pax_global_header00006660000000000000000000000064115516730340014517gustar00rootroot0000000000000052 comment=d3ca3426ad171ab6807b7c723fc78f678a60c92e jenkinsci-lib-crypto-util-ffa23c9/000077500000000000000000000000001155167303400172305ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/pom.xml000066400000000000000000000025331155167303400205500ustar00rootroot00000000000000 4.0.0 org.jenkins-ci jenkins 1.12 crypto-util 1.1 Utility around Java Crypto API junit junit 3.8.1 test commons-io commons-io 1.4 scm:git:git://github.com/jenkinsci/lib-crypto-util.git scm:git:git@github.com:jenkinsci/lib-crypto-util.git MIT License http://jenkins-ci.org/mit-license m.g.o-public http://maven.glassfish.org/content/groups/public/ jenkinsci-lib-crypto-util-ffa23c9/src/000077500000000000000000000000001155167303400200175ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/000077500000000000000000000000001155167303400207435ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/000077500000000000000000000000001155167303400216645ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/000077500000000000000000000000001155167303400224535ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/jvnet/000077500000000000000000000000001155167303400236015ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/jvnet/hudson/000077500000000000000000000000001155167303400251015ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/jvnet/hudson/crypto/000077500000000000000000000000001155167303400264215ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/jvnet/hudson/crypto/CertificateUtil.java000066400000000000000000000074371155167303400323570ustar00rootroot00000000000000/* * The MIT License * * Copyright (c) 2004-2009, Sun Microsystems, Inc. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ package org.jvnet.hudson.crypto; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertPath; import java.security.cert.CertPathValidator; import java.security.cert.CertificateFactory; import java.security.cert.PKIXCertPathValidatorResult; import java.security.cert.PKIXParameters; import java.security.cert.TrustAnchor; import java.security.cert.X509Certificate; import java.util.HashSet; import java.util.List; import java.util.Set; /** * Utility code to work around horrible Java Crypto API. * * @author Kohsuke Kawaguchi */ public class CertificateUtil { /** * Obtains the list of default root CAs installed in the JRE. */ public static Set getDefaultRootCAs() throws NoSuchAlgorithmException, KeyStoreException { X509TrustManager x509tm = getDefaultX509TrustManager(); Set rootCAs = new HashSet(); for (X509Certificate c : x509tm.getAcceptedIssuers()) { rootCAs.add(new TrustAnchor(c,null)); } return rootCAs; } /** * Loads the system default {@link X509TrustManager}. */ public static X509TrustManager getDefaultX509TrustManager() throws NoSuchAlgorithmException, KeyStoreException { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init((KeyStore)null); for (TrustManager tm : tmf.getTrustManagers()) { if (tm instanceof X509TrustManager) { return (X509TrustManager) tm; } } throw new IllegalStateException("X509TrustManager is not found"); } /** * Validate a certificate chain. Normal return indicates a successful validation. */ public static PKIXCertPathValidatorResult validatePath(List certs) throws GeneralSecurityException { return validatePath(certs,getDefaultRootCAs()); } public static PKIXCertPathValidatorResult validatePath(List certs, Set trustAnchors) throws GeneralSecurityException { CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXParameters params = new PKIXParameters(trustAnchors); params.setRevocationEnabled(false); CertificateFactory cf = CertificateFactory.getInstance("X509"); CertPath path = cf.generateCertPath(certs); return (PKIXCertPathValidatorResult) cpv.validate(path, params); } } jenkinsci-lib-crypto-util-ffa23c9/src/main/java/org/jvnet/hudson/crypto/SignatureOutputStream.java000066400000000000000000000044431155167303400336270ustar00rootroot00000000000000/* * The MIT License * * Copyright (c) 2004-2009, Sun Microsystems, Inc. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ package org.jvnet.hudson.crypto; import org.apache.commons.io.output.NullOutputStream; import java.security.Signature; import java.security.SignatureException; import java.io.FilterOutputStream; import java.io.OutputStream; import java.io.IOException; /** * @author Kohsuke Kawaguchi */ public class SignatureOutputStream extends FilterOutputStream { private final Signature sig; public SignatureOutputStream(OutputStream out, Signature sig) { super(out); this.sig = sig; } public SignatureOutputStream(Signature sig) { this(new NullOutputStream(),sig); } @Override public void write(int b) throws IOException { try { sig.update((byte)b); out.write(b); } catch (SignatureException e) { throw (IOException)new IOException(e.getMessage()).initCause(e); } } @Override public void write(byte[] b, int off, int len) throws IOException { try { sig.update(b,off,len); out.write(b,off,len); } catch (SignatureException e) { throw (IOException)new IOException(e.getMessage()).initCause(e); } } } jenkinsci-lib-crypto-util-ffa23c9/src/test/000077500000000000000000000000001155167303400207765ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/000077500000000000000000000000001155167303400217175ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/org/000077500000000000000000000000001155167303400225065ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/org/jvnet/000077500000000000000000000000001155167303400236345ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/org/jvnet/hudson/000077500000000000000000000000001155167303400251345ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/org/jvnet/hudson/crypto/000077500000000000000000000000001155167303400264545ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/java/org/jvnet/hudson/crypto/PKIXTest.java000066400000000000000000000056331155167303400307410ustar00rootroot00000000000000package org.jvnet.hudson.crypto; import junit.framework.TestCase; import java.security.GeneralSecurityException; import java.security.cert.CertPathValidatorException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Arrays; /** * @author Kohsuke Kawaguchi */ public class PKIXTest extends TestCase { /** * Makes sure valid certificate chain validates. */ public void testPathValidation() throws Exception { X509Certificate site = load("site.crt"); X509Certificate sun = load("sun.crt"); X509Certificate verisign = load("verisign.crt"); CertificateUtil.validatePath(Arrays.asList(site,sun)); assertFailedValidation(sun,site); // invalid order assertFailedValidation(site); // missing link } private void assertFailedValidation(X509Certificate... certs) throws GeneralSecurityException { try { CertificateUtil.validatePath(Arrays.asList(certs)); fail(); } catch (CertPathValidatorException e) { System.out.println(e.getMessage()); } } private X509Certificate load(String res) throws GeneralSecurityException { return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(getClass().getResourceAsStream(res)); } // private static void test1() throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, IOException, CertPathBuilderException { // X509Certificate verisign = loadCertificate(new FileInputStream("/home/kohsuke/Desktop/VerisignClass3PublicPrimaryCertificationAuthority-G2.crt")); // X509Certificate sun = loadCertificate(new FileInputStream("/home/kohsuke/Desktop/SunMicrosystemsIncSSLCA.crt")); // X509Certificate cert = loadCertificate(new FileInputStream("/home/kohsuke/Desktop/identity.sun.com.crt")); // CertStore cs = CertStore.getInstance("Collection",new CollectionCertStoreParameters(Arrays.asList(sun,verisign))); // // // KeyStore ks = KeyStore.getInstance("JKS"); // ks.load(null); // ks.setCertificateEntry("root", verisign); // ks.setCertificateEntry("root2", sun); // // X509CertSelector target = new X509CertSelector(); // target.setCertificate(cert); // CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); // PKIXBuilderParameters params = new PKIXBuilderParameters(ks,target); // params.setCertStores(Arrays.asList(cs)); // CertPathBuilderResult result = builder.build(params); // System.out.println(result); // result.getCertPath().getEncoded(); // } // private static X509Certificate loadCertificate(FileInputStream src) throws CertificateException, FileNotFoundException { // return (X509Certificate) CertificateFactory.getInstance("X.509") // .generateCertificate(src); // } } jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/000077500000000000000000000000001155167303400230105ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/000077500000000000000000000000001155167303400235775ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/000077500000000000000000000000001155167303400247255ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/hudson/000077500000000000000000000000001155167303400262255ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/hudson/crypto/000077500000000000000000000000001155167303400275455ustar00rootroot00000000000000jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/hudson/crypto/site.crt000066400000000000000000000034701155167303400312270ustar00rootroot00000000000000-----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIQNxWaPMPi6yfn8ipnG5Fz8zANBgkqhkiG9w0BAQUFADCB jjEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT aWduIFRydXN0IE5ldHdvcmsxJjAkBgNVBAsTHUNsYXNzIDMgTVBLSSBTZWN1cmUg