|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.bouncycastle.asn1.ASN1Encodable
eu.emi.security.authn.x509.helpers.proxy.ProxyAddressRestrictionData
public class ProxyAddressRestrictionData
An utility class for defining the allowed address space, used both to define the source and target restrictions. The format is:
iGTFProxyRestrictFrom ::= NameConstraints iGTFProxyRestrictTarget ::= NameConstraints NameConstraints::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL } GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER (0..MAX) GeneralName ::= CHOICE { otherName [0] OtherName, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id } EDIPartyName ::= SEQUENCE { nameAssigner [0] DirectoryString OPTIONAL, partyName [1] DirectoryString }And in this class only the IPAddress as a IP address - netmask combination is supported.
Field Summary | |
---|---|
static String |
SOURCE_RESTRICTION_OID
|
static String |
TARGET_RESTRICTION_OID
|
Fields inherited from class org.bouncycastle.asn1.ASN1Encodable |
---|
BER, DER |
Constructor Summary | |
---|---|
ProxyAddressRestrictionData()
Constructor to generate an empty ProxyRestrictionData object for creating new restrictions. |
|
ProxyAddressRestrictionData(byte[] bytes)
Parses the restriction data from byte array. |
Method Summary | |
---|---|
void |
addExcludedIPAddressWithNetmask(String address)
Adds a new excluded IP addressSpace to the data structure. |
void |
addPermittedIPAddressWithNetmask(String address)
Adds a new permitted IP addressSpace to the data structure. |
static String |
convert2sr(byte[] src)
|
static String[] |
convert2strings(byte[][] src)
|
String[] |
getExcludedAddresses()
|
static ProxyAddressRestrictionData |
getInstance(X509Certificate certificate,
boolean source)
Creates an instance of the extension of the given type from a certificate. |
byte[][][] |
getIPSpaces()
Returns a Vector of Vectors of IP address spaces as defined in rfc 4632. |
String[] |
getPermittedAddresses()
|
DERSequence |
toASN1Object()
Returns the NameConstraints structure of the restrictions. |
Methods inherited from class org.bouncycastle.asn1.ASN1Encodable |
---|
equals, getDEREncoded, getDERObject, getEncoded, getEncoded, hashCode |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String SOURCE_RESTRICTION_OID
public static final String TARGET_RESTRICTION_OID
Constructor Detail |
---|
public ProxyAddressRestrictionData(byte[] bytes) throws IOException
bytes
- The byte array to parse.
IOException
- In case there is a problem parsing the structure.public ProxyAddressRestrictionData()
Method Detail |
---|
public static ProxyAddressRestrictionData getInstance(X509Certificate certificate, boolean source) throws IOException
certificate
- source
- whether to create object representing the source restriction (if true) or target (if value is false).
IOException
public void addPermittedIPAddressWithNetmask(String address)
address
- The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public void addExcludedIPAddressWithNetmask(String address)
address
- The address space to add to the allowed ip address
space. Example of the format: 192.168.0.0/16. Which
equals a 192.168.0.0 with a net mask 255.255.0.0. A
single IP address can be defined as
xxx.xxx.xxx.xxx/32. public DERSequence toASN1Object()
toASN1Object
in class ASN1Encodable
public byte[][][] getIPSpaces()
addExcludedIPAddressWithNetmask(String)
public String[] getPermittedAddresses()
public String[] getExcludedAddresses()
public static String convert2sr(byte[] src)
public static String[] convert2strings(byte[][] src)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |