| author | alanb |
| Mon, 11 Apr 2011 12:52:39 +0100 | |
| changeset 9252 | 9484925c9c2b |
| parent 9251 | 4352359acb79 (current diff) |
| parent 9250 | 284446951deb (diff) |
| child 9253 | 12f80cd90505 |
--- a/jdk/src/share/classes/java/lang/Character.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/java/lang/Character.java Mon Apr 11 12:52:39 2011 +0100 @@ -4184,9 +4184,11 @@ aliases.put("AVST", AVESTAN); aliases.put("BALI", BALINESE); aliases.put("BAMU", BAMUM); + aliases.put("BATK", BATAK); aliases.put("BENG", BENGALI); aliases.put("BOPO", BOPOMOFO); aliases.put("BRAI", BRAILLE); + aliases.put("BRAH", BRAHMI); aliases.put("BUGI", BUGINESE); aliases.put("BUHD", BUHID); aliases.put("CANS", CANADIAN_ABORIGINAL); @@ -4230,6 +4232,7 @@ aliases.put("LISU", LISU); aliases.put("LYCI", LYCIAN); aliases.put("LYDI", LYDIAN); + aliases.put("MAND", MANDAIC); aliases.put("MLYM", MALAYALAM); aliases.put("MONG", MONGOLIAN); aliases.put("MTEI", MEETEI_MAYEK);
--- a/jdk/src/share/classes/java/util/concurrent/ForkJoinPool.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/java/util/concurrent/ForkJoinPool.java Mon Apr 11 12:52:39 2011 +0100 @@ -791,18 +791,19 @@ /** * Tries to enqueue worker w in wait queue and await change in - * worker's eventCount. If the pool is quiescent, possibly - * terminates worker upon exit. Otherwise, before blocking, - * rescans queues to avoid missed signals. Upon finding work, - * releases at least one worker (which may be the current - * worker). Rescans restart upon detected staleness or failure to - * release due to contention. Note the unusual conventions about - * Thread.interrupt here and elsewhere: Because interrupts are - * used solely to alert threads to check termination, which is - * checked here anyway, we clear status (using Thread.interrupted) - * before any call to park, so that park does not immediately - * return due to status being set via some other unrelated call to - * interrupt in user code. + * worker's eventCount. If the pool is quiescent and there is + * more than one worker, possibly terminates worker upon exit. + * Otherwise, before blocking, rescans queues to avoid missed + * signals. Upon finding work, releases at least one worker + * (which may be the current worker). Rescans restart upon + * detected staleness or failure to release due to + * contention. Note the unusual conventions about Thread.interrupt + * here and elsewhere: Because interrupts are used solely to alert + * threads to check termination, which is checked here anyway, we + * clear status (using Thread.interrupted) before any call to + * park, so that park does not immediately return due to status + * being set via some other unrelated call to interrupt in user + * code. * * @param w the calling worker * @param c the ctl value on entry @@ -823,7 +824,7 @@ else if (w.eventCount != v) return true; // update next time } - if (parallelism + (int)(nc >> AC_SHIFT) == 0 && + if ((int)c != 0 && parallelism + (int)(nc >> AC_SHIFT) == 0 && blockedCount == 0 && quiescerCount == 0) idleAwaitWork(w, nc, c, v); // quiescent for (boolean rescanned = false;;) { @@ -893,7 +894,8 @@ w.parked = false; if (w.eventCount != v) break; - else if (System.nanoTime() - startTime < SHRINK_RATE) + else if (System.nanoTime() - startTime < + SHRINK_RATE - (SHRINK_RATE / 10)) // timing slop Thread.interrupted(); // spurious wakeup else if (UNSAFE.compareAndSwapLong(this, ctlOffset, currentCtl, prevCtl)) { @@ -1175,7 +1177,7 @@ ws[k] = w; nextWorkerIndex = k + 1; int m = g & SMASK; - g = k >= m? ((m << 1) + 1) & SMASK : g + (SG_UNIT<<1); + g = k > m? ((m << 1) + 1) & SMASK : g + (SG_UNIT<<1); } } finally { scanGuard = g;
--- a/jdk/src/share/classes/java/util/jar/JarFile.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/java/util/jar/JarFile.java Mon Apr 11 12:52:39 2011 +0100 @@ -37,6 +37,7 @@ import sun.security.action.GetPropertyAction; import sun.security.util.ManifestEntryVerifier; import sun.misc.SharedSecrets; +import sun.security.util.SignatureFileVerifier; /** * The <code>JarFile</code> class is used to read the contents of a jar file @@ -178,7 +179,7 @@ byte[] b = getBytes(manEntry); man = new Manifest(new ByteArrayInputStream(b)); if (!jvInitialized) { - jv = new JarVerifier(b); + jv = new JarVerifier(b, man); } } else { man = new Manifest(super.getInputStream(manEntry)); @@ -297,10 +298,7 @@ if (names != null) { for (int i = 0; i < names.length; i++) { String name = names[i].toUpperCase(Locale.ENGLISH); - if (name.endsWith(".DSA") || - name.endsWith(".RSA") || - name.endsWith(".EC") || - name.endsWith(".SF")) { + if (SignatureFileVerifier.isBlockOrSF(name)) { // Assume since we found a signature-related file // that the jar is signed and that we therefore // need a JarVerifier and Manifest @@ -329,17 +327,17 @@ if (names != null) { for (int i = 0; i < names.length; i++) { JarEntry e = getJarEntry(names[i]); - if (!e.isDirectory()) { + if (!e.isDirectory() && + SignatureFileVerifier.isBlock(names[i])) { if (mev == null) { mev = new ManifestEntryVerifier (getManifestFromReference()); } - byte[] b = getBytes(e); - if (b != null && b.length > 0) { - jv.beginEntry(e, mev); - jv.update(b.length, b, 0, b.length, mev); - jv.update(-1, null, 0, 0, mev); - } + String key = names[i].substring( + 0, names[i].lastIndexOf(".")); + jv.verifyBlock(names[i], + getBytes(e), + super.getInputStream(getJarEntry(key + ".SF"))); } } }
--- a/jdk/src/share/classes/java/util/jar/JarInputStream.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/java/util/jar/JarInputStream.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,7 +95,7 @@ man.read(new ByteArrayInputStream(bytes)); closeEntry(); if (doVerify) { - jv = new JarVerifier(bytes); + jv = new JarVerifier(bytes, man); mev = new ManifestEntryVerifier(man); } return (JarEntry)super.getNextEntry();
--- a/jdk/src/share/classes/java/util/jar/JarVerifier.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/java/util/jar/JarVerifier.java Mon Apr 11 12:52:39 2011 +0100 @@ -48,35 +48,18 @@ /* a table mapping names to code signers, for jar entries that have had their actual hashes verified */ - private Hashtable verifiedSigners; + private Map verifiedSigners; /* a table mapping names to code signers, for jar entries that have passed the .SF/.DSA/.EC -> MANIFEST check */ - private Hashtable sigFileSigners; - - /* a hash table to hold .SF bytes */ - private Hashtable sigFileData; - - /** "queue" of pending PKCS7 blocks that we couldn't parse - * until we parsed the .SF file */ - private ArrayList pendingBlocks; + private Map sigFileSigners; /* cache of CodeSigner objects */ private ArrayList signerCache; - /* Are we parsing a block? */ - private boolean parsingBlockOrSF = false; - - /* Are we done parsing META-INF entries? */ - private boolean parsingMeta = true; - /* Are there are files to verify? */ private boolean anyToVerify = true; - /* The output stream to use when keeping track of files we are interested - in */ - private ByteArrayOutputStream baos; - /** The ManifestDigester object */ private volatile ManifestDigester manDig; @@ -92,20 +75,20 @@ /** collect -DIGEST-MANIFEST values for blacklist */ private List manifestDigests; - public JarVerifier(byte rawBytes[]) { + /** The manifest object */ + Manifest man = null; + + public JarVerifier(byte rawBytes[], Manifest man) { + this.man = man; manifestRawBytes = rawBytes; - sigFileSigners = new Hashtable(); - verifiedSigners = new Hashtable(); - sigFileData = new Hashtable(11); - pendingBlocks = new ArrayList(); - baos = new ByteArrayOutputStream(); + sigFileSigners = new HashMap(); + verifiedSigners = new HashMap(); manifestDigests = new ArrayList(); } /** - * This method scans to see which entry we're parsing and - * keeps various state information depending on what type of - * file is being parsed. + * This method scans to see which entry we're parsing and keeps + * various state information depending on the file being parsed. */ public void beginEntry(JarEntry je, ManifestEntryVerifier mev) throws IOException @@ -129,30 +112,6 @@ * b. digest mismatch between the actual jar entry and the manifest */ - if (parsingMeta) { - String uname = name.toUpperCase(Locale.ENGLISH); - if ((uname.startsWith("META-INF/") || - uname.startsWith("/META-INF/"))) { - - if (je.isDirectory()) { - mev.setEntry(null, je); - return; - } - - if (SignatureFileVerifier.isBlockOrSF(uname)) { - /* We parse only DSA, RSA or EC PKCS7 blocks. */ - parsingBlockOrSF = true; - baos.reset(); - mev.setEntry(null, je); - } - return; - } - } - - if (parsingMeta) { - doneWithMeta(); - } - if (je.isDirectory()) { mev.setEntry(null, je); return; @@ -188,11 +147,7 @@ throws IOException { if (b != -1) { - if (parsingBlockOrSF) { - baos.write(b); - } else { - mev.update((byte)b); - } + mev.update((byte)b); } else { processEntry(mev); } @@ -207,11 +162,7 @@ throws IOException { if (n != -1) { - if (parsingBlockOrSF) { - baos.write(b, off, n); - } else { - mev.update(b, off, n); - } + mev.update(b, off, n); } else { processEntry(mev); } @@ -223,101 +174,10 @@ private void processEntry(ManifestEntryVerifier mev) throws IOException { - if (!parsingBlockOrSF) { - JarEntry je = mev.getEntry(); - if ((je != null) && (je.signers == null)) { - je.signers = mev.verify(verifiedSigners, sigFileSigners); - je.certs = mapSignersToCertArray(je.signers); - } - } else { - - try { - parsingBlockOrSF = false; - - if (debug != null) { - debug.println("processEntry: processing block"); - } - - String uname = mev.getEntry().getName() - .toUpperCase(Locale.ENGLISH); - - if (uname.endsWith(".SF")) { - String key = uname.substring(0, uname.length()-3); - byte bytes[] = baos.toByteArray(); - // add to sigFileData in case future blocks need it - sigFileData.put(key, bytes); - // check pending blocks, we can now process - // anyone waiting for this .SF file - Iterator it = pendingBlocks.iterator(); - while (it.hasNext()) { - SignatureFileVerifier sfv = - (SignatureFileVerifier) it.next(); - if (sfv.needSignatureFile(key)) { - if (debug != null) { - debug.println( - "processEntry: processing pending block"); - } - - sfv.setSignatureFile(bytes); - sfv.process(sigFileSigners, manifestDigests); - } - } - return; - } - - // now we are parsing a signature block file - - String key = uname.substring(0, uname.lastIndexOf(".")); - - if (signerCache == null) - signerCache = new ArrayList(); - - if (manDig == null) { - synchronized(manifestRawBytes) { - if (manDig == null) { - manDig = new ManifestDigester(manifestRawBytes); - manifestRawBytes = null; - } - } - } - - SignatureFileVerifier sfv = - new SignatureFileVerifier(signerCache, - manDig, uname, baos.toByteArray()); - - if (sfv.needSignatureFileBytes()) { - // see if we have already