jdk-sandbox: jdk/src/java.base/share/classes/sun/security/provider/certpath/OCSPNonceExtension.java@22badc53802f (annotated)

32032 22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	1	/*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	2	* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	4	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	10	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	15	* accompanied this code).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	16	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	20	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	23	* questions.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	24	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	25
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	26	package sun.security.provider.certpath;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	27
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	28	import java.io.IOException;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	29	import java.io.OutputStream;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	30	import java.util.Enumeration;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	31	import java.security.SecureRandom;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	32
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	33	import sun.security.x509.AttributeNameEnumeration;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	34	import sun.security.x509.CertAttrSet;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	35	import sun.security.x509.Extension;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	36	import sun.security.x509.PKIXExtensions;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	37	import sun.security.util.*;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	38
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	39	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	40	* Represent the OCSP Nonce Extension.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	41	* This extension, if present, provides a nonce value in OCSP requests
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	42	* and responses. This will cryptographically bind requests and responses
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	43	* and help to prevent replay attacks (see RFC 6960, section 4.4.1).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	44	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	45	* @see Extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	46	* @see CertAttrSet
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	47	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	48	public class OCSPNonceExtension extends Extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	49	implements CertAttrSet<String> {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	50
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	51	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	52	* Attribute name.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	53	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	54	public static final String NAME = "OCSPNonce";
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	55	public static final String NONCE = "nonce";
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	56
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	57	private byte[] nonceData = null;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	58	private String extensionName;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	59
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	60	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	61	* Encode this extension value to DER and assign it to the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	62	* {@code extensionName} data member.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	63	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	64	* @throws IOException if any errors occur during DER encoding
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	65	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	66	private void encodeInternal() throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	67	if (nonceData == null) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	68	this.extensionValue = null;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	69	return;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	70	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	71	DerOutputStream os = new DerOutputStream();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	72	os.putOctetString(this.nonceData);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	73	this.extensionValue = os.toByteArray();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	74	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	75
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	76	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	77	* Create a {@code OCSPNonceExtension} by providing the nonce length.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	78	* The criticality is set to false. The random bytes will be generated
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	79	* using the SUN provider.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	80	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	81	* @param length the number of random bytes composing the nonce
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	82	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	83	* @throws IOException if any errors happen during encoding of the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	84	* extension.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	85	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	86	public OCSPNonceExtension(int length) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	87	this(PKIXExtensions.OCSPNonce_Id, false, length, NAME);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	88	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	89
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	90	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	91	* Creates the extension (also called by the subclass).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	92	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	93	* @param extensionId the {@code ObjectIdentifier} for the OCSP Nonce
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	94	* extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	95	* @param isCritical a boolean flag indicating if the criticality bit
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	96	* is to be set for this extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	97	* @param length the length of the nonce in bytes
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	98	* @param extensionName the name of the extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	99	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	100	* @throws IOException if any errors happen during encoding of the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	101	* extension.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	102	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	103	protected OCSPNonceExtension(ObjectIdentifier extensionId,
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	104	boolean isCritical, int length, String extensionName)
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	105	throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	106	SecureRandom rng = new SecureRandom();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	107	this.nonceData = new byte[length];
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	108	rng.nextBytes(nonceData);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	109	this.extensionId = extensionId;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	110	this.critical = isCritical;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	111	this.extensionName = extensionName;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	112	encodeInternal();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	113	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	114
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	115	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	116	* Create the extension using the provided criticality bit setting and
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	117	* DER encoding.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	118	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	119	* @param critical true if the extension is to be treated as critical.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	120	* @param value an array of DER encoded bytes of the extnValue for the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	121	* extension. It must not include the encapsulating OCTET STRING
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	122	* tag and length. For an {@code OCSPNonceExtension} the data value
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	123	* should be a simple OCTET STRING containing random bytes
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	124	* (see RFC 6960, section 4.4.1).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	125	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	126	* @throws ClassCastException if value is not an array of bytes
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	127	* @throws IOException if any errors happen during encoding of the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	128	* extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	129	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	130	public OCSPNonceExtension(Boolean critical, Object value)
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	131	throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	132	this(PKIXExtensions.OCSPNonce_Id, critical, value, NAME);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	133	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	134
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	135	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	136	* Creates the extension (also called by the subclass).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	137	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	138	* @param extensionId the {@code ObjectIdentifier} for the OCSP Nonce
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	139	* extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	140	* @param critical a boolean flag indicating if the criticality bit
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	141	* is to be set for this extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	142	* @param value an array of DER encoded bytes of the extnValue for the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	143	* extension. It must not include the encapsulating OCTET STRING
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	144	* tag and length. For an {@code OCSPNonceExtension} the data value
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	145	* should be a simple OCTET STRING containing random bytes
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	146	* (see RFC 6960, section 4.4.1).
