author | darcy |
Wed, 09 Oct 2019 09:57:41 -0700 | |
changeset 58519 | 6e017b301287 |
parent 57950 | 4612a3cfb927 |
child 58679 | 9c3209ff7550 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47418
diff
changeset
|
2 |
* Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package sun.security.util; |
|
27 |
||
28 |
import java.io.*; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
29 |
import java.math.BigInteger; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
30 |
import java.util.Arrays; |
2 | 31 |
|
32 |
/** |
|
33 |
* Represent an ISO Object Identifier. |
|
34 |
* |
|
35 |
* <P>Object Identifiers are arbitrary length hierarchical identifiers. |
|
36 |
* The individual components are numbers, and they define paths from the |
|
37 |
* root of an ISO-managed identifier space. You will sometimes see a |
|
38 |
* string name used instead of (or in addition to) the numerical id. |
|
39 |
* These are synonyms for the numerical IDs, but are not widely used |
|
40 |
* since most sites do not know all the requisite strings, while all |
|
41 |
* sites can parse the numeric forms. |
|
42 |
* |
|
43 |
* <P>So for example, JavaSoft has the sole authority to assign the |
|
44 |
* meaning to identifiers below the 1.3.6.1.4.1.42.2.17 node in the |
|
45 |
* hierarchy, and other organizations can easily acquire the ability |
|
46 |
* to assign such unique identifiers. |
|
47 |
* |
|
48 |
* @author David Brownell |
|
49 |
* @author Amit Kapoor |
|
50 |
* @author Hemma Prafullchandra |
|
51 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
52 |
|
32649
2ee9017c7597
8136583: Core libraries should use blessed modifier order
martin
parents:
31538
diff
changeset
|
53 |
public final |
2 | 54 |
class ObjectIdentifier implements Serializable |
55 |
{ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
56 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
57 |
* We use the DER value (no tag, no length) as the internal format |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
58 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
59 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
60 |
private byte[] encoding = null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
61 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
62 |
private transient volatile String stringForm; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
63 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
64 |
/* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
65 |
* IMPORTANT NOTES FOR CODE CHANGES (bug 4811968) IN JDK 1.7.0 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
66 |
* =========================================================== |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
67 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
68 |
* (Almost) serialization compatibility with old versions: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
69 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
70 |
* serialVersionUID is unchanged. Old field "component" is changed to |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
71 |
* type Object so that "poison" (unknown object type for old versions) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
72 |
* can be put inside if there are huge components that cannot be saved |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
73 |
* as integers. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
74 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
75 |
* New version use the new filed "encoding" only. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
76 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
77 |
* Below are all 4 cases in a serialization/deserialization process: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
78 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
79 |
* 1. old -> old: Not covered here |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
80 |
* 2. old -> new: There's no "encoding" field, new readObject() reads |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
81 |
* "components" and "componentLen" instead and inits correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
82 |
* 3. new -> new: "encoding" field exists, new readObject() uses it |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
83 |
* (ignoring the other 2 fields) and inits correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
84 |
* 4. new -> old: old readObject() only recognizes "components" and |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
85 |
* "componentLen" fields. If no huge components are involved, they |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
86 |
* are serialized as legal values and old object can init correctly. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
87 |
* Otherwise, old object cannot recognize the form (component not int[]) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
88 |
* and throw a ClassNotFoundException at deserialization time. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
89 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
90 |
* Therfore, for the first 3 cases, exact compatibility is preserved. In |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
91 |
* the 4th case, non-huge OID is still supportable in old versions, while |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
92 |
* huge OID is not. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
93 |
*/ |
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47418
diff
changeset
|
94 |
@java.io.Serial |
2 | 95 |
private static final long serialVersionUID = 8697030238860181294L; |
96 |
||
97 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
98 |
* Changed to Object |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
99 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
100 |
*/ |
58519
6e017b301287
8231262: Suppress warnings on non-serializable instance fields in security libs serializable classes
darcy
parents:
57950
diff
changeset
|
101 |
@SuppressWarnings("serial") // Not statically typed as Serializable |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
102 |
private Object components = null; // path from root |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
103 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
104 |
* @serial |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
105 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
106 |
private int componentLen = -1; // how much is used. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
107 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
108 |
// Is the components field calculated? |
32649
2ee9017c7597
8136583: Core libraries should use blessed modifier order
martin
parents:
31538
diff
changeset
|
109 |
private transient boolean componentsCalculated = false; |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
110 |
|
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47418
