update/org.eclipse.update.core/src/org/eclipse/update/internal/security/JarVerificationResult.java - platform/eclipse.platform - Git at Google

 package org.eclipse.update.internal.security;
 /*
  * (c) Copyright IBM Corp. 2000, 2002.
  * All Rights Reserved.
  */

 import java.security.Principal;
 import java.security.cert.*;
 import java.text.SimpleDateFormat;
 import java.util.*;

 import org.eclipse.update.core.*;
 import org.eclipse.update.core.IVerificationResult;
 import org.eclipse.update.internal.core.Policy;
 import sun.security.x509.X500Name;

 /**
  * Result of the service
  */
 public class JarVerificationResult implements IVerificationResult {


 	private int resultCode;
 	private int verificationCode;
 	private Exception resultException;
 	private List /*of Certificates[] */
 	certificates;
 	private CertificatePair[] rootCertificates;
 	private CertificatePair foundCertificate; // certificate found in one keystore

 	private String signerInfo;
 	private String verifierInfo;
 	private ContentReference contentReference;
 	private String text;
 	private IFeature feature;

 	/**
 	 */
 	public int getResultCode() {
 		return resultCode;
 	}
 	/**
 	 */
 	public Exception getResultException() {
 		return resultException;
 	}
 	/**
 	 */
 	public void setResultCode(int newResultCode) {
 		resultCode = newResultCode;
 	}
 	/**
 	 *
 	 */
 	public void setResultException(Exception newResultException) {
 		resultException = newResultException;
 	}
 	/**
 	 * Gets the verificationCode.
 	 * @return Returns a int
 	 */
 	public int getVerificationCode() {
 		return verificationCode;
 	}

 	/**
 	 * Sets the verificationCode.
 	 * @param verificationCode The verificationCode to set
 	 */
 	public void setVerificationCode(int verificationCode) {
 		this.verificationCode = verificationCode;
 	}

 	/**
 	 * adds an array of Certificates
 	 */
 	public void addCertificates(Certificate[] certs) {
 		if (certificates == null)
 			certificates = new ArrayList();
 		certificates.add(certs);
 		rootCertificates = null;
 	}

 	/**
 	 * Gets the certificates.
 	 * @return Returns a List
 	 */
 	private List getCertificates() {
 		return certificates;
 	}

 	/**
 	 * Assume certifcates are x.509
 	 */
 	public CertificatePair[] getRootCertificates() {
 		if (rootCertificates == null) {
 			rootCertificates = new CertificatePair[0];
 			List rootCertificatesList = new ArrayList();
 			if (certificates != null && certificates.size() > 0) {
 				Iterator iter = certificates.iterator();
 				while (iter.hasNext()) {

 					Certificate[] certs = (Certificate[]) iter.next();
 					if (certs != null && certs.length > 0) {

 						CertificatePair pair = new CertificatePair();
 						pair.setIssuer(certs[0]);

 						for (int i = 0; i < certs.length - 1; i++) {
 							X509Certificate x509certRoot = (X509Certificate) certs[i];
 							X509Certificate x509certIssuer = (X509Certificate) certs[i+1];
 							if (!x509certRoot.getIssuerDN().equals(x509certIssuer.getSubjectDN())) {
 								pair.setRoot(x509certRoot);
 								if (!rootCertificatesList.contains(pair)) {
 									rootCertificatesList.add(pair);
 								}
 								pair = new CertificatePair();
 								pair.setIssuer(x509certIssuer);
 							}
 						}

 						// add the latest one
 						if (pair != null) {
 							pair.setRoot(certs[certs.length - 1]);
 							if (!rootCertificatesList.contains(pair)) {
 								rootCertificatesList.add(pair);
 							}
 						}
 					}
 				}

 			}

 			if (rootCertificatesList.size() > 0) {
 				rootCertificates = new CertificatePair[rootCertificatesList.size()];
 				rootCertificatesList.toArray(rootCertificates);
 			}
 		}
 		return rootCertificates;
 	}

 	/**
 	 * Gets the foundCertificate.
 	 * @return Returns a Certificate
 	 */
 	private CertificatePair getFoundCertificate() {
 		return foundCertificate;
 	}

