1 package org.bouncycastle.asn1.x509; 2 3 import org.bouncycastle.asn1.ASN1Boolean; 4 import org.bouncycastle.asn1.ASN1EncodableVector; 5 import org.bouncycastle.asn1.ASN1Object; 6 import org.bouncycastle.asn1.ASN1Primitive; 7 import org.bouncycastle.asn1.ASN1Sequence; 8 import org.bouncycastle.asn1.ASN1TaggedObject; 9 import org.bouncycastle.asn1.DERSequence; 10 import org.bouncycastle.asn1.DERTaggedObject; 11 import org.bouncycastle.util.Strings; 12 13 /** 14 * <pre> 15 * IssuingDistributionPoint ::= SEQUENCE { 16 * distributionPoint [0] DistributionPointName OPTIONAL, 17 * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, 18 * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, 19 * onlySomeReasons [3] ReasonFlags OPTIONAL, 20 * indirectCRL [4] BOOLEAN DEFAULT FALSE, 21 * onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE } 22 * </pre> 23 */ 24 public class IssuingDistributionPoint 25 extends ASN1Object 26 { 27 private DistributionPointName distributionPoint; 28 29 private boolean onlyContainsUserCerts; 30 31 private boolean onlyContainsCACerts; 32 33 private ReasonFlags onlySomeReasons; 34 35 private boolean indirectCRL; 36 37 private boolean onlyContainsAttributeCerts; 38 39 private ASN1Sequence seq; 40 41 public static IssuingDistributionPoint getInstance( 42 ASN1TaggedObject obj, 43 boolean explicit) 44 { 45 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 46 } 47 48 public static IssuingDistributionPoint getInstance( 49 Object obj) 50 { 51 if (obj instanceof IssuingDistributionPoint) 52 { 53 return (IssuingDistributionPoint)obj; 54 } 55 else if (obj != null) 56 { 57 return new IssuingDistributionPoint(ASN1Sequence.getInstance(obj)); 58 } 59 60 return null; 61 } 62 63 /** 64 * Constructor from given details. 65 * 66 * @param distributionPoint 67 * May contain an URI as pointer to most current CRL. 68 * @param onlyContainsUserCerts Covers revocation information for end certificates. 69 * @param onlyContainsCACerts Covers revocation information for CA certificates. 70 * 71 * @param onlySomeReasons 72 * Which revocation reasons does this point cover. 73 * @param indirectCRL 74 * If <code>true</code> then the CRL contains revocation 75 * information about certificates ssued by other CAs. 76 * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates. 77 */ 78 public IssuingDistributionPoint( 79 DistributionPointName distributionPoint, 80 boolean onlyContainsUserCerts, 81 boolean onlyContainsCACerts, 82 ReasonFlags onlySomeReasons, 83 boolean indirectCRL, 84 boolean onlyContainsAttributeCerts) 85 { 86 this.distributionPoint = distributionPoint; 87 this.indirectCRL = indirectCRL; 88 this.onlyContainsAttributeCerts = onlyContainsAttributeCerts; 89 this.onlyContainsCACerts = onlyContainsCACerts; 90 this.onlyContainsUserCerts = onlyContainsUserCerts; 91 this.onlySomeReasons = onlySomeReasons; 92 93 ASN1EncodableVector vec = new ASN1EncodableVector(); 94 if (distributionPoint != null) 95 { // CHOICE item so explicitly tagged 96 vec.add(new DERTaggedObject(true, 0, distributionPoint)); 97 } 98 if (onlyContainsUserCerts) 99 { 100 vec.add(new DERTaggedObject(false, 1, ASN1Boolean.getInstance(true))); 101 } 102 if (onlyContainsCACerts) 103 { 104 vec.add(new DERTaggedObject(false, 2, ASN1Boolean.getInstance(true))); 105 } 106 if (onlySomeReasons != null) 107 { 108 vec.add(new DERTaggedObject(false, 3, onlySomeReasons)); 109 } 110 if (indirectCRL) 111 { 112 vec.add(new DERTaggedObject(false, 4, ASN1Boolean.getInstance(true))); 113 } 114 if (onlyContainsAttributeCerts) 115 { 116 vec.add(new DERTaggedObject(false, 5, ASN1Boolean.getInstance(true))); 117 } 118 119 seq = new DERSequence(vec); 120 } 121 122 /** 123 * Shorthand Constructor from given details. 