List of usage examples for org.bouncycastle.asn1.x509 X509Extension noRevAvail
ASN1ObjectIdentifier noRevAvail
To view the source code for org.bouncycastle.asn1.x509 X509Extension noRevAvail.
Click Source Link
From source file:org.italiangrid.voms.ac.impl.DefaultVOMSValidationStrategy.java
License:Apache License
private boolean checkNoRevAvailExtension(VOMSAttribute attributes, List<VOMSValidationErrorMessage> validationErrors) { X509Extension noRevAvail = attributes.getVOMSAC().getExtension(X509Extension.noRevAvail); if (noRevAvail != null && noRevAvail.isCritical()) { validationErrors.add(newErrorMessage(other, "NoRevAvail AC extension cannot be critical!")); return false; }/*w ww . j av a 2s . co m*/ return true; }
From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java
License:Apache License
public X509AttributeCertificateHolder generateVOMSAttributeCertificate( EnumSet<ACGenerationProperties> generationProperties, List<String> fqans, List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert, BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) { AttributeCertificateHolder holder = null; AttributeCertificateIssuer issuer = null; try {// w w w. j ava 2s . co m holder = buildHolder(holderCert); issuer = buildIssuer(); } catch (CertificateEncodingException e) { throw new VOMSError(e.getMessage(), e); } X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer, serialNumber, notBefore, notAfter); GeneralName policyAuthorityInfo = buildPolicyAuthorityInfo(voName, host, port); builder.addAttribute(VOMS_FQANS_OID, buildFQANsAttributeContent(fqans, policyAuthorityInfo)); if (gas != null && !gas.isEmpty()) builder.addExtension(VOMS_GENERIC_ATTRS_OID, false, buildGAExtensionContent(generationProperties, gas, policyAuthorityInfo)); if (targets != null && !targets.isEmpty()) builder.addExtension(X509Extension.targetInformation, true, buildTargetsExtensionContent(generationProperties, targets)); if (!generationProperties.contains(ACGenerationProperties.SKIP_AC_CERTS_EXTENSION)) builder.addExtension(VOMS_CERTS_OID, false, buildACCertsExtensionContent(generationProperties)); if (generationProperties.contains(ACGenerationProperties.INCLUDE_FAKE_CRITICAL_EXTENSION)) builder.addExtension(FAKE_EXT_OID, true, new DERSequence()); boolean noRevAvailIsCritical = false; boolean akidIsCritical = false; if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_NO_REV_AVAIL_EXTENSION)) noRevAvailIsCritical = true; if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_AKID_EXTENSION)) akidIsCritical = true; builder.addExtension(X509Extension.noRevAvail, noRevAvailIsCritical, new DERNull()); AuthorityKeyIdentifier akid = buildAuthorityKeyIdentifier(); builder.addExtension(X509Extension.authorityKeyIdentifier, akidIsCritical, akid != null ? akid : new DERNull()); return builder.build(getSigner(generationProperties)); }