[tomcat] branch 8.5.x updated: Move toPEM to PEMFile

Thu, 11 Jun 2020 05:42:16 -0700 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 375f588  Move toPEM to PEMFile
375f588 is described below

commit 375f5887029759cb88ee44c4600835f6035e3573
Author: remm <r...@apache.org>
AuthorDate: Thu Jun 11 14:40:34 2020 +0200

    Move toPEM to PEMFile
    
    Also remove obsolete class comment since it now supports more formats.
---
 .../org/apache/catalina/valves/rewrite/ResolverImpl.java | 16 +++-------------
 java/org/apache/tomcat/util/net/jsse/PEMFile.java        | 15 ++++++++++++---
 2 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java 
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index 3b443c7..f4c38e1 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -33,9 +33,9 @@ import java.util.concurrent.TimeUnit;
 import org.apache.catalina.WebResource;
 import org.apache.catalina.WebResourceRoot;
 import org.apache.catalina.connector.Request;
-import org.apache.tomcat.util.codec.binary.Base64;
 import org.apache.tomcat.util.http.FastHttpDateFormat;
 import org.apache.tomcat.util.net.SSLSupport;
+import org.apache.tomcat.util.net.jsse.PEMFile;
 import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
 import org.apache.tomcat.util.net.openssl.ciphers.EncryptionLevel;
 import 
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser;
@@ -256,13 +256,13 @@ public class ResolverImpl extends Resolver {
             return certificates[0].getPublicKey().getAlgorithm();
         } else if (key.equals("CERT")) {
             try {
-                return toPEM(certificates[0]);
+                return PEMFile.toPEM(certificates[0]);
             } catch (CertificateEncodingException e) {
             }
         } else if (key.startsWith("CERT_CHAIN_")) {
             key = key.substring("CERT_CHAIN_".length());
             try {
-                return toPEM(certificates[Integer.parseInt(key)]);
+                return PEMFile.toPEM(certificates[Integer.parseInt(key)]);
             } catch (NumberFormatException | ArrayIndexOutOfBoundsException
                     | CertificateEncodingException e) {
                 // Ignore
@@ -306,16 +306,6 @@ public class ResolverImpl extends Resolver {
         return null;
     }
 
-    private String toPEM(X509Certificate certificate) throws 
CertificateEncodingException {
-        StringBuilder result = new StringBuilder();
-        result.append("-----BEGIN CERTIFICATE-----");
-        result.append(System.lineSeparator());
-        Base64 b64 = new Base64(64);
-        result.append(b64.encodeAsString(certificate.getEncoded()));
-        result.append("-----END CERTIFICATE-----");
-        return result.toString();
-    }
-
     @Override
     public String resolveHttp(String key) {
         String header = request.getHeader(key);
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index a6d1164..cccf8f4 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -27,6 +27,7 @@ import java.security.GeneralSecurityException;
 import java.security.InvalidKeyException;
 import java.security.KeyFactory;
 import java.security.PrivateKey;
+import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -50,9 +51,7 @@ import org.apache.tomcat.util.file.ConfigFileLoader;
 import org.apache.tomcat.util.res.StringManager;
 
 /**
- * RFC 1421 PEM file containing X509 certificates or private keys (PKCS#8 only,
- * i.e. with boundaries containing "BEGIN PRIVATE KEY" or "BEGIN ENCRYPTED 
PRIVATE KEY",
- * not "BEGIN RSA PRIVATE KEY" or other variations).
+ * RFC 1421 PEM file containing X509 certificates or private keys.
  */
 public class PEMFile {
 
@@ -61,6 +60,16 @@ public class PEMFile {
     private static final byte[] OID_EC_PUBLIC_KEY =
             new byte[] { 0x06, 0x07, 0x2A, (byte) 0x86, 0x48, (byte) 0xCE, 
0x3D, 0x02, 0x01 };
 
+    public static String toPEM(X509Certificate certificate) throws 
CertificateEncodingException {
+        StringBuilder result = new StringBuilder();
+        result.append("-----BEGIN CERTIFICATE-----");
+        result.append(System.lineSeparator());
+        Base64 b64 = new Base64(64);
+        result.append(b64.encodeAsString(certificate.getEncoded()));
+        result.append("-----END CERTIFICATE-----");
+        return result.toString();
+    }
+
     private String filename;
     private List<X509Certificate> certificates = new ArrayList<>();
     private PrivateKey privateKey;


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to