author | weijun |
Thu, 06 Jul 2017 09:20:21 +0800 | |
changeset 47418 | 6993f9f1ff83 |
parent 47216 | 71c04702a3d5 |
child 57950 | 4612a3cfb927 |
child 58678 | 9cf78a70fa4f |
permissions | -rw-r--r-- |
2 | 1 |
/* |
47418
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
2 |
* Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package sun.security.util; |
|
27 |
||
28 |
import java.io.*; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
29 |
import java.math.BigInteger; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
30 |
import java.util.Arrays; |
2 | 31 |
|
32 |
/** |
|
33 |
* Represent an ISO Object Identifier. |
|
34 |
* |
|
35 |
* <P>Object Identifiers are arbitrary length hierarchical identifiers. |
|
36 |
* The individual components are numbers, and they define paths from the |
|
37 |
* root of an ISO-managed identifier space. You will sometimes see a |
|
38 |
* string name used instead of (or in addition to) the numerical id. |
|
39 |
* These are synonyms for the numerical IDs, but are not widely used |
|
40 |
* since most sites do not know all the requisite strings, while all |
|
41 |
* sites can parse the numeric forms. |
|
42 |
* |
|
43 |
* <P>So for example, JavaSoft has the sole authority to assign the |
|
44 |
* meaning to identifiers below the 1.3.6.1.4.1.42.2.17 node in the |
|
45 |
* hierarchy, and other organizations can easily acquire the ability |
|
46 |
* to assign such unique identifiers. |
|
47 |
* |
|
48 |
* @author David Brownell |
|
49 |
* @author Amit Kapoor |
|
50 |
* @author Hemma Prafullchandra |
|
51 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
52 |
|
32649
2ee9017c7597
8136583: Core libraries should use blessed modifier order
martin
parents:
31538
diff
changeset
|
53 |
public final |
2 | 54 |
class ObjectIdentifier implements Serializable |
55 |
{ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
56 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
57 |
* We use the DER value (no tag, no length) as the internal format |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
58 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
59 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
60 |
private byte[] encoding = null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
61 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
62 |
private transient volatile String stringForm; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
63 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
64 |
/* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
65 |
* IMPORTANT NOTES FOR CODE CHANGES (bug 4811968) IN JDK 1.7.0 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
66 |
* =========================================================== |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
67 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
68 |
* (Almost) serialization compatibility with old versions: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
69 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
70 |
* serialVersionUID is unchanged. Old field "component" is changed to |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
71 |
* type Object so that "poison" (unknown object type for old versions) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
72 |
* can be put inside if there are huge components that cannot be saved |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
73 |
* as integers. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
74 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
75 |
* New version use the new filed "encoding" only. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
76 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
77 |
* Below are all 4 cases in a serialization/deserialization process: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
78 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
79 |
* 1. old -> old: Not covered here |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
80 |
* 2. old -> new: There's no "encoding" field, new readObject() reads |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
81 |
* "components" and "componentLen" instead and inits correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
82 |
* 3. new -> new: "encoding" field exists, new readObject() uses it |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
83 |
* (ignoring the other 2 fields) and inits correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
84 |
* 4. new -> old: old readObject() only recognizes "components" and |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
85 |
* "componentLen" fields. If no huge components are involved, they |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
86 |
* are serialized as legal values and old object can init correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
87 |
* Otherwise, old object cannot recognize the form (component not int[]) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
88 |
* and throw a ClassNotFoundException at deserialization time. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
89 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
90 |
* Therfore, for the first 3 cases, exact compatibility is preserved. In |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
91 |
* the 4th case, non-huge OID is still supportable in old versions, while |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
92 |
* huge OID is not. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
93 |
*/ |
2 | 94 |
private static final long serialVersionUID = 8697030238860181294L; |
95 |
||
96 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
97 |
* Changed to Object |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
98 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
99 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
100 |
private Object components = null; // path from root |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
101 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
102 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
103 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
104 |
private int componentLen = -1; // how much is used. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
105 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
106 |
// Is the components field calculated? |
32649
2ee9017c7597
8136583: Core libraries should use blessed modifier order
martin
parents:
31538
diff
changeset
|
107 |
private transient boolean componentsCalculated = false; |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
108 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
109 |
private void readObject(ObjectInputStream is) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
110 |
throws IOException, ClassNotFoundException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
111 |
is.defaultReadObject(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
112 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
113 |
if (encoding == null) { // from an old version |
47418
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
114 |
int[] comp = (int[])components; |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
115 |
if (componentLen > comp.length) { |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
116 |
componentLen = comp.length; |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
117 |
} |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
118 |
init(comp, componentLen); |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
119 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
120 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
121 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
122 |
private void writeObject(ObjectOutputStream os) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
123 |
throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
124 |
if (!componentsCalculated) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
125 |
int[] comps = toIntArray(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
126 |
if (comps != null) { // every one understands this |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
127 |
components = comps; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
128 |
componentLen = comps.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
129 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
130 |
components = HugeOidNotSupportedByOldJDK.theOne; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
131 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
132 |
componentsCalculated = true; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
133 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
134 |
os.defaultWriteObject(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
135 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
136 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
137 |
static class HugeOidNotSupportedByOldJDK implements Serializable { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
138 |
private static final long serialVersionUID = 1L; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
139 |
static HugeOidNotSupportedByOldJDK theOne = new HugeOidNotSupportedByOldJDK(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
140 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
141 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
142 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
143 |
* Constructs, from a string. This string should be of the form 1.23.56. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
144 |
* Validity check included. |
2 | 145 |
*/ |
146 |
public ObjectIdentifier (String oid) throws IOException |
|
147 |
{ |
|
148 |
int ch = '.'; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
149 |
int start = 0; |
2 | 150 |
int end = 0; |
151 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
152 |
int pos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
153 |
byte[] tmp = new byte[oid.length()]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
154 |
int first = 0, second; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
155 |
int count = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
156 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
157 |
try { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
158 |
String comp = null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
159 |
do { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
160 |
int length = 0; // length of one section |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
161 |
end = oid.indexOf(ch,start); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
162 |
if (end == -1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
163 |
comp = oid.substring(start); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
164 |
length = oid.length() - start; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
165 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
166 |
comp = oid.substring(start,end); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
167 |
length = end - start; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
168 |
} |
2 | 169 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
170 |
if (length > 9) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
171 |
BigInteger bignum = new BigInteger(comp); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
172 |
if (count == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
173 |
checkFirstComponent(bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
174 |
first = bignum.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
175 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
176 |
if (count == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
177 |
checkSecondComponent(first, bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
178 |
bignum = bignum.add(BigInteger.valueOf(40*first)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
179 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
180 |
checkOtherComponent(count, bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
181 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
182 |
pos += pack7Oid(bignum, tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
183 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
184 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
185 |
int num = Integer.parseInt(comp); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
186 |
if (count == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
187 |
checkFirstComponent(num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
188 |
first = num; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
189 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
190 |
if (count == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
191 |
checkSecondComponent(first, num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
192 |
num += 40 * first; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
193 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
194 |
checkOtherComponent(count, num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
195 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
196 |
pos += pack7Oid(num, tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
197 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
198 |
} |
2 | 199 |
start = end + 1; |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
200 |
count++; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
201 |
} while (end != -1); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
202 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
203 |
checkCount(count); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
204 |
encoding = new byte[pos]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
205 |
System.arraycopy(tmp, 0, encoding, 0, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
206 |
this.stringForm = oid; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
207 |
} catch (IOException ioe) { // already detected by checkXXX |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
208 |
throw ioe; |
2 | 209 |
} catch (Exception e) { |
210 |
throw new IOException("ObjectIdentifier() -- Invalid format: " |
|
211 |
+ e.toString(), e); |
|
212 |
} |
|
213 |
} |
|
214 |
||
215 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
216 |
* Constructor, from an array of integers. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
217 |
* Validity check included. |
2 | 218 |
*/ |
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
31426
diff
changeset
|
219 |
public ObjectIdentifier(int[] values) throws IOException |
2 | 220 |
{ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
221 |
checkCount(values.length); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
222 |
checkFirstComponent(values[0]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
223 |
checkSecondComponent(values[0], values[1]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
224 |
for (int i=2; i<values.length; i++) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
225 |
checkOtherComponent(i, values[i]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
226 |
init(values, values.length); |
2 | 227 |
} |
228 |
||
229 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
230 |
* Constructor, from an ASN.1 encoded input stream. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
231 |
* Validity check NOT included. |
2 | 232 |
* The encoding of the ID in the stream uses "DER", a BER/1 subset. |
233 |
* In this case, that means a triple { typeId, length, data }. |
|
234 |
* |
|
235 |
* <P><STRONG>NOTE:</STRONG> When an exception is thrown, the |
|
236 |
* input stream has not been returned to its "initial" state. |
|
237 |
* |
|
238 |
* @param in DER-encoded data holding an object ID |
|
239 |
* @exception IOException indicates a decoding error |