 	/**
 	 * Sets the foundCertificate.
 	 * @param foundCertificate The foundCertificate to set
 	 */
 	public void setFoundCertificate(CertificatePair foundCertificate) {
 		this.foundCertificate = foundCertificate;
 	}


 	private void initializeCertificates(){
 		X509Certificate certRoot = null;
 		X509Certificate certIssuer = null;
 		CertificatePair trustedCertificate;
 		if (getFoundCertificate() == null) {
 			CertificatePair[] certs = getRootCertificates();
 			if (certs.length == 0)
 				return;
 			trustedCertificate = (CertificatePair) certs[0];
 		} else {
 			trustedCertificate = (CertificatePair) getFoundCertificate();
 		}
 		certRoot = (X509Certificate) trustedCertificate.getRoot();
 		certIssuer = (X509Certificate) trustedCertificate.getIssuer();

 		StringBuffer strb = new StringBuffer();
 		strb.append(Policy.bind("JarVerificationResult.SubjectCA")); //$NON-NLS-1$
 		strb.append("\r\n"); //$NON-NLS-1$
 		strb.append(Policy.bind("JarVerificationResult.CAIssuer", issuerString(certIssuer.getSubjectDN()))); //$NON-NLS-1$
 		strb.append("\r\n"); //$NON-NLS-1$
 		strb.append(Policy.bind("JarVerificationResult.ValidBetween", dateString(certIssuer.getNotBefore()), dateString(certIssuer.getNotAfter()))); //$NON-NLS-1$
 		strb.append(checkValidity(certIssuer));
 		signerInfo = strb.toString();
 		if (certIssuer != null && !certIssuer.equals(certRoot)) {
 			strb = new StringBuffer();
 			strb.append(Policy.bind("JarVerificationResult.RootCA")); //$NON-NLS-1$
 			strb.append("\r\n"); //$NON-NLS-1$
 			strb.append(Policy.bind("JarVerificationResult.CAIssuer", issuerString(certIssuer.getIssuerDN()))); //$NON-NLS-1$
 			strb.append("\r\n"); //$NON-NLS-1$
 			strb.append(Policy.bind("JarVerificationResult.ValidBetween", dateString(certRoot.getNotBefore()), dateString(certRoot.getNotAfter()))); //$NON-NLS-1$
 			strb.append(checkValidity(certRoot));
 			verifierInfo = strb.toString();
 		}

 	}

 	private String checkValidity(X509Certificate cert) {

 		try {
 			cert.checkValidity();
 		} catch (CertificateExpiredException e) {
 			return ("\r\n" + Policy.bind("JarVerificationResult.ExpiredCertificate")); //$NON-NLS-1$
 		} catch (CertificateNotYetValidException e) {
 			return ("\r\n" + Policy.bind("JarVerificationResult.CertificateNotYetValid")); //$NON-NLS-1$
 		}
 		return ("\r\n" + Policy.bind("JarVerificationResult.CertificateValid")); //$NON-NLS-1$
 	}

 	/**
 	 *
 	 */
 	private String issuerString(Principal principal) {
 		try {
 			if (principal instanceof X500Name) {
 				String issuerString = "";
 				X500Name name = (X500Name) principal;
 				issuerString += (name.getDNQualifier() != null) ? name.getDNQualifier() + ",1" : "";
 				issuerString += name.getCommonName();
 				issuerString += (name.getOrganizationalUnit() != null) ? "," + name.getOrganizationalUnit() : "";
 				issuerString += (name.getOrganization() != null) ? "," + name.getOrganization() : "";
 				issuerString += (name.getLocality() != null) ? "," + name.getLocality() : "";
 				issuerString += (name.getCountry() != null) ? "," + name.getCountry() : "";
 				return issuerString;
 			}
 		} catch (Exception e) {
 			// FIXME should log
 		}
 		return principal.toString();
 	}

 	/**
 	 *
 	 */
 	private String dateString(Date date) {
 		SimpleDateFormat formatter = new SimpleDateFormat("EEE, MMM d, yyyyy");
 		return formatter.format(date);
 	}

 	/*
 	 * @see IVerificationResult#getSignerInfo()
 	 */
 	public String getSignerInfo() {
 		if (signerInfo==null) initializeCertificates();
 		return signerInfo;
 	}

 	/*
 	 * @see IVerificationResult#getVerifierInfo()
 	 */
 	public String getVerifierInfo() {
 		if (signerInfo==null) initializeCertificates();
 		return verifierInfo;
 	}

 	/*
 	 * @see IVerificationResult#getContentReference()
 	 */
 	public ContentReference getContentReference() {
 		return contentReference;
 	}

 	/*
 	 * @see IVerificationResult#getFeature()
 	 */
 	public IFeature getFeature() {
 		return feature;
 	}

