Use versioned bouncycastle dependencies
Mattias Ellert
10 years ago
0 | jglobus (2.0.6-2) unstable; urgency=low | |
1 | ||
2 | * Use versioned bouncycastle dependencies | |
3 | ||
4 | -- Mattias Ellert <mattias.ellert@fysast.uu.se> Mon, 19 Aug 2013 09:52:58 +0200 | |
5 | ||
0 | 6 | jglobus (2.0.6-1) unstable; urgency=low |
1 | 7 | |
2 | 8 | * Version 2.0.6 final release |
3 | * Backport bouncycastle 1.49 adaptation from upsream git (Closes: #713200) | |
9 | * Backport bouncycastle 1.47 adaptation from upsream git (Closes: #713200) | |
4 | 10 | |
5 | 11 | -- Mattias Ellert <mattias.ellert@fysast.uu.se> Wed, 14 Aug 2013 20:01:52 +0200 |
6 | 12 |
0 | 0 | Source: jglobus |
1 | 1 | Priority: optional |
2 | 2 | Maintainer: Mattias Ellert <mattias.ellert@fysast.uu.se> |
3 | Build-Depends: debhelper (>> 5), maven-debian-helper, maven-repo-helper, libmaven-compiler-plugin-java, libmaven-clean-plugin-java, libmaven-dependency-plugin-java, libmaven-enforcer-plugin-java, libmaven-install-plugin-java, libmaven-jar-plugin-java, libmaven-javadoc-plugin-java, libmaven-resources-plugin-java, libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java, liblog4j1.2-java, libtomcat6-java, libhttpclient-java, libaxis-java, libservlet2.5-java, junit4 | |
3 | Build-Depends: debhelper (>> 5), maven-debian-helper, maven-repo-helper, libmaven-compiler-plugin-java, libmaven-clean-plugin-java, libmaven-dependency-plugin-java, libmaven-enforcer-plugin-java, libmaven-install-plugin-java, libmaven-jar-plugin-java, libmaven-javadoc-plugin-java, libmaven-resources-plugin-java, libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, libtomcat6-java, libhttpclient-java, libaxis-java, libservlet2.5-java, junit4 | |
4 | 4 | Standards-Version: 3.9.4 |
5 | 5 | Section: java |
6 | 6 | Homepage: http://github.com/jglobus/ |
15 | 15 | Package: libjglobus-ssl-proxies-java |
16 | 16 | Section: java |
17 | 17 | Architecture: all |
18 | Depends: libjglobus-parent-java (= ${binary:Version}), libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java, liblog4j1.2-java, ${misc:Depends} | |
18 | Depends: libjglobus-parent-java (= ${binary:Version}), libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, ${misc:Depends} | |
19 | 19 | Description: Globus Java - SSL and proxy certificate support |
20 | 20 | Globus Java library with SSL and proxy certificate support |
21 | 21 |
0 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java | |
1 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:43:31.807764457 +0200 | |
2 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:44:40.963763748 +0200 | |
3 | @@ -14,6 +14,7 @@ | |
4 | */ | |
5 | package org.globus.gsi.bc; | |
6 | ||
7 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
8 | import org.globus.gsi.util.CertificateLoadUtil; | |
9 | import org.globus.gsi.util.ProxyCertificateUtil; | |
10 | ||
11 | @@ -48,13 +49,13 @@ | |
12 | import org.bouncycastle.jce.PKCS10CertificationRequest; | |
13 | import org.bouncycastle.jce.provider.X509CertificateObject; | |
14 | import org.bouncycastle.asn1.DERSet; | |
15 | -import org.bouncycastle.asn1.DERObject; | |
16 | import org.bouncycastle.asn1.DERBitString; | |
17 | import org.bouncycastle.asn1.x509.X509Name; | |
18 | +import org.bouncycastle.asn1.ASN1Primitive; | |
19 | import org.bouncycastle.asn1.ASN1InputStream; | |
20 | import org.bouncycastle.asn1.ASN1Sequence; | |
21 | +import org.bouncycastle.asn1.x509.Certificate; | |
22 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
23 | -import org.bouncycastle.asn1.x509.X509CertificateStructure; | |
24 | import org.bouncycastle.asn1.x509.X509Extensions; | |
25 | import org.bouncycastle.asn1.x509.X509Extension; | |
26 | import org.bouncycastle.asn1.x509.KeyUsage; | |
27 | @@ -149,7 +150,7 @@ | |
28 | throws IOException, GeneralSecurityException { | |
29 | ||
30 | ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); | |
31 | - DERObject reqInfo = derin.readObject(); | |
32 | + ASN1Primitive reqInfo = derin.readObject(); | |
33 | PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); | |
34 | ||
35 | boolean rs = certReq.verify(); | |
36 | @@ -413,11 +414,11 @@ | |
37 | X509Extension ext; | |
38 | ||
39 | // handle key usage ext | |
40 | - ext = extensions.getExtension(X509Extensions.KeyUsage); | |
41 | + ext = extensions.getExtension(X509Extension.keyUsage); | |
42 | if (ext != null) { | |
43 | ||
44 | // TBD: handle this better | |
45 | - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { | |
46 | + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { | |
47 | String err = i18n.getMessage("keyUsageExt"); | |
48 | throw new GeneralSecurityException(err); | |
49 | } | |
50 | @@ -437,7 +438,7 @@ | |
51 | ||
52 | bits = new DERBitString(bytes, bits.getPadBits()); | |
53 | ||
54 | - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); | |
55 | + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); | |
56 | } | |
57 | } | |
58 | ||
59 | @@ -481,7 +482,7 @@ | |
60 | X509NameHelper issuer = new X509NameHelper(issuerDN); | |
61 | ||
62 | X509NameHelper subject = new X509NameHelper(issuerDN); | |
63 | - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); | |
64 | + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); | |
65 | ||
66 | certGen.setSubjectDN(subject.getAsName()); | |
67 | certGen.setIssuerDN(issuer.getAsName()); | |
68 | @@ -572,7 +573,7 @@ | |
69 | String cnValue) throws IOException, GeneralSecurityException { | |
70 | ||
71 | ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); | |
72 | - DERObject reqInfo = derin.readObject(); | |
73 | + ASN1Primitive reqInfo = derin.readObject(); | |
74 | PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); | |
75 | ||
76 | boolean rs = certReq.verify(); | |
77 | @@ -831,11 +832,11 @@ | |
78 | X509Extension ext; | |
79 | ||
80 | // handle key usage ext | |
81 | - ext = extensions.getExtension(X509Extensions.KeyUsage); | |
82 | + ext = extensions.getExtension(X509Extension.keyUsage); | |
83 | if (ext != null) { | |
84 | ||
85 | // TBD: handle this better | |
86 | - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { | |
87 | + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { | |
88 | String err = i18n.getMessage("keyUsageExt"); | |
89 | throw new GeneralSecurityException(err); | |
90 | } | |
91 | @@ -855,7 +856,7 @@ | |
92 | ||
93 | bits = new DERBitString(bytes, bits.getPadBits()); | |
94 | ||
95 | - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); | |
96 | + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); | |
97 | } | |
98 | } | |
99 | ||
100 | @@ -897,7 +898,7 @@ | |
101 | } | |
102 | X509NameHelper issuer = new X509NameHelper(issuerDN); | |
103 | X509NameHelper subject = new X509NameHelper(issuerDN); | |
104 | - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); | |
105 | + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); | |
106 | ||
107 | certGen.setSubjectDN(subject.getAsName()); | |
108 | certGen.setIssuerDN(issuer.getAsName()); | |
109 | @@ -936,9 +937,9 @@ | |
110 | */ | |
111 | public X509Certificate loadCertificate(InputStream in) throws IOException, GeneralSecurityException { | |
112 | ASN1InputStream derin = new ASN1InputStream(in); | |
113 | - DERObject certInfo = derin.readObject(); | |
114 | + ASN1Primitive certInfo = derin.readObject(); | |
115 | ASN1Sequence seq = ASN1Sequence.getInstance(certInfo); | |
116 | - return new X509CertificateObject(new X509CertificateStructure(seq)); | |
117 | + return new X509CertificateObject(Certificate.getInstance(seq)); | |
118 | } | |
119 | ||
120 | /** | |
121 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java | |
122 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-13 05:53:37.000000000 +0200 | |
123 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-14 22:44:40.963763748 +0200 | |
124 | @@ -28,8 +28,8 @@ | |
125 | import java.security.interfaces.RSAPrivateCrtKey; | |
126 | import java.security.spec.PKCS8EncodedKeySpec; | |
127 | import org.bouncycastle.asn1.ASN1InputStream; | |
128 | +import org.bouncycastle.asn1.ASN1Primitive; | |
129 | import org.bouncycastle.asn1.ASN1Sequence; | |
130 | -import org.bouncycastle.asn1.DERObject; | |
131 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
132 | import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; | |
133 | import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; | |
134 | @@ -121,12 +121,12 @@ | |
135 | } | |
136 | ByteArrayInputStream bis = new ByteArrayInputStream(data); | |
137 | ASN1InputStream derin = new ASN1InputStream(bis); | |
138 | - DERObject keyInfo = derin.readObject(); | |
139 | + ASN1Primitive keyInfo = derin.readObject(); | |
140 | ||
141 | DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; | |
142 | AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); | |
143 | PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); | |
144 | - DERObject derkey = pkeyinfo.getDERObject(); | |
145 | + ASN1Primitive derkey = pkeyinfo.toASN1Primitive(); | |
146 | byte[] keyData = BouncyCastleUtil.toByteArray(derkey); | |
147 | // The DER object needs to be mangled to | |
