From 28fa18278c1f3a87722d5e8b78f581526a30bb38 Mon Sep 17 00:00:00 2001 From: Yuuta Liang Date: Sat, 14 Oct 2023 05:35:17 +0800 Subject: Fix lint Signed-off-by: Yuuta Liang --- src/main/model/asn1/ASN1Length.java | 14 +- src/main/model/asn1/ASN1Object.java | 73 ++++---- src/main/model/asn1/ASN1String.java | 15 +- src/main/model/asn1/ASN1Time.java | 10 +- src/main/model/asn1/BitString.java | 10 +- src/main/model/asn1/Bool.java | 10 +- src/main/model/asn1/GeneralizedTime.java | 8 +- src/main/model/asn1/IA5String.java | 10 +- src/main/model/asn1/Int.java | 10 +- src/main/model/asn1/Null.java | 6 +- src/main/model/asn1/ObjectIdentifier.java | 74 ++++---- src/main/model/asn1/PrintableString.java | 8 +- src/main/model/asn1/Tag.java | 12 +- src/main/model/asn1/UTF8String.java | 5 +- src/main/model/asn1/UtcTime.java | 8 +- src/main/model/asn1/parsing/BytesReader.java | 8 +- src/main/model/ca/CACertificate.java | 54 +++--- src/main/model/ca/Template.java | 9 +- src/main/model/csr/Attribute.java | 16 +- src/main/model/csr/Attributes.java | 4 +- src/main/model/csr/CertificationRequest.java | 16 +- src/main/model/csr/CertificationRequestInfo.java | 18 +- src/main/model/csr/Values.java | 4 +- src/main/model/pki/AlgorithmIdentifier.java | 12 +- src/main/model/pki/SubjectPublicKeyInfo.java | 10 +- src/main/model/pki/cert/Certificate.java | 16 +- src/main/model/pki/cert/Extension.java | 20 +-- src/main/model/pki/cert/Extensions.java | 5 +- src/main/model/pki/cert/TbsCertificate.java | 49 +++--- src/main/model/pki/cert/Validity.java | 12 +- src/main/model/pki/crl/CertificateList.java | 7 +- src/main/model/pki/crl/CertificateListContent.java | 14 +- src/main/model/pki/crl/RevokedCertificate.java | 20 +-- src/main/model/x501/AttributeTypeAndValue.java | 13 +- src/main/model/x501/Name.java | 4 +- src/main/model/x501/RelativeDistinguishedName.java | 4 +- src/main/ui/IssueScreen.java | 1 - src/main/ui/JCA.java | 68 ++++---- src/main/ui/MainScreen.java | 12 +- src/main/ui/Utils.java | 8 +- src/test/model/TestConstants.java | 187 ++++++++++----------- src/test/model/asn1/ASN1LengthTest.java | 39 +++-- src/test/model/asn1/ASN1ObjectTest.java | 67 ++++---- src/test/model/asn1/BitStringTest.java | 42 ++--- src/test/model/asn1/BoolTest.java | 20 +-- src/test/model/asn1/GeneralizedTimeTest.java | 14 +- src/test/model/asn1/IA5StringTest.java | 24 +-- src/test/model/asn1/IntTest.java | 58 +++---- src/test/model/asn1/NullTest.java | 10 +- src/test/model/asn1/ObjectIdentifierTest.java | 60 +++---- src/test/model/asn1/OctetStringTest.java | 25 ++- src/test/model/asn1/PrintableStringTest.java | 22 +-- src/test/model/asn1/TagClassTest.java | 2 +- src/test/model/asn1/TagTest.java | 46 ++--- src/test/model/asn1/UTF8StringTest.java | 18 +- src/test/model/asn1/UtcTimeTest.java | 14 +- src/test/model/asn1/parsing/BytesReaderTest.java | 36 ++-- src/test/model/csr/AttributeTest.java | 2 +- src/test/model/csr/AttributesTest.java | 14 +- .../model/csr/CertificationRequestInfoTest.java | 54 +++--- src/test/model/csr/CertificationRequestTest.java | 46 ++--- src/test/model/csr/ValuesTest.java | 7 - src/test/model/pki/AlgorithmIdentifierTest.java | 12 +- src/test/model/pki/SubjectPublicKeyInfoTest.java | 65 ++++--- src/test/model/pki/cert/CertificateTest.java | 19 +-- src/test/model/pki/cert/ExtensionTest.java | 42 ++--- src/test/model/pki/cert/TbsCertificateTest.java | 10 +- src/test/model/pki/cert/ValidityTest.java | 18 +- .../model/pki/crl/CertificateListContentTest.java | 13 +- src/test/model/pki/crl/CertificateListTest.java | 22 +-- src/test/model/pki/crl/RevokedCertificateTest.java | 9 +- src/test/model/x501/AttributeTypeAndValueTest.java | 4 +- src/test/model/x501/NameTest.java | 2 +- .../model/x501/RelativeDistinguishedNameTest.java | 13 +- src/test/ui/UtilsTest.java | 28 +-- 75 files changed, 855 insertions(+), 886 deletions(-) (limited to 'src') diff --git a/src/main/model/asn1/ASN1Length.java b/src/main/model/asn1/ASN1Length.java index e85689c..913b35a 100644 --- a/src/main/model/asn1/ASN1Length.java +++ b/src/main/model/asn1/ASN1Length.java @@ -4,8 +4,6 @@ import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; import ui.Utils; -import java.util.Arrays; - /** * Represents the Length part in DER encoding. It appears after Tag and before Value. It represents the length of the * encoded Value in bytes. @@ -31,11 +29,11 @@ public class ASN1Length implements Encodable { /** * EFFECTS: Parse the length from the given DER input. - * Throws {@link ParseException} if the input is invalid: - * - Indefinite length - * - Not enough bytes - * - Initial byte 0b11111111 (See X.690$8.1.3.5) - * - Value too long (compliant to RFC but unsupported by this program): multibyte and # of bytes > 3 + * Throws {@link ParseException} if the input is invalid: + * - Indefinite length + * - Not enough bytes + * - Initial byte 0b11111111 (See X.690$8.1.3.5) + * - Value too long (compliant to RFC but unsupported by this program): multibyte and # of bytes > 3 * MODIFIES: reader (bytes are read, at least one byte, at most 5 bytes) */ public ASN1Length(BytesReader reader) throws ParseException { @@ -78,7 +76,7 @@ public class ASN1Length implements Encodable { // DER prefers the shortest form. if (length <= 127) { // Possible in a single byte. - return new Byte[]{ (byte) length }; + return new Byte[]{(byte) length}; } else { // Big-endian encoding of the length. DER uses big-endian. final Byte[] lengthBytes = Utils.valToByte(length); diff --git a/src/main/model/asn1/ASN1Object.java b/src/main/model/asn1/ASN1Object.java index 9b4a98c..434a6c5 100644 --- a/src/main/model/asn1/ASN1Object.java +++ b/src/main/model/asn1/ASN1Object.java @@ -2,14 +2,10 @@ package model.asn1; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; -import ui.Utils; -import java.nio.ByteBuffer; import java.util.ArrayList; import java.util.Arrays; import java.util.List; -import java.util.stream.Collectors; -import java.util.stream.Stream; /** * Represents an encode-able ASN.1 object. It can be a SEQUENCE, an INTEGER, an OID, or any other ASN.1 type. @@ -50,9 +46,9 @@ public class ASN1Object implements Encodable { * of the corresponding types. However, applications may use context-specific * or private tags for corresponding fields, either implicitly encoded or explicitly encoded. * REQUIRES: Three cases: - * 1. No context-specific tag: parentTag must be null. - * 2. Implicit encoding: parentTag must be null, and the tag must be CONTEXT_SPECIFIC. - * 3. Explicit encoding: parentTag must be constructive and CONTEXT_SPECIFIC. + * 1. No context-specific tag: parentTag must be null. + * 2. Implicit encoding: parentTag must be null, and the tag must be CONTEXT_SPECIFIC. + * 3. Explicit encoding: parentTag must be constructive and CONTEXT_SPECIFIC. */ public ASN1Object(Tag tag, Tag parentTag) { this.tag = tag; @@ -66,13 +62,13 @@ public class ASN1Object implements Encodable { * and value (length = 0 if no value in DER, but never null). It will fill the value and length but will not mark * the value as read (only the tag will be marked). Subtypes are responsible for deserializing the values. This * method is not appropriate for parsing an unknown input (use subtypes instead) since values will be left unread. - * Throws {@link ParseException} if input is invalid: - * The input data must have a valid - * parentTag (optional) - parentLength (optional) - tag - length - value (optional). - * The value must match the corresponding type (e.g., an INTEGER value cannot go to an OctetString type). - * The value must be supported by the corresponding type (e.g., a Printable must only contain valid chars). - * If parentTag presents, its class must be CONTEXT_SPECIFIC, and it must be constructive. - * If parentLength presents, it must not be 0. + * Throws {@link ParseException} if input is invalid: + * The input data must have a valid + * parentTag (optional) - parentLength (optional) - tag - length - value (optional). + * The value must match the corresponding type (e.g., an INTEGER value cannot go to an OctetString type). + * The value must be supported by the corresponding type (e.g., a Printable must only contain valid chars). + * If parentTag presents, its class must be CONTEXT_SPECIFIC, and it must be constructive. + * If parentLength presents, it must not be 0. * MODIFIES: this, encoded (bytes are read) * REQUIRES: If hasParentTag is true, parentTag and parentLength must present. Otherwise, they must be null. Assumes * that the length won't be lower than actual. Assumes parentLength = length(tag + length + value). @@ -108,23 +104,34 @@ public class ASN1Object implements Encodable { * if unrecognized or application-defined (SEQUENCE or SET). It will always mark anything to be read, including * unrecognized type values. This method is appropriate to decode an unknown input stream into known or unknown * types. All values will be read. - * Throws {@link ParseException} if the input is invalid. + * Throws {@link ParseException} if the input is invalid. * MODIFIES: encoded */ public static ASN1Object parse(BytesReader encoded, boolean hasParentTag) throws ParseException { final Tag t = encoded.getTag(hasParentTag); switch (t.getNumber()) { - case 0x1: return new Bool(encoded, hasParentTag); - case 0x2: return new Int(encoded, hasParentTag); - case 0x3: return new BitString(encoded, hasParentTag); - case 0x4: return new OctetString(encoded, hasParentTag); - case 0x5: return new Null(encoded, hasParentTag); - case 0x6: return new ObjectIdentifier(encoded, hasParentTag); - case 0xC: return new UTF8String(encoded, hasParentTag); - case 0x13: return new PrintableString(encoded, hasParentTag); - case 0x16: return new IA5String(encoded, hasParentTag); - case 0x17: return new UtcTime(encoded, hasParentTag); - case 0x18: return new GeneralizedTime(encoded, hasParentTag); + case 0x1: + return new Bool(encoded, hasParentTag); + case 0x2: + return new Int(encoded, hasParentTag); + case 0x3: + return new BitString(encoded, hasParentTag); + case 0x4: + return new OctetString(encoded, hasParentTag); + case 0x5: + return new Null(encoded, hasParentTag); + case 0x6: + return new ObjectIdentifier(encoded, hasParentTag); + case 0xC: + return new UTF8String(encoded, hasParentTag); + case 0x13: + return new PrintableString(encoded, hasParentTag); + case 0x16: + return new IA5String(encoded, hasParentTag); + case 0x17: + return new UtcTime(encoded, hasParentTag); + case 0x18: + return new GeneralizedTime(encoded, hasParentTag); default: { ASN1Object object = new ASN1Object(encoded, hasParentTag); // Mark as read unconditionally because there aren't any type handlers that read them. @@ -139,16 +146,16 @@ public class ASN1Object implements Encodable { * The encoding will result in: * (Parent Tag)(Tag)(Length)(Value) * Parent Tag - Only exists if the field has a context-specific parent tag number and use explicit tagging. In this - * case, the parent tag is the tag supplied in the constructor. If the field uses implicit tag - * encoding or does not have a context-specific tag number, this field does not exist. This field, - * as specified in the REQUIRES clause in the constructor, is always constructive. + * case, the parent tag is the tag supplied in the constructor. If the field uses implicit tag + * encoding or does not have a context-specific tag number, this field does not exist. This field, + * as specified in the REQUIRES clause in the constructor, is always constructive. * Parent Length - The length of the following (tag, length, and value). A detailed length description, see follows. * Tag - The tag value. * Length - The length of the value, in number of bytes. If the length is <= 127, it will contain only a single - * byte of length value, with the highest bit cleared. If the length is > 127, the first length byte - * will have its highest bit set, with the remaining bits representing how many bytes are needed to - * store the length integer. Followed are the integer, in multiple bytes, representing the length. The - * multibyte integer are encoded in big-endian. + * byte of length value, with the highest bit cleared. If the length is > 127, the first length byte + * will have its highest bit set, with the remaining bits representing how many bytes are needed to + * store the length integer. Followed are the integer, in multiple bytes, representing the length. The + * multibyte integer are encoded in big-endian. * Value - The value, with a total length (in bytes) corresponding to the Length field. * REQUIRES: encodeValueDER() != null */ diff --git a/src/main/model/asn1/ASN1String.java b/src/main/model/asn1/ASN1String.java index 148c564..ef7f07b 100644 --- a/src/main/model/asn1/ASN1String.java +++ b/src/main/model/asn1/ASN1String.java @@ -2,7 +2,6 @@ package model.asn1; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; -import ui.Utils; import java.nio.charset.StandardCharsets; @@ -15,8 +14,8 @@ public abstract class ASN1String extends ASN1Object { /** * EFFECTS: Constructs an ASN1String with the given tag, parent tag, and string. - * - Throws {@link ParseException} if the string does not pass corresponding restrictions of the specific - * string type (same as {@link ASN1String#validate(String)}) + * - Throws {@link ParseException} if the string does not pass corresponding restrictions of the specific + * string type (same as {@link ASN1String#validate(String)}) * REQUIRES: For the requirements of tag and parentTag, consult {@link ASN1Object}. */ public ASN1String(Tag tag, Tag parentTag, String string) throws ParseException { @@ -26,10 +25,10 @@ public abstract class ASN1String extends ASN1Object { /** * EFFECTS: Parse the input value. See {@link ASN1Object} with the rawString. - * Throws {@link ParseException} when invalid: - * - String does not pass type restrictions - * - Early EOF - * - Other cases as seen in {@link ASN1Object} + * Throws {@link ParseException} when invalid: + * - String does not pass type restrictions + * - Early EOF + * - Other cases as seen in {@link ASN1Object} * MODIFIES: this, encoded (bytes are read) */ public ASN1String(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -38,7 +37,7 @@ public abstract class ASN1String extends ASN1Object { /** * EFFECTS: Validate and set the string. - * Throws {@link ParseException} if the string is invalid. + * Throws {@link ParseException} if the string is invalid. * MODIFIES: this */ protected void setString(String rawString) throws ParseException { diff --git a/src/main/model/asn1/ASN1Time.java b/src/main/model/asn1/ASN1Time.java index 08f861e..8f386f5 100644 --- a/src/main/model/asn1/ASN1Time.java +++ b/src/main/model/asn1/ASN1Time.java @@ -29,10 +29,10 @@ public abstract class ASN1Time extends ASN1Object { /** * EFFECTS: Parse and decode DER bytes into the corresponding time type. For more info on decoding, take a look at * {@link ASN1Object}. - * Throws {@link ParseException} if the input is invalid: - * - Invalid date format - * - Zero length - * - Other circumstances (e.g., early EOF) as seen in {@link ASN1Object} + * Throws {@link ParseException} if the input is invalid: + * - Invalid date format + * - Zero length + * - Other circumstances (e.g., early EOF) as seen in {@link ASN1Object} * MODIFIES: this, encoded */ public ASN1Time(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -50,7 +50,7 @@ public abstract class ASN1Time extends ASN1Object { /** * EFFECTS: Convert the given string into corresponding timestamp. - * Throws {@link ParseException} if the time is malformed. + * Throws {@link ParseException} if the time is malformed. */ public abstract ZonedDateTime toDate(String str) throws ParseException; diff --git a/src/main/model/asn1/BitString.java b/src/main/model/asn1/BitString.java index 0561f24..3b4c32e 100644 --- a/src/main/model/asn1/BitString.java +++ b/src/main/model/asn1/BitString.java @@ -22,7 +22,7 @@ import java.math.BigInteger; * 0b 00000110 01101110 01011101 11000000 * ^ 6 ^ ^ Original Number ^^Pad^ * - * + *

