1 package org.bouncycastle.asn1.x509; 2 3 import java.util.Enumeration; 4 import java.util.Hashtable; 5 import java.util.Vector; 6 7 import org.bouncycastle.asn1.ASN1EncodableVector; 8 import org.bouncycastle.asn1.ASN1Object; 9 import org.bouncycastle.asn1.ASN1ObjectIdentifier; 10 import org.bouncycastle.asn1.ASN1OctetString; 11 import org.bouncycastle.asn1.ASN1Primitive; 12 import org.bouncycastle.asn1.ASN1Sequence; 13 import org.bouncycastle.asn1.ASN1TaggedObject; 14 import org.bouncycastle.asn1.DERBoolean; 15 import org.bouncycastle.asn1.DERObjectIdentifier; 16 import org.bouncycastle.asn1.DERSequence; 17 18 /** 19 * @deprecated use Extensions 20 */ 21 public class X509Extensions 22 extends ASN1Object 23 { 24 /** 25 * Subject Directory Attributes 26 * @deprecated use X509Extension value. 27 */ 28 public static final ASN1ObjectIdentifier SubjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9"); 29 30 /** 31 * Subject Key Identifier 32 * @deprecated use X509Extension value. 33 */ 34 public static final ASN1ObjectIdentifier SubjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14"); 35 36 /** 37 * Key Usage 38 * @deprecated use X509Extension value. 39 */ 40 public static final ASN1ObjectIdentifier KeyUsage = new ASN1ObjectIdentifier("2.5.29.15"); 41 42 /** 43 * Private Key Usage Period 44 * @deprecated use X509Extension value. 45 */ 46 public static final ASN1ObjectIdentifier PrivateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16"); 47 48 /** 49 * Subject Alternative Name 50 * @deprecated use X509Extension value. 51 */ 52 public static final ASN1ObjectIdentifier SubjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17"); 53 54 /** 55 * Issuer Alternative Name 56 * @deprecated use X509Extension value. 57 */ 58 public static final ASN1ObjectIdentifier IssuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18"); 59 60 /** 61 * Basic Constraints 62 * @deprecated use X509Extension value. 63 */ 64 public static final ASN1ObjectIdentifier BasicConstraints = new ASN1ObjectIdentifier("2.5.29.19"); 65 66 /** 67 * CRL Number 68 * @deprecated use X509Extension value. 69 */ 70 public static final ASN1ObjectIdentifier CRLNumber = new ASN1ObjectIdentifier("2.5.29.20"); 71 72 /** 73 * Reason code 74 * @deprecated use X509Extension value. 75 */ 76 public static final ASN1ObjectIdentifier ReasonCode = new ASN1ObjectIdentifier("2.5.29.21"); 77 78 /** 79 * Hold Instruction Code 80 * @deprecated use X509Extension value. 81 */ 82 public static final ASN1ObjectIdentifier InstructionCode = new ASN1ObjectIdentifier("2.5.29.23"); 83 84 /** 85 * Invalidity Date 86 * @deprecated use X509Extension value. 87 */ 88 public static final ASN1ObjectIdentifier InvalidityDate = new ASN1ObjectIdentifier("2.5.29.24"); 89 90 /** 91 * Delta CRL indicator 92 * @deprecated use X509Extension value. 93 */ 94 public static final ASN1ObjectIdentifier DeltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27"); 95 96 /** 97 * Issuing Distribution Point 98 * @deprecated use X509Extension value. 99 */ 100 public static final ASN1ObjectIdentifier IssuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28"); 101 102 /** 103 * Certificate Issuer 104 * @deprecated use X509Extension value. 105 */ 106 public static final ASN1ObjectIdentifier CertificateIssuer = new ASN1ObjectIdentifier("2.5.29.29"); 107 108 /** 109 * Name Constraints 110 * @deprecated use X509Extension value. 111 */ 112 public static final ASN1ObjectIdentifier NameConstraints = new ASN1ObjectIdentifier("2.5.29.30"); 113 114 /** 115 * CRL Distribution Points 116 * @deprecated use X509Extension value. 117 */ 118 public static final ASN1ObjectIdentifier CRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31"); 119 120 /** 121 * Certificate Policies 122 * @deprecated use X509Extension value. 123 */ 124 public static final ASN1ObjectIdentifier CertificatePolicies = new ASN1ObjectIdentifier("2.5.29.32"); 125 126 /** 127 * Policy Mappings 128 * @deprecated use X509Extension value. 129 */ 130 public static final ASN1ObjectIdentifier PolicyMappings = new ASN1ObjectIdentifier("2.5.29.33"); 131 132 /** 133 * Authority Key Identifier 134 * @deprecated use X509Extension value. 135 */ 136 public static final ASN1ObjectIdentifier AuthorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35"); 137 138 /** 139 * Policy Constraints 140 * @deprecated use X509Extension value. 