148 | // create a proper ProvateKeyInfo object | |
149 | @@ -150,10 +150,10 @@ | |
150 | && (format.equalsIgnoreCase("PKCS#8") || format | |
151 | .equalsIgnoreCase("PKCS8"))) { | |
152 | try { | |
153 | - DERObject keyInfo = BouncyCastleUtil.toDERObject(key | |
154 | + ASN1Primitive keyInfo = BouncyCastleUtil.toASN1Primitive(key | |
155 | .getEncoded()); | |
156 | PrivateKeyInfo pkey = new PrivateKeyInfo((ASN1Sequence) keyInfo); | |
157 | - DERObject derKey = pkey.getPrivateKey(); | |
158 | + ASN1Primitive derKey = pkey.getPrivateKey(); | |
159 | return BouncyCastleUtil.toByteArray(derKey); | |
160 | } catch (IOException e) { | |
161 | // that should never happen | |
162 | @@ -169,7 +169,7 @@ | |
163 | .getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), | |
164 | pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey | |
165 | .getCrtCoefficient()); | |
166 | - DERObject ob = st.getDERObject(); | |
167 | + ASN1Primitive ob = st.toASN1Primitive(); | |
168 | ||
169 | try { | |
170 | return BouncyCastleUtil.toByteArray(ob); | |
171 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java | |
172 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-13 05:53:37.000000000 +0200 | |
173 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-14 22:44:40.963763748 +0200 | |
174 | @@ -30,16 +30,15 @@ | |
175 | ||
176 | import org.bouncycastle.asn1.ASN1InputStream; | |
177 | import org.bouncycastle.asn1.ASN1OctetString; | |
178 | +import org.bouncycastle.asn1.ASN1Primitive; | |
179 | import org.bouncycastle.asn1.ASN1Sequence; | |
180 | import org.bouncycastle.asn1.ASN1Set; | |
181 | +import org.bouncycastle.asn1.ASN1String; | |
182 | import org.bouncycastle.asn1.DERBitString; | |
183 | -import org.bouncycastle.asn1.DERBoolean; | |
184 | -import org.bouncycastle.asn1.DEREncodable; | |
185 | -import org.bouncycastle.asn1.DERInteger; | |
186 | -import org.bouncycastle.asn1.DERObject; | |
187 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
188 | import org.bouncycastle.asn1.DEROutputStream; | |
189 | -import org.bouncycastle.asn1.DERString; | |
190 | +import org.bouncycastle.asn1.x500.X500Name; | |
191 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
192 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
193 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
194 | import org.bouncycastle.asn1.x509.X509Extension; | |
195 | @@ -76,7 +75,7 @@ | |
196 | * @return the DER-encoded byte array | |
197 | * @exception IOException if conversion fails | |
198 | */ | |
199 | - public static byte[] toByteArray(DERObject obj) | |
200 | + public static byte[] toByteArray(ASN1Primitive obj) | |
201 | throws IOException { | |
202 | ByteArrayOutputStream bout = new ByteArrayOutputStream(); | |
203 | DEROutputStream der = new DEROutputStream(bout); | |
204 | @@ -92,7 +91,7 @@ | |
205 | * @return the DERObject. | |
206 | * @exception IOException if conversion fails | |
207 | */ | |
208 | - public static DERObject toDERObject(byte[] data) | |
209 | + public static ASN1Primitive toASN1Primitive(byte[] data) | |
210 | throws IOException { | |
211 | ByteArrayInputStream inStream = new ByteArrayInputStream(data); | |
212 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
213 | @@ -108,9 +107,9 @@ | |
214 | * @return a copy of the DERObject. | |
215 | * @exception IOException if replication fails | |
216 | */ | |
217 | - public static DERObject duplicate(DERObject obj) | |
218 | + public static ASN1Primitive duplicate(ASN1Primitive obj) | |
219 | throws IOException { | |
220 | - return toDERObject(toByteArray(obj)); | |
221 | + return toASN1Primitive(toByteArray(obj)); | |
222 | } | |
223 | ||
224 | /** | |
225 | @@ -123,7 +122,7 @@ | |
226 | */ | |
227 | public static TBSCertificateStructure getTBSCertificateStructure(X509Certificate cert) | |
228 | throws CertificateEncodingException, IOException { | |
229 | - DERObject obj = BouncyCastleUtil.toDERObject(cert.getTBSCertificate()); | |
230 | + ASN1Primitive obj = BouncyCastleUtil.toASN1Primitive(cert.getTBSCertificate()); | |
231 | return TBSCertificateStructure.getInstance(obj); | |
232 | } | |
233 | ||
234 | @@ -133,9 +132,9 @@ | |
235 | * @param ext the certificate extension to extract the value from. | |
236 | * @exception IOException if extraction fails. | |
237 | */ | |
238 | - public static DERObject getExtensionObject(X509Extension ext) | |
239 | + public static ASN1Primitive getExtensionObject(X509Extension ext) | |
240 | throws IOException { | |
241 | - return toDERObject(ext.getValue().getOctets()); | |
242 | + return toASN1Primitive(ext.getValue().getOctets()); | |
243 | } | |
244 | ||
245 | /** | |
246 | @@ -295,9 +294,9 @@ | |
247 | X509Extension ext = null; | |
248 | ||
249 | if (extensions != null) { | |
250 | - ext = extensions.getExtension(X509Extensions.BasicConstraints); | |
251 | + ext = extensions.getExtension(X509Extension.basicConstraints); | |
252 | if (ext != null) { | |
253 | - BasicConstraints basicExt = getBasicConstraints(ext); | |
254 | + BasicConstraints basicExt = BasicConstraints.getInstance(ext); | |
255 | if (basicExt.isCA()) { | |
256 | return GSIConstants.CertificateType.CA; | |
257 | } | |
258 | @@ -307,12 +306,12 @@ | |
259 | GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; | |
260 | ||
261 | // does not handle multiple AVAs | |
262 | - X509Name subject = crt.getSubject(); | |
263 | + X500Name subject = crt.getSubject(); | |
264 | ||
265 | ASN1Set entry = X509NameHelper.getLastNameEntry(subject); | |
266 | ASN1Sequence ava = (ASN1Sequence)entry.getObjectAt(0); | |
267 | - if (X509Name.CN.equals(ava.getObjectAt(0))) { | |
268 | - String value = ((DERString)ava.getObjectAt(1)).getString(); | |
269 | + if (BCStyle.CN.equals(ava.getObjectAt(0))) { | |
270 | + String value = ((ASN1String)ava.getObjectAt(1)).getString(); | |
271 | if (value.equalsIgnoreCase("proxy")) { | |
272 | type = GSIConstants.CertificateType.GSI_2_PROXY; | |
273 | } else if (value.equalsIgnoreCase("limited proxy")) { | |
274 | @@ -370,7 +369,7 @@ | |
275 | X509NameHelper iss = new X509NameHelper(crt.getIssuer()); | |
276 | iss.add((ASN1Set)BouncyCastleUtil.duplicate(entry)); | |
277 | X509Name issuer = iss.getAsName(); | |
278 | - if (!issuer.equals(subject)) { | |
279 | + if (!issuer.equals(X509Name.getInstance(subject))) { | |
280 | String err = i18n.getMessage("proxyDNErr"); | |
281 | throw new CertificateException(err); | |
282 | } | |
283 | @@ -404,36 +403,6 @@ | |
284 | } | |
285 | ||
286 | /** | |
287 | - * Creates a <code>BasicConstraints</code> object from given | |
288 | - * extension. | |
289 | - * | |
290 | - * @param ext the extension. | |
291 | - * @return the <code>BasicConstraints</code> object. | |
292 | - * @exception IOException if something fails. | |
293 | - */ | |
294 | - public static BasicConstraints getBasicConstraints(X509Extension ext) | |
295 | - throws IOException { | |
296 | - DERObject obj = BouncyCastleUtil.getExtensionObject(ext); | |
297 | - if (obj instanceof ASN1Sequence) { | |
298 | - ASN1Sequence seq = (ASN1Sequence)obj; | |
299 | - int size = seq.size(); | |
300 | - if (size == 0) { | |
301 | - return new BasicConstraints(false); | |
302 | - } else if (size == 1) { | |
303 | - DEREncodable value = seq.getObjectAt(0); | |
304 | - if (value instanceof DERInteger) { | |
305 | - int length = ((DERInteger)value).getValue().intValue(); | |
306 | - return new BasicConstraints(false, length); | |
307 | - } else if (value instanceof DERBoolean) { | |
308 | - boolean ca = ((DERBoolean)value).isTrue(); | |
309 | - return new BasicConstraints(ca); | |
310 | - } | |
311 | - } | |
312 | - } | |
313 | - return BasicConstraints.getInstance(obj); | |
314 | - } | |
315 | - | |
316 | - /** | |
317 | * Creates a <code>ProxyCertInfo</code> object from given | |
318 | * extension. | |
319 | * | |
320 | @@ -531,7 +500,7 @@ | |
321 | throws IOException { | |
322 | ByteArrayInputStream inStream = new ByteArrayInputStream(certExtValue); | |
323 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
324 | - DERObject object = derInputStream.readObject(); | |
325 | + ASN1Primitive object = derInputStream.readObject(); | |
326 | if (object instanceof ASN1OctetString) { | |
327 | return ((ASN1OctetString)object).getOctets(); | |
328 | } else { | |
329 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java | |
330 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-13 05:53:37.000000000 +0200 | |
331 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-14 22:44:40.963763748 +0200 | |
332 | @@ -16,7 +16,7 @@ | |
333 | ||
334 | import java.io.IOException; | |
335 | ||
336 | -import org.bouncycastle.asn1.DEREncodable; | |
337 | +import org.bouncycastle.asn1.ASN1Encodable; | |
338 | ||
339 | import org.globus.gsi.X509Extension; | |
340 | ||
341 | @@ -36,22 +36,22 @@ | |
342 | this(oid, false, null); | |
343 | } | |
344 | ||
345 | - public BouncyCastleX509Extension(String oid, DEREncodable value) { | |
346 | + public BouncyCastleX509Extension(String oid, ASN1Encodable value) { | |
347 | this(oid, false, value); | |
348 | } | |
