Example usage for org.bouncycastle.asn1.x509 X509Extension noRevAvail

List of usage examples for org.bouncycastle.asn1.x509 X509Extension noRevAvail

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. X509Extension
  6. noRevAvail

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 X509Extension noRevAvail.

Prototype

ASN1ObjectIdentifier noRevAvail

To view the source code for org.bouncycastle.asn1.x509 X509Extension noRevAvail.

Click Source Link

Document

NoRevAvail extension in attribute certificates.

Usage

From source file:org.italiangrid.voms.ac.impl.DefaultVOMSValidationStrategy.java

License:Apache License

private boolean checkNoRevAvailExtension(VOMSAttribute attributes,
        List<VOMSValidationErrorMessage> validationErrors) {

    X509Extension noRevAvail = attributes.getVOMSAC().getExtension(X509Extension.noRevAvail);
    if (noRevAvail != null && noRevAvail.isCritical()) {
        validationErrors.add(newErrorMessage(other, "NoRevAvail AC extension cannot be critical!"));
        return false;
    }/*w  ww .  j  av a  2s . co  m*/
    return true;
}

From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java

License:Apache License

public X509AttributeCertificateHolder generateVOMSAttributeCertificate(
        EnumSet<ACGenerationProperties> generationProperties, List<String> fqans,
        List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert,
        BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) {

    AttributeCertificateHolder holder = null;
    AttributeCertificateIssuer issuer = null;

    try {// w  w w.  j  ava 2s .  co m

        holder = buildHolder(holderCert);
        issuer = buildIssuer();

    } catch (CertificateEncodingException e) {
        throw new VOMSError(e.getMessage(), e);
    }

    X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer,
            serialNumber, notBefore, notAfter);

    GeneralName policyAuthorityInfo = buildPolicyAuthorityInfo(voName, host, port);

    builder.addAttribute(VOMS_FQANS_OID, buildFQANsAttributeContent(fqans, policyAuthorityInfo));

    if (gas != null && !gas.isEmpty())
        builder.addExtension(VOMS_GENERIC_ATTRS_OID, false,
                buildGAExtensionContent(generationProperties, gas, policyAuthorityInfo));

    if (targets != null && !targets.isEmpty())
        builder.addExtension(X509Extension.targetInformation, true,
                buildTargetsExtensionContent(generationProperties, targets));

    if (!generationProperties.contains(ACGenerationProperties.SKIP_AC_CERTS_EXTENSION))
        builder.addExtension(VOMS_CERTS_OID, false, buildACCertsExtensionContent(generationProperties));

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_FAKE_CRITICAL_EXTENSION))
        builder.addExtension(FAKE_EXT_OID, true, new DERSequence());

    boolean noRevAvailIsCritical = false;
    boolean akidIsCritical = false;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_NO_REV_AVAIL_EXTENSION))
        noRevAvailIsCritical = true;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_AKID_EXTENSION))
        akidIsCritical = true;

    builder.addExtension(X509Extension.noRevAvail, noRevAvailIsCritical, new DERNull());

    AuthorityKeyIdentifier akid = buildAuthorityKeyIdentifier();

    builder.addExtension(X509Extension.authorityKeyIdentifier, akidIsCritical,
            akid != null ? akid : new DERNull());

    return builder.build(getSigner(generationProperties));

}