Skip to content
Permalink
Browse files

8239264: Clearup the legacy ObjectIdentifier constructor from int array

Reviewed-by: jnimeh
  • Loading branch information
XueleiFan committed Feb 18, 2020
1 parent 8aff5bd commit 4e430ffbb6de8a578fc6ece00f44ef2100af109f
Showing with 408 additions and 688 deletions.
  1. +7 −16 src/java.base/macosx/classes/apple/security/KeychainStore.java
  2. +2 −4 src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java
  3. +5 −3 src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java
  4. +5 −19 src/java.base/share/classes/com/sun/crypto/provider/OAEPParameters.java
  5. +21 −50 src/java.base/share/classes/com/sun/crypto/provider/PBES2Parameters.java
  6. +2 −2 src/java.base/share/classes/java/security/cert/X509CertSelector.java
  7. +30 −44 src/java.base/share/classes/sun/security/pkcs/ContentInfo.java
  8. +6 −7 src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java
  9. +26 −43 src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
  10. +1 −1 src/java.base/share/classes/sun/security/provider/certpath/OCSPResponse.java
  11. +59 −59 src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
  12. +5 −5 src/java.base/share/classes/sun/security/x509/AccessDescription.java
  13. +111 −151 src/java.base/share/classes/sun/security/x509/AlgorithmId.java
  14. +12 −23 src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java
  15. +2 −3 src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java
  16. +3 −9 src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java
  17. +3 −12 src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java
  18. +3 −6 src/java.base/share/classes/sun/security/x509/OIDMap.java
  19. +55 −108 src/java.base/share/classes/sun/security/x509/PKIXExtensions.java
  20. +32 −53 src/java.base/share/classes/sun/security/x509/X500Name.java
  21. +7 −7 src/jdk.crypto.ec/share/classes/sun/security/ec/XECParameters.java
  22. +2 −3 test/jdk/java/security/testlibrary/SimpleOCSPServer.java
  23. +3 −6 test/jdk/sun/security/util/Oid/OidEquals.java
  24. +1 −47 test/jdk/sun/security/util/Oid/OidFormat.java
  25. +2 −4 test/jdk/sun/security/x509/AVA/AVAEqualsHashCode.java
  26. +3 −3 test/jdk/sun/security/x509/X509CertImpl/V3Certificate.java
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -89,12 +89,13 @@
private Hashtable<String, Object> entries = new Hashtable<>();

/**
* Algorithm identifiers and corresponding OIDs for the contents of the PKCS12 bag we get from the Keychain.
* Algorithm identifiers and corresponding OIDs for the contents of the
* PKCS12 bag we get from the Keychain.
*/
private static final int keyBag[] = {1, 2, 840, 113549, 1, 12, 10, 1, 2};
private static final int pbeWithSHAAnd3KeyTripleDESCBC[] = {1, 2, 840, 113549, 1, 12, 1, 3};
private static ObjectIdentifier PKCS8ShroudedKeyBag_OID;
private static ObjectIdentifier pbeWithSHAAnd3KeyTripleDESCBC_OID;
private static ObjectIdentifier PKCS8ShroudedKeyBag_OID =
ObjectIdentifier.of("1.2.840.113549.1.12.10.1.2");
private static ObjectIdentifier pbeWithSHAAnd3KeyTripleDESCBC_OID =
ObjectIdentifier.of("1.2.840.113549.1.12.1.3");

/**
* Constnats used in PBE decryption.
@@ -104,16 +105,6 @@

private static final Debug debug = Debug.getInstance("keystore");

static {
jdk.internal.loader.BootLoader.loadLibrary("osxsecurity");
try {
PKCS8ShroudedKeyBag_OID = new ObjectIdentifier(keyBag);
pbeWithSHAAnd3KeyTripleDESCBC_OID = new ObjectIdentifier(pbeWithSHAAnd3KeyTripleDESCBC);
} catch (IOException ioe) {
// should not happen
}
}

private static void permissionCheck() {
SecurityManager sec = System.getSecurityManager();

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -72,8 +72,6 @@
// the private-value length (optional)
private int l;

private int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };

/**
* Make a DH private key out of a private value <code>x</code>, a prime
* modulus <code>p</code>, and a base generator <code>g</code>.
@@ -220,7 +218,7 @@ public String getAlgorithm() {
DerOutputStream algid = new DerOutputStream();

