diff options
author | Ade Lee <alee@redhat.com> | 2012-01-11 12:57:53 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-01-11 13:49:04 -0500 |
commit | 10cfe7756e967ac91c66d33b392aeab9cf3780fb (patch) | |
tree | d5ac9b58442265d2ce5ef60e31f041ddacba1b4f /pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java | |
parent | edcb24f65cc3700e75d0a1d14dc2483f210b0ee4 (diff) | |
download | pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.gz pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.xz pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.zip |
Formatting (no line wrap in comments or code)
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java')
-rw-r--r-- | pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java | 308 |
1 files changed, 151 insertions, 157 deletions
diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java index 0f64c58b4..a15c1099f 100644 --- a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java +++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java @@ -37,19 +37,19 @@ import org.mozilla.jss.asn1.SEQUENCE; /** * An extension that tells applications where to find the CRL for * this certificate. - * + * * <pre> * cRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint - * + * * DistributionPoint ::= SEQUENCE { * distributionPoint [0] DistributionPointName OPTIONAL, * reasons [1] ReasonFlags OPTIONAL, * cRLIssuer [2] GeneralNames OPTIONAL } - * + * * DistributionPointName ::= CHOICE { * fullName [0] GeneralNames, * nameRelativeToCRLIssuer [1] RelativeDistinguishedName } - * + * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), @@ -61,8 +61,7 @@ import org.mozilla.jss.asn1.SEQUENCE; * </pre> */ public class CRLDistributionPointsExtension extends Extension - implements CertAttrSet -{ + implements CertAttrSet { /** * @@ -72,7 +71,7 @@ public class CRLDistributionPointsExtension extends Extension private SEQUENCE distributionPoints = new SEQUENCE(); // Cached DER-encoding to improve performance. - private byte[] cachedEncoding=null; + private byte[] cachedEncoding = null; /** * This constructor is called by the CertificateExtensions class to decode @@ -80,30 +79,30 @@ public class CRLDistributionPointsExtension extends Extension * extension. */ public CRLDistributionPointsExtension(Boolean critical, Object value) - //throws IOException + //throws IOException { - try { - - this.extensionId = PKIXExtensions.CRLDistributionPoints_Id; - this.critical = critical.booleanValue(); - this.extensionValue = (byte[])((byte[])value).clone(); - - // decode the value try { - SEQUENCE.OF_Template seqOfCRLDP = - new SEQUENCE.OF_Template( CRLDistributionPoint.getTemplate() ); - distributionPoints = - (SEQUENCE) ASN1Util.decode( seqOfCRLDP, extensionValue ); - } catch(InvalidBERException e) { - throw new IOException("Invalid BER-encoding: " + e.toString()); + this.extensionId = PKIXExtensions.CRLDistributionPoints_Id; + this.critical = critical.booleanValue(); + this.extensionValue = (byte[]) ((byte[]) value).clone(); + + // decode the value + try { + SEQUENCE.OF_Template seqOfCRLDP = + new SEQUENCE.OF_Template(CRLDistributionPoint.getTemplate()); + + distributionPoints = + (SEQUENCE) ASN1Util.decode(seqOfCRLDP, extensionValue); + } catch (InvalidBERException e) { + throw new IOException("Invalid BER-encoding: " + e.toString()); + } + } catch (IOException e) { + System.out.println("Big error"); + System.out.println(e); + e.printStackTrace(); + //throw e; } - } catch(IOException e) { - System.out.println("Big error"); - System.out.println(e); - e.printStackTrace(); - //throw e; - } } /** @@ -143,10 +142,10 @@ public class CRLDistributionPointsExtension extends Extension return (CRLDistributionPoint) distributionPoints.elementAt(index); } - /** - * Sets the criticality of this extension. PKIX dictates that this + /** + * Sets the criticality of this extension. PKIX dictates that this * extension SHOULD NOT be critical, so applications can make it critical - * if they have a very good reason. By default, the extension is not + * if they have a very good reason. By default, the extension is not * critical. */ public void setCritical(boolean critical) { @@ -179,11 +178,12 @@ public class CRLDistributionPointsExtension extends Extension ///////////////////////////////////////////////////////////// public static final String NAME = "CRLDistributionPoints"; - static { - try { + static { + try { OIDMap.addAttribute(CRLDistributionPointsExtension.class.getName(), OID, NAME); - } catch (CertificateException