summaryrefslogtreecommitdiffstats
path: root/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2011-12-07 16:58:12 -0500
committerAde Lee <alee@redhat.com>2011-12-07 16:58:12 -0500
commit32150d3ee32f8ac27118af7c792794b538c78a2f (patch)
tree52dd96f664a6fa51be25b28b6f10adc5f2c9f660 /pki/base/util/src/netscape/security/x509/KeyUsageExtension.java
parentf05d58a46795553beb8881039cc922974b40db34 (diff)
downloadpki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.gz
pki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.xz
pki-32150d3ee32f8ac27118af7c792794b538c78a2f.zip
Formatting
Formatted project according to eclipse project settings
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/KeyUsageExtension.java')
-rw-r--r--pki/base/util/src/netscape/security/x509/KeyUsageExtension.java337
1 files changed, 168 insertions, 169 deletions
diff --git a/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java b/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java
index 7cef59237..19c890626 100644
--- a/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java
+++ b/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java
@@ -30,30 +30,30 @@ import netscape.security.util.DerValue;
/**
* Represent the Key Usage Extension.
- *
- * <p>This extension, if present, defines the purpose (e.g., encipherment,
- * signature, certificate signing) of the key contained in the certificate.
- * The usage restriction might be employed when a multipurpose key is to be
- * restricted (e.g., when an RSA key should be used only for signing or only
- * for key encipherment).
- *
+ *
+ * <p>
+ * This extension, if present, defines the purpose (e.g., encipherment,
+ * signature, certificate signing) of the key contained in the certificate. The
+ * usage restriction might be employed when a multipurpose key is to be
+ * restricted (e.g., when an RSA key should be used only for signing or only for
+ * key encipherment).
+ *
* @author Amit Kapoor
* @author Hemma Prafullchandra
* @version 1.9
* @see Extension
* @see CertAttrSet
*/
-public class KeyUsageExtension extends Extension
-implements CertAttrSet {
+public class KeyUsageExtension extends Extension implements CertAttrSet {
/**
*
*/
private static final long serialVersionUID = 2899719374157256708L;
/**
- * Identifier for this attribute, to be used with the
- * get, set, delete methods of Certificate, x509 type.
- */
+ * Identifier for this attribute, to be used with the get, set, delete
+ * methods of Certificate, x509 type.
+ */
public static final String IDENT = "x509.info.extensions.KeyUsage";
/**
* Attribute names.
@@ -81,19 +81,19 @@ implements CertAttrSet {
public static final int NBITS = 9;
- public static String[] names = new String[NBITS];
-
- static {
- names[DIGITAL_SIGNATURE_BIT] = DIGITAL_SIGNATURE;
- names[NON_REPUDIATION_BIT] = NON_REPUDIATION;
- names[KEY_ENCIPHERMENT_BIT] = KEY_ENCIPHERMENT;
- names[DATA_ENCIPHERMENT_BIT] = DATA_ENCIPHERMENT;
- names[KEY_AGREEMENT_BIT] = KEY_AGREEMENT;
- names[KEY_CERTSIGN_BIT] = KEY_CERTSIGN;
- names[CRL_SIGN_BIT] = CRL_SIGN;
- names[ENCIPHER_ONLY_BIT] = ENCIPHER_ONLY;
- names[DECIPHER_ONLY_BIT] = DECIPHER_ONLY;
- }
+ public static String[] names = new String[NBITS];
+
+ static {
+ names[DIGITAL_SIGNATURE_BIT] = DIGITAL_SIGNATURE;
+ names[NON_REPUDIATION_BIT] = NON_REPUDIATION;
+ names[KEY_ENCIPHERMENT_BIT] = KEY_ENCIPHERMENT;
+ names[DATA_ENCIPHERMENT_BIT] = DATA_ENCIPHERMENT;
+ names[KEY_AGREEMENT_BIT] = KEY_AGREEMENT;
+ names[KEY_CERTSIGN_BIT] = KEY_CERTSIGN;
+ names[CRL_SIGN_BIT] = CRL_SIGN;
+ names[ENCIPHER_ONLY_BIT] = ENCIPHER_ONLY;
+ names[DECIPHER_ONLY_BIT] = DECIPHER_ONLY;
+ }
// Private data members
private boolean[] bitString;
@@ -107,12 +107,12 @@ implements CertAttrSet {
/**
* Check if bit is set.