// store OID
algid.putOID(new ObjectIdentifier(DH_data));
algid.putOID(DHPublicKey.DH_OID);
// encode parameters
DerOutputStream params = new DerOutputStream();
params.putInteger(this.p);
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -69,7 +69,9 @@
// the private-value length (optional)
private int l;

private int DH_data[] = { 1, 2, 840, 113549, 1, 3, 1 };
// Note: this OID is used by DHPrivateKey as well.
static ObjectIdentifier DH_OID =
ObjectIdentifier.of("1.2.840.113549.1.3.1");

/**
* Make a DH public key out of a public value <code>y</code>, a prime
@@ -203,7 +205,7 @@ public String getAlgorithm() {
DerOutputStream algid = new DerOutputStream();

// store oid in algid
algid.putOID(new ObjectIdentifier(DH_data));
algid.putOID(DH_OID);

// encode parameters
DerOutputStream params = new DerOutputStream();
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -55,24 +55,10 @@
private String mdName;
private MGF1ParameterSpec mgfSpec;
private byte[] p;
private static ObjectIdentifier OID_MGF1;
private static ObjectIdentifier OID_PSpecified;

static {
try {
OID_MGF1 = new ObjectIdentifier(new int[] {1,2,840,113549,1,1,8});
} catch (IOException ioe) {
// should not happen
OID_MGF1 = null;
}
try {
OID_PSpecified =
new ObjectIdentifier(new int[] {1,2,840,113549,1,1,9});
} catch (IOException ioe) {
// should not happen
OID_PSpecified = null;
}
}
private static ObjectIdentifier OID_MGF1 =
ObjectIdentifier.of("1.2.840.113549.1.1.8");
private static ObjectIdentifier OID_PSpecified =
ObjectIdentifier.of("1.2.840.113549.1.1.9");

public OAEPParameters() {
}
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -90,57 +90,28 @@
*
* </pre>
*/

abstract class PBES2Parameters extends AlgorithmParametersSpi {

private static final int pkcs5PBKDF2[] =
{1, 2, 840, 113549, 1, 5, 12};
private static final int pkcs5PBES2[] =
{1, 2, 840, 113549, 1, 5, 13};
private static final int hmacWithSHA1[] =
{1, 2, 840, 113549, 2, 7};
private static final int hmacWithSHA224[] =
{1, 2, 840, 113549, 2, 8};
private static final int hmacWithSHA256[] =
{1, 2, 840, 113549, 2, 9};
private static final int hmacWithSHA384[] =
{1, 2, 840, 113549, 2, 10};
private static final int hmacWithSHA512[] =
{1, 2, 840, 113549, 2, 11};
private static final int aes128CBC[] =
{2, 16, 840, 1, 101, 3, 4, 1, 2};
private static final int aes192CBC[] =
{2, 16, 840, 1, 101, 3, 4, 1, 22};
private static final int aes256CBC[] =
{2, 16, 840, 1, 101, 3, 4, 1, 42};

private static ObjectIdentifier pkcs5PBKDF2_OID;
private static ObjectIdentifier pkcs5PBES2_OID;
private static ObjectIdentifier hmacWithSHA1_OID;
private static ObjectIdentifier hmacWithSHA224_OID;
private static ObjectIdentifier hmacWithSHA256_OID;
private static ObjectIdentifier hmacWithSHA384_OID;
private static ObjectIdentifier hmacWithSHA512_OID;
private static ObjectIdentifier aes128CBC_OID;
private static ObjectIdentifier aes192CBC_OID;
private static ObjectIdentifier aes256CBC_OID;