diff
changeset
|
111 |
@java.io.Serial |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
112 |
private void readObject(ObjectInputStream is) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
113 |
throws IOException, ClassNotFoundException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
114 |
is.defaultReadObject(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
115 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
116 |
if (encoding == null) { // from an old version |
47418
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
117 |
int[] comp = (int[])components; |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
118 |
if (componentLen > comp.length) { |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
119 |
componentLen = comp.length; |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
120 |
} |
6993f9f1ff83
8181432: Better processing of unresolved permissions
weijun
parents:
47216
diff
changeset
|
121 |
init(comp, componentLen); |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
122 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
123 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
124 |
|
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47418
diff
changeset
|
125 |
@java.io.Serial |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
126 |
private void writeObject(ObjectOutputStream os) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
127 |
throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
128 |
if (!componentsCalculated) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
129 |
int[] comps = toIntArray(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
130 |
if (comps != null) { // every one understands this |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
131 |
components = comps; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
132 |
componentLen = comps.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
133 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
134 |
components = HugeOidNotSupportedByOldJDK.theOne; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
135 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
136 |
componentsCalculated = true; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
137 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
138 |
os.defaultWriteObject(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
139 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
140 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
141 |
static class HugeOidNotSupportedByOldJDK implements Serializable { |
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47418
diff
changeset
|
142 |
@java.io.Serial |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
143 |
private static final long serialVersionUID = 1L; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
144 |
static HugeOidNotSupportedByOldJDK theOne = new HugeOidNotSupportedByOldJDK(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
145 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
146 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
147 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
148 |
* Constructs, from a string. This string should be of the form 1.23.56. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
149 |
* Validity check included. |
2 | 150 |
*/ |
151 |
public ObjectIdentifier (String oid) throws IOException |
|
152 |
{ |
|
153 |
int ch = '.'; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
154 |
int start = 0; |
2 | 155 |
int end = 0; |
156 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
157 |
int pos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
158 |
byte[] tmp = new byte[oid.length()]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
159 |
int first = 0, second; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
160 |
int count = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
161 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
162 |
try { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
163 |
String comp = null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
164 |
do { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
165 |
int length = 0; // length of one section |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
166 |
end = oid.indexOf(ch,start); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
167 |
if (end == -1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
168 |
comp = oid.substring(start); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
169 |
length = oid.length() - start; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
170 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
171 |
comp = oid.substring(start,end); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
172 |
length = end - start; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
173 |
} |
2 | 174 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
175 |
if (length > 9) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
176 |
BigInteger bignum = new BigInteger(comp); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
177 |
if (count == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
178 |
checkFirstComponent(bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
179 |
first = bignum.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
180 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
181 |
if (count == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
182 |
checkSecondComponent(first, bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
183 |
bignum = bignum.add(BigInteger.valueOf(40*first)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
184 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
185 |
checkOtherComponent(count, bignum); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
186 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
187 |
pos += pack7Oid(bignum, tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
188 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
189 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
190 |
int num = Integer.parseInt(comp); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
191 |
if (count == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
192 |
checkFirstComponent(num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
193 |
first = num; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
194 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
195 |
if (count == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
196 |
checkSecondComponent(first, num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
197 |
num += 40 * first; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
198 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
199 |
checkOtherComponent(count, num); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
200 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
201 |
pos += pack7Oid(num, tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
202 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
203 |
} |
2 | 204 |
start = end + 1; |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
205 |
count++; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
206 |
} while (end != -1); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
207 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
208 |
checkCount(count); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
209 |
encoding = new byte[pos]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
210 |
System.arraycopy(tmp, 0, encoding, 0, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
211 |
this.stringForm = oid; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
212 |
} catch (IOException ioe) { // already detected by checkXXX |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
213 |
throw ioe; |
2 | 214 |
} catch (Exception e) { |
215 |
throw new IOException("ObjectIdentifier() -- Invalid format: " |
|
216 |
+ e.toString(), e); |
|
217 |
} |
|
218 |
} |
|
219 |
||
220 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
221 |
* Constructor, from an array of integers. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
222 |
* Validity check included. |
2 | 223 |
*/ |
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
31426
diff
changeset
|
224 |
public ObjectIdentifier(int[] values) throws IOException |
2 | 225 |
{ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
226 |
checkCount(values.length); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
227 |
checkFirstComponent(values[0]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
228 |
checkSecondComponent(values[0], values[1]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
229 |
for (int i=2; i<values.length; i++) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
230 |
checkOtherComponent(i, values[i]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
231 |
init(values, values.length); |
2 | 232 |
} |
233 |
||
234 |
/** |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
235 |
* Constructor, from an ASN.1 encoded input stream. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
236 |
* Validity check NOT included. |
2 | 237 |
* The encoding of the ID in the stream uses "DER", a BER/1 subset. |
238 |
* In this case, that means a triple { typeId, length, data }. |
|
239 |
* |
|
240 |
* <P><STRONG>NOTE:</STRONG> When an exception is thrown, the |
|
241 |
* input stream has not been returned to its "initial" state. |
|
242 |
* |
|
243 |
* @param in DER-encoded data holding an object ID |
|
244 |
* @exception IOException indicates a decoding error |
|
245 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
246 |
public ObjectIdentifier (DerInputStream in) throws IOException |
2 | 247 |
{ |
248 |
byte type_id; |
|
249 |
int bufferEnd; |
|
250 |
||
251 |
/* |
|
252 |
* Object IDs are a "universal" type, and their tag needs only |
|
253 |
* one byte of encoding. Verify that the tag of this datum |
|
254 |
* is that of an object ID. |
|
255 |
* |
|
256 |
* Then get and check the length of the ID's encoding. We set |
|
257 |
* up so that we can use in.available() to check for the end of |
|
258 |
* this value in the data stream. |
|
259 |
*/ |
|
260 |
type_id = (byte) in.getByte (); |
|
261 |
if (type_id != DerValue.tag_ObjectId) |
|
262 |
throw new IOException ( |
|
263 |
"ObjectIdentifier() -- data isn't an object ID" |
|
264 |
+ " (tag = " + type_id + ")" |
|
265 |
); |
|
266 |
||
43216 | 267 |
int len = in.getDefiniteLength(); |
268 |
if (len > in.available()) { |
|
269 |
throw new IOException("ObjectIdentifier() -- length exceeds" + |
|
270 |
"data available. Length: " + len + ", Available: " + |
|
271 |
in.available()); |
|
272 |
} |
|
273 |
encoding = new byte[len]; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
274 |
in.getBytes(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
275 |
check(encoding); |
2 | 276 |
} |
277 |
||
278 |
/* |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
279 |
* Constructor, from the rest of a DER input buffer; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
280 |
* the tag and length have been removed/verified |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
281 |
* Validity check NOT included. |
2 | 282 |
*/ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
283 |
ObjectIdentifier (DerInputBuffer buf) throws IOException |
2 | 284 |
{ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
285 |
DerInputStream in = new DerInputStream(buf); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
286 |
encoding = new byte[in.available()]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
287 |
in.getBytes(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
288 |
check(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
289 |
} |
2 | 290 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
291 |
private void init(int[] components, int length) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
292 |
int pos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
293 |
byte[] tmp = new byte[length*5+1]; // +1 for empty input |
2 | 294 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
295 |
if (components[1] < Integer.MAX_VALUE - components[0]*40) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
296 |
pos += pack7Oid(components[0]*40+components[1], tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
297 |
else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
298 |
BigInteger big = BigInteger.valueOf(components[1]); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
299 |
big = big.add(BigInteger.valueOf(components[0]*40)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
300 |
pos += pack7Oid(big, tmp, pos); |
2 | 301 |
} |
302 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
303 |
for (int i=2; i<length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
304 |
pos += pack7Oid(components[i], tmp, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
305 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
306 |
encoding = new byte[pos]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
307 |
System.arraycopy(tmp, 0, encoding, 0, pos); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
308 |
} |
2 | 309 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
310 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
311 |
* This method is kept for compatibility reasons. The new implementation |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
312 |
* does the check and conversion. All around the JDK, the method is called |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
313 |
* in static blocks to initialize pre-defined ObjectIdentifieies. No |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
314 |
* obvious performance hurt will be made after this change. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
315 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
