From 32150d3ee32f8ac27118af7c792794b538c78a2f Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Wed, 7 Dec 2011 16:58:12 -0500 Subject: Formatting Formatted project according to eclipse project settings --- .../security/x509/FreshestCRLExtension.java | 352 ++++++++++----------- 1 file changed, 168 insertions(+), 184 deletions(-) (limited to 'pki/base/util/src/netscape/security/x509/FreshestCRLExtension.java') diff --git a/pki/base/util/src/netscape/security/x509/FreshestCRLExtension.java b/pki/base/util/src/netscape/security/x509/FreshestCRLExtension.java index ac8e2504f..409a5fe90 100644 --- a/pki/base/util/src/netscape/security/x509/FreshestCRLExtension.java +++ b/pki/base/util/src/netscape/security/x509/FreshestCRLExtension.java @@ -35,22 +35,21 @@ import org.mozilla.jss.asn1.InvalidBERException; import org.mozilla.jss.asn1.SEQUENCE; /** - * An extension that tells applications where to find - * the latest (freshest) delta CRL for this certificate - * or full CRL. - * + * An extension that tells applications where to find the latest (freshest) + * delta CRL for this certificate or full CRL. + * * 
  * cRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
+ * 
  * DistributionPoint ::= SEQUENCE {
  *      distributionPoint       [0]     DistributionPointName OPTIONAL,
  *      reasons                 [1]     ReasonFlags OPTIONAL,
  *      cRLIssuer               [2]     GeneralNames OPTIONAL }
- *
+ * 
  * DistributionPointName ::= CHOICE {
  *      fullName                [0]     GeneralNames,
  *      nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- *
+ * 
  * ReasonFlags ::= BIT STRING {
  *      unused                  (0),
  *      keyCompromise           (1),
@@ -61,9 +60,7 @@ import org.mozilla.jss.asn1.SEQUENCE;
  *      certificateHold         (6) }
  *
*/ -public class FreshestCRLExtension extends Extension - implements CertAttrSet -{ +public class FreshestCRLExtension extends Extension implements CertAttrSet { /** * @@ -73,13 +70,13 @@ public class FreshestCRLExtension extends Extension // vector of CRLDistributionPoint private SEQUENCE distributionPoints = new SEQUENCE(); - public FreshestCRLExtension() { + public FreshestCRLExtension() { this.extensionId = PKIXExtensions.FreshestCRL_Id; this.critical = false; } // Cached DER-encoding to improve performance. - private byte[] cachedEncoding=null; + private byte[] cachedEncoding = null; // Attribute name public static final String NAME = "FreshestCRL"; @@ -89,9 +86,9 @@ public class FreshestCRLExtension extends Extension static { try { - OIDMap.addAttribute(FreshestCRLExtension.class.getName(), - OID, NAME); - } catch (CertificateException e) {} + OIDMap.addAttribute(FreshestCRLExtension.class.getName(), OID, NAME); + } catch (CertificateException e) { + } } /** @@ -100,34 +97,34 @@ public class FreshestCRLExtension extends Extension * extension. */ public FreshestCRLExtension(Boolean critical, Object value) - //throws IOException + // throws IOException { - try { - this.extensionId = PKIXExtensions.FreshestCRL_Id; - this.critical = critical.booleanValue(); - this.extensionValue = (byte[])((byte[])value).clone(); - - // decode the value try { - SEQUENCE.OF_Template seqOfCRLDP = - new SEQUENCE.OF_Template( CRLDistributionPoint.getTemplate() ); - - distributionPoints = - (SEQUENCE) ASN1Util.decode( seqOfCRLDP, extensionValue ); - } catch(InvalidBERException e) { - throw new IOException("Invalid BER-encoding: " + e.toString()); + this.extensionId = PKIXExtensions.FreshestCRL_Id; + this.critical = critical.booleanValue(); + this.extensionValue = (byte[]) ((byte[]) value).clone(); + + // decode the value + try { + SEQUENCE.OF_Template seqOfCRLDP = new SEQUENCE.OF_Template( + CRLDistributionPoint.getTemplate()); + + distributionPoints = (SEQUENCE) ASN1Util.decode(seqOfCRLDP, + extensionValue); + } catch (InvalidBERException e) { + throw new IOException("Invalid BER-encoding: " + e.toString()); + } + } catch (IOException e) { + System.out.println("Big error"); + System.out.println(e); + e.printStackTrace(); + // throw e; } - } catch(IOException e) { - System.out.println("Big error"); - System.out.println(e); - e.printStackTrace(); - //throw e; - } } /** - * Creates a new FreshestCRL extension, with the given - * distribution point as the first element. + * Creates a new FreshestCRL extension, with the given distribution point as + * the first element. */ public FreshestCRLExtension(CRLDistributionPoint dp) { this.extensionId = PKIXExtensions.FreshestCRL_Id; @@ -157,20 +154,18 @@ public class FreshestCRLExtension extends Extension return (CRLDistributionPoint) distributionPoints.elementAt(index); } - /** - * Sets the criticality of this extension. PKIX dictates that this - * extension SHOULD NOT be critical, so applications can make it critical - * if they have a very good reason. By default, the extension is not - * critical. + /** + * Sets the criticality of this extension. PKIX dictates that this extension + * SHOULD NOT be critical, so applications can make it critical if they have + * a very good reason. By default, the extension is not critical. */ public void setCritical(boolean critical) { this.critical = critical; } /** - * Encodes this extension to the given DerOutputStream. - * This method re-encodes each time it is called, so it is not very - * efficient. + * Encodes this extension to the given DerOutputStream. This method + * re-encodes each time it is called, so it is not very efficient. */ public void encode(DerOutputStream out) throws IOException { extensionValue = ASN1Util.encode(distributionPoints); @@ -178,19 +173,19 @@ public class FreshestCRLExtension extends Extension } /** - * Should be called if any change is made to this data structure - * so that the cached DER encoding can be discarded. + * Should be called if any change is made to this data structure so that the + * cached DER encoding can be discarded. */ public void flushCachedEncoding() { cachedEncoding = null; } - ///////////////////////////////////////////////////////////// + // /////////////////////////////////////////////////////////// // CertAttrSet interface // This interface is not really appropriate for this extension // because it is so complicated. Therefore, we only provide a // minimal implementation. - ///////////////////////////////////////////////////////////// + // /////////////////////////////////////////////////////////// public String toString() { return NAME; } @@ -198,10 +193,9 @@ public class FreshestCRLExtension extends Extension /** * DER-encodes this extension to the given OutputStream. */ - public void encode(OutputStream ostream) - throws CertificateException, IOException - { - if( cachedEncoding == null ) { + public void encode(OutputStream ostream) throws CertificateException, + IOException { + if (cachedEncoding == null) { // only re-encode if necessary DerOutputStream tmp = new DerOutputStream(); encode(tmp); @@ -210,38 +204,30 @@ public class FreshestCRLExtension extends Extension ostream.write(cachedEncoding); } - public void decode(InputStream in) - throws CertificateException, IOException - { + public void decode(InputStream in) throws CertificateException, IOException { throw new IOException("Not supported"); } - public void set(String name, Object obj) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:FreshestCRLExtension"); + public void set(String name, Object obj) throws CertificateException, + IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:FreshestCRLExtension"); } - public Object get(String name) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:FreshestCRLExtension"); + public Object get(String name) throws CertificateException, IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:FreshestCRLExtension"); } - public void delete(String name) - throws CertificateException, IOException - { - throw new IOException("Attribute name not recognized by " + - "CertAttrSet:FreshestCRLExtension"); + public void delete(String name) throws CertificateException, IOException { + throw new IOException("Attribute name not recognized by " + + "CertAttrSet:FreshestCRLExtension"); } public Enumeration getElements() { return (new Vector()).elements(); } - public String getName() { return NAME; } @@ -251,64 +237,61 @@ public class FreshestCRLExtension extends Extension */ public static void main(String args[]) { - try { - - if( args.length != 1 ) { - System.out.println("Usage: FreshestCRLExtentions "+ - ""); - System.exit(-1); - } + try { - BufferedOutputStream bos = new BufferedOutputStream( - new FileOutputStream(args[0]) ); - - - // URI only - CRLDistributionPoint cdp = new CRLDistributionPoint(); - URIName uri = new URIName("http://www.mycrl.com/go/here"); - GeneralNames generalNames = new GeneralNames(); - generalNames.addElement(uri); - cdp.setFullName(generalNames); - FreshestCRLExtension crldpExt = - new FreshestCRLExtension(cdp); - - // DN only - cdp = new CRLDistributionPoint(); - X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org"+ - ",OU=Certificate Server,O=Fedora,C=US"); - generalNames = new GeneralNames(); - generalNames.addElement(dn); - cdp.setFullName(generalNames); - crldpExt.addPoint(cdp); - - // DN + reason - BitArray ba = new BitArray(5, new byte[] {(byte)0x28} ); - cdp = new CRLDistributionPoint(); - cdp.setFullName(generalNames); - cdp.setReasons(ba); - crldpExt.addPoint(cdp); - - - // relative DN + reason + crlIssuer - cdp = new CRLDistributionPoint(); - RDN rdn = new RDN("OU=foobar dept"); - cdp.setRelativeName(rdn); - cdp.setReasons(ba); - cdp.setCRLIssuer(generalNames); - crldpExt.addPoint(cdp); - - crldpExt.setCritical(true); - crldpExt.encode(bos); - - bos.close(); - - } catch(Exception e) { + if (args.length != 1) { + System.out.println("Usage: FreshestCRLExtentions " + + ""); + System.exit(-1); + } + + BufferedOutputStream bos = new BufferedOutputStream( + new FileOutputStream(args[0])); + + // URI only + CRLDistributionPoint cdp = new CRLDistributionPoint(); + URIName uri = new URIName("http://www.mycrl.com/go/here"); + GeneralNames generalNames = new GeneralNames(); + generalNames.addElement(uri); + cdp.setFullName(generalNames); + FreshestCRLExtension crldpExt = new FreshestCRLExtension(cdp); + + // DN only + cdp = new CRLDistributionPoint(); + X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + + ",OU=Certificate Server,O=Fedora,C=US"); + generalNames = new GeneralNames(); + generalNames.addElement(dn); + cdp.setFullName(generalNames); + crldpExt.addPoint(cdp); + + // DN + reason + BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 }); + cdp = new CRLDistributionPoint(); + cdp.setFullName(generalNames); + cdp.setReasons(ba); + crldpExt.addPoint(cdp); + + // relative DN + reason + crlIssuer + cdp = new CRLDistributionPoint(); + RDN rdn = new RDN("OU=foobar dept"); + cdp.setRelativeName(rdn); + cdp.setReasons(ba); + cdp.setCRLIssuer(generalNames); + crldpExt.addPoint(cdp); + + crldpExt.setCritical(true); + crldpExt.encode(bos); + + bos.close(); + + } catch (Exception e) { e.printStackTrace(); - } + } } - /** - * Represents a reason that a cert may be revoked. These reasons are + /** + * Represents a reason that a cert may be revoked. These reasons are * expressed in a ReasonFlags bit string. */ public static class Reason { @@ -316,16 +299,18 @@ public class FreshestCRLExtension extends Extension private String name; private byte bitMask; - private Reason() { } + private Reason() { + } + private Reason(String name, byte bitMask) { this.name = name; this.bitMask = bitMask; map.put(name, this); - list.addElement(this); + list.addElement(this); } private static Hashtable map = new Hashtable(); - private static Vector list = new Vector(); + private static Vector list = new Vector(); public static Reason fromString(String name) { return (Reason) map.get(name); @@ -339,61 +324,60 @@ public class FreshestCRLExtension