 	/**
 	 *
 	 */
 	public void setText(String text) {
 		this.text = text;
 	}

 	/**
 	 *
 	 */
 	public void setContentReference(ContentReference ref) {
 		this.contentReference = ref;
 	}

 	/**
 	 *
 	 */
 	public void setFeature(IFeature feature) {
 		this.feature = feature;
 	}

 	/*
 	 * @see IVerificationResult#getText()
 	 */
 	public String getText() {
 		return null;
 	}

 }
	package org.eclipse.update.internal.security;
	/*
	* (c) Copyright IBM Corp. 2000, 2002.
	* All Rights Reserved.
	*/

	import java.security.Principal;
	import java.security.cert.*;
	import java.text.SimpleDateFormat;
	import java.util.*;

	import org.eclipse.update.core.*;
	import org.eclipse.update.core.IVerificationResult;
	import org.eclipse.update.internal.core.Policy;
	import sun.security.x509.X500Name;

	/**
	* Result of the service
	*/
	public class JarVerificationResult implements IVerificationResult {


	private int resultCode;
	private int verificationCode;
	private Exception resultException;
	private List /of Certificates[] /
	certificates;
	private CertificatePair[] rootCertificates;
	private CertificatePair foundCertificate; // certificate found in one keystore

	private String signerInfo;
	private String verifierInfo;
	private ContentReference contentReference;
	private String text;
	private IFeature feature;

	/**
	*/
	public int getResultCode() {
	return resultCode;
	}
	/**
	*/
	public Exception getResultException() {
	return resultException;
	}
	/**
	*/
	public void setResultCode(int newResultCode) {
	resultCode = newResultCode;
	}
	/**
	*
	*/
	public void setResultException(Exception newResultException) {
	resultException = newResultException;
	}
	/**
	* Gets the verificationCode.
	* @return Returns a int
	*/
	public int getVerificationCode() {
	return verificationCode;
	}

	/**
	* Sets the verificationCode.
	* @param verificationCode The verificationCode to set
	*/
	public void setVerificationCode(int verificationCode) {
	this.verificationCode = verificationCode;
	}

	/**
	* adds an array of Certificates
	*/
	public void addCertificates(Certificate[] certs) {
	if (certificates == null)
	certificates = new ArrayList();
	certificates.add(certs);
	rootCertificates = null;
	}

	/**
	* Gets the certificates.
	* @return Returns a List
	*/
	private List getCertificates() {
	return certificates;
	}

	/**
	* Assume certifcates are x.509
	*/
	public CertificatePair[] getRootCertificates() {
	if (rootCertificates == null) {
	rootCertificates = new CertificatePair[0];
	List rootCertificatesList = new ArrayList();
	if (certificates != null && certificates.size() > 0) {
	Iterator iter = certificates.iterator();
	while (iter.hasNext()) {

	Certificate[] certs = (Certificate[]) iter.next();
	if (certs != null && certs.length > 0) {

	CertificatePair pair = new CertificatePair();
	pair.setIssuer(certs[0]);

	for (int i = 0; i < certs.length - 1; i++) {
	X509Certificate x509certRoot = (X509Certificate) certs[i];
	X509Certificate x509certIssuer = (X509Certificate) certs[i+1];
	if (!x509certRoot.getIssuerDN().equals(x509certIssuer.getSubjectDN())) {
	pair.setRoot(x509certRoot);
	if (!rootCertificatesList.contains(pair)) {
	rootCertificatesList.add(pair);
	}
	pair = new CertificatePair();
	pair.setIssuer(x509certIssuer);
	}
	}

	// add the latest one
	if (pair != null) {
	pair.setRoot(certs[certs.length - 1]);
	if (!rootCertificatesList.contains(pair)) {
	rootCertificatesList.add(pair);
	}
	}
	}
	}

	}

	if (rootCertificatesList.size() > 0) {
	rootCertificates = new CertificatePair[rootCertificatesList.size()];
	rootCertificatesList.toArray(rootCertificates);
	}
	}
	return rootCertificates;
	}

	/**
	* Gets the foundCertificate.
	* @return Returns a Certificate
	*/
	private CertificatePair getFoundCertificate() {
	return foundCertificate;
	}