* BIT STRING has nothing to do with encoding bytes as printable strings (base10 or base16 or ASCII). */ public class BitString extends ASN1Object { @@ -48,10 +48,10 @@ public class BitString extends ASN1Object { /** * EFFECT: Parse the input DER. - * Throws {@link ParseException} if the input is invalid: - * - Unused is not in 0 <= unused < 8 - * - The last byte does not have its lowest $unused bits zero - * - Other issues found according to {@link ASN1Object} + * Throws {@link ParseException} if the input is invalid: + * - Unused is not in 0 <= unused < 8 + * - The last byte does not have its lowest $unused bits zero + * - Other issues found according to {@link ASN1Object} */ public BitString(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); diff --git a/src/main/model/asn1/Bool.java b/src/main/model/asn1/Bool.java index d9f1851..b400c7f 100644 --- a/src/main/model/asn1/Bool.java +++ b/src/main/model/asn1/Bool.java @@ -26,10 +26,10 @@ public class Bool extends ASN1Object { /** * EFFECTS: Parse input bytes. For more information on tags parsing, consult {@link ASN1Object}. - * Throws {@link ParseException} if the input data is invalid: - * - The length is not 1 - * - The value is neither 0x00 nor 0xFF - * - Other cases as denoted in {@link ASN1Object} + * Throws {@link ParseException} if the input data is invalid: + * - The length is not 1 + * - The value is neither 0x00 nor 0xFF + * - Other cases as denoted in {@link ASN1Object} */ public Bool(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); @@ -51,7 +51,7 @@ public class Bool extends ASN1Object { */ @Override public Byte[] encodeValueDER() { - return new Byte[]{ value ? (byte) -1 : 0 }; + return new Byte[]{value ? (byte) -1 : 0}; } public boolean getValue() { diff --git a/src/main/model/asn1/GeneralizedTime.java b/src/main/model/asn1/GeneralizedTime.java index 385642d..5482906 100644 --- a/src/main/model/asn1/GeneralizedTime.java +++ b/src/main/model/asn1/GeneralizedTime.java @@ -56,9 +56,9 @@ public class GeneralizedTime extends ASN1Time { /** * EFFECT: Parse the given DER input. Time will be assumed to be in UTC. - * Throws {@link ParseException}: - * - The time is not in the string format specified in class specification - * - Other invalid input is found. See {@link ASN1Object} for more details on parsing + * Throws {@link ParseException}: + * - The time is not in the string format specified in class specification + * - Other invalid input is found. See {@link ASN1Object} for more details on parsing */ public GeneralizedTime(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); @@ -66,7 +66,7 @@ public class GeneralizedTime extends ASN1Time { /** * EFFECT: Parse the string into time, in the format specified in class specification. - * Throws {@link ParseException} if the input is malformed. + * Throws {@link ParseException} if the input is malformed. */ @Override public ZonedDateTime toDate(String str) throws ParseException { diff --git a/src/main/model/asn1/IA5String.java b/src/main/model/asn1/IA5String.java index ea5cf91..f8e9800 100644 --- a/src/main/model/asn1/IA5String.java +++ b/src/main/model/asn1/IA5String.java @@ -18,7 +18,7 @@ public class IA5String extends ASN1String { /** * EFFECTS: Constructs an IA5String with the given tag and string. - * Throws {@link ParseException} if the string is invalid. It must only contain T.50 chars. + * Throws {@link ParseException} if the string is invalid. It must only contain T.50 chars. * REQUIRES: For the requirements of tag and parentTag, consult {@link ASN1Object}. */ public IA5String(Tag tag, Tag parentTag, String string) throws ParseException { @@ -28,10 +28,10 @@ public class IA5String extends ASN1String { /** * EFFECTS: Parse from user input. Tags are parsed as-per {@link ASN1Object}. The value will be parsed as UTF-8 big * endian. - * Throws {@link ParseException} if the encoded data is invalid: - * - Illegal string (containing non-T.50 chars) - * - Early EOF - * - Other cases in {@link ASN1Object} + * Throws {@link ParseException} if the encoded data is invalid: + * - Illegal string (containing non-T.50 chars) + * - Early EOF + * - Other cases in {@link ASN1Object} * MODIFIES: this, encoded */ public IA5String(BytesReader encoded, boolean hasParentTag) throws ParseException { diff --git a/src/main/model/asn1/Int.java b/src/main/model/asn1/Int.java index 4eeeedf..87f1505 100644 --- a/src/main/model/asn1/Int.java +++ b/src/main/model/asn1/Int.java @@ -41,10 +41,10 @@ public class Int extends ASN1Object { /** * EFFECTS: Parse input and get the int value. Tags are parsed in {@link ASN1Object}. - * Throws {@link ParseException} if encoded value are invalid: - * - Early EOF (not enough bytes) - * - Zero bytes length - * - Other issues denoted in {@link ASN1Object} + * Throws {@link ParseException} if encoded value are invalid: + * - Early EOF (not enough bytes) + * - Zero bytes length + * - Other issues denoted in {@link ASN1Object} * MODIFIES: this, encoded */ public Int(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -78,7 +78,7 @@ public class Int extends ASN1Object { /** * EFFECTS: Get the value in long. - * Throws {@link ArithmeticException} if the value is too large for long. + * Throws {@link ArithmeticException} if the value is too large for long. */ public long getLong() throws ArithmeticException { return value.longValueExact(); diff --git a/src/main/model/asn1/Null.java b/src/main/model/asn1/Null.java index 019db85..9045e14 100644 --- a/src/main/model/asn1/Null.java +++ b/src/main/model/asn1/Null.java @@ -24,9 +24,9 @@ public class Null extends ASN1Object { /** * EFFECTS: Parse input bytes. For more information on tags parsing, consult {@link ASN1Object}. - * Throws {@link ParseException} if the input data is invalid: - * - The length is not 0 - * - Other cases as denoted in {@link ASN1Object} + * Throws {@link ParseException} if the input data is invalid: + * - The length is not 0 + * - Other cases as denoted in {@link ASN1Object} */ public Null(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); diff --git a/src/main/model/asn1/ObjectIdentifier.java b/src/main/model/asn1/ObjectIdentifier.java index c7278db..f6e850a 100644 --- a/src/main/model/asn1/ObjectIdentifier.java +++ b/src/main/model/asn1/ObjectIdentifier.java @@ -5,8 +5,6 @@ import model.asn1.parsing.BytesReader; import ui.Utils; import java.math.BigInteger; -import java.nio.ByteBuffer; -import java.nio.ByteOrder; import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -20,49 +18,49 @@ public class ObjectIdentifier extends ASN1Object { */ public static final Tag TAG = new Tag(TagClass.UNIVERSAL, false, 0x6); - public static final Integer[] OID_CN = new Integer[]{ 2, 5, 4, 3 }; - public static final Integer[] OID_SN = new Integer[]{ 2, 5, 4, 4 }; - public static final Integer[] OID_C = new Integer[]{ 2, 5, 4, 6 }; - public static final Integer[] OID_L = new Integer[]{ 2, 5, 4, 7 }; - public static final Integer[] OID_O = new Integer[]{ 2, 5, 4, 10 }; - public static final Integer[] OID_OU = new Integer[]{ 2, 5, 4, 11 }; - public static final Integer[] OID_DC = new Integer[]{ 0, 9, 2342, 19200300, 100, 1, 25 }; + public static final Integer[] OID_CN = new Integer[]{2, 5, 4, 3}; + public static final Integer[] OID_SN = new Integer[]{2, 5, 4, 4}; + public static final Integer[] OID_C = new Integer[]{2, 5, 4, 6}; + public static final Integer[] OID_L = new Integer[]{2, 5, 4, 7}; + public static final Integer[] OID_O = new Integer[]{2, 5, 4, 10}; + public static final Integer[] OID_OU = new Integer[]{2, 5, 4, 11}; + public static final Integer[] OID_DC = new Integer[]{0, 9, 2342, 19200300, 100, 1, 25}; public static final Integer[] OID_EXTENSION_REQUEST = - new Integer[]{ 1, 2, 840, 113549, 1, 9, 14 }; + new Integer[]{1, 2, 840, 113549, 1, 9, 14}; public static final Integer[] OID_RSA_ENCRYPTION = - new Integer[]{ 