• Home
• no.difi.commons
• commons-certvalidator
• 2.0.4
• source code
• CriticalExtensionRequiredRule.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

no.difi.certvalidator.rule.CriticalExtensionRequiredRule Maven / Gradle / Ivy

package no.difi.certvalidator.rule;

import no.difi.certvalidator.api.CertificateValidationException;
import no.difi.certvalidator.api.FailedValidationException;
import no.difi.certvalidator.api.ValidatorRule;

import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Set;


public class CriticalExtensionRequiredRule implements ValidatorRule {

    private List requiredExtensions;

    public CriticalExtensionRequiredRule(String... requiredExtensions) {
        this.requiredExtensions = Arrays.asList(requiredExtensions);
    }

    /**
     * {@inheritDoc}
     */
    @Override
    public void validate(X509Certificate certificate) throws CertificateValidationException {
        Set oids = certificate.getCriticalExtensionOIDs();

        if(oids == null)
            throw new FailedValidationException("Certificate doesn't contain critical OIDs.");

        for (String oid : requiredExtensions)
            if (!oids.contains(oid))
                throw new FailedValidationException(String.format("Certificate doesn't contain critical OID '%s'.", oid));
    }
 }