code polish

2016-03-12 12:49:47 +01:00 · 2016-03-12 12:49:47 +01:00 · 9845d72a36
commit 9845d72a36
parent 41363e4f28
1 changed files with 60 additions and 41 deletions
--- a/Dorkbox-Util/src/dorkbox/util/crypto/CryptoX509.java
+++ b/Dorkbox-Util/src/dorkbox/util/crypto/CryptoX509.java
@ -207,8 +207,7 @@ public class CryptoX509 {
           }

        public static String getDigestNameFromCert(X509CertificateHolder x509CertificateHolder) {
-            String digestName = CryptoX509.Util.getDigestNameFromSigAlgId(x509CertificateHolder.getSignatureAlgorithm().getAlgorithm());
-            return digestName;
+            return Util.getDigestNameFromSigAlgId(x509CertificateHolder.getSignatureAlgorithm().getAlgorithm());
        }

        public static String getDigestNameFromSigAlgId(ASN1ObjectIdentifier algorithm) {
@ -380,7 +379,7 @@ public class CryptoX509 {
            AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);


-            SubjectPublicKeyInfo subjectPublicKeyInfo = null;
+            SubjectPublicKeyInfo subjectPublicKeyInfo;
            DSAParameters parameters = publicKey.getParameters();
            try {
                byte[] encoded = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
@ -402,7 +401,7 @@ public class CryptoX509 {

            BcDSAContentSignerBuilder contentSignerBuilder = new BcDSAContentSignerBuilder(sigAlgId, digAlgId);

-            ContentSigner build = null;
+            ContentSigner build;
            try {
                build = contentSignerBuilder.build(privateKey);
            } catch (OperatorCreationException e) {
@ -410,8 +409,7 @@ public class CryptoX509 {
                return null;
            }

-            X509CertificateHolder certHolder = v3CertBuilder.build(build);
-            return certHolder;
+            return v3CertBuilder.build(build);
        }


@ -422,7 +420,7 @@ public class CryptoX509 {
         * <p>
         * @return true if it was a valid cert.
         */
-        public static final boolean validate(X509CertificateHolder x509CertificateHolder) {
+        public static boolean validate(X509CertificateHolder x509CertificateHolder) {
            try {

                // this is unique in that it verifies that the certificate is a LEGIT certificate, but not necessarily
@ -475,8 +473,8 @@ public class CryptoX509 {
                SignedData newSignedData = SignedData.getInstance(tagged.getObject());

                @SuppressWarnings("rawtypes")
-                Enumeration newSigOjects = newSignedData.getCertificates().getObjects();
-                Object newSigElement = newSigOjects.nextElement();
+                Enumeration newSigObjects = newSignedData.getCertificates().getObjects();
+                Object newSigElement = newSigObjects.nextElement();

                if (newSigElement instanceof DERSequence) {
                    DERSequence newSigDERElement = (DERSequence) newSigElement;
@ -519,6 +517,7 @@ public class CryptoX509 {
        }
    }

+    @SuppressWarnings("unused")
    public static class RSA {
        static {
            addProvider();
@ -681,27 +680,53 @@ public class CryptoX509 {
        /**
         * Generate a cert that is signed by a CA cert.
         */
-        public static X509Certificate generateCert(KeyFactory factory, Date startDate, Date expiryDate,
-                                                    X509Certificate issuerCert, String subject, String friendlyName,
-                                                    RSAKeyParameters publicKey, RSAPrivateCrtKeyParameters signingCaKey) throws InvalidKeySpecException, InvalidKeyException, IOException, OperatorCreationException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
+        public static
+        X509Certificate generateCert(KeyFactory factory,
+                                     Date startDate,
+                                     Date expiryDate,
+                                     X509Certificate issuerCert,
+                                     String subject,
+                                     String friendlyName,
+                                     RSAKeyParameters publicKey,
+                                     RSAPrivateCrtKeyParameters signingCaKey)
+                        throws InvalidKeySpecException, InvalidKeyException, IOException, OperatorCreationException, CertificateException,
+                               NoSuchAlgorithmException, NoSuchProviderException, SignatureException {

-            return CryptoX509.RSA.generateCert(factory, startDate,  expiryDate,
-                                               X500Name.getInstance(PrincipalUtil.getSubjectX509Principal(issuerCert)), new X500Name(subject), friendlyName,
+            return CryptoX509.RSA.generateCert(factory,
+                                               startDate,
+                                               expiryDate,
+                                               X500Name.getInstance(PrincipalUtil.getSubjectX509Principal(issuerCert)),
+                                               new X500Name(subject),
+                                               friendlyName,
                                               publicKey,
-                                               issuerCert, signingCaKey);
+                                               issuerCert,
+                                               signingCaKey);
        }


        /**
         * Generate a cert that is self signed.
         */
-        public static X509Certificate generateCert(KeyFactory factory, Date startDate, Date expiryDate,
-                                                     String subject, String friendlyName,
-                                                     RSAKeyParameters publicKey, RSAPrivateCrtKeyParameters privateKey) throws InvalidKeySpecException, InvalidKeyException, IOException, OperatorCreationException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
+        public static
+        X509Certificate generateCert(KeyFactory factory,
+                                     Date startDate,
+                                     Date expiryDate,
+                                     String subject,
+                                     String friendlyName,
+                                     RSAKeyParameters publicKey,
+                                     RSAPrivateCrtKeyParameters privateKey)
+                        throws InvalidKeySpecException, InvalidKeyException, IOException, OperatorCreationException, CertificateException,
+                               NoSuchAlgorithmException, NoSuchProviderException, SignatureException {