1, 2, 840, 113549, 1, 1, 1 }; + new Integer[]{1, 2, 840, 113549, 1, 1, 1}; public static final Integer[] OID_SHA256_WITH_RSA_ENCRYPTION = - new Integer[]{ 1, 2, 840, 113549, 1, 1, 11 }; + new Integer[]{1, 2, 840, 113549, 1, 1, 11}; public static final Integer[] OID_EC_PUBLIC_KEY = - new Integer[]{ 1, 2, 840, 10045, 2, 1 }; + new Integer[]{1, 2, 840, 10045, 2, 1}; public static final Integer[] OID_ECDSA_WITH_SHA256 = - new Integer[]{ 1, 2, 840, 10045, 4, 3, 2 }; + new Integer[]{1, 2, 840, 10045, 4, 3, 2}; public static final Integer[] OID_ECDSA_WITH_SHA512 = - new Integer[]{ 1, 2, 840, 10045, 4, 3, 4 }; + new Integer[]{1, 2, 840, 10045, 4, 3, 4}; public static final Integer[] OID_PRIME256_V1 = - new Integer[]{ 1, 2, 840, 10045, 3, 1, 7 }; + new Integer[]{1, 2, 840, 10045, 3, 1, 7}; public static final Integer[] OID_SUBJECT_KEY_IDENTIFIER = - new Integer[]{ 2, 5, 29, 14 }; + new Integer[]{2, 5, 29, 14}; public static final Integer[] OID_KEY_USAGE = - new Integer[]{ 2, 5, 29, 15 }; + new Integer[]{2, 5, 29, 15}; public static final Integer[] OID_BASIC_CONSTRAINTS = - new Integer[]{ 2, 5, 29, 19 }; + new Integer[]{2, 5, 29, 19}; public static final Integer[] OID_AUTHORITY_KEY_IDENTIFIER = - new Integer[]{ 2, 5, 29, 35 }; + new Integer[]{2, 5, 29, 35}; public static final Integer[] OID_CRL_DISTRIBUTION_POINTS = - new Integer[]{ 2, 5, 29, 31 }; + new Integer[]{2, 5, 29, 31}; public static final Integer[] OID_AUTHORITY_INFO_ACCESS = - new Integer[]{ 1, 3, 6, 1, 5, 5, 7, 1, 1 }; + new Integer[]{1, 3, 6, 1, 5, 5, 7, 1, 1}; public static final Integer[] OID_CURVED_25519 = - new Integer[]{ 1, 3, 101, 112 }; + new Integer[]{1, 3, 101, 112}; public static final Integer[] OID_CRL_REASON = - new Integer[]{ 2, 5, 29, 21 }; + new Integer[]{2, 5, 29, 21}; private final Integer[] ints; @@ -80,9 +78,9 @@ public class ObjectIdentifier extends ASN1Object { /** * EFFECTS: Parse the input DER. - * Throws {@link ParseException} if the input is invalid: - * - Zero bytes long - * - A multibyte integer is unterminated until the end of input + * Throws {@link ParseException} if the input is invalid: + * - Zero bytes long + * - A multibyte integer is unterminated until the end of input */ public ObjectIdentifier(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); @@ -115,7 +113,7 @@ public class ObjectIdentifier extends ASN1Object { List num = new ArrayList<>(); for (int i = 1; i < raw.length; i++) { Byte b = raw[i]; - num.add(BitSet.valueOf(new byte[]{ (byte) (b & 127) })); + num.add(BitSet.valueOf(new byte[]{(byte) (b & 127)})); if ((b & -128) == 0) { BitSet bitSet = new BitSet(num.size() * 7); int z = 0; @@ -166,20 +164,20 @@ public class ObjectIdentifier extends ASN1Object { /** * EFFECTS: Encode the OID into DER bytes, following the DER rules as follows: - * - First two ints: first * 40 + second - * - Remaining: Int components are encoded as-is if they are <= 127. Otherwise, they are encoded into multiple 7bit - * bytes, with the MSB set on every byte except for the last (rightmost byte) of each component. - * - Integers are in big-endian. + * - First two ints: first * 40 + second + * - Remaining: Int components are encoded as-is if they are <= 127. Otherwise, they are encoded into multiple 7bit + * bytes, with the MSB set on every byte except for the last (rightmost byte) of each component. + * - Integers are in big-endian. */ @Override public Byte[] encodeValueDER() { return Stream.of( - Arrays.asList(Utils.valToByte(ints[0] * 40 + ints[1])), - Stream.of(ints) - .skip(2) - .map(ObjectIdentifier::encodeSingleInt) - .flatMap(Collection::stream) - .collect(Collectors.toList()) + Arrays.asList(Utils.valToByte(ints[0] * 40 + ints[1])), + Stream.of(ints) + .skip(2) + .map(ObjectIdentifier::encodeSingleInt) + .flatMap(Collection::stream) + .collect(Collectors.toList()) ).flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/asn1/PrintableString.java b/src/main/model/asn1/PrintableString.java index 73e33a6..b17ecbe 100644 --- a/src/main/model/asn1/PrintableString.java +++ b/src/main/model/asn1/PrintableString.java @@ -17,7 +17,7 @@ public class PrintableString extends ASN1String { /** * EFFECTS: Constructs with the given string. - * Throws {@link ParseException} if the given string is illegal (contains chars out of the PrintableString set). + * Throws {@link ParseException} if the given string is illegal (contains chars out of the PrintableString set). * REQUIRES: For the requirements of tag and parentTag, consult {@link ASN1Object}. */ public PrintableString(Tag tag, Tag parentTag, String rawString) throws ParseException { @@ -27,9 +27,9 @@ public class PrintableString extends ASN1String { /** * EFFECTS: Parse from user input. Tags are parsed as-per {@link ASN1Object}. The value will be parsed as UTF-8 big * endian. - * Throws {@link ParseException} if the encoded data is invalid: - * - Early EOF and other cases in {@link ASN1Object} - * - Illegal string: Contains non-printable chars + * Throws {@link ParseException} if the encoded data is invalid: + * - Early EOF and other cases in {@link ASN1Object} + * - Illegal string: Contains non-printable chars * MODIFIES: this, encoded */ public PrintableString(BytesReader encoded, boolean hasParentTag) throws ParseException { diff --git a/src/main/model/asn1/Tag.java b/src/main/model/asn1/Tag.java index 15c144f..7fb8ae4 100644 --- a/src/main/model/asn1/Tag.java +++ b/src/main/model/asn1/Tag.java @@ -25,9 +25,9 @@ public class Tag implements Encodable { /** * EFFECTS: Initialize the tag by parsing class / constructive / number from the encoded DER bytes. - * {@link ParseException} is thrown if the input is invalid: - * - The encoded array must have at least one byte. - * - The tag number is zero if the class is UNIVERSAL. + * {@link ParseException} is thrown if the input is invalid: + * - The encoded array must have at least one byte. + * - The tag number is zero if the class is UNIVERSAL. * REQUIRES: The highest two bits must contain the class, and then the constructive bit, and finally the low 5 bits * must contain the tag number <= 31. * MODIFIES: encoded (one byte read) @@ -55,14 +55,14 @@ public class Tag implements Encodable { if (this.cls == TagClass.UNIVERSAL && this.number == 0) { throw new ParseException(String.format("The tag number must not be zero for UNIVERSAL tags" - + "(byte 0x%02X @ %d)", val, encoded.getIndex())); + + "(byte 0x%02X @ %d)", val, encoded.getIndex())); } } /** * EFFECTS: Encode that tag as DER bytes, as follows: * HI 7 6 | 5 | 4 3 2 1 0 LO - * Class | C/P | Tag Number + * Class | C/P | Tag Number * Notes, In the domain of this application (PKI), a single byte is always returned * (as nothing requires high tag number). However, the return type is held as byte[] * to 1) compliant with the spec, 2) reserve for future scalability. @@ -79,7 +79,7 @@ public class Tag implements Encodable { } // Fill the high two bits with tag class value |= cls.getVal(); - return new Byte[] { value }; + return new Byte[]{value}; } /** diff --git a/src/main/model/asn1/UTF8String.java b/src/main/model/asn1/UTF8String.java index e6b101e..932a415 100644 --- a/src/main/model/asn1/UTF8String.java +++ b/src/main/model/asn1/UTF8String.java @@ -5,7 +5,6 @@ import model.asn1.parsing.BytesReader; import ui.Utils; import java.nio.charset.StandardCharsets; -import java.util.Arrays; /** * Represents an ASN.1 UTF8String type. It accepts any UTF-8 chars. Because UTF-8 character set is large and its chars @@ -19,7 +18,7 @@ public class UTF8String extends ASN1String { /** * EFFECTS: Constructs a UTF8String with the given tag and string. - * Throws {@link ParseException} if the string is illegal. + * Throws {@link ParseException} if the string is illegal. * REQUIRES: For the requirements of tag and parentTag, consult {@link ASN1Object}. */ public UTF8String(Tag tag, Tag parentTag, String string) throws ParseException { @@ -29,7 +28,7 @@ public class UTF8String extends ASN1String { /** * EFFECTS: Parse from user input. Tags are parsed as-per {@link ASN1Object}. The value will be parsed as UTF-8 big * endian. - * Throws {@link ParseException} if the encoded data is invalid. + * Throws {@link ParseException} if the encoded data is invalid. * MODIFIES: this, encoded */ public UTF8String(BytesReader encoded, boolean hasParentTag) throws ParseException, IllegalArgumentException { diff --git a/src/main/model/asn1/UtcTime.java b/src/main/model/asn1/UtcTime.java index 3acf524..7fa93d1 100644 --- a/src/main/model/asn1/UtcTime.java +++ b/src/main/model/asn1/UtcTime.java @@ -57,9 +57,9 @@ public class UtcTime extends ASN1Time { /** * EFFECT: Parse the given DER input. Time will be assumed to be in UTC. - * Throws {@link ParseException} if invalid: - * - The time is not in the string format specified in class specification - * - Other invalid input is found. See {@link ASN1Object} for more details on parsing + * Throws {@link ParseException} if invalid: + * - The time is not in the string format specified in class specification + * - Other invalid input is found. See {@link ASN1Object} for more details on parsing */ public UtcTime(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); @@ -67,7 +67,7 @@ public class UtcTime extends ASN1Time { /** * EFFECT: Parse the string into time, in the format specified in class specification. - * Throws {@link ParseException} if the input is malformed. + * Throws {@link ParseException} if the input is malformed. */ @Override public ZonedDateTime toDate(String str) throws ParseException { diff --git a/src/main/model/asn1/parsing/BytesReader.java b/src/main/model/asn1/parsing/BytesReader.java index 3e11ea6..2a865d8 100644 --- a/src/main/model/asn1/parsing/BytesReader.java +++ b/src/main/model/asn1/parsing/BytesReader.java @@ -44,7 +44,7 @@ public class BytesReader { /** * EFFECTS: Copy the given number of bytes from [getIndex(), getIndex() + size) and optionally mark as read. - * Throws {@link ParseException} if size > bytesRemaining(). + * Throws {@link ParseException} if size > bytesRemaining(). * MODIFIES: this (if markAsRead == true) * REQUIRES: size > 0 */ @@ -55,7 +55,7 @@ public class BytesReader { /** * EFFECTS: Check if size <= bytesRemaining(). - * Throws {@link ParseException if not}. + * Throws {@link ParseException if not}. * REQUIRES: size > 0 */ public void validateSize(int size) throws ParseException { @@ -69,7 +69,7 @@ public class BytesReader { /** * EFFECTS: Check if the next byte has the desired tag, without changing the index. - * Throws {@link ParseException} if the input is illegal (not even a tag or EOF). + * Throws {@link ParseException} if the input is illegal (not even a tag or EOF). */ public boolean detectTag(Tag desired) throws ParseException { final int i = index; @@ -82,7 +82,7 @@ public class BytesReader { /** * EFFECTS: Get the current tag or the tag immediately following (inner) without changing the index. - * Throws {@link ParseException} if the input is illegal (not even a tag or EOF). + * Throws {@link ParseException} if the input is illegal (not even a tag or EOF). */ public Tag getTag(boolean inner) throws ParseException { final int i = index; diff --git a/src/main/model/ca/CACertificate.java b/src/main/model/ca/CACertificate.java index 36a9ac5..1bd53c9 100644 --- a/src/main/model/ca/CACertificate.java +++ b/src/main/model/ca/CACertificate.java @@ -5,8 +5,9 @@ import model.asn1.exceptions.ParseException; import model.csr.*; import model.pki.AlgorithmIdentifier; import model.pki.SubjectPublicKeyInfo; -import model.pki.cert.*; import model.pki.cert.Certificate; +import model.pki.cert.TbsCertificate; +import model.pki.cert.Validity; import model.pki.crl.CertificateList; import model.pki.crl.CertificateListContent; import model.pki.crl.RevokedCertificate; @@ -17,12 +18,13 @@ import ui.Utils; import java.math.BigInteger; import java.security.*; -import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; -import java.security.spec.RSAPrivateKeySpec; import java.time.ZoneId; import java.time.ZonedDateTime; -import java.util.*; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.List; import java.util.stream.Stream; /** @@ -57,7 +59,7 @@ public class CACertificate { /** * EFFECT: Init with a null key and null certificate, empty signed and revoked list, and serial at 1. */ - public CACertificate() { + public CACertificate() { this.key = null; this.certificate = null; this.serial = 1; @@ -79,11 +81,11 @@ public class CACertificate { * EFFECT: Install the CA certificate. * MODIFIES: this * REQUIRES: - * - The new certificate must have the same algorithm and public key as getPublicKey(), except for testing purpose - * - It must be a v3 certificate - * - It must have basicConstraints { cA = TRUE } - * - It must contain key usage Digital Signature, Certificate Sign, CRL Sign - * - getCertificate() must be null (i.e., no certificate is installed yet). + * - The new certificate must have the same algorithm and public key as getPublicKey(), except for testing purpose + * - It must be a v3 certificate + * - It must have basicConstraints { cA = TRUE } + * - It must contain key usage Digital Signature, Certificate Sign, CRL Sign + * - getCertificate() must be null (i.e., no certificate is installed yet). */ public void installCertificate(Certificate certificate) { this.certificate = certificate; @@ -109,7 +111,7 @@ public class CACertificate { new Attribute[]{ new Attribute(ASN1Object.TAG_SEQUENCE, null, new ObjectIdentifier(ObjectIdentifier.TAG, null, - new Integer[]{ 1, 3, 6, 1, 4, 1, 311, 13, 2, 3 }), + new Integer[]{1, 3, 6, 1, 4, 1, 311, 13, 2, 3}), new Values(ASN1Object.TAG_SET, null, new ASN1Object[]{ new IA5String(IA5String.TAG, null, @@ -200,26 +202,26 @@ public class CACertificate { /** * EFFECTS: Apply the template. * For the new certificate: - * - Issuer will be set to CA#getCertificate()#getSubject() - * - The template will be applied (subject, validity, cdp) - * - A serial number will be generated + * - Issuer will be set to CA#getCertificate()#getSubject() + * - The template will be applied (subject, validity, cdp) + * - A serial number will be generated */ private TbsCertificate generateCert(CertificationRequestInfo req, Template template) { final ZonedDateTime now = ZonedDateTime.now(ZoneId.of("UTC")); return new TbsCertificate(ASN1Object.TAG_SEQUENCE, null, - new Int(Int.TAG, new Tag(TagClass.CONTEXT_SPECIFIC, true, 0), - TbsCertificate.VERSION_V3), - new Int(Int.TAG, null, serial++), - getSigningAlgorithm(), - certificate.getCertificate().getSubject(), - new Validity(ASN1Object.TAG_SEQUENCE, null, - new GeneralizedTime(GeneralizedTime.TAG, null, now), - new UtcTime(UtcTime.TAG, null, - now.plusDays(template.getValidity()))), - template.getSubject() == null ? req.getSubject() : + new Int(Int.TAG, new Tag(TagClass.CONTEXT_SPECIFIC, true, 0), + TbsCertificate.VERSION_V3), + new Int(Int.TAG, null, serial++), + getSigningAlgorithm(), + certificate.getCertificate().getSubject(), + new Validity(ASN1Object.TAG_SEQUENCE, null, + new GeneralizedTime(GeneralizedTime.TAG, null, now), + new UtcTime(UtcTime.TAG, null, + now.plusDays(template.getValidity()))), + template.getSubject() == null ? req.getSubject() : template.getSubject(), - req.getSubjectPKInfo(), - null); + req.getSubjectPKInfo(), + null); } /** diff --git a/src/main/model/ca/Template.java b/src/main/model/ca/Template.java index ff2510e..af751dc 100644 --- a/src/main/model/ca/Template.java +++ b/src/main/model/ca/Template.java @@ -1,14 +1,13 @@ package model.ca; -import model.asn1.*; +import model.asn1.ASN1Object; +import model.asn1.ObjectIdentifier; +import model.asn1.PrintableString; import model.asn1.exceptions.ParseException; -import model.pki.cert.TbsCertificate; import model.x501.AttributeTypeAndValue; import model.x501.Name; import model.x501.RelativeDistinguishedName; -import java.util.List; - /** * Represents a certificate template. Certificate templates are like policies the define part of the issued certificates * of what to have in common. @@ -74,7 +73,7 @@ public class Template { /** * EFFECTS: Set the subject to CN=commonName,C=CA - * Throws {@link ParseException} if commonName is not a valid PrintableString + * Throws {@link ParseException} if commonName is not a valid PrintableString */ public void setSubject(String commonName) throws ParseException { if (commonName == null) { diff --git a/src/main/model/csr/Attribute.java b/src/main/model/csr/Attribute.java index 2fa319b..2daa000 100644 --- a/src/main/model/csr/Attribute.java +++ b/src/main/model/csr/Attribute.java @@ -18,7 +18,7 @@ import java.util.stream.Stream; * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type}) * } * - * + *

