Index: modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CRLImplTest.java =================================================================== --- modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CRLImplTest.java (revision 452371) +++ modules/security/src/test/impl/java/org/apache/harmony/security/tests/provider/cert/X509CRLImplTest.java (working copy) @@ -51,12 +51,16 @@ import org.apache.harmony.security.x509.Certificate; import org.apache.harmony.security.x509.CertificateIssuer; import org.apache.harmony.security.x509.CertificateList; +import org.apache.harmony.security.x509.CRLNumber; +import org.apache.harmony.security.x509.DistributionPointName; import org.apache.harmony.security.x509.Extension; import org.apache.harmony.security.x509.Extensions; import org.apache.harmony.security.x509.GeneralName; import org.apache.harmony.security.x509.GeneralNames; +import org.apache.harmony.security.x509.IssuingDistributionPoint; import org.apache.harmony.security.x509.InvalidityDate; import org.apache.harmony.security.x509.ReasonCode; +import org.apache.harmony.security.x509.ReasonFlags; import org.apache.harmony.security.x509.SubjectPublicKeyInfo; import org.apache.harmony.security.x509.TBSCertList; import org.apache.harmony.security.x509.TBSCertificate; @@ -135,9 +139,8 @@ crlExtensions = new Extensions( Arrays.asList(new Extension[] { // CRL Number Extension - new Extension("2.5.29.20", - ASN1Integer.getInstance().encode( - BigInteger.valueOf(4444).toByteArray())), + new Extension("2.5.29.20", Extension.NON_CRITICAL, + new CRLNumber(BigInteger.valueOf(4444))), // Authority Key Identifier new Extension("2.5.29.35", false, new AuthorityKeyIdentifier( @@ -150,6 +153,20 @@ })), // authorityCertSerialNumber certSerialNumber2)), + // Issuing Distribution Point + new Extension("2.5.29.28", Extension.CRITICAL, + new IssuingDistributionPoint( + new DistributionPointName(new GeneralNames( + Arrays.asList(new GeneralName[] { + new GeneralName(1, "rfc@822.Name"), + new GeneralName(2, "dNSName"), + new GeneralName(4, "O=Organization"), + new GeneralName(6, "http://uniform.Resource.Id"), + new GeneralName(7, "255.255.255.0"), + new GeneralName(8, "1.2.3.4444.55555") + }))), + new ReasonFlags(new boolean[] {true, true, false, false, true, true}) + )), })); } catch (Exception e) { e.printStackTrace(); Index: modules/security/src/main/java/common/org/apache/harmony/security/x509/IssuingDistributionPoint.java =================================================================== --- modules/security/src/main/java/common/org/apache/harmony/security/x509/IssuingDistributionPoint.java (revision 452371) +++ modules/security/src/main/java/common/org/apache/harmony/security/x509/IssuingDistributionPoint.java (working copy) @@ -21,6 +21,7 @@ import org.apache.harmony.security.asn1.BerInputStream; import org.apache.harmony.security.asn1.ASN1Boolean; +import org.apache.harmony.security.asn1.ASN1Explicit; import org.apache.harmony.security.asn1.ASN1Implicit; import org.apache.harmony.security.asn1.ASN1Sequence; import org.apache.harmony.security.asn1.ASN1Type; @@ -64,16 +65,12 @@ /** * Creates the extension object on the base of its encoded form. */ - public IssuingDistributionPoint(byte[] encoding) throws IOException { - super(encoding); + public static IssuingDistributionPoint decode(byte[] encoding) + throws IOException { IssuingDistributionPoint idp = (IssuingDistributionPoint) ASN1.decode(encoding); - this.distributionPoint = idp.distributionPoint; - this.onlyContainsUserCerts = idp.onlyContainsUserCerts; - this.onlyContainsCACerts = idp.onlyContainsCACerts; - this.onlySomeReasons = idp.onlySomeReasons; - this.indirectCRL = idp.indirectCRL; - this.onlyContainsAttributeCerts = idp.onlyContainsAttributeCerts; + idp.encoding = encoding; + return idp; } /** @@ -172,7 +169,8 @@ */ public static ASN1Type ASN1 = new ASN1Sequence( new ASN1Type[] { - new ASN1Implicit(0, DistributionPointName.ASN1), + // ASN.1 prohibits implicitly tagged CHOICE + new ASN1Explicit(0, DistributionPointName.ASN1), new ASN1Implicit(1, ASN1Boolean.getInstance()), new ASN1Implicit(2, ASN1Boolean.getInstance()), new ASN1Implicit(3, ReasonFlags.ASN1), Index: modules/security/src/main/java/common/org/apache/harmony/security/x509/ReasonFlags.java =================================================================== --- modules/security/src/main/java/common/org/apache/harmony/security/x509/ReasonFlags.java (revision 452371) +++ modules/security/src/main/java/common/org/apache/harmony/security/x509/ReasonFlags.java (working copy) @@ -51,20 +51,44 @@ * */ public class ReasonFlags { + + /** + * The names of the reasons. + */ + public static final String[] REASONS = { + "unused", //$NON-NLS-1$ + "keyCompromise", //$NON-NLS-1$ + "cACompromise", //$NON-NLS-1$ + "affiliationChanged", //$NON-NLS-1$ + "superseded", //$NON-NLS-1$ + "cessationOfOperation", //$NON-NLS-1$ + "certificateHold", //$NON-NLS-1$ + "privilegeWithdrawn", //$NON-NLS-1$ + "aACompromise" //$NON-NLS-1$ + }; - boolean[] flags; + // the value of extension + private boolean[] flags; + /** + * Creates the extension object corresponding to the given flags. + */ public ReasonFlags(boolean[] flags) { this.flags = flags; } - - public static ASN1BitString ASN1 = new ASN1BitString.ASN1NamedBitList() { + + /** + * ASN.1 Encoder/Decoder. + */ + public static ASN1BitString ASN1 = + new ASN1BitString.ASN1NamedBitList(REASONS.length) { public Object getDecodedObject(BerInputStream in) throws IOException { return new ReasonFlags((boolean[]) super.getDecodedObject(in)); } public void setEncodingContent(BerOutputStream out) { out.content = ((ReasonFlags) out.content).flags; + super.setEncodingContent(out); } }; }