public class ProxyChainInfo
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
private java.security.cert.X509Certificate[] |
chain |
private int |
firstProxy |
private java.lang.Boolean |
limited |
private ProxyPolicy[] |
policy |
private ProxyChainType |
type |
Constructor and Description |
---|
ProxyChainInfo(java.security.cert.X509Certificate[] chain)
Generates new instance of this class using the certificate chain as the source
of the data.
|
Modifier and Type | Method and Description |
---|---|
static byte[][] |
concatArrays(byte[][] first,
byte[][] second)
Concatenates two arrays of arrays bytes.
|
org.bouncycastle.asn1.x509.AttributeCertificate[][] |
getAttributeCertificateExtensions()
Returns the Attribute Certificate extensions from the certificate chain.
|
int |
getFirstProxyPosition() |
ProxyPolicy[] |
getPolicy()
Gets the array of RFC proxy extension policy OID and octets of the
policy.
|
private byte[][][] |
getProxyRestrictions(boolean source)
Goes through the whole proxy chain and collects and combines either
the source restrictions or target restrictions.
|
byte[][][] |
getProxySourceRestrictions()
Gets the proxy source restriction data from the chain.
|
byte[][][] |
getProxyTargetRestrictions()
Gets the proxy target restriction data from the chain.
|
java.lang.String[] |
getProxyTracingIssuers()
Returns an array of URLs of the proxy tracing issuers in
the chain.
|
java.lang.String[] |
getProxyTracingSubjects()
Returns an array of URLs of the proxy tracing subjects in the chain.
|
ProxyChainType |
getProxyType()
The type of the proxy chain chain is returned.
|
int |
getRemainingPathLimit()
Returns the remaining path length of this chain.
|
java.lang.String[] |
getSAMLExtensions()
Returns the SAML extensions from the certificate chain.
|
java.math.BigInteger[] |
getSerialNumbers() |
private java.util.List<java.util.List<byte[]>> |
intersection(byte[][] newSpaces,
java.util.List<byte[]> ipV4Spaces,
java.util.List<byte[]> ipV6Spaces)
Calculates the intersection of the newSpaces and the given lists of
IPv4 and IPv6 namespaces.
|
private boolean |
isHostAllowed(byte[] ipAddress,
byte[][][] restrictions) |
boolean |
isHostAllowedAsSource(byte[] ipAddress)
Checks if the given IP address is allowed as this proxy chain source.
|
boolean |
isHostAllowedAsTarget(byte[] ipAddress)
Checks if the given IP address is allowed as this proxy chain target.
|
boolean |
isLimited()
Used to check whether the proxy chain is limited or not.
|
private java.util.List<java.util.List<byte[]>> |
union(byte[][] newSpaces,
java.util.List<byte[]> ipV4Spaces,
java.util.List<byte[]> ipV6Spaces)
Calculates the union of the newSpaces and the given vectors of IPv4
and IPv6 namespaces.
|
private java.security.cert.X509Certificate[] chain
private int firstProxy
private ProxyChainType type
private ProxyPolicy[] policy
private java.lang.Boolean limited
public ProxyChainInfo(java.security.cert.X509Certificate[] chain) throws java.security.cert.CertificateException
chain
- chain with at least one proxy certificatejava.security.cert.CertificateException
- if there is no proxy certificate in the chain or
if the chain is inconsistent, i.e. after proxy there is a non-proxy certificate.public java.math.BigInteger[] getSerialNumbers()
public ProxyChainType getProxyType() throws java.security.cert.CertificateException
java.security.cert.CertificateException
- certificate exceptionpublic int getFirstProxyPosition()
public boolean isLimited() throws java.security.cert.CertificateException, java.io.IOException
java.security.cert.CertificateException
- certificate exceptionjava.io.IOException
- IO exceptionpublic ProxyPolicy[] getPolicy() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public java.lang.String[] getProxyTracingIssuers() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public java.lang.String[] getProxyTracingSubjects() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public java.lang.String[] getSAMLExtensions() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public org.bouncycastle.asn1.x509.AttributeCertificate[][] getAttributeCertificateExtensions() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public int getRemainingPathLimit() throws java.io.IOException
Notice: negative value means that the chain is invalid as it has passed the limit of delegations. Integer.MAX_INT is returned if there is no path length limit set on the chain.
java.io.IOException
- Thrown in case the parsing of the information failed.public byte[][][] getProxySourceRestrictions() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public byte[][][] getProxyTargetRestrictions() throws java.io.IOException
java.io.IOException
- Thrown in case the parsing of the information failed.public boolean isHostAllowedAsSource(byte[] ipAddress) throws java.io.IOException
ipAddress
- host IPv4 address in 4 elements arrayjava.io.IOException
- Thrown in case the parsing of the information failed.public boolean isHostAllowedAsTarget(byte[] ipAddress) throws java.io.IOException
ipAddress
- host IPv4 address in 4 elements arrayjava.io.IOException
- Thrown in case the parsing of the information failed.private java.util.List<java.util.List<byte[]>> union(byte[][] newSpaces, java.util.List<byte[]> ipV4Spaces, java.util.List<byte[]> ipV6Spaces)
newSpaces
- The namespaces to add.ipV4Spaces
- The old IPv4 spaces.ipV6Spaces
- The old IPv6 spaces.private java.util.List<java.util.List<byte[]>> intersection(byte[][] newSpaces, java.util.List<byte[]> ipV4Spaces, java.util.List<byte[]> ipV6Spaces)
newSpaces
- The namespaces to intersect with.ipV4Spaces
- The old IPv4 spaces.ipV6Spaces
- The old IPv6 spaces.private byte[][][] getProxyRestrictions(boolean source) throws java.io.IOException
source
- true if source extensions are to be collected. False
if target extensions are to be collected.java.io.IOException
- Thrown in case a certificate parsing fails.private boolean isHostAllowed(byte[] ipAddress, byte[][][] restrictions) throws java.io.IOException
java.io.IOException
public static byte[][] concatArrays(byte[][] first, byte[][] second)
first
- The array of arrays to begin with.second
- The array of arrays to end with.