* Represents a key - values pair in the CSR attribute. */ public class Attribute extends ASN1Object { @@ -38,7 +38,7 @@ public class Attribute extends ASN1Object { * REQUIRES: The values must match the type. Type tag should be UNIVERSAL OID, and values should be SET OF. */ public Attribute(Tag tag, Tag parentTag, - ObjectIdentifier type, Values values) { + ObjectIdentifier type, Values values) { super(tag, parentTag); this.type = type; this.values = values; @@ -46,11 +46,11 @@ public class Attribute extends ASN1Object { /** * EFFECTS: Parse input DER. Value is not checked against the type. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing (info, algorithm, signature) - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing (info, algorithm, signature) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public Attribute(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -68,7 +68,7 @@ public class Attribute extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(type.encodeDER()), - Arrays.asList(values.encodeDER())) + Arrays.asList(values.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/csr/Attributes.java b/src/main/model/csr/Attributes.java index 6819e71..302741d 100644 --- a/src/main/model/csr/Attributes.java +++ b/src/main/model/csr/Attributes.java @@ -31,13 +31,13 @@ public class Attributes extends ASN1Object { /** * EFFECT: Parse the list from input DER bytes. For details on parsing, refer to {@link ASN1Object}. - * Throws {@link ParseException} for invalid input. + * Throws {@link ParseException} for invalid input. * MODIFIES: this, encoded */ public Attributes(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); final List list = new ArrayList<>(); - for (int i = 0; i < getLength();) { + for (int i = 0; i < getLength(); ) { int index = encoded.getIndex(); final Attribute attribute = new Attribute(encoded, false); attribute.getTag().enforce(TAG_SEQUENCE); diff --git a/src/main/model/csr/CertificationRequest.java b/src/main/model/csr/CertificationRequest.java index c08997c..64203f9 100644 --- a/src/main/model/csr/CertificationRequest.java +++ b/src/main/model/csr/CertificationRequest.java @@ -20,7 +20,7 @@ import java.util.stream.Stream; * signature BIT STRING * } * - * + *

* A CSR is used to request a certificate from a CA, using a public key. The client encodes a CSR with * its subject name, public key, and attributes, and sign that with their private key. The private key * must match the public key encoded in the CSR. This is to prove to the CA that the client has the private @@ -65,11 +65,11 @@ public class CertificationRequest extends ASN1Object { /** * EFFECTS: Parse input DER CSR, without verifying the signature. - * Throws {@link ParseException} if the input is invalid: - * - Any fields missing (info, algorithm, signature) - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ParseException} if the input is invalid: + * - Any fields missing (info, algorithm, signature) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public CertificationRequest(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -90,8 +90,8 @@ public class CertificationRequest extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(certificationRequestInfo.encodeDER()), - Arrays.asList(signatureAlgorithm.encodeDER()), - Arrays.asList(signature.encodeDER())) + Arrays.asList(signatureAlgorithm.encodeDER()), + Arrays.asList(signature.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/csr/CertificationRequestInfo.java b/src/main/model/csr/CertificationRequestInfo.java index 425dba9..8f68ac8 100644 --- a/src/main/model/csr/CertificationRequestInfo.java +++ b/src/main/model/csr/CertificationRequestInfo.java @@ -28,7 +28,7 @@ import java.util.stream.Stream; * } * * - * + *

* It represents all information of a CSR (version, subject, public key, attributes). * It will be signed, and the signature is in {@link CertificationRequest}. */ @@ -71,11 +71,11 @@ public class CertificationRequestInfo extends ASN1Object { /** * EFFECTS: Parse the object with the given DER input. - * Throws {@link ParseException} if the input is invalid: - * - Any fields missing (version, subject, subjectPKInfo, attributes) - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ParseException} if the input is invalid: + * - Any fields missing (version, subject, subjectPKInfo, attributes) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public CertificationRequestInfo(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -102,9 +102,9 @@ public class CertificationRequestInfo extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(version.encodeDER()), - Arrays.asList(subject.encodeDER()), - Arrays.asList(subjectPKInfo.encodeDER()), - Arrays.asList(attributes.encodeDER())) + Arrays.asList(subject.encodeDER()), + Arrays.asList(subjectPKInfo.encodeDER()), + Arrays.asList(attributes.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/csr/Values.java b/src/main/model/csr/Values.java index 5c1e212..f461686 100644 --- a/src/main/model/csr/Values.java +++ b/src/main/model/csr/Values.java @@ -36,13 +36,13 @@ public class Values extends ASN1Object { /** * EFFECT: Parse the list from input DER bytes. For details on parsing, refer to {@link ASN1Object}. - * Throws {@link ParseException} for invalid input. + * Throws {@link ParseException} for invalid input. * MODIFIES: this, encoded */ public Values(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); final List list = new ArrayList<>(); - for (int i = 0; i < getLength();) { + for (int i = 0; i < getLength(); ) { int index = encoded.getIndex(); final ASN1Object value = ASN1Object.parse(encoded, false); list.add(value); diff --git a/src/main/model/pki/AlgorithmIdentifier.java b/src/main/model/pki/AlgorithmIdentifier.java index 421aa5a..f7df59f 100644 --- a/src/main/model/pki/AlgorithmIdentifier.java +++ b/src/main/model/pki/AlgorithmIdentifier.java @@ -63,11 +63,11 @@ public class AlgorithmIdentifier extends ASN1Object { /** * EFFECTS: Parse input DER. Parameters are not checked against the type. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public AlgorithmIdentifier(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -90,7 +90,7 @@ public class AlgorithmIdentifier extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(type.encodeDER()), - parameters == null ? Collections.emptyList() : Arrays.asList(parameters.encodeDER())) + parameters == null ? Collections.emptyList() : Arrays.asList(parameters.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/SubjectPublicKeyInfo.java b/src/main/model/pki/SubjectPublicKeyInfo.java index ac72055..ca3b997 100644 --- a/src/main/model/pki/SubjectPublicKeyInfo.java +++ b/src/main/model/pki/SubjectPublicKeyInfo.java @@ -46,11 +46,11 @@ public class SubjectPublicKeyInfo extends ASN1Object { /** * EFFECTS: Parse input DER. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing (info, algorithm, signature) - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing (info, algorithm, signature) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public SubjectPublicKeyInfo(BytesReader encoded, boolean hasParentTag) throws ParseException { diff --git a/src/main/model/pki/cert/Certificate.java b/src/main/model/pki/cert/Certificate.java index 4e6c291..25499e3 100644 --- a/src/main/model/pki/cert/Certificate.java +++ b/src/main/model/pki/cert/Certificate.java @@ -42,7 +42,7 @@ import java.util.stream.Stream; * COMPONENTS OF SIGNATURE{ToBeSigned}, * ... } * - * + *