- *
+ *
* @param position the position in the bit string to check.
*/
private boolean isSet(int position) {
- if (bitString.length <= position)
- return false;
+ if (bitString.length <= position)
+ return false;
return bitString[position];
}
@@ -120,32 +120,33 @@ implements CertAttrSet {
* Set the bit at the specified position.
*/
private void set(int position, boolean val) {
- // enlarge bitString if necessary
+ // enlarge bitString if necessary
if (position >= bitString.length) {
- boolean[] tmp = new boolean[position+1];
+ boolean[] tmp = new boolean[position + 1];
System.arraycopy(bitString, 0, tmp, 0, bitString.length);
bitString = tmp;
}
- bitString[position] = val;
+ bitString[position] = val;
}
/**
* Create a KeyUsageExtension with the passed bit settings. The criticality
* is set to true.
- *
+ *
* @param bitString the bits to be set for the extension.
*/
- public KeyUsageExtension(boolean critical, byte[] bitString) throws IOException {
- this.bitString =
- new BitArray(bitString.length*8,bitString).toBooleanArray();
+ public KeyUsageExtension(boolean critical, byte[] bitString)
+ throws IOException {
+ this.bitString = new BitArray(bitString.length * 8, bitString)
+ .toBooleanArray();
this.extensionId = PKIXExtensions.KeyUsage_Id;
this.critical = critical;
encodeThis();
}
public KeyUsageExtension(byte[] bitString) throws IOException {
- this.bitString =
- new BitArray(bitString.length*8,bitString).toBooleanArray();
+ this.bitString = new BitArray(bitString.length * 8, bitString)
+ .toBooleanArray();
this.extensionId = PKIXExtensions.KeyUsage_Id;
this.critical = true;
encodeThis();
@@ -154,10 +155,11 @@ implements CertAttrSet {
/**
* Create a KeyUsageExtension with the passed bit settings. The criticality
* is set to true.
- *
+ *
* @param bitString the bits to be set for the extension.
*/
- public KeyUsageExtension(boolean critical, boolean[] bitString) throws IOException {
+ public KeyUsageExtension(boolean critical, boolean[] bitString)
+ throws IOException {
this.bitString = bitString;
this.extensionId = PKIXExtensions.KeyUsage_Id;
this.critical = critical;
@@ -174,7 +176,7 @@ implements CertAttrSet {
/**
* Create a KeyUsageExtension with the passed bit settings. The criticality
* is set to true.
- *
+ *
* @param bitString the bits to be set for the extension.
*/
public KeyUsageExtension(BitArray bitString) throws IOException {
@@ -186,29 +188,26 @@ implements CertAttrSet {
/**
* Create the extension from the passed DER encoded value of the same.
- *
+ *
* @param critical true if the extension is to be treated as critical.
* @param value Array of DER encoded bytes of the actual value.
* @exception IOException on error.
*/
- public KeyUsageExtension(Boolean critical, Object value)
- throws IOException {
+ public KeyUsageExtension(Boolean critical, Object value) throws IOException {
this.extensionId = PKIXExtensions.KeyUsage_Id;
this.critical = critical.booleanValue();
/*
- * The following check should be activated again after
- * the PKIX profiling work becomes standard and the check
- * is not a barrier to interoperability !
