summaryrefslogtreecommitdiffstats
path: root/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2012-01-11 12:57:53 -0500
committerAde Lee <alee@redhat.com>2012-01-11 13:49:04 -0500
commit10cfe7756e967ac91c66d33b392aeab9cf3780fb (patch)
treed5ac9b58442265d2ce5ef60e31f041ddacba1b4f /pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
parentedcb24f65cc3700e75d0a1d14dc2483f210b0ee4 (diff)
downloadpki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.gz
pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.xz
pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.zip
Formatting (no line wrap in comments or code)
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java')
-rw-r--r--pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java308
1 files changed, 151 insertions, 157 deletions
diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
index 0f64c58b4..a15c1099f 100644
--- a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
+++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java
@@ -37,19 +37,19 @@ import org.mozilla.jss.asn1.SEQUENCE;
/**
* An extension that tells applications where to find the CRL for
* this certificate.
- *
+ *
* <pre>
* cRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
+ *
* DistributionPoint ::= SEQUENCE {
* distributionPoint [0] DistributionPointName OPTIONAL,
* reasons [1] ReasonFlags OPTIONAL,
* cRLIssuer [2] GeneralNames OPTIONAL }
- *
+ *
* DistributionPointName ::= CHOICE {
* fullName [0] GeneralNames,
* nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
+ *
* ReasonFlags ::= BIT STRING {
* unused (0),
* keyCompromise (1),
@@ -61,8 +61,7 @@ import org.mozilla.jss.asn1.SEQUENCE;
* </pre>
*/
public class CRLDistributionPointsExtension extends Extension
- implements CertAttrSet
-{
+ implements CertAttrSet {
/**
*
@@ -72,7 +71,7 @@ public class CRLDistributionPointsExtension extends Extension
private SEQUENCE distributionPoints = new SEQUENCE();
// Cached DER-encoding to improve performance.
- private byte[] cachedEncoding=null;
+ private byte[] cachedEncoding = null;
/**
* This constructor is called by the CertificateExtensions class to decode
@@ -80,30 +79,30 @@ public class CRLDistributionPointsExtension extends Extension
* extension.
*/
public CRLDistributionPointsExtension(Boolean critical, Object value)
- //throws IOException
+ //throws IOException
{
- try {
-
- this.extensionId = PKIXExtensions.CRLDistributionPoints_Id;
- this.critical = critical.booleanValue();
- this.extensionValue = (byte[])((byte[])value).clone();
-
- // decode the value
try {
- SEQUENCE.OF_Template seqOfCRLDP =
- new SEQUENCE.OF_Template( CRLDistributionPoint.getTemplate() );
- distributionPoints =
- (SEQUENCE) ASN1Util.decode( seqOfCRLDP, extensionValue );
- } catch(InvalidBERException e) {
- throw new IOException("Invalid BER-encoding: " + e.toString());
+ this.extensionId = PKIXExtensions.CRLDistributionPoints_Id;
+ this.critical = critical.booleanValue();
+ this.extensionValue = (byte[]) ((byte[]) value).clone();
+
+ // decode the value
+ try {
+ SEQUENCE.OF_Template seqOfCRLDP =
+ new SEQUENCE.OF_Template(CRLDistributionPoint.getTemplate());
+
+ distributionPoints =
+ (SEQUENCE) ASN1Util.decode(seqOfCRLDP, extensionValue);
+ } catch (InvalidBERException e) {
+ throw new IOException("Invalid BER-encoding: " + e.toString());
+ }
+ } catch (IOException e) {
+ System.out.println("Big error");
+ System.out.println(e);
+ e.printStackTrace();
+ //throw e;
}
- } catch(IOException e) {
- System.out.println("Big error");
- System.out.println(e);
- e.printStackTrace();
- //throw e;
- }
}
/**
@@ -143,10 +142,10 @@ public class CRLDistributionPointsExtension extends Extension
return (CRLDistributionPoint) distributionPoints.elementAt(index);
}
- /**
- * Sets the criticality of this extension. PKIX dictates that this
+ /**
+ * Sets the criticality of this extension. PKIX dictates that this
* extension SHOULD NOT be critical, so applications can make it critical
- * if they have a very good reason. By default, the extension is not
+ * if they have a very good reason. By default, the extension is not
* critical.
*/
public void setCritical(boolean critical) {
@@ -179,11 +178,12 @@ public class CRLDistributionPointsExtension extends Extension
/////////////////////////////////////////////////////////////
public static final String NAME = "CRLDistributionPoints";
- static {
- try {
+ static {
+ try {
OIDMap.addAttribute(CRLDistributionPointsExtension.class.getName(),
OID, NAME);
- } catch (CertificateException e) {}
+ } catch (CertificateException e) {
+ }
}
public String toString() {
@@ -194,9 +194,8 @@ public class CRLDistributionPointsExtension extends Extension
* DER-encodes this extension to the given OutputStream.
