Package org.italiangrid.voms.asn1
Class VOMSACUtils
- java.lang.Object
-
- org.italiangrid.voms.asn1.VOMSACUtils
-
- All Implemented Interfaces:
VOMSConstants
public class VOMSACUtils extends java.lang.Object implements VOMSConstants
A set of VOMS AC handling utilities.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
POLICY_AUTHORITY_SEP
-
Fields inherited from interface org.italiangrid.voms.asn1.VOMSConstants
VOMS_CERTS_OID, VOMS_EXTENSION_OID, VOMS_FQANS_OID, VOMS_GENERIC_ATTRS_OID, VOMS_HANDLED_EXTENSIONS
-
-
Constructor Summary
Constructors Modifier Constructor Description private
VOMSACUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description private static java.security.cert.X509Certificate[]
deserializeACCerts(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
Deserializes the VOMS ACCerts extensionprivate static java.util.List<java.lang.String>
deserializeACTargets(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
private static java.util.List<java.lang.String>
deserializeFQANs(org.bouncycastle.asn1.x509.IetfAttrSyntax attr)
Deserializes the FQANs contained in aIetfAttrSyntax
objectprivate static java.util.List<VOMSGenericAttribute>
deserializeGAs(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
Deserializes the VOMS generic attributesstatic java.util.List<VOMSAttribute>
deserializeVOMSAttributes(java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate> acs)
Deserializes the information in a list of VOMS attribute certificates.static VOMSAttribute
deserializeVOMSAttributes(org.bouncycastle.asn1.x509.AttributeCertificate ac)
Deserializes the information in a VOMS attribute certificate.static java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate>
getACsFromCertificate(java.security.cert.X509Certificate cert)
Deserializes the VOMS Attribute certificates, if present, in a given certificate passed as argumentstatic java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate>
getACsFromVOMSExtension(byte[] vomsExtension)
Deserializes the VOMS Attribute certificates in a given certificate extensionstatic byte[]
getVOMSExtensionFromCertificate(java.security.cert.X509Certificate cert)
Returns the VOMS extension, if present, in a given certificateprivate static java.lang.String
policyAuthoritySanityChecks(org.bouncycastle.asn1.x509.IetfAttrSyntax attr)
Peforms some sanity checks on the format of the policy authority field found in a VOMS extension.private static void
raiseACNonConformantError(java.lang.String errorString)
-
-
-
Field Detail
-
POLICY_AUTHORITY_SEP
public static final java.lang.String POLICY_AUTHORITY_SEP
- See Also:
- Constant Field Values
-
-
Method Detail
-
getVOMSExtensionFromCertificate
public static byte[] getVOMSExtensionFromCertificate(java.security.cert.X509Certificate cert)
Returns the VOMS extension, if present, in a given certificate- Parameters:
cert
- theX509Certificate
where the extension will be searched- Returns:
- the DER-encoded octet string of the extension value or null if it is not present.
-
getACsFromVOMSExtension
public static java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate> getACsFromVOMSExtension(byte[] vomsExtension) throws java.io.IOException
Deserializes the VOMS Attribute certificates in a given certificate extension- Parameters:
vomsExtension
- the VOMS extension- Returns:
- the possibly empty
List
ofAttributeCertificate
extracted from a given extension - Throws:
java.io.IOException
- in case of deserialization errors
-
getACsFromCertificate
public static java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate> getACsFromCertificate(java.security.cert.X509Certificate cert) throws java.io.IOException
Deserializes the VOMS Attribute certificates, if present, in a given certificate passed as argument- Parameters:
cert
- theX509Certificate
where the ACs will be searched- Returns:
- the possibly empty
List
ofAttributeCertificate
objects extracted from the VOMS extension - Throws:
java.io.IOException
- in case of deserialization errors
-
deserializeFQANs
private static java.util.List<java.lang.String> deserializeFQANs(org.bouncycastle.asn1.x509.IetfAttrSyntax attr)
Deserializes the FQANs contained in aIetfAttrSyntax
object- Parameters:
attr
- theIetfAttrSyntax
attribute syntax object containing the VOMS extension- Returns:
- a
List
of FQANs
-
deserializeACTargets
private static java.util.List<java.lang.String> deserializeACTargets(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
-
raiseACNonConformantError
private static void raiseACNonConformantError(java.lang.String errorString)
-
policyAuthoritySanityChecks
private static java.lang.String policyAuthoritySanityChecks(org.bouncycastle.asn1.x509.IetfAttrSyntax attr)
Peforms some sanity checks on the format of the policy authority field found in a VOMS extension. The enforced format is: vo://host:port- Parameters:
attr
- theIetfAttrSyntax
attribute syntax object containing the VOMS extension- Returns:
- the validated policy authority as a
String
-
deserializeVOMSAttributes
public static java.util.List<VOMSAttribute> deserializeVOMSAttributes(java.util.List<org.bouncycastle.asn1.x509.AttributeCertificate> acs)
Deserializes the information in a list of VOMS attribute certificates.- Parameters:
acs
- aList
of VOMS acs- Returns:
- a possibly empty list of
VOMSAttribute
-
deserializeVOMSAttributes
public static VOMSAttribute deserializeVOMSAttributes(org.bouncycastle.asn1.x509.AttributeCertificate ac)
Deserializes the information in a VOMS attribute certificate.- Parameters:
ac
- a VOMSAttributeCertificate
- Returns:
- a
VOMSAttribute
object which provides more convenient access to the VOMS authorization information
-
deserializeGAs
private static java.util.List<VOMSGenericAttribute> deserializeGAs(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
Deserializes the VOMS generic attributes- Parameters:
ac
- the VOMSX509AttributeCertificateHolder
- Returns:
- the
List
ofVOMSGenericAttribute
contained in the ac
-
deserializeACCerts
private static java.security.cert.X509Certificate[] deserializeACCerts(org.bouncycastle.cert.X509AttributeCertificateHolder ac)
Deserializes the VOMS ACCerts extension- Parameters:
ac
- the VOMSX509AttributeCertificateHolder
- Returns:
- the parsed array of
X509Certificate
-
-