107 * <p>
108 * Note that the {@code names} parameter can contain duplicate
109 * distinguished names, but they may be removed from the
110 * {@code Collection} of names returned by the
111 * {@link #getIssuers getIssuers} method.
112 * <p>
113 * Note that a copy is performed on the {@code Collection} to
114 * protect against subsequent modifications.
115 *
116 * @param issuers a {@code Collection} of X500Principals
117 * (or {@code null})
118 * @see #getIssuers
119 * @since 1.5
120 */
121 public void setIssuers(Collection<X500Principal> issuers) {
122 if ((issuers == null) || issuers.isEmpty()) {
123 issuerNames = null;
124 issuerX500Principals = null;
125 } else {
126 // clone
127 issuerX500Principals = new HashSet<X500Principal>(issuers);
128 issuerNames = new HashSet<Object>();
129 for (X500Principal p : issuerX500Principals) {
130 issuerNames.add(p.getEncoded());
131 }
132 }
133 }
134
135 /**
136 * <strong>Note:</strong> use {@linkplain #setIssuers(Collection)} instead
137 * or only specify the byte array form of distinguished names when using
138 * this method. See {@link #addIssuerName(String)} for more information.
139 * <p>
140 * Sets the issuerNames criterion. The issuer distinguished name in the
141 * {@code X509CRL} must match at least one of the specified
142 * distinguished names. If {@code null}, any issuer distinguished name
143 * will do.
144 * <p>
145 * This method allows the caller to specify, with a single method call,
146 * the complete set of issuer names which {@code X509CRLs} may contain.
147 * The specified value replaces the previous value for the issuerNames
148 * criterion.
271 * @param name a byte array containing the name in ASN.1 DER encoded form
272 * @throws IOException if a parsing error occurs
273 */
274 public void addIssuerName(byte[] name) throws IOException {
275 // clone because byte arrays are modifiable
276 addIssuerNameInternal(name.clone(), new X500Name(name).asX500Principal());
277 }
278
279 /**
280 * A private method that adds a name (String or byte array) to the
281 * issuerNames criterion. The issuer distinguished
282 * name in the {@code X509CRL} must match at least one of the specified
283 * distinguished names.
284 *
285 * @param name the name in string or byte array form
286 * @param principal the name in X500Principal form
287 * @throws IOException if a parsing error occurs
288 */
289 private void addIssuerNameInternal(Object name, X500Principal principal) {
290 if (issuerNames == null) {
291 issuerNames = new HashSet<Object>();
292 }
293 if (issuerX500Principals == null) {
294 issuerX500Principals = new HashSet<X500Principal>();
295 }
296 issuerNames.add(name);
297 issuerX500Principals.add(principal);
298 }
299
300 /**
301 * Clone and check an argument of the form passed to
302 * setIssuerNames. Throw an IOException if the argument is malformed.
303 *
304 * @param names a {@code Collection} of names. Each entry is a
305 * String or a byte array (the name, in string or ASN.1
306 * DER encoded form, respectively). {@code null} is
307 * not an acceptable value.
308 * @return a deep copy of the specified {@code Collection}
309 * @throws IOException if a parsing error occurs
310 */
311 private static HashSet<Object> cloneAndCheckIssuerNames(Collection<?> names)
312 throws IOException
313 {
314 HashSet<Object> namesCopy = new HashSet<Object>();
315 Iterator<?> i = names.iterator();
316 while (i.hasNext()) {
317 Object nameObject = i.next();
318 if (!(nameObject instanceof byte []) &&
319 !(nameObject instanceof String))
320 throw new IOException("name not byte array or String");
321 if (nameObject instanceof byte [])
322 namesCopy.add(((byte []) nameObject).clone());
323 else
324 namesCopy.add(nameObject);
325 }
326 return(namesCopy);
327 }
328
329 /**
330 * Clone an argument of the form passed to setIssuerNames.
331 * Throw a RuntimeException if the argument is malformed.
332 * <p>
333 * This method wraps cloneAndCheckIssuerNames, changing any IOException
334 * into a RuntimeException. This method should be used when the object being
346 return cloneAndCheckIssuerNames(names);
347 } catch (IOException ioe) {
348 throw new RuntimeException(ioe);
349 }
350 }
351
352 /**
353 * Parse an argument of the form passed to setIssuerNames,
354 * returning a Collection of issuerX500Principals.