|
240 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
241 |
public ObjectIdentifier (DerInputStream in) throws IOException |
2 | 242 |
{ |
243 |
byte type_id; |
|
244 |
int bufferEnd; |
|
245 |
||
246 |
/* |
|
247 |
* Object IDs are a "universal" type, and their tag needs only |
|
248 |
* one byte of encoding. Verify that the tag of this datum |
|
249 |
* is that of an object ID. |
|
250 |
* |
|
251 |
* Then get and check the length of the ID's encoding. We set |
|
252 |
* up so that we can use in.available() to check for the end of |
|
253 |
* this value in the data stream. |
|
254 |
*/ |
|
255 |
type_id = (byte) in.getByte (); |
|
256 |
if (type_id != DerValue.tag_ObjectId) |
|
257 |
throw new IOException ( |
|
258 |
"ObjectIdentifier() -- data isn't an object ID" |
|
259 |
+ " (tag = " + type_id + ")" |
|
260 |
); |
|
261 |
||
43216 | 262 |
int len = in.getDefiniteLength(); |
263 |
if (len > in.available()) { |
|
264 |
throw new IOException("ObjectIdentifier() -- length exceeds" + |
|
265 |
"data available. Length: " + len + ", Available: " + |
|
266 |
in.available()); |
|
267 |
} |
|
268 |
encoding = new byte[len]; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
269 |
in.getBytes(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
270 |
check(encoding); |
2 | 271 |
} |
272 |
||
273 |
/* |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
274 |
* Constructor, from the rest of a DER input buffer; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
275 |
* the tag and length have been removed/verified |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
276 |
* Validity check NOT included. |
2 | 277 |
*/ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
278 |
ObjectIdentifier (DerInputBuffer buf) throws IOException |
2 | 279 |
{ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
280 |
DerInputStream in = new DerInputStream(buf); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
281 |
encoding = new byte[in.available()]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
282 |
in.getBytes(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
283 |
check(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
284 |
} |
2 | 285 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
286 |
private void init(int[] components, int length) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
287 |
int pos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
288 |
byte[] tmp = new byte[length*5+1]; // +1 for empty input |
2 | 289 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
290 |
if (components[1] < Integer.MAX_VALUE - components[0]*40) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
291 |
pos += pack7Oid(components[0]*40+components[1], tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
292 |
else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
293 |
BigInteger big = BigInteger.valueOf(components[1]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
294 |
big = big.add(BigInteger.valueOf(components[0]*40)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
295 |
pos += pack7Oid(big, tmp, pos); |
2 | 296 |
} |
297 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
298 |
for (int i=2; i<length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
299 |
pos += pack7Oid(components[i], tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
300 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
301 |
encoding = new byte[pos]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
302 |
System.arraycopy(tmp, 0, encoding, 0, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
303 |
} |
2 | 304 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
305 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
306 |
* This method is kept for compatibility reasons. The new implementation |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
307 |
* does the check and conversion. All around the JDK, the method is called |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
308 |
* in static blocks to initialize pre-defined ObjectIdentifieies. No |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
309 |
* obvious performance hurt will be made after this change. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
310 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
311 |
* Old doc: Create a new ObjectIdentifier for internal use. The values are |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
312 |
* neither checked nor cloned. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
313 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
314 |
public static ObjectIdentifier newInternal(int[] values) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
315 |
try { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
316 |
return new ObjectIdentifier(values); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
317 |
} catch (IOException ex) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
318 |
throw new RuntimeException(ex); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
319 |
// Should not happen, internal calls always uses legal values. |
2 | 320 |
} |
321 |
} |
|
322 |
||
323 |
/* |
|
324 |
* n.b. the only public interface is DerOutputStream.putOID() |
|
325 |
*/ |
|
326 |
void encode (DerOutputStream out) throws IOException |
|
327 |
{ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
328 |
out.write (DerValue.tag_ObjectId, encoding); |
2 | 329 |
} |
330 |
||
331 |
/** |
|
332 |
* Compares this identifier with another, for equality. |
|
333 |
* |
|
334 |
* @return true iff the names are identical. |
|
335 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
336 |
@Override |
2 | 337 |
public boolean equals(Object obj) { |
338 |
if (this == obj) { |
|
339 |
return true; |
|
340 |
} |
|
341 |
if (obj instanceof ObjectIdentifier == false) { |
|
342 |
return false; |
|
343 |
} |
|
344 |
ObjectIdentifier other = (ObjectIdentifier)obj; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
345 |
return Arrays.equals(encoding, other.encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
346 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
347 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
348 |
@Override |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
349 |
public int hashCode() { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
350 |
return Arrays.hashCode(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
351 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
352 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
353 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
354 |
* Private helper method for serialization. To be compatible with old |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
355 |
* versions of JDK. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
356 |
* @return components in an int array, if all the components are less than |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
357 |
* Integer.MAX_VALUE. Otherwise, null. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
358 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
359 |
private int[] toIntArray() { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
360 |
int length = encoding.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
361 |
int[] result = new int[20]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
362 |
int which = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
363 |
int fromPos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
364 |
for (int i = 0; i < length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
365 |
if ((encoding[i] & 0x80) == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
366 |
// one section [fromPos..i] |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
367 |
if (i - fromPos + 1 > 4) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
368 |
BigInteger big = new BigInteger(pack(encoding, fromPos, i-fromPos+1, 7, 8)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
