Java sun security util
java.lang.Object 
sun.security.util.PolicyUtil
public static InputStream getInputStream(URL url) throws IOException < if ("file".equals(url.getProtocol())) < String path = url.getFile().replace('/', File.separatorChar); path = ParseUtil.decode(path); return new FileInputStream(path); >else < return url.openStream(); >> public static KeyStore getKeyStore(URL policyUrl, String keyStoreName, String keyStoreType, String keyStoreProvider, String storePassURL, Debug debug) throws KeyStoreException, MalformedURLException, IOException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException < if (keyStoreName == null) < throw new IllegalArgumentException("null KeyStore name"); >char[] keyStorePassword = null; try < KeyStore ks; if (keyStoreType == null) < keyStoreType = KeyStore.getDefaultType(); >if (P11KEYSTORE.equalsIgnoreCase(keyStoreType) && !NONE.equals(keyStoreName)) < throw new IllegalArgumentException ("Invalid value (" + keyStoreName + ") for keystore URL. If the keystore type is \"" + P11KEYSTORE + "\", the keystore url must be \"" + NONE + "\""); >if (keyStoreProvider != null) < ks = KeyStore.getInstance(keyStoreType, keyStoreProvider); >else < ks = KeyStore.getInstance(keyStoreType); >if (storePassURL != null) < URL passURL; try < passURL = new URL(storePassURL); // absolute URL >catch (MalformedURLException e) < // relative URL if (policyUrl == null) < throw e; >passURL = new URL(policyUrl, storePassURL); > if (debug != null) < debug.println("reading password"+passURL); >InputStream in = null; try < in = passURL.openStream(); keyStorePassword = Password.readPassword(in); >finally < if (in != null) < in.close(); >> > if (NONE.equals(keyStoreName)) < ks.load(null, keyStorePassword); return ks; >else < /* * location of keystore is specified as absolute URL in policy * file, or is relative to URL of policy file */ URL keyStoreUrl = null; try < keyStoreUrl = new URL(keyStoreName); // absolute URL >catch (MalformedURLException e) < // relative URL if (policyUrl == null) < throw e; >keyStoreUrl = new URL(policyUrl, keyStoreName); > if (debug != null) < debug.println("reading keystore"+keyStoreUrl); >InputStream inStream = null; try < inStream = new BufferedInputStream(getInputStream(keyStoreUrl)); ks.load(inStream, keyStorePassword); >finally < inStream.close(); >return ks; > > finally < if (keyStorePassword != null) < Arrays.fill(keyStorePassword, ' '); >> >
this is intended for use by policytool and the policy parser to instantiate a KeyStore from the information in the GUI/policy file
Источник
Java sun security util
java.lang.Object sun.security.util.DerValue
Represents a single DER-encoded value. DER encoding rules are a subset of the "Basic" Encoding Rules (BER), but they only support a single way ("Definite" encoding) to encode any given value.
All DER-encoded data are triples . This class represents such tagged values as they have been read (or constructed), and provides structured access to the encoded data.
public DerValue(String value) throws IOException < boolean isPrintableString = true; for (int i = 0; i < value.length(); i++) < if (!isPrintableStringChar(value.charAt(i))) < isPrintableString = false; break; >> data = init(isPrintableString ? tag_PrintableString : tag_UTF8String, value); >
DerValue(DerInputBuffer in) throws IOException < // XXX must also parse BER-encoded constructed // values such as sequences, sets. tag = (byte)in.read(); byte lenByte = (byte)in.read(); length = DerInputStream.getLength((lenByte & 0xff), in); if (length == -1) < // indefinite length encoding found DerInputBuffer inbuf = in.dup(); int readLen = inbuf.available(); int offset = 2; // for tag and length bytes byte[] indefData = new byte[readLen + offset]; indefData[0] = tag; indefData[1] = lenByte; DataInputStream dis = new DataInputStream(inbuf); dis.readFully(indefData, offset, readLen); dis.close(); DerIndefLenConverter derIn = new DerIndefLenConverter(); inbuf = new DerInputBuffer(derIn.convert(indefData)); if (tag != inbuf.read()) throw new IOException ("Indefinite length encoding not supported"); length = DerInputStream.getLength(inbuf); buffer = inbuf.dup(); buffer.truncate(length); data = new DerInputStream(buffer); // indefinite form is encoded by sending a length field with a // length of 0. - i.e. [1000|0000]. // the object is ended by sending two zero bytes. in.skip(length + offset); >else < buffer = in.dup(); buffer.truncate(length); data = new DerInputStream(buffer); in.skip(length); >> public DerValue(byte[] buf) throws IOException
Get an ASN.1/DER encoded datum from a buffer. The entire buffer must hold exactly one datum, including its tag and length.
