/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: IssuingDistributionPointExtension.java,v 1.2 2008/06/25 05:52:46 qcheng Exp $
*
*/
/**
* A critical CRL extension that identifies the CRL distribution point
* for a particular CRL
*
* <pre>
* issuingDistributionPoint ::= SEQUENCE {
* distributionPoint [0] DistributionPointName OPTIONAL,
* onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
* onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
* onlySomeReasons [3] ReasonFlags OPTIONAL,
* indirectCRL [4] BOOLEAN DEFAULT FALSE }
*
* DistributionPointName ::= CHOICE {
* fullName [0] GeneralNames,
* nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
*
* ReasonFlags ::= BIT STRING {
* unused (0),
* keyCompromise (1),
* cACompromise (2),
* affiliationChanged (3),
* superseded (4),
* cessationOfOperation (5),
* certificateHold (6) }
*
* GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
*
* GeneralName ::= CHOICE {
* otherName [0] OtherName,
* rfc822Name [1] IA5String,
* dNSName [2] IA5String,
* x400Address [3] ORAddress,
* directoryName [4] Name,
* ediPartyName [5] EDIPartyName,
* uniformResourceIdentifier [6] IA5String,
* iPAddress [7] OCTET STRING,
* registeredID [8] OBJECT IDENTIFIER}
*
* OtherName ::= SEQUENCE {
* type-id OBJECT IDENTIFIER,
* value [0] EXPLICIT ANY DEFINED BY type-id }
*
* EDIPartyName ::= SEQUENCE {
* nameAssigner [0] DirectoryString OPTIONAL,
* partyName [1] DirectoryString }
*
* RelativeDistinguishedName ::=
* SET OF AttributeTypeAndValue
*
* AttributeTypeAndValue ::= SEQUENCE {
* type AttributeType,
* value AttributeValue }
*
* AttributeType ::= OBJECT IDENTIFIER
*
* AttributeValue ::= ANY DEFINED BY AttributeType
* </pre>
*/
/**
* Identifier for this attribute, to be used with the
* get, set, delete methods of Certificate, x509 type.
*/
"x509.info.extensions.IssuingDistributionPoint";
// reason flag bits
null,
"key compromise",
"CA compromise",
"affiliation changed",
"superseded",
"cessation of operation",
"certificate hold"
};
/**
* Attribute name.
*/
// context specific tag values
// only one of fullName and relativeName can be set
private boolean onlyContainsUserCerts = false;
private boolean onlyContainsCACerts = false;
// onlySomeReasons or null
private boolean indirectCRL = false;
// cached hashCode value
private volatile int hashCode;
/**
* Create a IssuingDistributionPointExtension.
*
* @param fullName the GeneralNames of the distribution point; may be null
* @param onlyContainsUserCerts the 'onlyContainsUserCerts' attribute
* @param onlyContainsCACerts the 'onlyContainsCACerts' attribute
* @param reasonFlags the 'reasonFlags' attribute
* @param indirectCRL the 'indirectCRL' attribute
* @param critical true if this is a critical extension
* @throws IOException on error
*/
boolean onlyContainsUserCerts,
boolean onlyContainsCACerts,
boolean[] reasonFlags,
boolean indirectCRL,
boolean critical)
throws IOException {
this.reasonFlags = reasonFlags;
this.indirectCRL = indirectCRL;
encodeThis();
}
/**
* Create a IssuingDistributionPointExtension.
*
* @param relativeName the RelativeDistinguishedName of the distribution
* point; may not be null
* @param onlyContainsUserCerts the 'onlyContainsUserCerts' attribute
* @param onlyContainsCACerts the 'onlyContainsCACerts' attribute
* @param reasonFlags the 'reasonFlags' attribute
* @param indirectCRL the 'indirectCRL' attribute
* @param critical true if this is a critical extension
* @throws IOException on error
*/
boolean onlyContainsUserCerts,
boolean onlyContainsCACerts,
boolean[] reasonFlags,
boolean indirectCRL,
boolean critical)
throws IOException {
this.relativeName = relativeName;
this.reasonFlags = reasonFlags;
this.indirectCRL = indirectCRL;
encodeThis();
}
/**
* Create the extension from the passed DER encoded value of the same.
*
* @param value Array of DER encoded bytes of the actual value.
* @exception IOException on error.
*/
throws IOException {
this.critical = true;
if (!(value instanceof byte[])) {
throw new IOException("Illegal argument type");
}
extensionValue = (byte[])value;
throw new IOException("Invalid encoding for " +
"IssuingDistributionPointExtension.");
}
return;
}
&& distPnt.isConstructed()) {
&& distPnt.isConstructed()) {
} else {
throw new IOException("Invalid encoding for " +
"IssuingDistributionPointExtension.");
}
return;
}
}
return;
}
}
if (onlyContainsUserCerts && onlyContainsCACerts) {
throw new IOException("onlyContainsUserCerts and " +
"onlyContainsCACerts can't both be true");
}
return;
}
}
return;
}
}
return;
}
}
throw new IOException("Invalid encoding for " +
"IssuingDistributionPointExtension.");
}
/**
* Return the name of this attribute.
*/
return NAME;
}
/**
* Return the full distribution point name or null if not set.
*/
return fullName;
}
/**
* Return the relative distribution point name or null if not set.
*/
return relativeName;
}
/**
* Return the onlyContainsUserCerts attribute
*/
public boolean getOnlyContainsUserCerts() {
return onlyContainsUserCerts;
}
/**
* Return the onlyContainsCACerts attribute
*/
public boolean getOnlyContainsCACerts() {
return onlyContainsCACerts;
}
/**
* Return the reason flags or null if not set.
*/
public boolean[] getOnlySomeReasons() {
return reasonFlags;
}
/**
* Return the indirectCRL attribute
*/
public boolean getIndirectCRL() {
return indirectCRL;
}
/**
* Sets the full distribution point name.
*/
this.relativeName = null;
}
}
/**
* Sets the relative distribution point name.
*/
this.relativeName = relativeName;
if( relativeName != null ) {
}
}
/**
* Sets the onlyContainsUserCerts attribute.
*/
}
/**
* Sets the onlyContainsCACerts attribute.
*/
}
/**
* Sets the reason flags for this distribution point.
*/
this.reasonFlags = reasonFlags;
}
/**
* Sets the indirectCRL attribute.
*/
this.indirectCRL = indirectCRL;
}
/**
* Write the extension to the DerOutputStream.
*
* @param out the DerOutputStream to write the extension to.
* @exception IOException on encoding errors.
*/
if (this.extensionValue == null) {
this.critical = true;
encodeThis();
}
}
// Encode this extension value
if (onlyContainsUserCerts && onlyContainsCACerts) {
throw new IOException("onlyContainsUserCerts and " +
"onlyContainsCACerts can't both be true");
}
// NOTE: only one of pointNames and pointRDN can be set
derOut);
} else if (relativeName != null) {
derOut);
}
}
if (onlyContainsUserCerts) {
}
if (onlyContainsCACerts) {
}
if (reasonFlags != null) {
reasons);
}
if (indirectCRL) {
}
}
/**
* Return a string representation for reasonFlag bit 'reason'.
*/
return REASON_STRINGS[reason];
}
return "Unknown reason " + reason;
}
/**
* Return the extension as user readable string.
*/
}
if (relativeName != null) {
}
onlyContainsUserCerts + "\n");
onlyContainsCACerts + "\n");
if (reasonFlags != null) {
if (reasonFlags[i]) {
}
}
}
indirectCRL + "\n");
}
throws IOException {
}
return avas;
}
throws IOException {
}
}