From 91105910ca9124caea28a9b1812f3f03d1d61fba Mon Sep 17 00:00:00 2001
From: Simone Bordet <simone.bordet@gmail.com>
Date: Fri, 1 Jun 2012 15:56:41 +0200
Subject: [PATCH] Added handling of Certificate encoding and decoding.

---
 .../spdy/generator/CredentialGenerator.java   |  16 ++++++++++++++--
 .../spdy/parser/CredentialBodyParser.java     |  14 ++++++++++++--
 .../frames/CredentialGenerateParseTest.java   |  18 ++++++++++++++++--
 .../spdy-core/src/test/resources/keystore.jks | Bin 0 -> 2206 bytes
 .../src/test/resources/truststore.jks         | Bin 0 -> 916 bytes
 5 files changed, 42 insertions(+), 6 deletions(-)
 create mode 100644 jetty-spdy/spdy-core/src/test/resources/keystore.jks
 create mode 100644 jetty-spdy/spdy-core/src/test/resources/truststore.jks

diff --git a/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/generator/CredentialGenerator.java b/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/generator/CredentialGenerator.java
index cb7bf319ec2..f46d39313fb 100644
--- a/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/generator/CredentialGenerator.java
+++ b/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/generator/CredentialGenerator.java
@@ -18,10 +18,13 @@ package org.eclipse.jetty.spdy.generator;
 
 import java.nio.ByteBuffer;
 import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
 import java.util.ArrayList;
 import java.util.List;
 
 import org.eclipse.jetty.spdy.ByteBufferPool;
+import org.eclipse.jetty.spdy.SessionException;
+import org.eclipse.jetty.spdy.api.SessionStatus;
 import org.eclipse.jetty.spdy.frames.ControlFrame;
 import org.eclipse.jetty.spdy.frames.CredentialFrame;
 
@@ -65,7 +68,16 @@ public class CredentialGenerator extends ControlFrameGenerator
 
     private List<byte[]> serializeCertificates(Certificate[] certificates)
     {
-        // TODO
-        return new ArrayList<>();
+        try
+        {
+            List<byte[]> result = new ArrayList<>(certificates.length);
+            for (Certificate certificate : certificates)
+                result.add(certificate.getEncoded());
+            return result;
+        }
+        catch (CertificateEncodingException x)
+        {
+            throw new SessionException(SessionStatus.PROTOCOL_ERROR, x);
+        }
     }
 }
diff --git a/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/parser/CredentialBodyParser.java b/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/parser/CredentialBodyParser.java
index c39af7b6b0d..c79129ce163 100644
--- a/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/parser/CredentialBodyParser.java
+++ b/jetty-spdy/spdy-core/src/main/java/org/eclipse/jetty/spdy/parser/CredentialBodyParser.java
@@ -16,8 +16,11 @@
 
 package org.eclipse.jetty.spdy.parser;
 
+import java.io.ByteArrayInputStream;
 import java.nio.ByteBuffer;
 import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -229,8 +232,15 @@ public class CredentialBodyParser extends ControlFrameBodyParser
 
     private Certificate deserializeCertificate(byte[] bytes)
     {
-        // TODO
-        return null;
+        try
+        {
+            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
+            return certificateFactory.generateCertificate(new ByteArrayInputStream(bytes));
+        }
+        catch (CertificateException x)
+        {
+            throw new SessionException(SessionStatus.PROTOCOL_ERROR, x);
+        }
     }
 
     private void onCredential()
diff --git a/jetty-spdy/spdy-core/src/test/java/org/eclipse/jetty/spdy/frames/CredentialGenerateParseTest.java b/jetty-spdy/spdy-core/src/test/java/org/eclipse/jetty/spdy/frames/CredentialGenerateParseTest.java
index 2b210b940d6..0678c768ebc 100644
--- a/jetty-spdy/spdy-core/src/test/java/org/eclipse/jetty/spdy/frames/CredentialGenerateParseTest.java
+++ b/jetty-spdy/spdy-core/src/test/java/org/eclipse/jetty/spdy/frames/CredentialGenerateParseTest.java
@@ -16,7 +16,9 @@
 
 package org.eclipse.jetty.spdy.frames;
 