- * if (!this.critical) {
- * throw new IOException("KeyUsageExtension not marked critical,"
- * + " invalid profile.");
- * }
+ * The following check should be activated again after the PKIX
+ * profiling work becomes standard and the check is not a barrier to
+ * interoperability ! if (!this.critical) { throw new
+ * IOException("KeyUsageExtension not marked critical," +
+ * " invalid profile."); }
*/
int len = Array.getLength(value);
- byte[] extValue = new byte[len];
- for (int i = 0; i < len; i++) {
- extValue[i] = Array.getByte(value, i);
- }
+ byte[] extValue = new byte[len];
+ for (int i = 0; i < len; i++) {
+ extValue[i] = Array.getByte(value, i);
+ }
this.extensionValue = extValue;
DerValue val = new DerValue(extValue);
this.bitString = val.getUnalignedBitString().toBooleanArray();
@@ -229,88 +228,88 @@ implements CertAttrSet {
public void set(String name, Object obj) throws IOException {
clearValue();
if (!(obj instanceof Boolean)) {
- throw new IOException("Attribute must be of type Boolean.");
- }
- boolean val = ((Boolean)obj).booleanValue();
- if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
- set(0,val);
- } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
- set(1,val);
- } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
- set(2,val);
- } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
- set(3,val);
- } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
- set(4,val);
- } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
- set(5,val);
- } else if (name.equalsIgnoreCase(CRL_SIGN)) {
- set(6,val);
- } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
- set(7,val);
- } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
- set(8,val);
- } else {
- throw new IOException("Attribute name not recognized by"
- + " CertAttrSet:KeyUsage.");
- }
- encodeThis();
+ throw new IOException("Attribute must be of type Boolean.");
+ }
+ boolean val = ((Boolean) obj).booleanValue();
+ if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
+ set(0, val);
+ } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
+ set(1, val);
+ } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
+ set(2, val);
+ } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
+ set(3, val);
+ } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
+ set(4, val);
+ } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
+ set(5, val);
+ } else if (name.equalsIgnoreCase(CRL_SIGN)) {
+ set(6, val);
+ } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
+ set(7, val);
+ } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
+ set(8, val);
+ } else {
+ throw new IOException("Attribute name not recognized by"
+ + " CertAttrSet:KeyUsage.");
+ }
+ encodeThis();
}
/**
* Get the attribute value.
*/
public Object get(String name) throws IOException {
- if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
- return new Boolean(isSet(0));
- } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
- return new Boolean(isSet(1));
- } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
- return new Boolean(isSet(2));
- } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
- return new Boolean(isSet(3));
- } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
- return new Boolean(isSet(4));
- } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
- return new Boolean(isSet(5));
- } else if (name.equalsIgnoreCase(CRL_SIGN)) {
- return new Boolean(isSet(6));
- } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
- return new Boolean(isSet(7));
- } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
- return new Boolean(isSet(8));
- } else {
- throw new IOException("Attribute name not recognized by"
- + " CertAttrSet:KeyUsage.");
- }
+ if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
+ return new Boolean(isSet(0));
+ } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
+ return new Boolean(isSet(1));
+ } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
+ return new Boolean(isSet(2));
+ } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
+ return new Boolean(isSet(3));
+ } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
+ return new Boolean(isSet(4));
+ } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
+ return new Boolean(isSet(5));
+ } else if (name.equalsIgnoreCase(CRL_SIGN)) {
+ return new Boolean(isSet(6));
+ } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
+ return new Boolean(isSet(7));
+ } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
+ return new Boolean(isSet(8));
+ } else {
+ throw new IOException("Attribute name not recognized by"
+ + " CertAttrSet:KeyUsage.");
+ }
}
/**
* Delete the attribute value.