141 */ 142 public static final ASN1ObjectIdentifier PolicyConstraints = new ASN1ObjectIdentifier("2.5.29.36"); 143 144 /** 145 * Extended Key Usage 146 * @deprecated use X509Extension value. 147 */ 148 public static final ASN1ObjectIdentifier ExtendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37"); 149 150 /** 151 * Freshest CRL 152 * @deprecated use X509Extension value. 153 */ 154 public static final ASN1ObjectIdentifier FreshestCRL = new ASN1ObjectIdentifier("2.5.29.46"); 155 156 /** 157 * Inhibit Any Policy 158 * @deprecated use X509Extension value. 159 */ 160 public static final ASN1ObjectIdentifier InhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54"); 161 162 /** 163 * Authority Info Access 164 * @deprecated use X509Extension value. 165 */ 166 public static final ASN1ObjectIdentifier AuthorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1"); 167 168 /** 169 * Subject Info Access 170 * @deprecated use X509Extension value. 171 */ 172 public static final ASN1ObjectIdentifier SubjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11"); 173 174 /** 175 * Logo Type 176 * @deprecated use X509Extension value. 177 */ 178 public static final ASN1ObjectIdentifier LogoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12"); 179 180 /** 181 * BiometricInfo 182 * @deprecated use X509Extension value. 183 */ 184 public static final ASN1ObjectIdentifier BiometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2"); 185 186 /** 187 * QCStatements 188 * @deprecated use X509Extension value. 189 */ 190 public static final ASN1ObjectIdentifier QCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3"); 191 192 /** 193 * Audit identity extension in attribute certificates. 194 * @deprecated use X509Extension value. 195 */ 196 public static final ASN1ObjectIdentifier AuditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4"); 197 198 /** 199 * NoRevAvail extension in attribute certificates. 200 * @deprecated use X509Extension value. 201 */ 202 public static final ASN1ObjectIdentifier NoRevAvail = new ASN1ObjectIdentifier("2.5.29.56"); 203 204 /** 205 * TargetInformation extension in attribute certificates. 206 * @deprecated use X509Extension value. 207 */ 208 public static final ASN1ObjectIdentifier TargetInformation = new ASN1ObjectIdentifier("2.5.29.55"); 209 210 private Hashtable extensions = new Hashtable(); 211 private Vector ordering = new Vector(); 212 213 public static X509Extensions getInstance( 214 ASN1TaggedObject obj, 215 boolean explicit) 216 { 217 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 218 } 219 220 public static X509Extensions getInstance( 221 Object obj) 222 { 223 if (obj == null || obj instanceof X509Extensions) 224 { 225 return (X509Extensions)obj; 226 } 227 228 if (obj instanceof ASN1Sequence) 229 { 230 return new X509Extensions((ASN1Sequence)obj); 231 } 232 233 if (obj instanceof Extensions) 234 { 235 return new X509Extensions((ASN1Sequence)((Extensions)obj).toASN1Primitive()); 236 } 237 238 if (obj instanceof ASN1TaggedObject) 239 { 240 return getInstance(((ASN1TaggedObject)obj).getObject()); 241 } 242 243 throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); 244 } 245 246 /** 247 * Constructor from ASN1Sequence. 248 * 249 * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) 250 */ 251 public X509Extensions( 252 ASN1Sequence seq) 253 { 254 Enumeration e = seq.getObjects(); 255 256 while (e.hasMoreElements()) 257 { 258 ASN1Sequence s = ASN1Sequence.getInstance(e.nextElement()); 259 260 if (s.size() == 3) 261 { 262 extensions.put(s.getObjectAt(0), new X509Extension(DERBoolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2)))); 263 } 264 else if (s.size() == 2) 265 { 266 extensions.put(s.getObjectAt(0), new X509Extension(false, ASN1OctetString.getInstance(s.getObjectAt(1)))); 267 } 268 else 269 { 270 throw new IllegalArgumentException("Bad sequence size: " + s.size()); 271 } 272 273 ordering.addElement(s.getObjectAt(0)); 274 } 275 } 276 277 /** 278 * constructor from a table of extensions. 279 * <p> 280 * it's is assumed the table contains OID/String pairs. 281 */ 282 public X509Extensions( 283 Hashtable extensions) 284 { 285 this(null, extensions); 286 } 287 288 /** 289 * Constructor from a table of extensions with ordering. 