Enhance toString() to return structured info, for certificate and probably more
Dr Andrew John Hughes
ahughes at redhat.com
Thu Aug 25 21:01:41 UTC 2011
On 10:41 Thu 25 Aug , Weijun Wang wrote:
> Hi All
>
> I was talking with Xuelei on how to better display certificate info.
> There are 3 cases we can currently think of:
>
> 1. debug output
> 2. keytool/jarsigner output
> 3. Java plugin display
>
> The 1st one is the most primitive one and can be a single string, the
> 2nd is also a string but have some format and needs to localized, the
> third is a series of Swing controls.
>
> But the contents of all 3 are the same, and hopefully can be provided in
> a single method. Each consumer can just display it in its own style,
> with no need to understand Certificate fields, OIDs, etc. It's just like
> XSLT transformation of XML files.
>
> So what shall I do? Let toString() outputs a long string in XML or JSON?
>
I be against that. It goes against the usual expectation of toString output
being (fairly) human-readable.
> Or, create a new method describe() or toDescription() that returns a
> UnmodifiableMap (based on a LinkedHashMap to preserve order)?
>
> I prefer the latter because there is no need to parse the output, and at
> least in the case of certificate, since a certificate contains
> extensions, it's very easy to stuff several maps inside another one. The
> map's keys are strings, and values can be another map or a simple data
> object, say, primitive, string, or Date.
>
> So this needs a new interface Descriptable. It can either be:
>
> interface sun.security.util.Descriptable;
> sun.security.x509.X509CertImpl implements Descriptable;
> sun.security.x509.Extension implements Descriptable;
>
> or
>
> interface java.security.Descriptable;
> java.security.cert.X509Certificate implements Descriptable;
> java.security.cert.Extension implements Descriptable;
>
> or if there are other people find it useful, it can be inside the
> java.util package.
>
This sounds like a good idea to me, but would there be a standard set
of keys and values? Especially if it's going to be part of
java.security, the keys and values should be part of the
method specification. This becomes a harder task if it's generalised
into java.util.
BTW, it should be Describable :-)
> What's your ideas? Do you also need such a method?
>
> Thanks
> Max
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
More information about the security-dev
mailing list