static {
try {
pkcs5PBKDF2_OID = new ObjectIdentifier(pkcs5PBKDF2);
pkcs5PBES2_OID = new ObjectIdentifier(pkcs5PBES2);
hmacWithSHA1_OID = new ObjectIdentifier(hmacWithSHA1);
hmacWithSHA224_OID = new ObjectIdentifier(hmacWithSHA224);
hmacWithSHA256_OID = new ObjectIdentifier(hmacWithSHA256);
hmacWithSHA384_OID = new ObjectIdentifier(hmacWithSHA384);
hmacWithSHA512_OID = new ObjectIdentifier(hmacWithSHA512);
aes128CBC_OID = new ObjectIdentifier(aes128CBC);
aes192CBC_OID = new ObjectIdentifier(aes192CBC);
aes256CBC_OID = new ObjectIdentifier(aes256CBC);
} catch (IOException ioe) {
// should not happen
}
}
private static ObjectIdentifier pkcs5PBKDF2_OID =
ObjectIdentifier.of("1.2.840.113549.1.5.12");
private static ObjectIdentifier pkcs5PBES2_OID =
ObjectIdentifier.of("1.2.840.113549.1.5.13");
private static ObjectIdentifier hmacWithSHA1_OID =
ObjectIdentifier.of("1.2.840.113549.2.7");
private static ObjectIdentifier hmacWithSHA224_OID =
ObjectIdentifier.of("1.2.840.113549.2.8");
private static ObjectIdentifier hmacWithSHA256_OID =
ObjectIdentifier.of("1.2.840.113549.2.9");
private static ObjectIdentifier hmacWithSHA384_OID =
ObjectIdentifier.of("1.2.840.113549.2.10");
private static ObjectIdentifier hmacWithSHA512_OID =
ObjectIdentifier.of("1.2.840.113549.2.11");
private static ObjectIdentifier aes128CBC_OID =
ObjectIdentifier.of("2.16.840.1.101.3.4.1.2");
private static ObjectIdentifier aes192CBC_OID =
ObjectIdentifier.of("2.16.840.1.101.3.4.1.22");
private static ObjectIdentifier aes256CBC_OID =
ObjectIdentifier.of("2.16.840.1.101.3.4.1.42");

// the PBES2 algorithm name
private String pbes2AlgorithmName = null;
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -88,7 +88,7 @@
private static final Debug debug = Debug.getInstance("certpath");

private static final ObjectIdentifier ANY_EXTENDED_KEY_USAGE =
ObjectIdentifier.newInternal(new int[] {2, 5, 29, 37, 0});
ObjectIdentifier.of("2.5.29.37.0");

static {
CertPathHelperImpl.initialize();
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -38,50 +38,36 @@
public class ContentInfo {

// pkcs7 pre-defined content types
private static int[] pkcs7 = {1, 2, 840, 113549, 1, 7};
private static int[] data = {1, 2, 840, 113549, 1, 7, 1};
private static int[] sdata = {1, 2, 840, 113549, 1, 7, 2};
private static int[] edata = {1, 2, 840, 113549, 1, 7, 3};
private static int[] sedata = {1, 2, 840, 113549, 1, 7, 4};
private static int[] ddata = {1, 2, 840, 113549, 1, 7, 5};
private static int[] crdata = {1, 2, 840, 113549, 1, 7, 6};
private static int[] nsdata = {2, 16, 840, 1, 113730, 2, 5};
// timestamp token (id-ct-TSTInfo) from RFC 3161
private static int[] tstInfo = {1, 2, 840, 113549, 1, 9, 16, 1, 4};
public static ObjectIdentifier PKCS7_OID =
ObjectIdentifier.of("1.2.840.113549.1.7");
public static ObjectIdentifier DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.1");
public static ObjectIdentifier SIGNED_DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.2");
public static ObjectIdentifier ENVELOPED_DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.3");
public static ObjectIdentifier SIGNED_AND_ENVELOPED_DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.4");
public static ObjectIdentifier DIGESTED_DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.5");
public static ObjectIdentifier ENCRYPTED_DATA_OID =
ObjectIdentifier.of("1.2.840.113549.1.7.6");

// this is for backwards-compatibility with JDK 1.1.x
private static final int[] OLD_SDATA = {1, 2, 840, 1113549, 1, 7, 2};
private static final int[] OLD_DATA = {1, 2, 840, 1113549, 1, 7, 1};
public static ObjectIdentifier PKCS7_OID;
public static ObjectIdentifier DATA_OID;
public static ObjectIdentifier SIGNED_DATA_OID;
public static ObjectIdentifier ENVELOPED_DATA_OID;
public static ObjectIdentifier SIGNED_AND_ENVELOPED_DATA_OID;
public static ObjectIdentifier DIGESTED_DATA_OID;
public static ObjectIdentifier ENCRYPTED_DATA_OID;
public static ObjectIdentifier OLD_SIGNED_DATA_OID;
public static ObjectIdentifier OLD_DATA_OID;
public static ObjectIdentifier NETSCAPE_CERT_SEQUENCE_OID;
public static ObjectIdentifier TIMESTAMP_TOKEN_INFO_OID;

static {
PKCS7_OID = ObjectIdentifier.newInternal(pkcs7);
DATA_OID = ObjectIdentifier.newInternal(data);
SIGNED_DATA_OID = ObjectIdentifier.newInternal(sdata);
ENVELOPED_DATA_OID = ObjectIdentifier.newInternal(edata);
SIGNED_AND_ENVELOPED_DATA_OID = ObjectIdentifier.newInternal(sedata);
DIGESTED_DATA_OID = ObjectIdentifier.newInternal(ddata);
ENCRYPTED_DATA_OID = ObjectIdentifier.newInternal(crdata);
OLD_SIGNED_DATA_OID = ObjectIdentifier.newInternal(OLD_SDATA);
OLD_DATA_OID = ObjectIdentifier.newInternal(OLD_DATA);
/**
* The ASN.1 systax for the Netscape Certificate Sequence
* data type is defined
* <a href=http://wp.netscape.com/eng/security/comm4-cert-download.html>
* here.</a>
*/
NETSCAPE_CERT_SEQUENCE_OID = ObjectIdentifier.newInternal(nsdata);
TIMESTAMP_TOKEN_INFO_OID = ObjectIdentifier.newInternal(tstInfo);
}
public static ObjectIdentifier OLD_SIGNED_DATA_OID =
ObjectIdentifier.of("1.2.840.1113549.1.7.2");
public static ObjectIdentifier OLD_DATA_OID =
ObjectIdentifier.of("1.2.840.1113549.1.7.1");

// The ASN.1 systax for the Netscape Certificate Sequence data type is
// defined at:
// http://wp.netscape.com/eng/security/comm4-cert-download.html
public static ObjectIdentifier NETSCAPE_CERT_SEQUENCE_OID =
ObjectIdentifier.of("2.16.840.1.113730.2.5");

// timestamp token (id-ct-TSTInfo) from RFC 3161
public static ObjectIdentifier TIMESTAMP_TOKEN_INFO_OID =
ObjectIdentifier.of("1.2.840.113549.1.9.16.1.4");

ObjectIdentifier contentType;
DerValue content; // OPTIONAL
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -190,15 +190,14 @@

static { // static initializer for PKCS9_OIDS
for (int i = 1; i < PKCS9_OIDS.length - 2; i++) {
PKCS9_OIDS[i] =
ObjectIdentifier.newInternal(new int[]{1,2,840,113549,1,9,i});
PKCS9_OIDS[i] = ObjectIdentifier.of("1.2.840.113549.1.9." + i);
}
// Initialize SigningCertificate and SignatureTimestampToken
// separately (because their values are out of sequence)
PKCS9_OIDS[PKCS9_OIDS.length - 2] =
ObjectIdentifier.newInternal(new int[]{1,2,840,113549,1,9,16,2,12});
ObjectIdentifier.of("1.2.840.113549.1.9.16.2.12");
PKCS9_OIDS[PKCS9_OIDS.length - 1] =
ObjectIdentifier.newInternal(new int[]{1,2,840,113549,1,9,16,2,14});
ObjectIdentifier.of("1.2.840.113549.1.9.16.2.14");

try {
BYTE_ARRAY_CLASS = Class.forName("[B");
@@ -253,7 +252,7 @@
* that occur in PKCS9, in lower case.
*/
private static final Hashtable<String, ObjectIdentifier> NAME_OID_TABLE =
new Hashtable<String, ObjectIdentifier>(18);
new Hashtable<String, ObjectIdentifier>(17);

static { // static initializer for PCKS9_NAMES
NAME_OID_TABLE.put("emailaddress", PKCS9_OIDS[1]);
@@ -280,7 +279,7 @@
* corresponding attribute value type.
*/
private static final Hashtable<ObjectIdentifier, String> OID_NAME_TABLE =
new Hashtable<ObjectIdentifier, String>(16);
new Hashtable<ObjectIdentifier, String>(17);
static {
OID_NAME_TABLE.put(PKCS9_OIDS[1], EMAIL_ADDRESS_STR);
OID_NAME_TABLE.put(PKCS9_OIDS[2], UNSTRUCTURED_NAME_STR);

0 comments on commit 4e430ff

Please sign in to comment.