From ce4289be746359672fe770f19aeca96f301f14c0 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Fri, 26 Jul 2024 18:51:36 -0500 Subject: [PATCH] Refactor X509Certificate To improve interoperability with standard Java classes, the org.mozilla.jss.crypto.X509Certificate interface has been converted into a class that extends java.security.cert.X509Certificate and also implements InternalCertificate and TokenCertificate. The PK11Cert class has been modified to extend this class. --- .../java/org/mozilla/jss/crypto/InternalCertificate.java | 2 +- .../java/org/mozilla/jss/crypto/TokenCertificate.java | 2 +- .../java/org/mozilla/jss/crypto/X509Certificate.java | 9 +++++---- base/src/main/java/org/mozilla/jss/pkcs11/PK11Cert.java | 9 +++------ 4 files changed, 10 insertions(+), 12 deletions(-) diff --git a/base/src/main/java/org/mozilla/jss/crypto/InternalCertificate.java b/base/src/main/java/org/mozilla/jss/crypto/InternalCertificate.java index 6a64c5b90..052b9ba72 100644 --- a/base/src/main/java/org/mozilla/jss/crypto/InternalCertificate.java +++ b/base/src/main/java/org/mozilla/jss/crypto/InternalCertificate.java @@ -11,7 +11,7 @@ * can be viewed and modified. Other types of certificates do not * have trust flags. */ -public interface InternalCertificate extends X509Certificate +public interface InternalCertificate { /** * @deprecated Use PK11Cert.VALID_PEER instead. diff --git a/base/src/main/java/org/mozilla/jss/crypto/TokenCertificate.java b/base/src/main/java/org/mozilla/jss/crypto/TokenCertificate.java index 48ffceb36..661592f5f 100644 --- a/base/src/main/java/org/mozilla/jss/crypto/TokenCertificate.java +++ b/base/src/main/java/org/mozilla/jss/crypto/TokenCertificate.java @@ -10,7 +10,7 @@ * To find out if an X509Certificate is a TokenCertificate, use * instanceof. */ -public interface TokenCertificate extends X509Certificate { +public interface TokenCertificate { /** * Returns the unique ID of this key. Unique IDs can be used to match diff --git a/base/src/main/java/org/mozilla/jss/crypto/X509Certificate.java b/base/src/main/java/org/mozilla/jss/crypto/X509Certificate.java index 43d774dc6..7b59509d4 100644 --- a/base/src/main/java/org/mozilla/jss/crypto/X509Certificate.java +++ b/base/src/main/java/org/mozilla/jss/crypto/X509Certificate.java @@ -11,14 +11,15 @@ * Certificates handled by JSS. All certificates handled by JSS are * of this type. */ -public interface X509Certificate -{ +public abstract class X509Certificate + extends java.security.cert.X509Certificate + implements InternalCertificate, TokenCertificate { /** * @return The DER encoding of this certificate. * @throws CertificateEncodingException If an error occurred. */ - public byte[] getEncoded() - throws CertificateEncodingException; + public abstract byte[] getEncoded() + throws CertificateEncodingException; /** * @return The nickname of this certificate (could be null). diff --git a/base/src/main/java/org/mozilla/jss/pkcs11/PK11Cert.java b/base/src/main/java/org/mozilla/jss/pkcs11/PK11Cert.java index 5bf81ad24..eb5e253a1 100644 --- a/base/src/main/java/org/mozilla/jss/pkcs11/PK11Cert.java +++ b/base/src/main/java/org/mozilla/jss/pkcs11/PK11Cert.java @@ -20,18 +20,15 @@ import java.util.Set; import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.InternalCertificate; -import org.mozilla.jss.crypto.TokenCertificate; +import org.mozilla.jss.crypto.X509Certificate; import org.mozilla.jss.netscape.security.x509.X509CertImpl; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class PK11Cert - extends java.security.cert.X509Certificate - implements InternalCertificate, - TokenCertificate, - java.lang.AutoCloseable + extends X509Certificate + implements AutoCloseable { public static Logger logger = LoggerFactory.getLogger(PK11Cert.class);