355 * Throw an IOException if the argument is malformed.
356 *
357 * @param names a {@code Collection} of names. Each entry is a
358 * String or a byte array (the name, in string or ASN.1
359 * DER encoded form, respectively). <Code>Null</Code> is
360 * not an acceptable value.
361 * @return a HashSet of issuerX500Principals
362 * @throws IOException if a parsing error occurs
363 */
364 private static HashSet<X500Principal> parseIssuerNames(Collection<Object> names)
365 throws IOException {
366 HashSet<X500Principal> x500Principals = new HashSet<X500Principal>();
367 for (Iterator<Object> t = names.iterator(); t.hasNext(); ) {
368 Object nameObject = t.next();
369 if (nameObject instanceof String) {
370 x500Principals.add(new X500Name((String)nameObject).asX500Principal());
371 } else {
372 try {
373 x500Principals.add(new X500Principal((byte[])nameObject));
374 } catch (IllegalArgumentException e) {
375 throw (IOException)new IOException("Invalid name").initCause(e);
376 }
377 }
378 }
379 return x500Principals;
380 }
381
382 /**
383 * Sets the minCRLNumber criterion. The {@code X509CRL} must have a
384 * CRL number extension whose value is greater than or equal to the
385 * specified value. If {@code null}, no minCRLNumber check will be
386 * done.
684 if (debug != null) {
685 debug.println("X509CRLSelector.match: update out of range");
686 }
687 return false;
688 }
689 }
690
691 return true;
692 }
693
694 /**
695 * Returns a copy of this object.
696 *
697 * @return the copy
698 */
699 public Object clone() {
700 try {
701 X509CRLSelector copy = (X509CRLSelector)super.clone();
702 if (issuerNames != null) {
703 copy.issuerNames =
704 new HashSet<Object>(issuerNames);
705 copy.issuerX500Principals =
706 new HashSet<X500Principal>(issuerX500Principals);
707 }
708 return copy;
709 } catch (CloneNotSupportedException e) {
710 /* Cannot happen */
711 throw new InternalError(e.toString(), e);
712 }
713 }
714 }
|
107 * <p>
108 * Note that the {@code names} parameter can contain duplicate
109 * distinguished names, but they may be removed from the
110 * {@code Collection} of names returned by the
111 * {@link #getIssuers getIssuers} method.
112 * <p>
113 * Note that a copy is performed on the {@code Collection} to
114 * protect against subsequent modifications.
115 *
116 * @param issuers a {@code Collection} of X500Principals
117 * (or {@code null})
118 * @see #getIssuers
119 * @since 1.5
120 */
121 public void setIssuers(Collection<X500Principal> issuers) {
122 if ((issuers == null) || issuers.isEmpty()) {
123 issuerNames = null;
124 issuerX500Principals = null;
125 } else {
126 // clone
127 issuerX500Principals = new HashSet<>(issuers);
128 issuerNames = new HashSet<>();
129 for (X500Principal p : issuerX500Principals) {
130 issuerNames.add(p.getEncoded());
131 }
132 }
133 }
134
135 /**
136 * <strong>Note:</strong> use {@linkplain #setIssuers(Collection)} instead
137 * or only specify the byte array form of distinguished names when using
138 * this method. See {@link #addIssuerName(String)} for more information.
139 * <p>
140 * Sets the issuerNames criterion. The issuer distinguished name in the
141 * {@code X509CRL} must match at least one of the specified
142 * distinguished names. If {@code null}, any issuer distinguished name
143 * will do.
144 * <p>
145 * This method allows the caller to specify, with a single method call,
146 * the complete set of issuer names which {@code X509CRLs} may contain.
147 * The specified value replaces the previous value for the issuerNames
148 * criterion.
271 * @param name a byte array containing the name in ASN.1 DER encoded form
272 * @throws IOException if a parsing error occurs
273 */
274 public void addIssuerName(byte[] name) throws IOException {
275 // clone because byte arrays are modifiable
276 addIssuerNameInternal(name.clone(), new X500Name(name).asX500Principal());
277 }
278
279 /**
280 * A private method that adds a name (String or byte array) to the
281 * issuerNames criterion. The issuer distinguished
282 * name in the {@code X509CRL} must match at least one of the specified
283 * distinguished names.
