private static List<AccessDescription> getAccessDescriptions(final String extensionValue) throws IllegalArgumentException { // method:location-type:location-value(,method:location-type:location-value)* final CodePointIterator cpi = CodePointIterator.ofString(extensionValue); final CodePointIterator di = cpi.delimitedBy(DELIMS); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(extensionValue); } List<AccessDescription> accessDescriptions = new ArrayList<>(); while (di.hasNext()) { accessDescriptions.add(getAccessDescription(di.drainToString())); skipDelims(di, cpi, DELIMS); } return accessDescriptions; }
final boolean ca = Boolean.parseBoolean(getKeyValue(CA, di.drainToString())); skipDelims(di, cpi, DELIMS); int pathLen = -1; if (di.hasNext()) { pathLen = Integer.parseInt(getKeyValue(PATH_LEN, di.drainToString())); skipDelims(di, cpi, DELIMS); final String keyPurposeId = oidFromKeyPurpose(di.drainToString()); keyPurposeIds.add(keyPurposeId); skipDelims(di, cpi, DELIMS); extension = new SubjectAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(CE_ISSUER_ALT_NAME)) { extension = new IssuerAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_AUTHORITY_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new AuthorityInformationAccessExtension(getAccessDescriptions(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_SUBJECT_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new SubjectInformationAccessExtension(getAccessDescriptions(extensionValue)); } else { throw log.certificateExtensionCreationFromStringNotSupported(extensionName);
private static AccessDescription getAccessDescription(final String methodAndTypeAndValue) throws IllegalArgumentException { // method:location-type:location-value final CodePointIterator cpi = CodePointIterator.ofString(methodAndTypeAndValue); final CodePointIterator di = cpi.delimitedBy(':'); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(methodAndTypeAndValue); } final String accessMethodId = oidFromMethod(di.drainToString()); skipDelims(di, cpi, ':'); final String typeAndValue = cpi.drainToString(); final GeneralName accessLocation = getGeneralName(typeAndValue); return new AccessDescription(accessMethodId, accessLocation); }
private static List<GeneralName> getGeneralNames(final String extensionValue) throws IllegalArgumentException { // type:val(,type:val)* final CodePointIterator cpi = CodePointIterator.ofString(extensionValue); final CodePointIterator di = cpi.delimitedBy(DELIMS); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(extensionValue); } List<GeneralName> generalNames = new ArrayList<>(); while (di.hasNext()) { generalNames.add(getGeneralName(di.drainToString())); skipDelims(di, cpi, DELIMS); } return generalNames; }
/** * Add or replace an X.509 certificate extension. If an extension with the same name already exists, it is replaced * and returned. See {@link SelfSignedX509CertificateAndSigningKey.Builder#addExtension(boolean, String, String)} * for the supported extension names and values. * * @param critical whether the extension should be marked as critical * @param extensionName the extension name (must not be {@code null}) * @param extensionValue the extension value, as a string (must not be {@code null}) * @return the existing extension or {@code null} if no other extension with the same OID existed or if an * error occurs while attempting to add the extension */ public X509CertificateExtension addOrReplaceExtension(boolean critical, String extensionName, String extensionValue) { Assert.checkNotNullParam("name", extensionName); return addOrReplaceExtension(getX509CertificateExtension(critical, extensionName, extensionValue)); }
private static String getKeyValue(final String requiredKey, final String keyAndValue) throws IllegalArgumentException { // key:value final CodePointIterator cpi = CodePointIterator.ofString(keyAndValue); final CodePointIterator di = cpi.delimitedBy(':'); if (! requiredKey.equalsIgnoreCase(di.drainToString())) { throw log.invalidCertificateExtensionStringValue(keyAndValue); } skipDelims(di, cpi, ':'); return di.drainToString(); }
private static void skipDelims(CodePointIterator di, CodePointIterator cpi, int...delims) throws IllegalArgumentException { while ((! di.hasNext()) && cpi.hasNext()) { if (! isDelim(cpi.next(), delims)) { throw log.invalidCertificateExtensionStringValue(); } } }
private static List<GeneralName> getGeneralNames(final String extensionValue) throws IllegalArgumentException { // type:val(,type:val)* final CodePointIterator cpi = CodePointIterator.ofString(extensionValue); final CodePointIterator di = cpi.delimitedBy(DELIMS); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(extensionValue); } List<GeneralName> generalNames = new ArrayList<>(); while (di.hasNext()) { generalNames.add(getGeneralName(di.drainToString())); skipDelims(di, cpi, DELIMS); } return generalNames; }
Assert.checkNotNullParam("name", extensionName); Assert.checkNotNullParam("value", extensionValue); return addExtension(getX509CertificateExtension(critical, extensionName, extensionValue));
private static GeneralName getGeneralName(final String typeAndValue) throws IllegalArgumentException { // type:val final CodePointIterator cpi = CodePointIterator.ofString(typeAndValue); final CodePointIterator di = cpi.delimitedBy(':'); final String type = di.drainToString(); for (String requiredType : ALT_NAMES_TYPES) { if (requiredType.equalsIgnoreCase(type)) { skipDelims(di, cpi, ':'); final String value = cpi.drainToString(); switch (type.toUpperCase(Locale.ENGLISH)) { case EMAIL: return new GeneralName.RFC822Name(value); case URI: return new GeneralName.URIName(value); case DNS: return new GeneralName.DNSName(value); case IP: return new GeneralName.IPAddress(value); case OID: return new GeneralName.RegisteredID(value); default: throw log.invalidCertificateExtensionStringValue(typeAndValue); } } } throw log.invalidCertificateExtensionStringValue(typeAndValue); }
