This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push: new 375f588 Move toPEM to PEMFile 375f588 is described below commit 375f5887029759cb88ee44c4600835f6035e3573 Author: remm <r...@apache.org> AuthorDate: Thu Jun 11 14:40:34 2020 +0200 Move toPEM to PEMFile Also remove obsolete class comment since it now supports more formats. --- .../org/apache/catalina/valves/rewrite/ResolverImpl.java | 16 +++------------- java/org/apache/tomcat/util/net/jsse/PEMFile.java | 15 ++++++++++++--- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java index 3b443c7..f4c38e1 100644 --- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java +++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java @@ -33,9 +33,9 @@ import java.util.concurrent.TimeUnit; import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.connector.Request; -import org.apache.tomcat.util.codec.binary.Base64; import org.apache.tomcat.util.http.FastHttpDateFormat; import org.apache.tomcat.util.net.SSLSupport; +import org.apache.tomcat.util.net.jsse.PEMFile; import org.apache.tomcat.util.net.openssl.ciphers.Cipher; import org.apache.tomcat.util.net.openssl.ciphers.EncryptionLevel; import org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser; @@ -256,13 +256,13 @@ public class ResolverImpl extends Resolver { return certificates[0].getPublicKey().getAlgorithm(); } else if (key.equals("CERT")) { try { - return toPEM(certificates[0]); + return PEMFile.toPEM(certificates[0]); } catch (CertificateEncodingException e) { } } else if (key.startsWith("CERT_CHAIN_")) { key = key.substring("CERT_CHAIN_".length()); try { - return toPEM(certificates[Integer.parseInt(key)]); + return PEMFile.toPEM(certificates[Integer.parseInt(key)]); } catch (NumberFormatException | ArrayIndexOutOfBoundsException | CertificateEncodingException e) { // Ignore @@ -306,16 +306,6 @@ public class ResolverImpl extends Resolver { return null; } - private String toPEM(X509Certificate certificate) throws CertificateEncodingException { - StringBuilder result = new StringBuilder(); - result.append("-----BEGIN CERTIFICATE-----"); - result.append(System.lineSeparator()); - Base64 b64 = new Base64(64); - result.append(b64.encodeAsString(certificate.getEncoded())); - result.append("-----END CERTIFICATE-----"); - return result.toString(); - } - @Override public String resolveHttp(String key) { String header = request.getHeader(key); diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java b/java/org/apache/tomcat/util/net/jsse/PEMFile.java index a6d1164..cccf8f4 100644 --- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java +++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java @@ -27,6 +27,7 @@ import java.security.GeneralSecurityException; import java.security.InvalidKeyException; import java.security.KeyFactory; import java.security.PrivateKey; +import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; @@ -50,9 +51,7 @@ import org.apache.tomcat.util.file.ConfigFileLoader; import org.apache.tomcat.util.res.StringManager; /** - * RFC 1421 PEM file containing X509 certificates or private keys (PKCS#8 only, - * i.e. with boundaries containing "BEGIN PRIVATE KEY" or "BEGIN ENCRYPTED PRIVATE KEY", - * not "BEGIN RSA PRIVATE KEY" or other variations). + * RFC 1421 PEM file containing X509 certificates or private keys. */ public class PEMFile { @@ -61,6 +60,16 @@ public class PEMFile { private static final byte[] OID_EC_PUBLIC_KEY = new byte[] { 0x06, 0x07, 0x2A, (byte) 0x86, 0x48, (byte) 0xCE, 0x3D, 0x02, 0x01 }; + public static String toPEM(X509Certificate certificate) throws CertificateEncodingException { + StringBuilder result = new StringBuilder(); + result.append("-----BEGIN CERTIFICATE-----"); + result.append(System.lineSeparator()); + Base64 b64 = new Base64(64); + result.append(b64.encodeAsString(certificate.getEncoded())); + result.append("-----END CERTIFICATE-----"); + return result.toString(); + } + private String filename; private List<X509Certificate> certificates = new ArrayList<>(); private PrivateKey privateKey; --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org