All Downloads are FREE. Search and download functionalities are using the official Maven repository.

no.difi.certvalidator.rule.CriticalExtensionRequiredRule Maven / Gradle / Ivy

There is a newer version: 2.2.1
Show newest version
package no.difi.certvalidator.rule;

import no.difi.certvalidator.api.CertificateValidationException;
import no.difi.certvalidator.api.FailedValidationException;

import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Set;


public class CriticalExtensionRequiredRule extends AbstractRule {

    private List requiredExtensions;

    public CriticalExtensionRequiredRule(String... requiredExtensions) {
        this.requiredExtensions = Arrays.asList(requiredExtensions);
    }

    /**
     * {@inheritDoc}
     */
    @Override
    public void validate(X509Certificate certificate) throws CertificateValidationException {
        Set oids = certificate.getCriticalExtensionOIDs();

        if (oids == null)
            throw new FailedValidationException("Certificate doesn't contain critical OIDs.");

        for (String oid : requiredExtensions)
            if (!oids.contains(oid))
                throw new FailedValidationException(String.format("Certificate doesn't contain critical OID '%s'.", oid));
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy