View Javadoc

1   /**
2    *
3    *  Licensed to the Apache Software Foundation (ASF) under one or more
4    *  contributor license agreements.  See the NOTICE file distributed with
5    *  this work for additional information regarding copyright ownership.
6    *  The ASF licenses this file to You under the Apache License, Version 2.0
7    *  (the "License"); you may not use this file except in compliance with
8    *  the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing, software
13   *  distributed under the License is distributed on an "AS IS" BASIS,
14   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   *  See the License for the specific language governing permissions and
16   *  limitations under the License.
17   */
18  
19  
20  package org.apache.geronimo.util.jce.provider;
21  
22  import java.io.ByteArrayOutputStream;
23  import java.io.IOException;
24  import java.math.BigInteger;
25  import java.security.cert.CRLException;
26  import java.security.cert.X509CRLEntry;
27  import java.util.Date;
28  import java.util.Enumeration;
29  import java.util.HashSet;
30  import java.util.Set;
31  
32  import org.apache.geronimo.util.asn1.DERObjectIdentifier;
33  import org.apache.geronimo.util.asn1.DEROutputStream;
34  import org.apache.geronimo.util.asn1.x509.TBSCertList;
35  import org.apache.geronimo.util.asn1.x509.X509Extension;
36  import org.apache.geronimo.util.asn1.x509.X509Extensions;
37  
38  /**
39   * The following extensions are listed in RFC 2459 as relevant to CRL Entries
40   *
41   * ReasonCode
42   * Hode Instruction Code
43   * Invalidity Date
44   * Certificate Issuer (critical)
45   */
46  public class X509CRLEntryObject extends X509CRLEntry
47  {
48      private TBSCertList.CRLEntry c;
49  
50      public X509CRLEntryObject(
51          TBSCertList.CRLEntry c)
52      {
53          this.c = c;
54      }
55  
56      /**
57       * Will return true if any extensions are present and marked
58       * as critical as we currently dont handle any extensions!
59       */
60      public boolean hasUnsupportedCriticalExtension()
61      {
62          Set extns = getCriticalExtensionOIDs();
63          if ( extns != null && !extns.isEmpty() )
64          {
65              return true;
66          }
67  
68          return false;
69      }
70  
71      private Set getExtensionOIDs(boolean critical)
72      {
73          X509Extensions extensions = c.getExtensions();
74  
75          if ( extensions != null )
76          {
77              HashSet            set = new HashSet();
78              Enumeration        e = extensions.oids();
79  
80              while (e.hasMoreElements())
81              {
82                  DERObjectIdentifier    oid = (DERObjectIdentifier)e.nextElement();
83                  X509Extension        ext = extensions.getExtension(oid);
84  
85                  if (critical == ext.isCritical())
86                  {
87                      set.add(oid.getId());
88                  }
89              }
90  
91              return set;
92          }
93  
94          return null;
95      }
96  
97      public Set getCriticalExtensionOIDs()
98      {
99          return getExtensionOIDs(true);
100     }
101 
102     public Set getNonCriticalExtensionOIDs()
103     {
104         return getExtensionOIDs(false);
105     }
106 
107     public byte[] getExtensionValue(String oid)
108     {
109         X509Extensions exts = c.getExtensions();
110 
111         if (exts != null)
112         {
113             X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid));
114 
115             if (ext != null)
116             {
117                 try
118                 {
119                     return ext.getValue().getEncoded();
120                 }
121                 catch (Exception e)
122                 {
123                     throw new RuntimeException("error encoding " + e.toString());
124                 }
125             }
126         }
127 
128         return null;
129     }
130 
131     public byte[] getEncoded()
132         throws CRLException
133     {
134         ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
135         DEROutputStream            dOut = new DEROutputStream(bOut);
136 
137         try
138         {
139             dOut.writeObject(c);
140 
141             return bOut.toByteArray();
142         }
143         catch (IOException e)
144         {
145             throw new CRLException(e.toString());
146         }
147     }
148 
149     public BigInteger getSerialNumber()
150     {
151         return c.getUserCertificate().getValue();
152     }
153 
154     public Date getRevocationDate()
155     {
156         return c.getRevocationDate().getDate();
157     }
158 
159     public boolean hasExtensions()
160     {
161         return c.getExtensions() != null;
162     }
163 
164     public String toString()
165     {
166         StringBuffer buf = new StringBuffer();
167         String nl = System.getProperty("line.separator");
168 
169         buf.append("      userCertificate: " + this.getSerialNumber() + nl);
170         buf.append("       revocationDate: " + this.getRevocationDate() + nl);
171 
172 
173         X509Extensions extensions = c.getExtensions();
174 
175         if ( extensions != null )
176         {
177             Enumeration e = extensions.oids();
178             if ( e.hasMoreElements() )
179             {
180                 buf.append("   crlEntryExtensions:" + nl);
181 
182                 while ( e.hasMoreElements() )
183                 {
184                     DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
185                     X509Extension ext = extensions.getExtension(oid);
186                     buf.append(ext);
187                 }
188             }
189         }
190 
191         return buf.toString();
192     }
193 }