Parameters:
buf - buffer holding a single DER-encoded datum.
public DerValue(InputStream in) throws IOException
Get an ASN1/DER encoded datum from an input stream. The stream may have additional data following the encoded datum. In case of indefinite length encoded datum, the input stream must hold only one datum.
Parameters:
in - the input stream holding a single DER datum, which may be followed by additional data
public DerValue(byte stringTag, String value) throws IOException
Creates a string type DER value from a String object
Parameters:
stringTag - the tag for the DER value to create
value - the String object to use for the DER value
public DerValue(byte tag, byte[] data)
Creates a DerValue from a tag and some DER-encoded data.
Parameters:
tag - the DER type tag
data - the DER-encoded data
public DerValue(byte[] buf, int offset, int len) throws IOException
Get an ASN.1/DER encoded datum from part of a buffer. That part of the buffer must hold exactly one datum, including its tag and length.
Parameters:
buf - the buffer
offset - start point of the single DER-encoded dataum
length - how many bytes are in the encoded datum
public static byte createTag(byte tagClass, boolean form, byte val) < byte tag = (byte)(tagClass | val); if (form) < tag |= (byte)0x20; >return (tag); >
public void encode(DerOutputStream out) throws IOException < out.write(tag); out.putLength(length); // XXX yeech, excess copies . DerInputBuffer.write(OutStream) if (length >0) < byte[] value = new byte[length]; // always synchronized on data synchronized (data) < buffer.reset(); if (buffer.read(value) != length) < throw new IOException("short DER value read (encode)"); >out.write(value); > > > public boolean equals(Object other)
public boolean equals(DerValue other) < if (this == other) < return true; >if (tag != other.tag) < return false; >if (data == other.data) < return true; >// make sure the order of lock is always consistent to avoid a deadlock return (System.identityHashCode(this.data) > System.identityHashCode(other.data)) ? doEquals(this, other): doEquals(other, this); >
Bitwise equality comparison. DER encoded values have a single encoding, so that bitwise equality of the encoded values is an efficient way to establish equivalence of the unencoded values.
public String getAsString() throws IOException < if (tag == tag_UTF8String) return getUTF8String(); else if (tag == tag_PrintableString) return getPrintableString(); else if (tag == tag_T61String) return getT61String(); else if (tag == tag_IA5String) return getIA5String(); /* else if (tag == tag_UniversalString) return getUniversalString(); */ else if (tag == tag_BMPString) return getBMPString(); else if (tag == tag_GeneralString) return getGeneralString(); else return null; >
Returns the name component as a Java string, regardless of its encoding restrictions (ASCII, T61, Printable, IA5, BMP, UTF8).
public String getBMPString() throws IOException < if (tag != tag_BMPString) throw new IOException( "DerValue.getBMPString, not BMP " + tag); // BMPString is the same as Unicode in big endian, unmarked // format. return new String(getDataBytes(), "UnicodeBigUnmarked"); >
public BigInteger getBigInteger() throws IOException
public byte[] getBitString() throws IOException
public byte[] getBitString(boolean tagImplicit) throws IOException < if (!tagImplicit) < if (tag != tag_BitString) throw new IOException("DerValue.getBitString, not a bit string " + tag); >return buffer.getBitString(); >
Returns an ASN.1 BIT STRING value, with the tag assumed implicit based on the parameter. The bit string must be byte-aligned.