parsed an external .SF file - byte[] bytes = (byte[]) sigFileData.get(key); - - if (bytes == null) { - // put this block on queue for later processing - // since we don't have the .SF bytes yet - // (uname, block); - if (debug != null) { - debug.println("adding pending block"); - } - pendingBlocks.add(sfv); - return; - } else { - sfv.setSignatureFile(bytes); - } - } - sfv.process(sigFileSigners, manifestDigests); - - } catch (IOException ioe) { - // e.g. sun.security.pkcs.ParsingException - if (debug != null) debug.println("processEntry caught: "+ioe); - // ignore and treat as unsigned - } catch (SignatureException se) { - if (debug != null) debug.println("processEntry caught: "+se); - // ignore and treat as unsigned - } catch (NoSuchAlgorithmException nsae) { - if (debug != null) debug.println("processEntry caught: "+nsae); - // ignore and treat as unsigned - } catch (CertificateException ce) { - if (debug != null) debug.println("processEntry caught: "+ce); - // ignore and treat as unsigned - } + JarEntry je = mev.getEntry(); + if ((je != null) && (je.signers == null)) { + je.signers = mev.verify(verifiedSigners, sigFileSigners); + je.certs = mapSignersToCertArray(je.signers); } } @@ -354,15 +214,15 @@ * Force a read of the entry data to generate the * verification hash. */ - try { - InputStream s = jar.getInputStream(entry); + try (InputStream s = jar.getInputStream(entry)) { byte[] buffer = new byte[1024]; int n = buffer.length; while (n != -1) { n = s.read(buffer, 0, buffer.length); } - s.close(); } catch (IOException e) { + // Ignore. When an exception is thrown, code signer + // will not be assigned. } } return getCodeSigners(name); @@ -408,11 +268,7 @@ */ void doneWithMeta() { - parsingMeta = false; anyToVerify = !sigFileSigners.isEmpty(); - baos = null; - sigFileData = null; - pendingBlocks = null; signerCache = null; manDig = null; // MANIFEST.MF is always treated as signed and verified, @@ -423,6 +279,41 @@ } } + /** + * Verifies a PKCS7 SignedData block + * @param key name of block + * @param block the pkcs7 file + * @param ins the clear data + */ + void verifyBlock(String key, byte[] block, InputStream ins) { + try { + if (signerCache == null) + signerCache = new ArrayList(); + + if (manDig == null) { + synchronized(manifestRawBytes) { + if (manDig == null) { + manDig = new ManifestDigester(manifestRawBytes); + manifestRawBytes = null; + } + } + } + SignatureFileVerifier sfv = + new SignatureFileVerifier(signerCache, man, + manDig, key, block); + + if (sfv.needSignatureFile()) { + // see if we have already parsed an external .SF file + sfv.setSignatureFile(ins); + } + sfv.process(sigFileSigners, manifestDigests); + } catch (Exception e) { + if (debug != null) { + e.printStackTrace(); + } + } + } + static class VerifierStream extends java.io.InputStream { private InputStream is; @@ -553,10 +444,7 @@ * but this handles a CodeSource of any type, just in case. */ CodeSource[] sources = mapSignersToCodeSources(cs.getLocation(), getJarCodeSigners(), true); - List sourceList = new ArrayList(); - for (int i = 0; i < sources.length; i++) { - sourceList.add(sources[i]); - } + List sourceList = Arrays.asList(sources); int j = sourceList.indexOf(cs); if (j != -1) { CodeSigner[] match;
--- a/jdk/src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -127,8 +127,8 @@ //System.out.println("Sub-Session Key Missing in Authenticator.\n"); } - OverloadedChecksum gssChecksum = - new OverloadedChecksum(context, apReq.getChecksum(), sessionKey); + OverloadedChecksum gssChecksum = new OverloadedChecksum( + context, apReq.getChecksum(), sessionKey, subKey); gssChecksum.setContextFlags(context); Credentials delegCred = gssChecksum.getDelegatedCreds(); if (delegCred != null) {
--- a/jdk/src/share/classes/sun/security/jgss/krb5/InitialToken.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/InitialToken.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -210,8 +210,8 @@ // be passed in if this checksum type denotes a // raw_checksum. In that case, make Checksum class krb5 // internal. - public OverloadedChecksum(Krb5Context context, - Checksum checksum, EncryptionKey key) + public OverloadedChecksum(Krb5Context context, Checksum checksum, + EncryptionKey key, EncryptionKey subKey) throws GSSException, KrbException, IOException { int pos = 0; @@ -283,9 +283,17 @@ new KrbCred(credBytes, EncryptionKey.NULL_KEY). getDelegatedCreds()[0]; } else { - delegCreds = - new KrbCred(credBytes, key). - getDelegatedCreds()[0]; + KrbCred cred; + try { + cred = new KrbCred(credBytes, key); + } catch (KrbException e) { + if (subKey != null) { + cred = new KrbCred(credBytes, subKey); + } else { + throw e; + } + } + delegCreds = cred.getDelegatedCreds()[0]; } } }
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS7.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS7.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,6 +38,7 @@ import sun.security.util.*; import sun.security.x509.AlgorithmId; import sun.security.x509.CertificateIssuerName; +import sun.security.x509.KeyUsageExtension; import sun.security.x509.X509CertImpl; import sun.security.x509.X509CertInfo; import sun.security.x509.X509CRLImpl; @@ -492,7 +493,7 @@ // CRLs (optional) if (crls != null && crls.length != 0) { // cast to X509CRLImpl[] since X509CRLImpl implements DerEncoder - Set<X509CRLImpl> implCRLs = new HashSet<X509CRLImpl>(crls.length); + Set<X509CRLImpl> implCRLs = new HashSet<>(crls.length); for (X509CRL crl: crls) { if (crl instanceof X509CRLImpl) implCRLs.add((X509CRLImpl) crl); @@ -530,6 +531,168 @@ } /** + * Verifying signed data using an external chunked data source. + */ + public static class PKCS7Verifier { + + private final SignerInfo si; // Signer to verify + private final MessageDigest md; // MessageDigest object for chunks + private final Signature sig; // Signature object for chunks + + private PKCS7Verifier(SignerInfo si, MessageDigest md, Signature sig) { + this.si = si; + this.md = md; + this.sig = sig; + } + + public static PKCS7Verifier from(PKCS7 block, SignerInfo si) throws + SignatureException, NoSuchAlgorithmException { + + try { + MessageDigest md = null; + Signature sig; + + ContentInfo content = block.getContentInfo(); + String digestAlgname = si.getDigestAlgorithmId().getName(); + + // if there are authenticate attributes, feed data chunks to + // the message digest. In this case, pv.md is not null + if (si.authenticatedAttributes != null) { + // first, check content type + ObjectIdentifier contentType = (ObjectIdentifier) + si.authenticatedAttributes.getAttributeValue( + PKCS9Attribute.CONTENT_TYPE_OID); + if (contentType == null || + !contentType.equals(content.contentType)) + return null; // contentType does not match, bad SignerInfo + + // now, check message digest + byte[] messageDigest = (byte[]) + si.authenticatedAttributes.getAttributeValue( + PKCS9Attribute.MESSAGE_DIGEST_OID); + + if (messageDigest == null) // fail if there is no message digest + return null; + + md = MessageDigest.getInstance(digestAlgname); + } + + // put together digest algorithm and encryption algorithm + // to form signing algorithm + String encryptionAlgname = + si.getDigestEncryptionAlgorithmId().getName(); + + // Workaround: sometimes the encryptionAlgname is actually + // a signature name + String tmp = AlgorithmId.getEncAlgFromSigAlg(encryptionAlgname); + if (tmp != null) encryptionAlgname = tmp; + String algname = AlgorithmId.makeSigAlg( + digestAlgname, encryptionAlgname); + + sig = Signature.getInstance(algname); + X509Certificate cert = si.getCertificate(block); + + if (cert == null) { + return null; + } + if (cert.hasUnsupportedCriticalExtension()) { + throw new SignatureException("Certificate has unsupported " + + "critical extension(s)"); + } + + // Make sure that if the usage of the key in the certificate is + // restricted, it can be used for digital signatures. + // XXX We may want to check for additional extensions in the + // future. + boolean[] keyUsageBits = cert.getKeyUsage(); + if (keyUsageBits != null) { + KeyUsageExtension keyUsage; + try { + // We don't care whether or not this extension was marked + // critical in the certificate. + // We're interested only in its value (i.e., the bits set) + // and treat the extension as critical. + keyUsage = new KeyUsageExtension(keyUsageBits); + } catch (IOException ioe) { + throw new SignatureException("Failed to parse keyUsage " + + "extension"); + } + + boolean digSigAllowed = ((Boolean)keyUsage.get( + KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue(); + + boolean nonRepuAllowed = ((Boolean)keyUsage.get( + KeyUsageExtension.NON_REPUDIATION)).booleanValue(); + + if (!digSigAllowed && !nonRepuAllowed) { + throw new SignatureException("Key usage restricted: " + + "cannot be used for " + + "digital signatures"); + } + } + + PublicKey key = cert.getPublicKey(); + sig.initVerify(key); + return new PKCS7Verifier(si, md, sig); + } catch (IOException e) { + throw new SignatureException("IO error verifying signature:\n" + + e.getMessage()); + + } catch (InvalidKeyException e) { + throw new SignatureException("InvalidKey: " + e.getMessage()); + + } + } + + public void update(byte[] data, int off, int end) + throws SignatureException { + if (md != null) { + md.update(data, off, end-off); + } else { + sig.update(data, off, end-off); + } + } + + public SignerInfo verify() throws SignatureException { + try { + // if there are authenticate attributes, get the message + // digest and compare it with the digest of data + if (md != null) { + // now, check message digest + byte[] messageDigest = (byte[]) + si.authenticatedAttributes.getAttributeValue( + PKCS9Attribute.MESSAGE_DIGEST_OID); + + byte[] computedMessageDigest = md.digest(); + + if (!MessageDigest.isEqual( + messageDigest, computedMessageDigest)) { + return null; + } + + // message digest attribute matched + // digest of original data + + // the data actually signed is the DER encoding of + // the authenticated attributes (tagged with + // the "SET OF" tag, not 0xA0). + byte[] dataSigned = si.authenticatedAttributes.getDerEncoding(); + sig.update(dataSigned); + } + + if (sig.verify(si.getEncryptedDigest())) { + return si; + } + + } catch (IOException e) { + throw new SignatureException("IO error verifying signature:\n" + + e.getMessage()); + } + return null; + } + } + + /** * This verifies a given SignerInfo. * * @param info the signer information. @@ -554,19 +717,16 @@ public SignerInfo[] verify(byte[] bytes) throws NoSuchAlgorithmException, SignatureException { - Vector<SignerInfo> intResult = new Vector<SignerInfo>(); + List<SignerInfo> intResult = new ArrayList<>(); for (int i = 0; i < signerInfos.length; i++) { SignerInfo signerInfo = verify(signerInfos[i], bytes); if (signerInfo != null) { - intResult.addElement(signerInfo); + intResult.add(signerInfo); } } - if (intResult.size() != 0) { - - SignerInfo[] result = new SignerInfo[intResult.size()]; - intResult.copyInto(result); - return result; + if (!intResult.isEmpty()) { + return intResult.toArray(new SignerInfo[intResult.size()]); } return null; }