284 *
285 * @param name the name in string or byte array form
286 * @param principal the name in X500Principal form
287 * @throws IOException if a parsing error occurs
288 */
289 private void addIssuerNameInternal(Object name, X500Principal principal) {
290 if (issuerNames == null) {
291 issuerNames = new HashSet<>();
292 }
293 if (issuerX500Principals == null) {
294 issuerX500Principals = new HashSet<>();
295 }
296 issuerNames.add(name);
297 issuerX500Principals.add(principal);
298 }
299
300 /**
301 * Clone and check an argument of the form passed to
302 * setIssuerNames. Throw an IOException if the argument is malformed.
303 *
304 * @param names a {@code Collection} of names. Each entry is a
305 * String or a byte array (the name, in string or ASN.1
306 * DER encoded form, respectively). {@code null} is
307 * not an acceptable value.
308 * @return a deep copy of the specified {@code Collection}
309 * @throws IOException if a parsing error occurs
310 */
311 private static HashSet<Object> cloneAndCheckIssuerNames(Collection<?> names)
312 throws IOException
313 {
314 HashSet<Object> namesCopy = new HashSet<>();
315 Iterator<?> i = names.iterator();
316 while (i.hasNext()) {
317 Object nameObject = i.next();
318 if (!(nameObject instanceof byte []) &&
319 !(nameObject instanceof String))
320 throw new IOException("name not byte array or String");
321 if (nameObject instanceof byte [])
322 namesCopy.add(((byte []) nameObject).clone());
323 else
324 namesCopy.add(nameObject);
325 }
326 return(namesCopy);
327 }
328
329 /**
330 * Clone an argument of the form passed to setIssuerNames.
331 * Throw a RuntimeException if the argument is malformed.
332 * <p>
333 * This method wraps cloneAndCheckIssuerNames, changing any IOException
334 * into a RuntimeException. This method should be used when the object being
346 return cloneAndCheckIssuerNames(names);
347 } catch (IOException ioe) {
348 throw new RuntimeException(ioe);
349 }
350 }
351
352 /**
353 * Parse an argument of the form passed to setIssuerNames,
354 * returning a Collection of issuerX500Principals.
355 * Throw an IOException if the argument is malformed.
356 *
357 * @param names a {@code Collection} of names. Each entry is a
358 * String or a byte array (the name, in string or ASN.1
359 * DER encoded form, respectively). <Code>Null</Code> is
360 * not an acceptable value.
361 * @return a HashSet of issuerX500Principals
362 * @throws IOException if a parsing error occurs
363 */
364 private static HashSet<X500Principal> parseIssuerNames(Collection<Object> names)
365 throws IOException {
366 HashSet<X500Principal> x500Principals = new HashSet<>();
367 for (Iterator<Object> t = names.iterator(); t.hasNext(); ) {
368 Object nameObject = t.next();
369 if (nameObject instanceof String) {
370 x500Principals.add(new X500Name((String)nameObject).asX500Principal());
371 } else {
372 try {
373 x500Principals.add(new X500Principal((byte[])nameObject));
374 } catch (IllegalArgumentException e) {
375 throw (IOException)new IOException("Invalid name").initCause(e);
376 }
377 }
378 }
379 return x500Principals;
380 }
381
382 /**
383 * Sets the minCRLNumber criterion. The {@code X509CRL} must have a
384 * CRL number extension whose value is greater than or equal to the
385 * specified value. If {@code null}, no minCRLNumber check will be
386 * done.
684 if (debug != null) {
685 debug.println("X509CRLSelector.match: update out of range");
686 }
687 return false;
688 }
689 }
690
691 return true;
692 }
693
694 /**
695 * Returns a copy of this object.
696 *
697 * @return the copy
698 */
699 public Object clone() {
700 try {
701 X509CRLSelector copy = (X509CRLSelector)super.clone();
702 if (issuerNames != null) {
703 copy.issuerNames =
704 new HashSet<>(issuerNames);
705 copy.issuerX500Principals =
706 new HashSet<>(issuerX500Principals);
707 }
708 return copy;
709 } catch (CloneNotSupportedException e) {
710 /* Cannot happen */
711 throw new InternalError(e.toString(), e);
712 }
713 }
714 }
|