-            return CryptoX509.RSA.generateCert(factory, startDate,  expiryDate,
-                                               new X500Name(subject), new X500Name(subject), friendlyName,
-                                               publicKey, null, privateKey);
+            return CryptoX509.RSA.generateCert(factory,
+                                               startDate,
+                                               expiryDate,
+                                               new X500Name(subject),
+                                               new X500Name(subject),
+                                               friendlyName,
+                                               publicKey,
+                                               null,
+                                               privateKey);
        }


@ -709,7 +734,9 @@ public class CryptoX509 {
        private static X509Certificate generateCert(KeyFactory factory, Date startDate, Date expiryDate,
                                                     X500Name issuer, X500Name subject, String friendlyName,
                                                     RSAKeyParameters certPublicKey,
-                                                     X509Certificate signingCertificate, RSAPrivateCrtKeyParameters signingPrivateKey) throws InvalidKeySpecException, IOException, InvalidKeyException, OperatorCreationException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException {
+                                                     X509Certificate signingCertificate, RSAPrivateCrtKeyParameters signingPrivateKey)
+                        throws InvalidKeySpecException, IOException, InvalidKeyException, OperatorCreationException, CertificateException,
+                               NoSuchAlgorithmException, NoSuchProviderException, SignatureException {


            String signatureAlgorithm = "SHA1withRSA";
@ -862,7 +889,7 @@ public class CryptoX509 {
            AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);


-            SubjectPublicKeyInfo subjectPublicKeyInfo = null;
+            SubjectPublicKeyInfo subjectPublicKeyInfo;

            try {
                // JCE format needed for the certificate - because getEncoded() is necessary...
@ -896,9 +923,8 @@ public class CryptoX509 {


                ContentSigner hashSigner = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKey);
-                X509CertificateHolder certHolder = certBuilder.build(hashSigner);

-                return certHolder;
+                return certBuilder.build(hashSigner);
            } catch (Exception e) {
                logger.error("Error generating certificate.", e);
                return null;
@ -913,7 +939,7 @@ public class CryptoX509 {
         * <p>
         * @return true if it was a valid cert.
         */
-        public static final boolean validate(X509CertificateHolder x509CertificateHolder) {
+        public static boolean validate(X509CertificateHolder x509CertificateHolder) {
            try {

                // this is unique in that it verifies that the certificate is a LEGIT certificate, but not necessarily
@ -1033,7 +1059,7 @@ public class CryptoX509 {
            AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(signatureAlgorithm);
            AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);

-            SubjectPublicKeyInfo subjectPublicKeyInfo = null;
+            SubjectPublicKeyInfo subjectPublicKeyInfo;

            try {
                byte[] encoded = pubKey.getEncoded();
@ -1050,7 +1076,7 @@ public class CryptoX509 {

            BcECDSAContentSignerBuilder contentSignerBuilder = new BcECDSAContentSignerBuilder(sigAlgId, digAlgId);

-            ContentSigner build = null;
+            ContentSigner build;
            try {
                build = contentSignerBuilder.build(privateKey);
            } catch (OperatorCreationException e) {
@ -1058,8 +1084,7 @@ public class CryptoX509 {
                return null;
            }

-            X509CertificateHolder certHolder = v3CertBuilder.build(build);
-            return certHolder;
+            return v3CertBuilder.build(build);
        }

        /**
@ -1069,7 +1094,7 @@ public class CryptoX509 {
         * <p>
         * @return true if it was a valid cert.
         */
-        public static final boolean validate(X509CertificateHolder x509CertificateHolder) {
+        public static boolean validate(X509CertificateHolder x509CertificateHolder) {
            try {

                // this is unique in that it verifies that the certificate is a LEGIT certificate, but not necessarily
@ -1213,12 +1238,7 @@ public class CryptoX509 {

            SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(x509CertificateHolder.toASN1Structure()));

-            SignerInfo inf = new SignerInfo(sigId,
-                                             digAlgId,
-                                             (ASN1Set) null,
-                                             digEncryptionAlgorithm,
-                                             new DEROctetString(sigBytes),
-                                             (ASN1Set) null);
+            SignerInfo inf = new SignerInfo(sigId, digAlgId, null, digEncryptionAlgorithm, new DEROctetString(sigBytes), (ASN1Set) null);

            digestAlgs.add(inf.getDigestAlgorithm());
            signerInfos.add(inf);
@ -1240,9 +1260,8 @@ public class CryptoX509 {

            ContentInfo contentInfo = new ContentInfo(CMSObjectIdentifiers.signedData, sd);
            CMSSignedData cmsSignedData2 = new CMSSignedData(content, contentInfo);
-            byte[] signatureBlock = cmsSignedData2.getEncoded();

-            return signatureBlock;
+            return cmsSignedData2.getEncoded();
        } catch (Throwable t) {
            logger.error("Error signing data.", t);
            throw new RuntimeException("Error trying to sign data. " + t.getMessage());