summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java97
1 files changed, 45 insertions, 52 deletions
diff --git a/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java b/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
index 494de7992..4cdb0bdc0 100644
--- a/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
+++ b/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.crl;
+
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
@@ -42,42 +43,43 @@ import com.netscape.certsrv.ca.ICertificateAuthority;
import com.netscape.certsrv.common.NameValuePairs;
import com.netscape.certsrv.logging.ILogger;
+
/**
* This represents an authority key identifier extension.
- *
+ *
* @version $Revision$, $Date$
*/
-public class CMSAuthorityKeyIdentifierExtension implements ICMSCRLExtension,
- IExtendedPluginInfo {
+public class CMSAuthorityKeyIdentifierExtension
+ implements ICMSCRLExtension, IExtendedPluginInfo {
private ILogger mLogger = CMS.getLogger();
public CMSAuthorityKeyIdentifierExtension() {
}
- public Extension setCRLExtensionCriticality(Extension ext, boolean critical) {
+ public Extension setCRLExtensionCriticality(Extension ext,
+ boolean critical) {
AuthorityKeyIdentifierExtension authKeyIdExt = null;
KeyIdentifier keyId = null;
GeneralNames names = null;
SerialNumber sn = null;
try {
- keyId = (KeyIdentifier) ((AuthorityKeyIdentifierExtension) ext)
- .get(AuthorityKeyIdentifierExtension.KEY_ID);
- names = (GeneralNames) ((AuthorityKeyIdentifierExtension) ext)
- .get(AuthorityKeyIdentifierExtension.AUTH_NAME);
- sn = (SerialNumber) ((AuthorityKeyIdentifierExtension) ext)
- .get(AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId,
- names, sn);
+ keyId = (KeyIdentifier) ((AuthorityKeyIdentifierExtension) ext).get(
+ AuthorityKeyIdentifierExtension.KEY_ID);
+ names = (GeneralNames) ((AuthorityKeyIdentifierExtension) ext).get(
+ AuthorityKeyIdentifierExtension.AUTH_NAME);
+ sn = (SerialNumber) ((AuthorityKeyIdentifierExtension) ext).get(
+ AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId, names, sn);
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
}
return authKeyIdExt;
}
- public Extension getCRLExtension(IConfigStore config, Object ip,
- boolean critical) {
+ public Extension getCRLExtension(IConfigStore config,
+ Object ip,
+ boolean critical) {
AuthorityKeyIdentifierExtension authKeyIdExt = null;
ICRLIssuingPoint crlIssuingPoint = (ICRLIssuingPoint) ip;
@@ -85,58 +87,48 @@ public class CMSAuthorityKeyIdentifierExtension implements ICMSCRLExtension,
KeyIdentifier keyId = null;
try {
- X509CertInfo info = (X509CertInfo) ((ICertificateAuthority) crlIssuingPoint
- .getCertificateAuthority()).getCACert().get(
+ X509CertInfo info = (X509CertInfo)
+ ((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getCACert().get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
if (info != null) {
- CertificateExtensions caCertExtensions = (CertificateExtensions) info
- .get(X509CertInfo.EXTENSIONS);
+ CertificateExtensions caCertExtensions = (CertificateExtensions)
+ info.get(X509CertInfo.EXTENSIONS);
if (caCertExtensions != null) {
for (int i = 0; i < caCertExtensions.size(); i++) {
- Extension caCertExt = (Extension) caCertExtensions
- .elementAt(i);
+ Extension caCertExt = (Extension) caCertExtensions.elementAt(i);
if (caCertExt instanceof SubjectKeyIdentifierExtension) {
- SubjectKeyIdentifierExtension id = (SubjectKeyIdentifierExtension) caCertExt;
+ SubjectKeyIdentifierExtension id =
+ (SubjectKeyIdentifierExtension) caCertExt;
- keyId = (KeyIdentifier) id
- .get(SubjectKeyIdentifierExtension.KEY_ID);
+ keyId = (KeyIdentifier)
+ id.get(SubjectKeyIdentifierExtension.KEY_ID);
}
}
}
}
} catch (CertificateParsingException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CRL_CERT_PARSING_ERROR",
- e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CERT_PARSING_ERROR", e.toString()));
} catch (CertificateException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CRL_CERT_CERT_EXCEPTION",
- e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CERT_CERT_EXCEPTION", e.toString()));
}
if (keyId != null) {
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical,
- keyId, null, null);
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId, null, null);
} else {
GeneralNames gNames = new GeneralNames();
- gNames.addElement(((ICertificateAuthority) crlIssuingPoint
- .getCertificateAuthority()).getX500Name());
+ gNames.addElement(((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getX500Name());
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical,
- null, gNames, new SerialNumber(
- ((ICertificateAuthority) crlIssuingPoint
- .getCertificateAuthority()).getCACert()
- .getSerialNumber()));
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, null, gNames,
+ new SerialNumber(((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getCACert().getSerialNumber()));
}
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
}
return authKeyIdExt;
@@ -151,22 +143,23 @@ public class CMSAuthorityKeyIdentifierExtension implements ICMSCRLExtension,
public String[] getExtendedPluginInfo(Locale locale) {
String[] params = {
- // "type;choice(CRLExtension,CRLEntryExtension);CRL Extension Type. "+
- // "This field is not editable.",
+ //"type;choice(CRLExtension,CRLEntryExtension);CRL Extension Type. "+
+ //"This field is not editable.",
"enable;boolean;Check to enable Authority Key Identifier CRL extension.",
"critical;boolean;Set criticality for Authority Key Identifier CRL extension.",
- IExtendedPluginInfo.HELP_TOKEN
- + ";configuration-ca-edit-crlextension-authoritykeyidentifier",
- IExtendedPluginInfo.HELP_TEXT
- + ";The authority key identifier extension provides a means "
- + "of identifying the public key corresponding to the private "
- + "key used to sign a CRL." };
+ IExtendedPluginInfo.HELP_TOKEN +
+ ";configuration-ca-edit-crlextension-authoritykeyidentifier",
+ IExtendedPluginInfo.HELP_TEXT +
+ ";The authority key identifier extension provides a means " +
+ "of identifying the public key corresponding to the private " +
+ "key used to sign a CRL."
+ };
return params;
}
private void log(int level, String msg) {
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_CA, level,
- "CMSAuthorityKeyIdentifierExtension - " + msg);
+ "CMSAuthorityKeyIdentifierExtension - " + msg);
}
-}
+}
generated by cgit (git 2.34.1) at 2024-07-04 08:17:09 +0000