290 * <p> 291 * It's is assumed the table contains OID/String pairs. 292 * @deprecated use Extensions 293 */ 294 public X509Extensions( 295 Vector ordering, 296 Hashtable extensions) 297 { 298 Enumeration e; 299 300 if (ordering == null) 301 { 302 e = extensions.keys(); 303 } 304 else 305 { 306 e = ordering.elements(); 307 } 308 309 while (e.hasMoreElements()) 310 { 311 this.ordering.addElement(ASN1ObjectIdentifier.getInstance(e.nextElement())); 312 } 313 314 e = this.ordering.elements(); 315 316 while (e.hasMoreElements()) 317 { 318 ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(e.nextElement()); 319 X509Extension ext = (X509Extension)extensions.get(oid); 320 321 this.extensions.put(oid, ext); 322 } 323 } 324 325 /** 326 * Constructor from two vectors 327 * 328 * @param objectIDs a vector of the object identifiers. 329 * @param values a vector of the extension values. 330 * @deprecated use Extensions 331 */ 332 public X509Extensions( 333 Vector objectIDs, 334 Vector values) 335 { 336 Enumeration e = objectIDs.elements(); 337 338 while (e.hasMoreElements()) 339 { 340 this.ordering.addElement(e.nextElement()); 341 } 342 343 int count = 0; 344 345 e = this.ordering.elements(); 346 347 while (e.hasMoreElements()) 348 { 349 ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 350 X509Extension ext = (X509Extension)values.elementAt(count); 351 352 this.extensions.put(oid, ext); 353 count++; 354 } 355 } 356 357 /** 358 * return an Enumeration of the extension field's object ids. 359 */ 360 public Enumeration oids() 361 { 362 return ordering.elements(); 363 } 364 365 /** 366 * return the extension represented by the object identifier 367 * passed in. 368 * 369 * @return the extension if it's present, null otherwise. 370 */ 371 public X509Extension getExtension( 372 DERObjectIdentifier oid) 373 { 374 return (X509Extension)extensions.get(oid); 375 } 376 377 /** 378 * @deprecated 379 * @param oid 380 * @return 381 */ 382 public X509Extension getExtension( 383 ASN1ObjectIdentifier oid) 384 { 385 return (X509Extension)extensions.get(oid); 386 } 387 388 /** 389 * <pre> 390 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension 391 * 392 * Extension ::= SEQUENCE { 393 * extnId EXTENSION.&id ({ExtensionSet}), 394 * critical BOOLEAN DEFAULT FALSE, 395 * extnValue OCTET STRING } 396 * </pre> 397 */ 398 public ASN1Primitive toASN1Primitive() 399 { 400 ASN1EncodableVector vec = new ASN1EncodableVector(); 401 Enumeration e = ordering.elements(); 402 403 while (e.hasMoreElements()) 404 { 405 ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement(); 406 X509Extension ext = (X509Extension)extensions.get(oid); 407 ASN1EncodableVector v = new ASN1EncodableVector(); 408 409 v.add(oid); 410 411 if (ext.isCritical()) 412 { 413 v.add(DERBoolean.TRUE); 414 } 415 416 v.add(ext.getValue()); 417 418 vec.add(new DERSequence(v)); 419 } 420 421 return new DERSequence(vec); 422 } 423 424 public boolean equivalent( 425 X509Extensions other) 426 { 427 if (extensions.size() != other.extensions.size()) 428 { 429 return false; 430 } 431 432 Enumeration e1 = extensions.keys(); 433 434 while (e1.hasMoreElements()) 435 { 436 Object key = e1.nextElement(); 437 438 if (!extensions.get(key).equals(other.extensions.get(key))) 439 { 440 return false; 441 } 442 } 443 444 return true; 445 } 446 447 public ASN1ObjectIdentifier[] getExtensionOIDs() 448 { 449 return toOidArray(ordering); 450 } 451 452 public ASN1ObjectIdentifier[] getNonCriticalExtensionOIDs() 453 { 454 return getExtensionOIDs(false); 455 } 456 457 public ASN1ObjectIdentifier[] getCriticalExtensionOIDs() 458 { 459 return getExtensionOIDs(true); 460 } 461 462 private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical) 463 { 464 Vector oidVec = new Vector(); 465 466 for (int i = 0; i != ordering.size(); i++) 467 { 468 Object oid = ordering.elementAt(i); 469 470 if (((X509Extension)extensions.get(oid)).isCritical() == isCritical) 471 { 472 oidVec.addElement(oid); 473 } 474 } 475 476 return toOidArray(oidVec); 477 } 478 479 private ASN1ObjectIdentifier[] toOidArray(Vector oidVec) 480 { 481 ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[oidVec.size()]; 482 483 for (int i = 0; i != oids.length; i++) 484 { 485 oids[i] = (ASN1ObjectIdentifier)oidVec.elementAt(i); 486 } 487 return oids; 488 } 489 } 490