349 | ||
350 | public BouncyCastleX509Extension(String oid, boolean critical, | |
351 | - DEREncodable value) { | |
352 | + ASN1Encodable value) { | |
353 | super(oid, critical, null); | |
354 | setValue(value); | |
355 | } | |
356 | ||
357 | - protected void setValue(DEREncodable value) { | |
358 | + protected void setValue(ASN1Encodable value) { | |
359 | if (value == null) { | |
360 | return; | |
361 | } | |
362 | try { | |
363 | - setValue(BouncyCastleUtil.toByteArray(value.getDERObject())); | |
364 | + setValue(BouncyCastleUtil.toByteArray(value.toASN1Primitive())); | |
365 | } catch (IOException e) { | |
366 | throw new RuntimeException(i18n.getMessage("byteArrayErr") + | |
367 | e.getMessage()); | |
368 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java | |
369 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-13 05:53:37.000000000 +0200 | |
370 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-14 22:44:40.963763748 +0200 | |
371 | @@ -21,11 +21,13 @@ | |
372 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
373 | import org.bouncycastle.asn1.ASN1Sequence; | |
374 | import org.bouncycastle.asn1.ASN1Set; | |
375 | +import org.bouncycastle.asn1.ASN1String; | |
376 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
377 | import org.bouncycastle.asn1.DERPrintableString; | |
378 | import org.bouncycastle.asn1.DERSequence; | |
379 | import org.bouncycastle.asn1.DERSet; | |
380 | -import org.bouncycastle.asn1.DERString; | |
381 | +import org.bouncycastle.asn1.x500.RDN; | |
382 | +import org.bouncycastle.asn1.x500.X500Name; | |
383 | import org.bouncycastle.asn1.x509.X509Name; | |
384 | ||
385 | /** | |
386 | @@ -45,6 +47,21 @@ | |
387 | } | |
388 | ||
389 | /** | |
390 | + * Creates an instance using existing {@link X500Name X500Name} | |
391 | + * object. | |
392 | + * This behaves like a copy constructor. | |
393 | + * | |
394 | + * @param name existing <code>X500Name</code> | |
395 | + */ | |
396 | + public X509NameHelper(X500Name name) { | |
397 | + try { | |
398 | + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); | |
399 | + } catch (IOException e) { | |
400 | + throw new RuntimeException(e.getMessage()); | |
401 | + } | |
402 | + } | |
403 | + | |
404 | + /** | |
405 | * Creates an instance using existing {@link X509Name X509Name} | |
406 | * object. | |
407 | * This behaves like a copy constructor. | |
408 | @@ -53,7 +70,7 @@ | |
409 | */ | |
410 | public X509NameHelper(X509Name name) { | |
411 | try { | |
412 | - this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.getDERObject()); | |
413 | + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); | |
414 | } catch (IOException e) { | |
415 | throw new RuntimeException(e.getMessage()); | |
416 | } | |
417 | @@ -72,8 +89,8 @@ | |
418 | * Appends the specified OID and value pair name component to the end of the | |
419 | * current name. | |
420 | * | |
421 | - * @param oid the name component oid, e.g. {@link X509Name#CN | |
422 | - * X509Name.CN} | |
423 | + * @param oid the name component oid, e.g. {@link org.bouncycastle.asn1.x500.style.BCStyle#CN | |
424 | + * BCStyle.CN} | |
425 | * @param value the value (e.g. "proxy") | |
426 | */ | |
427 | public void add( | |
428 | @@ -125,10 +142,10 @@ | |
429 | * | |
430 | * @return the last name component. Null if there is none. | |
431 | */ | |
432 | - public static ASN1Set getLastNameEntry(X509Name name) { | |
433 | - ASN1Sequence seq = (ASN1Sequence) name.getDERObject(); | |
434 | - int size = seq.size(); | |
435 | - return (size > 0) ? (ASN1Set) seq.getObjectAt(size - 1) : null; | |
436 | + public static ASN1Set getLastNameEntry(X500Name name) { | |
437 | + RDN[] rdns = name.getRDNs(); | |
438 | + int size = rdns.length; | |
439 | + return (size > 0) ? (ASN1Set) rdns[size - 1].toASN1Primitive() : null; | |
440 | } | |
441 | ||
442 | /** | |
443 | @@ -142,7 +159,7 @@ | |
444 | if (name == null) { | |
445 | return null; | |
446 | } | |
447 | - return toString((ASN1Sequence)name.getDERObject()); | |
448 | + return toString((ASN1Sequence)name.toASN1Primitive()); | |
449 | } | |
450 | ||
451 | private static String toString(ASN1Sequence seq) { | |
452 | @@ -159,14 +176,14 @@ | |
453 | while (ee.hasMoreElements()) { | |
454 | ASN1Sequence s = (ASN1Sequence)ee.nextElement(); | |
455 | DERObjectIdentifier oid = (DERObjectIdentifier)s.getObjectAt(0); | |
456 | - String sym = (String)X509Name.OIDLookUp.get(oid); | |
457 | + String sym = (String)X509Name.DefaultSymbols.get(oid); | |
458 | if (sym == null) { | |
459 | buf.append(oid.getId()); | |
460 | } else { | |
461 | buf.append(sym); | |
462 | } | |
463 | buf.append('='); | |
464 | - buf.append(((DERString)s.getObjectAt(1)).getString()); | |
465 | + buf.append(((ASN1String)s.getObjectAt(1)).getString()); | |
466 | if (ee.hasMoreElements()) { | |
467 | buf.append('+'); | |
468 | } | |
469 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java | |
470 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-13 05:53:37.000000000 +0200 | |
471 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-14 22:44:40.967763533 +0200 | |
472 | @@ -20,11 +20,11 @@ | |
473 | ||
474 | import java.io.IOException; | |
475 | ||
476 | +import org.bouncycastle.asn1.ASN1Encodable; | |
477 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
478 | +import org.bouncycastle.asn1.ASN1Primitive; | |
479 | import org.bouncycastle.asn1.ASN1Sequence; | |
480 | -import org.bouncycastle.asn1.DEREncodable; | |
481 | import org.bouncycastle.asn1.DERInteger; | |
482 | -import org.bouncycastle.asn1.DERObject; | |
483 | import org.bouncycastle.asn1.DERSequence; | |
484 | ||
485 | /** | |
486 | @@ -34,7 +34,7 @@ | |
487 | * ProxyCertInfo ::= SEQUENCE { pCPathLenConstraint INTEGER (0..MAX) OPTIONAL, proxyPolicy ProxyPolicy } | |
488 | * </PRE> | |
489 | */ | |
490 | -public class ProxyCertInfo implements DEREncodable { | |
491 | +public class ProxyCertInfo implements ASN1Encodable { | |
492 | ||
493 | /** ProxyCertInfo extension OID */ | |
494 | public static final DERObjectIdentifier OID | |
495 | @@ -111,9 +111,9 @@ | |
496 | } else if (obj instanceof ASN1Sequence) { | |
497 | return new ProxyCertInfo((ASN1Sequence) obj); | |
498 | } else if (obj instanceof byte[]) { | |
499 | - DERObject derObj; | |
500 | + ASN1Primitive derObj; | |
501 | try { | |
502 | - derObj = CertificateUtil.toDERObject((byte[]) obj); | |
503 | + derObj = CertificateUtil.toASN1Primitive((byte[]) obj); | |
504 | } catch (IOException e) { | |
505 | throw new IllegalArgumentException(e.getMessage(), e); | |
506 | } | |
507 | @@ -129,14 +129,14 @@ | |
508 | * | |
509 | * @return <code>DERObject</code> the encoded representation of the extension. | |
510 | */ | |
511 | - public DERObject getDERObject() { | |
512 | + public ASN1Primitive toASN1Primitive() { | |
513 | ASN1EncodableVector vec = new ASN1EncodableVector(); | |
514 | ||
515 | if (this.pathLenConstraint != null) { | |
516 | vec.add(this.pathLenConstraint); | |
517 | } | |
518 | ||
519 | - vec.add(this.proxyPolicy.getDERObject()); | |
520 | + vec.add(this.proxyPolicy.toASN1Primitive()); | |
521 | ||
522 | return new DERSequence(vec); | |
523 | } | |
524 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java | |
525 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-13 05:53:37.000000000 +0200 | |
526 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-14 22:44:40.967763533 +0200 | |
527 | @@ -14,10 +14,10 @@ | |
528 | */ | |
529 | package org.globus.gsi.proxy.ext; | |
530 | ||
531 | +import org.bouncycastle.asn1.ASN1Encodable; | |
532 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
533 | +import org.bouncycastle.asn1.ASN1Primitive; | |
534 | import org.bouncycastle.asn1.ASN1Sequence; | |
535 | -import org.bouncycastle.asn1.DEREncodable; | |
536 | -import org.bouncycastle.asn1.DERObject; | |
537 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
538 | import org.bouncycastle.asn1.DEROctetString; | |
539 | import org.bouncycastle.asn1.DERSequence; | |
540 | @@ -27,7 +27,7 @@ | |
541 | * Represents the policy part of the ProxyCertInfo extension. <BR> <PRE> | |
542 | * ProxyPolicy ::= SEQUENCE { policyLanguage OBJECT IDENTIFIER, policy OCTET STRING OPTIONAL } </PRE> | |
543 | */ | |
544 | -public class ProxyPolicy implements DEREncodable { | |
545 | +public class ProxyPolicy implements ASN1Encodable { | |
546 | ||
547 | /** | |
548 | * Impersonation proxy OID | |
549 | @@ -58,7 +58,7 @@ | |
550 | } | |
551 | this.policyLanguage = (DERObjectIdentifier) seq.getObjectAt(0); | |
552 | if (seq.size() > 1) { | |
553 | - DEREncodable obj = seq.getObjectAt(1); | |
554 | + ASN1Encodable obj = seq.getObjectAt(1); | |
555 | if (obj instanceof DERTaggedObject) { | |
556 | obj = ((DERTaggedObject) obj).getObject(); | |
557 | } | |
558 | @@ -133,7 +133,7 @@ | |
559 | * @return <code>DERObject</code> the encoded representation of the proxy | |
560 | * policy. | |
561 | */ | |
562 | - public DERObject getDERObject() { | |
563 | + public ASN1Primitive toASN1Primitive() { | |
564 | ||
565 | ASN1EncodableVector vec = new ASN1EncodableVector(); | |
