diff options
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/RevokedCertImpl.java')
-rwxr-xr-x | pki/base/util/src/netscape/security/x509/RevokedCertImpl.java | 249 |
1 files changed, 121 insertions, 128 deletions
diff --git a/pki/base/util/src/netscape/security/x509/RevokedCertImpl.java b/pki/base/util/src/netscape/security/x509/RevokedCertImpl.java index 99bd1665d..bc022d46b 100755 --- a/pki/base/util/src/netscape/security/x509/RevokedCertImpl.java +++ b/pki/base/util/src/netscape/security/x509/RevokedCertImpl.java @@ -36,10 +36,11 @@ import netscape.security.util.DerValue; import netscape.security.util.ObjectIdentifier; /** - * <p>Abstract class for a revoked certificate in a CRL. - * This class is for each entry in the <code>revokedCertificates</code>, - * so it deals with the inner <em>SEQUENCE</em>. - * The ASN.1 definition for this is: + * <p> + * Abstract class for a revoked certificate in a CRL. This class is for each + * entry in the <code>revokedCertificates</code>, so it deals with the inner + * <em>SEQUENCE</em>. The ASN.1 definition for this is: + * * <pre> * revokedCertificates SEQUENCE OF SEQUENCE { * userCertificate CertificateSerialNumber, @@ -47,11 +48,11 @@ import netscape.security.util.ObjectIdentifier; * crlEntryExtensions Extensions OPTIONAL * -- if present, must be v2 * } OPTIONAL - * + * * CertificateSerialNumber ::= INTEGER - * + * * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension - * + * * Extension ::= SEQUENCE { * extnId OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, @@ -61,13 +62,12 @@ import netscape.security.util.ObjectIdentifier; * -- the extnId object identifier value * } * </pre> - * + * * @author Hemma Prafullchandra * @version 1.6 97/12/10 */ -public class RevokedCertImpl extends RevokedCertificate - implements Serializable{ +public class RevokedCertImpl extends RevokedCertificate implements Serializable { /** * @@ -82,12 +82,13 @@ public class RevokedCertImpl extends RevokedCertificate /** * Default constructor. */ - public RevokedCertImpl() { } + public RevokedCertImpl() { + } /** - * Constructs a revoked certificate entry using the - * serial number and revocation date. - * + * Constructs a revoked certificate entry using the serial number and + * revocation date. + * * @param num the serial number of the revoked certificate. * @param date the Date on which revocation took place. */ @@ -97,43 +98,41 @@ public class RevokedCertImpl extends RevokedCertificate } /** - * Constructs a revoked certificate entry using the - * serial number, revocation date and the entry - * extensions. - * + * Constructs a revoked certificate entry using the serial number, + * revocation date and the entry extensions. + * * @param num the serial number of the revoked certificate. * @param date the Date on which revocation took place. * @param crlEntryExts the extensions for this entry. */ - public RevokedCertImpl(BigInteger num, Date date, - CRLExtensions crlEntryExts) { + public RevokedCertImpl(BigInteger num, Date date, CRLExtensions crlEntryExts) { this.serialNumber = new SerialNumber(num); this.revocationDate = date; this.extensions = crlEntryExts; } - public byte[] getEncoded() throws CRLException { - // XXX NOT IMPLEMENTED - if (revokedCert == null) { - DerOutputStream os = new DerOutputStream(); - try { - encode(os); - } catch (Exception e) { - // revokedCert = null; - } - revokedCert = os.toByteArray(); - } - return revokedCert; - } - - public boolean hasUnsupportedCriticalExtension() { - // XXX NOT IMPLEMENTED - return true; - } + public byte[] getEncoded() throws CRLException { + // XXX NOT IMPLEMENTED + if (revokedCert == null) { + DerOutputStream os = new DerOutputStream(); + try { + encode(os); + } catch (Exception e) { + // revokedCert = null; + } + revokedCert = os.toByteArray(); + } + return revokedCert; + } + + public boolean hasUnsupportedCriticalExtension() { + // XXX NOT IMPLEMENTED + return true; + } /** * Sets extensions for this impl. - * + * * @param crlEntryExts CRLExtensions */ public void setExtensions(CRLExtensions crlEntryExts) { @@ -142,13 +141,13 @@ public class RevokedCertImpl extends RevokedCertificate /** * Unmarshals a revoked certificate from its encoded form. - * + * * @param revokedCert the encoded bytes. * @exception CRLException on parsing errors. * @exception X509ExtensionException on extension handling errors. */ - public RevokedCertImpl(byte[] revokedCert) - throws CRLException, X509ExtensionException { + public RevokedCertImpl(byte[] revokedCert) throws CRLException, + X509ExtensionException { try { DerValue derValue = new DerValue(revokedCert); parse(derValue); @@ -159,22 +158,21 @@ public class RevokedCertImpl extends RevokedCertificate /** * Unmarshals a revoked certificate from its encoded form. - * + * * @param derValue the DER value containing the revoked certificate. * @exception CRLException on parsing errors. * @exception X509ExtensionException on extension handling errors. */ - public RevokedCertImpl(DerValue derValue) - throws CRLException, X509ExtensionException { + public RevokedCertImpl(DerValue derValue) throws