316 |
* Old doc: Create a new ObjectIdentifier for internal use. The values are |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
317 |
* neither checked nor cloned. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
318 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
319 |
public static ObjectIdentifier newInternal(int[] values) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
320 |
try { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
321 |
return new ObjectIdentifier(values); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
322 |
} catch (IOException ex) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
323 |
throw new RuntimeException(ex); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
324 |
// Should not happen, internal calls always uses legal values. |
2 | 325 |
} |
326 |
} |
|
327 |
||
328 |
/* |
|
329 |
* n.b. the only public interface is DerOutputStream.putOID() |
|
330 |
*/ |
|
331 |
void encode (DerOutputStream out) throws IOException |
|
332 |
{ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
333 |
out.write (DerValue.tag_ObjectId, encoding); |
2 | 334 |
} |
335 |
||
336 |
/** |
|
337 |
* Compares this identifier with another, for equality. |
|
338 |
* |
|
339 |
* @return true iff the names are identical. |
|
340 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
341 |
@Override |
2 | 342 |
public boolean equals(Object obj) { |
343 |
if (this == obj) { |
|
344 |
return true; |
|
345 |
} |
|
346 |
if (obj instanceof ObjectIdentifier == false) { |
|
347 |
return false; |
|
348 |
} |
|
349 |
ObjectIdentifier other = (ObjectIdentifier)obj; |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
350 |
return Arrays.equals(encoding, other.encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
351 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
352 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
353 |
@Override |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
354 |
public int hashCode() { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
355 |
return Arrays.hashCode(encoding); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
356 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
357 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
358 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
359 |
* Private helper method for serialization. To be compatible with old |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
360 |
* versions of JDK. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
361 |
* @return components in an int array, if all the components are less than |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
362 |
* Integer.MAX_VALUE. Otherwise, null. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
363 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
364 |
private int[] toIntArray() { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
365 |
int length = encoding.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
366 |
int[] result = new int[20]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
367 |
int which = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
368 |
int fromPos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
369 |
for (int i = 0; i < length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
370 |
if ((encoding[i] & 0x80) == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
371 |
// one section [fromPos..i] |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
372 |
if (i - fromPos + 1 > 4) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
373 |
BigInteger big = new BigInteger(pack(encoding, fromPos, i-fromPos+1, 7, 8)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
374 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
375 |
result[which++] = 2; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
376 |
BigInteger second = big.subtract(BigInteger.valueOf(80)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
377 |
if (second.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
378 |
return null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
379 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
380 |
result[which++] = second.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
381 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
382 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
383 |
if (big.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
384 |
return null; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
385 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
386 |
result[which++] = big.intValue(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
387 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
388 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
389 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
390 |
int retval = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
391 |
for (int j = fromPos; j <= i; j++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
392 |
retval <<= 7; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
393 |
byte tmp = encoding[j]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
394 |
retval |= (tmp & 0x07f); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
395 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
396 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
397 |
if (retval < 80) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
398 |
result[which++] = retval / 40; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
399 |
result[which++] = retval % 40; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
400 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
401 |
result[which++] = 2; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
402 |
result[which++] = retval - 80; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
403 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
404 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
405 |
result[which++] = retval; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
406 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
407 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
408 |
fromPos = i+1; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
409 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
410 |
if (which >= result.length) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
411 |
result = Arrays.copyOf(result, which + 10); |
2 | 412 |
} |
413 |
} |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
414 |
return Arrays.copyOf(result, which); |
2 | 415 |
} |
416 |
||
417 |
/** |
|
418 |
* Returns a string form of the object ID. The format is the |
|
419 |
* conventional "dot" notation for such IDs, without any |
|
420 |
* user-friendly descriptive strings, since those strings |
|
421 |
* will not be understood everywhere. |
|
422 |
*/ |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
423 |
@Override |
2 | 424 |
public String toString() { |