124 * 125 * @param distributionPoint 126 * May contain an URI as pointer to most current CRL. 127 * @param indirectCRL 128 * If <code>true</code> then the CRL contains revocation 129 * information about certificates ssued by other CAs. 130 * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates. 131 */ 132 public IssuingDistributionPoint( 133 DistributionPointName distributionPoint, 134 boolean indirectCRL, 135 boolean onlyContainsAttributeCerts) 136 { 137 this(distributionPoint, false, false, null, indirectCRL, onlyContainsAttributeCerts); 138 } 139 140 /** 141 * Constructor from ASN1Sequence 142 */ 143 private IssuingDistributionPoint( 144 ASN1Sequence seq) 145 { 146 this.seq = seq; 147 148 for (int i = 0; i != seq.size(); i++) 149 { 150 ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(i)); 151 152 switch (o.getTagNo()) 153 { 154 case 0: 155 // CHOICE so explicit 156 distributionPoint = DistributionPointName.getInstance(o, true); 157 break; 158 case 1: 159 onlyContainsUserCerts = ASN1Boolean.getInstance(o, false).isTrue(); 160 break; 161 case 2: 162 onlyContainsCACerts = ASN1Boolean.getInstance(o, false).isTrue(); 163 break; 164 case 3: 165 onlySomeReasons = new ReasonFlags(ReasonFlags.getInstance(o, false)); 166 break; 167 case 4: 168 indirectCRL = ASN1Boolean.getInstance(o, false).isTrue(); 169 break; 170 case 5: 171 onlyContainsAttributeCerts = ASN1Boolean.getInstance(o, false).isTrue(); 172 break; 173 default: 174 throw new IllegalArgumentException( 175 "unknown tag in IssuingDistributionPoint"); 176 } 177 } 178 } 179 180 public boolean onlyContainsUserCerts() 181 { 182 return onlyContainsUserCerts; 183 } 184 185 public boolean onlyContainsCACerts() 186 { 187 return onlyContainsCACerts; 188 } 189 190 public boolean isIndirectCRL() 191 { 192 return indirectCRL; 193 } 194 195 public boolean onlyContainsAttributeCerts() 196 { 197 return onlyContainsAttributeCerts; 198 } 199 200 /** 201 * @return Returns the distributionPoint. 202 */ 203 public DistributionPointName getDistributionPoint() 204 { 205 return distributionPoint; 206 } 207 208 /** 209 * @return Returns the onlySomeReasons. 210 */ 211 public ReasonFlags getOnlySomeReasons() 212 { 213 return onlySomeReasons; 214 } 215 216 public ASN1Primitive toASN1Primitive() 217 { 218 return seq; 219 } 220 221 public String toString() 222 { 223 String sep = Strings.lineSeparator(); 224 StringBuffer buf = new StringBuffer(); 225 226 buf.append("IssuingDistributionPoint: ["); 227 buf.append(sep); 228 if (distributionPoint != null) 229 { 230 appendObject(buf, sep, "distributionPoint", distributionPoint.toString()); 231 } 232 if (onlyContainsUserCerts) 233 { 234 appendObject(buf, sep, "onlyContainsUserCerts", booleanToString(onlyContainsUserCerts)); 235 } 236 if (onlyContainsCACerts) 237 { 238 appendObject(buf, sep, "onlyContainsCACerts", booleanToString(onlyContainsCACerts)); 239 } 240 if (onlySomeReasons != null) 241 { 242 appendObject(buf, sep, "onlySomeReasons", onlySomeReasons.toString()); 243 } 244 if (onlyContainsAttributeCerts) 245 { 246 appendObject(buf, sep, "onlyContainsAttributeCerts", booleanToString(onlyContainsAttributeCerts)); 247 } 248 if (indirectCRL) 249 { 250 appendObject(buf, sep, "indirectCRL", booleanToString(indirectCRL)); 251 } 252 buf.append("]"); 253 buf.append(sep); 254 return buf.toString(); 255 } 256 257 private void appendObject(StringBuffer buf, String sep, String name, String value) 258 { 259 String indent = " "; 260 261 buf.append(indent); 262 buf.append(name); 263 buf.append(":"); 264 buf.append(sep); 265 buf.append(indent); 266 buf.append(indent); 267 buf.append(value); 268 buf.append(sep); 269 } 270 271 private String booleanToString(boolean value) 272 { 273 return value ? "true" : "false"; 274 } 275 } 276