566 | ||
567 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java | |
568 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-13 05:53:37.000000000 +0200 | |
569 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-14 22:44:40.967763533 +0200 | |
570 | @@ -484,12 +484,12 @@ | |
571 | while (e.hasMoreElements()) { | |
572 | oid = (DERObjectIdentifier) e.nextElement(); | |
573 | proxyExtension = extensions.getExtension(oid); | |
574 | - if (oid.equals(X509Extensions.SubjectAlternativeName) | |
575 | - || oid.equals(X509Extensions.IssuerAlternativeName)) { | |
576 | + if (oid.equals(X509Extension.subjectAlternativeName) | |
577 | + || oid.equals(X509Extension.issuerAlternativeName)) { | |
578 | // No Alt name extensions - 3.2 & 3.5 | |
579 | throw new CertPathValidatorException( | |
580 | "Proxy violation: no Subject or Issuer Alternative Name"); | |
581 | - } else if (oid.equals(X509Extensions.BasicConstraints)) { | |
582 | + } else if (oid.equals(X509Extension.basicConstraints)) { | |
583 | // Basic Constraint must not be true - 3.8 | |
584 | BasicConstraints basicExt = | |
585 | CertificateUtil.getBasicConstraints(proxyExtension); | |
586 | @@ -497,7 +497,7 @@ | |
587 | throw new CertPathValidatorException( | |
588 | "Proxy violation: Basic Constraint CA is set to true"); | |
589 | } | |
590 | - } else if (oid.equals(X509Extensions.KeyUsage)) { | |
591 | + } else if (oid.equals(X509Extension.keyUsage)) { | |
592 | proxyKeyUsage = proxyExtension; | |
593 | ||
594 | checkKeyUsage(issuer, proxyExtension); | |
595 | @@ -528,7 +528,7 @@ | |
596 | } | |
597 | ||
598 | private void checkExtension(DERObjectIdentifier oid, X509Extension proxyExtension, X509Extension proxyKeyUsage) throws CertPathValidatorException { | |
599 | - if (oid.equals(X509Extensions.KeyUsage)) { | |
600 | + if (oid.equals(X509Extension.keyUsage)) { | |
601 | // If issuer has it then proxy must have it also | |
602 | if (proxyKeyUsage == null) { | |
603 | throw new CertPathValidatorException( | |
604 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java | |
605 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-13 05:53:37.000000000 +0200 | |
606 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-14 22:47:56.371780680 +0200 | |
607 | @@ -95,7 +95,7 @@ | |
608 | ByteArrayOutputStream bout = new ByteArrayOutputStream(); | |
609 | DEROutputStream der = new DEROutputStream(bout); | |
610 | X509Name nm = (X509Name) subject; | |
611 | - der.writeObject(nm.getDERObject()); | |
612 | + der.writeObject(nm.toASN1Primitive()); | |
613 | return bout.toByteArray(); | |
614 | } else { | |
615 | throw new ClassCastException("unsupported input class: " | |
616 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java | |
617 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:43:31.807764457 +0200 | |
618 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:49:38.231789154 +0200 | |
619 | @@ -59,12 +59,14 @@ | |
620 | ||
621 | import org.bouncycastle.asn1.ASN1InputStream; | |
622 | import org.bouncycastle.asn1.ASN1Object; | |
623 | +import org.bouncycastle.asn1.ASN1Primitive; | |
624 | import org.bouncycastle.asn1.ASN1Sequence; | |
625 | import org.bouncycastle.asn1.ASN1Set; | |
626 | +import org.bouncycastle.asn1.ASN1String; | |
627 | import org.bouncycastle.asn1.DERBitString; | |
628 | -import org.bouncycastle.asn1.DERObject; | |
629 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
630 | -import org.bouncycastle.asn1.DERString; | |
631 | +import org.bouncycastle.asn1.x500.X500Name; | |
632 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
633 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
634 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
635 | import org.bouncycastle.asn1.x509.X509Extension; | |
636 | @@ -216,7 +218,7 @@ | |
637 | return -1; | |
638 | } | |
639 | X509Extension proxyExtension = | |
640 | - extensions.getExtension(X509Extensions.BasicConstraints); | |
641 | + extensions.getExtension(X509Extension.basicConstraints); | |
642 | if (proxyExtension != null) { | |
643 | BasicConstraints basicExt = | |
644 | getBasicConstraints(proxyExtension); | |
645 | @@ -310,7 +312,7 @@ | |
646 | X509Extension ext = null; | |
647 | ||
648 | if (extensions != null) { | |
649 | - ext = extensions.getExtension(X509Extensions.BasicConstraints); | |
650 | + ext = extensions.getExtension(X509Extension.basicConstraints); | |
651 | if (ext != null) { | |
652 | BasicConstraints basicExt = getBasicConstraints(ext); | |
653 | if (basicExt.isCA()) { | |
654 | @@ -322,11 +324,11 @@ | |
655 | GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; | |
656 | ||
657 | // does not handle multiple AVAs | |
658 | - X509Name subject = crt.getSubject(); | |
659 | + X500Name subject = crt.getSubject(); | |
660 | ||
661 | ASN1Set entry = X509NameHelper.getLastNameEntry(subject); | |
662 | ASN1Sequence ava = (ASN1Sequence) entry.getObjectAt(0); | |
663 | - if (X509Name.CN.equals(ava.getObjectAt(0))) { | |
664 | + if (BCStyle.CN.equals(ava.getObjectAt(0))) { | |
665 | type = processCN(extensions, type, ava); | |
666 | } | |
667 | ||
668 | @@ -336,7 +338,7 @@ | |
669 | private static GSIConstants.CertificateType processCN( | |
670 | X509Extensions extensions, GSIConstants.CertificateType type, ASN1Sequence ava) throws CertificateException { | |
671 | X509Extension ext; | |
672 | - String value = ((DERString) ava.getObjectAt(1)).getString(); | |
673 | + String value = ((ASN1String) ava.getObjectAt(1)).getString(); | |
674 | GSIConstants.CertificateType certType = type; | |
675 | if (value.equalsIgnoreCase("proxy")) { | |
676 | certType = GSIConstants.CertificateType.GSI_2_PROXY; | |
677 | @@ -431,7 +433,7 @@ | |
678 | * @return the DERObject. | |
679 | * @throws IOException if conversion fails | |
680 | */ | |
681 | - public static DERObject toDERObject(byte[] data) | |
682 | + public static ASN1Primitive toASN1Primitive(byte[] data) | |
683 | throws IOException { | |
684 | ByteArrayInputStream inStream = new ByteArrayInputStream(data); | |
685 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
686 | @@ -450,7 +452,7 @@ | |
687 | public static TBSCertificateStructure getTBSCertificateStructure( | |
688 | X509Certificate cert) | |
689 | throws CertificateEncodingException, IOException { | |
690 | - DERObject obj = toDERObject(cert.getTBSCertificate()); | |
691 | + ASN1Primitive obj = toASN1Primitive(cert.getTBSCertificate()); | |
692 | return TBSCertificateStructure.getInstance(obj); | |
693 | } | |
694 | ||
695 | @@ -461,7 +463,7 @@ | |
696 | return new boolean[0]; | |
697 | } | |
698 | X509Extension extension = | |
699 | - extensions.getExtension(X509Extensions.KeyUsage); | |
700 | + extensions.getExtension(X509Extension.keyUsage); | |
701 | return (extension != null) ? getKeyUsage(extension) : new boolean[0]; | |
702 | } | |
703 | ||
704 | @@ -494,9 +496,9 @@ | |
705 | * @param ext the certificate extension to extract the value from. | |
706 | * @throws IOException if extraction fails. | |
707 | */ | |
708 | - public static DERObject getExtensionObject(X509Extension ext) | |
709 | + public static ASN1Primitive getExtensionObject(X509Extension ext) | |
710 | throws IOException { | |
711 | - return toDERObject(ext.getValue().getOctets()); | |
712 | + return toASN1Primitive(ext.getValue().getOctets()); | |
713 | } | |
714 | ||
715 | /** | |
716 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java | |
717 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-13 05:53:37.000000000 +0200 | |
718 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-14 22:44:40.971763313 +0200 | |
719 | @@ -26,6 +26,11 @@ | |
720 | import org.globus.gsi.proxy.ext.ProxyCertInfo; | |
721 | import org.globus.gsi.proxy.ext.ProxyCertInfoExtension; | |
722 | ||
723 | +import org.bouncycastle.asn1.ASN1Boolean; | |
724 | +import org.bouncycastle.asn1.ASN1Encodable; | |
725 | +import org.bouncycastle.asn1.ASN1Integer; | |
726 | +import org.bouncycastle.asn1.DERBoolean; | |
727 | +import org.bouncycastle.asn1.DERSequence; | |
728 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
729 | import org.bouncycastle.asn1.x509.X509Extensions; | |
730 | ||
731 | @@ -88,9 +93,10 @@ | |
732 | X509ExtensionSet extSet = new X509ExtensionSet(); | |
733 | ext = new X509Extension(oid, critical, expectedValue.getBytes()); | |
734 | extSet.add(ext); | |
735 | - | |
736 | - BasicConstraints constraints = new BasicConstraints(false, 15); | |
737 | - ext = new BouncyCastleX509Extension(X509Extensions.BasicConstraints.getId(), | |
738 | + | |
739 | + DERSequence seq = new DERSequence(new ASN1Encodable[] { DERBoolean.FALSE, new ASN1Integer(15) }); | |
740 | + BasicConstraints constraints = BasicConstraints.getInstance(seq); | |
741 | + ext = new BouncyCastleX509Extension(org.bouncycastle.asn1.x509.X509Extension.basicConstraints.getId(), | |
742 | false, constraints); | |
743 | extSet.add(ext); | |
744 | ||
745 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java | |
746 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-13 05:53:37.000000000 +0200 | |
