public class ProxyAddressRestrictionData extends ASN1Encodable
iGTFProxyRestrictFrom ::= NameConstraints
iGTFProxyRestrictTarget ::= NameConstraints
NameConstraints::= SEQUENCE {
permittedSubtrees [0] GeneralSubtrees OPTIONAL,
excludedSubtrees [1] GeneralSubtrees OPTIONAL }
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
GeneralSubtree ::= SEQUENCE {
base GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL }
BaseDistance ::= INTEGER (0..MAX)
GeneralName ::= CHOICE {
otherName [0] OtherName,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER }
OtherName ::= SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT ANY DEFINED BY type-id }
EDIPartyName ::= SEQUENCE {
nameAssigner [0] DirectoryString OPTIONAL,
partyName [1] DirectoryString }
And in this class only the IPAddress as a IP address - netmask combination is
supported.| Modifier and Type | Field and Description |
|---|---|
static String |
SOURCE_RESTRICTION_OID |
static String |
TARGET_RESTRICTION_OID |
BER, DER| Constructor and Description |
|---|
ProxyAddressRestrictionData()
Constructor to generate an empty ProxyRestrictionData object for
creating new restrictions.
|
ProxyAddressRestrictionData(byte[] bytes)
Parses the restriction data from byte array.
|
| Modifier and Type | Method and Description |
|---|---|
void |
addExcludedIPAddressWithNetmask(String address)
Adds a new excluded IP addressSpace to the data structure.
|
void |
addPermittedIPAddressWithNetmask(String address)
Adds a new permitted IP addressSpace to the data structure.
|
static String |
convert2sr(byte[] src) |
static String[] |
convert2strings(byte[][] src) |
String[] |
getExcludedAddresses() |
static ProxyAddressRestrictionData |
getInstance(X509Certificate certificate,
boolean source)
Creates an instance of the extension of the given type from a certificate.
|
byte[][][] |
getIPSpaces()
Returns a Vector of Vectors of IP address spaces as defined in rfc
4632.
|
String[] |
getPermittedAddresses() |
DERSequence |
toASN1Object()
Returns the NameConstraints structure of the restrictions.
|
equals, getDEREncoded, getDERObject, getEncoded, getEncoded, hashCodepublic static final String SOURCE_RESTRICTION_OID
public static final String TARGET_RESTRICTION_OID
public ProxyAddressRestrictionData(byte[] bytes)
throws IOException
bytes - The byte array to parse.IOException - In case there is a problem parsing the structure.public ProxyAddressRestrictionData()
public static ProxyAddressRestrictionData getInstance(X509Certificate certificate, boolean source) throws IOException
certificate - source - whether to create object representing the source restriction (if true) or target (if value is false).IOExceptionpublic void addPermittedIPAddressWithNetmask(String address)
address - The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public void addExcludedIPAddressWithNetmask(String address)
address - The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public DERSequence toASN1Object()
toASN1Object in class ASN1Encodablepublic byte[][][] getIPSpaces()
addExcludedIPAddressWithNetmask(String)public String[] getPermittedAddresses()
public String[] getExcludedAddresses()
public static String convert2sr(byte[] src)
public static String[] convert2strings(byte[][] src)
Copyright © 2012-2014 European Middleware Initiative. All Rights Reserved.