*/
public void encode(OutputStream ostream)
- throws CertificateException, IOException
- {
- if( cachedEncoding == null ) {
+ throws CertificateException, IOException {
+ if (cachedEncoding == null) {
// only re-encode if necessary
DerOutputStream tmp = new DerOutputStream();
encode(tmp);
@@ -206,37 +205,32 @@ public class CRLDistributionPointsExtension extends Extension
}
public void decode(InputStream in)
- throws CertificateException, IOException
- {
+ throws CertificateException, IOException {
throw new IOException("Not supported");
}
public void set(String name, Object obj)
- throws CertificateException, IOException
- {
- throw new IOException("Attribute name not recognized by " +
- "CertAttrSet:CRLDistributionPointsExtension");
+ throws CertificateException, IOException {
+ throw new IOException("Attribute name not recognized by " +
+ "CertAttrSet:CRLDistributionPointsExtension");
}
public Object get(String name)
- throws CertificateException, IOException
- {
- throw new IOException("Attribute name not recognized by " +
- "CertAttrSet:CRLDistributionPointsExtension");
+ throws CertificateException, IOException {
+ throw new IOException("Attribute name not recognized by " +
+ "CertAttrSet:CRLDistributionPointsExtension");
}
public void delete(String name)
- throws CertificateException, IOException
- {
- throw new IOException("Attribute name not recognized by " +
- "CertAttrSet:CRLDistributionPointsExtension");
+ throws CertificateException, IOException {
+ throw new IOException("Attribute name not recognized by " +
+ "CertAttrSet:CRLDistributionPointsExtension");
}
public Enumeration getElements() {
return (new Vector()).elements();
}
-
public String getName() {
return NAME;
}
@@ -246,64 +240,62 @@ public class CRLDistributionPointsExtension extends Extension
*/
public static void main(String args[]) {
- try {
-
- if( args.length != 1 ) {
- System.out.println("Usage: CRLDistributionPointsExtentions "+
- "<outfile>");
- System.exit(-1);
- }
+ try {
- BufferedOutputStream bos = new BufferedOutputStream(
- new FileOutputStream(args[0]) );
-
-
- // URI only
- CRLDistributionPoint cdp = new CRLDistributionPoint();
- URIName uri = new URIName("http://www.mycrl.com/go/here");
- GeneralNames generalNames = new GeneralNames();
- generalNames.addElement(uri);
- cdp.setFullName(generalNames);
- CRLDistributionPointsExtension crldpExt =
- new CRLDistributionPointsExtension(cdp);
-
- // DN only
- cdp = new CRLDistributionPoint();
- X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org"+
- ",OU=Certificate Server,O=Fedora,C=US");
- generalNames = new GeneralNames();
- generalNames.addElement(dn);
- cdp.setFullName(generalNames);
- crldpExt.addPoint(cdp);
-
- // DN + reason
- BitArray ba = new BitArray(5, new byte[] {(byte)0x28} );
- cdp = new CRLDistributionPoint();
- cdp.setFullName(generalNames);
- cdp.setReasons(ba);
- crldpExt.addPoint(cdp);
-
-
- // relative DN + reason + crlIssuer
- cdp = new CRLDistributionPoint();
- RDN rdn = new RDN("OU=foobar dept");
- cdp.setRelativeName(rdn);
- cdp.setReasons(ba);
- cdp.setCRLIssuer(generalNames);
- crldpExt.addPoint(cdp);
-
- crldpExt.setCritical(true);
- crldpExt.encode(bos);
-
- bos.close();
-
- } catch(Exception e) {
+ if (args.length != 1) {
+ System.out.println("Usage: CRLDistributionPointsExtentions " +
+ "<outfile>");
+ System.exit(-1);
+ }
+
+ BufferedOutputStream bos = new BufferedOutputStream(
+ new FileOutputStream(args[0]));
+
+ // URI only
+ CRLDistributionPoint cdp = new CRLDistributionPoint();
+ URIName uri = new URIName("http://www.mycrl.com/go/here");
+ GeneralNames generalNames = new GeneralNames();
+ generalNames.addElement(uri);
+ cdp.setFullName(generalNames);
+ CRLDistributionPointsExtension crldpExt =
+ new CRLDistributionPointsExtension(cdp);
+
+ // DN only
+ cdp = new CRLDistributionPoint();
+ X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" +
+ ",OU=Certificate Server,O=Fedora,C=US");
+ generalNames = new GeneralNames();
+ generalNames.addElement(dn);
+ cdp.setFullName(generalNames);
+ crldpExt.addPoint(cdp);
+
+ // DN + reason
+ BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 });
+ cdp = new CRLDistributionPoint();
+ cdp.setFullName(generalNames);
+ cdp.setReasons(ba);
+ crldpExt.addPoint(cdp);
+
+ // relative DN + reason + crlIssuer
+ cdp = new CRLDistributionPoint();
+ RDN rdn = new RDN("OU=foobar dept");
+ cdp.setRelativeName(rdn);
+ cdp.setReasons(ba);
+ cdp.setCRLIssuer(generalNames);
+ crldpExt.addPoint(cdp);
+
+ crldpExt.setCritical(true);
+ crldpExt.encode(bos);
+
+ bos.close();
+
+ } catch (Exception e) {
e.printStackTrace();
- }
+ }
}
- /**
- * Represents a reason that a cert may be revoked. These reasons are
+ /**
+ * Represents a reason that a cert may be revoked. These reasons are
* expressed in a ReasonFlags bit string.