747 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-14 22:44:40.971763313 +0200 | |
748 | @@ -24,7 +24,7 @@ | |
749 | ||
750 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
751 | import org.bouncycastle.asn1.DEROutputStream; | |
752 | -import org.bouncycastle.asn1.DERObject; | |
753 | +import org.bouncycastle.asn1.ASN1Primitive; | |
754 | import org.bouncycastle.asn1.ASN1Sequence; | |
755 | ||
756 | import junit.framework.TestCase; | |
757 | @@ -63,7 +63,7 @@ | |
758 | ByteArrayInputStream bIn = | |
759 | new ByteArrayInputStream(bOut.toByteArray()); | |
760 | ASN1InputStream dIn = new ASN1InputStream(bIn); | |
761 | - DERObject obj = dIn.readObject(); | |
762 | + ASN1Primitive obj = dIn.readObject(); | |
763 | ||
764 | assertTrue(obj instanceof ASN1Sequence); | |
765 | ||
766 | @@ -112,7 +112,7 @@ | |
767 | ByteArrayInputStream bIn = | |
768 | new ByteArrayInputStream(bOut.toByteArray()); | |
769 | ASN1InputStream dIn = new ASN1InputStream(bIn); | |
770 | - DERObject obj = dIn.readObject(); | |
771 | + ASN1Primitive obj = dIn.readObject(); | |
772 | ||
773 | ProxyCertInfo testInfo = new ProxyCertInfo((ASN1Sequence)obj); | |
774 |
0 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java | |
1 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:43:31.807764457 +0200 | |
2 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:44:40.963763748 +0200 | |
3 | @@ -14,6 +14,7 @@ | |
4 | */ | |
5 | package org.globus.gsi.bc; | |
6 | ||
7 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
8 | import org.globus.gsi.util.CertificateLoadUtil; | |
9 | import org.globus.gsi.util.ProxyCertificateUtil; | |
10 | ||
11 | @@ -48,13 +49,13 @@ | |
12 | import org.bouncycastle.jce.PKCS10CertificationRequest; | |
13 | import org.bouncycastle.jce.provider.X509CertificateObject; | |
14 | import org.bouncycastle.asn1.DERSet; | |
15 | -import org.bouncycastle.asn1.DERObject; | |
16 | import org.bouncycastle.asn1.DERBitString; | |
17 | import org.bouncycastle.asn1.x509.X509Name; | |
18 | +import org.bouncycastle.asn1.ASN1Primitive; | |
19 | import org.bouncycastle.asn1.ASN1InputStream; | |
20 | import org.bouncycastle.asn1.ASN1Sequence; | |
21 | +import org.bouncycastle.asn1.x509.Certificate; | |
22 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
23 | -import org.bouncycastle.asn1.x509.X509CertificateStructure; | |
24 | import org.bouncycastle.asn1.x509.X509Extensions; | |
25 | import org.bouncycastle.asn1.x509.X509Extension; | |
26 | import org.bouncycastle.asn1.x509.KeyUsage; | |
27 | @@ -149,7 +150,7 @@ | |
28 | throws IOException, GeneralSecurityException { | |
29 | ||
30 | ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); | |
31 | - DERObject reqInfo = derin.readObject(); | |
32 | + ASN1Primitive reqInfo = derin.readObject(); | |
33 | PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); | |
34 | ||
35 | boolean rs = certReq.verify(); | |
36 | @@ -413,11 +414,11 @@ | |
37 | X509Extension ext; | |
38 | ||
39 | // handle key usage ext | |
40 | - ext = extensions.getExtension(X509Extensions.KeyUsage); | |
41 | + ext = extensions.getExtension(X509Extension.keyUsage); | |
42 | if (ext != null) { | |
43 | ||
44 | // TBD: handle this better | |
45 | - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { | |
46 | + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { | |
47 | String err = i18n.getMessage("keyUsageExt"); | |
48 | throw new GeneralSecurityException(err); | |
49 | } | |
50 | @@ -437,7 +438,7 @@ | |
51 | ||
52 | bits = new DERBitString(bytes, bits.getPadBits()); | |
53 | ||
54 | - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); | |
55 | + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); | |
56 | } | |
57 | } | |
58 | ||
59 | @@ -481,7 +482,7 @@ | |
60 | X509NameHelper issuer = new X509NameHelper(issuerDN); | |
61 | ||
62 | X509NameHelper subject = new X509NameHelper(issuerDN); | |
63 | - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); | |
64 | + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); | |
65 | ||
66 | certGen.setSubjectDN(subject.getAsName()); | |
67 | certGen.setIssuerDN(issuer.getAsName()); | |
68 | @@ -572,7 +573,7 @@ | |
69 | String cnValue) throws IOException, GeneralSecurityException { | |
70 | ||
71 | ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); | |
72 | - DERObject reqInfo = derin.readObject(); | |
73 | + ASN1Primitive reqInfo = derin.readObject(); | |
74 | PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); | |
75 | ||
76 | boolean rs = certReq.verify(); | |
77 | @@ -831,11 +832,11 @@ | |
78 | X509Extension ext; | |
79 | ||
80 | // handle key usage ext | |
81 | - ext = extensions.getExtension(X509Extensions.KeyUsage); | |
82 | + ext = extensions.getExtension(X509Extension.keyUsage); | |
83 | if (ext != null) { | |
84 | ||
85 | // TBD: handle this better | |
86 | - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { | |
87 | + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { | |
88 | String err = i18n.getMessage("keyUsageExt"); | |
89 | throw new GeneralSecurityException(err); | |
90 | } | |
91 | @@ -855,7 +856,7 @@ | |
92 | ||
93 | bits = new DERBitString(bytes, bits.getPadBits()); | |
94 | ||
95 | - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); | |
96 | + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); | |
97 | } | |
98 | } | |
99 | ||
100 | @@ -897,7 +898,7 @@ | |
101 | } | |
102 | X509NameHelper issuer = new X509NameHelper(issuerDN); | |
103 | X509NameHelper subject = new X509NameHelper(issuerDN); | |
104 | - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); | |
105 | + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); | |
106 | ||
107 | certGen.setSubjectDN(subject.getAsName()); | |
108 | certGen.setIssuerDN(issuer.getAsName()); | |
109 | @@ -936,9 +937,9 @@ | |
110 | */ | |
111 | public X509Certificate loadCertificate(InputStream in) throws IOException, GeneralSecurityException { | |
112 | ASN1InputStream derin = new ASN1InputStream(in); | |
113 | - DERObject certInfo = derin.readObject(); | |
114 | + ASN1Primitive certInfo = derin.readObject(); | |
115 | ASN1Sequence seq = ASN1Sequence.getInstance(certInfo); | |
116 | - return new X509CertificateObject(new X509CertificateStructure(seq)); | |
117 | + return new X509CertificateObject(Certificate.getInstance(seq)); | |
118 | } | |
119 | ||
120 | /** | |
121 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java | |
122 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-13 05:53:37.000000000 +0200 | |
123 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-14 22:44:40.963763748 +0200 | |
124 | @@ -28,8 +28,8 @@ | |
125 | import java.security.interfaces.RSAPrivateCrtKey; | |
126 | import java.security.spec.PKCS8EncodedKeySpec; | |
127 | import org.bouncycastle.asn1.ASN1InputStream; | |
128 | +import org.bouncycastle.asn1.ASN1Primitive; | |
129 | import org.bouncycastle.asn1.ASN1Sequence; | |
130 | -import org.bouncycastle.asn1.DERObject; | |
131 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
132 | import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; | |
133 | import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; | |
134 | @@ -121,12 +121,12 @@ | |
135 | } | |
136 | ByteArrayInputStream bis = new ByteArrayInputStream(data); | |
137 | ASN1InputStream derin = new ASN1InputStream(bis); | |
138 | - DERObject keyInfo = derin.readObject(); | |
139 | + ASN1Primitive keyInfo = derin.readObject(); | |
140 | ||
141 | DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; | |
142 | AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); | |
143 | PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); | |
144 | - DERObject derkey = pkeyinfo.getDERObject(); | |
145 | + ASN1Primitive derkey = pkeyinfo.toASN1Primitive(); | |
146 | byte[] keyData = BouncyCastleUtil.toByteArray(derkey); | |
147 | // The DER object needs to be mangled to | |
148 | // create a proper ProvateKeyInfo object | |
149 | @@ -150,10 +150,10 @@ | |
150 | && (format.equalsIgnoreCase("PKCS#8") || format | |
151 | .equalsIgnoreCase("PKCS8"))) { | |
152 | try { | |
153 | - DERObject keyInfo = BouncyCastleUtil.toDERObject(key | |
154 | + ASN1Primitive keyInfo = BouncyCastleUtil.toASN1Primitive(key | |
155 | .getEncoded()); | |
156 | PrivateKeyInfo pkey = new PrivateKeyInfo((ASN1Sequence) keyInfo); | |
157 | - DERObject derKey = pkey.getPrivateKey(); | |
158 | + ASN1Primitive derKey = pkey.getPrivateKey(); | |
159 | return BouncyCastleUtil.toByteArray(derKey); | |
160 | } catch (IOException e) { | |
161 | // that should never happen | |
162 | @@ -169,7 +169,7 @@ | |
163 | .getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), | |
164 | pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey | |
165 | .getCrtCoefficient()); | |
166 | - DERObject ob = st.getDERObject(); | |
167 | + ASN1Primitive ob = st.toASN1Primitive(); | |
168 | ||
169 | try { | |
170 | return BouncyCastleUtil.toByteArray(ob); | |
171 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java | |
172 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-13 05:53:37.000000000 +0200 | |