--- a/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -230,7 +230,7 @@ if (userCert == null) return null; - ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); + ArrayList<X509Certificate> certList = new ArrayList<>(); certList.add(userCert); X509Certificate[] pkcsCerts = block.getCertificates(); @@ -276,132 +276,20 @@ /* Returns null if verify fails, this signerInfo if verify succeeds. */ SignerInfo verify(PKCS7 block, byte[] data) - throws NoSuchAlgorithmException, SignatureException { - - try { - - ContentInfo content = block.getContentInfo(); - if (data == null) { - data = content.getContentBytes(); - } - - String digestAlgname = getDigestAlgorithmId().getName(); - - byte[] dataSigned; - - // if there are authenticate attributes, get the message - // digest and compare it with the digest of data - if (authenticatedAttributes == null) { - dataSigned = data; - } else { - - // first, check content type - ObjectIdentifier contentType = (ObjectIdentifier) - authenticatedAttributes.getAttributeValue( - PKCS9Attribute.CONTENT_TYPE_OID); - if (contentType == null || - !contentType.equals(content.contentType)) - return null; // contentType does not match, bad SignerInfo - - // now, check message digest - byte[] messageDigest = (byte[]) - authenticatedAttributes.getAttributeValue( - PKCS9Attribute.MESSAGE_DIGEST_OID); - - if (messageDigest == null) // fail if there is no message digest - return null; - - MessageDigest md = MessageDigest.getInstance(digestAlgname); - byte[] computedMessageDigest = md.digest(data); - - if (messageDigest.length != computedMessageDigest.length) - return null; - for (int i = 0; i < messageDigest.length; i++) { - if (messageDigest[i] != computedMessageDigest[i]) - return null; - } - - // message digest attribute matched - // digest of original data - - // the data actually signed is the DER encoding of - // the authenticated attributes (tagged with - // the "SET OF" tag, not 0xA0). - dataSigned = authenticatedAttributes.getDerEncoding(); - } - - // put together digest algorithm and encryption algorithm - // to form signing algorithm - String encryptionAlgname = - getDigestEncryptionAlgorithmId().getName(); + throws NoSuchAlgorithmException, SignatureException { - // Workaround: sometimes the encryptionAlgname is actually - // a signature name - String tmp = AlgorithmId.getEncAlgFromSigAlg(encryptionAlgname); - if (tmp != null) encryptionAlgname = tmp; - String algname = AlgorithmId.makeSigAlg( - digestAlgname, encryptionAlgname); - - Signature sig = Signature.getInstance(algname); - X509Certificate cert = getCertificate(block); - - if (cert == null) { - return null; - } - if (cert.hasUnsupportedCriticalExtension()) { - throw new SignatureException("Certificate has unsupported " - + "critical extension(s)"); + PKCS7.PKCS7Verifier p7v = PKCS7.PKCS7Verifier.from(block, this); + if (p7v == null) return null; + if (data == null) { + try { + data = block.getContentInfo().getContentBytes(); + } catch (IOException e) { + throw new SignatureException("IO error verifying signature:\n" + + e.getMessage()); } - - // Make sure that if the usage of the key in the certificate is - // restricted, it can be used for digital signatures. - // XXX We may want to check for additional extensions in the - // future. - boolean[] keyUsageBits = cert.getKeyUsage(); - if (keyUsageBits != null) { - KeyUsageExtension keyUsage; - try { - // We don't care whether or not this extension was marked - // critical in the certificate. - // We're interested only in its value (i.e., the bits set) - // and treat the extension as critical. - keyUsage = new KeyUsageExtension(keyUsageBits); - } catch (IOException ioe) { - throw new SignatureException("Failed to parse keyUsage " - + "extension"); - } - - boolean digSigAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue(); - - boolean nonRepuAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.NON_REPUDIATION)).booleanValue(); - - if (!digSigAllowed && !nonRepuAllowed) { - throw new SignatureException("Key usage restricted: " - + "cannot be used for " - + "digital signatures"); - } - } - - PublicKey key = cert.getPublicKey(); - sig.initVerify(key); - - sig.update(dataSigned); - - if (sig.verify(encryptedDigest)) { - return this; - } - - } catch (IOException e) { - throw new SignatureException("IO error verifying signature:\n" + - e.getMessage()); - - } catch (InvalidKeyException e) { - throw new SignatureException("InvalidKey: " + e.getMessage()); - } - return null; + p7v.update(data, 0, data.length); + return p7v.verify(); } /* Verify the content of the pkcs7 block. */
--- a/jdk/src/share/classes/sun/security/util/ManifestEntryVerifier.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/util/ManifestEntryVerifier.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -191,8 +191,8 @@ * * */ - public CodeSigner[] verify(Hashtable<String, CodeSigner[]> verifiedSigners, - Hashtable<String, CodeSigner[]> sigFileSigners) + public CodeSigner[] verify(Map<String, CodeSigner[]> verifiedSigners, + Map<String, CodeSigner[]> sigFileSigners) throws JarException { if (skip) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/sun/security/util/SignatureFileManifest.java Mon Apr 11 12:52:39 2011 +0100 @@ -0,0 +1,251 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.util; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Arrays; +import java.util.jar.Attributes; +import java.util.jar.Manifest; + +/** + * This class provides streaming mode reading of manifest files. + * Used by {@link SignatureFileVerifier}. + */ +class SignatureFileManifest extends Manifest { + + /* + * Reading a manifest into this object by calling update(byte[]) on chunks. + * During the reading, the bytes are saved in (@code current} until a line + * is complete and the key-value pair is saved in {@code currentAttr}. When + * a section is complete, {@code consumeAttr} is called to merge + * {@code currentAttr} into main attributes or a named entry. + */ + + // Internal state during update() style reading + // 0. not in update mode + // 1, in update mode but main attributes not completed yet + // 2. main attributes completed, still reading the entries + private int state = 0; + + // The partial line read + private byte[] current; + + // Number of bytes in current + private int currentPos = 0; + + // The current Attribute + private Attributes currentAttr; + + /** + * Reads a manifest in chunks. + * <p> + * This method must be called in a row, reading chunks from a single + * manifest file by order. After all chunks are read, caller must call + * {@code update(null)} to fully consume the manifest. + * <p> + * The entry names and attributes read will be merged in with the current + * manifest entries. The {@link #read} method cannot be called inside a + * row of update calls. + * <p> + * Along with the calls, caller can call {@link #getMainAttributes()}, + * {@link #getAttributes(java.lang.String)} or {@link #getEntries()} + * to get already available contents. However, in order not to return + * partial result, when the main attributes in the new manifest is not + * consumed completely, {@link #getMainAttributes()} throws an + * {@code IllegalStateException}. When a certain named entry is not + * consumed completely, {@link #getAttributes(java.lang.String)} + * returns the old {@code Attributes} for the name (if it exists). + * + * @param data null for last call, otherwise, feeding chunks + * @param offset offset into data to begin read + * @param length length of data after offset to read + * @exception IOException if an I/O error has occurred + * @exception IllegalStateException if {@code update(null)} is called + * without any previous {@code update(non-null)} call + */ + public void update(byte[] data, int offset, int length) throws IOException { + + // The last call + if (data == null) { + if (state == 0) { + throw new IllegalStateException("No data to update"); + } + // We accept manifest not ended with \n or \n\n + if (hasLastByte()) { + consumeCurrent(); + } + // We accept empty lines at the end + if (!currentAttr.isEmpty()) { + consumeAttr(); + } + state = 0; // back to non-update state + current = null; + currentAttr = null; + return; + } + + // The first call + if (state == 0) { + current = new byte[1024]; + currentAttr = super.getMainAttributes(); // the main attribute + state = 1; + } + + int end = offset + length; + + while (offset < end) { + switch (data[offset]) { + case '\r': + break; // always skip + case '\n': + if (hasLastByte() && lastByte() == '\n') { // new section + consumeCurrent(); + consumeAttr(); + if (state == 1) { + state = 2; + } + currentAttr = new Attributes(2); + } else { + if (hasLastByte()) { + // save \n into current but do not parse, + // there might be a continuation later + ensureCapacity(); + current[currentPos++] = data[offset]; + } else if (state == 1) { + // there can be multiple empty lines between + // sections, but cannot be at the beginning + throw new IOException("invalid manifest format"); + } + } + break; + case ' ': + if (!hasLastByte()) { + throw new IOException("invalid manifest format"); + } else if (lastByte() == '\n') { + currentPos--; // continuation, remove last \n + } else { // a very normal ' ' + ensureCapacity(); + current[currentPos++] = data[offset]; + } + break; + default: + if (hasLastByte() && lastByte() == '\n') { + // The start of a new pair, not continuation + consumeCurrent(); // the last line read + } + ensureCapacity(); + current[currentPos++] = data[offset]; + break; + } + offset++; + } + } + + /** + * Returns the main Attributes for the Manifest. + * @exception IllegalStateException the main attributes is being read + * @return the main Attributes for the Manifest + */ + public Attributes getMainAttributes() { + if (state == 1) { + throw new IllegalStateException(); + } + return super.getMainAttributes(); + } + + /** + * Reads the Manifest from the specified InputStream. The entry + * names and attributes read will be merged in with the current + * manifest entries. + * + * @param is the input stream + * @exception IOException if an I/O error has occurred + * @exception IllegalStateException if called between two {@link #update} + * calls + */ + public void read(InputStream is) throws IOException { + if (state != 0) { + throw new IllegalStateException("Cannot call read between updates"); + } + super.read(is); + } + + /* + * ---------- Helper methods ----------------- + */ + + private void ensureCapacity() { + if (currentPos >= current.length-1) { + current = Arrays.copyOf(current, current.length*2); + } + } + + private boolean hasLastByte() { + return currentPos > 0; + } + + private byte lastByte() { + return current[currentPos-1]; + } + + // Parse current as key:value and save into currentAttr. + // There MUST be something inside current. + private void consumeCurrent() throws IOException { + // current normally has a \n end, except for the last line + if (current[currentPos-1] == '\n') currentPos--; + for (int i=0; i<currentPos; i++) { + if (current[i] == ':') { + String key = new String(current, 0, 0, i); + i++; + while (i < currentPos && current[i] == ' ') { i++; } + String value = new String(current, i, currentPos-i, "UTF-8"); + currentAttr.putValue(key, value); + currentPos = 0; + return; + } + } + throw new IOException("invalid header field"); + } + + // Merge currentAttr into Manifest + private void consumeAttr() throws IOException { + // Only needed for named entries. For the main attribute, key/value + // is added into attr directly, but since getMainAttributes() throws + // an exception, the partial data is not leaked. + if (state != 1) { + String name = currentAttr.getValue("Name"); + if (name != null) { + currentAttr.remove(new Attributes.Name("Name")); + Attributes old = getAttributes(name); + if (old != null) old.putAll(currentAttr); + else getEntries().put(name, currentAttr); + } else { + throw new IOException("invalid manifest format"); + } + } + } +}