e) {} + } catch (CertificateException e) { + } } public String toString() { @@ -194,9 +194,8 @@ public class CRLDistributionPointsExtension extends Extension * DER-encodes this extension to the given OutputStream. */ public void encode(OutputStream ostream) - throws CertificateException, IOException - { - if( cachedEncoding == null ) { + throws CertificateException, IOException { + if (cachedEncoding == null) { // only re-encode if necessary DerOutputStream tmp = new DerOutputStream(); encode(tmp); @@ -206,37 +205,32 @@ public class CRLDistributionPointsExtension extends Extension } public void decode(InputStream in) - throws CertificateException, IOException - { + throws CertificateException, IOException { throw new IOException("Not supported"); } public void set(String name, Object obj) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:CRLDistributionPointsExtension"); + throws CertificateException, IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:CRLDistributionPointsExtension"); } public Object get(String name) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:CRLDistributionPointsExtension"); + throws CertificateException, IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:CRLDistributionPointsExtension"); } public void delete(String name) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:CRLDistributionPointsExtension"); + throws CertificateException, IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:CRLDistributionPointsExtension"); } public Enumeration getElements() { return (new Vector()).elements(); } - public String getName() { return NAME; } @@ -246,64 +240,62 @@ public class CRLDistributionPointsExtension extends Extension */ public static void main(String args[]) { - try { - - if( args.length != 1 ) { - System.out.println("Usage: CRLDistributionPointsExtentions "+ - "<outfile>"); - System.exit(-1); - } + try { - BufferedOutputStream bos = new BufferedOutputStream( - new FileOutputStream(args[0]) ); - - - // URI only - CRLDistributionPoint cdp = new CRLDistributionPoint(); - URIName uri = new URIName("http://www.mycrl.com/go/here"); - GeneralNames generalNames = new GeneralNames(); - generalNames.addElement(uri); - cdp.setFullName(generalNames); - CRLDistributionPointsExtension crldpExt = - new CRLDistributionPointsExtension(cdp); - - // DN only - cdp = new CRLDistributionPoint(); - X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org"+ - ",OU=Certificate Server,O=Fedora,C=US"); - generalNames = new GeneralNames(); - generalNames.addElement(dn); - cdp.setFullName(generalNames); - crldpExt.addPoint(cdp); - - // DN + reason - BitArray ba = new BitArray(5, new byte[] {(byte)0x28} ); - cdp = new CRLDistributionPoint(); - cdp.setFullName(generalNames); - cdp.setReasons(ba); - crldpExt.addPoint(cdp); - - - // relative DN + reason + crlIssuer - cdp = new CRLDistributionPoint(); - RDN rdn = new RDN("OU=foobar dept"); - cdp.setRelativeName(rdn); - cdp.setReasons(ba); - cdp.setCRLIssuer(generalNames); - crldpExt.addPoint(cdp); - - crldpExt.setCritical(true); - crldpExt.encode(bos); - - bos.close(); - - } catch(Exception e) { + if (args.length != 1) { + System.out.println("Usage: CRLDistributionPointsExtentions " + + "<outfile>"); + System.exit(-1); + } + + BufferedOutputStream bos = new BufferedOutputStream( + new FileOutputStream(args[0])); + + // URI only + CRLDistributionPoint cdp = new CRLDistributionPoint(); + URIName uri = new URIName("http://www.mycrl.com/go/here"); + GeneralNames generalNames = new GeneralNames(); + generalNames.addElement(uri); + cdp.setFullName(generalNames); + CRLDistributionPointsExtension crldpExt = + new CRLDistributionPointsExtension(cdp); + + // DN only + cdp = new CRLDistributionPoint(); + X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + + ",OU=Certificate Server,O=Fedora,C=US"); + generalNames = new GeneralNames(); + generalNames.addElement(dn); + cdp.setFullName(generalNames); + crldpExt.addPoint(cdp); + + // DN + reason + BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 }); + cdp = new CRLDistributionPoint(); + cdp.setFullName(generalNames); + cdp.setReasons(ba); + crldpExt.addPoint(cdp); + + // relative DN + reason + crlIssuer + cdp = new CRLDistributionPoint(); + RDN rdn = new RDN("OU=foobar dept"); + cdp.setRelativeName(rdn); + cdp.setReasons(ba); + cdp.setCRLIssuer(generalNames); + crldpExt.addPoint(cdp); + + crldpExt.setCritical(true); + crldpExt.encode(bos); + + bos.close(); + + } catch (Exception e) { e.printStackTrace(); - } + } } - /** - * Represents a