173 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-14 22:44:40.963763748 +0200 | |
174 | @@ -30,16 +30,15 @@ | |
175 | ||
176 | import org.bouncycastle.asn1.ASN1InputStream; | |
177 | import org.bouncycastle.asn1.ASN1OctetString; | |
178 | +import org.bouncycastle.asn1.ASN1Primitive; | |
179 | import org.bouncycastle.asn1.ASN1Sequence; | |
180 | import org.bouncycastle.asn1.ASN1Set; | |
181 | +import org.bouncycastle.asn1.ASN1String; | |
182 | import org.bouncycastle.asn1.DERBitString; | |
183 | -import org.bouncycastle.asn1.DERBoolean; | |
184 | -import org.bouncycastle.asn1.DEREncodable; | |
185 | -import org.bouncycastle.asn1.DERInteger; | |
186 | -import org.bouncycastle.asn1.DERObject; | |
187 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
188 | import org.bouncycastle.asn1.DEROutputStream; | |
189 | -import org.bouncycastle.asn1.DERString; | |
190 | +import org.bouncycastle.asn1.x500.X500Name; | |
191 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
192 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
193 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
194 | import org.bouncycastle.asn1.x509.X509Extension; | |
195 | @@ -76,7 +75,7 @@ | |
196 | * @return the DER-encoded byte array | |
197 | * @exception IOException if conversion fails | |
198 | */ | |
199 | - public static byte[] toByteArray(DERObject obj) | |
200 | + public static byte[] toByteArray(ASN1Primitive obj) | |
201 | throws IOException { | |
202 | ByteArrayOutputStream bout = new ByteArrayOutputStream(); | |
203 | DEROutputStream der = new DEROutputStream(bout); | |
204 | @@ -92,7 +91,7 @@ | |
205 | * @return the DERObject. | |
206 | * @exception IOException if conversion fails | |
207 | */ | |
208 | - public static DERObject toDERObject(byte[] data) | |
209 | + public static ASN1Primitive toASN1Primitive(byte[] data) | |
210 | throws IOException { | |
211 | ByteArrayInputStream inStream = new ByteArrayInputStream(data); | |
212 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
213 | @@ -108,9 +107,9 @@ | |
214 | * @return a copy of the DERObject. | |
215 | * @exception IOException if replication fails | |
216 | */ | |
217 | - public static DERObject duplicate(DERObject obj) | |
218 | + public static ASN1Primitive duplicate(ASN1Primitive obj) | |
219 | throws IOException { | |
220 | - return toDERObject(toByteArray(obj)); | |
221 | + return toASN1Primitive(toByteArray(obj)); | |
222 | } | |
223 | ||
224 | /** | |
225 | @@ -123,7 +122,7 @@ | |
226 | */ | |
227 | public static TBSCertificateStructure getTBSCertificateStructure(X509Certificate cert) | |
228 | throws CertificateEncodingException, IOException { | |
229 | - DERObject obj = BouncyCastleUtil.toDERObject(cert.getTBSCertificate()); | |
230 | + ASN1Primitive obj = BouncyCastleUtil.toASN1Primitive(cert.getTBSCertificate()); | |
231 | return TBSCertificateStructure.getInstance(obj); | |
232 | } | |
233 | ||
234 | @@ -133,9 +132,9 @@ | |
235 | * @param ext the certificate extension to extract the value from. | |
236 | * @exception IOException if extraction fails. | |
237 | */ | |
238 | - public static DERObject getExtensionObject(X509Extension ext) | |
239 | + public static ASN1Primitive getExtensionObject(X509Extension ext) | |
240 | throws IOException { | |
241 | - return toDERObject(ext.getValue().getOctets()); | |
242 | + return toASN1Primitive(ext.getValue().getOctets()); | |
243 | } | |
244 | ||
245 | /** | |
246 | @@ -295,9 +294,9 @@ | |
247 | X509Extension ext = null; | |
248 | ||
249 | if (extensions != null) { | |
250 | - ext = extensions.getExtension(X509Extensions.BasicConstraints); | |
251 | + ext = extensions.getExtension(X509Extension.basicConstraints); | |
252 | if (ext != null) { | |
253 | - BasicConstraints basicExt = getBasicConstraints(ext); | |
254 | + BasicConstraints basicExt = BasicConstraints.getInstance(ext); | |
255 | if (basicExt.isCA()) { | |
256 | return GSIConstants.CertificateType.CA; | |
257 | } | |
258 | @@ -307,12 +306,12 @@ | |
259 | GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; | |
260 | ||
261 | // does not handle multiple AVAs | |
262 | - X509Name subject = crt.getSubject(); | |
263 | + X500Name subject = crt.getSubject(); | |
264 | ||
265 | ASN1Set entry = X509NameHelper.getLastNameEntry(subject); | |
266 | ASN1Sequence ava = (ASN1Sequence)entry.getObjectAt(0); | |
267 | - if (X509Name.CN.equals(ava.getObjectAt(0))) { | |
268 | - String value = ((DERString)ava.getObjectAt(1)).getString(); | |
269 | + if (BCStyle.CN.equals(ava.getObjectAt(0))) { | |
270 | + String value = ((ASN1String)ava.getObjectAt(1)).getString(); | |
271 | if (value.equalsIgnoreCase("proxy")) { | |
272 | type = GSIConstants.CertificateType.GSI_2_PROXY; | |
273 | } else if (value.equalsIgnoreCase("limited proxy")) { | |
274 | @@ -370,7 +369,7 @@ | |
275 | X509NameHelper iss = new X509NameHelper(crt.getIssuer()); | |
276 | iss.add((ASN1Set)BouncyCastleUtil.duplicate(entry)); | |
277 | X509Name issuer = iss.getAsName(); | |
278 | - if (!issuer.equals(subject)) { | |
279 | + if (!issuer.equals(X509Name.getInstance(subject))) { | |
280 | String err = i18n.getMessage("proxyDNErr"); | |
281 | throw new CertificateException(err); | |
282 | } | |
283 | @@ -404,36 +403,6 @@ | |
284 | } | |
285 | ||
286 | /** | |
287 | - * Creates a <code>BasicConstraints</code> object from given | |
288 | - * extension. | |
289 | - * | |
290 | - * @param ext the extension. | |
291 | - * @return the <code>BasicConstraints</code> object. | |
292 | - * @exception IOException if something fails. | |
293 | - */ | |
294 | - public static BasicConstraints getBasicConstraints(X509Extension ext) | |
295 | - throws IOException { | |
296 | - DERObject obj = BouncyCastleUtil.getExtensionObject(ext); | |
297 | - if (obj instanceof ASN1Sequence) { | |
298 | - ASN1Sequence seq = (ASN1Sequence)obj; | |
299 | - int size = seq.size(); | |
300 | - if (size == 0) { | |
301 | - return new BasicConstraints(false); | |
302 | - } else if (size == 1) { | |
303 | - DEREncodable value = seq.getObjectAt(0); | |
304 | - if (value instanceof DERInteger) { | |
305 | - int length = ((DERInteger)value).getValue().intValue(); | |
306 | - return new BasicConstraints(false, length); | |
307 | - } else if (value instanceof DERBoolean) { | |
308 | - boolean ca = ((DERBoolean)value).isTrue(); | |
309 | - return new BasicConstraints(ca); | |
310 | - } | |
311 | - } | |
312 | - } | |
313 | - return BasicConstraints.getInstance(obj); | |
314 | - } | |
315 | - | |
316 | - /** | |
317 | * Creates a <code>ProxyCertInfo</code> object from given | |
318 | * extension. | |
319 | * | |
320 | @@ -531,7 +500,7 @@ | |
321 | throws IOException { | |
322 | ByteArrayInputStream inStream = new ByteArrayInputStream(certExtValue); | |
323 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
324 | - DERObject object = derInputStream.readObject(); | |
325 | + ASN1Primitive object = derInputStream.readObject(); | |
326 | if (object instanceof ASN1OctetString) { | |
327 | return ((ASN1OctetString)object).getOctets(); | |
328 | } else { | |
329 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java | |
330 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-13 05:53:37.000000000 +0200 | |
331 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-14 22:44:40.963763748 +0200 | |
332 | @@ -16,7 +16,7 @@ | |
333 | ||
334 | import java.io.IOException; | |
335 | ||
336 | -import org.bouncycastle.asn1.DEREncodable; | |
337 | +import org.bouncycastle.asn1.ASN1Encodable; | |
338 | ||
339 | import org.globus.gsi.X509Extension; | |
340 | ||
341 | @@ -36,22 +36,22 @@ | |
342 | this(oid, false, null); | |
343 | } | |
344 | ||
345 | - public BouncyCastleX509Extension(String oid, DEREncodable value) { | |
346 | + public BouncyCastleX509Extension(String oid, ASN1Encodable value) { | |
347 | this(oid, false, value); | |
348 | } | |
349 | ||
350 | public BouncyCastleX509Extension(String oid, boolean critical, | |
351 | - DEREncodable value) { | |
352 | + ASN1Encodable value) { | |
353 | super(oid, critical, null); | |
354 | setValue(value); | |
355 | } | |
356 | ||
357 | - protected void setValue(DEREncodable value) { | |
358 | + protected void setValue(ASN1Encodable value) { | |
359 | if (value == null) { | |
360 | return; | |
361 | } | |
362 | try { | |
363 | - setValue(BouncyCastleUtil.toByteArray(value.getDERObject())); | |
364 | + setValue(BouncyCastleUtil.toByteArray(value.toASN1Primitive())); | |
365 | } catch (IOException e) { | |
366 | throw new RuntimeException(i18n.getMessage("byteArrayErr") + | |
367 | e.getMessage()); | |
368 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java | |
369 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-13 05:53:37.000000000 +0200 | |
370 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-14 22:44:40.963763748 +0200 | |
371 | @@ -21,11 +21,13 @@ | |
372 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
373 | import org.bouncycastle.asn1.ASN1Sequence; | |
374 | import org.bouncycastle.asn1.ASN1Set; | |
375 | +import org.bouncycastle.asn1.ASN1String; | |
