This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 40a1d14fd4 BZ 67926: PEMFile prints unidentifiable string
representation of ASN.1 OIDs
40a1d14fd4 is described below
commit 40a1d14fd4717505f756f08d5b76abaf55b7778c
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Mon Oct 30 11:43:36 2023 +0100
BZ 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs
---
java/org/apache/tomcat/util/net/jsse/PEMFile.java | 20 ++++++++++++++++----
webapps/docs/changelog.xml | 4 ++++
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index a136bef6a6..2499beda79 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -56,6 +56,8 @@ import org.apache.tomcat.util.buf.HexUtils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.res.StringManager;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.Oid;
/**
* RFC 1421 PEM file containing X509 certificates or private keys.
@@ -373,7 +375,7 @@ public class PEMFile {
*/
if (!Arrays.equals(oidEncryptionAlgorithm, OID_PBES2)) {
throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPkcs8Algorithm",
- HexUtils.toHexString(oidEncryptionAlgorithm)));
+ toDottedOidString(oidEncryptionAlgorithm)));
}
// PBES2-params
@@ -386,7 +388,7 @@ public class PEMFile {
byte[] oidKDF = p.parseOIDAsBytes();
if (!Arrays.equals(oidKDF, OID_PBKDF2)) {
throw new NoSuchAlgorithmException(
- sm.getString("pemFile.notPbkdf2",
HexUtils.toHexString(oidKDF)));
+ sm.getString("pemFile.notPbkdf2",
toDottedOidString(oidKDF)));
}
// PBES2 KDF-params
@@ -404,7 +406,7 @@ public class PEMFile {
byte[] oidPRF = p.parseOIDAsBytes();
String prf = OID_TO_PRF.get(HexUtils.toHexString(oidPRF));
if (prf == null) {
- throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
HexUtils.toHexString(oidPRF)));
+ throw new
NoSuchAlgorithmException(sm.getString("pemFile.unknownPrfAlgorithm",
toDottedOidString(oidPRF)));
}
p.parseNull();
@@ -415,7 +417,7 @@ public class PEMFile {
Algorithm algorithm =
OID_TO_ALGORITHM.get(HexUtils.toHexString(oidCipher));
if (algorithm == null) {
throw new NoSuchAlgorithmException(
-
sm.getString("pemFile.unknownEncryptionAlgorithm",
HexUtils.toHexString(oidCipher)));
+
sm.getString("pemFile.unknownEncryptionAlgorithm",
toDottedOidString(oidCipher)));
}
byte[] iv = p.parseOctetString();
@@ -622,6 +624,16 @@ public class PEMFile {
}
return bytes;
}
+
+
+ private String toDottedOidString(byte[] oidBytes) {
+ try {
+ Oid oid = new Oid(oidBytes);
+ return oid.toString();
+ } catch (GSSException e) {
+ return HexUtils.toHexString(oidBytes);
+ }
+ }
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 72ea1e0402..2340769f7a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -120,6 +120,10 @@
Optionally allow ServiceBindingPropertySource to trim a trailing
newline
from a file containing a property-value. (schultz)
</update>
+ <update>
+ <bug>67926</bug>: <code>PEMFile</code> prints unidentifiable string
representation
+ of ASN.1 OIDs. (michaelo)
+ </update>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