425 |
String s = stringForm; |
|
426 |
if (s == null) { |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
427 |
int length = encoding.length; |
24969
afa6934dd8e8
8041679: Replace uses of StringBuffer with StringBuilder within core library classes
psandoz
parents:
23345
diff
changeset
|
428 |
StringBuilder sb = new StringBuilder(length * 4); |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
429 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
430 |
int fromPos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
431 |
for (int i = 0; i < length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
432 |
if ((encoding[i] & 0x80) == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
433 |
// one section [fromPos..i] |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
434 |
if (fromPos != 0) { // not the first segment |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
435 |
sb.append('.'); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
436 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
437 |
if (i - fromPos + 1 > 4) { // maybe big integer |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
438 |
BigInteger big = new BigInteger(pack(encoding, fromPos, i-fromPos+1, 7, 8)); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
439 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
440 |
// first section encoded with more than 4 bytes, |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
441 |
// must be 2.something |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
442 |
sb.append("2."); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
443 |
sb.append(big.subtract(BigInteger.valueOf(80))); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
444 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
445 |
sb.append(big); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
446 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
447 |
} else { // small integer |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
448 |
int retval = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
449 |
for (int j = fromPos; j <= i; j++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
450 |
retval <<= 7; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
451 |
byte tmp = encoding[j]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
452 |
retval |= (tmp & 0x07f); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
453 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
454 |
if (fromPos == 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
455 |
if (retval < 80) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
456 |
sb.append(retval/40); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
457 |
sb.append('.'); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
458 |
sb.append(retval%40); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
459 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
460 |
sb.append("2."); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
461 |
sb.append(retval - 80); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
462 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
463 |
} else { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
464 |
sb.append(retval); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
465 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
466 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
467 |
fromPos = i+1; |
2 | 468 |
} |
469 |
} |
|
470 |
s = sb.toString(); |
|
471 |
stringForm = s; |
|
472 |
} |
|
473 |
return s; |
|
474 |
} |
|
475 |
||
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
476 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
477 |
* Repack all bits from input to output. On the both sides, only a portion |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
478 |
* (from the least significant bit) of the 8 bits in a byte is used. This |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
479 |
* number is defined as the number of useful bits (NUB) for the array. All the |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
480 |
* used bits from the input byte array and repacked into the output in the |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
481 |
* exactly same order. The output bits are aligned so that the final bit of |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
482 |
* the input (the least significant bit in the last byte), when repacked as |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
483 |
* the final bit of the output, is still at the least significant position. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
484 |
* Zeroes will be padded on the left side of the first output byte if |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
485 |
* necessary. All unused bits in the output are also zeroed. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
486 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
487 |
* For example: if the input is 01001100 with NUB 8, the output which |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
488 |
* has a NUB 6 will look like: |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
489 |
* 00000001 00001100 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
490 |
* The first 2 bits of the output bytes are unused bits. The other bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
491 |
* turn out to be 000001 001100. While the 8 bits on the right are from |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
492 |
* the input, the left 4 zeroes are padded to fill the 6 bits space. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
493 |
* |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
494 |
* @param in the input byte array |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
495 |
* @param ioffset start point inside <code>in</code> |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
496 |
* @param ilength number of bytes to repack |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
497 |
* @param iw NUB for input |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
498 |
* @param ow NUB for output |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
499 |
* @return the repacked bytes |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
500 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
501 |
private static byte[] pack(byte[] in, int ioffset, int ilength, int iw, int ow) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
502 |
assert (iw > 0 && iw <= 8): "input NUB must be between 1 and 8"; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
503 |
assert (ow > 0 && ow <= 8): "output NUB must be between 1 and 8"; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
504 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
505 |
if (iw == ow) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
506 |
return in.clone(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