376 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
377 | import org.bouncycastle.asn1.DERPrintableString; | |
378 | import org.bouncycastle.asn1.DERSequence; | |
379 | import org.bouncycastle.asn1.DERSet; | |
380 | -import org.bouncycastle.asn1.DERString; | |
381 | +import org.bouncycastle.asn1.x500.RDN; | |
382 | +import org.bouncycastle.asn1.x500.X500Name; | |
383 | import org.bouncycastle.asn1.x509.X509Name; | |
384 | ||
385 | /** | |
386 | @@ -45,6 +47,21 @@ | |
387 | } | |
388 | ||
389 | /** | |
390 | + * Creates an instance using existing {@link X500Name X500Name} | |
391 | + * object. | |
392 | + * This behaves like a copy constructor. | |
393 | + * | |
394 | + * @param name existing <code>X500Name</code> | |
395 | + */ | |
396 | + public X509NameHelper(X500Name name) { | |
397 | + try { | |
398 | + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); | |
399 | + } catch (IOException e) { | |
400 | + throw new RuntimeException(e.getMessage()); | |
401 | + } | |
402 | + } | |
403 | + | |
404 | + /** | |
405 | * Creates an instance using existing {@link X509Name X509Name} | |
406 | * object. | |
407 | * This behaves like a copy constructor. | |
408 | @@ -53,7 +70,7 @@ | |
409 | */ | |
410 | public X509NameHelper(X509Name name) { | |
411 | try { | |
412 | - this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.getDERObject()); | |
413 | + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); | |
414 | } catch (IOException e) { | |
415 | throw new RuntimeException(e.getMessage()); | |
416 | } | |
417 | @@ -72,8 +89,8 @@ | |
418 | * Appends the specified OID and value pair name component to the end of the | |
419 | * current name. | |
420 | * | |
421 | - * @param oid the name component oid, e.g. {@link X509Name#CN | |
422 | - * X509Name.CN} | |
423 | + * @param oid the name component oid, e.g. {@link org.bouncycastle.asn1.x500.style.BCStyle#CN | |
424 | + * BCStyle.CN} | |
425 | * @param value the value (e.g. "proxy") | |
426 | */ | |
427 | public void add( | |
428 | @@ -125,10 +142,10 @@ | |
429 | * | |
430 | * @return the last name component. Null if there is none. | |
431 | */ | |
432 | - public static ASN1Set getLastNameEntry(X509Name name) { | |
433 | - ASN1Sequence seq = (ASN1Sequence) name.getDERObject(); | |
434 | - int size = seq.size(); | |
435 | - return (size > 0) ? (ASN1Set) seq.getObjectAt(size - 1) : null; | |
436 | + public static ASN1Set getLastNameEntry(X500Name name) { | |
437 | + RDN[] rdns = name.getRDNs(); | |
438 | + int size = rdns.length; | |
439 | + return (size > 0) ? (ASN1Set) rdns[size - 1].toASN1Primitive() : null; | |
440 | } | |
441 | ||
442 | /** | |
443 | @@ -142,7 +159,7 @@ | |
444 | if (name == null) { | |
445 | return null; | |
446 | } | |
447 | - return toString((ASN1Sequence)name.getDERObject()); | |
448 | + return toString((ASN1Sequence)name.toASN1Primitive()); | |
449 | } | |
450 | ||
451 | private static String toString(ASN1Sequence seq) { | |
452 | @@ -159,14 +176,14 @@ | |
453 | while (ee.hasMoreElements()) { | |
454 | ASN1Sequence s = (ASN1Sequence)ee.nextElement(); | |
455 | DERObjectIdentifier oid = (DERObjectIdentifier)s.getObjectAt(0); | |
456 | - String sym = (String)X509Name.OIDLookUp.get(oid); | |
457 | + String sym = (String)X509Name.DefaultSymbols.get(oid); | |
458 | if (sym == null) { | |
459 | buf.append(oid.getId()); | |
460 | } else { | |
461 | buf.append(sym); | |
462 | } | |
463 | buf.append('='); | |
464 | - buf.append(((DERString)s.getObjectAt(1)).getString()); | |
465 | + buf.append(((ASN1String)s.getObjectAt(1)).getString()); | |
466 | if (ee.hasMoreElements()) { | |
467 | buf.append('+'); | |
468 | } | |
469 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java | |
470 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-13 05:53:37.000000000 +0200 | |
471 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-14 22:44:40.967763533 +0200 | |
472 | @@ -20,11 +20,11 @@ | |
473 | ||
474 | import java.io.IOException; | |
475 | ||
476 | +import org.bouncycastle.asn1.ASN1Encodable; | |
477 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
478 | +import org.bouncycastle.asn1.ASN1Primitive; | |
479 | import org.bouncycastle.asn1.ASN1Sequence; | |
480 | -import org.bouncycastle.asn1.DEREncodable; | |
481 | import org.bouncycastle.asn1.DERInteger; | |
482 | -import org.bouncycastle.asn1.DERObject; | |
483 | import org.bouncycastle.asn1.DERSequence; | |
484 | ||
485 | /** | |
486 | @@ -34,7 +34,7 @@ | |
487 | * ProxyCertInfo ::= SEQUENCE { pCPathLenConstraint INTEGER (0..MAX) OPTIONAL, proxyPolicy ProxyPolicy } | |
488 | * </PRE> | |
489 | */ | |
490 | -public class ProxyCertInfo implements DEREncodable { | |
491 | +public class ProxyCertInfo implements ASN1Encodable { | |
492 | ||
493 | /** ProxyCertInfo extension OID */ | |
494 | public static final DERObjectIdentifier OID | |
495 | @@ -111,9 +111,9 @@ | |
496 | } else if (obj instanceof ASN1Sequence) { | |
497 | return new ProxyCertInfo((ASN1Sequence) obj); | |
498 | } else if (obj instanceof byte[]) { | |
499 | - DERObject derObj; | |
500 | + ASN1Primitive derObj; | |
501 | try { | |
502 | - derObj = CertificateUtil.toDERObject((byte[]) obj); | |
503 | + derObj = CertificateUtil.toASN1Primitive((byte[]) obj); | |
504 | } catch (IOException e) { | |
505 | throw new IllegalArgumentException(e.getMessage(), e); | |
506 | } | |
507 | @@ -129,14 +129,14 @@ | |
508 | * | |
509 | * @return <code>DERObject</code> the encoded representation of the extension. | |
510 | */ | |
511 | - public DERObject getDERObject() { | |
512 | + public ASN1Primitive toASN1Primitive() { | |
513 | ASN1EncodableVector vec = new ASN1EncodableVector(); | |
514 | ||
515 | if (this.pathLenConstraint != null) { | |
516 | vec.add(this.pathLenConstraint); | |
517 | } | |
518 | ||
519 | - vec.add(this.proxyPolicy.getDERObject()); | |
520 | + vec.add(this.proxyPolicy.toASN1Primitive()); | |
521 | ||
522 | return new DERSequence(vec); | |
523 | } | |
524 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java | |
525 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-13 05:53:37.000000000 +0200 | |
526 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-14 22:44:40.967763533 +0200 | |
527 | @@ -14,10 +14,10 @@ | |
528 | */ | |
529 | package org.globus.gsi.proxy.ext; | |
530 | ||
531 | +import org.bouncycastle.asn1.ASN1Encodable; | |
532 | import org.bouncycastle.asn1.ASN1EncodableVector; | |
533 | +import org.bouncycastle.asn1.ASN1Primitive; | |
534 | import org.bouncycastle.asn1.ASN1Sequence; | |
535 | -import org.bouncycastle.asn1.DEREncodable; | |
536 | -import org.bouncycastle.asn1.DERObject; | |
537 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
538 | import org.bouncycastle.asn1.DEROctetString; | |
539 | import org.bouncycastle.asn1.DERSequence; | |
540 | @@ -27,7 +27,7 @@ | |
541 | * Represents the policy part of the ProxyCertInfo extension. <BR> <PRE> | |
542 | * ProxyPolicy ::= SEQUENCE { policyLanguage OBJECT IDENTIFIER, policy OCTET STRING OPTIONAL } </PRE> | |
543 | */ | |
544 | -public class ProxyPolicy implements DEREncodable { | |
545 | +public class ProxyPolicy implements ASN1Encodable { | |
546 | ||
547 | /** | |
548 | * Impersonation proxy OID | |
549 | @@ -58,7 +58,7 @@ | |
550 | } | |
551 | this.policyLanguage = (DERObjectIdentifier) seq.getObjectAt(0); | |
552 | if (seq.size() > 1) { | |
553 | - DEREncodable obj = seq.getObjectAt(1); | |
554 | + ASN1Encodable obj = seq.getObjectAt(1); | |
555 | if (obj instanceof DERTaggedObject) { | |
556 | obj = ((DERTaggedObject) obj).getObject(); | |
557 | } | |
558 | @@ -133,7 +133,7 @@ | |
559 | * @return <code>DERObject</code> the encoded representation of the proxy | |
560 | * policy. | |
561 | */ | |
562 | - public DERObject getDERObject() { | |
563 | + public ASN1Primitive toASN1Primitive() { | |
564 | ||
565 | ASN1EncodableVector vec = new ASN1EncodableVector(); | |
566 | ||
567 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java | |
568 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-13 05:53:37.000000000 +0200 | |
569 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-14 22:44:40.967763533 +0200 | |
570 | @@ -484,12 +484,12 @@ | |
571 | while (e.hasMoreElements()) { | |
572 | oid = (DERObjectIdentifier) e.nextElement(); | |
573 | proxyExtension = extensions.getExtension(oid); | |
574 | - if (oid.equals(X509Extensions.SubjectAlternativeName) | |
575 | - || oid.equals(X509Extensions.IssuerAlternativeName)) { | |
576 | + if (oid.equals(X509Extension.subjectAlternativeName) | |
577 | + || oid.equals(X509Extension.issuerAlternativeName)) { | |
578 | // No Alt name extensions - 3.2 & 3.5 | |
579 | throw new CertPathValidatorException( | |
580 | "Proxy violation: no Subject or Issuer Alternative Name"); | |
581 | - } else if (oid.equals(X509Extensions.BasicConstraints)) { | |
582 | + } else if (oid.equals(X509Extension.basicConstraints)) { | |
583 | // Basic Constraint must not be true - 3.8 | |
584 | BasicConstraints basicExt = | |
585 | CertificateUtil.getBasicConstraints(proxyExtension); | |
586 | @@ -497,7 +497,7 @@ | |