public boolean getBoolean() throws IOException < if (tag != tag_Boolean) < throw new IOException("DerValue.getBoolean, not a BOOLEAN " + tag); >if (length != 1) < throw new IOException("DerValue.getBoolean, invalid length " + length); >if (buffer.read() != 0) < return true; >return false; > public final DerInputStream getData()
public byte[] getDataBytes() throws IOException < byte[] retVal = new byte[length]; synchronized (data) < data.reset(); data.getBytes(retVal); >return retVal; >
public int getEnumerated() throws IOException < if (tag != tag_Enumerated) < throw new IOException("DerValue.getEnumerated, incorrect tag: " + tag); >return buffer.getInteger(data.available()); > public String getGeneralString() throws IOException
public Date getGeneralizedTime() throws IOException < if (tag != tag_GeneralizedTime) < throw new IOException( "DerValue.getGeneralizedTime, not a GeneralizedTime: " + tag); >return buffer.getGeneralizedTime(data.available()); >
public String getIA5String() throws IOException
public int getInteger() throws IOException < if (tag != tag_Integer) < throw new IOException("DerValue.getInteger, not an int " + tag); >return buffer.getInteger(data.available()); > public ObjectIdentifier getOID() throws IOException
public byte[] getOctetString() throws IOException < byte[] bytes; if (tag != tag_OctetString && !isConstructed(tag_OctetString)) < throw new IOException( "DerValue.getOctetString, not an Octet String: " + tag); >bytes = new byte[length]; // Note: do not tempt to call buffer.read(bytes) at all. There's a // known bug that it returns -1 instead of 0. if (length == 0) < return bytes; >if (buffer.read(bytes) != length) throw new IOException("short read on DerValue buffer"); if (isConstructed()) < DerInputStream in = new DerInputStream(bytes); bytes = null; while (in.available() != 0) < bytes = append(bytes, in.getOctetString()); >> return bytes; > public BigInteger getPositiveBigInteger() throws IOException
Returns an ASN.1 INTEGER value as a positive BigInteger. This is just to deal with implementations that incorrectly encode some values as negative.
public String getPrintableString() throws IOException
public String getT61String() throws IOException
public final byte getTag()
public Date getUTCTime() throws IOException < if (tag != tag_UtcTime) < throw new IOException("DerValue.getUTCTime, not a UtcTime: " + tag); >return buffer.getUTCTime(data.available()); > public String getUTF8String() throws IOException
public BitArray getUnalignedBitString() throws IOException
public BitArray getUnalignedBitString(boolean tagImplicit) throws IOException < if (!tagImplicit) < if (tag != tag_BitString) throw new IOException("DerValue.getBitString, not a bit string " + tag); >return buffer.getUnalignedBitString(); >
Returns an ASN.1 BIT STRING value, with the tag assumed implicit based on the parameter. The bit string need not be byte-aligned.
public boolean isApplication()
public boolean isConstructed()
public boolean isConstructed(byte constructedTag) < if (!isConstructed()) < return false; >return ((tag & 0x01f) == constructedTag); >
public boolean isContextSpecific()
Returns true iff the CONTEXT SPECIFIC bit is set in the type tag. This is associated with the ASN.1 "DEFINED BY" syntax.
public boolean isContextSpecific(byte cntxtTag) < if (!isContextSpecific()) < return false; >return ((tag & 0x01f) == cntxtTag); >
public static boolean isPrintableStringChar(char ch) < if ((ch >= 'a' && ch < = 'z') || (ch >= 'A' && ch < = 'Z') || (ch >= '0' && ch < = '9')) < return true; >else < switch (ch) < case ' ': /* space */ case '\'': /* apostrophe */ case '(': /* left paren */ case ')': /* right paren */ case '+': /* plus */ case ',': /* comma */ case '-': /* hyphen */ case '.': /* period */ case '/': /* slash */ case ':': /* colon */ case '=': /* equals */ case '?': /* question mark */ return true; default: return false; >> >
Determine if a character is one of the permissible characters for PrintableString: A-Z, a-z, 0-9, space, apostrophe (39), left and right parentheses, plus sign, comma, hyphen, period, slash, colon, equals sign, and question mark. Characters that are *not* allowed in PrintableString include exclamation point, quotation mark, number sign, dollar sign, percent sign, ampersand, asterisk, semicolon, less than sign, greater than sign, at sign, left and right square brackets, backslash, circumflex (94), underscore, back quote (96), left and right curly brackets, vertical line, tilde, and the control codes (0-31 and 127). This list is based on X.680 (the ASN.1 spec).
public boolean isUniversal()
public void resetTag(byte tag)
public byte[] toByteArray() throws IOException
Returns a DER-encoded value, such that if it's passed to the DerValue constructor, a value equivalent to "this" is returned.
public DerInputStream toDerInputStream() throws IOException
For "set" and "sequence" types, this function may be used to return a DER stream of the members of the set or sequence. This operation is not supported for primitive types such as integers or bit strings.
public String toString() < try < String str = getAsString(); if (str != null) return "\"" + str + "\""; if (tag == tag_Null) return "[DerValue, null]"; if (tag == tag_ObjectId) return "OID." + getOID(); // integers else return "[DerValue, tag = " + tag + ", length = " + length + "]"; >catch (IOException e) < throw new IllegalArgumentException("misformatted DER value"); >> Источник