Enhance toString() to return structured info, for certificate and probably more
Dr Andrew John Hughes
ahughes at redhat.com
Thu Aug 25 14:01:41 PDT 2011
On 10:41 Thu 25 Aug , Weijun Wang wrote:
> Hi All
> I was talking with Xuelei on how to better display certificate info.
> There are 3 cases we can currently think of:
> 1. debug output
> 2. keytool/jarsigner output
> 3. Java plugin display
> The 1st one is the most primitive one and can be a single string, the
> 2nd is also a string but have some format and needs to localized, the
> third is a series of Swing controls.
> But the contents of all 3 are the same, and hopefully can be provided in
> a single method. Each consumer can just display it in its own style,
> with no need to understand Certificate fields, OIDs, etc. It's just like
> XSLT transformation of XML files.
> So what shall I do? Let toString() outputs a long string in XML or JSON?
I be against that. It goes against the usual expectation of toString output
being (fairly) human-readable.
> Or, create a new method describe() or toDescription() that returns a
> UnmodifiableMap (based on a LinkedHashMap to preserve order)?
> I prefer the latter because there is no need to parse the output, and at
> least in the case of certificate, since a certificate contains
> extensions, it's very easy to stuff several maps inside another one. The
> map's keys are strings, and values can be another map or a simple data
> object, say, primitive, string, or Date.
> So this needs a new interface Descriptable. It can either be:
> interface sun.security.util.Descriptable;
> sun.security.x509.X509CertImpl implements Descriptable;
> sun.security.x509.Extension implements Descriptable;
> interface java.security.Descriptable;
> java.security.cert.X509Certificate implements Descriptable;
> java.security.cert.Extension implements Descriptable;
> or if there are other people find it useful, it can be inside the
> java.util package.
This sounds like a good idea to me, but would there be a standard set
of keys and values? Especially if it's going to be part of
java.security, the keys and values should be part of the
method specification. This becomes a harder task if it's generalised
BTW, it should be Describable :-)
> What's your ideas? Do you also need such a method?
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
PGP Key: F5862A37 (https://keys.indymedia.org/)
Fingerprint = EA30 D855 D50F 90CD F54D 0698 0713 C3ED F586 2A37
More information about the security-dev