CRLException, + X509ExtensionException { parse(derValue); } /** - * Returns true if this revoked certificate entry has - * extensions, otherwise false. - * - * @return true if this CRL entry has extensions, otherwise + * Returns true if this revoked certificate entry has extensions, otherwise * false. + * + * @return true if this CRL entry has extensions, otherwise false. */ public boolean hasExtensions() { if (extensions == null) @@ -185,14 +183,13 @@ public class RevokedCertImpl extends RevokedCertificate /** * Decode a revoked certificate from an input stream. - * - * @param inStrm an input stream holding at least one revoked - * certificate + * + * @param inStrm an input stream holding at least one revoked certificate * @exception CRLException on parsing errors. * @exception X509ExtensionException on extension handling errors. */ - public void decode(InputStream inStrm) - throws CRLException, X509ExtensionException { + public void decode(InputStream inStrm) throws CRLException, + X509ExtensionException { try { DerValue derValue = new DerValue(inStrm); parse(derValue); @@ -203,14 +200,14 @@ public class RevokedCertImpl extends RevokedCertificate /** * Encodes the revoked certificate to an output stream. - * - * @param outStrm an output stream to which the encoded revoked - * certificate is written. + * + * @param outStrm an output stream to which the encoded revoked certificate + * is written. * @exception CRLException on encoding errors. * @exception X509ExtensionException on extension handling errors. */ - public void encode(DerOutputStream outStrm) - throws CRLException, X509ExtensionException { + public void encode(DerOutputStream outStrm) throws CRLException, + X509ExtensionException { try { if (revokedCert == null) { DerOutputStream tmp = new DerOutputStream(); @@ -230,24 +227,24 @@ public class RevokedCertImpl extends RevokedCertificate } outStrm.write(revokedCert); } catch (IOException e) { - throw new CRLException("Encoding error: " + e.toString()); + throw new CRLException("Encoding error: " + e.toString()); } } /** - * Gets the serial number for this RevokedCertificate, - * the <em>userCertificate</em>. - * + * Gets the serial number for this RevokedCertificate, the + * <em>userCertificate</em>. + * * @return the serial number. */ public BigInteger getSerialNumber() { - return ((BigInt)serialNumber.getNumber()).toBigInteger(); + return ((BigInt) serialNumber.getNumber()).toBigInteger(); } /** - * Gets the revocation date for this RevokedCertificate, - * the <em>revocationDate</em>. - * + * Gets the revocation date for this RevokedCertificate, the + * <em>revocationDate</em>. + * * @return the revocation date. */ public Date getRevocationDate() { @@ -256,17 +253,16 @@ public class RevokedCertImpl extends RevokedCertificate /** * Returns extensions for this impl. - * + * * @return the CRLExtensions */ public CRLExtensions getExtensions() { return extensions; } - /** * Returns a printable string of this revoked certificate. - * + * * @return value of this revoked certificate in a printable form. */ public String toString() { @@ -277,81 +273,78 @@ public class RevokedCertImpl extends RevokedCertificate if (extensions != null) { sb.append("\n"); for (int i = 0; i < extensions.size(); i++) - sb.append("Entry Extension[" + i + "]: " + - ((Extension)(extensions.elementAt(i))).toString()); + sb.append("Entry Extension[" + i + "]: " + + ((Extension) (extensions.elementAt(i))).toString()); } sb.append("\n"); return (sb.toString()); } /** - * Gets a Set of the extension(s) marked CRITICAL in the - * RevokedCertificate by OID strings. - * - * @return a set of the extension oid strings in the - * Object that are marked critical. + * Gets a Set of the extension(s) marked CRITICAL in the RevokedCertificate + * by OID strings. + * + * @return a set of the extension oid strings in the Object that are marked + * critical. */ public Set getCriticalExtensionOIDs() { if (extensions == null) return null; Set extSet = new TreeSet(); Extension ex; - for (Enumeration e = extensions.getElements(); - e.hasMoreElements();) { - ex = (Extension)e.nextElement(); - if (ex.isCritical()) - extSet.add(((ObjectIdentifier)ex.getExtensionId()).toString()); - } + for (Enumeration e = extensions.getElements(); e.hasMoreElements();) { + ex = (Extension) e.nextElement(); + if (ex.isCritical()) + extSet.add(((ObjectIdentifier) ex.getExtensionId()).toString()); + } return extSet; } /** * Gets a Set of the extension(s) marked NON-CRITICAL in the * RevokedCertificate by OID strings. - * - * @return a set of the extension oid strings in the - * Object that are marked critical. + * + * @return a set of the extension oid strings in the Object that are marked + * critical. */ public Set getNonCriticalExtensionOIDs() { if (extensions == null) return null; Set extSet = new TreeSet(); Extension ex; - for (Enumeration e = extensions.getElements(); - e.hasMoreElements();) { - ex = (Extension)e.nextElement(); - if ( ! ex.isCritical()) - extSet.add(((ObjectIdentifier)ex.getExtensionId()).toString()); - } + for (Enumeration e = extensions.getElements(); e.hasMoreElements();) { + ex = (Extension) e.nextElement(); + if (!ex.isCritical()) + extSet.add(((ObjectIdentifier) ex.getExtensionId()).toString()); + } return extSet; } /** - * Gets the DER encoded OCTET string for the extension value - * (<em>extnValue</em>) identified by the passed in oid String. - * The <code>oid</code> string is - * represented by a set of positive whole number separated - * by ".", that means,<br> + * Gets the DER encoded OCTET string for the extension value ( + * <em>extnValue</em>) identified by the passed in oid String. The + * <code>oid</code> string is represented by a set of positive whole number + * separated by ".", that means,<br> * <positive whole number>.