private static void skipDelims(CodePointIterator di, CodePointIterator cpi, int...delims) throws IllegalArgumentException { while ((! di.hasNext()) && cpi.hasNext()) { if (! isDelim(cpi.next(), delims)) { throw log.invalidCertificateExtensionStringValue(); } } }
final boolean ca = Boolean.parseBoolean(getKeyValue(CA, di.drainToString())); skipDelims(di, cpi, DELIMS); int pathLen = -1; if (di.hasNext()) { pathLen = Integer.parseInt(getKeyValue(PATH_LEN, di.drainToString())); skipDelims(di, cpi, DELIMS); final String keyPurposeId = oidFromKeyPurpose(di.drainToString()); keyPurposeIds.add(keyPurposeId); skipDelims(di, cpi, DELIMS); extension = new SubjectAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(CE_ISSUER_ALT_NAME)) { extension = new IssuerAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_AUTHORITY_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new AuthorityInformationAccessExtension(getAccessDescriptions(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_SUBJECT_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new SubjectInformationAccessExtension(getAccessDescriptions(extensionValue)); } else { throw log.certificateExtensionCreationFromStringNotSupported(extensionName);
private static AccessDescription getAccessDescription(final String methodAndTypeAndValue) throws IllegalArgumentException { // method:location-type:location-value final CodePointIterator cpi = CodePointIterator.ofString(methodAndTypeAndValue); final CodePointIterator di = cpi.delimitedBy(':'); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(methodAndTypeAndValue); } final String accessMethodId = oidFromMethod(di.drainToString()); skipDelims(di, cpi, ':'); final String typeAndValue = cpi.drainToString(); final GeneralName accessLocation = getGeneralName(typeAndValue); return new AccessDescription(accessMethodId, accessLocation); }
private static List<GeneralName> getGeneralNames(final String extensionValue) throws IllegalArgumentException { // type:val(,type:val)* final CodePointIterator cpi = CodePointIterator.ofString(extensionValue); final CodePointIterator di = cpi.delimitedBy(DELIMS); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(extensionValue); } List<GeneralName> generalNames = new ArrayList<>(); while (di.hasNext()) { generalNames.add(getGeneralName(di.drainToString())); skipDelims(di, cpi, DELIMS); } return generalNames; }
private static List<AccessDescription> getAccessDescriptions(final String extensionValue) throws IllegalArgumentException { // method:location-type:location-value(,method:location-type:location-value)* final CodePointIterator cpi = CodePointIterator.ofString(extensionValue); final CodePointIterator di = cpi.delimitedBy(DELIMS); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(extensionValue); } List<AccessDescription> accessDescriptions = new ArrayList<>(); while (di.hasNext()) { accessDescriptions.add(getAccessDescription(di.drainToString())); skipDelims(di, cpi, DELIMS); } return accessDescriptions; }
Assert.checkNotNullParam("name", extensionName); Assert.checkNotNullParam("value", extensionValue); return addExtension(getX509CertificateExtension(critical, extensionName, extensionValue));
private static String getKeyValue(final String requiredKey, final String keyAndValue) throws IllegalArgumentException { // key:value final CodePointIterator cpi = CodePointIterator.ofString(keyAndValue); final CodePointIterator di = cpi.delimitedBy(':'); if (! requiredKey.equalsIgnoreCase(di.drainToString())) { throw log.invalidCertificateExtensionStringValue(keyAndValue); } skipDelims(di, cpi, ':'); return di.drainToString(); }
private static void skipDelims(CodePointIterator di, CodePointIterator cpi, int...delims) throws IllegalArgumentException { while ((! di.hasNext()) && cpi.hasNext()) { if (! isDelim(cpi.next(), delims)) { throw log.invalidCertificateExtensionStringValue(); } } }
final boolean ca = Boolean.parseBoolean(getKeyValue(CA, di.drainToString())); skipDelims(di, cpi, DELIMS); int pathLen = -1; if (di.hasNext()) { pathLen = Integer.parseInt(getKeyValue(PATH_LEN, di.drainToString())); skipDelims(di, cpi, DELIMS); final String keyPurposeId = oidFromKeyPurpose(di.drainToString()); keyPurposeIds.add(keyPurposeId); skipDelims(di, cpi, DELIMS); extension = new SubjectAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(CE_ISSUER_ALT_NAME)) { extension = new IssuerAlternativeNamesExtension(critical, getGeneralNames(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_AUTHORITY_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new AuthorityInformationAccessExtension(getAccessDescriptions(extensionValue)); } else if (extensionName.equalsIgnoreCase(PE_SUBJECT_INFO_ACCESS)) { if (critical) { throw log.certificateExtensionMustBeNonCritical(extensionName); extension = new SubjectInformationAccessExtension(getAccessDescriptions(extensionValue)); } else { throw log.certificateExtensionCreationFromStringNotSupported(extensionName);
private static AccessDescription getAccessDescription(final String methodAndTypeAndValue) throws IllegalArgumentException { // method:location-type:location-value final CodePointIterator cpi = CodePointIterator.ofString(methodAndTypeAndValue); final CodePointIterator di = cpi.delimitedBy(':'); if (! di.hasNext()) { throw log.invalidCertificateExtensionStringValue(methodAndTypeAndValue); } final String accessMethodId = oidFromMethod(di.drainToString()); skipDelims(di, cpi, ':'); final String typeAndValue = cpi.drainToString(); final GeneralName accessLocation = getGeneralName(typeAndValue); return new AccessDescription(accessMethodId, accessLocation); }