507 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
508 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
509 |
int bits = ilength * iw; // number of all used bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
510 |
byte[] out = new byte[(bits+ow-1)/ow]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
511 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
512 |
// starting from the 0th bit in the input |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
513 |
int ipos = 0; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
514 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
515 |
// the number of padding 0's needed in the output, skip them |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
516 |
int opos = (bits+ow-1)/ow*ow-bits; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
517 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
518 |
while(ipos < bits) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
519 |
int count = iw - ipos%iw; // unpacked bits in current input byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
520 |
if (count > ow - opos%ow) { // free space available in output byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
521 |
count = ow - opos%ow; // choose the smaller number |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
522 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
523 |
// and move them! |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
524 |
out[opos/ow] |= // paste! |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
525 |
(((in[ioffset+ipos/iw]+256) // locate the byte (+256 so that it's never negative) |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
526 |
>> (iw-ipos%iw-count)) // move to the end of a byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
527 |
& ((1 << (count))-1)) // zero out all other bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
528 |
<< (ow-opos%ow-count); // move to the output position |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
529 |
ipos += count; // advance |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
530 |
opos += count; // advance |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
531 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
532 |
return out; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
533 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
534 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
535 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
536 |
* Repack from NUB 8 to a NUB 7 OID sub-identifier, remove all |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
537 |
* unnecessary 0 headings, set the first bit of all non-tail |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
538 |
* output bytes to 1 (as ITU-T Rec. X.690 8.19.2 says), and |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
539 |
* paste it into an existing byte array. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
540 |
* @param out the existing array to be pasted into |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
541 |
* @param ooffset the starting position to paste |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
542 |
* @return the number of bytes pasted |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
543 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
544 |
private static int pack7Oid(byte[] in, int ioffset, int ilength, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
545 |
byte[] pack = pack(in, ioffset, ilength, 8, 7); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
546 |
int firstNonZero = pack.length-1; // paste at least one byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
547 |
for (int i=pack.length-2; i>=0; i--) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
548 |
if (pack[i] != 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
549 |
firstNonZero = i; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
550 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
551 |
pack[i] |= 0x80; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
552 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
553 |
System.arraycopy(pack, firstNonZero, out, ooffset, pack.length-firstNonZero); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
554 |
return pack.length-firstNonZero; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
555 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
556 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
557 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
558 |
* Repack from NUB 7 to NUB 8, remove all unnecessary 0 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
559 |
* headings, and paste it into an existing byte array. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
560 |
* @param out the existing array to be pasted into |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
561 |
* @param ooffset the starting position to paste |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
562 |
* @return the number of bytes pasted |
2 | 563 |
*/ |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
564 |
private static int pack8(byte[] in, int ioffset, int ilength, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
565 |
byte[] pack = pack(in, ioffset, ilength, 7, 8); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
566 |
int firstNonZero = pack.length-1; // paste at least one byte |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
567 |
for (int i=pack.length-2; i>=0; i--) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
568 |
if (pack[i] != 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
569 |
firstNonZero = i; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
570 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
571 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
572 |
System.arraycopy(pack, firstNonZero, out, ooffset, pack.length-firstNonZero); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
573 |
return pack.length-firstNonZero; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
574 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
575 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
576 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
577 |
* Pack the int into a OID sub-identifier DER encoding |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
578 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
579 |
private static int pack7Oid(int input, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
580 |
byte[] b = new byte[4]; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
581 |
b[0] = (byte)(input >> 24); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
582 |
b[1] = (byte)(input >> 16); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
583 |
b[2] = (byte)(input >> 8); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
584 |
b[3] = (byte)(input); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
585 |
