jdk Sdiff src/java.base/share/classes/sun/security/pkcs12

src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java

   1 /*
   2  * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any

1625         bagAttrs.write(DerValue.tag_Set, attrs);
1626         return bagAttrs.toByteArray();
1627     }
1628 
1629     /*
1630      * Create EncryptedData content type, that contains EncryptedContentInfo.
1631      * Includes certificates in individual SafeBags of type CertBag.
1632      * Each CertBag may include pkcs12 attributes
1633      * (see comments in getBagAttributes)
1634      */
1635     private byte[] createEncryptedData(char[] password)
1636         throws CertificateException, IOException
1637     {
1638         DerOutputStream out = new DerOutputStream();
1639         for (Enumeration<String> e = engineAliases(); e.hasMoreElements(); ) {
1640 
1641             String alias = e.nextElement();
1642             Entry entry = entries.get(alias);
1643 
1644             // certificate chain
1645             int chainLen = 1;
1646             Certificate[] certs = null;
1647 
1648             if (entry instanceof PrivateKeyEntry) {
1649                 PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
1650                     if (keyEntry.chain == null) {
1651                         chainLen = 0;
1652                     } else {
1653                         chainLen = keyEntry.chain.length;
1654                     }
1655                 certs = keyEntry.chain;
1656 
1657             } else if (entry instanceof CertEntry) {
1658                certs = new Certificate[]{((CertEntry) entry).cert};


1659             }
1660 
1661             for (int i = 0; i < chainLen; i++) {
1662                 // create SafeBag of Type CertBag
1663                 DerOutputStream safeBag = new DerOutputStream();
1664                 safeBag.putOID(CertBag_OID);
1665 
1666                 // create a CertBag
1667                 DerOutputStream certBag = new DerOutputStream();
1668                 certBag.putOID(PKCS9CertType_OID);
1669 
1670                 // write encoded certs in a context-specific tag
1671                 DerOutputStream certValue = new DerOutputStream();
1672                 X509Certificate cert = (X509Certificate) certs[i];
1673                 certValue.putOctetString(cert.getEncoded());
1674                 certBag.write(DerValue.createTag(DerValue.TAG_CONTEXT,
1675                                         true, (byte) 0), certValue);
1676 
1677                 // wrap CertBag in a Sequence
1678                 DerOutputStream certout = new DerOutputStream();
1679                 certout.write(DerValue.tag_Sequence, certBag);
1680                 byte[] certBagValue = certout.toByteArray();
1681

   1 /*
   2  * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any

1625         bagAttrs.write(DerValue.tag_Set, attrs);
1626         return bagAttrs.toByteArray();
1627     }
1628 
1629     /*
1630      * Create EncryptedData content type, that contains EncryptedContentInfo.
1631      * Includes certificates in individual SafeBags of type CertBag.
1632      * Each CertBag may include pkcs12 attributes
1633      * (see comments in getBagAttributes)
1634      */
1635     private byte[] createEncryptedData(char[] password)
1636         throws CertificateException, IOException
1637     {
1638         DerOutputStream out = new DerOutputStream();
1639         for (Enumeration<String> e = engineAliases(); e.hasMoreElements(); ) {
1640 
1641             String alias = e.nextElement();
1642             Entry entry = entries.get(alias);
1643 
1644             // certificate chain
1645             Certificate[] certs;

1646 
1647             if (entry instanceof PrivateKeyEntry) {
1648                 PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
1649                 if (keyEntry.chain != null) {
1650                     certs = keyEntry.chain;
1651                 } else {
1652                     certs = new Certificate[0];
1653                 }


1654             } else if (entry instanceof CertEntry) {
1655                 certs = new Certificate[]{((CertEntry) entry).cert};
1656             } else {
1657                 certs = new Certificate[0];
1658             }
1659 
1660             for (int i = 0; i < certs.length; i++) {
1661                 // create SafeBag of Type CertBag
1662                 DerOutputStream safeBag = new DerOutputStream();
1663                 safeBag.putOID(CertBag_OID);
1664 
1665                 // create a CertBag
1666                 DerOutputStream certBag = new DerOutputStream();
1667                 certBag.putOID(PKCS9CertType_OID);
1668 
1669                 // write encoded certs in a context-specific tag
1670                 DerOutputStream certValue = new DerOutputStream();
1671                 X509Certificate cert = (X509Certificate) certs[i];
1672                 certValue.putOctetString(cert.getEncoded());
1673                 certBag.write(DerValue.createTag(DerValue.TAG_CONTEXT,
1674                                         true, (byte) 0), certValue);
1675 
1676                 // wrap CertBag in a Sequence
1677                 DerOutputStream certout = new DerOutputStream();
1678                 certout.write(DerValue.tag_Sequence, certBag);
1679                 byte[] certBagValue = certout.toByteArray();
1680