--- a/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Mon Apr 11 12:52:39 2011 +0100 @@ -55,8 +55,8 @@ /** the PKCS7 block for this .DSA/.RSA/.EC file */ private PKCS7 block; - /** the raw bytes of the .SF file */ - private byte sfBytes[]; + // the content of the raw .SF file as an InputStream + private InputStream sfStream; /** the name of the signature block file, uppercased and without * the extension (.DSA/.RSA/.EC) @@ -66,6 +66,9 @@ /** the ManifestDigester */ private ManifestDigester md; + /** The MANIFEST.MF */ + private Manifest man; + /** cache of created MessageDigest objects */ private HashMap<String, MessageDigest> createdDigests; @@ -83,6 +86,7 @@ * @param rawBytes the raw bytes of the signature block file */ public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache, + Manifest man, ManifestDigester md, String name, byte rawBytes[]) @@ -94,13 +98,18 @@ try { obj = Providers.startJarVerification(); block = new PKCS7(rawBytes); - sfBytes = block.getContentInfo().getData(); + byte[] contentData = block.getContentInfo().getData(); + if (contentData != null) { + sfStream = new ByteArrayInputStream(contentData); + } certificateFactory = CertificateFactory.getInstance("X509"); } finally { Providers.stopJarVerification(obj); } this.name = name.substring(0, name.lastIndexOf(".")) .toUpperCase(Locale.ENGLISH); + + this.man = man; this.md = md; this.signerCache = signerCache; } @@ -108,31 +117,13 @@ /** * returns true if we need the .SF file */ - public boolean needSignatureFileBytes() + public boolean needSignatureFile() { - - return sfBytes == null; + return sfStream == null; } - - /** - * returns true if we need this .SF file. - * - * @param name the name of the .SF file without the extension - * - */ - public boolean needSignatureFile(String name) - { - return this.name.equalsIgnoreCase(name); - } - - /** - * used to set the raw bytes of the .SF file when it - * is external to the signature block file. - */ - public void setSignatureFile(byte sfBytes[]) - { - this.sfBytes = sfBytes; + public void setSignatureFile(InputStream ins) { + this.sfStream = ins; } /** @@ -145,12 +136,18 @@ * Signature File or PKCS7 block file name */ public static boolean isBlockOrSF(String s) { - // we currently only support DSA and RSA PKCS7 blocks - if (s.endsWith(".SF") || s.endsWith(".DSA") || - s.endsWith(".RSA") || s.endsWith(".EC")) { - return true; - } - return false; + return s.endsWith(".SF") || isBlock(s); + } + + /** + * Utility method used by JarVerifier to determine PKCS7 block + * files names that are supported + * + * @param s file name + * @return true if the input file name is a PKCS7 block file name + */ + public static boolean isBlock(String s) { + return s.endsWith(".DSA") || s.endsWith(".RSA") || s.endsWith(".EC"); } /** get digest from cache */ @@ -180,7 +177,7 @@ * * */ - public void process(Hashtable<String, CodeSigner[]> signers, + public void process(Map<String, CodeSigner[]> signers, List manifestDigests) throws IOException, SignatureException, NoSuchAlgorithmException, JarException, CertificateException @@ -197,31 +194,86 @@ } - private void processImpl(Hashtable<String, CodeSigner[]> signers, + private void processImpl(Map<String, CodeSigner[]> signers, List manifestDigests) throws IOException, SignatureException, NoSuchAlgorithmException, JarException, CertificateException { - Manifest sf = new Manifest(); - sf.read(new ByteArrayInputStream(sfBytes)); + SignatureFileManifest sf = new SignatureFileManifest(); + InputStream ins = sfStream; - String version = - sf.getMainAttributes().getValue(Attributes.Name.SIGNATURE_VERSION); + byte[] buffer = new byte[4096]; + int sLen = block.getSignerInfos().length; + boolean mainOK = false; // main attributes of SF is available... + boolean manifestSigned = false; // and it matches MANIFEST.MF + BASE64Decoder decoder = new BASE64Decoder(); - if ((version == null) || !(version.equalsIgnoreCase("1.0"))) { - // XXX: should this be an exception? - // for now we just ignore this signature file - return; + PKCS7.PKCS7Verifier[] pvs = new PKCS7.PKCS7Verifier[sLen]; + for (int i=0; i<sLen; i++) { + pvs[i] = PKCS7.PKCS7Verifier.from(block, block.getSignerInfos()[i]); } - SignerInfo[] infos = block.verify(sfBytes); + /* + * Verify SF in streaming mode. The chunks of the file are fed into + * the Manifest object sf and all PKCS7Verifiers. As soon as the main + * attributes is available, we'll check if manifestSigned is true. If + * yes, there is no need to fill in sf's entries field, since it should + * be identical to entries in man. + */ + while (true) { + int len = ins.read(buffer); + if (len < 0) { + if (!manifestSigned) { + sf.update(null, 0, 0); + } + break; + } else { + for (int i=0; i<sLen; i++) { + if (pvs[i] != null) pvs[i].update(buffer, 0, len); + } + // Continue reading if verifyManifestHash fails (or, the + // main attributes is not available yet) + if (!manifestSigned) { + sf.update(buffer, 0, len); + if (!mainOK) { + try { + Attributes attr = sf.getMainAttributes(); + String version = attr.getValue( + Attributes.Name.SIGNATURE_VERSION); - if (infos == null) { + if ((version == null) || + !(version.equalsIgnoreCase("1.0"))) { + // XXX: should this be an exception? + // for now we just ignore this signature file + return; + } + + mainOK = true; + manifestSigned = verifyManifestHash( + sf, md, decoder, manifestDigests); + } catch (IllegalStateException ise) { + // main attributes not available yet + } + } + } + } + } + List<SignerInfo> intResult = new ArrayList<>(sLen); + for (int i = 0; i < sLen; i++) { + if (pvs[i] != null) { + SignerInfo signerInfo = pvs[i].verify(); + if (signerInfo != null) { + intResult.add(signerInfo); + } + } + } + if (intResult.isEmpty()) { throw new SecurityException("cannot verify signature block file " + name); } - BASE64Decoder decoder = new BASE64Decoder(); + SignerInfo[] infos = + intResult.toArray(new SignerInfo[intResult.size()]); CodeSigner[] newSigners = getSigners(infos, block); @@ -229,26 +281,37 @@ if (newSigners == null) return; - Iterator<Map.Entry<String,Attributes>> entries = - sf.getEntries().entrySet().iterator(); - - // see if we can verify the whole manifest first - boolean manifestSigned = verifyManifestHash(sf, md, decoder, manifestDigests); - // verify manifest main attributes if (!manifestSigned && !verifyManifestMainAttrs(sf, md, decoder)) { throw new SecurityException ("Invalid signature file digest for Manifest main attributes"); } - // go through each section in the signature file + Iterator<Map.Entry<String,Attributes>> entries; + + if (manifestSigned) { + if (debug != null) { + debug.println("full manifest signature match, " + + "update signer info from MANIFEST.MF"); + } + entries = man.getEntries().entrySet().iterator(); + } else { + if (debug != null) { + debug.println("full manifest signature unmatch, " + + "update signer info from SF file"); + } + entries = sf.getEntries().entrySet().iterator(); + } + + // go through each section + while(entries.hasNext()) { Map.Entry<String,Attributes> e = entries.next(); String name = e.getKey(); if (manifestSigned || - (verifySection(e.getValue(), name, md, decoder))) { + (verifySection(e.getValue(), name, md, decoder))) { if (name.startsWith("./")) name = name.substring(2); @@ -593,7 +656,6 @@ if (set == subset) return true; - boolean match; for (int i = 0; i < subset.length; i++) { if (!contains(set, subset[i])) return false; @@ -613,8 +675,6 @@ if ((oldSigners == null) && (signers == newSigners)) return true; - boolean match; - // make sure all oldSigners are in signers if ((oldSigners != null) && !isSubSet(oldSigners, signers)) return false; @@ -638,7 +698,7 @@ } void updateSigners(CodeSigner[] newSigners, - Hashtable<String, CodeSigner[]> signers, String name) { + Map<String, CodeSigner[]> signers, String name) { CodeSigner[] oldSigners = signers.get(name);
