diff options
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java')
-rw-r--r-- | pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java | 203 |
1 files changed, 96 insertions, 107 deletions
diff --git a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java index 51b7001e9..41300364c 100644 --- a/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java +++ b/pki/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java @@ -35,7 +35,7 @@ import org.mozilla.jss.asn1.ASN1Util; /** * A critical CRL extension that identifies the CRL distribution point * for a particular CRL - * + * * <pre> * issuingDistributionPoint ::= SEQUENCE { * distributionPoint [0] DistributionPointName OPTIONAL, @@ -43,11 +43,11 @@ import org.mozilla.jss.asn1.ASN1Util; * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, * onlySomeReasons [3] ReasonFlags OPTIONAL, * indirectCRL [4] BOOLEAN DEFAULT FALSE } - * + * * DistributionPointName ::= CHOICE { * fullName [0] GeneralNames, * nameRelativeToCRLIssuer [1] RelativeDistinguishedName } - * + * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), @@ -56,9 +56,9 @@ import org.mozilla.jss.asn1.ASN1Util; * superseded (4), * cessationOfOperation (5), * certificateHold (6) } - * + * * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName - * + * * GeneralName ::= CHOICE { * otherName [0] OtherName, * rfc822Name [1] IA5String, @@ -69,30 +69,29 @@ import org.mozilla.jss.asn1.ASN1Util; * uniformResourceIdentifier [6] IA5String, * iPAddress [7] OCTET STRING, * registeredID [8] OBJECT IDENTIFIER} - * + * * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } - * + * * EDIPartyName ::= SEQUENCE { * nameAssigner [0] DirectoryString OPTIONAL, * partyName [1] DirectoryString } - * + * * RelativeDistinguishedName ::= * SET OF AttributeTypeAndValue - * + * * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, * value AttributeValue } - * + * * AttributeType ::= OBJECT IDENTIFIER - * + * * AttributeValue ::= ANY DEFINED BY AttributeType * </pre> */ public class IssuingDistributionPointExtension extends Extension - implements CertAttrSet -{ + implements CertAttrSet { /** * */ @@ -113,27 +112,26 @@ public class IssuingDistributionPointExtension extends Extension private IssuingDistributionPoint issuingDistributionPoint = null; // Cached DER-encoding to improve performance. - private byte[] cachedEncoding=null; - + private byte[] cachedEncoding = null; static { try { OIDMap.addAttribute(IssuingDistributionPointExtension.class.getName(), OID, NAME); - } catch (CertificateException e) {} + } catch (CertificateException e) { + } } - /** * This constructor is very important, since it will be called * by the system. */ public IssuingDistributionPointExtension(Boolean critical, Object value) - throws IOException { + throws IOException { this.extensionId = PKIXExtensions.IssuingDistributionPoint_Id; this.critical = critical.booleanValue(); - this.extensionValue = (byte[])((byte[])value).clone(); + this.extensionValue = (byte[]) ((byte[]) value).clone(); byte[] extValue = this.extensionValue; issuingDistributionPoint = new IssuingDistributionPoint(); @@ -147,14 +145,14 @@ public class IssuingDistributionPointExtension extends Extension if (opt != null) { for (int i = 0; i < 5; i++) { - if (opt.isContextSpecific((byte)i)) { + if (opt.isContextSpecific((byte) i)) { if ((i == 0 && opt.isConstructed() && opt.data.available() != 0) || - (i != 0 && (!opt.isConstructed()) && opt.data.available() != 0)) { + (i != 0 && (!opt.isConstructed()) && opt.data.available() != 0)) { if (i == 0) { DerValue opt1 = opt.data.getDerValue(); if (opt1 != null) { - if (opt1.isContextSpecific((byte)0)) { + if (opt1.isContextSpecific((byte) 0)) { if (opt1.isConstructed() && opt1.data.available() != 0) { opt1.resetTag(DerValue.tag_Sequence); @@ -164,15 +162,15 @@ public class IssuingDistributionPointExtension extends Extension issuingDistributionPoint.setFullName(fullName); } } catch (GeneralNamesException e) { - throw new IOException("Invalid encoding of IssuingDistributionPoint "+e); + throw new IOException("Invalid encoding of IssuingDistributionPoint " + e); } catch (IOException e) { - throw new IOException("Invalid