Example 1 with IssuingDistributionPointExtension
use of org.mozilla.jss.netscape.security.x509.IssuingDistributionPointExtension in project jss by dogtagpki.
the class ExtPrettyPrint method getIssuingDistributionPointExtension.
/**
* String Representation of IssuerAlternativeName Extension
*/
private String getIssuingDistributionPointExtension() {
StringBuffer sb = new StringBuffer();
sb.append(pp.indent(mIndentSize) + mResource.getString(PrettyPrintResources.TOKEN_IDENTIFIER));
sb.append(mResource.getString(PrettyPrintResources.TOKEN_ISSUING_DIST_POINT) + "- " + mExt.getExtensionId().toString() + "\n");
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_CRITICAL));
if (mExt.isCritical()) {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
} else {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
}
IssuingDistributionPointExtension ext = (IssuingDistributionPointExtension) mExt;
IssuingDistributionPoint issuingDistributionPoint = ext.getIssuingDistributionPoint();
if (issuingDistributionPoint != null) {
GeneralNames fullNames = issuingDistributionPoint.getFullName();
RDN relativeName = issuingDistributionPoint.getRelativeName();
if (fullNames != null || relativeName != null) {
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_DIST_POINT_NAME) + "\n");
if (fullNames != null) {
sb.append(pp.indent(mIndentSize + 8) + mResource.getString(PrettyPrintResources.TOKEN_FULL_NAME) + "\n");
for (int i = 0; i < fullNames.size(); i++) {
GeneralName fullName = (GeneralName) fullNames.elementAt(i);
if (fullName != null) {
sb.append(pp.indent(mIndentSize + 12) + fullName.toString() + "\n");
}
}
}
if (relativeName != null) {
sb.append(pp.indent(mIndentSize + 8) + mResource.getString(PrettyPrintResources.TOKEN_RELATIVE_NAME) + relativeName.toString() + "\n");
}
}
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_ONLY_USER_CERTS));
if (issuingDistributionPoint.getOnlyContainsUserCerts()) {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
} else {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
}
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_ONLY_CA_CERTS));
if (issuingDistributionPoint.getOnlyContainsCACerts()) {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
} else {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
}
BitArray onlySomeReasons = issuingDistributionPoint.getOnlySomeReasons();
if (onlySomeReasons != null) {
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_ONLY_SOME_REASONS));
sb.append("0x" + pp.toHexString(onlySomeReasons.toByteArray()));
}
sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_INDIRECT_CRL));
if (issuingDistributionPoint.getIndirectCRL()) {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
} else {
sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
}
}
return sb.toString();
}
Also used :
IssuingDistributionPointExtension(org.mozilla.jss.netscape.security.x509.IssuingDistributionPointExtension)
IssuingDistributionPoint(org.mozilla.jss.netscape.security.x509.IssuingDistributionPoint)
GeneralNames(org.mozilla.jss.netscape.security.x509.GeneralNames)
GeneralName(org.mozilla.jss.netscape.security.x509.GeneralName)
RDN(org.mozilla.jss.netscape.security.x509.RDN)
CRLDistributionPoint(org.mozilla.jss.netscape.security.x509.CRLDistributionPoint)
IssuingDistributionPoint(org.mozilla.jss.netscape.security.x509.IssuingDistributionPoint)
Example 2 with IssuingDistributionPointExtension
use of org.mozilla.jss.netscape.security.x509.IssuingDistributionPointExtension in project OpenAM by OpenRock.
the class AMCRLStore method getCRL.
/**
* Checks certificate and returns corresponding stored CRL in ldap store
*
* @param certificate
*/
public X509CRL getCRL(X509Certificate certificate) throws IOException {
SearchResultEntry crlEntry = null;
X509CRL crl = null;
if (storeParam.isDoCRLCaching()) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: Trying to get CRL from cache");
}
crl = getCRLFromCache(certificate);
}
try (Connection ldc = getConnection()) {
if (ldc == null) {
return null;
}
if (crl == null) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: crl is null");
}
if (mCrlAttrName == null) {
crlEntry = getLdapEntry(ldc, CERTIFICATE_REVOCATION_LIST, CERTIFICATE_REVOCATION_LIST_BINARY);
} else {
crlEntry = getLdapEntry(ldc, mCrlAttrName);
}
crl = getCRLFromEntry(crlEntry);
}
if (storeParam.isDoUpdateCRLs() && needCRLUpdate(crl)) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: need CRL update");
}
X509CRL tmpcrl = null;
IssuingDistributionPointExtension crlIDPExt = null;
try {
if (crl != null) {
crlIDPExt = getCRLIDPExt(crl);
}
} catch (Exception e) {
debug.message("AMCRLStore.getCRL: crlIDPExt is null");
}
CRLDistributionPointsExtension crlDPExt = null;
try {
crlDPExt = getCRLDPExt(certificate);
} catch (Exception e) {
debug.message("AMCRLStore.getCRL: crlDPExt is null");
}
if ((tmpcrl == null) && (crlIDPExt != null)) {
tmpcrl = getUpdateCRLFromCrlIDP(crlIDPExt);
}
if ((tmpcrl == null) && (crlDPExt != null)) {
tmpcrl = getUpdateCRLFromCrlDP(crlDPExt);
}
if (tmpcrl != null) {
if (crlEntry == null) {
crlEntry = getLdapEntry(ldc);
}
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: new crl = " + tmpcrl);
}
if (crlEntry != null) {
updateCRL(ldc, crlEntry.getName().toString(), tmpcrl.getEncoded());
}
}
crl = tmpcrl;
}
if (storeParam.isDoCRLCaching()) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRL: Updating CRL cache");
}
updateCRLCache(certificate, crl);
}
} catch (Exception e) {
debug.error("AMCRLStore.getCRL: Error in getting CRL : ", e);
}
return crl;
}
Also used :
IssuingDistributionPointExtension(com.iplanet.security.x509.IssuingDistributionPointExtension)
X509CRL(java.security.cert.X509CRL)
CRLDistributionPointsExtension(sun.security.x509.CRLDistributionPointsExtension)
HttpURLConnection(java.net.HttpURLConnection)
Connection(org.forgerock.opendj.ldap.Connection)
LdapException(org.forgerock.opendj.ldap.LdapException)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
LocalizedIllegalArgumentException(org.forgerock.i18n.LocalizedIllegalArgumentException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Aggregations
IssuingDistributionPointExtension (com.iplanet.security.x509.IssuingDistributionPointExtension)1
IOException (java.io.IOException)1
HttpURLConnection (java.net.HttpURLConnection)1
GeneralSecurityException (java.security.GeneralSecurityException)1
X509CRL (java.security.cert.X509CRL)1
LocalizedIllegalArgumentException (org.forgerock.i18n.LocalizedIllegalArgumentException)1
Connection (org.forgerock.opendj.ldap.Connection)1
LdapException (org.forgerock.opendj.ldap.LdapException)1
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)1
CRLDistributionPoint (org.mozilla.jss.netscape.security.x509.CRLDistributionPoint)1
GeneralName (org.mozilla.jss.netscape.security.x509.GeneralName)1
GeneralNames (org.mozilla.jss.netscape.security.x509.GeneralNames)1
IssuingDistributionPoint (org.mozilla.jss.netscape.security.x509.IssuingDistributionPoint)1
IssuingDistributionPointExtension (org.mozilla.jss.netscape.security.x509.IssuingDistributionPointExtension)1
RDN (org.mozilla.jss.netscape.security.x509.RDN)1
CRLDistributionPointsExtension (sun.security.x509.CRLDistributionPointsExtension)1