* A certificate creates a binding between the proposed subject name and the public key. It is only valid once a trusted * CA signs it. Relying parties only need to trust a single trust anchor (the Root CA), and all of its issued certs are * trusted. This is done through the cert tree: each certificate contains the Issued By field, indicating the DN of the @@ -82,11 +82,11 @@ public class Certificate extends ASN1Object { /** * EFFECTS: Parse input DER, without verifying the signature. - * Throws {@link ParseException} if the input is invalid: - * - Any fields missing - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ParseException} if the input is invalid: + * - Any fields missing + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public Certificate(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -107,8 +107,8 @@ public class Certificate extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(certificate.encodeDER()), - Arrays.asList(signatureAlgorithm.encodeDER()), - Arrays.asList(signature.encodeDER())) + Arrays.asList(signatureAlgorithm.encodeDER()), + Arrays.asList(signature.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/cert/Extension.java b/src/main/model/pki/cert/Extension.java index 0c104a4..9db83b2 100644 --- a/src/main/model/pki/cert/Extension.java +++ b/src/main/model/pki/cert/Extension.java @@ -62,13 +62,13 @@ public class Extension extends ASN1Object { /** * EFFECTS: Parse input DER. - * Throws {@link ParseException} if the input is invalid: - * - Any fields missing - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) - * Note that critical is optional, and if it does not exist, it will be left as null, and it should be treated as - * false. + * Throws {@link ParseException} if the input is invalid: + * - Any fields missing + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Note that critical is optional, and if it does not exist, it will be left as null, and it should be treated as + * false. * MODIFIES: this, encoded */ public Extension(BytesReader encoded, boolean hasParentType) throws ParseException { @@ -92,9 +92,9 @@ public class Extension extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(extnId.encodeDER()), - critical == null ? Collections.emptyList() : - Arrays.asList(critical.encodeDER()), - Arrays.asList(extnValue.encodeDER())) + critical == null ? Collections.emptyList() : + Arrays.asList(critical.encodeDER()), + Arrays.asList(extnValue.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/cert/Extensions.java b/src/main/model/pki/cert/Extensions.java index 780fa2c..72d641f 100644 --- a/src/main/model/pki/cert/Extensions.java +++ b/src/main/model/pki/cert/Extensions.java @@ -5,7 +5,6 @@ import model.asn1.Encodable; import model.asn1.Tag; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; -import model.x501.RelativeDistinguishedName; import java.util.ArrayList; import java.util.Arrays; @@ -33,13 +32,13 @@ public class Extensions extends ASN1Object { /** * EFFECT: Parse the Name from input DER bytes. For details on parsing, refer to {@link ASN1Object}. - * Throws {@link ParseException} for invalid input. + * Throws {@link ParseException} for invalid input. * MODIFIES: this, encoded */ public Extensions(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); final List list = new ArrayList<>(); - for (int i = 0; i < getLength();) { + for (int i = 0; i < getLength(); ) { int index = encoded.getIndex(); final Extension ext = new Extension(encoded, false); ext.getTag().enforce(TAG_SEQUENCE); diff --git a/src/main/model/pki/cert/TbsCertificate.java b/src/main/model/pki/cert/TbsCertificate.java index ce228af..84cf0ba 100644 --- a/src/main/model/pki/cert/TbsCertificate.java +++ b/src/main/model/pki/cert/TbsCertificate.java @@ -1,6 +1,9 @@ package model.pki.cert; -import model.asn1.*; +import model.asn1.ASN1Object; +import model.asn1.Int; +import model.asn1.Tag; +import model.asn1.TagClass; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; import model.pki.AlgorithmIdentifier; @@ -45,7 +48,7 @@ import java.util.stream.Stream; * ID id-at-uniqueIdentifier } * UniqueIdentifier ::= BIT STRING * - * + *

* NOTE that subjectUniqueIdentifier and issuerUniqueIdentifier are not supported. */ public class TbsCertificate extends ASN1Object { @@ -103,21 +106,21 @@ public class TbsCertificate extends ASN1Object { /** * EFFECTS: Init with the given parameters. For tag and parentTag, see {@link ASN1Object}. * REQUIRES: - * - Version must be V1, V2, or V3. - * - {issuer,subject}UniqueIdentifier could be null. - * - If {issuer,subject}UniqueIdentifier presents, version must be V2 or V3. - * - Extensions could be null. - * - If extensions presents, version must be V3. - * - The signature should be valid. - * - Field and Desired Tags: - * version CONTEXT SPECIFIC 0 (EXPLICIT), INTEGER, OPTIONAL DEFAULT v1 - * serialNumber INTEGER - * signature SEQUENCE - * issuer SEQUENCE - * validity SEQUENCE - * subject SEQUENCE - * subjectPublicKeyInfo SEQUENCE - * extensions CONTEXT SPECIFIC 3 (EXPLICIT), SEQUENCE, OPTIONAL + * - Version must be V1, V2, or V3. + * - {issuer,subject}UniqueIdentifier could be null. + * - If {issuer,subject}UniqueIdentifier presents, version must be V2 or V3. + * - Extensions could be null. + * - If extensions presents, version must be V3. + * - The signature should be valid. + * - Field and Desired Tags: + * version CONTEXT SPECIFIC 0 (EXPLICIT), INTEGER, OPTIONAL DEFAULT v1 + * serialNumber INTEGER + * signature SEQUENCE + * issuer SEQUENCE + * validity SEQUENCE + * subject SEQUENCE + * subjectPublicKeyInfo SEQUENCE + * extensions CONTEXT SPECIFIC 3 (EXPLICIT), SEQUENCE, OPTIONAL */ public TbsCertificate(Tag tag, Tag parentTag, final Int version, @@ -141,12 +144,12 @@ public class TbsCertificate extends ASN1Object { /** * EFFECTS: Parse input DER. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing - * - Any fields having an incorrect parent / inner tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - extensions are specified, but the version is v1 or v2 - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing + * - Any fields having an incorrect parent / inner tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - extensions are specified, but the version is v1 or v2 + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public TbsCertificate(BytesReader encoded, boolean hasParentTag) throws ParseException { diff --git a/src/main/model/pki/cert/Validity.java b/src/main/model/pki/cert/Validity.java index 76279ed..e83d326 100644 --- a/src/main/model/pki/cert/Validity.java +++ b/src/main/model/pki/cert/Validity.java @@ -49,11 +49,11 @@ public class Validity extends ASN1Object { /** * EFFECTS: Parse input DER. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing (info, algorithm, signature) - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing (info, algorithm, signature) + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public Validity(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -80,7 +80,7 @@ public class Validity extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(notBefore.encodeDER()), - Arrays.asList(notAfter.encodeDER())) + Arrays.asList(notAfter.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/crl/CertificateList.java b/src/main/model/pki/crl/CertificateList.java index 5142101..8729561 100644 --- a/src/main/model/pki/crl/CertificateList.java +++ b/src/main/model/pki/crl/CertificateList.java @@ -3,10 +3,7 @@ package model.pki.crl; import model.asn1.ASN1Object; import model.asn1.BitString; import model.asn1.Tag; -import model.asn1.exceptions.ParseException; -import model.asn1.parsing.BytesReader; import model.pki.AlgorithmIdentifier; -import model.pki.cert.TbsCertificate; import java.util.Arrays; import java.util.Collection; @@ -56,8 +53,8 @@ public class CertificateList extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(crl.encodeDER()), - Arrays.asList(signatureAlgorithm.encodeDER()), - Arrays.asList(signature.encodeDER())) + Arrays.asList(signatureAlgorithm.encodeDER()), + Arrays.asList(signature.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/crl/CertificateListContent.java b/src/main/model/pki/crl/CertificateListContent.java index c7e901d..4cc96fb 100644 --- a/src/main/model/pki/crl/CertificateListContent.java +++ b/src/main/model/pki/crl/CertificateListContent.java @@ -31,7 +31,7 @@ import java.util.stream.Stream; * ..., * crlExtensions [0] Extensions OPTIONAL } * - * + *

