|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.bouncycastle.asn1.ASN1Encodable
eu.emi.security.authn.x509.helpers.proxy.ProxyAddressRestrictionData
public class ProxyAddressRestrictionData
An utility class for defining the allowed address space, used both to define the source and target restrictions. The format is:
iGTFProxyRestrictFrom ::= NameConstraints
iGTFProxyRestrictTarget ::= NameConstraints
NameConstraints::= SEQUENCE {
permittedSubtrees [0] GeneralSubtrees OPTIONAL,
excludedSubtrees [1] GeneralSubtrees OPTIONAL }
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
GeneralSubtree ::= SEQUENCE {
base GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL }
BaseDistance ::= INTEGER (0..MAX)
GeneralName ::= CHOICE {
otherName [0] OtherName,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER }
OtherName ::= SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT ANY DEFINED BY type-id }
EDIPartyName ::= SEQUENCE {
nameAssigner [0] DirectoryString OPTIONAL,
partyName [1] DirectoryString }
And in this class only the IPAddress as a IP address - netmask combination is
supported.
| Field Summary | |
|---|---|
static String |
SOURCE_RESTRICTION_OID
|
static String |
TARGET_RESTRICTION_OID
|
| Fields inherited from class org.bouncycastle.asn1.ASN1Encodable |
|---|
BER, DER |
| Constructor Summary | |
|---|---|
ProxyAddressRestrictionData()
Constructor to generate an empty ProxyRestrictionData object for creating new restrictions. |
|
ProxyAddressRestrictionData(byte[] bytes)
Parses the restriction data from byte array. |
|
| Method Summary | |
|---|---|
void |
addExcludedIPAddressWithNetmask(String address)
Adds a new excluded IP addressSpace to the data structure. |
void |
addPermittedIPAddressWithNetmask(String address)
Adds a new permitted IP addressSpace to the data structure. |
static String |
convert2sr(byte[] src)
|
static String[] |
convert2strings(byte[][] src)
|
String[] |
getExcludedAddresses()
|
static ProxyAddressRestrictionData |
getInstance(X509Certificate certificate,
boolean source)
Creates an instance of the extension of the given type from a certificate. |
byte[][][] |
getIPSpaces()
Returns a Vector of Vectors of IP address spaces as defined in rfc 4632. |
String[] |
getPermittedAddresses()
|
DERSequence |
toASN1Object()
Returns the NameConstraints structure of the restrictions. |
| Methods inherited from class org.bouncycastle.asn1.ASN1Encodable |
|---|
equals, getDEREncoded, getDERObject, getEncoded, getEncoded, hashCode |
| Methods inherited from class java.lang.Object |
|---|
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final String SOURCE_RESTRICTION_OID
public static final String TARGET_RESTRICTION_OID
| Constructor Detail |
|---|
public ProxyAddressRestrictionData(byte[] bytes)
throws IOException
bytes - The byte array to parse.
IOException - In case there is a problem parsing the structure.public ProxyAddressRestrictionData()
| Method Detail |
|---|
public static ProxyAddressRestrictionData getInstance(X509Certificate certificate,
boolean source)
throws IOException
certificate - source - whether to create object representing the source restriction (if true) or target (if value is false).
IOExceptionpublic void addPermittedIPAddressWithNetmask(String address)
address - The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public void addExcludedIPAddressWithNetmask(String address)
address - The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public DERSequence toASN1Object()
toASN1Object in class ASN1Encodablepublic byte[][][] getIPSpaces()
addExcludedIPAddressWithNetmask(String)public String[] getPermittedAddresses()
public String[] getExcludedAddresses()
public static String convert2sr(byte[] src)
public static String[] convert2strings(byte[][] src)
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||