Class ProxyCSRInfo


  • public class ProxyCSRInfo
    extends java.lang.Object
    A class to get the information from the proxy certificate request.
    • Field Detail

      • csr

        private org.bouncycastle.pkcs.PKCS10CertificationRequest csr
      • samlAssertion

        private java.lang.String samlAssertion
      • proxyExtOid

        private java.lang.String proxyExtOid
      • tracingSubject

        private java.lang.String tracingSubject
      • tracingIssuer

        private java.lang.String tracingIssuer
      • sourceRestrictions

        private java.lang.String[][] sourceRestrictions
      • targetRestrictions

        private java.lang.String[][] targetRestrictions
    • Constructor Detail

      • ProxyCSRInfo

        public ProxyCSRInfo​(org.bouncycastle.pkcs.PKCS10CertificationRequest csr)
                     throws java.security.cert.CertificateException
        Generates new instance of this class using the Certificate Signing Request
        Parameters:
        csr - certificate signing request
        Throws:
        java.security.cert.CertificateException - if the Certificate Signing Request is invalid
    • Method Detail

      • getProxyType

        public ProxyType getProxyType()
        The type of the proxy certificate requested is returned or null if can not be determined. In principle the null response means that the DN is not a valid LEGACY proxy DN, and that either RFC or DRAFT proxy should be generated.
        Returns:
        the proxy type
      • getLastCN

        private java.lang.String getLastCN()
                                    throws java.lang.IllegalArgumentException,
                                           java.io.IOException
        Throws:
        java.lang.IllegalArgumentException
        java.io.IOException
      • isLimited

        public java.lang.Boolean isLimited()
        Used to check whether the Certificate Signing Request is for a limited proxy or not.
        Returns:
        null if not set
      • getPolicy

        public ProxyPolicy getPolicy()
        Gets the requested RFC proxy extension policy OID and octets of the policy. See RFC3820. Policy can be null in case the OID in it self defines the behavior, like with "inherit all" policy or "independent" policy.
        Returns:
        the requested policy or null if not set
      • getProxyTracingIssuer

        public java.lang.String getProxyTracingIssuer()
        Returns an requested URL of the proxy tracing issuer.
        Returns:
        The proxy tracing issuer URL in String format, or null if was not requested.
      • getProxyTracingSubject

        public java.lang.String getProxyTracingSubject()
        Returns a requested URL of the proxy tracing subject.
        Returns:
        The proxy tracing subject URL in String format, or null if was not requested.
      • getSAMLExtension

        public java.lang.String getSAMLExtension()
        Returns the SAML extension from the certificate chain.
        Returns:
        The SAML assertion in String format or null if not set
      • getProxyPathLimit

        public java.lang.Integer getProxyPathLimit()
        Returns the proxy path length limit set in the Certificate Signing Request. Returns an Integer.MAX_VALUE value if length is set to be unlimited.
        Returns:
        the requested proxy path length.
      • getProxySourceRestrictions

        public java.lang.String[][] getProxySourceRestrictions()
        Gets the proxy source restriction data from the Certificate Signing Request. The returned array has as the first item the array of allowed namespaces and as the second item the array of excluded namespaces.
        Returns:
        null if the extension was not set
      • getProxyTargetRestrictions

        public java.lang.String[][] getProxyTargetRestrictions()
        Gets the proxy target restriction data from the Certificate Signing Request. The returned array has as the first item the array of allowed namespaces and as the second item the array of excluded namespaces.
        Returns:
        null if the extension was not set
      • parseRequestedExtensions

        private void parseRequestedExtensions()
                                       throws java.io.IOException
        Throws:
        java.io.IOException
      • handleRequestedExtension

        private void handleRequestedExtension​(CertificateExtension ext)
                                       throws java.io.IOException
        Throws:
        java.io.IOException