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	147	* @param extensionName the name of the extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	148	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	149	* @throws ClassCastException if value is not an array of bytes
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	150	* @throws IOException if any errors happen during encoding of the
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	151	* extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	152	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	153	protected OCSPNonceExtension(ObjectIdentifier extensionId,
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	154	Boolean critical, Object value, String extensionName)
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	155	throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	156	this.extensionId = extensionId;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	157	this.critical = critical;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	158	this.extensionValue = (byte[]) value;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	159	DerValue val = new DerValue(this.extensionValue);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	160	this.nonceData = val.getOctetString();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	161	this.extensionName = extensionName;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	162	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	163
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	164	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	165	* Set the attribute value.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	166	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	167	* @param name the name of the attribute.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	168	* @param obj an array of nonce bytes for the extension. It must not
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	169	* contain any DER tags or length.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	170	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	171	* @throws IOException if an unsupported name is provided or the supplied
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	172	* {@code obj} is not a byte array
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	173	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	174	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	175	public void set(String name, Object obj) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	176	if (name.equalsIgnoreCase(NONCE)) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	177	if (!(obj instanceof byte[])) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	178	throw new IOException("Attribute must be of type byte[].");
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	179	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	180	nonceData = (byte[])obj;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	181	} else {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	182	throw new IOException("Attribute name not recognized by"
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	183	+ " CertAttrSet:" + extensionName + ".");
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	184	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	185	encodeInternal();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	186	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	187
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	188	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	189	* Get the attribute value.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	190	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	191	* @param name the name of the attribute to retrieve. Only "OCSPNonce"
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	192	* is currently supported.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	193	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	194	* @return an array of bytes that are the nonce data. It will not contain
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	195	* any DER tags or length, only the random nonce bytes.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	196	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	197	* @throws IOException if an unsupported name is provided.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	198	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	199	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	200	public Object get(String name) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	201	if (name.equalsIgnoreCase(NONCE)) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	202	return nonceData;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	203	} else {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	204	throw new IOException("Attribute name not recognized by"
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	205	+ " CertAttrSet:" + extensionName + ".");
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	206	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	207	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	208
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	209	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	210	* Delete the attribute value.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	211	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	212	* @param name the name of the attribute to retrieve. Only "OCSPNonce"
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	213	* is currently supported.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	214	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	215	* @throws IOException if an unsupported name is provided or an error
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	216	* occurs during re-encoding of the extension.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	217	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	218	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	219	public void delete(String name) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	220	if (name.equalsIgnoreCase(NONCE)) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	221	nonceData = null;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	222	} else {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	223	throw new IOException("Attribute name not recognized by"
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	224	+ " CertAttrSet:" + extensionName + ".");
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	225	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	226	encodeInternal();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	227	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	228
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	229	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	230	* Returns a printable representation of the {@code OCSPNonceExtension}.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	231	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	232	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	233	public String toString() {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	234	String s = super.toString() + extensionName + ": " +
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	235	((nonceData == null) ? "" : Debug.toString(nonceData))
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	236	+ "\n";
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	237	return (s);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	238	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	239
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	240	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	241	* Write the extension to an {@code OutputStream}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	242	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	243	* @param out the {@code OutputStream} to write the extension to.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	244	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	245	* @throws IOException on encoding errors.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	246	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	247	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	248	public void encode(OutputStream out) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	249	encode(out, PKIXExtensions.OCSPNonce_Id, this.critical);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	250	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	251
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	252	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	253	* Write the extension to the DerOutputStream.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	254	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	255	* @param out the {@code OutputStream} to write the extension to.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	256	* @param extensionId the {@code ObjectIdentifier} used for this extension
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	257	* @param isCritical a flag indicating if the criticality bit is set for
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	258	* this extension.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	259	*
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	260	* @throws IOException on encoding errors.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	261	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	262	protected void encode(OutputStream out, ObjectIdentifier extensionId,
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	263	boolean isCritical) throws IOException {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	264
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	265	DerOutputStream tmp = new DerOutputStream();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	266
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	267	if (this.extensionValue == null) {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	268	this.extensionId = extensionId;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	269	this.critical = isCritical;
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	270	encodeInternal();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	271	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	272	super.encode(tmp);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	273	out.write(tmp.toByteArray());
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	274	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	275
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	276	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	277	* Return an enumeration of names of attributes existing within this
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	278	* attribute.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	279	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	280	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	281	public Enumeration<String> getElements() {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	282	AttributeNameEnumeration elements = new AttributeNameEnumeration();
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	283	elements.addElement(NONCE);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	284	return (elements.elements());
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	285	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	286
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	287	/**
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	288	* Return the name of this attribute.
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	289	*/
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	290	@Override
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	291	public String getName() {
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	292	return (extensionName);
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	293	}
22badc53802f 8046321: OCSP Stapling for TLS jnimeh parents: diff changeset	294	}

author	jnimeh
	Wed, 05 Aug 2015 12:19:38 -0700
changeset 32032	22badc53802f
child 32473	09672cd2a4a0
permissions	-rw-r--r--