	/**
	* Sets the foundCertificate.
	* @param foundCertificate The foundCertificate to set
	*/
	public void setFoundCertificate(CertificatePair foundCertificate) {
	this.foundCertificate = foundCertificate;
	}


	private void initializeCertificates(){
	X509Certificate certRoot = null;
	X509Certificate certIssuer = null;
	CertificatePair trustedCertificate;
	if (getFoundCertificate() == null) {
	CertificatePair[] certs = getRootCertificates();
	if (certs.length == 0)
	return;
	trustedCertificate = (CertificatePair) certs[0];
	} else {
	trustedCertificate = (CertificatePair) getFoundCertificate();
	}
	certRoot = (X509Certificate) trustedCertificate.getRoot();
	certIssuer = (X509Certificate) trustedCertificate.getIssuer();

	StringBuffer strb = new StringBuffer();
	strb.append(Policy.bind("JarVerificationResult.SubjectCA")); //$NON-NLS-1$
	strb.append("\r\n"); //$NON-NLS-1$
	strb.append(Policy.bind("JarVerificationResult.CAIssuer", issuerString(certIssuer.getSubjectDN()))); //$NON-NLS-1$
	strb.append("\r\n"); //$NON-NLS-1$
	strb.append(Policy.bind("JarVerificationResult.ValidBetween", dateString(certIssuer.getNotBefore()), dateString(certIssuer.getNotAfter()))); //$NON-NLS-1$
	strb.append(checkValidity(certIssuer));
	signerInfo = strb.toString();
	if (certIssuer != null && !certIssuer.equals(certRoot)) {
	strb = new StringBuffer();
	strb.append(Policy.bind("JarVerificationResult.RootCA")); //$NON-NLS-1$
	strb.append("\r\n"); //$NON-NLS-1$
	strb.append(Policy.bind("JarVerificationResult.CAIssuer", issuerString(certIssuer.getIssuerDN()))); //$NON-NLS-1$
	strb.append("\r\n"); //$NON-NLS-1$
	strb.append(Policy.bind("JarVerificationResult.ValidBetween", dateString(certRoot.getNotBefore()), dateString(certRoot.getNotAfter()))); //$NON-NLS-1$
	strb.append(checkValidity(certRoot));
	verifierInfo = strb.toString();
	}

	}

	private String checkValidity(X509Certificate cert) {

	try {
	cert.checkValidity();
	} catch (CertificateExpiredException e) {
	return ("\r\n" + Policy.bind("JarVerificationResult.ExpiredCertificate")); //$NON-NLS-1$
	} catch (CertificateNotYetValidException e) {
	return ("\r\n" + Policy.bind("JarVerificationResult.CertificateNotYetValid")); //$NON-NLS-1$
	}
	return ("\r\n" + Policy.bind("JarVerificationResult.CertificateValid")); //$NON-NLS-1$
	}

	/**
	*
	*/
	private String issuerString(Principal principal) {
	try {
	if (principal instanceof X500Name) {
	String issuerString = "";
	X500Name name = (X500Name) principal;
	issuerString += (name.getDNQualifier() != null) ? name.getDNQualifier() + ",1" : "";
	issuerString += name.getCommonName();
	issuerString += (name.getOrganizationalUnit() != null) ? "," + name.getOrganizationalUnit() : "";
	issuerString += (name.getOrganization() != null) ? "," + name.getOrganization() : "";
	issuerString += (name.getLocality() != null) ? "," + name.getLocality() : "";
	issuerString += (name.getCountry() != null) ? "," + name.getCountry() : "";
	return issuerString;
	}
	} catch (Exception e) {
	// FIXME should log
	}
	return principal.toString();
	}

	/**
	*
	*/
	private String dateString(Date date) {
	SimpleDateFormat formatter = new SimpleDateFormat("EEE, MMM d, yyyyy");
	return formatter.format(date);
	}

	/*
	* @see IVerificationResult#getSignerInfo()
	*/
	public String getSignerInfo() {
	if (signerInfo==null) initializeCertificates();
	return signerInfo;
	}

	/*
	* @see IVerificationResult#getVerifierInfo()
	*/
	public String getVerifierInfo() {
	if (signerInfo==null) initializeCertificates();
	return verifierInfo;
	}

	/*
	* @see IVerificationResult#getContentReference()
	*/
	public ContentReference getContentReference() {
	return contentReference;
	}

	/*
	* @see IVerificationResult#getFeature()
	*/
	public IFeature getFeature() {
	return feature;
	}

	/**
	*
	*/
	public void setText(String text) {
	this.text = text;
	}

	/**
	*
	*/
	public void setContentReference(ContentReference ref) {
	this.contentReference = ref;
	}

	/**
	*
	*/
	public void setFeature(IFeature feature) {
	this.feature = feature;
	}

	/*
	* @see IVerificationResult#getText()
	*/
	public String getText() {
	return null;
	}

	}