diff options
author | Brian Carlstrom <bdc@google.com> | 2013-01-04 15:47:39 -0800 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2013-01-04 15:47:39 -0800 |
commit | bc7d5a55b22ce30af250cc7468b6c5987cd25dfd (patch) | |
tree | dcf9f00a2f7ed7c9e8f515ba70adf5f51eeddb44 | |
parent | 81cfb63e9fc6ef72e5b488225fe9b7a43551fc9e (diff) | |
parent | 537fb0afe24a520e7b9a2442786b6fb4fe194392 (diff) | |
download | frameworks_base-bc7d5a55b22ce30af250cc7468b6c5987cd25dfd.zip frameworks_base-bc7d5a55b22ce30af250cc7468b6c5987cd25dfd.tar.gz frameworks_base-bc7d5a55b22ce30af250cc7468b6c5987cd25dfd.tar.bz2 |
am 537fb0af: Merge "Use most specific attributes for distinguished name display"
* commit '537fb0afe24a520e7b9a2442786b6fb4fe194392':
Use most specific attributes for distinguished name display
-rw-r--r-- | core/java/android/net/http/SslCertificate.java | 41 | ||||
-rw-r--r-- | core/tests/coretests/src/android/net/http/SslCertificateTest.java | 69 |
2 files changed, 92 insertions, 18 deletions
diff --git a/core/java/android/net/http/SslCertificate.java b/core/java/android/net/http/SslCertificate.java index fe6d4eb..5b60c0d 100644 --- a/core/java/android/net/http/SslCertificate.java +++ b/core/java/android/net/http/SslCertificate.java @@ -334,9 +334,11 @@ public class SslCertificate { /** * A distinguished name helper class: a 3-tuple of: - * - common name (CN), - * - organization (O), - * - organizational unit (OU) + * <ul> + * <li>the most specific common name (CN)</li> + * <li>the most specific organization (O)</li> + * <li>the most specific organizational unit (OU)</li> + * <ul> */ public class DName { /** @@ -360,8 +362,15 @@ public class SslCertificate { private String mUName; /** - * Creates a new distinguished name - * @param dName The distinguished name + * Creates a new {@code DName} from a string. The attributes + * are assumed to come in most significant to least + * significant order which is true of human readable values + * returned by methods such as {@code X500Principal.getName()}. + * Be aware that the underlying sources of distinguished names + * such as instances of {@code X509Certificate} are encoded in + * least significant to most significant order, so make sure + * the value passed here has the expected ordering of + * attributes. */ public DName(String dName) { if (dName != null) { @@ -374,18 +383,24 @@ public class SslCertificate { for (int i = 0; i < oid.size(); i++) { if (oid.elementAt(i).equals(X509Name.CN)) { - mCName = (String) val.elementAt(i); + if (mCName == null) { + mCName = (String) val.elementAt(i); + } continue; } if (oid.elementAt(i).equals(X509Name.O)) { - mOName = (String) val.elementAt(i); - continue; + if (mOName == null) { + mOName = (String) val.elementAt(i); + continue; + } } if (oid.elementAt(i).equals(X509Name.OU)) { - mUName = (String) val.elementAt(i); - continue; + if (mUName == null) { + mUName = (String) val.elementAt(i); + continue; + } } } } catch (IllegalArgumentException ex) { @@ -402,21 +417,21 @@ public class SslCertificate { } /** - * @return The Common-name (CN) component of this name + * @return The most specific Common-name (CN) component of this name */ public String getCName() { return mCName != null ? mCName : ""; } /** - * @return The Organization (O) component of this name + * @return The most specific Organization (O) component of this name */ public String getOName() { return mOName != null ? mOName : ""; } /** - * @return The Organizational Unit (OU) component of this name + * @return The most specific Organizational Unit (OU) component of this name */ public String getUName() { return mUName != null ? mUName : ""; diff --git a/core/tests/coretests/src/android/net/http/SslCertificateTest.java b/core/tests/coretests/src/android/net/http/SslCertificateTest.java index 147816b..6a30c6c 100644 --- a/core/tests/coretests/src/android/net/http/SslCertificateTest.java +++ b/core/tests/coretests/src/android/net/http/SslCertificateTest.java @@ -45,11 +45,70 @@ public class SslCertificateTest extends TestCase { @LargeTest public void testSslCertificateWithEmptyIssuer() throws Exception { - CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); - X509Certificate x509Certificate = (X509Certificate) - certificateFactory.generateCertificate(new ByteArrayInputStream(Issue1597Certificate.getBytes())); - assertEquals(x509Certificate.getIssuerDN().getName(), ""); + X509Certificate x509Certificate = generateCertificate(Issue1597Certificate); + assertEquals("", x509Certificate.getSubjectDN().getName()); SslCertificate sslCertificate = new SslCertificate(x509Certificate); - assertEquals(sslCertificate.getIssuedBy().getDName(), ""); + assertEquals("", sslCertificate.getIssuedBy().getDName()); } + + /** + * Problematic certificate from Issue 41662 + * http://code.google.com/p/android/issues/detail?id=41662 + */ + private static final String Issue41662Certificate = + "-----BEGIN CERTIFICATE-----\n"+ + "MIIG6jCCBdKgAwIBAgIESPx/LDANBgkqhkiG9w0BAQUFADCBrjESMBAGCgmSJomT\n"+ + "8ixkARkWAnJzMRUwEwYKCZImiZPyLGQBGRYFcG9zdGExEjAQBgoJkiaJk/IsZAEZ\n"+ + "FgJjYTEWMBQGA1UEAxMNQ29uZmlndXJhdGlvbjERMA8GA1UEAxMIU2VydmljZXMx\n"+ + "HDAaBgNVBAMTE1B1YmxpYyBLZXkgU2VydmljZXMxDDAKBgNVBAMTA0FJQTEWMBQG\n"+ + "A1UEAxMNUG9zdGEgQ0EgUm9vdDAeFw0wODEwMjAxNDExMzBaFw0yODEwMTQyMjAw\n"+ + "MDBaMIGrMRIwEAYKCZImiZPyLGQBGRYCcnMxFTATBgoJkiaJk/IsZAEZFgVwb3N0\n"+ + "YTESMBAGCgmSJomT8ixkARkWAmNhMRYwFAYDVQQDEw1Db25maWd1cmF0aW9uMREw\n"+ + "DwYDVQQDEwhTZXJ2aWNlczEcMBoGA1UEAxMTUHVibGljIEtleSBTZXJ2aWNlczEM\n"+ + "MAoGA1UEAxMDQUlBMRMwEQYDVQQDEwpQb3N0YSBDQSAxMIIBIjANBgkqhkiG9w0B\n"+ + "AQEFAAOCAQ8AMIIBCgKCAQEAl5msW5MdLW/2aDlezrjU3jW58MKrcMPHs2szlGdL\n"+ + "nsAcSyYFF1JbyA8iuqLp7mhvcTz9m4jK82XBz/1mPq8wJMU9ekGnLhgbKLGKXRBA\n"+ + "sY9wzCvwpweQV6ui4vr2eOkS1j9Mk7ikatH8tNiIzkNrTj3npDpZv1w4G37iwtpb\n"+ + "yjg+lkNIDY2nWV9roBsAZM8Lvbyi4vxP41YEQZ3hxaGGG0/RKHbugvGatgckxfin\n"+ + "4gpFG2mDhS9uafGgqnLHLwpxgBbi3g6+2TsxOKatTxwxx9/4MND1GjhxKTjDNYPl\n"+ + "5JHUvr9fcvQMxP21/jbO4EsCWG+F38R90kT37hFL3l1qiQIDAQABo4IDDzCCAwsw\n"+ + "DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgcwGA1UdIASBxDCBwTCB\n"+ + "vgYLKwYBBAH6OAoyAQEwga4wMAYIKwYBBQUHAgEWJGh0dHA6Ly93d3cuY2EucG9z\n"+ + "dGEucnMvZG9rdW1lbnRhY2lqYTB6BggrBgEFBQcCAjBuGmxPdm8gamUgZWxla3Ry\n"+ + "b25za2kgc2VydGlmaWthdCBpemRhdmFja29nIChwcm9kdWtjaW9ub2cpIENBIHNl\n"+ + "cnZlcmEgU2VydGlmaWthY2lvbm9nIHRlbGEgUG9zdGU6ICJQb3N0YSBDQSAxIi4w\n"+ + "ggG8BgNVHR8EggGzMIIBrzCByaCBxqCBw6SBwDCBvTESMBAGCgmSJomT8ixkARkW\n"+ + "AnJzMRUwEwYKCZImiZPyLGQBGRYFcG9zdGExEjAQBgoJkiaJk/IsZAEZFgJjYTEW\n"+ + "MBQGA1UEAxMNQ29uZmlndXJhdGlvbjERMA8GA1UEAxMIU2VydmljZXMxHDAaBgNV\n"+ + "BAMTE1B1YmxpYyBLZXkgU2VydmljZXMxDDAKBgNVBAMTA0FJQTEWMBQGA1UEAxMN\n"+ + "UG9zdGEgQ0EgUm9vdDENMAsGA1UEAxMEQ1JMMTCB4KCB3aCB2oaBo2xkYXA6Ly9s\n"+ + "ZGFwLmNhLnBvc3RhLnJzL2NuPVBvc3RhJTIwQ0ElMjBSb290LGNuPUFJQSxjbj1Q\n"+ + "dWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxjbj1TZXJ2aWNlcyxjbj1Db25maWd1cmF0\n"+ + "aW9uLGRjPWNhLGRjPXBvc3RhLGRjPXJzP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxp\n"+ + "c3QlM0JiaW5hcnmGMmh0dHA6Ly9zZXJ0aWZpa2F0aS5jYS5wb3N0YS5ycy9jcmwv\n"+ + "UG9zdGFDQVJvb3QuY3JsMB8GA1UdIwQYMBaAFPLLjeI17xBDxNp7yvrriQOhIq+4\n"+ + "MB0GA1UdDgQWBBQuZ6cm1uhncOeq+pAsMLzXYWUfhjAZBgkqhkiG9n0HQQAEDDAK\n"+ + "GwRWNy4xAwIAgTANBgkqhkiG9w0BAQUFAAOCAQEAjpmoaebsvfjgwgCYArou/s8k\n"+ + "Tr50TUdcJYxAYmCFQp531E1F+qUCWM/7bZApqByR3+EUz8goI5O2Cp/6ISxTR1HC\n"+ + "Dn71ESg7/c8Bs2Obx0LGYPnlRPvw7LH31dYXpj4EMNAamhOfBXgY2htXHCd7daIe\n"+ + "thvNkqWGDzmcoaGw/2BMNadlYkdXxudDBaiPDFm27yR7fPRibjxwkQVknzFezX/y\n"+ + "46j+20LoGJ/IpneT209XzytiaqtZBy3yqz2qImVDqvn5doHw63LOUqt8vfDS1sbd\n"+ + "zi3acAmPK1nERdCMJYJEEGNiGbkbw2cghwLw/4eYGXlj1VLXD3GU42uBr8QftA==\n"+ + "-----END CERTIFICATE-----\n"; + + @LargeTest + public void testSslCertificateWithMultipleCN() throws Exception { + X509Certificate x509Certificate = generateCertificate(Issue41662Certificate); + String dn = x509Certificate.getSubjectDN().getName(); + assertTrue(dn, dn.contains("Posta CA 1")); + assertTrue(dn, dn.contains("Configuration")); + SslCertificate sslCertificate = new SslCertificate(x509Certificate); + assertEquals(dn, "Posta CA 1", sslCertificate.getIssuedTo().getCName()); + } + + private static X509Certificate generateCertificate(String pem) throws Exception { + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + return (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(pem.getBytes())); + } + } |