diff options
author | Ade Lee <alee@redhat.com> | 2011-12-07 16:58:12 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2011-12-07 16:58:12 -0500 |
commit | 32150d3ee32f8ac27118af7c792794b538c78a2f (patch) | |
tree | 52dd96f664a6fa51be25b28b6f10adc5f2c9f660 /pki/base/util/src/netscape/security/x509/KeyUsageExtension.java | |
parent | f05d58a46795553beb8881039cc922974b40db34 (diff) | |
download | pki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.gz pki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.xz pki-32150d3ee32f8ac27118af7c792794b538c78a2f.zip |
Formatting
Formatted project according to eclipse project settings
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/KeyUsageExtension.java')
-rw-r--r-- | pki/base/util/src/netscape/security/x509/KeyUsageExtension.java | 337 |
1 files changed, 168 insertions, 169 deletions
diff --git a/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java b/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java index 7cef59237..19c890626 100644 --- a/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java +++ b/pki/base/util/src/netscape/security/x509/KeyUsageExtension.java @@ -30,30 +30,30 @@ import netscape.security.util.DerValue; /** * Represent the Key Usage Extension. - * - * <p>This extension, if present, defines the purpose (e.g., encipherment, - * signature, certificate signing) of the key contained in the certificate. - * The usage restriction might be employed when a multipurpose key is to be - * restricted (e.g., when an RSA key should be used only for signing or only - * for key encipherment). - * + * + * <p> + * This extension, if present, defines the purpose (e.g., encipherment, + * signature, certificate signing) of the key contained in the certificate. The + * usage restriction might be employed when a multipurpose key is to be + * restricted (e.g., when an RSA key should be used only for signing or only for + * key encipherment). + * * @author Amit Kapoor * @author Hemma Prafullchandra * @version 1.9 * @see Extension * @see CertAttrSet */ -public class KeyUsageExtension extends Extension -implements CertAttrSet { +public class KeyUsageExtension extends Extension implements CertAttrSet { /** * */ private static final long serialVersionUID = 2899719374157256708L; /** - * Identifier for this attribute, to be used with the - * get, set, delete methods of Certificate, x509 type. - */ + * Identifier for this attribute, to be used with the get, set, delete + * methods of Certificate, x509 type. + */ public static final String IDENT = "x509.info.extensions.KeyUsage"; /** * Attribute names. @@ -81,19 +81,19 @@ implements CertAttrSet { public static final int NBITS = 9; - public static String[] names = new String[NBITS]; - - static { - names[DIGITAL_SIGNATURE_BIT] = DIGITAL_SIGNATURE; - names[NON_REPUDIATION_BIT] = NON_REPUDIATION; - names[KEY_ENCIPHERMENT_BIT] = KEY_ENCIPHERMENT; - names[DATA_ENCIPHERMENT_BIT] = DATA_ENCIPHERMENT; - names[KEY_AGREEMENT_BIT] = KEY_AGREEMENT; - names[KEY_CERTSIGN_BIT] = KEY_CERTSIGN; - names[CRL_SIGN_BIT] = CRL_SIGN; - names[ENCIPHER_ONLY_BIT] = ENCIPHER_ONLY; - names[DECIPHER_ONLY_BIT] = DECIPHER_ONLY; - } + public static String[] names = new String[NBITS]; + + static { + names[DIGITAL_SIGNATURE_BIT] = DIGITAL_SIGNATURE; + names[NON_REPUDIATION_BIT] = NON_REPUDIATION; + names[KEY_ENCIPHERMENT_BIT] = KEY_ENCIPHERMENT; + names[DATA_ENCIPHERMENT_BIT] = DATA_ENCIPHERMENT; + names[KEY_AGREEMENT_BIT] = KEY_AGREEMENT; + names[KEY_CERTSIGN_BIT] = KEY_CERTSIGN; + names[CRL_SIGN_BIT] = CRL_SIGN; + names[ENCIPHER_ONLY_BIT] = ENCIPHER_ONLY; + names[DECIPHER_ONLY_BIT] = DECIPHER_ONLY; + } // Private data members private boolean[] bitString; @@ -107,12 +107,12 @@ implements CertAttrSet { /** * Check if bit is set. - * + * * @param position the position in the bit string to check. */ private boolean isSet(int position) { - if (bitString.length <= position) - return false; + if (bitString.length <= position) + return false; return bitString[position]; } @@ -120,32 +120,33 @@ implements CertAttrSet { * Set the bit at the specified position. */ private void set(int position, boolean val) { - // enlarge bitString if necessary + // enlarge bitString if necessary if (position >= bitString.length) { - boolean[] tmp = new boolean[position+1]; + boolean[] tmp = new boolean[position + 1]; System.arraycopy(bitString, 0, tmp, 0, bitString.length); bitString = tmp; } - bitString[position] = val; + bitString[position] = val; } /** * Create a KeyUsageExtension with the passed bit settings. The criticality * is set to true. - * + * * @param bitString the bits to be set for the extension. */ - public KeyUsageExtension(boolean critical, byte[] bitString) throws IOException { - this.bitString = - new BitArray(bitString.length*8,bitString).toBooleanArray(); + public KeyUsageExtension(boolean critical, byte[] bitString) + throws IOException { + this.bitString = new BitArray(bitString.length * 8, bitString) + .toBooleanArray(); this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = critical; encodeThis(); } public KeyUsageExtension(byte[] bitString) throws IOException { - this.bitString = - new BitArray(bitString.length*8,bitString).toBooleanArray(); + this.bitString = new BitArray(bitString.length * 8, bitString) + .toBooleanArray(); this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = true; encodeThis(); @@ -154,10 +155,11 @@ implements CertAttrSet { /** * Create a KeyUsageExtension with the passed bit settings. The criticality * is set to true. - * + * * @param bitString the bits to be set for the extension. */ - public KeyUsageExtension(boolean critical, boolean[] bitString) throws IOException { + public KeyUsageExtension(boolean critical, boolean[] bitString) + throws IOException { this.bitString = bitString; this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = critical; @@ -174,7 +176,7 @@ implements CertAttrSet { /** * Create a KeyUsageExtension with the passed bit settings. The criticality * is set to true. - * + * * @param bitString the bits to be set for the extension. */ public KeyUsageExtension(BitArray bitString) throws IOException { @@ -186,29 +188,26 @@ implements CertAttrSet { /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. */ - public KeyUsageExtension(Boolean critical, Object value) - throws IOException { + public KeyUsageExtension(Boolean critical, Object value) throws IOException { this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = critical.booleanValue(); /* - * The following check should be activated again after - * the PKIX profiling work becomes standard and the check - * is not a barrier to interoperability ! - * if (!this.critical) { - * throw new IOException("KeyUsageExtension not marked critical," - * + " invalid profile."); - * } + * The following check should be activated again after the PKIX + * profiling work becomes standard and the check is not a barrier to + * interoperability ! if (!this.critical) { throw new + * IOException("KeyUsageExtension not marked critical," + + * " invalid profile."); } */ int len = Array.getLength(value); - byte[] extValue = new byte[len]; - for (int i = 0; i < len; i++) { - extValue[i] = Array.getByte(value, i); - } + byte[] extValue = new byte[len]; + for (int i = 0; i < len; i++) { + extValue[i] = Array.getByte(value, i); + } this.extensionValue = extValue; DerValue val = new DerValue(extValue); this.bitString = val.getUnalignedBitString().toBooleanArray(); @@ -229,88 +228,88 @@ implements CertAttrSet { public void set(String name, Object obj) throws IOException { clearValue(); if (!(obj instanceof Boolean)) { - throw new IOException("Attribute must be of type Boolean."); - } - boolean val = ((Boolean)obj).booleanValue(); - if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { - set(0,val); - } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { - set(1,val); - } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { - set(2,val); - } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { - set(3,val); - } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { - set(4,val); - } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { - set(5,val); - } else if (name.equalsIgnoreCase(CRL_SIGN)) { - set(6,val); - } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { - set(7,val); - } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { - set(8,val); - } else { - throw new IOException("Attribute name not recognized by" - + " CertAttrSet:KeyUsage."); - } - encodeThis(); + throw new IOException("Attribute must be of type Boolean."); + } + boolean val = ((Boolean) obj).booleanValue(); + if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { + set(0, val); + } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { + set(1, val); + } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { + set(2, val); + } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { + set(3, val); + } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { + set(4, val); + } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { + set(5, val); + } else if (name.equalsIgnoreCase(CRL_SIGN)) { + set(6, val); + } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { + set(7, val); + } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { + set(8, val); + } else { + throw new IOException("Attribute name not recognized by" + + " CertAttrSet:KeyUsage."); + } + encodeThis(); } /** * Get the attribute value. */ public Object get(String name) throws IOException { - if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { - return new Boolean(isSet(0)); - } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { - return new Boolean(isSet(1)); - } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { - return new Boolean(isSet(2)); - } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { - return new Boolean(isSet(3)); - } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { - return new Boolean(isSet(4)); - } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { - return new Boolean(isSet(5)); - } else if (name.equalsIgnoreCase(CRL_SIGN)) { - return new Boolean(isSet(6)); - } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { - return new Boolean(isSet(7)); - } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { - return new Boolean(isSet(8)); - } else { - throw new IOException("Attribute name not recognized by" - + " CertAttrSet:KeyUsage."); - } + if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { + return new Boolean(isSet(0)); + } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { + return new Boolean(isSet(1)); + } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { + return new Boolean(isSet(2)); + } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { + return new Boolean(isSet(3)); + } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { + return new Boolean(isSet(4)); + } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { + return new Boolean(isSet(5)); + } else if (name.equalsIgnoreCase(CRL_SIGN)) { + return new Boolean(isSet(6)); + } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { + return new Boolean(isSet(7)); + } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { + return new Boolean(isSet(8)); + } else { + throw new IOException("Attribute name not recognized by" + + " CertAttrSet:KeyUsage."); + } } /** * Delete the attribute value. */ public void delete(String name) throws IOException { - if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { - set(0,false); - } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { - set(1,false); - } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { - set(2,false); - } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { - set(3,false); - } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { - set(4,false); - } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { - set(5,false); - } else if (name.equalsIgnoreCase(CRL_SIGN)) { - set(6,false); - } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { - set(7,false); - } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { - set(8,false); - } else { - throw new IOException("Attribute name not recognized by" - + " CertAttrSet:KeyUsage."); - } + if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { + set(0, false); + } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { + set(1, false); + } else if (name.equalsIgnoreCase(KEY_ENCIPHERMENT)) { + set(2, false); + } else if (name.equalsIgnoreCase(DATA_ENCIPHERMENT)) { + set(3, false); + } else if (name.equalsIgnoreCase(KEY_AGREEMENT)) { + set(4, false); + } else if (name.equalsIgnoreCase(KEY_CERTSIGN)) { + set(5, false); + } else if (name.equalsIgnoreCase(CRL_SIGN)) { + set(6, false); + } else if (name.equalsIgnoreCase(ENCIPHER_ONLY)) { + set(7, false); + } else if (name.equalsIgnoreCase(DECIPHER_ONLY)) { + set(8, false); + } else { + throw new IOException("Attribute name not recognized by" + + " CertAttrSet:KeyUsage."); + } } /** @@ -319,36 +318,37 @@ implements CertAttrSet { public String toString() { String s = super.toString() + "KeyUsage [\n"; - try { - if (isSet(0)) { - s += " DigitalSignature\n"; - } - if (isSet(1)) { - s += " Non_repudiation\n"; - } - if (isSet(2)) { - s += " Key_Encipherment\n"; - } - if (isSet(3)) { - s += " Data_Encipherment\n"; - } - if (isSet(4)) { - s += " Key_Agreement\n"; - } - if (isSet(5)) { - s += " Key_CertSign\n"; - } - if (isSet(6)) { - s += " Crl_Sign\n"; + try { + if (isSet(0)) { + s += " DigitalSignature\n"; + } + if (isSet(1)) { + s += " Non_repudiation\n"; + } + if (isSet(2)) { + s += " Key_Encipherment\n"; + } + if (isSet(3)) { + s += " Data_Encipherment\n"; + } + if (isSet(4)) { + s += " Key_Agreement\n"; + } + if (isSet(5)) { + s += " Key_CertSign\n"; + } + if (isSet(6)) { + s += " Crl_Sign\n"; + } + if (isSet(7)) { + s += " Encipher_Only\n"; + } + if (isSet(8)) { + s += " Decipher_Only\n"; + } + } catch (ArrayIndexOutOfBoundsException ex) { } - if (isSet(7)) { - s += " Encipher_Only\n"; - } - if (isSet(8)) { - s += " Decipher_Only\n"; - } - } catch (ArrayIndexOutOfBoundsException ex) {} - + s += "]\n"; return (s); @@ -356,7 +356,7 @@ implements CertAttrSet { /** * Decode the extension from the InputStream. - * + * * @param in the InputStream to unmarshal the contents from. * @exception IOException on decoding or validity errors. */ @@ -366,27 +366,27 @@ implements CertAttrSet { /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ public void encode(OutputStream out) throws IOException { - DerOutputStream tmp = new DerOutputStream(); - - if (this.extensionValue == null) { - this.extensionId = PKIXExtensions.KeyUsage_Id; - this.critical = true; - encodeThis(); - } - super.encode(tmp); - out.write(tmp.toByteArray()); + DerOutputStream tmp = new DerOutputStream(); + + if (this.extensionValue == null) { + this.extensionId = PKIXExtensions.KeyUsage_Id; + this.critical = true; + encodeThis(); + } + super.encode(tmp); + out.write(tmp.toByteArray()); } /** * Return an enumeration of names of attributes existing within this * attribute. */ - public Enumeration<String> getElements () { + public Enumeration<String> getElements() { Vector<String> elements = new Vector<String>(); elements.addElement(DIGITAL_SIGNATURE); elements.addElement(NON_REPUDIATION); @@ -398,18 +398,17 @@ implements CertAttrSet { elements.addElement(ENCIPHER_ONLY); elements.addElement(DECIPHER_ONLY); - return (elements.elements()); + return (elements.elements()); } - public boolean[] getBits() { - return (boolean[]) bitString.clone(); + return (boolean[]) bitString.clone(); } /** * Return the name of this attribute. */ - public String getName () { + public String getName() { return (NAME); } } |