diff options
Diffstat (limited to 'pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java')
| -rw-r--r-- | pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java | 240 |
1 files changed, 122 insertions, 118 deletions
diff --git a/pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java b/pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java index af8cd2cc..090b0cb3 100644 --- a/pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java +++ b/pki/base/util/src/netscape/security/x509/IssuingDistributionPoint.java @@ -42,11 +42,11 @@ import org.mozilla.jss.asn1.Tag; * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, * onlySomeReasons [3] ReasonFlags OPTIONAL, * indirectCRL [4] BOOLEAN DEFAULT FALSE } - * + * * DistributionPointName ::= CHOICE { * fullName [0] GeneralNames, * nameRelativeToCRLIssuer [1] RelativeDistinguishedName } - * + * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), @@ -55,9 +55,9 @@ import org.mozilla.jss.asn1.Tag; * superseded (4), * cessationOfOperation (5), * certificateHold (6) } - * + * * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName - * + * * GeneralName ::= CHOICE { * otherName [0] OtherName, * rfc822Name [1] IA5String, @@ -68,41 +68,41 @@ import org.mozilla.jss.asn1.Tag; * uniformResourceIdentifier [6] IA5String, * iPAddress [7] OCTET STRING, * registeredID [8] OBJECT IDENTIFIER} - * + * * OtherName ::= SEQUENCE { * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } - * + * * EDIPartyName ::= SEQUENCE { * nameAssigner [0] DirectoryString OPTIONAL, * partyName [1] DirectoryString } - * + * * RelativeDistinguishedName ::= * SET OF AttributeTypeAndValue - * + * * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, * value AttributeValue } - * + * * AttributeType ::= OBJECT IDENTIFIER - * + * * AttributeValue ::= ANY DEFINED BY AttributeType * </pre> - * - * See the documentation in <code>CRLDistributionPoint</code> for the - * <code>DistributionPointName</code> and <code>ReasonFlags</code> ASN.1 types. + * See the documentation in <code>CRLDistributionPoint</code> for + * the <code>DistributionPointName</code> and <code>ReasonFlags</code> + * ASN.1 types. */ public class IssuingDistributionPoint implements ASN1Value { - // at most one of the following two may be specified. One or both can + // at most one of the following two may be specified. One or both can // be null. - private GeneralNames fullName = null; - private RDN relativeName = null; + private GeneralNames fullName=null; + private RDN relativeName=null; - private boolean onlyContainsUserCerts = false; // DEFAULT FALSE - private boolean onlyContainsCACerts = false; // DEFAULT FALSE - private BitArray onlySomeReasons = null; // optional, may be null - private boolean indirectCRL = false; // DEFAULT FALSE + private boolean onlyContainsUserCerts=false; // DEFAULT FALSE + private boolean onlyContainsCACerts=false; // DEFAULT FALSE + private BitArray onlySomeReasons=null; // optional, may be null + private boolean indirectCRL=false; // DEFAULT FALSE // cache encoding of fullName private ANY fullNameEncoding; @@ -124,29 +124,31 @@ public class IssuingDistributionPoint implements ASN1Value { } /** - * Sets the <code>fullName</code> of the <code>DistributionPointName</code>. - * It may be set to <code>null</code>. If it is set to a non-null value, - * <code>relativeName</code> will be set to <code>null</code>, because at - * most one of these two attributes can be specified at a time. - * - * @exception GeneralNamesException If an error occurs encoding the name. + * Sets the <code>fullName</code> of the + * <code>DistributionPointName</code>. It may be set to <code>null</code>. + * If it is set to a non-null value, <code>relativeName</code> will be + * set to <code>null</code>, because at most one of these two attributes + * can be specified at a time. + * @exception GeneralNamesException If an error occurs encoding the + * name. */ public void setFullName(GeneralNames fullName) - throws GeneralNamesException, IOException { + throws GeneralNamesException, IOException + { this.fullName = fullName; - if (fullName != null) { + if( fullName != null ) { // encode the name to catch any problems with it DerOutputStream derOut = new DerOutputStream(); fullName.encode(derOut); try { ANY raw = new ANY(derOut.toByteArray()); ByteArrayOutputStream bos = new ByteArrayOutputStream(); - raw.encodeWithAlternateTag(Tag.get(0), bos); - fullNameEncoding = new ANY(bos.toByteArray()); - } catch (InvalidBERException e) { + raw.encodeWithAlternateTag( Tag.get(0), bos ); + fullNameEncoding = new ANY( bos.toByteArray() ); + } catch(InvalidBERException e) { // assume this won't happen, since it would imply a bug // in DerOutputStream - throw new GeneralNamesException(e.toString()); + throw new GeneralNamesException( e.toString() ); } this.relativeName = null; @@ -155,14 +157,14 @@ public class IssuingDistributionPoint implements ASN1Value { /** * Sets the <code>relativeName</code> of the - * <code>DistributionPointName</code>. It may be set to <code>null</code>. - * If it is set to a non-null value, <code>fullName</code> will be set to - * <code>null</code>, because at most one of these two attributes can be - * specified at a time. + * <code>DistributionPointName</code>. It may be set to <code>null</code>. + * If it is set to a non-null value, <code>fullName</code> will be + * set to <code>null</code>, because at most one of these two attributes + * can be specified at a time. */ public void setRelativeName(RDN relativeName) { this.relativeName = relativeName; - if (relativeName != null) { + if( relativeName != null ) { this.fullName = null; } } @@ -184,7 +186,7 @@ public class IssuingDistributionPoint implements ASN1Value { } /** - * Returns the reason flags for this distribution point. May be + * Returns the reason flags for this distribution point. May be * <code>null</code>. */ public BitArray getOnlySomeReasons() { @@ -192,7 +194,7 @@ public class IssuingDistributionPoint implements ASN1Value { } /** - * Sets the reason flags for this distribution point. May be set to + * Sets the reason flags for this distribution point. May be set to * <code>null</code>. */ public void setOnlySomeReasons(BitArray reasons) { @@ -207,9 +209,10 @@ public class IssuingDistributionPoint implements ASN1Value { indirectCRL = b; } - // /////////////////////////////////////////////////////////// + + ///////////////////////////////////////////////////////////// // DER encoding - // /////////////////////////////////////////////////////////// + ///////////////////////////////////////////////////////////// private static final Tag TAG = SEQUENCE.TAG; public Tag getTag() { @@ -221,100 +224,101 @@ public class IssuingDistributionPoint implements ASN1Value { } public void encode(Tag implicitTag, OutputStream ostream) - throws IOException { + throws IOException + { SEQUENCE seq = new SEQUENCE(); DerOutputStream derOut; - try { - - // Encodes the DistributionPointName. Because DistributionPointName - // is a CHOICE, the [0] tag is forced to be EXPLICIT. - if (fullName != null) { - EXPLICIT distPoint = new EXPLICIT(Tag.get(0), fullNameEncoding); - seq.addElement(distPoint); - } else if (relativeName != null) { - derOut = new DerOutputStream(); - relativeName.encode(derOut); - ANY raw = new ANY(derOut.toByteArray()); - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - raw.encodeWithAlternateTag(Tag.get(1), bos); - ANY distPointName = new ANY(bos.toByteArray()); - EXPLICIT distPoint = new EXPLICIT(Tag.get(0), distPointName); - seq.addElement(distPoint); - } + try { + + // Encodes the DistributionPointName. Because DistributionPointName + // is a CHOICE, the [0] tag is forced to be EXPLICIT. + if( fullName != null ) { + EXPLICIT distPoint = new EXPLICIT( Tag.get(0), fullNameEncoding); + seq.addElement( distPoint ); + } else if( relativeName != null ) { + derOut = new DerOutputStream(); + relativeName.encode(derOut); + ANY raw = new ANY(derOut.toByteArray()); + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + raw.encodeWithAlternateTag( Tag.get(1), bos ); + ANY distPointName = new ANY(bos.toByteArray()); + EXPLICIT distPoint = new EXPLICIT( Tag.get(0), distPointName); + seq.addElement( distPoint ); + } - if (onlyContainsUserCerts != false) { - seq.addElement(Tag.get(1), new BOOLEAN(true)); - } - if (onlyContainsCACerts != false) { - seq.addElement(Tag.get(2), new BOOLEAN(true)); - } + if( onlyContainsUserCerts != false ) { + seq.addElement( Tag.get(1), new BOOLEAN(true)); + } + if( onlyContainsCACerts != false ) { + seq.addElement( Tag.get(2), new BOOLEAN(true)); + } - // Encodes the ReasonFlags. - if (onlySomeReasons != null) { - derOut = new DerOutputStream(); - derOut.putUnalignedBitString(onlySomeReasons); - ANY raw = new ANY(derOut.toByteArray()); - ByteArrayOutputStream bos = new ByteArrayOutputStream(); - raw.encodeWithAlternateTag(Tag.get(3), bos); - ANY reasonEncoding = new ANY(bos.toByteArray()); - seq.addElement(reasonEncoding); - } + // Encodes the ReasonFlags. + if( onlySomeReasons != null ) { + derOut = new DerOutputStream(); + derOut.putUnalignedBitString(onlySomeReasons); + ANY raw = new ANY(derOut.toByteArray()); + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + raw.encodeWithAlternateTag(Tag.get(3), bos); + ANY reasonEncoding = new ANY(bos.toByteArray()); + seq.addElement( reasonEncoding); + } - if (indirectCRL != false) { - seq.addElement(Tag.get(4), new BOOLEAN(true)); - } + if( indirectCRL != false ) { + seq.addElement( Tag.get(4), new BOOLEAN(true)); + } - seq.encode(implicitTag, ostream); + seq.encode(implicitTag, ostream); - } catch (InvalidBERException e) { + } catch(InvalidBERException e) { // this shouldn't happen unless there is a bug in one of // the Sun encoding classes throw new IOException(e.toString()); - } + } } public static void main(String args[]) { - try { - if (args.length != 1) { - System.out.println("Usage: IssuingDistributionPoint <outfile>"); - System.exit(-1); - } - - BufferedOutputStream bos = new BufferedOutputStream( - new FileOutputStream(args[0])); - - SEQUENCE idps = new SEQUENCE(); - - IssuingDistributionPoint idp = new IssuingDistributionPoint(); - - X500Name dn = new X500Name( - "CN=Skovw Wjasldk,E=nicolson@netscape.com" - + ",OU=Certificate Server,O=Netscape,C=US"); - GeneralNames generalNames = new GeneralNames(); - generalNames.addElement(dn); - idp.setFullName(generalNames); - idps.addElement(idp); - - idp = new IssuingDistributionPoint(); - URIName uri = new URIName("http://www.mycrl.com/go/here"); - generalNames = new GeneralNames(); - generalNames.addElement(uri); - idp.setFullName(generalNames); - idp.setOnlyContainsUserCerts(true); - idp.setOnlyContainsCACerts(true); - idp.setIndirectCRL(true); - BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 }); - idp.setOnlySomeReasons(ba); - idps.addElement(idp); - - idps.encode(bos); - bos.close(); - } catch (Exception e) { - e.printStackTrace(); + try { + if(args.length != 1) { + System.out.println("Usage: IssuingDistributionPoint <outfile>"); + System.exit(-1); } + + BufferedOutputStream bos = new BufferedOutputStream( + new FileOutputStream(args[0])); + + SEQUENCE idps = new SEQUENCE(); + + IssuingDistributionPoint idp = new IssuingDistributionPoint(); + + X500Name dn = new X500Name("CN=Skovw Wjasldk,E=nicolson@netscape.com"+ + ",OU=Certificate Server,O=Netscape,C=US"); + GeneralNames generalNames = new GeneralNames(); + generalNames.addElement(dn); + idp.setFullName(generalNames); + idps.addElement(idp); + + idp = new IssuingDistributionPoint(); + URIName uri = new URIName("http://www.mycrl.com/go/here"); + generalNames = new GeneralNames(); + generalNames.addElement(uri); + idp.setFullName(generalNames); + idp.setOnlyContainsUserCerts(true); + idp.setOnlyContainsCACerts(true); + idp.setIndirectCRL(true); + BitArray ba = new BitArray(5, new byte[] {(byte)0x28} ); + idp.setOnlySomeReasons(ba); + idps.addElement(idp); + + idps.encode(bos); + bos.close(); + } catch(Exception e) { + e.printStackTrace(); + } } } + |