Package eu.emi.security.authn.x509.helpers.proxy

Class ProxyTracingExtension

java.lang.Object
org.bouncycastle.asn1.ASN1Object
eu.emi.security.authn.x509.helpers.proxy.ProxyTracingExtension
All Implemented Interfaces:
org.bouncycastle.asn1.ASN1Encodable, org.bouncycastle.util.Encodable
public class ProxyTracingExtension extends org.bouncycastle.asn1.ASN1Object
A class for generating and parsing the proxy tracing extensions.
See OIDProxyDelegationTracing documentation.
The proxy tracing extension format is below. It is used to trace the proxy delegation chain by putting in each proxy the url of the service accepting the delegation and the url of the client initiating it. Often the delegation is from service to service, in which case it is easy to use the url of the service. If the initiator of the delegation is a user, then the client should put an url containing the client program as the scheme, the host name or IP address and possibly the username as the path.
At the moment only the URI is supported. 
  iGTFProxyTracingIssuerName ::= GeneralNames
  iGTFProxyTracingSubjectName ::= GeneralNames
  
  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
  
  GeneralName ::= CHOICE {
           otherName                       [0]     OtherName,
           rfc822Name                      [1]     IA5String,
           dNSName                         [2]     IA5String,
           x400Address                     [3]     ORAddress,
           directoryName                   [4]     Name,
           ediPartyName                    [5]     EDIPartyName,
           uniformResourceIdentifier       [6]     IA5String,
           iPAddress                       [7]     OCTET STRING,
           registeredID                    [8]     OBJECT IDENTIFIER}
  
  OtherName ::= SEQUENCE {
           type-id    OBJECT IDENTIFIER,
           value      [0] EXPLICIT ANY DEFINED BY type-id }
  
  EDIPartyName ::= SEQUENCE {
           nameAssigner            [0]     DirectoryString OPTIONAL,
           partyName               [1]     DirectoryString }
  
  DirectoryString ::= CHOICE {
     teletexString           TeletexString (SIZE (1..maxSize),
     printableString         PrintableString (SIZE (1..maxSize)),
     universalString         UniversalString (SIZE (1..maxSize)),
     bmpString               BMPString (SIZE(1..maxSIZE))
  }
Author:
joni.hahkala@cern.ch, K. Benedyczak

  • Field Details

    • PROXY_TRACING_ISSUER_EXTENSION_OID

      public static final String PROXY_TRACING_ISSUER_EXTENSION_OID
      The OID to identify issuer proxy tracing extension.
      See Also:

    • PROXY_TRACING_SUBJECT_EXTENSION_OID

      public static final String PROXY_TRACING_SUBJECT_EXTENSION_OID
      The OID to identify subject proxy tracing extension.
      See Also:

    • ISSUER_EXTENSION

      public static final int ISSUER_EXTENSION
      The OID to identify issuer proxy tracing type.
      See Also:

    • SUBJECT_EXTENSION

      public static final int SUBJECT_EXTENSION
      The OID to identify issuer proxy tracing type.
      See Also:

  • Constructor Details

    • ProxyTracingExtension

      public ProxyTracingExtension(String url)
      Generates a new proxy tracing item from the URL.
      Parameters:
      url - The URL to identify the issuer or the subject.

    • ProxyTracingExtension

      public ProxyTracingExtension(byte[] bytes) throws IOException
      Parses the information in the byte array (GeneralNames ASN1 sequence of GeneralName) into a proxy tracing extension object.
      Parameters:
      bytes - The bytes of ASN1 encoded proxy tracing extension.
      Throws:
      IOException - In case the byte array does not contain a valid ASN1 encoded proxy tracing extension.

  • Method Details

    • getInstance

      public static ProxyTracingExtension getInstance(X509Certificate cert, boolean issuer) throws IOException
      Returns the URL of the proxy tracing issuer if present.
      Parameters:
      cert - certificate
      issuer - issuer
      Returns:
      The proxy tracing issuer URL in String format, or null if no extension was found or it was empty.
      Throws:
      IOException - Thrown in case the parsing of the information failed.

    • getURL

      public String getURL()
      Returns the URL inside the proxy tracing data structure.
      Returns:
      The URL in String format.

    • getNames

      public org.bouncycastle.asn1.x509.GeneralNames getNames()
      Returns the general names structure that holds the trace information.
      Returns:
      The generalNames object that has the trace information.

    • toASN1Primitive

      public org.bouncycastle.asn1.ASN1Primitive toASN1Primitive()
      Specified by:
      toASN1Primitive in interface org.bouncycastle.asn1.ASN1Encodable
      Specified by:
      toASN1Primitive in class org.bouncycastle.asn1.ASN1Object