*/
public void delete(String name) throws IOException {
- if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
- set(0,false);
- } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
- set(1,false);
- } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
- set(2,false);
- } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
- set(3,false);
- } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
- set(4,false);
- } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
- set(5,false);
- } else if (name.equalsIgnoreCase(CRL_SIGN)) {
- set(6,false);
- } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
- set(7,false);
- } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
- set(8,false);
- } else {
- throw new IOException("Attribute name not recognized by"
- + " CertAttrSet:KeyUsage.");
- }
+ if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
+ set(0, false);
+ } else if (name.equalsIgnoreCase(NON_REPUDIATION)) {
+ set(1, false);
+ } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
+ set(2, false);
+ } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
+ set(3, false);
+ } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) {
+ set(4, false);
+ } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) {
+ set(5, false);
+ } else if (name.equalsIgnoreCase(CRL_SIGN)) {
+ set(6, false);
+ } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) {
+ set(7, false);
+ } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) {
+ set(8, false);
+ } else {
+ throw new IOException("Attribute name not recognized by"
+ + " CertAttrSet:KeyUsage.");
+ }
}
/**
@@ -319,36 +318,37 @@ implements CertAttrSet {
public String toString() {
String s = super.toString() + "KeyUsage [\n";
- try {
- if (isSet(0)) {
- s += " DigitalSignature\n";
- }
- if (isSet(1)) {
- s += " Non_repudiation\n";
- }
- if (isSet(2)) {
- s += " Key_Encipherment\n";
- }
- if (isSet(3)) {
- s += " Data_Encipherment\n";
- }
- if (isSet(4)) {
- s += " Key_Agreement\n";
- }
- if (isSet(5)) {
- s += " Key_CertSign\n";
- }
- if (isSet(6)) {
- s += " Crl_Sign\n";
+ try {
+ if (isSet(0)) {
+ s += " DigitalSignature\n";
+ }
+ if (isSet(1)) {
+ s += " Non_repudiation\n";
+ }
+ if (isSet(2)) {
+ s += " Key_Encipherment\n";
+ }
+ if (isSet(3)) {
+ s += " Data_Encipherment\n";
+ }
+ if (isSet(4)) {
+ s += " Key_Agreement\n";
+ }
+ if (isSet(5)) {
+ s += " Key_CertSign\n";
+ }
+ if (isSet(6)) {
+ s += " Crl_Sign\n";
+ }
+ if (isSet(7)) {
+ s += " Encipher_Only\n";
+ }
+ if (isSet(8)) {
+ s += " Decipher_Only\n";
+ }
+ } catch (ArrayIndexOutOfBoundsException ex) {
}
- if (isSet(7)) {
- s += " Encipher_Only\n";
- }
- if (isSet(8)) {
- s += " Decipher_Only\n";
- }
- } catch (ArrayIndexOutOfBoundsException ex) {}
-
+
s += "]\n";
return (s);
@@ -356,7 +356,7 @@ implements CertAttrSet {
/**
* Decode the extension from the InputStream.
- *
+ *
* @param in the InputStream to unmarshal the contents from.
* @exception IOException on decoding or validity errors.
*/
@@ -366,27 +366,27 @@ implements CertAttrSet {
/**
* Write the extension to the DerOutputStream.
- *
+ *
* @param out the DerOutputStream to write the extension to.
* @exception IOException on encoding errors.
*/
public void encode(OutputStream out) throws IOException {
- DerOutputStream tmp = new DerOutputStream();
-
- if (this.extensionValue == null) {
- this.extensionId = PKIXExtensions.KeyUsage_Id;
- this.critical = true;
- encodeThis();
- }
- super.encode(tmp);
- out.write(tmp.toByteArray());
+ DerOutputStream tmp = new DerOutputStream();
+
+ if (this.extensionValue == null) {
+ this.extensionId = PKIXExtensions.KeyUsage_Id;
+ this.critical = true;
+ encodeThis();
+ }
+ super.encode(tmp);
+ out.write(tmp.toByteArray());
}
/**
* Return an enumeration of names of attributes existing within this
* attribute.
*/
- public Enumeration<String> getElements () {
+ public Enumeration<String> getElements() {
Vector<String> elements = new Vector<String>();
elements.addElement(DIGITAL_SIGNATURE);
elements.addElement(NON_REPUDIATION);
@@ -398,18 +398,17 @@ implements CertAttrSet {
elements.addElement(ENCIPHER_ONLY);
elements.addElement(DECIPHER_ONLY);
- return (elements.elements());
+ return (elements.elements());
}
-
public boolean[] getBits() {
- return (boolean[]) bitString.clone();
+ return (boolean[]) bitString.clone();
}
/**
* Return the name of this attribute.
*/
- public String getName () {
+ public String getName() {
return (NAME);
}
}
generated by cgit (git 2.34.1) at 2024-07-05 23:33:59 +0000