369 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
370 |
result[which++] = 2; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
371 |
BigInteger second = big.subtract(BigInteger.valueOf(80)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
372 |
if (second.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
373 |
return null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
374 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
375 |
result[which++] = second.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
376 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
377 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
378 |
if (big.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
379 |
return null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
380 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
381 |
result[which++] = big.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
382 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
383 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
384 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
385 |
int retval = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
386 |
for (int j = fromPos; j <= i; j++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
387 |
retval <<= 7; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
388 |
byte tmp = encoding[j]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
389 |
retval |= (tmp & 0x07f); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
390 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
391 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
392 |
if (retval < 80) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
393 |
result[which++] = retval / 40; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
394 |
result[which++] = retval % 40; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
395 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
396 |
result[which++] = 2; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
397 |
result[which++] = retval - 80; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
398 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
399 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
400 |
result[which++] = retval; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
401 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
402 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
403 |
fromPos = i+1; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
404 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
405 |
if (which >= result.length) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
406 |
result = Arrays.copyOf(result, which + 10); |
2 | 407 |
} |
408 |
} |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
409 |
return Arrays.copyOf(result, which); |
2 | 410 |
} |
411 |
||
412 |
/** |
|
413 |
* Returns a string form of the object ID. The format is the |
|
414 |
* conventional "dot" notation for such IDs, without any |
|
415 |
* user-friendly descriptive strings, since those strings |
|
416 |
* will not be understood everywhere. |
|
417 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
418 |
@Override |
2 | 419 |
public String toString() { |
420 |
String s = stringForm; |
|
421 |
if (s == null) { |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
422 |
int length = encoding.length; |
24969
afa6934dd8e8
8041679: Replace uses of StringBuffer with StringBuilder within core library classes
psandoz
parents:
23345
diff
changeset
|
423 |
StringBuilder sb = new StringBuilder(length * 4); |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
424 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
425 |
int fromPos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
426 |
for (int i = 0; i < length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
427 |
if ((encoding[i] & 0x80) == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
428 |
// one section [fromPos..i] |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
429 |
if (fromPos != 0) { // not the first segment |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
430 |
sb.append('.'); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
431 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
432 |
if (i - fromPos + 1 > 4) { // maybe big integer |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
433 |
BigInteger big = new BigInteger(pack(encoding, fromPos, i-fromPos+1, 7, 8)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
434 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
435 |
// first section encoded with more than 4 bytes, |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
436 |
// must be 2.something |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
437 |
sb.append("2."); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
438 |
sb.append(big.subtract(BigInteger.valueOf(80))); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
439 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
440 |
sb.append(big); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
441 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
442 |
} else { // small integer |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
443 |
int retval = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
444 |
for (int j = fromPos; j <= i; j++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
445 |
retval <<= 7; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
446 |
byte tmp = encoding[j]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
447 |
retval |= (tmp & 0x07f); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
448 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
449 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
450 |
if (retval < 80) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
451 |
sb.append(retval/40); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
452 |
sb.append('.'); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
453 |
sb.append(retval%40); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
454 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
455 |
sb.append("2."); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
456 |
sb.append(retval - 80); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
457 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
458 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
459 |
sb.append(retval); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
460 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
461 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
462 |
fromPos = i+1; |
2 | 463 |
} |
464 |
} |
|
465 |
s = sb.toString(); |
|
466 |
stringForm = s; |
|
467 |
} |
|
468 |
return s; |
|
469 |
} |
|
470 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
471 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
472 |
* Repack all bits from input to output. On the both sides, only a portion |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
473 |
* (from the least significant bit) of the 8 bits in a byte is used. This |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
474 |
* number is defined as the number of useful bits (NUB) for the array. All the |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
475 |
* used bits from the input byte array and repacked into the output in the |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
476 |
* exactly same order. The output bits are aligned so that the final bit of |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
477 |
* the input (the least significant bit in the last byte), when repacked as |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
478 |
* the final bit of the output, is still at the least significant position. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
479 |