return pack7Oid(b, 0, 4, out, ooffset); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
586 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
587 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
588 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
589 |
* Pack the BigInteger into a OID subidentifier DER encoding |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
590 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
591 |
private static int pack7Oid(BigInteger input, byte[] out, int ooffset) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
592 |
byte[] b = input.toByteArray(); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
593 |
return pack7Oid(b, 0, b.length, out, ooffset); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
594 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
595 |
|
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
596 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
597 |
* Private methods to check validity of OID. They must be -- |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
598 |
* 1. at least 2 components |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
599 |
* 2. all components must be non-negative |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
600 |
* 3. the first must be 0, 1 or 2 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
601 |
* 4. if the first is 0 or 1, the second must be <40 |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
602 |
*/ |
2 | 603 |
|
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
604 |
/** |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
605 |
* Check the DER encoding. Since DER encoding defines that the integer bits |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
606 |
* are unsigned, so there's no need to check the MSB. |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
607 |
*/ |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
608 |
private static void check(byte[] encoding) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
609 |
int length = encoding.length; |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
610 |
if (length < 1 || // too short |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
611 |
(encoding[length - 1] & 0x80) != 0) { // not ended |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
612 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
613 |
"Invalid DER encoding, not ended"); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
614 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
615 |
for (int i=0; i<length; i++) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
616 |
// 0x80 at the beginning of a subidentifier |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
617 |
if (encoding[i] == (byte)0x80 && |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
618 |
(i==0 || (encoding[i-1] & 0x80) == 0)) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
619 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
620 |
"Invalid DER encoding, useless extra octet detected"); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
621 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
622 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
623 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
624 |
private static void checkCount(int count) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
625 |
if (count < 2) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
626 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
627 |
"Must be at least two oid components "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
628 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
629 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
630 |
private static void checkFirstComponent(int first) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
631 |
if (first < 0 || first > 2) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
632 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
633 |
"First oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
634 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
635 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
636 |
private static void checkFirstComponent(BigInteger first) throws IOException { |
37361
a790f7bc3878
8072452: Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
xuelei
parents:
32649
diff
changeset
|
637 |
if (first.signum() == -1 || first.compareTo(BigInteger.TWO) > 0) { |
2584
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
638 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
639 |
"First oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
640 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
641 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
642 |
private static void checkSecondComponent(int first, int second) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
643 |
if (second < 0 || first != 2 && second > 39) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
644 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
645 |
"Second oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
646 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
647 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
648 |
private static void checkSecondComponent(int first, BigInteger second) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
649 |
if (second.signum() == -1 || |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
650 |
first != 2 && |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
651 |
second.compareTo(BigInteger.valueOf(39)) == 1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
652 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
653 |
"Second oid component is invalid "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
654 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
655 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
656 |
private static void checkOtherComponent(int i, int num) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
657 |
if (num < 0) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
658 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
659 |
"oid component #" + (i+1) + " must be non-negative "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
660 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
661 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
662 |
private static void checkOtherComponent(int i, BigInteger num) throws IOException { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
663 |
if (num.signum() == -1) { |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
664 |
throw new IOException("ObjectIdentifier() -- " + |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
665 |
"oid component #" + (i+1) + " must be non-negative "); |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
666 |
} |
a89e7cabf6fd
4811968: ASN.1 (X509Certificate) implementations don't handle large OID components
weijun
parents:
2
diff
changeset
|
667 |
} |
2 | 668 |
} |