+import java.io.InputStream;
 import java.nio.ByteBuffer;
+import java.security.KeyStore;
 import java.security.cert.Certificate;
 
 import org.eclipse.jetty.spdy.StandardByteBufferPool;
@@ -24,6 +26,7 @@ import org.eclipse.jetty.spdy.StandardCompressionFactory;
 import org.eclipse.jetty.spdy.api.SPDY;
 import org.eclipse.jetty.spdy.generator.Generator;
 import org.eclipse.jetty.spdy.parser.Parser;
+import org.eclipse.jetty.util.resource.Resource;
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -34,7 +37,10 @@ public class CredentialGenerateParseTest
     {
         short slot = 1;
         byte[] proof = new byte[]{0, 1, 2};
-        Certificate[] certificates = new Certificate[0]; // TODO
+        Certificate[] temp = loadCertificates();
+        Certificate[] certificates = new Certificate[temp.length * 2];
+        System.arraycopy(temp, 0, certificates, 0, temp.length);
+        System.arraycopy(temp, 0, certificates, temp.length, temp.length);
         CredentialFrame frame1 = new CredentialFrame(SPDY.V3, slot, proof, certificates);
         Generator generator = new Generator(new StandardByteBufferPool(), new StandardCompressionFactory().newCompressor());
         ByteBuffer buffer = generator.control(frame1);
@@ -62,7 +68,7 @@ public class CredentialGenerateParseTest
     {
         short slot = 1;
         byte[] proof = new byte[]{0, 1, 2};
-        Certificate[] certificates = new Certificate[0]; // TODO
+        Certificate[] certificates = loadCertificates();
         CredentialFrame frame1 = new CredentialFrame(SPDY.V3, slot, proof, certificates);
         Generator generator = new Generator(new StandardByteBufferPool(), new StandardCompressionFactory().newCompressor());
         ByteBuffer buffer = generator.control(frame1);
@@ -85,4 +91,12 @@ public class CredentialGenerateParseTest
         Assert.assertArrayEquals(proof, credential.getProof());
         Assert.assertArrayEquals(certificates, credential.getCertificateChain());
     }
+
+    private Certificate[] loadCertificates() throws Exception
+    {
+        KeyStore keyStore = KeyStore.getInstance("JKS");
+        InputStream keyStoreStream = Resource.newResource("src/test/resources/keystore.jks").getInputStream();
+        keyStore.load(keyStoreStream, "storepwd".toCharArray());
+        return keyStore.getCertificateChain("mykey");
+    }
 }
diff --git a/jetty-spdy/spdy-core/src/test/resources/keystore.jks b/jetty-spdy/spdy-core/src/test/resources/keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..428ba54776ede2fdcdeedd879edb927c2abd9953
GIT binary patch
literal 2206
zcmcgt`9Bkm8{cNkoMUp6gmShKn!AQX*(l6Nj(i=TnQPOKYtv{*Wg>ItE=Q!pRYH8a