* Zeroes will be padded on the left side of the first output byte if |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
480 |
* necessary. All unused bits in the output are also zeroed. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
481 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
482 |
* For example: if the input is 01001100 with NUB 8, the output which |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
483 |
* has a NUB 6 will look like: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
484 |
* 00000001 00001100 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
485 |
* The first 2 bits of the output bytes are unused bits. The other bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
486 |
* turn out to be 000001 001100. While the 8 bits on the right are from |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
487 |
* the input, the left 4 zeroes are padded to fill the 6 bits space. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
488 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
489 |
* @param in the input byte array |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
490 |
* @param ioffset start point inside <code>in</code> |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
491 |
* @param ilength number of bytes to repack |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
492 |
* @param iw NUB for input |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
493 |
* @param ow NUB for output |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
494 |
* @return the repacked bytes |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
495 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
496 |
private static byte[] pack(byte[] in, int ioffset, int ilength, int iw, int ow) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
497 |
assert (iw > 0 && iw <= 8): "input NUB must be between 1 and 8"; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
498 |
assert (ow > 0 && ow <= 8): "output NUB must be between 1 and 8"; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
499 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
500 |
if (iw == ow) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
501 |
return in.clone(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
502 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
503 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
504 |
int bits = ilength * iw; // number of all used bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
505 |
byte[] out = new byte[(bits+ow-1)/ow]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
506 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
507 |
// starting from the 0th bit in the input |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
508 |
int ipos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
509 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
510 |
// the number of padding 0's needed in the output, skip them |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
511 |
int opos = (bits+ow-1)/ow*ow-bits; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
512 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
513 |
while(ipos < bits) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
514 |
int count = iw - ipos%iw; // unpacked bits in current input byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
515 |
if (count > ow - opos%ow) { // free space available in output byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
516 |
count = ow - opos%ow; // choose the smaller number |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
517 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
518 |
// and move them! |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
519 |
out[opos/ow] |= // paste! |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
520 |
(((in[ioffset+ipos/iw]+256) // locate the byte (+256 so that it's never negative) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
521 |
>> (iw-ipos%iw-count)) // move to the end of a byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
522 |
& ((1 << (count))-1)) // zero out all other bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
523 |
<< (ow-opos%ow-count); // move to the output position |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
524 |
ipos += count; // advance |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
525 |
opos += count; // advance |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
526 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
527 |
return out; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
528 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
529 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
530 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
531 |
* Repack from NUB 8 to a NUB 7 OID sub-identifier, remove all |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
532 |
* unnecessary 0 headings, set the first bit of all non-tail |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
533 |
* output bytes to 1 (as ITU-T Rec. X.690 8.19.2 says), and |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
534 |
* paste it into an existing byte array. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
535 |
* @param out the existing array to be pasted into |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
536 |
* @param ooffset the starting position to paste |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
537 |
* @return the number of bytes pasted |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
538 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
539 |
private static int pack7Oid(byte[] in, int ioffset, int ilength, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
540 |
byte[] pack = pack(in, ioffset, ilength, 8, 7); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
541 |
int firstNonZero = pack.length-1; // paste at least one byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
542 |
for (int i=pack.length-2; i>=0; i--) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
543 |
if (pack[i] != 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
544 |
firstNonZero = i; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
545 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
546 |
pack[i] |= 0x80; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
547 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
548 |
System.arraycopy(pack, firstNonZero, out, ooffset, pack.length-firstNonZero); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
549 |
return pack.length-firstNonZero; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
550 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
551 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
552 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
553 |
* Repack from NUB 7 to NUB 8, remove all unnecessary 0 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
554 |
* headings, and paste it into an existing byte array. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
555 |
* @param out the existing array to be pasted into |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
556 |
* @param ooffset the starting position to paste |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
557 |
* @return the number of bytes pasted |
2 | 558 |
*/ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
559 |
private static int pack8(byte[] in, int ioffset, int ilength, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
560 |
byte[] pack = pack(in, ioffset, ilength, 7, 8); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
561 |
int firstNonZero = pack.length-1; // paste at least one byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
562 |
for (int i=pack.length-2; i>=0; i--) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
563 |
if (pack[i] != 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
564 |
firstNonZero = i; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