encoding of IssuingDistributionPoint "+e); + throw new IOException("Invalid encoding of IssuingDistributionPoint " + e); } } else { throw new IOException("Invalid encoding of IssuingDistributionPoint"); } - } else if (opt1.isContextSpecific((byte)1)) { + } else if (opt1.isContextSpecific((byte) 1)) { if (opt1.isConstructed() && opt1.data.available() != 0) { opt1.resetTag(DerValue.tag_Set); @@ -182,7 +180,7 @@ public class IssuingDistributionPointExtension extends Extension issuingDistributionPoint.setRelativeName(relativeName); } } catch (IOException e) { - throw new IOException("Invalid encoding of IssuingDistributionPoint "+e); + throw new IOException("Invalid encoding of IssuingDistributionPoint " + e); } } else { throw new IOException("Invalid encoding of IssuingDistributionPoint"); @@ -197,7 +195,7 @@ public class IssuingDistributionPointExtension extends Extension issuingDistributionPoint.setOnlySomeReasons(reasons); byte[] a = reasons.toByteArray(); } catch (IOException e) { - throw new IOException("Invalid encoding of IssuingDistributionPoint "+e); + throw new IOException("Invalid encoding of IssuingDistributionPoint " + e); } } else { @@ -212,7 +210,7 @@ public class IssuingDistributionPointExtension extends Extension issuingDistributionPoint.setIndirectCRL(b); } } catch (IOException e) { - throw new IOException("Invalid encoding of IssuingDistributionPoint "+e); + throw new IOException("Invalid encoding of IssuingDistributionPoint " + e); } } } else { @@ -227,7 +225,6 @@ public class IssuingDistributionPointExtension extends Extension } - /** * Creates a new IssuingDistributionPoint extension, with the given * issuing distribution point as the first element. @@ -245,17 +242,17 @@ public class IssuingDistributionPointExtension extends Extension return issuingDistributionPoint; } - /** - * Sets the criticality of this extension. PKIX dictates that this + /** + * Sets the criticality of this extension. PKIX dictates that this * extension SHOULD be critical, so applications can make it not critical - * if they have a very good reason. By default, the extension is critical. + * if they have a very good reason. By default, the extension is critical. */ public void setCritical(boolean critical) { this.critical = critical; } - /** - * Gets the criticality of this extension. PKIX dictates that this + /** + * Gets the criticality of this extension. PKIX dictates that this * extension SHOULD be critical, so by default, the extension is critical. */ public boolean getCritical(boolean critical) { @@ -292,9 +289,8 @@ public class IssuingDistributionPointExtension extends Extension * DER-encodes this extension to the given OutputStream. */ public void encode(OutputStream ostream) - throws CertificateException, IOException - { - if( cachedEncoding == null ) { + throws CertificateException, IOException { + if (cachedEncoding == null) { // only re-encode if necessary DerOutputStream tmp = new DerOutputStream(); encode(tmp); @@ -304,44 +300,40 @@ public class IssuingDistributionPointExtension extends Extension } public void decode(InputStream in) - throws CertificateException, IOException - { + throws CertificateException, IOException { throw new IOException("Not supported"); } public void set(String name, Object obj) - throws CertificateException, IOException - { + throws CertificateException, IOException { if (name.equalsIgnoreCase(ISSUING_DISTRIBUTION_POINT)) { if (!(obj instanceof IssuingDistributionPoint)) { throw new IOException("Attribute value should be of type IssuingDistributionPoint."); } - issuingDistributionPoint = (IssuingDistributionPoint)obj; + issuingDistributionPoint = (IssuingDistributionPoint) obj; } else { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:IssuingDistributionPointExtension"); + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:IssuingDistributionPointExtension"); } } public Object get(String name) - throws CertificateException, IOException - { + throws CertificateException, IOException { if (name.equalsIgnoreCase(ISSUING_DISTRIBUTION_POINT)) { return issuingDistributionPoint; } else { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:IssuingDistributionPointExtension"); + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:IssuingDistributionPointExtension"); } } public void delete(String name) - throws CertificateException, IOException - { + throws CertificateException, IOException { if (name.equalsIgnoreCase(ISSUING_DISTRIBUTION_POINT)) { issuingDistributionPoint = null; } else { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:IssuingDistributionPointExtension"); + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:IssuingDistributionPointExtension"); } } @@ -349,10 +341,9 @@ public class IssuingDistributionPointExtension extends Extension Vector<String> elements = new Vector<String>(); elements.addElement(ISSUING_DISTRIBUTION_POINT); return (elements.elements()); -// return (new Vector()).elements(); + // return (new Vector()).elements(); } - public String getName() { return NAME; } @@ -362,61 +353,59 @@ public class IssuingDistributionPointExtension extends Extension */ public static void main(String args[]) { - try { + try { - if( args.length != 1 ) { - System.out.println("Usage: IssuingDistributionPointExtension "+ - "<outfile>"); - System.exit(-1); - } + if (args.length != 1) { + System.out.println("Usage: IssuingDistributionPointExtension " + + "<outfile>"); + System.exit(-1); + } - BufferedOutputStream bos = new BufferedOutputStream( - new FileOutputStream(args[0]) ); - - - // URI only - IssuingDistributionPoint idp = new IssuingDistributionPoint(); - URIName uri = new URIName("http://www.mycrl.com/go/here"); - GeneralNames generalNames = new GeneralNames(); - generalNames.addElement(uri); - idp.setFullName(generalNames); - IssuingDistributionPointExtension idpExt = - new IssuingDistributionPointExtension(idp); - - // DN only - idp = new IssuingDistributionPoint(); - X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org"+ - ",OU=Certificate Server,O=Fedora,C=US"); - generalNames = new GeneralNames(); - generalNames.addElement(dn); - idp.setFullName(generalNames); - idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); - - // DN + reason - BitArray ba = new BitArray(5, new byte[] {(byte)0x28} ); - idp = new IssuingDistributionPoint(); - idp.setFullName(generalNames); - idp.setOnlySomeReasons(ba); - idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); - - - // relative DN + reason + crlIssuer - idp = new IssuingDistributionPoint(); - RDN rdn = new RDN("OU=foobar dept"); - idp.setRelativeName(rdn); - idp.setOnlySomeReasons(ba); - idp.setOnlyContainsCACerts(true); - idp.setOnlyContainsUserCerts(true); - idp.setIndirectCRL(true); - idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); - - idpExt.setCritical(false); - idpExt.encode(bos); - - bos.close(); - - } catch(Exception e) { + BufferedOutputStream bos = new BufferedOutputStream( + new FileOutputStream(args[0])); + + // URI only + IssuingDistributionPoint idp = new IssuingDistributionPoint(); + URIName uri = new URIName("http://www.mycrl.com/go/here"); + GeneralNames generalNames = new GeneralNames(); + generalNames.addElement(uri); + idp.setFullName(generalNames); + IssuingDistributionPointExtension idpExt = + new IssuingDistributionPointExtension(idp); + + // DN only + idp = new IssuingDistributionPoint(); + X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + + ",OU=Certificate Server,O=Fedora,C=US"); + generalNames = new GeneralNames(); + generalNames.addElement(dn); + idp.setFullName(generalNames); + idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); + + // DN + reason + BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 }); + idp = new IssuingDistributionPoint(); + idp.setFullName(generalNames); + idp.setOnlySomeReasons(ba); + idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); + + // relative DN + reason + crlIssuer + idp = new IssuingDistributionPoint(); + RDN rdn = new RDN("OU=foobar dept"); + idp.setRelativeName(rdn); + idp.setOnlySomeReasons(ba); + idp.setOnlyContainsCACerts(true); + idp.setOnlyContainsUserCerts(true); + idp.setIndirectCRL(true); + idpExt.set(IssuingDistributionPointExtension.ISSUING_DISTRIBUTION_POINT, idp); + + idpExt.setCritical(false); + idpExt.encode(bos); + + bos.close(); + + } catch (Exception e) { e.printStackTrace(); - } + } } } |