--- a/jdk/test/java/lang/Character/CheckScript.java Sun Apr 10 19:45:28 2011 +0100 +++ b/jdk/test/java/lang/Character/CheckScript.java Mon Apr 11 12:52:39 2011 +0100 @@ -1,34 +1,58 @@ + +/* + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + /** * @test - * @bug 6945564 6959267 + * @bug 6945564 6959267 7033561 * @summary Check that the j.l.Character.UnicodeScript */ import java.io.*; -import java.lang.reflect.*; import java.util.*; import java.util.regex.*; import java.lang.Character.UnicodeScript; public class CheckScript { - static BufferedReader open(String[] args) throws FileNotFoundException { + public static void main(String[] args) throws Exception { + File fScripts; + File fAliases; if (args.length == 0) { - return new BufferedReader(new FileReader(new File(System.getProperty("test.src", "."), "Scripts.txt"))); - } else if (args.length == 1) { - return new BufferedReader(new FileReader(args[0])); + fScripts = new File(System.getProperty("test.src", "."), "Scripts.txt"); + fAliases = new File(System.getProperty("test.src", "."), "PropertyValueAliases.txt"); + } else if (args.length == 2) { + fScripts = new File(args[0]); + fAliases = new File(args[1]); } else { - System.out.println("java CharacterScript Scripts.txt"); + System.out.println("java CharacterScript Scripts.txt PropertyValueAliases.txt"); throw new RuntimeException("Datafile name should be specified."); } - } - - public static void main(String[] args) throws Exception { Matcher m = Pattern.compile("(\\p{XDigit}+)(?:\\.{2}(\\p{XDigit}+))?\\s+;\\s+(\\w+)\\s+#.*").matcher(""); String line = null; HashMap<String,ArrayList<Integer>> scripts = new HashMap<>(); - try (BufferedReader sbfr = open(args)) { + try (BufferedReader sbfr = new BufferedReader(new FileReader(fScripts))) { while ((line = sbfr.readLine()) != null) { if (line.length() <= 1 || line.charAt(0) == '#') { continue; @@ -107,5 +131,29 @@ } } } + // check all aliases + m = Pattern.compile("sc\\s*;\\s*(\\p{Alpha}{4})\\s*;\\s*([\\p{Alpha}|_]+)\\s*.*").matcher(""); + line = null; + try (BufferedReader sbfr = new BufferedReader(new FileReader(fAliases))) { + while ((line = sbfr.readLine()) != null) { + if (line.length() <= 1 || line.charAt(0) == '#') { + continue; + } + m.reset(line); + if (m.matches()) { + String alias = m.group(1); + String name = m.group(2); + // HRKT -> Katakana_Or_Hiragana not supported + if ("HRKT".equals(alias.toUpperCase(Locale.ENGLISH))) + continue; + if (Character.UnicodeScript.forName(alias) != + Character.UnicodeScript.forName(name)) { + throw new RuntimeException( + "UnicodeScript failed: alias<" + alias + + "> does not map to <" + name + ">"); + } + } + } + } } }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/lang/Character/PropertyValueAliases.txt Mon Apr 11 12:52:39 2011 +0100 @@ -0,0 +1,1178 @@ +# PropertyValueAliases-6.0.0.txt +# Date: 2010-07-17, 22:44:06 GMT [MD] +# +# Unicode Character Database +# Copyright (c) 1991-2010 Unicode, Inc. +# For terms of use, see http://www.unicode.org/terms_of_use.html +# For documentation, see http://www.unicode.org/reports/tr44/ +# +# This file contains aliases for property values used in the UCD. +# These names can be used for XML formats of UCD data, for regular-expression +# property tests, and other programmatic textual descriptions of Unicode data. +# For information on which properties are normative, see UCD.html. +# +# The names may be translated in appropriate environments, and additional +# aliases may be useful. +# +# FORMAT +# +# Each line describes a property value name. +# This consists of three or more fields, separated by semicolons. +# +# First Field: The first field describes the property for which that +# property value name is used. +# +# Second Field: The second field is an abbreviated name. +# If there is no abbreviated name available, the field is marked with "n/a". +# +# Third Field: The third field is a long name. +# +# In the case of ccc, there are 4 fields. The second field is numeric, third +# is abbreviated, and fourth is long. +# +# The above are the preferred aliases. Other aliases may be listed in additional fields. +# +# Loose matching should be applied to all property names and property values, with +# the exception of String Property values. With loose matching of property names and +# values, the case distinctions, whitespace, and '_' are ignored. For Numeric Property +# values, numeric equivalencies are applied: thus "01.00" is equivalent to "1". +# +# NOTE: Property value names are NOT unique across properties. For example: +# +# AL means Arabic Letter for the Bidi_Class property, and +# AL means Above_Left for the Combining_Class property, and +# AL means Alphabetic for the Line_Break property. +# +# In addition, some property names may be the same as some property value names. +# For example: +# +# sc means the Script property, and +# Sc means the General_Category property value Currency_Symbol (Sc) +# +# The combination of property value and property name is, however, unique. +# +# For more information, see UTS #18: Unicode Regular Expressions +# ================================================ + + +# ASCII_Hex_Digit (AHex) + +AHex; N ; No ; F ; False +AHex; Y ; Yes ; T ; True + +# Age (age) + +age; n/a ; 1.1 +age; n/a ; 2.0 +age; n/a ; 2.1 +age; n/a ; 3.0 +age; n/a ; 3.1 +age; n/a ; 3.2 +age; n/a ; 4.0 +age; n/a ; 4.1 +age; n/a ; 5.0 +age; n/a ; 5.1 +age; n/a ; 5.2 +age; n/a ; 6.0 +age; n/a ; unassigned + +# Alphabetic (Alpha) + +Alpha; N ; No ; F ; False +Alpha; Y ; Yes ; T ; True + +# Bidi_Class (bc) + +bc ; AL ; Arabic_Letter +bc ; AN ; Arabic_Number +bc ; B ; Paragraph_Separator +bc ; BN ; Boundary_Neutral +bc ; CS ; Common_Separator +bc ; EN ; European_Number +bc ; ES ; European_Separator +bc ; ET ; European_Terminator +bc ; L ; Left_To_Right +bc ; LRE ; Left_To_Right_Embedding +bc ; LRO ; Left_To_Right_Override +bc ; NSM ; Nonspacing_Mark +bc ; ON ; Other_Neutral +bc ; PDF ; Pop_Directional_Format +bc ; R ; Right_To_Left +bc ; RLE ; Right_To_Left_Embedding +bc ; RLO ; Right_To_Left_Override +bc ; S ; Segment_Separator +bc ; WS ; White_Space + +# Bidi_Control (Bidi_C) + +Bidi_C; N ; No ; F ; False +Bidi_C; Y ; Yes ; T ; True + +# Bidi_Mirrored (Bidi_M) + +Bidi_M; N ; No ; F ; False +Bidi_M; Y ; Yes ; T ; True + +# Bidi_Mirroring_Glyph (bmg) + +# @missing: 0000..10FFFF; Bidi_Mirroring_Glyph; <none> + +# Block (blk) + +blk; n/a ; Aegean_Numbers +blk; n/a ; Alchemical_Symbols +blk; n/a ; Alphabetic_Presentation_Forms +blk; n/a ; Ancient_Greek_Musical_Notation +blk; n/a ; Ancient_Greek_Numbers +blk; n/a ; Ancient_Symbols +blk; n/a ; Arabic +blk; n/a ; Arabic_Presentation_Forms_A ; Arabic_Presentation_Forms-A +blk; n/a ; Arabic_Presentation_Forms_B +blk; n/a ; Arabic_Supplement +blk; n/a ; Armenian +blk; n/a ; Arrows +blk; n/a ; Avestan +blk; n/a ; Balinese +blk; n/a ; Bamum +blk; n/a ; Bamum_Supplement +blk; n/a ; Basic_Latin ; ASCII +blk; n/a ; Batak +blk; n/a ; Bengali +blk; n/a ; Block_Elements +blk; n/a ; Bopomofo +blk; n/a ; Bopomofo_Extended +blk; n/a ; Box_Drawing +blk; n/a ; Brahmi +blk; n/a ; Braille_Patterns +blk; n/a ; Buginese +blk; n/a ; Buhid +blk; n/a ; Byzantine_Musical_Symbols +blk; n/a ; Carian +blk; n/a ; Cham +blk; n/a ; Cherokee +blk; n/a ; CJK_Compatibility +blk; n/a ; CJK_Compatibility_Forms +blk; n/a ; CJK_Compatibility_Ideographs +blk; n/a ; CJK_Compatibility_Ideographs_Supplement +blk; n/a ; CJK_Radicals_Supplement +blk; n/a ; CJK_Strokes +blk; n/a ; CJK_Symbols_And_Punctuation +blk; n/a ; CJK_Unified_Ideographs +blk; n/a ; CJK_Unified_Ideographs_Extension_A +blk; n/a ; CJK_Unified_Ideographs_Extension_B +blk; n/a ; CJK_Unified_Ideographs_Extension_C +blk; n/a ; CJK_Unified_Ideographs_Extension_D +blk; n/a ; Combining_Diacritical_Marks +blk; n/a ; Combining_Diacritical_Marks_For_Symbols; Combining_Marks_For_Symbols +blk; n/a ; Combining_Diacritical_Marks_Supplement +blk; n/a ; Combining_Half_Marks +blk; n/a ; Common_Indic_Number_Forms +blk; n/a ; Control_Pictures +blk; n/a ; Coptic +blk; n/a ; Counting_Rod_Numerals +blk; n/a ; Cuneiform +blk; n/a ; Cuneiform_Numbers_And_Punctuation +blk; n/a ; Currency_Symbols +blk; n/a ; Cypriot_Syllabary +blk; n/a ; Cyrillic +blk; n/a ; Cyrillic_Extended_A +blk; n/a ; Cyrillic_Extended_B +blk; n/a ; Cyrillic_Supplement ; Cyrillic_Supplementary +blk; n/a ; Deseret +blk; n/a ; Devanagari +blk; n/a ; Devanagari_Extended +blk; n/a ; Dingbats +blk; n/a ; Domino_Tiles +blk; n/a ; Egyptian_Hieroglyphs +blk; n/a ; Emoticons +blk; n/a ; Enclosed_Alphanumeric_Supplement +blk; n/a ; Enclosed_Alphanumerics +blk; n/a ; Enclosed_CJK_Letters_And_Months +blk; n/a ; Enclosed_Ideographic_Supplement +blk; n/a ; Ethiopic +blk; n/a ; Ethiopic_Extended +blk; n/a ; Ethiopic_Extended_A +blk; n/a ; Ethiopic_Supplement +blk; n/a ; General_Punctuation +blk; n/a ; Geometric_Shapes +blk; n/a ; Georgian +blk; n/a ; Georgian_Supplement +blk; n/a ; Glagolitic +blk; n/a ; Gothic +blk; n/a ; Greek_And_Coptic ; Greek +blk; n/a ; Greek_Extended +blk; n/a ; Gujarati +blk; n/a ; Gurmukhi +blk; n/a ; Halfwidth_And_Fullwidth_Forms +blk; n/a ; Hangul_Compatibility_Jamo +blk; n/a ; Hangul_Jamo +blk; n/a ; Hangul_Jamo_Extended_A +blk; n/a ; Hangul_Jamo_Extended_B +blk; n/a ; Hangul_Syllables +blk; n/a ; Hanunoo +blk; n/a ; Hebrew +blk; n/a ; High_Private_Use_Surrogates +blk; n/a ; High_Surrogates +blk; n/a ; Hiragana +blk; n/a ; Ideographic_Description_Characters +blk; n/a ; Imperial_Aramaic +blk; n/a ; Inscriptional_Pahlavi +blk; n/a ; Inscriptional_Parthian +blk; n/a ; IPA_Extensions +blk; n/a ; Javanese +blk; n/a ; Kaithi +blk; n/a ; Kana_Supplement +blk; n/a ; Kanbun +blk; n/a ; Kangxi_Radicals +blk; n/a ; Kannada +blk; n/a ; Katakana +blk; n/a ; Katakana_Phonetic_Extensions +blk; n/a ; Kayah_Li +blk; n/a ; Kharoshthi +blk; n/a ; Khmer +blk; n/a ; Khmer_Symbols +blk; n/a ; Lao +blk; n/a ; Latin_1_Supplement ; Latin_1 +blk; n/a ; Latin_Extended_A +blk; n/a ; Latin_Extended_Additional +blk; n/a ; Latin_Extended_B +blk; n/a ; Latin_Extended_C +blk; n/a ; Latin_Extended_D +blk; n/a ; Lepcha +blk; n/a ; Letterlike_Symbols +blk; n/a ; Limbu +blk; n/a ; Linear_B_Ideograms +blk; n/a ; Linear_B_Syllabary +blk; n/a ; Lisu +blk; n/a ; Low_Surrogates +blk; n/a ; Lycian +blk; n/a ; Lydian +blk; n/a ; Mahjong_Tiles +blk; n/a ; Malayalam +blk; n/a ; Mandaic +blk; n/a ; Mathematical_Alphanumeric_Symbols +blk; n/a ; Mathematical_Operators +blk; n/a ; Meetei_Mayek +blk; n/a ; Miscellaneous_Mathematical_Symbols_A +blk; n/a ; Miscellaneous_Mathematical_Symbols_B +blk; n/a ; Miscellaneous_Symbols +blk; n/a ; Miscellaneous_Symbols_And_Arrows +blk; n/a ; Miscellaneous_Symbols_And_Pictographs +blk; n/a ; Miscellaneous_Technical +blk; n/a ; Modifier_Tone_Letters +blk; n/a ; Mongolian +blk; n/a ; Musical_Symbols +blk; n/a ; Myanmar +blk; n/a ; Myanmar_Extended_A +blk; n/a ; New_Tai_Lue +blk; n/a ; NKo +blk; n/a ; No_Block +blk; n/a ; Number_Forms +blk; n/a ; Ogham +blk; n/a ; Ol_Chiki +blk; n/a ; Old_Italic +blk; n/a ; Old_Persian +blk; n/a ; Old_South_Arabian +blk; n/a ; Old_Turkic +blk; n/a ; Optical_Character_Recognition +blk; n/a ; Oriya +blk; n/a ; Osmanya +blk; n/a ; Phags_Pa +blk; n/a ; Phaistos_Disc +blk; n/a ; Phoenician +blk; n/a ; Phonetic_Extensions +blk; n/a ; Phonetic_Extensions_Supplement +blk; n/a ; Playing_Cards +blk; n/a ; Private_Use_Area ; Private_Use +blk; n/a ; Rejang +blk; n/a ; Rumi_Numeral_Symbols +blk; n/a ; Runic +blk; n/a ; Samaritan +blk; n/a ; Saurashtra +blk; n/a ; Shavian +blk; n/a ; Sinhala +blk; n/a ; Small_Form_Variants +blk; n/a ; Spacing_Modifier_Letters +blk; n/a ; Specials +blk; n/a ; Sundanese +blk; n/a ; Superscripts_And_Subscripts +blk; n/a ; Supplemental_Arrows_A +blk; n/a ; Supplemental_Arrows_B +blk; n/a ; Supplemental_Mathematical_Operators +blk; n/a ; Supplemental_Punctuation +blk; n/a ; Supplementary_Private_Use_Area_A +blk; n/a ; Supplementary_Private_Use_Area_B +blk; n/a ; Syloti_Nagri +blk; n/a ; Syriac +blk; n/a ; Tagalog +blk; n/a ; Tagbanwa +blk; n/a ; Tags +blk; n/a ; Tai_Le +blk; n/a ; Tai_Tham +blk; n/a ; Tai_Viet +blk; n/a ; Tai_Xuan_Jing_Symbols +blk; n/a ; Tamil +blk; n/a ; Telugu +blk; n/a ; Thaana +blk; n/a ; Thai +blk; n/a ; Tibetan +blk; n/a ; Tifinagh +blk; n/a ; Transport_And_Map_Symbols +blk; n/a ; Ugaritic +blk; n/a ; Unified_Canadian_Aboriginal_Syllabics; Canadian_Syllabics +blk; n/a ; Unified_Canadian_Aboriginal_Syllabics_Extended +blk; n/a ; Vai +blk; n/a ; Variation_Selectors +blk; n/a ; Variation_Selectors_Supplement +blk; n/a ; Vedic_Extensions +blk; n/a ; Vertical_Forms +blk; n/a ; Yi_Radicals +blk; n/a ; Yi_Syllables +blk; n/a ; Yijing_Hexagram_Symbols + +# Canonical_Combining_Class (ccc) + +ccc; 0; NR ; Not_Reordered +ccc; 1; OV ; Overlay +ccc; 7; NK ; Nukta +ccc; 8; KV ; Kana_Voicing +ccc; 9; VR ; Virama +ccc; 200; ATBL ; Attached_Below_Left +ccc; 202; ATB ; Attached_Below +ccc; 214; ATA ; Attached_Above +ccc; 216; ATAR ; Attached_Above_Right +ccc; 218; BL ; Below_Left +ccc; 220; B ; Below +ccc; 222; BR ; Below_Right +ccc; 224; L ; Left +ccc; 226; R ; Right +ccc; 228; AL ; Above_Left +ccc; 230; A ; Above +ccc; 232; AR ; Above_Right +ccc; 233; DB ; Double_Below +ccc; 234; DA ; Double_Above +ccc; 240; IS ; Iota_Subscript + +# Case_Folding (cf) + +# @missing: 0000..10FFFF; Case_Folding; <code point> + +# Case_Ignorable (CI) + +CI ; N ; No ; F ; False +CI ; Y ; Yes ; T ; True + +# Cased (Cased) + +Cased; N ; No ; F ; False +Cased; Y ; Yes ; T ; True + +# Changes_When_Casefolded (CWCF) + +CWCF; N ; No ; F ; False +CWCF; Y ; Yes ; T ; True + +# Changes_When_Casemapped (CWCM) + +CWCM; N ; No ; F ; False +CWCM; Y ; Yes ; T ; True + +# Changes_When_Lowercased (CWL) + +CWL; N ; No ; F ; False +CWL; Y ; Yes ; T ; True + +# Changes_When_NFKC_Casefolded (CWKCF) + +CWKCF; N ; No ; F ; False +CWKCF; Y ; Yes ; T ; True + +# Changes_When_Titlecased (CWT) + +CWT; N ; No ; F ; False +CWT; Y ; Yes ; T ; True + +# Changes_When_Uppercased (CWU) + +CWU; N ; No ; F ; False +CWU; Y ; Yes ; T ; True + +# Composition_Exclusion (CE) + +CE ; N ; No ; F ; False +CE ; Y ; Yes ; T ; True + +# Dash (Dash) + +Dash; N ; No ; F ; False +Dash; Y ; Yes ; T ; True + +# Decomposition_Mapping (dm) + +# @missing: 0000..10FFFF; Decomposition_Mapping; <code point> + +# Decomposition_Type (dt) + +dt ; Can ; Canonical ; can +dt ; Com ; Compat ; com +dt ; Enc ; Circle ; enc +dt ; Fin ; Final ; fin +dt ; Font ; font +dt ; Fra ; Fraction ; fra +dt ; Init ; Initial ; init +dt ; Iso ; Isolated ; iso +dt ; Med ; Medial ; med +dt ; Nar ; Narrow ; nar +dt ; Nb ; Nobreak ; nb +dt ; None ; none +dt ; Sml ; Small ; sml +dt ; Sqr ; Square ; sqr +dt ; Sub ; sub +dt ; Sup ; Super ; sup +dt ; Vert ; Vertical ; vert +dt ; Wide ; wide + +# Default_Ignorable_Code_Point (DI) + +DI ; N ; No ; F ; False +DI ; Y ; Yes ; T ; True + +# Deprecated (Dep) + +Dep; N ; No ; F ; False +Dep; Y ; Yes ; T ; True + +# Diacritic (Dia) + +Dia; N ; No ; F ; False +Dia; Y ; Yes ; T ; True + +# East_Asian_Width (ea) + +ea ; A ; Ambiguous +ea ; F ; Fullwidth +ea ; H ; Halfwidth +ea ; N ; Neutral +ea ; Na ; Narrow +ea ; W ; Wide + +# Expands_On_NFC (XO_NFC) + +XO_NFC; N ; No ; F ; False +XO_NFC; Y ; Yes ; T ; True + +# Expands_On_NFD (XO_NFD) + +XO_NFD; N ; No ; F ; False +XO_NFD; Y ; Yes ; T ; True + +# Expands_On_NFKC (XO_NFKC) + +XO_NFKC; N ; No ; F ; False +XO_NFKC; Y ; Yes ; T ; True + +# Expands_On_NFKD (XO_NFKD) + +XO_NFKD; N ; No ; F ; False +XO_NFKD; Y ; Yes ; T ; True + +# Extender (Ext) + +Ext; N ; No ; F ; False +Ext; Y ; Yes ; T ; True + +# FC_NFKC_Closure (FC_NFKC) + +# @missing: 0000..10FFFF; FC_NFKC_Closure; <code point> + +# Full_Composition_Exclusion (Comp_Ex) + +Comp_Ex; N ; No ; F ; False +Comp_Ex; Y ; Yes ; T ; True + +# General_Category (gc) + +gc ; C ; Other # Cc | Cf | Cn | Co | Cs +gc ; Cc ; Control ; cntrl +gc ; Cf ; Format +gc ; Cn ; Unassigned +gc ; Co ; Private_Use +gc ; Cs ; Surrogate +gc ; L ; Letter # Ll | Lm | Lo | Lt | Lu +gc ; LC ; Cased_Letter # Ll | Lt | Lu +gc ; Ll ; Lowercase_Letter +gc ; Lm ; Modifier_Letter +gc ; Lo ; Other_Letter +gc ; Lt ; Titlecase_Letter +gc ; Lu ; Uppercase_Letter +gc ; M ; Mark # Mc | Me | Mn +gc ; Mc ; Spacing_Mark +gc ; Me ; Enclosing_Mark +gc ; Mn ; Nonspacing_Mark +gc ; N ; Number # Nd | Nl | No +gc ; Nd ; Decimal_Number ; digit +gc ; Nl ; Letter_Number +gc ; No ; Other_Number +gc ; P ; Punctuation ; punct # Pc | Pd | Pe | Pf | Pi | Po | Ps +gc ; Pc ; Connector_Punctuation +gc ; Pd ; Dash_Punctuation +gc ; Pe ; Close_Punctuation +gc ; Pf ; Final_Punctuation +gc ; Pi ; Initial_Punctuation +gc ; Po ; Other_Punctuation +gc ; Ps ; Open_Punctuation +gc ; S ; Symbol # Sc | Sk | Sm | So +gc ; Sc ; Currency_Symbol +gc ; Sk ; Modifier_Symbol +gc ; Sm ; Math_Symbol +gc ; So ; Other_Symbol +gc ; Z ; Separator # Zl | Zp | Zs +gc ; Zl ; Line_Separator +gc ; Zp ; Paragraph_Separator +gc ; Zs ; Space_Separator + +# Grapheme_Base (Gr_Base) + +Gr_Base; N ; No ; F ; False +Gr_Base; Y ; Yes ; T ; True + +# Grapheme_Cluster_Break (GCB) + +GCB; CN ; Control +GCB; CR ; CR +GCB; EX ; Extend +GCB; L ; L +GCB; LF ; LF +GCB; LV ; LV +GCB; LVT ; LVT +GCB; PP ; Prepend +GCB; SM ; SpacingMark +GCB; T ; T +GCB; V ; V +GCB; XX ; Other + +# Grapheme_Extend (Gr_Ext) + +Gr_Ext; N ; No ; F ; False +Gr_Ext; Y ; Yes ; T ; True + +# Grapheme_Link (Gr_Link) + +Gr_Link; N ; No ; F ; False +Gr_Link; Y ; Yes ; T ; True + +# Hangul_Syllable_Type (hst) + +hst; L ; Leading_Jamo +hst; LV ; LV_Syllable +hst; LVT ; LVT_Syllable +hst; NA ; Not_Applicable +hst; T ; Trailing_Jamo +hst; V ; Vowel_Jamo + +# Hex_Digit (Hex) + +Hex; N ; No ; F ; False +Hex; Y ; Yes ; T ; True + +# Hyphen (Hyphen) + +Hyphen; N ; No ; F ; False +Hyphen; Y ; Yes ; T ; True + +# IDS_Binary_Operator (IDSB) + +IDSB; N ; No ; F ; False +IDSB; Y ; Yes ; T ; True + +# IDS_Trinary_Operator (IDST) + +IDST; N ; No ; F ; False +IDST; Y ; Yes ; T ; True + +# ID_Continue (IDC) + +IDC; N ; No ; F ; False +IDC; Y ; Yes ; T ; True + +# ID_Start (IDS) + +IDS; N ; No ; F ; False +IDS; Y ; Yes ; T ; True + +# ISO_Comment (isc) + +# @missing: 0000..10FFFF; ISO_Comment; <none> + +# Ideographic (Ideo) + +Ideo; N ; No ; F ; False +Ideo; Y ; Yes ; T ; True + +# Jamo_Short_Name (JSN) + +# @missing: 0000..10FFFF; Jamo_Short_Name; <none> +JSN; A ; A +JSN; AE ; AE +JSN; B ; B +JSN; BB ; BB +JSN; BS ; BS +JSN; C ; C +JSN; D ; D +JSN; DD ; DD +JSN; E ; E +JSN; EO ; EO +JSN; EU ; EU +JSN; G ; G +JSN; GG ; GG +JSN; GS ; GS +JSN; H ; H +JSN; I ; I +JSN; J ; J +JSN; JJ ; JJ +JSN; K ; K +JSN; L ; L +JSN; LB ; LB +JSN; LG ; LG +JSN; LH ; LH +JSN; LM ; LM +JSN; LP ; LP +JSN; LS ; LS +JSN; LT ; LT +JSN; M ; M +JSN; N ; N +JSN; NG ; NG +JSN; NH ; NH +JSN; NJ ; NJ +JSN; O ; O +JSN; OE ; OE +JSN; P ; P +JSN; R ; R +JSN; S ; S +JSN; SS ; SS +JSN; T ; T +JSN; U ; U +JSN; WA ; WA +JSN; WAE ; WAE +JSN; WE ; WE +JSN; WEO ; WEO +JSN; WI ; WI +JSN; YA ; YA +JSN; YAE ; YAE +JSN; YE ; YE +JSN; YEO ; YEO +JSN; YI ; YI +JSN; YO ; YO +JSN; YU ; YU + +# Join_Control (Join_C) + +Join_C; N ; No ; F ; False +Join_C; Y ; Yes ; T ; True + +# Joining_Group (jg) + +jg ; n/a ; Ain +jg ; n/a ; Alaph +jg ; n/a ; Alef +jg ; n/a ; Beh +jg ; n/a ; Beth +jg ; n/a ; Burushaski_Yeh_Barree +jg ; n/a ; Dal +jg ; n/a ; Dalath_Rish +jg ; n/a ; E +jg ; n/a ; Farsi_Yeh +jg ; n/a ; Fe +jg ; n/a ; Feh +jg ; n/a ; Final_Semkath +jg ; n/a ; Gaf +jg ; n/a ; Gamal +jg ; n/a ; Hah +jg ; n/a ; He +jg ; n/a ; Heh +jg ; n/a ; Heh_Goal +jg ; n/a ; Heth +jg ; n/a ; Kaf +jg ; n/a ; Kaph +jg ; n/a ; Khaph +jg ; n/a ; Knotted_Heh +jg ; n/a ; Lam +jg ; n/a ; Lamadh +jg ; n/a ; Meem +jg ; n/a ; Mim +jg ; n/a ; No_Joining_Group +jg ; n/a ; Noon +jg ; n/a ; Nun +jg ; n/a ; Nya +jg ; n/a ; Pe +jg ; n/a ; Qaf +jg ; n/a ; Qaph +jg ; n/a ; Reh +jg ; n/a ; Reversed_Pe +jg ; n/a ; Sad +jg ; n/a ; Sadhe +jg ; n/a ; Seen +jg ; n/a ; Semkath +jg ; n/a ; Shin +jg ; n/a ; Swash_Kaf +jg ; n/a ; Syriac_Waw +jg ; n/a ; Tah +jg ; n/a ; Taw +jg ; n/a ; Teh_Marbuta +jg ; n/a ; Teh_Marbuta_Goal ; Hamza_On_Heh_Goal +jg ; n/a ; Teth +jg ; n/a ; Waw +jg ; n/a ; Yeh +jg ; n/a ; Yeh_Barree +jg ; n/a ; Yeh_With_Tail +jg ; n/a ; Yudh +jg ; n/a ; Yudh_He +jg ; n/a ; Zain +jg ; n/a ; Zhain + +# Joining_Type (jt) + +jt ; C ; Join_Causing +jt ; D ; Dual_Joining +jt ; L ; Left_Joining +jt ; R ; Right_Joining +jt ; T ; Transparent +jt ; U ; Non_Joining + +# Line_Break (lb) + +lb ; AI ; Ambiguous +lb ; AL ; Alphabetic +lb ; B2 ; Break_Both +lb ; BA ; Break_After +lb ; BB ; Break_Before +lb ; BK ; Mandatory_Break +lb ; CB ; Contingent_Break +lb ; CL ; Close_Punctuation +lb ; CM ; Combining_Mark +lb ; CP ; Close_Parenthesis +lb ; CR ; Carriage_Return +lb ; EX ; Exclamation +lb ; GL ; Glue +lb ; H2 ; H2 +lb ; H3 ; H3 +lb ; HY ; Hyphen +lb ; ID ; Ideographic +lb ; IN ; Inseparable ; Inseperable +lb ; IS ; Infix_Numeric +lb ; JL ; JL +lb ; JT ; JT +lb ; JV ; JV +lb ; LF ; Line_Feed +lb ; NL ; Next_Line +lb ; NS ; Nonstarter +lb ; NU ; Numeric +lb ; OP ; Open_Punctuation +lb ; PO ; Postfix_Numeric +lb ; PR ; Prefix_Numeric +lb ; QU ; Quotation +lb ; SA ; Complex_Context +lb ; SG ; Surrogate +lb ; SP ; Space +lb ; SY ; Break_Symbols +lb ; WJ ; Word_Joiner +lb ; XX ; Unknown +lb ; ZW ; ZWSpace + +# Logical_Order_Exception (LOE) + +LOE; N ; No ; F ; False +LOE; Y ; Yes ; T ; True + +# Lowercase (Lower) + +Lower; N ; No ; F ; False +Lower; Y ; Yes ; T ; True + +# Lowercase_Mapping (lc) + +# @missing: 0000..10FFFF; Lowercase_Mapping; <code point> + +# Math (Math) + +Math; N ; No ; F ; False +Math; Y ; Yes ; T ; True + +# NFC_Quick_Check (NFC_QC) + +NFC_QC; M ; Maybe +NFC_QC; N ; No +NFC_QC; Y ; Yes + +# NFD_Quick_Check (NFD_QC) + +NFD_QC; N ; No +NFD_QC; Y ; Yes + +# NFKC_Casefold (NFKC_CF) + +# @missing: 0000..10FFFF; NFKC_Casefold; <code point> + +# NFKC_Quick_Check (NFKC_QC) + +NFKC_QC; M ; Maybe +NFKC_QC; N ; No +NFKC_QC; Y ; Yes + +# NFKD_Quick_Check (NFKD_QC) + +NFKD_QC; N ; No +NFKD_QC; Y ; Yes + +# Name (na) + +# @missing: 0000..10FFFF; Name; <none> + +# Name_Alias (Name_Alias) + +# @missing: 0000..10FFFF; Name_Alias; <none> + +# Noncharacter_Code_Point (NChar) + +NChar; N ; No ; F ; False +NChar; Y ; Yes ; T ; True + +# Numeric_Type (nt) + +nt ; De ; Decimal +nt ; Di ; Digit +nt ; None ; None +nt ; Nu ; Numeric + +# Numeric_Value (nv) + +# @missing: 0000..10FFFF; Numeric_Value; NaN + +# Other_Alphabetic (OAlpha) + +OAlpha; N ; No ; F ; False +OAlpha; Y ; Yes ; T ; True + +# Other_Default_Ignorable_Code_Point (ODI) + +ODI; N ; No ; F ; False +ODI; Y ; Yes ; T ; True + +# Other_Grapheme_Extend (OGr_Ext) + +OGr_Ext; N ; No ; F ; False +OGr_Ext; Y ; Yes ; T ; True + +# Other_ID_Continue (OIDC) + +OIDC; N ; No ; F ; False +OIDC; Y ; Yes ; T ; True + +# Other_ID_Start (OIDS) + +OIDS; N ; No ; F ; False +OIDS; Y ; Yes ; T ; True + +# Other_Lowercase (OLower) + +OLower; N ; No ; F ; False +OLower; Y ; Yes ; T ; True + +# Other_Math (OMath) + +OMath; N ; No ; F ; False +OMath; Y ; Yes ; T ; True + +# Other_Uppercase (OUpper) + +OUpper; N ; No ; F ; False +OUpper; Y ; Yes ; T ; True + +# Pattern_Syntax (Pat_Syn) + +Pat_Syn; N ; No ; F ; False +Pat_Syn; Y ; Yes ; T ; True + +# Pattern_White_Space (Pat_WS) + +Pat_WS; N ; No ; F ; False +Pat_WS; Y ; Yes ; T ; True + +# Quotation_Mark (QMark) + +QMark; N ; No ; F ; False +QMark; Y ; Yes ; T ; True + +# Radical (Radical) + +Radical; N ; No ; F ; False +Radical; Y ; Yes ; T ; True + +# STerm (STerm) + +STerm; N ; No ; F ; False +STerm; Y ; Yes ; T ; True + +# Script (sc) + +sc ; Arab ; Arabic +sc ; Armi ; Imperial_Aramaic +sc ; Armn ; Armenian +sc ; Avst ; Avestan +sc ; Bali ; Balinese +sc ; Bamu ; Bamum +sc ; Batk ; Batak +sc ; Beng ; Bengali +sc ; Bopo ; Bopomofo +sc ; Brah ; Brahmi +sc ; Brai ; Braille +sc ; Bugi ; Buginese +sc ; Buhd ; Buhid +sc ; Cans ; Canadian_Aboriginal +sc ; Cari ; Carian +sc ; Cham ; Cham +sc ; Cher ; Cherokee +sc ; Copt ; Coptic ; Qaac +sc ; Cprt ; Cypriot +sc ; Cyrl ; Cyrillic +sc ; Deva ; Devanagari +sc ; Dsrt ; Deseret +sc ; Egyp ; Egyptian_Hieroglyphs +sc ; Ethi ; Ethiopic +sc ; Geor ; Georgian +sc ; Glag ; Glagolitic +sc ; Goth ; Gothic +sc ; Grek ; Greek +sc ; Gujr ; Gujarati +sc ; Guru ; Gurmukhi +sc ; Hang ; Hangul +sc ; Hani ; Han +sc ; Hano ; Hanunoo +sc ; Hebr ; Hebrew +sc ; Hira ; Hiragana +sc ; Hrkt ; Katakana_Or_Hiragana +sc ; Ital ; Old_Italic +sc ; Java ; Javanese +sc ; Kali ; Kayah_Li +sc ; Kana ; Katakana +sc ; Khar ; Kharoshthi +sc ; Khmr ; Khmer +sc ; Knda ; Kannada +sc ; Kthi ; Kaithi +sc ; Lana ; Tai_Tham +sc ; Laoo ; Lao +sc ; Latn ; Latin +sc ; Lepc ; Lepcha +sc ; Limb ; Limbu +sc ; Linb ; Linear_B +sc ; Lisu ; Lisu +sc ; Lyci ; Lycian +sc ; Lydi ; Lydian +sc ; Mand ; Mandaic +sc ; Mlym ; Malayalam +sc ; Mong ; Mongolian +sc ; Mtei ; Meetei_Mayek +sc ; Mymr ; Myanmar +sc ; Nkoo ; Nko +sc ; Ogam ; Ogham +sc ; Olck ; Ol_Chiki +sc ; Orkh ; Old_Turkic +sc ; Orya ; Oriya +sc ; Osma ; Osmanya +sc ; Phag ; Phags_Pa +sc ; Phli ; Inscriptional_Pahlavi +sc ; Phnx ; Phoenician +sc ; Prti ; Inscriptional_Parthian +sc ; Rjng ; Rejang +sc ; Runr ; Runic +sc ; Samr ; Samaritan +sc ; Sarb ; Old_South_Arabian +sc ; Saur ; Saurashtra +sc ; Shaw ; Shavian +sc ; Sinh ; Sinhala +sc ; Sund ; Sundanese +sc ; Sylo ; Syloti_Nagri +sc ; Syrc ; Syriac +sc ; Tagb ; Tagbanwa +sc ; Tale ; Tai_Le +sc ; Talu ; New_Tai_Lue +sc ; Taml ; Tamil +sc ; Tavt ; Tai_Viet +sc ; Telu ; Telugu +sc ; Tfng ; Tifinagh +sc ; Tglg ; Tagalog +sc ; Thaa ; Thaana +sc ; Thai ; Thai +sc ; Tibt ; Tibetan +sc ; Ugar ; Ugaritic +sc ; Vaii ; Vai +sc ; Xpeo ; Old_Persian +sc ; Xsux ; Cuneiform +sc ; Yiii ; Yi +sc ; Zinh ; Inherited ; Qaai +sc ; Zyyy ; Common +sc ; Zzzz ; Unknown + +# Sentence_Break (SB) + +SB ; AT ; ATerm +SB ; CL ; Close +SB ; CR ; CR +SB ; EX ; Extend +SB ; FO ; Format +SB ; LE ; OLetter +SB ; LF ; LF +SB ; LO ; Lower +SB ; NU ; Numeric +SB ; SC ; SContinue +SB ; SE ; Sep +SB ; SP ; Sp +SB ; ST ; STerm +SB ; UP ; Upper +SB ; XX ; Other + +# Simple_Case_Folding (scf) + +# @missing: 0000..10FFFF; Simple_Case_Folding; <code point> + +# Simple_Lowercase_Mapping (slc) + +# @missing: 0000..10FFFF; Simple_Lowercase_Mapping; <code point> + +# Simple_Titlecase_Mapping (stc) + +# @missing: 0000..10FFFF; Simple_Titlecase_Mapping; <code point> + +# Simple_Uppercase_Mapping (suc) + +# @missing: 0000..10FFFF; Simple_Uppercase_Mapping; <code point> + +# Soft_Dotted (SD) + +SD ; N ; No ; F ; False +SD ; Y ; Yes ; T ; True + +# Terminal_Punctuation (Term) + +Term; N ; No ; F ; False +Term; Y ; Yes ; T ; True + +# Titlecase_Mapping (tc) + +# @missing: 0000..10FFFF; Titlecase_Mapping; <code point> + +# Unicode_1_Name (na1) + +# @missing: 0000..10FFFF; Unicode_1_Name; <none> + +# Unified_Ideograph (UIdeo) + +UIdeo; N ; No ; F ; False +UIdeo; Y ; Yes ; T ; True + +# Uppercase (Upper) + +Upper; N ; No ; F ; False +Upper; Y ; Yes ; T ; True + +# Uppercase_Mapping (uc) + +# @missing: 0000..10FFFF; Uppercase_Mapping; <code point> + +# Variation_Selector (VS) + +VS ; N ; No ; F ; False +VS ; Y ; Yes ; T ; True + +# White_Space (WSpace) + +WSpace; N ; No ; F ; False +WSpace; Y ; Yes ; T ; True + +# Word_Break (WB) + +WB ; CR ; CR +WB ; EX ; ExtendNumLet +WB ; Extend ; Extend +WB ; FO ; Format +WB ; KA ; Katakana +WB ; LE ; ALetter +WB ; LF ; LF +WB ; MB ; MidNumLet +WB ; ML ; MidLetter +WB ; MN ; MidNum +WB ; NL ; Newline +WB ; NU ; Numeric +WB ; XX ; Other + +# XID_Continue (XIDC) + +XIDC; N ; No ; F ; False +XIDC; Y ; Yes ; T ; True + +# XID_Start (XIDS) + +XIDS; N ; No ; F ; False +XIDS; Y ; Yes ; T ; True + +# cjkAccountingNumeric (cjkAccountingNumeric) + +# @missing: 0000..10FFFF; cjkAccountingNumeric; NaN + +# cjkCompatibilityVariant (cjkCompatibilityVariant) + +# @missing: 0000..10FFFF; cjkCompatibilityVariant; <code point> + +# cjkIICore (cjkIICore) + +# @missing: 0000..10FFFF; cjkIICore; <none> + +# cjkIRG_GSource (cjkIRG_GSource) + +# @missing: 0000..10FFFF; cjkIRG_GSource; <none> + +# cjkIRG_HSource (cjkIRG_HSource) + +# @missing: 0000..10FFFF; cjkIRG_HSource; <none> + +# cjkIRG_JSource (cjkIRG_JSource) + +# @missing: 0000..10FFFF; cjkIRG_JSource; <none> + +# cjkIRG_KPSource (cjkIRG_KPSource) + +# @missing: 0000..10FFFF; cjkIRG_KPSource; <none> + +# cjkIRG_KSource (cjkIRG_KSource) + +# @missing: 0000..10FFFF; cjkIRG_KSource; <none> + +# cjkIRG_MSource (cjkIRG_MSource) + +# @missing: 0000..10FFFF; cjkIRG_MSource; <none> + +# cjkIRG_TSource (cjkIRG_TSource) + +# @missing: 0000..10FFFF; cjkIRG_TSource; <none> + +# cjkIRG_USource (cjkIRG_USource) + +# @missing: 0000..10FFFF; cjkIRG_USource; <none> + +# cjkIRG_VSource (cjkIRG_VSource) + +# @missing: 0000..10FFFF; cjkIRG_VSource; <none> + +# cjkOtherNumeric (cjkOtherNumeric) + +# @missing: 0000..10FFFF; cjkOtherNumeric; NaN + +# cjkPrimaryNumeric (cjkPrimaryNumeric) + +# @missing: 0000..10FFFF; cjkPrimaryNumeric; NaN + +# cjkRSUnicode (cjkRSUnicode) + +# @missing: 0000..10FFFF; cjkRSUnicode; <none> + +# EOF
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/krb5/KrbCredSubKey.java Mon Apr 11 12:52:39 2011 +0100 @@ -0,0 +1,352 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 7030180 + * @run main/othervm KrbCredSubKey + * @summary AES 128/256 decrypt exception + */ + +import java.io.FileOutputStream; +import java.security.PrivilegedExceptionAction; +import javax.security.auth.Subject; +import javax.security.auth.kerberos.KerberosKey; +import javax.security.auth.kerberos.KerberosPrincipal; +import org.ietf.jgss.GSSContext; +import org.ietf.jgss.GSSCredential; +import org.ietf.jgss.GSSManager; +import sun.security.jgss.GSSUtil; +import sun.security.krb5.Config; +import sun.security.krb5.EncryptedData; + +public class KrbCredSubKey { + + public static void main(String[] args) throws Exception { + + // We don't care about clock difference + new FileOutputStream("krb5.conf").write( + "[libdefaults]\nclockskew=999999999".getBytes()); + System.setProperty("java.security.krb5.conf", "krb5.conf"); + Config.refresh(); + + Subject subj = new Subject(); + KerberosPrincipal kp = new KerberosPrincipal(princ); + KerberosKey kk = new KerberosKey( + kp, key, EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, 0); + subj.getPrincipals().add(kp); + subj.getPrivateCredentials().add(kk); + + Subject.doAs(subj, new PrivilegedExceptionAction() { + public Object run() throws Exception { + GSSManager man = GSSManager.getInstance(); + GSSContext ctxt = man.createContext(man.createCredential( + null, GSSCredential.INDEFINITE_LIFETIME, + GSSUtil.GSS_KRB5_MECH_OID, GSSCredential.ACCEPT_ONLY)); + return ctxt.acceptSecContext(token, 0, token.length); + } + }); + } + + // All following data generated by myself on a test machine + + private static String princ = "server/host.rabbit.hole@RABBIT.HOLE"; + + // A aes-128 key for princ + private static byte[] key = { + (byte)0x83, (byte)0xA1, (byte)0xD6, (byte)0xE2, + (byte)0xC7, (byte)0x76, (byte)0xD5, (byte)0x24, + (byte)0x63, (byte)0x9F, (byte)0xF9, (byte)0xFF, + (byte)0x76, (byte)0x6D, (byte)0x26, (byte)0x30, + }; + + // A JGSS token generated by the first call of an initiator's + // initSecContext, targetting princ, using the authenticator + // subkey to encrypt the KRB_CRED inside AP_REQ + private static byte[] token = { + (byte)0x60, (byte)0x82, (byte)0x04, (byte)0x1C, + (byte)0x06, (byte)0x09, (byte)0x2A, (byte)0x86, + (byte)0x48, (byte)0x86, (byte)0xF7, (byte)0x12, + (byte)0x01, (byte)0x02, (byte)0x02, (byte)0x01, + (byte)0x00, (byte)0x6E, (byte)0x82, (byte)0x04, + (byte)0x0B, (byte)0x30, (byte)0x82, (byte)0x04, + (byte)0x07, (byte)0xA0, (byte)0x03, (byte)0x02, + (byte)0x01, (byte)0x05, (byte)0xA1, (byte)0x03, + (byte)0x02, (byte)0x01, (byte)0x0E, (byte)0xA2, + (byte)0x07, (byte)0x03, (byte)0x05, (byte)0x00, + (byte)0x20, (byte)0x00, (byte)0x00, (byte)0x00, + (byte)0xA3, (byte)0x82, (byte)0x01, (byte)0x04, + (byte)0x61, (byte)0x82, (byte)0x01, (byte)0x00, + (byte)0x30, (byte)0x81, (byte)0xFD, (byte)0xA0, + (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x05, + (byte)0xA1, (byte)0x0D, (byte)0x1B, (byte)0x0B, + (byte)0x52, (byte)0x41, (byte)0x42, (byte)0x42, + (byte)0x49, (byte)0x54, (byte)0x2E, (byte)0x48, + (byte)0x4F, (byte)0x4C, (byte)0x45, (byte)0xA2, + (byte)0x25, (byte)0x30, (byte)0x23, (byte)0xA0, + (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x00, + (byte)0xA1, (byte)0x1C, (byte)0x30, (byte)0x1A, + (byte)0x1B, (byte)0x06, (byte)0x73, (byte)0x65, + (byte)0x72, (byte)0x76, (byte)0x65, (byte)0x72, + (byte)0x1B, (byte)0x10, (byte)0x68, (byte)0x6F, + (byte)0x73, (byte)0x74, (byte)0x2E, (byte)0x72, + (byte)0x61, (byte)0x62, (byte)0x62, (byte)0x69, + (byte)0x74, (byte)0x2E, (byte)0x68, (byte)0x6F, + (byte)0x6C, (byte)0x65, (byte)0xA3, (byte)0x81, + (byte)0xBF, (byte)0x30, (byte)0x81, (byte)0xBC, + (byte)0xA0, (byte)0x03, (byte)0x02, (byte)0x01, + (byte)0x11, (byte)0xA2, (byte)0x81, (byte)0xB4, + (byte)0x04, (byte)0x81, (byte)0xB1, (byte)0xA7, + (byte)0xE8, (byte)0x58, (byte)0xBA, (byte)0x98, + (byte)0x69, (byte)0x45, (byte)0xB3, (byte)0x68, + (byte)0xBF, (byte)0xFD, (byte)0x25, (byte)0x74, + (byte)0xC4, (byte)0x2E, (byte)0x09, (byte)0x7B, + (byte)0x3C, (byte)0x7F, (byte)0xA5, (byte)0x6C, + (byte)0xC3, (byte)0x86, (byte)0xC9, (byte)0xEE, + (byte)0x58, (byte)0xD3, (byte)0x7C, (byte)0xD6, + (byte)0x19, (byte)0xA1, (byte)0x3B, (byte)0xF7, + (byte)0x17, (byte)0xD6, (byte)0x18, (byte)0xA9, + (byte)0x58, (byte)0x43, (byte)0x55, (byte)0xD6, + (byte)0xBA, (byte)0x85, (byte)0xF7, (byte)0x6B, + (byte)0x20, (byte)0x01, (byte)0xEF, (byte)0xB4, + (byte)0x74, (byte)0x0B, (byte)0x31, (byte)0x07, + (byte)0x55, (byte)0xD8, (byte)0x8C, (byte)0x85, + (byte)0x25, (byte)0x12, (byte)0x66, (byte)0x85, + (byte)0xA8, (byte)0x5A, (byte)0x84, (byte)0xB2, + (byte)0x6C, (