U2VydmVyIENBMSQwIgYDVQQDExtTdW4gTWljcm9zeXN0ZW1zIEluYyBTU0wgQ0Ew HhcNMDkwNzEzMDAwMDAwWhcNMTEwOTExMjM1OTU5WjCBkjELMAkGA1UEBhMCdXMx EzARBgNVBAgTCmNhbGlmb3JuaWExFDASBgNVBAcUC3NhbnRhIGNsYXJhMR0wGwYD VQQKFBRTdW4gTWljcm9zeXN0ZW1zIEluYzEMMAoGA1UECxQDd3BlMRAwDgYDVQQL FAdDbGFzcyBCMRkwFwYDVQQDFBBpZGVudGl0eS5zdW4uY29tMIGfMA0GCSqGSIb3 DQEBAQUAA4GNADCBiQKBgQDR4RR5zhot1oTqhYniO7hYWODRvOct4pZaIM9/OmoZ 7OxOKX5uTDr8yipY34i+YU3t5uQB/n0/3tjrtSWRtCiiDK6ELts8bJc17XgOm9Ph PtWWej1crw8fXO1ddCZux1mJIX2OBdOdj3vRh6QFWIzJk7Om9hq20y8cgnEXx/s1 eQIDAQABo4IB5zCCAeMwCQYDVR0TBAIwADAdBgNVHQ4EFgQUvzL4Cz4aOq7E9ipZ HhwwKeK1n/8wHwYDVR0jBBgwFoAU191egb7PXOPc0vKN7QS4rBf5AfowDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBtQYDVR0g BIGtMIGqMDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9nD8wXjAnBggrBgEFBQcCARYb aHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMGCCsGAQUFBwICMCcaJVZhbGlk YXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlvbnMweQYDVR0fBHIwcDBuoGyg aoZoaHR0cDovL1NWUkMzU2VjdXJlU3VuTWljcm9zeXN0ZW1zLU1QS0ktY3JsLnZl cmlzaWduLmNvbS9TdW5NaWNyb3N5c3RlbXNJbmNDbGFzc0JVbmlmaWVkL0xhdGVz dENSTFNydi5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v b2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADggEBAJtI2MMz4LMoxyx3 BUHmtrPFeOQzIaJoSefxIpY6901vPk3v7BfvzUB4zOignSrrNQGAn4HvgExDVN+D SgaWYZs80O5MrXYDtvNyX5ennWL2POO0qUkOzc35w7/hy6uoHU6z9AwH3H4cF5b5 q+NvZA/YgyQrZSJ1bJH2UNluwTGoUKHvyDnLEdtgCB7mLLLI6kid7gbnlwYkkBPe pnzE5nCrBBMyw43sFY/OiofWSbLItU/Z3zSIrVRdS3fHQ4ghf6Wypr3d/2VJtMVR g5eKV4Tze62ht22a0/KZmFLIni/heOteEagwnUAiPHPL1e1Aifpp7yuW6BjycV14 C5Ay7nI= -----END CERTIFICATE----- jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/hudson/crypto/sun.crt000066400000000000000000000037001155167303400310640ustar00rootroot00000000000000-----BEGIN CERTIFICATE----- MIIFczCCBNygAwIBAgIQT6EwA39d/WQ/s2f7r2mefDANBgkqhkiG9w0BAQUFADCB wTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTwwOgYDVQQL EzNDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 IC0gRzIxOjA4BgNVBAsTMShjKSAxOTk4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1 dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv cmswHhcNMDUwNjAyMDAwMDAwWhcNMTUwNjAxMjM1OTU5WjCBjjEdMBsGA1UEChMU U3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5l dHdvcmsxJjAkBgNVBAsTHUNsYXNzIDMgTVBLSSBTZWN1cmUgU2VydmVyIENBMSQw IgYDVQQDExtTdW4gTWljcm9zeXN0ZW1zIEluYyBTU0wgQ0EwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDz7AGBXyOHw1c/sT90wj33K8U7XNHUpeZNrSkJ 68VA06QKc7AnmPxNLnqiJwtzeiY5xzvn4PUMVMrONIDHpov1SWfZpTgp58gd2vhU C7n4FGv5fCIDZUauqf+LajK+BXo09OPs+8ZZlGnWuetNOFgM+GprvLL9C30bemcj iUFjZp2JXi5wNDbI6ysrSfeYQYZ4XwrZGiMErOWGxIL/XthmIwwwQcgMKc0+fBNP hq91+c6p6WjjEeEMCQAcpJN8YIcyaLkj2q/2dYZMWQIYjUlqNmeGC0ptUzviNQM2 ncHrnTTJTPpwMj6+pTRAQBt0mogDClZUEu72ltTj5WyNYKhvAgMBAAGjggIXMIIC EzASBgNVHRMBAf8ECDAGAQH/AgEBMH4GA1UdIAR3MHUwOQYLYIZIAYb4RQEHFwMw KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTA4Bgtg hkgBhvcAg32cPzApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3Br aS9jcHMwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC52ZXJpc2lnbi5jb20v cGNhMy1nMi5jcmwwDgYDVR0PAQH/BAQDAgEGMC4GA1UdEQQnMCWkIzAhMR8wHQYD VQQDExZQcml2YXRlTGFiZWwzLTIwNDgtMTQyMB0GA1UdDgQWBBTX3V6Bvs9c49zS 8o3tBLisF/kB+jCB5wYDVR0jBIHfMIHcoYHHpIHEMIHBMQswCQYDVQQGEwJVUzEX MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDMgUHVibGlj IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29ya4IQfdn+B8+oHrcQeWf7 p4k0xjANBgkqhkiG9w0BAQUFAAOBgQC3WjWDdXSL4WKShjCiTlsh/T0rkaGsmF5f atJRvidoZyLD+2lh8lMARQ4e5KPcJ4JfqO0H9wZzoWgPDOhKZvST5SVQglvdLZou VU71dDuQO0DKVoCHQXcXo1AvCzEVzCKp+BPfS3fbgCiAqeDvoEAN189kcou8zxmb 2YGh2ON9QA== -----END CERTIFICATE----- jenkinsci-lib-crypto-util-ffa23c9/src/test/resources/org/jvnet/hudson/crypto/verisign.crt000066400000000000000000000021421155167303400321040ustar00rootroot00000000000000-----BEGIN CERTIFICATE----- MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy MTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3Jp emVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMB4X DTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVTMRcw FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMg UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEo YykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5 MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCOFoUgRm1HP9SFIIThbbP4 pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71lSk8UOg0 13gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwID AQABMA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSk U01UbSuvDV1Ai2TT1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7i F6YM40AIOw7n60RzKprxaZLvcRTDOaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpY oJ2daZH9 -----END CERTIFICATE-----