.BufferedReader;
++import java.io.ByteArrayInputStream;
++import java.io.ByteArrayOutputStream;
++import java.io.IOException;
++import java.io.InputStream;
++import java.io.InputStreamReader;
++import java.io.OutputStream;
++import java.io.OutputStreamWriter;
++import java.io.PrintWriter;
++import java.security.Key;
++import java.security.KeyStoreException;
++import java.security.KeyStoreSpi;
++import java.security.NoSuchAlgorithmException;
++import java.security.UnrecoverableKeyException;
++import java.security.cert.Certificate;
++import java.security.cert.CertificateException;
++import java.security.cert.CertificateFactory;
++import java.util.Date;
++import java.util.Enumeration;
++import java.util.HashMap;
++import java.util.Map;
++import java.util.Vector;
++
++/**
++ * A key store implementation for "certificate bundle" files, commonly used
++ * on many free operating systems. Certificate bundles are plain text files
++ * containing one or more "PEM" encoded X.509 certificates, which comprise
++ * a list of trusted root certificates.
++ * 
++ * This class implements a read-only key store that reads in one or more
++ * certificate bundles, storing all certificates successfully read. Calling
++ * load multiple times will add certificates to the store.
++ * 
++ * @author Casey Marshall (csm at gnu.org)
++ */
++public class CertBundleKeyStoreImpl extends KeyStoreSpi
++{
++  private int x = 0;
++  private Map<String, Certificate> certs = new HashMap<String, Certificate>();
++
++  @Override public Enumeration<String> engineAliases()
++  {
++    return new Vector<String>(certs.keySet()).elements();
++  }
++
++  @Override public boolean engineContainsAlias(String alias)
++  {
++    return certs.containsKey(alias);
++  }
++
++  @Override public void engineDeleteEntry(String alias) throws KeyStoreException
++  {
++    certs.remove(alias);
++  }
++
++  @Override public Certificate engineGetCertificate(String alias)
++  {
++    return certs.get(alias);
++  }
++
++  @Override public String engineGetCertificateAlias(Certificate cert)
++  {
++    for (Map.Entry<String, Certificate> e : certs.entrySet())
++      {
++        if (e.getValue().equals(cert))
++          return e.getKey();
++      }
++    return null;
++  }
++
++  @Override public Certificate[] engineGetCertificateChain(String arg0)
++  {
++    return null;
++  }
++
++  @Override public Date engineGetCreationDate(String alias)
++  {
++    return new Date(0);
++  }
++
++  @Override public Key engineGetKey(String arg0, char[] arg1)
++    throws NoSuchAlgorithmException, UnrecoverableKeyException
++  {
++    return null;
++  }
++
++  @Override public boolean engineIsCertificateEntry(String alias)
++  {
++    return certs.containsKey(alias);
++  }
++
++  @Override public boolean engineIsKeyEntry(String arg0)
++  {
++    return false;
++  }
++
++  @Override public void engineLoad(InputStream in, char[] arg1)
++    throws IOException, NoSuchAlgorithmException, CertificateException
++  {
++    CertificateFactory cf = CertificateFactory.getInstance("X.509");
++    ByteArrayOutputStream bout = new ByteArrayOutputStream();
++    PrintWriter out = new PrintWriter(new OutputStreamWriter(bout));
++    BufferedReader rin = new BufferedReader(new InputStreamReader(in));
++    String line;
++    boolean push = false;
++    while ((line = rin.readLine()) != null)
++      {
++        if (line.equals("-----BEGIN CERTIFICATE-----"))
++          {
++            push = true;
++            out.println(line);
++          }
++        else if (push)
++          {
++            out.println(line);
++            if (line.equals("-----END CERTIFICATE-----"))
++              {
++                push = false;
++		out.flush();
++		byte[] bytes = bout.toByteArray();
++                Certificate cert = cf.generateCertificate(new ByteArrayInputStream(bytes));
++                bout.reset();
++                String alias = "cert-" + (x++);
++                certs.put(alias, cert);
++              }
++          }
++      }
++  }
++
++  @Override public void engineSetCertificateEntry(String alias, Certificate cert)
++    throws KeyStoreException
++  {
++    certs.put(alias, cert);
++  }
++
++  @Override public void engineSetKeyEntry(String arg0, byte[] arg1,
++                                          Certificate[] arg2)
++    throws KeyStoreException
++  {
++    throw new KeyStoreException("not supported");
++  }
++
++  @Override public void engineSetKeyEntry(String arg0, Key arg1, char[] arg2,
++                                          Certificate[] arg3)
++    throws KeyStoreException
++  {
++    throw new KeyStoreException("not supported");
++  }
++
++  @Override public int engineSize()
++  {
++    return certs.size();
++  }
++
++  @Override public void engineStore(OutputStream arg0, char[] arg1)
++    throws IOException, NoSuchAlgorithmException, CertificateException
++  {
++    throw new UnsupportedOperationException("read-only key stores");
++  }
++}

More information about the distro-pkg-dev mailing list