*/
public static class Reason {
@@ -311,19 +303,21 @@ public class CRLDistributionPointsExtension extends Extension
private String name;
private byte bitMask;
- private Reason() { }
+ private Reason() {
+ }
+
private Reason(String name, byte bitMask) {
this.name = name;
this.bitMask = bitMask;
map.put(name, this);
- list.addElement(this);
+ list.addElement(this);
}
private static Hashtable<String, Reason> map = new Hashtable<String, Reason>();
- private static Vector<Reason> list = new Vector<Reason>();
+ private static Vector<Reason> list = new Vector<Reason>();
public static Reason fromString(String name) {
- return map.get(name);
+ return map.get(name);
}
public String getName() {
@@ -334,61 +328,61 @@ public class CRLDistributionPointsExtension extends Extension
return bitMask;
}
- /**
- * Given a bit array representing reason flags, extracts the reasons
- * and returns them as an array.
- *
- * @param bitFlags A bit vector containing reason flags.
- * @return An array of reasons contained in the bit vector.
- * May be zero-length but will not be null.
- */
- public static Reason[] bitArrayToReasonArray(byte bitFlags) {
- return bitArrayToReasonArray( new byte[] { bitFlags } );
- }
-
- /**
- * Given a bit array representing reason flags, extracts the reasons
- * and returns them as an array. Currently, only the first byte
- * of the bitflags are examined.
- *
- * @param bitFlags A bit vector containing reason flags. The format
- * is big-endian (MSB first). Only the first byte is examined.
- * @return An array of reasons contained in the bit vector.
- * May be zero-length but will not be null.
- */
- public static Reason[] bitArrayToReasonArray(byte[] bitFlags) {
- byte first = bitFlags[0];
- int size = list.size();
- Vector<Reason> result = new Vector<Reason>();
- for(int i = 0; i < size; i++) {
- Reason r = list.elementAt(i);
- byte b = r.getBitMask();
- if( (first & b) != 0 ) {
- result.addElement(r);
- }
- }
- size = result.size();
- Reason[] retval = new Reason[size];
- for(int i=0; i < size; i++) {
- retval[i] = result.elementAt(i);
- }
- return retval;
- }
-
+ /**
+ * Given a bit array representing reason flags, extracts the reasons
+ * and returns them as an array.
+ *
+ * @param bitFlags A bit vector containing reason flags.
+ * @return An array of reasons contained in the bit vector.
+ * May be zero-length but will not be null.
+ */
+ public static Reason[] bitArrayToReasonArray(byte bitFlags) {
+ return bitArrayToReasonArray(new byte[] { bitFlags });
+ }
+
+ /**
+ * Given a bit array representing reason flags, extracts the reasons
+ * and returns them as an array. Currently, only the first byte
+ * of the bitflags are examined.
+ *
+ * @param bitFlags A bit vector containing reason flags. The format
+ * is big-endian (MSB first). Only the first byte is examined.
+ * @return An array of reasons contained in the bit vector.
+ * May be zero-length but will not be null.
+ */
+ public static Reason[] bitArrayToReasonArray(byte[] bitFlags) {
+ byte first = bitFlags[0];
+ int size = list.size();
+ Vector<Reason> result = new Vector<Reason>();
+ for (int i = 0; i < size; i++) {
+ Reason r = list.elementAt(i);
+ byte b = r.getBitMask();
+ if ((first & b) != 0) {
+ result.addElement(r);
+ }
+ }
+ size = result.size();
+ Reason[] retval = new Reason[size];
+ for (int i = 0; i < size; i++) {
+ retval[i] = result.elementAt(i);
+ }
+ return retval;
+ }
+
public static final Reason UNUSED =
- new Reason("unused", (byte) 0x80);
+ new Reason("unused", (byte) 0x80);
public static final Reason KEY_COMPROMISE =
- new Reason("keyCompromise", (byte) 0x40);
+ new Reason("keyCompromise", (byte) 0x40);
public static final Reason CA_COMPROMISE =
- new Reason("cACompromise", (byte) 0x20);
+ new Reason("cACompromise", (byte) 0x20);
public static final Reason AFFILIATION_CHANGED =
- new Reason("affiliationChanged", (byte) 0x10);
+ new Reason("affiliationChanged", (byte) 0x10);
public static final Reason SUPERSEDED =
- new Reason("superseded", (byte) 0x08);
+ new Reason("superseded", (byte) 0x08);
public static final Reason CESSATION_OF_OPERATION =
- new Reason("cessationOfOperation", (byte) 0x04);
+ new Reason("cessationOfOperation", (byte) 0x04);
public static final Reason CERTIFICATE_HOLD =
- new Reason("certificateHold", (byte) 0x02);
+ new Reason("certificateHold", (byte) 0x02);
}
}
generated by cgit (git 2.34.1) at 2024-06-11 00:01:45 +0000