extends Extension return bitMask; } - /** - * Given a bit array representing reason flags, extracts the reasons - * and returns them as an array. - * - * @param bitFlags A bit vector containing reason flags. - * @return An array of reasons contained in the bit vector. - * May be zero-length but will not be null. - */ - public static Reason[] bitArrayToReasonArray(byte bitFlags) { - return bitArrayToReasonArray( new byte[] { bitFlags } ); - } - - /** - * Given a bit array representing reason flags, extracts the reasons - * and returns them as an array. Currently, only the first byte - * of the bitflags are examined. - * - * @param bitFlags A bit vector containing reason flags. The format - * is big-endian (MSB first). Only the first byte is examined. - * @return An array of reasons contained in the bit vector. - * May be zero-length but will not be null. - */ - public static Reason[] bitArrayToReasonArray(byte[] bitFlags) { - byte first = bitFlags[0]; - int size = list.size(); - Vector result = new Vector(); - for(int i = 0; i < size; i++) { - Reason r = (Reason) list.elementAt(i); - byte b = r.getBitMask(); - if( (first & b) != 0 ) { - result.addElement(r); - } - } - size = result.size(); - Reason[] retval = new Reason[size]; - for(int i=0; i < size; i++) { - retval[i] = (Reason) result.elementAt(i); - } - return retval; - } - - public static final Reason UNUSED = - new Reason("unused", (byte) 0x80); - public static final Reason KEY_COMPROMISE = - new Reason("keyCompromise", (byte) 0x40); - public static final Reason CA_COMPROMISE = - new Reason("cACompromise", (byte) 0x20); - public static final Reason AFFILIATION_CHANGED = - new Reason("affiliationChanged", (byte) 0x10); - public static final Reason SUPERSEDED = - new Reason("superseded", (byte) 0x08); - public static final Reason CESSATION_OF_OPERATION = - new Reason("cessationOfOperation", (byte) 0x04); - public static final Reason CERTIFICATE_HOLD = - new Reason("certificateHold", (byte) 0x02); + /** + * Given a bit array representing reason flags, extracts the reasons and + * returns them as an array. + * + * @param bitFlags A bit vector containing reason flags. + * @return An array of reasons contained in the bit vector. May be + * zero-length but will not be null. + */ + public static Reason[] bitArrayToReasonArray(byte bitFlags) { + return bitArrayToReasonArray(new byte[] { bitFlags }); + } + + /** + * Given a bit array representing reason flags, extracts the reasons and + * returns them as an array. Currently, only the first byte of the + * bitflags are examined. + * + * @param bitFlags A bit vector containing reason flags. The format is + * big-endian (MSB first). Only the first byte is examined. + * @return An array of reasons contained in the bit vector. May be + * zero-length but will not be null. + */ + public static Reason[] bitArrayToReasonArray(byte[] bitFlags) { + byte first = bitFlags[0]; + int size = list.size(); + Vector result = new Vector(); + for (int i = 0; i < size; i++) { + Reason r = (Reason) list.elementAt(i); + byte b = r.getBitMask(); + if ((first & b) != 0) { + result.addElement(r); + } + } + size = result.size(); + Reason[] retval = new Reason[size]; + for (int i = 0; i < size; i++) { + retval[i] = (Reason) result.elementAt(i); + } + return retval; + } + + public static final Reason UNUSED = new Reason("unused", (byte) 0x80); + public static final Reason KEY_COMPROMISE = new Reason("keyCompromise", + (byte) 0x40); + public static final Reason CA_COMPROMISE = new Reason("cACompromise", + (byte) 0x20); + public static final Reason AFFILIATION_CHANGED = new Reason( + "affiliationChanged", (byte) 0x10); + public static final Reason SUPERSEDED = new Reason("superseded", + (byte) 0x08); + public static final Reason CESSATION_OF_OPERATION = new Reason( + "cessationOfOperation", (byte) 0x04); + public static final Reason CERTIFICATE_HOLD = new Reason( + "certificateHold", (byte) 0x02); } } -- cgit