z$Sp#S#2lYw#aw;$y<VTc;QPb-hxhw=et2H**Ymuey_LNc0002m2k>9u4T}83H*%lp
zAKZay0sy=q1Qoo85aAQh<O70%8Xz$skQV@^g4r51sZEE(J?uz5Bb3YK(dro|jQ>;$
zD(c2EIN#D7WwYDLKUg!CotQPD@dp;5FR#bgaace(^x$6g5frD~(_b(MI^J&*A2DRp
zf5Q2onfE(zvUb9|9C`66)YFRNM6~xrz4;iVbU=P|*YT2eW<l-p+*r=g_wu%{9}$kB
zJ#&7wl!D{L%3GZkFIHJHQTEZ&$>HFJJtr+M@zt2qPm)K~rRcqcs=LM12)PX0TT%QO
zlf*xkqD3}7l)1J`5W(>=9nR0e6j<u1IV;DihSn;CAl86fJKo+!3~^WcjK9XYxB4a~
zzs<aU=w$*q0ua`$`2K9hv^j)dp+l2h?DEO0tl$ps7~VqmhR(B*DbbJs{f7cy`_P+s
z)$DVut_Ntif?arkq=)#IA3{wzi>-<79<11v3ZuXXcQpoCsqY~n`$FN+S}hcVm5Y>G
zXnD{@DYs1@{S0z(lW+?86LWKtku$$-(kh<F_?k995g!1X!TbQ*pRxYfU-@3IhSWY_
z%v72EDZrh?+Qb^?QgW-pz^1aaUFQ#*a>sh>0qRUXn=84`GRn?77M^_JY`durnN;KE
zW#OJ`h<6xcB{I))ekGpc*Ylt}0cx4|OMBDPQvx4`r`}4Ze5_ipdObGMTi3bZHd5PC
zcY0;?uBWu$PSvjJeb87nY7ghNv?%M@SoDl6IWt`bQCosfSh$#D6$ea~QhKM^ud2Ut
z+9PYJuVpoELmN-A`F$BicO{BSYg@#tS%avVfb}DxL)|NanJ)#zB!2~?#Ot%H7--9N
zU$bs0fS5G!m5M4&WK3#a|H|Tgw*?X-;H+Lu@kwA>qSR~7UC7b)7MJXTn6PG>n@8jP
zW+}F^X$$<RGCPotk)evg;9_2#Db)8wjY)2!`t$9hglCNN262#YE+UI{frw~BJT_z8
zk5DN0jSea!pfJY|`}PP5E!gjN8btecClxqvtR3(6p|SZ*DyjXC8rhj12VMn=qR4J2
zM;Ub9H2~FfJza^$%r<__Z(+785qA|l=Dsv((<qYI{FmU;x^b72V!y%$zW8Uk*5st2
zqO2@QQt|L?vUsQ0fL1!TLvW*QW^%rkV#ngu^yG!rgB0+@#nh|*DYWI!ez<Yfk{009
z=giWz^3=HM3Jo8xwifhVK)y)QSy~Bm&6<)wI1I9?km?|$R&LQax)!6sw^o~u*spk-
zLHlm-`W#xO4K+{MX5b=5XTD3Flx!$Q3~Z4ap_);1KEOI3g#Q_AX#O>c;U~4ryqRF;
z>`j!tbLMK4ZGyY643|~?%Mu#fm!l%wAKjBDmd+VYmp3S#$<kL0bV|v}Ug0|5tLV}{
zS)y?Y!P!u(MzbNUy>scD$~bxbf|z#)hShN0*AhRaPDcmqrftGlHq4^54MM$Xfy(2>
zH8QYVMzmn_oHb<o5XZLUa(oc`de=`&0~>vJ<zli~cDlmqhi~6QRPHLrtJ3kKU!ucV
z`9#w$dwz_i_t=q#V<DTliF4b~ze35)kF_M`-TYKi*=ZR18=Auf?o7P;eX5n-!Pvxm
zK|zP{_uvh!(ei)LqvC8D+XfY)xIA(gm~@u=v4%_SVJ|;y872&C;ChZ<$vw|^!fbXM
zq^NizyT#FstbB=aE@3b<Uo`HHVMTaCqh_UoP4<GSU0w3OgAu2rk3azcJkAIzk0XK#
zGAiT&0YM-zM!9zaA<PHWpxe+lg!j{t7k~&v3L>C<JWgOfILPVze+fSvgg%KBN5Fnp
zAaE$wix8}Il0XVZ!uA7pUlV{s&Jamngn<7kf^dk7uQw^+vM*8+A@RG12QF;uOCm)o
zVZ(w0eSJs>B`IN~E&{1*h&0gEM<DUiqPoc60z&UU!vA#|Dp2|FX6*k89x6~2fS>{e
zKvW<QP+o{}g@*dy+Ct?zUA!H0%t+gP7)L+NK+H=&HQ|7|RXVb=@~-gxN`j$M{N2p*
z8(h@#ZuG9*xzvYi_Yc#izTW%cPpU3?OQK9QMJc-QF!WC|)y;N_SB~D6vLyv+3ejwA
ztPTe#{4%`}GWO;HhK3c&b1)K%#peus;yT-zGm*-MuHQ1ZLO+$}+~|(O5UEdqM9oBX
z!#-PMTtoVm{)D#%4OV(sS4U}iA!~PS**eSK7FruC&ooI?8Uh+=!nviZE*ClI&QRq0
z!Y`LLDoX)lO2!$sX7f2GxNXTrqQK!$-iVt{FI1o(lPn--;Ca?zHz#z)9m15B9Uh`U
zJU{^O?+)#+%f3TE039y-Q?<!df3RWWVz5{?JmvtyZD=>vzp(!BqMX8`t#)~0nq}Wa
zr6>FRPyp;AAB&)1$5@;r$23J{K&~>TWjZf7V$wFzmGM95CXhFG1cJNVAXks}C+&2-
zbf9Qn*D8N}Afd2kpwDxns3%1uaFhAqDV8ksWiWY|quuLGZ0)SqrJ!Y8yX}@}IyC$C
zQ3rCUsn}#>F#D8%D?q~ySy4j&he%Bs{{7V%rl!ui`@KQP?NTi+_iN{cwom&9RaMRR
zB~z!hz|0HAgB9_Ijvpe-zr#jLbckJsc>vmo{+im?t8lA;N#fD4?{lb&J0V8Gocq%;
f1ihv=QIDh{M_<9V+45Z2{KE4_qW}V3B0uV%GgrOJ