* A CRL is a signed object published by the CA that revokes any certificates signed by this CA before their * expiration. Relying-parties should check the CRL from corresponding CDPs to see if the certificate to check is * already revoked. @@ -70,12 +70,12 @@ public class CertificateListContent extends ASN1Object { .flatMap(Arrays::stream) .collect(Collectors.toList()); return Stream.of(Arrays.asList(version.encodeDER()), - Arrays.asList(signature.encodeDER()), - Arrays.asList(issuer.encodeDER()), - Arrays.asList(thisUpdate.encodeDER()), - nextUpdate == null ? Collections.emptyList() : Arrays.asList(nextUpdate.encodeDER()), - Arrays.asList(new Tag(TagClass.UNIVERSAL, true, 0x30).encodeDER()), - Arrays.asList(new ASN1Length(itemsEncoded.size()).encodeDER()), itemsEncoded) + Arrays.asList(signature.encodeDER()), + Arrays.asList(issuer.encodeDER()), + Arrays.asList(thisUpdate.encodeDER()), + nextUpdate == null ? Collections.emptyList() : Arrays.asList(nextUpdate.encodeDER()), + Arrays.asList(new Tag(TagClass.UNIVERSAL, true, 0x30).encodeDER()), + Arrays.asList(new ASN1Length(itemsEncoded.size()).encodeDER()), itemsEncoded) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/pki/crl/RevokedCertificate.java b/src/main/model/pki/crl/RevokedCertificate.java index 457ecb8..1f0afc1 100644 --- a/src/main/model/pki/crl/RevokedCertificate.java +++ b/src/main/model/pki/crl/RevokedCertificate.java @@ -38,22 +38,22 @@ public class RevokedCertificate extends ASN1Object { @Override public Byte[] encodeValueDER() { final Byte[] r = new OctetString(OctetString.TAG, - null, - new Byte[]{ 0x0A, 0x01, (byte) reason.getVal() }) - .encodeDER(); + null, + new Byte[]{0x0A, 0x01, (byte) reason.getVal()}) + .encodeDER(); final Byte[] oid = new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_CRL_REASON) .encodeDER(); final Byte[] seqExt = Stream.of(Arrays.asList(TAG_SEQUENCE.encodeDER()), - Arrays.asList(new ASN1Length(r.length + oid.length).encodeDER()), - Arrays.asList(oid), - Arrays.asList(r)) + Arrays.asList(new ASN1Length(r.length + oid.length).encodeDER()), + Arrays.asList(oid), + Arrays.asList(r)) .flatMap(Collection::stream) .toArray(Byte[]::new); return Stream.of(Arrays.asList(serialNumber.encodeDER()), - Arrays.asList(revocationDate.encodeDER()), - Arrays.asList(TAG_SEQUENCE.encodeDER()), - Arrays.asList(new ASN1Length(seqExt.length).encodeDER()), - Arrays.asList(seqExt)) + Arrays.asList(revocationDate.encodeDER()), + Arrays.asList(TAG_SEQUENCE.encodeDER()), + Arrays.asList(new ASN1Length(seqExt.length).encodeDER()), + Arrays.asList(seqExt)) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/x501/AttributeTypeAndValue.java b/src/main/model/x501/AttributeTypeAndValue.java index d43d137..54b3352 100644 --- a/src/main/model/x501/AttributeTypeAndValue.java +++ b/src/main/model/x501/AttributeTypeAndValue.java @@ -5,7 +5,6 @@ import model.asn1.ObjectIdentifier; import model.asn1.Tag; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; -import model.csr.Values; import java.util.Arrays; import java.util.Collection; @@ -45,11 +44,11 @@ public class AttributeTypeAndValue extends ASN1Object { /** * EFFECTS: Parse input DER. Value is not checked against the type. - * Throws {@link ASN1Object} if invalid: - * - Any fields missing - * - Any fields having an incorrect tag (as seen in the ASN.1 definition) - * - Any fields with encoding instructions that violate implicit / explicit encoding rules - * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) + * Throws {@link ASN1Object} if invalid: + * - Any fields missing + * - Any fields having an incorrect tag (as seen in the ASN.1 definition) + * - Any fields with encoding instructions that violate implicit / explicit encoding rules + * - Other issues found during parsing the object, like early EOF (see {@link ASN1Object}) * MODIFIES: this, encoded */ public AttributeTypeAndValue(BytesReader encoded, boolean hasParentTag) throws ParseException { @@ -66,7 +65,7 @@ public class AttributeTypeAndValue extends ASN1Object { @Override public Byte[] encodeValueDER() { return Stream.of(Arrays.asList(type.encodeDER()), - Arrays.asList(value.encodeDER())) + Arrays.asList(value.encodeDER())) .flatMap(Collection::stream) .toArray(Byte[]::new); } diff --git a/src/main/model/x501/Name.java b/src/main/model/x501/Name.java index dd2acb6..19cde56 100644 --- a/src/main/model/x501/Name.java +++ b/src/main/model/x501/Name.java @@ -35,13 +35,13 @@ public class Name extends ASN1Object { /** * EFFECT: Parse the Name from input DER bytes. For details on parsing, refer to {@link ASN1Object}. - * Throws {@link ParseException} for invalid input. + * Throws {@link ParseException} for invalid input. * MODIFIES: this, encoded */ public Name(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); final List list = new ArrayList<>(); - for (int i = 0; i < getLength();) { + for (int i = 0; i < getLength(); ) { int index = encoded.getIndex(); final RelativeDistinguishedName name = new RelativeDistinguishedName(encoded, false); name.getTag().enforce(TAG_SET); diff --git a/src/main/model/x501/RelativeDistinguishedName.java b/src/main/model/x501/RelativeDistinguishedName.java index 8edde09..c431f12 100644 --- a/src/main/model/x501/RelativeDistinguishedName.java +++ b/src/main/model/x501/RelativeDistinguishedName.java @@ -34,13 +34,13 @@ public class RelativeDistinguishedName extends ASN1Object { /** * EFFECT: Parse the list from input DER bytes. For details on parsing, refer to {@link ASN1Object}. - * Throws {@link ParseException} for invalid input. + * Throws {@link ParseException} for invalid input. * MODIFIES: this, encoded */ public RelativeDistinguishedName(BytesReader encoded, boolean hasParentTag) throws ParseException { super(encoded, hasParentTag); final List list = new ArrayList<>(); - for (int i = 0; i < getLength();) { + for (int i = 0; i < getLength(); ) { int index = encoded.getIndex(); final AttributeTypeAndValue value = new AttributeTypeAndValue(encoded, false); value.getTag().enforce(TAG_SEQUENCE); diff --git a/src/main/ui/IssueScreen.java b/src/main/ui/IssueScreen.java index e152b0d..93e1948 100644 --- a/src/main/ui/IssueScreen.java +++ b/src/main/ui/IssueScreen.java @@ -1,7 +1,6 @@ package ui; import model.asn1.exceptions.ParseException; -import model.asn1.parsing.BytesReader; import model.ca.Template; import model.csr.CertificationRequest; import model.pki.cert.Certificate; diff --git a/src/main/ui/JCA.java b/src/main/ui/JCA.java index f9467ea..7892850 100644 --- a/src/main/ui/JCA.java +++ b/src/main/ui/JCA.java @@ -8,17 +8,15 @@ import model.ca.Template; import java.nio.charset.StandardCharsets; import java.security.NoSuchAlgorithmException; import java.time.ZonedDateTime; -import java.util.*; +import java.util.ArrayList; +import java.util.List; +import java.util.Optional; +import java.util.Scanner; /** * Main program */ public class JCA { - /** - * The current screen. - */ - private UIHandler screen; - /** * Instances of the five screens; */ @@ -27,30 +25,30 @@ public class JCA { private final UIHandler issueScreen; private final UIHandler templatesScreen; private final UIHandler templateSetScreen; - /** * Templates */ private final List