001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.crypto.jce.provider;
017:
018: import java.io.ByteArrayOutputStream;
019: import java.io.IOException;
020: import java.math.BigInteger;
021: import java.security.cert.CRLException;
022: import java.security.cert.X509CRLEntry;
023: import java.util.Date;
024: import java.util.Enumeration;
025: import java.util.HashSet;
026: import java.util.Set;
027:
028: import org.apache.geronimo.crypto.asn1.DERObjectIdentifier;
029: import org.apache.geronimo.crypto.asn1.DEROutputStream;
030: import org.apache.geronimo.crypto.asn1.x509.TBSCertList;
031: import org.apache.geronimo.crypto.asn1.x509.X509Extension;
032: import org.apache.geronimo.crypto.asn1.x509.X509Extensions;
033:
034: /**
035: * The following extensions are listed in RFC 2459 as relevant to CRL Entries
036: *
037: * ReasonCode
038: * Hode Instruction Code
039: * Invalidity Date
040: * Certificate Issuer (critical)
041: */
042: public class X509CRLEntryObject extends X509CRLEntry {
043: private TBSCertList.CRLEntry c;
044:
045: public X509CRLEntryObject(TBSCertList.CRLEntry c) {
046: this .c = c;
047: }
048:
049: /**
050: * Will return true if any extensions are present and marked
051: * as critical as we currently dont handle any extensions!
052: */
053: public boolean hasUnsupportedCriticalExtension() {
054: Set extns = getCriticalExtensionOIDs();
055: if (extns != null && !extns.isEmpty()) {
056: return true;
057: }
058:
059: return false;
060: }
061:
062: private Set getExtensionOIDs(boolean critical) {
063: X509Extensions extensions = c.getExtensions();
064:
065: if (extensions != null) {
066: HashSet set = new HashSet();
067: Enumeration e = extensions.oids();
068:
069: while (e.hasMoreElements()) {
070: DERObjectIdentifier oid = (DERObjectIdentifier) e
071: .nextElement();
072: X509Extension ext = extensions.getExtension(oid);
073:
074: if (critical == ext.isCritical()) {
075: set.add(oid.getId());
076: }
077: }
078:
079: return set;
080: }
081:
082: return null;
083: }
084:
085: public Set getCriticalExtensionOIDs() {
086: return getExtensionOIDs(true);
087: }
088:
089: public Set getNonCriticalExtensionOIDs() {
090: return getExtensionOIDs(false);
091: }
092:
093: public byte[] getExtensionValue(String oid) {
094: X509Extensions exts = c.getExtensions();
095:
096: if (exts != null) {
097: X509Extension ext = exts
098: .getExtension(new DERObjectIdentifier(oid));
099:
100: if (ext != null) {
101: try {
102: return ext.getValue().getEncoded();
103: } catch (Exception e) {
104: throw new RuntimeException("error encoding "
105: + e.getMessage(), e);
106: }
107: }
108: }
109:
110: return null;
111: }
112:
113: public byte[] getEncoded() throws CRLException {
114: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
115: DEROutputStream dOut = new DEROutputStream(bOut);
116:
117: try {
118: dOut.writeObject(c);
119:
120: return bOut.toByteArray();
121: } catch (IOException e) {
122: throw (CRLException) new CRLException(e.getMessage())
123: .initCause(e);
124: }
125: }
126:
127: public BigInteger getSerialNumber() {
128: return c.getUserCertificate().getValue();
129: }
130:
131: public Date getRevocationDate() {
132: return c.getRevocationDate().getDate();
133: }
134:
135: public boolean hasExtensions() {
136: return c.getExtensions() != null;
137: }
138:
139: public String toString() {
140: StringBuffer buf = new StringBuffer();
141: String nl = System.getProperty("line.separator");
142:
143: buf.append(" userCertificate: " + this .getSerialNumber()
144: + nl);
145: buf.append(" revocationDate: " + this .getRevocationDate()
146: + nl);
147:
148: X509Extensions extensions = c.getExtensions();
149:
150: if (extensions != null) {
151: Enumeration e = extensions.oids();
152: if (e.hasMoreElements()) {
153: buf.append(" crlEntryExtensions:" + nl);
154:
155: while (e.hasMoreElements()) {
156: DERObjectIdentifier oid = (DERObjectIdentifier) e
157: .nextElement();
158: X509Extension ext = extensions.getExtension(oid);
159: buf.append(ext);
160: }
161: }
162: }
163:
164: return buf.toString();
165: }
166: }
|