565 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
566 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
567 |
System.arraycopy(pack, firstNonZero, out, ooffset, pack.length-firstNonZero); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
568 |
return pack.length-firstNonZero; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
569 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
570 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
571 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
572 |
* Pack the int into a OID sub-identifier DER encoding |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
573 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
574 |
private static int pack7Oid(int input, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
575 |
byte[] b = new byte[4]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
576 |
b[0] = (byte)(input >> 24); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
577 |
b[1] = (byte)(input >> 16); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
578 |
b[2] = (byte)(input >> 8); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
579 |
b[3] = (byte)(input); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
580 |
return pack7Oid(b, 0, 4, out, ooffset); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
581 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
582 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
583 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
584 |
* Pack the BigInteger into a OID subidentifier DER encoding |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
585 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
586 |
private static int pack7Oid(BigInteger input, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
587 |
byte[] b = input.toByteArray(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
588 |
return pack7Oid(b, 0, b.length, out, ooffset); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
589 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
590 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
591 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
592 |
* Private methods to check validity of OID. They must be -- |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
593 |
* 1. at least 2 components |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
594 |
* 2. all components must be non-negative |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
595 |
* 3. the first must be 0, 1 or 2 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
596 |
* 4. if the first is 0 or 1, the second must be <40 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
597 |
*/ |
2 | 598 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
599 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
600 |
* Check the DER encoding. Since DER encoding defines that the integer bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
601 |
* are unsigned, so there's no need to check the MSB. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
602 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
603 |
private static void check(byte[] encoding) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
604 |
int length = encoding.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
605 |
if (length < 1 || // too short |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
606 |
(encoding[length - 1] & 0x80) != 0) { // not ended |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
607 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
608 |
"Invalid DER encoding, not ended"); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
609 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
610 |
for (int i=0; i<length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
611 |
// 0x80 at the beginning of a subidentifier |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
612 |
if (encoding[i] == (byte)0x80 && |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
613 |
(i==0 || (encoding[i-1] & 0x80) == 0)) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
614 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
615 |
"Invalid DER encoding, useless extra octet detected"); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
616 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
617 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
618 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
619 |
private static void checkCount(int count) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
620 |
if (count < 2) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
621 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
622 |
"Must be at least two oid components "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
623 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
624 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
625 |
private static void checkFirstComponent(int first) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
626 |
if (first < 0 || first > 2) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
627 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
628 |
"First oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
629 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
630 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
631 |
private static void checkFirstComponent(BigInteger first) throws IOException { |
37361
a790f7bc3878
8072452: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
xuelei
parents:
32649
diff
changeset
|
632 |
if (first.signum() == -1 || first.compareTo(BigInteger.TWO) > 0) { |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
633 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
634 |
"First oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
635 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
636 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
637 |
private static void checkSecondComponent(int first, int second) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
638 |
if (second < 0 || first != 2 && second > 39) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
639 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
640 |
"Second oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
641 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
642 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
643 |
private static void checkSecondComponent(int first, BigInteger second) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
644 |
if (second.signum() == -1 || |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
645 |
first != 2 && |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
646 |
second.compareTo(BigInteger.valueOf(39)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
647 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
648 |
"Second oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
649 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
650 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
651 |
private static void checkOtherComponent(int i, int num) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
652 |
if (num < 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
653 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
654 |
"oid component #" + (i+1) + " must be non-negative "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
655 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
656 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
657 |
private static void checkOtherComponent(int i, BigInteger num) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
658 |
if (num.signum() == -1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
659 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
660 |
"oid component #" + (i+1) + " must be non-negative "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
661 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
662 |
} |
2 | 663 |
} |