summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java97
1 files changed, 52 insertions, 45 deletions
diff --git a/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java b/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
index 4cdb0bdc..494de799 100644
--- a/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
+++ b/pki/base/common/src/com/netscape/cms/crl/CMSAuthorityKeyIdentifierExtension.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.crl;
-
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
@@ -43,43 +42,42 @@ import com.netscape.certsrv.ca.ICertificateAuthority;
import com.netscape.certsrv.common.NameValuePairs;
import com.netscape.certsrv.logging.ILogger;
-
/**
* This represents an authority key identifier extension.
- *
+ *
* @version $Revision$, $Date$
*/
-public class CMSAuthorityKeyIdentifierExtension
- implements ICMSCRLExtension, IExtendedPluginInfo {
+public class CMSAuthorityKeyIdentifierExtension implements ICMSCRLExtension,
+ IExtendedPluginInfo {
private ILogger mLogger = CMS.getLogger();
public CMSAuthorityKeyIdentifierExtension() {
}
- public Extension setCRLExtensionCriticality(Extension ext,
- boolean critical) {
+ public Extension setCRLExtensionCriticality(Extension ext, boolean critical) {
AuthorityKeyIdentifierExtension authKeyIdExt = null;
KeyIdentifier keyId = null;
GeneralNames names = null;
SerialNumber sn = null;
try {
- keyId = (KeyIdentifier) ((AuthorityKeyIdentifierExtension) ext).get(
- AuthorityKeyIdentifierExtension.KEY_ID);
- names = (GeneralNames) ((AuthorityKeyIdentifierExtension) ext).get(
- AuthorityKeyIdentifierExtension.AUTH_NAME);
- sn = (SerialNumber) ((AuthorityKeyIdentifierExtension) ext).get(
- AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId, names, sn);
+ keyId = (KeyIdentifier) ((AuthorityKeyIdentifierExtension) ext)
+ .get(AuthorityKeyIdentifierExtension.KEY_ID);
+ names = (GeneralNames) ((AuthorityKeyIdentifierExtension) ext)
+ .get(AuthorityKeyIdentifierExtension.AUTH_NAME);
+ sn = (SerialNumber) ((AuthorityKeyIdentifierExtension) ext)
+ .get(AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId,
+ names, sn);
} catch (IOException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
}
return authKeyIdExt;
}
- public Extension getCRLExtension(IConfigStore config,
- Object ip,
- boolean critical) {
+ public Extension getCRLExtension(IConfigStore config, Object ip,
+ boolean critical) {
AuthorityKeyIdentifierExtension authKeyIdExt = null;
ICRLIssuingPoint crlIssuingPoint = (ICRLIssuingPoint) ip;
@@ -87,48 +85,58 @@ public class CMSAuthorityKeyIdentifierExtension
KeyIdentifier keyId = null;
try {
- X509CertInfo info = (X509CertInfo)
- ((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getCACert().get(
+ X509CertInfo info = (X509CertInfo) ((ICertificateAuthority) crlIssuingPoint
+ .getCertificateAuthority()).getCACert().get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
if (info != null) {
- CertificateExtensions caCertExtensions = (CertificateExtensions)
- info.get(X509CertInfo.EXTENSIONS);
+ CertificateExtensions caCertExtensions = (CertificateExtensions) info
+ .get(X509CertInfo.EXTENSIONS);
if (caCertExtensions != null) {
for (int i = 0; i < caCertExtensions.size(); i++) {
- Extension caCertExt = (Extension) caCertExtensions.elementAt(i);
+ Extension caCertExt = (Extension) caCertExtensions
+ .elementAt(i);
if (caCertExt instanceof SubjectKeyIdentifierExtension) {
- SubjectKeyIdentifierExtension id =
- (SubjectKeyIdentifierExtension) caCertExt;
+ SubjectKeyIdentifierExtension id = (SubjectKeyIdentifierExtension) caCertExt;
- keyId = (KeyIdentifier)
- id.get(SubjectKeyIdentifierExtension.KEY_ID);
+ keyId = (KeyIdentifier) id
+ .get(SubjectKeyIdentifierExtension.KEY_ID);
}
}
}
}
} catch (CertificateParsingException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CERT_PARSING_ERROR", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CRL_CERT_PARSING_ERROR",
+ e.toString()));
} catch (CertificateException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CERT_CERT_EXCEPTION", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CRL_CERT_CERT_EXCEPTION",
+ e.toString()));
}
if (keyId != null) {
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, keyId, null, null);
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical,
+ keyId, null, null);
} else {
GeneralNames gNames = new GeneralNames();
- gNames.addElement(((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getX500Name());
+ gNames.addElement(((ICertificateAuthority) crlIssuingPoint
+ .getCertificateAuthority()).getX500Name());
- authKeyIdExt = new AuthorityKeyIdentifierExtension(critical, null, gNames,
- new SerialNumber(((ICertificateAuthority) crlIssuingPoint.getCertificateAuthority()).getCACert().getSerialNumber()));
+ authKeyIdExt = new AuthorityKeyIdentifierExtension(critical,
+ null, gNames, new SerialNumber(
+ ((ICertificateAuthority) crlIssuingPoint
+ .getCertificateAuthority()).getCACert()
+ .getSerialNumber()));
}
} catch (IOException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CRL_CREATE_AKI_EXT", e.toString()));
}
return authKeyIdExt;
@@ -143,23 +151,22 @@ public class CMSAuthorityKeyIdentifierExtension
public String[] getExtendedPluginInfo(Locale locale) {
String[] params = {
- //"type;choice(CRLExtension,CRLEntryExtension);CRL Extension Type. "+
- //"This field is not editable.",
+ // "type;choice(CRLExtension,CRLEntryExtension);CRL Extension Type. "+
+ // "This field is not editable.",
"enable;boolean;Check to enable Authority Key Identifier CRL extension.",
"critical;boolean;Set criticality for Authority Key Identifier CRL extension.",
- IExtendedPluginInfo.HELP_TOKEN +
- ";configuration-ca-edit-crlextension-authoritykeyidentifier",
- IExtendedPluginInfo.HELP_TEXT +
- ";The authority key identifier extension provides a means " +
- "of identifying the public key corresponding to the private " +
- "key used to sign a CRL."
- };
+ IExtendedPluginInfo.HELP_TOKEN
+ + ";configuration-ca-edit-crlextension-authoritykeyidentifier",
+ IExtendedPluginInfo.HELP_TEXT
+ + ";The authority key identifier extension provides a means "
+ + "of identifying the public key corresponding to the private "
+ + "key used to sign a CRL." };
return params;
}
private void log(int level, String msg) {
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_CA, level,
- "CMSAuthorityKeyIdentifierExtension - " + msg);
+ "CMSAuthorityKeyIdentifierExtension - " + msg);
}
-}
+}
generated by cgit (git 2.34.1) at 2024-05-05 14:17:48 +0000