byte)0xDE, (byte)0xEE, (byte)0xF9, + (byte)0x15, (byte)0xF2, (byte)0xBC, (byte)0xB0, + (byte)0x43, (byte)0xA5, (byte)0x21, (byte)0x31, + (byte)0xFA, (byte)0x2F, (byte)0x2C, (byte)0x37, + (byte)0x39, (byte)0xD8, (byte)0xAA, (byte)0xE0, + (byte)0x78, (byte)0x08, (byte)0x18, (byte)0xFB, + (byte)0x03, (byte)0x43, (byte)0x22, (byte)0xE6, + (byte)0x2C, (byte)0xF2, (byte)0x98, (byte)0xDC, + (byte)0x2A, (byte)0xDE, (byte)0x8C, (byte)0x95, + (byte)0x0B, (byte)0xB6, (byte)0xE6, (byte)0x0F, + (byte)0xB5, (byte)0x4E, (byte)0xAD, (byte)0xAC, + (byte)0xD1, (byte)0x4C, (byte)0xE8, (byte)0x22, + (byte)0x93, (byte)0x38, (byte)0xA2, (byte)0x44, + (byte)0x0E, (byte)0x83, (byte)0x9E, (byte)0x4D, + (byte)0xC0, (byte)0x1A, (byte)0x02, (byte)0xB2, + (byte)0xB8, (byte)0xCE, (byte)0xDF, (byte)0xB5, + (byte)0xFB, (byte)0xF2, (byte)0x75, (byte)0x5E, + (byte)0x74, (byte)0xC1, (byte)0x90, (byte)0x82, + (byte)0x60, (byte)0x00, (byte)0xA5, (byte)0xC3, + (byte)0xBF, (byte)0x66, (byte)0x97, (byte)0x0E, + (byte)0xF3, (byte)0x9F, (byte)0xB3, (byte)0xD9, + (byte)0x51, (byte)0x51, (byte)0x38, (byte)0xBC, + (byte)0xD9, (byte)0xC1, (byte)0xD0, (byte)0x1E, + (byte)0x90, (byte)0x9B, (byte)0x43, (byte)0xEE, + (byte)0xD9, (byte)0xD6, (byte)0x3E, (byte)0x31, + (byte)0xEA, (byte)0x8E, (byte)0xB1, (byte)0xDC, + (byte)0xDE, (byte)0xFD, (byte)0xA4, (byte)0x77, + (byte)0x6C, (byte)0x4A, (byte)0x81, (byte)0x1F, + (byte)0xA4, (byte)0x82, (byte)0x02, (byte)0xE8, + (byte)0x30, (byte)0x82, (byte)0x02, (byte)0xE4, + (byte)0xA0, (byte)0x03, (byte)0x02, (byte)0x01, + (byte)0x11, (byte)0xA2, (byte)0x82, (byte)0x02, + (byte)0xDB, (byte)0x04, (byte)0x82, (byte)0x02, + (byte)0xD7, (byte)0x81, (byte)0x78, (byte)0x25, + (byte)0x75, (byte)0x92, (byte)0x7A, (byte)0xEC, + (byte)0xBE, (byte)0x31, (byte)0xF1, (byte)0x50, + (byte)0xE7, (byte)0xC1, (byte)0x32, (byte)0xA5, + (byte)0xCB, (byte)0x34, (byte)0x46, (byte)0x95, + (byte)0x2B, (byte)0x84, (byte)0xB7, (byte)0x06, + (byte)0x0E, (byte)0x15, (byte)0x02, (byte)0x74, + (byte)0xCA, (byte)0x18, (byte)0x5D, (byte)0xE8, + (byte)0x0E, (byte)0x1B, (byte)0xB7, (byte)0x77, + (byte)0x5A, (byte)0x6C, (byte)0xFB, (byte)0x94, + (byte)0x82, (byte)0x2B, (byte)0xE6, (byte)0x14, + (byte)0x0C, (byte)0xDA, (byte)0x22, (byte)0xA2, + (byte)0x42, (byte)0xD7, (byte)0xB0, (byte)0xFC, + (byte)0xCA, (byte)0x4A, (byte)0xEA, (byte)0xB8, + (byte)0x92, (byte)0xB5, (byte)0x8C, (byte)0x71, + (byte)0xED, (byte)0x2B, (byte)0x46, (byte)0xC5, + (byte)0xE5, (byte)0x47, (byte)0x76, (byte)0x29, + (byte)0x27, (byte)0x0F, (byte)0xFF, (byte)0x03, + (byte)0x72, (byte)0x13, (byte)0xAA, (byte)0xDB, + (byte)0x4E, (byte)0xFF, (byte)0x48, (byte)0x36, + (byte)0xAB, (byte)0x73, (byte)0xD7, (byte)0xDA, + (byte)0xF1, (byte)0x80, (byte)0x1B, (byte)0x5B, + (byte)0x9A, (byte)0x88, (byte)0x07, (byte)0x47, + (byte)0x43, (byte)0x27, (byte)0xD5, (byte)0x00, + (byte)0x04, (byte)0xEE, (byte)0xAF, (byte)0x53, + (byte)0x5C, (byte)0xCC, (byte)0x2C, (byte)0xC7, + (byte)0x2F, (byte)0x94, (byte)0x12, (byte)0x86, + (byte)0xEF, (byte)0xAC, (byte)0xB1, (byte)0x6C, + (byte)0xB0, (byte)0xB5, (byte)0x3D, (byte)0x92, + (byte)0xBD, (byte)0xBE, (byte)0x7B, (byte)0x1A, + (byte)0x39, (byte)0x4A, (byte)0x1E, (byte)0x91, + (byte)0xA4, (byte)0xDF, (byte)0x82, (byte)0x12, + (byte)0x2E, (byte)0x67, (byte)0x17, (byte)0x92, + (byte)0xB3, (byte)0x93, (byte)0x38, (byte)0x32, + (byte)0x94, (byte)0xF5, (byte)0xF7, (byte)0x09, + (byte)0x07, (byte)0x5E, (byte)0x21, (byte)0x12, + (byte)0x70, (byte)0x37, (byte)0xAF, (byte)0x5A, + (byte)0x2D, (byte)0xAC, (byte)0xFF, (byte)0x22, + (byte)0x46, (byte)0xA0, (byte)0x12, (byte)0x74, + (byte)0x1C, (byte)0xA1, (byte)0x68, (byte)0xC3, + (byte)0x64, (byte)0xDB, (byte)0xC3, (byte)0x9F, + (byte)0xAB, (byte)0x0E, (byte)0x19, (byte)0xFE, + (byte)0xD9, (byte)0xA4, (byte)0xAA, (byte)0x7B, + (byte)0x73, (byte)0xAD, (byte)0xC8, (byte)0xA8, + (byte)0xD5, (byte)0x29, (byte)0xAD, (byte)0x1F, + (byte)0xEF, (byte)0x54, (byte)0xAE, (byte)0x72, + (byte)0x02, (byte)0xD9, (byte)0x06, (byte)0x0D, + (byte)0x1A, (byte)0x94, (byte)0x7B, (byte)0xBC, + (byte)0x32, (byte)0x9A, (byte)0xBC, (byte)0x4B, + (byte)0x33, (byte)0xC2, (byte)0x02, (byte)0xA3, + (byte)0xF4, (byte)0xB1, (byte)0xED, (byte)0x76, + (byte)0x0D, (byte)0x59, (byte)0xCD, (byte)0x56, + (byte)0xCB, (byte)0xDC, (byte)0xCE, (byte)0xED, + (byte)0xFF, (byte)0x25, (byte)0x84, (byte)0x5E, + (byte)0x41, (byte)0xF9, (byte)0x42, (byte)0xBE, + (byte)0x73, (byte)0xAC, (byte)0xA2, (byte)0x20, + (byte)0x97, (byte)0xB7, (byte)0x88, (byte)0x77, + (byte)0x65, (byte)0x43, (byte)0x9F, (byte)0xEE, + (byte)0xF4, (byte)0x3A, (byte)0x7E, (byte)0x9B, + (byte)0x5B, (byte)0x54, (byte)0xD3, (byte)0x0D, + (byte)0x50, (byte)0x6D, (byte)0xF6, (byte)0x14, + (byte)0xB7, (byte)0x5A, (byte)0x34, (byte)0x0F, + (byte)0x1F, (byte)0xC7, (byte)0x39, (byte)0x99, + (byte)0x9B, (byte)0x96, (byte)0xE3, (byte)0xAD, + (byte)0x86, (byte)0xE3, (byte)0x6A, (byte)0x71, + (byte)0x63, (byte)0x04, (byte)0xAD, (byte)0x9C, + (byte)0x17, (byte)0x68, (byte)0x44, (byte)0xFE, + (byte)0x21, (byte)0x62, (byte)0xD5, (byte)0x99, + (byte)0x4A, (byte)0xDF, (byte)0x48, (byte)0xDE, + (byte)0x9A, (byte)0xD4, (byte)0xBB, (byte)0xA1, + (byte)0x9B, (byte)0xE7, (byte)0x2A, (byte)0x08, + (byte)0x80, (byte)0x3A, (byte)0x08, (byte)0xA4, + (byte)0xBA, (byte)0xBE, (byte)0x1E, (byte)0x81, + (byte)0x63, (byte)0x20, (byte)0xAC, (byte)0x9C, + (byte)0x42, (byte)0x2F, (byte)0xCA, (byte)0x06, + (byte)0x95, (byte)0x92, (byte)0x97, (byte)0x09, + (byte)0x3C, (byte)0x0C, (byte)0x5A, (byte)0x99, + (byte)0xFB, (byte)0xAB, (byte)0xEB, (byte)0xDE, + (byte)0xC4, (byte)0x09, (byte)0xD3, (byte)0xA3, + (byte)0xF0, (byte)0x65, (byte)0xDC, (byte)0x5F, + (byte)0xAA, (byte)0xBB, (byte)0x28, (byte)0xC0, + (byte)0x3E, (byte)0xBF, (byte)0x77, (byte)0xAE, + (byte)0xCC, (byte)0x3A, (byte)0xD3, (byte)0x31, + (byte)0x0D, (byte)0x9B, (byte)0x96, (byte)0xEF, + (byte)0x2C, (byte)0xED, (byte)0x60, (byte)0x63, + (byte)0xC5, (byte)0x8F, (byte)0xCA, (byte)0xB0, + (byte)0xA2, (byte)0x0B, (byte)0x49, (byte)0x5A, + (byte)0xB2, (byte)0x8F, (byte)0xEF, (byte)0xE4, + (byte)0x19, (byte)0xC0, (byte)0xC6, (byte)0x2D, + (byte)0xD3, (byte)0x4F, (byte)0xB2, (byte)0xED, + (byte)0xA3, (byte)0xA4, (byte)0x6F, (byte)0xAE, + (byte)0xD4, (byte)0xE9, (byte)0xA2, (byte)0x5A, + (byte)0xFB, (byte)0xB0, (byte)0x14, (byte)0xBD, + (byte)0x06, (byte)0x12, (byte)0xD7, (byte)0x91, + (byte)0x15, (byte)0x46, (byte)0x78, (byte)0xE4, + (byte)0xD1, (byte)0x73, (byte)0xCA, (byte)0xA5, + (byte)0xA5, (byte)0x64, (byte)0xC8, (byte)0x6F, + (byte)0xD1, (byte)0xBD, (byte)0xEA, (byte)0x74, + (byte)0xE4, (byte)0xCA, (byte)0x40, (byte)0x16, + (byte)0x9E, (byte)0x46, (byte)0x7C, (byte)0x25, + (byte)0x6C, (byte)0x32, (byte)0xB4, (byte)0x14, + (byte)0xF9, (byte)0x26, (byte)0x8A, (byte)0x3A, + (byte)0xDD, (byte)0x51, (byte)0x26, (byte)0x79, + (byte)0x43, (byte)0x27, (byte)0x2E, (byte)0xED, + (byte)0xC7, (byte)0x82, (byte)0x7C, (byte)0xCE, + (byte)0x43, (byte)0x03, (byte)0x60, (byte)0x2A, + (byte)0x9C, (byte)0xB2, (byte)0x71, (byte)0x41, + (byte)0xAB, (byte)0x3D, (byte)0xA6, (byte)0xB5, + (byte)0x51, (byte)0xBC, (byte)0x80, (byte)0x1F, + (byte)0x96, (byte)0x73, (byte)0x23, (byte)0x11, + (byte)0xED, (byte)0xC0, (byte)0x1D, (byte)0x0B, + (byte)0xA0, (byte)0x13, (byte)0xB3, (byte)0x2F, + (byte)0x16, (byte)0x59, (byte)0x64, (byte)0x45, + (byte)0xE8, (byte)0x68, (byte)0xFB, (byte)0xF9, + (byte)0x6F, (byte)0xB0, (byte)0x2B, (byte)0xFB, + (byte)0x39, (byte)0xBB, (byte)0x53, (byte)0x8F, + (byte)0xD2, (byte)0xAF, (byte)0x38, (byte)0x5E, + (byte)0xEF, (byte)0x5B, (byte)0xE2, (byte)0x98, + (byte)0xE8, (byte)0x46, (byte)0x3C, (byte)0x03, + (byte)0x71, (byte)0x46, (byte)0x8D, (byte)0x41, + (byte)0x92, (byte)0x32, (byte)0x85, (byte)0x8D, + (byte)0xBA, (byte)0x33, (byte)0x05, (byte)0xB1, + (byte)0xE4, (byte)0x56, (byte)0x3E, (byte)0xF5, + (byte)0x20, (byte)0x35, (byte)0xA6, (byte)0x74, + (byte)0xA2, (byte)0xBE, (byte)0x54, (byte)0x08, + (byte)0xB4, (byte)0xFC, (byte)0x1D, (byte)0x13, + (byte)0x84, (byte)0xBE, (byte)0x1C, (byte)0xC5, + (byte)0x3E, (byte)0x43, (byte)0x14, (byte)0x6F, + (byte)0xC0, (byte)0x3D, (byte)0xF4, (byte)0xDC, + (byte)0x66, (byte)0x4E, (byte)0xF0, (byte)0x3E, + (byte)0xD4, (byte)0xC6, (byte)0xE9, (byte)0x8D, + (byte)0x7D, (byte)0xB9, (byte)0xDC, (byte)0x9F, + (byte)0xBE, (byte)0x54, (byte)0x63, (byte)0x93, + (byte)0x49, (byte)0x2F, (byte)0x6A, (byte)0xC3, + (byte)0x34, (byte)0xC5, (byte)0xF7, (byte)0x76, + (byte)0xE8, (byte)0xD5, (byte)0x5B, (byte)0xD9, + (byte)0x41, (byte)0xCA, (byte)0x74, (byte)0x25, + (byte)0x25, (byte)0x09, (byte)0xF4, (byte)0xD3, + (byte)0x00, (byte)0x9F, (byte)0x7D, (byte)0xFB, + (byte)0x3D, (byte)0xAB, (byte)0x87, (byte)0xF7, + (byte)0xCE, (byte)0x42, (byte)0x0F, (byte)0x60, + (byte)0xEB, (byte)0x03, (byte)0x47, (byte)0x98, + (byte)0x0F, (byte)0xEB, (byte)0xA4, (byte)0x05, + (byte)0xE2, (byte)0x58, (byte)0x8F, (byte)0x44, + (byte)0x09, (byte)0xD3, (byte)0x66, (byte)0x1E, + (byte)0x69, (byte)0x89, (byte)0xB7, (byte)0xEE, + (byte)0x8B, (byte)0xA4, (byte)0x8E, (byte)0x05, + (byte)0x2D, (byte)0x2E, (byte)0xB3, (byte)0x5A, + (byte)0xAE, (byte)0xAB, (byte)0x80, (byte)0xD6, + (byte)0x5C, (byte)0x93, (byte)0x40, (byte)0x91, + (byte)0x53, (byte)0xE6, (byte)0x13, (byte)0xD5, + (byte)0x2F, (byte)0x64, (byte)0xF0, (byte)0x68, + (byte)0xD2, (byte)0x85, (byte)0x94, (byte)0xE5, + (byte)0x2D, (byte)0x73, (byte)0x10, (byte)0x59, + (byte)0x18, (byte)0xCD, (byte)0xED, (byte)0xBC, + (byte)0x05, (byte)0x97, (byte)0xFD, (byte)0xE7, + (byte)0x6F, (byte)0x5D, (byte)0x7C, (byte)0x46, + (byte)0x28, (byte)0x5F, (byte)0xC2, (byte)0xB4, + (byte)0x31, (byte)0xA5, (byte)0x2B, (byte)0x82, + (byte)0xAB, (byte)0x32, (byte)0x49, (byte)0xA5, + (byte)0xCD, (byte)0x91, (byte)0x37, (byte)0x97, + (byte)0xA1, (byte)0x85, (byte)0x8F, (byte)0xBB, + (byte)0x6E, (byte)0x1E, (byte)0x9F, (byte)0xFC, + (byte)0x10, (byte)0x3B, (byte)0x8A, (byte)0xF6, + (byte)0x9A, (byte)0x66, (byte)0xBD, (byte)0x75, + (byte)0x4F, (byte)0x1D, (byte)0xBA, (byte)0x64, + (byte)0x15, (byte)0xDD, (byte)0x9F, (byte)0x00, + (byte)0x6C, (byte)0x2F, (byte)0x87, (byte)0x20, + (byte)0x25, (byte)0xA2, (byte)0x09, (byte)0x9F, + (byte)0x5D, (byte)0x64, (byte)0xC9, (byte)0xA8, + (byte)0x32, (byte)0x59, (byte)0x90, (byte)0x1D, + (byte)0x78, (byte)0xFE, (byte)0x5A, (byte)0xA2, + (byte)0x1F, (byte)0x9B, (byte)0x22, (byte)0xBE, + (byte)0x8F, (byte)0xEA, (byte)0x59, (byte)0x5B, + (byte)0x96, (byte)0xE3, (byte)0x4A, (byte)0xB2, + (byte)0x71, (byte)0x65, (byte)0xB7, (byte)0x3C, + (byte)0xC6, (byte)0x1B, (byte)0xD6, (byte)0x80, + (byte)0x90, (byte)0xD2, (byte)0xF2, (byte)0x6F, + (byte)0xA2, (byte)0x68, (byte)0x53, (byte)0xC0, + (byte)0x44, (byte)0xAF, (byte)0xD4, (byte)0x68, + (byte)0x12, (byte)0xFF, (byte)0xB4, (byte)0x36, + (byte)0x34, (byte)0x43, (byte)0xAC, (byte)0x1C, + }; +}