literal 0
HcmV?d00001

diff --git a/jetty-spdy/spdy-core/src/test/resources/truststore.jks b/jetty-spdy/spdy-core/src/test/resources/truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..839cb8c35151c2b7c64afca24b6b72caad070a05
GIT binary patch
literal 916
zcmezO_TO6u1_mY|W(3o$xs}<el|Y`U{QtDw46G4)rUsS_49sB$P0T?CO-xn`n3))v
zm{|Ok&fhiQW#iOp^Jx3d%gD&e%3zRX$Zf#M#vIDRCd?EX4C8PJGdVjN3K<B1WY~o{
z0}^xc6&!O)@(l$H_&{P@!t9=TC5btia1m}{_VCoClFXD;LoovpkQ!!TUa!=Wl1hbu
zqWrAX<Prk~ab80s14AQoLo*{&1H&i@ej`JWfPpbofUd4-VpKv73`SN4<|amd27@L>
zE~X|%Muz1J{3AIFGbaABoD&*5saD@gH|APIn|qhRGl}gsUzm=o9G*UXZaLfkb^*)o
zjA*-gTf)`m_MQJYE&gJ}p^PHkrj!4^W|XX5a=N7A{;n#yaON&k_bHloe-^*hm?Z91
zlB><r?BU_6oGJU?wy)sUsn!0?0X%a9tpw|$W?jDXGtAq5ilLHu<cF!h3hykP)pxw!
zKd)&UW1e=4rujuL>xeD=<(C>yn{9D54u}krkl}HQ(Uscha(++qf!T9y+xaEfnXd1O
zi0)T?voO%;QH9LK;*_O3mBblqm)!31vU@hm;^%>mh5U@y3R%l0gzi`2yxH!+?kPOi
zt!Tnsz1x9B3U2~8STZp)GB6^C5HPs_Lx_=~O<3xi>MmQ;D_g$D<_pdct`+TyzWTQ=
zW5Finm(sGEe;ty^>vg$!cV)t>;H#Mev23$*WWBpyJ}Ir;RW+Htrt6{Pk&qz&-XG2@
z8@{&Lu%DX7m47Uny+-3w`=4V611q#Ub(U`xZCtSK^2LO^3(s|HW&N14dV4@A&(kX%
z*S_eUPs-bSWRp>avt;CP@7K+G&3=b&1eO-s3f`;Cf91p#$)FW&xME3L8sEBQQD<u&
zP0`l-9JA;O`=q5hKYu<y5^~^9#5t2SYuTPo)!RGYE>VCvfG>mdwqnk+GXd2ihXqpv
z;usF(WoYYmu8DZZa4%1z=+hI+*gpkUykAy5tj#grb*gH!M6TqIcifYBGVe^&T#-2O
K*=+x>r_BKeJV|!|

literal 0
HcmV?d00001