151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 2d7819a81f8b1b8d1a6b26329e4aa5f046afbf1f6Kenny Root * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.x509; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.OutputStream; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.Debug; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.DerOutputStream; 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.DerValue; 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.ObjectIdentifier; 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This class represents the Inhibit Any-Policy Extension. 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>The inhibit any-policy extension can be used in certificates issued 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * to CAs. The inhibit any-policy indicates that the special any-policy 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * OID, with the value {2 5 29 32 0}, is not considered an explicit 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * match for other certificate policies. The value indicates the number 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * of additional certificates that may appear in the path before any- 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * policy is no longer permitted. For example, a value of one indicates 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * that any-policy may be processed in certificates issued by the sub- 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ject of this certificate, but not in additional certificates in the 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * path. 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This extension MUST be critical. 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The ASN.1 syntax for this extension is: 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code><pre> 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * InhibitAnyPolicy ::= SkipCerts 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * SkipCerts ::= INTEGER (0..MAX) 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre></code> 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Anne Anderson 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertAttrSet 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Extension 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class InhibitAnyPolicyExtension extends Extension 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimplements CertAttrSet<String> { 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final Debug debug = Debug.getInstance("certpath"); 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Identifier for this attribute, to be used with the 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * get, set, delete methods of Certificate, x509 type. 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String IDENT = "x509.info.extensions.InhibitAnyPolicy"; 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Object identifier for "any-policy" 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static ObjectIdentifier AnyPolicy_Id; 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski static { 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AnyPolicy_Id = new ObjectIdentifier("2.5.29.32.0"); 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (IOException ioe) { 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Should not happen 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Attribute names. 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String NAME = "InhibitAnyPolicy"; 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static final String SKIP_CERTS = "skip_certs"; 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Private data members 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private int skipCerts = Integer.MAX_VALUE; 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Encode this extension value 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private void encodeThis() throws IOException { 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream out = new DerOutputStream(); 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.putInteger(skipCerts); 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = out.toByteArray(); 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Default constructor for this object. 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param skipCerts specifies the depth of the certification path. 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Use value of -1 to request unlimited depth. 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public InhibitAnyPolicyExtension(int skipCerts) throws IOException { 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCerts < -1) 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid value for skipCerts"); 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCerts == -1) 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.skipCerts = Integer.MAX_VALUE; 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski else 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.skipCerts = skipCerts; 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.InhibitAnyPolicy_Id; 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = true; 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Create the extension from the passed DER encoded value of the same. 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param critical criticality flag to use. Must be true for this 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * extension. 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param value a byte array holding the DER-encoded extension value. 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception ClassCastException if value is not an array of bytes 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception IOException on error. 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public InhibitAnyPolicyExtension(Boolean critical, Object value) 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws IOException { 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.InhibitAnyPolicy_Id; 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!critical.booleanValue()) 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Criticality cannot be false for " + 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "InhibitAnyPolicy"); 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.critical = critical.booleanValue(); 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionValue = (byte[]) value; 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerValue val = new DerValue(this.extensionValue); 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (val.tag != DerValue.tag_Integer) 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid encoding of InhibitAnyPolicy: " 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + "data not integer"); 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (val.data == null) 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid encoding of InhibitAnyPolicy: " 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + "null data"); 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int skipCertsValue = val.getInteger(); 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCertsValue < -1) 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid value for skipCerts"); 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCertsValue == -1) { 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.skipCerts = Integer.MAX_VALUE; 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.skipCerts = skipCertsValue; 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return user readable form of extension. 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String s = super.toString() + "InhibitAnyPolicy: " + skipCerts + "\n"; 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return s; 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Encode this extension value to the output stream. 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param out the DerOutputStream to encode the extension to. 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void encode(OutputStream out) throws IOException { 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski DerOutputStream tmp = new DerOutputStream(); 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (extensionValue == null) { 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.extensionId = PKIXExtensions.InhibitAnyPolicy_Id; 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski critical = true; 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super.encode(tmp); 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski out.write(tmp.toByteArray()); 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Set the attribute value. 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name name of attribute to set. Must be SKIP_CERTS. 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param obj value to which attribute is to be set. Must be Integer 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * type. 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @throws IOException on error 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void set(String name, Object obj) throws IOException { 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(SKIP_CERTS)) { 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(obj instanceof Integer)) 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute value should be of type Integer."); 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int skipCertsValue = ((Integer)obj).intValue(); 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCertsValue < -1) 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Invalid value for skipCerts"); 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (skipCertsValue == -1) { 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski skipCerts = Integer.MAX_VALUE; 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski skipCerts = skipCertsValue; 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:InhibitAnyPolicy."); 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski encodeThis(); 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Get the attribute value. 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name name of attribute to get. Must be SKIP_CERTS. 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @returns value of the attribute. In this case it will be of type 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Integer. 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @throws IOException on error 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 218d7819a81f8b1b8d1a6b26329e4aa5f046afbf1f6Kenny Root public Integer get(String name) throws IOException { 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(SKIP_CERTS)) 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (new Integer(skipCerts)); 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski else 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:InhibitAnyPolicy."); 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Delete the attribute value. 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name name of attribute to delete. Must be SKIP_CERTS. 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @throws IOException on error. In this case, IOException will always be 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * thrown, because the only attribute, SKIP_CERTS, is 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * required. 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public void delete(String name) throws IOException { 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (name.equalsIgnoreCase(SKIP_CERTS)) 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute " + SKIP_CERTS + 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski " may not be deleted."); 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski else 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new IOException("Attribute name not recognized by " + 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski "CertAttrSet:InhibitAnyPolicy."); 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return an enumeration of names of attributes existing within this 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * attribute. 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @returns enumeration of elements 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Enumeration<String> getElements() { 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AttributeNameEnumeration elements = new AttributeNameEnumeration(); 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski elements.addElement(SKIP_CERTS); 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (elements.elements()); 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Return the name of this attribute. 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @returns name of attribute. 25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String getName() { 26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return (NAME); 26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 264