reason that a cert may be revoked. These reasons are + /** + * Represents a reason that a cert may be revoked. These reasons are * expressed in a ReasonFlags bit string. */ public static class Reason { @@ -311,19 +303,21 @@ public class CRLDistributionPointsExtension extends Extension private String name; private byte bitMask; - private Reason() { } + private Reason() { + } + private Reason(String name, byte bitMask) { this.name = name; this.bitMask = bitMask; map.put(name, this); - list.addElement(this); + list.addElement(this); } private static Hashtable<String, Reason> map = new Hashtable<String, Reason>(); - private static Vector<Reason> list = new Vector<Reason>(); + private static Vector<Reason> list = new Vector<Reason>(); public static Reason fromString(String name) { - return map.get(name); + return map.get(name); } public String getName() { @@ -334,61 +328,61 @@ public class CRLDistributionPointsExtension extends Extension return bitMask; } - /** - * Given a bit array representing reason flags, extracts the reasons - * and returns them as an array. - * - * @param bitFlags A bit vector containing reason flags. - * @return An array of reasons contained in the bit vector. - * May be zero-length but will not be null. - */ - public static Reason[] bitArrayToReasonArray(byte bitFlags) { - return bitArrayToReasonArray( new byte[] { bitFlags } ); - } - - /** - * Given a bit array representing reason flags, extracts the reasons - * and returns them as an array. Currently, only the first byte - * of the bitflags are examined. - * - * @param bitFlags A bit vector containing reason flags. The format - * is big-endian (MSB first). Only the first byte is examined. - * @return An array of reasons contained in the bit vector. - * May be zero-length but will not be null. - */ - public static Reason[] bitArrayToReasonArray(byte[] bitFlags) { - byte first = bitFlags[0]; - int size = list.size(); - Vector<Reason> result = new Vector<Reason>(); - for(int i = 0; i < size; i++) { - Reason r = list.elementAt(i); - byte b = r.getBitMask(); - if( (first & b) != 0 ) { - result.addElement(r); - } - } - size = result.size(); - Reason[] retval = new Reason[size]; - for(int i=0; i < size; i++) { - retval[i] = result.elementAt(i); - } - return retval; - } - + /** + * Given a bit array representing reason flags, extracts the reasons + * and returns them as an array. + * + * @param bitFlags A bit vector containing reason flags. + * @return An array of reasons contained in the bit vector. + * May be zero-length but will not be null. + */ + public static Reason[] bitArrayToReasonArray(byte bitFlags) { + return bitArrayToReasonArray(new byte[] { bitFlags }); + } + + /** + * Given a bit array representing reason flags, extracts the reasons + * and returns them as an array. Currently, only the first byte + * of the bitflags are examined. + * + * @param bitFlags A bit vector containing reason flags. The format + * is big-endian (MSB first). Only the first byte is examined. + * @return An array of reasons contained in the bit vector. + * May be zero-length but will not be null. + */ + public static Reason[] bitArrayToReasonArray(byte[] bitFlags) { + byte first = bitFlags[0]; + int size = list.size(); + Vector<Reason> result = new Vector<Reason>(); + for (int i = 0; i < size; i++) { + Reason r = list.elementAt(i); + byte b = r.getBitMask(); + if ((first & b) != 0) { + result.addElement(r); + } + } + size = result.size(); + Reason[] retval = new Reason[size]; + for (int i = 0; i < size; i++) { + retval[i] = result.elementAt(i); + } + return retval; + } + public static final Reason UNUSED = - new Reason("unused", (byte) 0x80); + new Reason("unused", (byte) 0x80); public static final Reason KEY_COMPROMISE = - new Reason("keyCompromise", (byte) 0x40); + new Reason("keyCompromise", (byte) 0x40); public static final Reason CA_COMPROMISE = - new Reason("cACompromise", (byte) 0x20); + new Reason("cACompromise", (byte) 0x20); public static final Reason AFFILIATION_CHANGED = - new Reason("affiliationChanged", (byte) 0x10); + new Reason("affiliationChanged", (byte) 0x10); public static final Reason SUPERSEDED = - new Reason("superseded", (byte) 0x08); + new Reason("superseded", (byte) 0x08); public static final Reason CESSATION_OF_OPERATION = - new Reason("cessationOfOperation", (byte) 0x04); + new Reason("cessationOfOperation", (byte) 0x04); public static final Reason CERTIFICATE_HOLD = - new Reason("certificateHold", (byte) 0x02); + new Reason("certificateHold", (byte) 0x02); } } |