587 | throw new CertPathValidatorException( | |
588 | "Proxy violation: Basic Constraint CA is set to true"); | |
589 | } | |
590 | - } else if (oid.equals(X509Extensions.KeyUsage)) { | |
591 | + } else if (oid.equals(X509Extension.keyUsage)) { | |
592 | proxyKeyUsage = proxyExtension; | |
593 | ||
594 | checkKeyUsage(issuer, proxyExtension); | |
595 | @@ -528,7 +528,7 @@ | |
596 | } | |
597 | ||
598 | private void checkExtension(DERObjectIdentifier oid, X509Extension proxyExtension, X509Extension proxyKeyUsage) throws CertPathValidatorException { | |
599 | - if (oid.equals(X509Extensions.KeyUsage)) { | |
600 | + if (oid.equals(X509Extension.keyUsage)) { | |
601 | // If issuer has it then proxy must have it also | |
602 | if (proxyKeyUsage == null) { | |
603 | throw new CertPathValidatorException( | |
604 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java | |
605 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-13 05:53:37.000000000 +0200 | |
606 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-14 22:47:56.371780680 +0200 | |
607 | @@ -95,7 +95,7 @@ | |
608 | ByteArrayOutputStream bout = new ByteArrayOutputStream(); | |
609 | DEROutputStream der = new DEROutputStream(bout); | |
610 | X509Name nm = (X509Name) subject; | |
611 | - der.writeObject(nm.getDERObject()); | |
612 | + der.writeObject(nm.toASN1Primitive()); | |
613 | return bout.toByteArray(); | |
614 | } else { | |
615 | throw new ClassCastException("unsupported input class: " | |
616 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java | |
617 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:43:31.807764457 +0200 | |
618 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:49:38.231789154 +0200 | |
619 | @@ -59,12 +59,14 @@ | |
620 | ||
621 | import org.bouncycastle.asn1.ASN1InputStream; | |
622 | import org.bouncycastle.asn1.ASN1Object; | |
623 | +import org.bouncycastle.asn1.ASN1Primitive; | |
624 | import org.bouncycastle.asn1.ASN1Sequence; | |
625 | import org.bouncycastle.asn1.ASN1Set; | |
626 | +import org.bouncycastle.asn1.ASN1String; | |
627 | import org.bouncycastle.asn1.DERBitString; | |
628 | -import org.bouncycastle.asn1.DERObject; | |
629 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
630 | -import org.bouncycastle.asn1.DERString; | |
631 | +import org.bouncycastle.asn1.x500.X500Name; | |
632 | +import org.bouncycastle.asn1.x500.style.BCStyle; | |
633 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
634 | import org.bouncycastle.asn1.x509.TBSCertificateStructure; | |
635 | import org.bouncycastle.asn1.x509.X509Extension; | |
636 | @@ -216,7 +218,7 @@ | |
637 | return -1; | |
638 | } | |
639 | X509Extension proxyExtension = | |
640 | - extensions.getExtension(X509Extensions.BasicConstraints); | |
641 | + extensions.getExtension(X509Extension.basicConstraints); | |
642 | if (proxyExtension != null) { | |
643 | BasicConstraints basicExt = | |
644 | getBasicConstraints(proxyExtension); | |
645 | @@ -310,7 +312,7 @@ | |
646 | X509Extension ext = null; | |
647 | ||
648 | if (extensions != null) { | |
649 | - ext = extensions.getExtension(X509Extensions.BasicConstraints); | |
650 | + ext = extensions.getExtension(X509Extension.basicConstraints); | |
651 | if (ext != null) { | |
652 | BasicConstraints basicExt = getBasicConstraints(ext); | |
653 | if (basicExt.isCA()) { | |
654 | @@ -322,11 +324,11 @@ | |
655 | GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; | |
656 | ||
657 | // does not handle multiple AVAs | |
658 | - X509Name subject = crt.getSubject(); | |
659 | + X500Name subject = crt.getSubject(); | |
660 | ||
661 | ASN1Set entry = X509NameHelper.getLastNameEntry(subject); | |
662 | ASN1Sequence ava = (ASN1Sequence) entry.getObjectAt(0); | |
663 | - if (X509Name.CN.equals(ava.getObjectAt(0))) { | |
664 | + if (BCStyle.CN.equals(ava.getObjectAt(0))) { | |
665 | type = processCN(extensions, type, ava); | |
666 | } | |
667 | ||
668 | @@ -336,7 +338,7 @@ | |
669 | private static GSIConstants.CertificateType processCN( | |
670 | X509Extensions extensions, GSIConstants.CertificateType type, ASN1Sequence ava) throws CertificateException { | |
671 | X509Extension ext; | |
672 | - String value = ((DERString) ava.getObjectAt(1)).getString(); | |
673 | + String value = ((ASN1String) ava.getObjectAt(1)).getString(); | |
674 | GSIConstants.CertificateType certType = type; | |
675 | if (value.equalsIgnoreCase("proxy")) { | |
676 | certType = GSIConstants.CertificateType.GSI_2_PROXY; | |
677 | @@ -431,7 +433,7 @@ | |
678 | * @return the DERObject. | |
679 | * @throws IOException if conversion fails | |
680 | */ | |
681 | - public static DERObject toDERObject(byte[] data) | |
682 | + public static ASN1Primitive toASN1Primitive(byte[] data) | |
683 | throws IOException { | |
684 | ByteArrayInputStream inStream = new ByteArrayInputStream(data); | |
685 | ASN1InputStream derInputStream = new ASN1InputStream(inStream); | |
686 | @@ -450,7 +452,7 @@ | |
687 | public static TBSCertificateStructure getTBSCertificateStructure( | |
688 | X509Certificate cert) | |
689 | throws CertificateEncodingException, IOException { | |
690 | - DERObject obj = toDERObject(cert.getTBSCertificate()); | |
691 | + ASN1Primitive obj = toASN1Primitive(cert.getTBSCertificate()); | |
692 | return TBSCertificateStructure.getInstance(obj); | |
693 | } | |
694 | ||
695 | @@ -461,7 +463,7 @@ | |
696 | return new boolean[0]; | |
697 | } | |
698 | X509Extension extension = | |
699 | - extensions.getExtension(X509Extensions.KeyUsage); | |
700 | + extensions.getExtension(X509Extension.keyUsage); | |
701 | return (extension != null) ? getKeyUsage(extension) : new boolean[0]; | |
702 | } | |
703 | ||
704 | @@ -494,9 +496,9 @@ | |
705 | * @param ext the certificate extension to extract the value from. | |
706 | * @throws IOException if extraction fails. | |
707 | */ | |
708 | - public static DERObject getExtensionObject(X509Extension ext) | |
709 | + public static ASN1Primitive getExtensionObject(X509Extension ext) | |
710 | throws IOException { | |
711 | - return toDERObject(ext.getValue().getOctets()); | |
712 | + return toASN1Primitive(ext.getValue().getOctets()); | |
713 | } | |
714 | ||
715 | /** | |
716 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java | |
717 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-13 05:53:37.000000000 +0200 | |
718 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-14 22:44:40.971763313 +0200 | |
719 | @@ -26,6 +26,11 @@ | |
720 | import org.globus.gsi.proxy.ext.ProxyCertInfo; | |
721 | import org.globus.gsi.proxy.ext.ProxyCertInfoExtension; | |
722 | ||
723 | +import org.bouncycastle.asn1.ASN1Boolean; | |
724 | +import org.bouncycastle.asn1.ASN1Encodable; | |
725 | +import org.bouncycastle.asn1.ASN1Integer; | |
726 | +import org.bouncycastle.asn1.DERBoolean; | |
727 | +import org.bouncycastle.asn1.DERSequence; | |
728 | import org.bouncycastle.asn1.x509.BasicConstraints; | |
729 | import org.bouncycastle.asn1.x509.X509Extensions; | |
730 | ||
731 | @@ -88,9 +93,10 @@ | |
732 | X509ExtensionSet extSet = new X509ExtensionSet(); | |
733 | ext = new X509Extension(oid, critical, expectedValue.getBytes()); | |
734 | extSet.add(ext); | |
735 | - | |
736 | - BasicConstraints constraints = new BasicConstraints(false, 15); | |
737 | - ext = new BouncyCastleX509Extension(X509Extensions.BasicConstraints.getId(), | |
738 | + | |
739 | + DERSequence seq = new DERSequence(new ASN1Encodable[] { DERBoolean.FALSE, new ASN1Integer(15) }); | |
740 | + BasicConstraints constraints = BasicConstraints.getInstance(seq); | |
741 | + ext = new BouncyCastleX509Extension(org.bouncycastle.asn1.x509.X509Extension.basicConstraints.getId(), | |
742 | false, constraints); | |
743 | extSet.add(ext); | |
744 | ||
745 | diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java | |
746 | --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-13 05:53:37.000000000 +0200 | |
747 | +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-14 22:44:40.971763313 +0200 | |
748 | @@ -24,7 +24,7 @@ | |
749 | ||
750 | import org.bouncycastle.asn1.DERObjectIdentifier; | |
751 | import org.bouncycastle.asn1.DEROutputStream; | |
752 | -import org.bouncycastle.asn1.DERObject; | |
753 | +import org.bouncycastle.asn1.ASN1Primitive; | |
754 | import org.bouncycastle.asn1.ASN1Sequence; | |
755 | ||
756 | import junit.framework.TestCase; | |
757 | @@ -63,7 +63,7 @@ | |
758 | ByteArrayInputStream bIn = | |
759 | new ByteArrayInputStream(bOut.toByteArray()); | |
760 | ASN1InputStream dIn = new ASN1InputStream(bIn); | |
761 | - DERObject obj = dIn.readObject(); | |
762 | + ASN1Primitive obj = dIn.readObject(); | |
763 | ||
764 | assertTrue(obj instanceof ASN1Sequence); | |
765 | ||
766 | @@ -112,7 +112,7 @@ | |
767 | ByteArrayInputStream bIn = | |
768 | new ByteArrayInputStream(bOut.toByteArray()); | |
769 | ASN1InputStream dIn = new ASN1InputStream(bIn); | |
770 | - DERObject obj = dIn.readObject(); | |
771 | + ASN1Primitive obj = dIn.readObject(); | |
772 | ||
773 | ProxyCertInfo testInfo = new ProxyCertInfo((ASN1Sequence)obj); | |
774 |