<positive whole number>.<positive * whole number>.<...> - * + * * @param oid the Object Identifier value for the extension. * @return the DER encoded octet string of the extension value. */ public byte[] getExtensionValue(String oid) { if (extensions == null) return null; - try { - String extAlias = OIDMap.getName(new ObjectIdentifier(oid)); + try { + String extAlias = OIDMap.getName(new ObjectIdentifier(oid)); Extension crlExt = null; if (extAlias == null) { // may be unknown ObjectIdentifier findOID = new ObjectIdentifier(oid); Extension ex = null; ObjectIdentifier inCertOID; - for (Enumeration e=extensions.getElements(); - e.hasMoreElements();) { - ex = (Extension)e.nextElement(); + for (Enumeration e = extensions.getElements(); e + .hasMoreElements();) { + ex = (Extension) e.nextElement(); inCertOID = ex.getExtensionId(); if (inCertOID.equals(findOID)) { crlExt = ex; @@ -360,26 +353,26 @@ public class RevokedCertImpl extends RevokedCertificate } } else crlExt = extensions.get(extAlias); - if (crlExt == null) + if (crlExt == null) return null; - byte[] extData = crlExt.getExtensionValue(); + byte[] extData = crlExt.getExtensionValue(); if (extData == null) return null; - DerOutputStream out = new DerOutputStream(); - out.putOctetString(extData); + DerOutputStream out = new DerOutputStream(); + out.putOctetString(extData); return out.toByteArray(); } catch (Exception e) { return null; - } + } } - private void parse(DerValue derVal) - throws CRLException, X509ExtensionException { + private void parse(DerValue derVal) throws CRLException, + X509ExtensionException { - if (derVal.tag != DerValue.tag_Sequence) { - throw new CRLException("Invalid encoded RevokedCertificate, " + - "starting sequence tag missing."); + if (derVal.tag != DerValue.tag_Sequence) { + throw new CRLException("Invalid encoded RevokedCertificate, " + + "starting sequence tag missing."); } if (derVal.data.available() == 0) throw new CRLException("No data encoded for RevokedCertificates"); @@ -391,55 +384,55 @@ public class RevokedCertImpl extends RevokedCertificate this.serialNumber = new SerialNumber(val); } catch (IOException e) { throw new CRLException("Parsing Serial Number error: " - + e.toString()); + + e.toString()); } // revocationDate try { int nextByte = derVal.data.peekByte(); - if ((byte)nextByte == DerValue.tag_UtcTime) { + if ((byte) nextByte == DerValue.tag_UtcTime) { this.revocationDate = derVal.data.getUTCTime(); - } else if ((byte)nextByte == DerValue.tag_GeneralizedTime) { + } else if ((byte) nextByte == DerValue.tag_GeneralizedTime) { this.revocationDate = derVal.data.getGeneralizedTime(); } else { - throw new CRLException("Invalid encoding for RevokedCertificates"); + throw new CRLException( + "Invalid encoding for RevokedCertificates"); } } catch (IOException e) { throw new CRLException("Parsing Revocation Date error: " - + e.toString()); + + e.toString()); } if (derVal.data.available() == 0) - return; // no extensions + return; // no extensions // crlEntryExtensions try { this.extensions = new CRLExtensions(derVal.toDerInputStream()); } catch (IOException e) { throw new CRLException("Parsing CRL Entry Extensions error: " - + e.toString()); + + e.toString()); } } /** - * Serialization write ... X.509 certificates serialize as - * themselves, and they're parsed when they get read back. - * (Actually they serialize as some type data from the - * serialization subsystem, then the cert data.) + * Serialization write ... X.509 certificates serialize as themselves, and + * they're parsed when they get read back. (Actually they serialize as some + * type data from the serialization subsystem, then the cert data.) */ private synchronized void writeObject(ObjectOutputStream stream) - throws CRLException, X509ExtensionException, IOException { + throws CRLException, X509ExtensionException, IOException { DerOutputStream dos = new DerOutputStream(); encode(dos); dos.derEncode(stream); } /** - * Serialization read ... X.509 certificates serialize as - * themselves, and they're parsed when they get read back. + * Serialization read ... X.509 certificates serialize as themselves, and + * they're parsed when they get read back. */ private synchronized void readObject(ObjectInputStream stream) - throws CRLException, X509ExtensionException, IOException { + throws CRLException, X509ExtensionException, IOException { decode(stream); } |