Enhance toString() to return structured info, for certificate and probably more

Dr Andrew John Hughes ahughes at redhat.com
Thu Aug 25 21:01:41 UTC 2011


On 10:41 Thu 25 Aug     , Weijun Wang wrote:
> Hi All
> 
> I was talking with Xuelei on how to better display certificate info. 
> There are 3 cases we can currently think of:
> 
> 1. debug output
> 2. keytool/jarsigner output
> 3. Java plugin display
> 
> The 1st one is the most primitive one and can be a single string, the 
> 2nd is also a string but have some format and needs to localized, the 
> third is a series of Swing controls.
> 
> But the contents of all 3 are the same, and hopefully can be provided in 
> a single method. Each consumer can just display it in its own style, 
> with no need to understand Certificate fields, OIDs, etc. It's just like 
> XSLT transformation of XML files.
> 
> So what shall I do? Let toString() outputs a long string in XML or JSON?
> 

I be against that.  It goes against the usual expectation of toString output
being (fairly) human-readable.

> Or, create a new method describe() or toDescription() that returns a 
> UnmodifiableMap (based on a LinkedHashMap to preserve order)?
> 
> I prefer the latter because there is no need to parse the output, and at 
> least in the case of certificate, since a certificate contains 
> extensions, it's very easy to stuff several maps inside another one. The 
> map's keys are strings, and values can be another map or a simple data 
> object, say, primitive, string, or Date.
> 
> So this needs a new interface Descriptable. It can either be:
> 
>     interface sun.security.util.Descriptable;
>     sun.security.x509.X509CertImpl implements Descriptable;
>     sun.security.x509.Extension implements Descriptable;
> 
> or
> 
>     interface java.security.Descriptable;
>     java.security.cert.X509Certificate implements Descriptable;
>     java.security.cert.Extension implements Descriptable;
> 
> or if there are other people find it useful, it can be inside the 
> java.util package.
> 

This sounds like a good idea to me, but would there be a standard set
of keys and values?  Especially if it's going to be part of
java.security, the keys and values should be part of the
method specification.  This becomes a harder task if it's generalised
into java.util.

BTW, it should be Describable :-)

> What's your ideas? Do you also need such a method?
> 
> Thanks
> Max

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D  0698 0713 C3ED F586 2A37



More information about the security-dev mailing list