Home | History | Annotate | Download | only in x509 
      1 package org.bouncycastle.asn1.x509;
      2 
      3 import java.util.Enumeration;
      4 import java.util.Hashtable;
      5 import java.util.Vector;
      6 
      7 import org.bouncycastle.asn1.ASN1Boolean;
      8 import org.bouncycastle.asn1.ASN1EncodableVector;
      9 import org.bouncycastle.asn1.ASN1Object;
     10 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
     11 import org.bouncycastle.asn1.ASN1OctetString;
     12 import org.bouncycastle.asn1.ASN1Primitive;
     13 import org.bouncycastle.asn1.ASN1Sequence;
     14 import org.bouncycastle.asn1.ASN1TaggedObject;
     15 import org.bouncycastle.asn1.DERSequence;
     16 
     17 /**
     18  * @deprecated use Extensions
     19  */
     20 public class X509Extensions
     21     extends ASN1Object
     22 {
     23     /**
     24      * Subject Directory Attributes
     25      * @deprecated use X509Extension value.
     26      */
     27     public static final ASN1ObjectIdentifier SubjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9");
     28 
     29     /**
     30      * Subject Key Identifier
     31      *  @deprecated use X509Extension value.
     32      */
     33     public static final ASN1ObjectIdentifier SubjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14");
     34 
     35     /**
     36      * Key Usage
     37      *  @deprecated use X509Extension value.
     38      */
     39     public static final ASN1ObjectIdentifier KeyUsage = new ASN1ObjectIdentifier("2.5.29.15");
     40 
     41     /**
     42      * Private Key Usage Period
     43      *  @deprecated use X509Extension value.
     44      */
     45     public static final ASN1ObjectIdentifier PrivateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16");
     46 
     47     /**
     48      * Subject Alternative Name
     49      *  @deprecated use X509Extension value.
     50      */
     51     public static final ASN1ObjectIdentifier SubjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17");
     52 
     53     /**
     54      * Issuer Alternative Name
     55      *  @deprecated use X509Extension value.
     56      */
     57     public static final ASN1ObjectIdentifier IssuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18");
     58 
     59     /**
     60      * Basic Constraints
     61      *  @deprecated use X509Extension value.
     62      */
     63     public static final ASN1ObjectIdentifier BasicConstraints = new ASN1ObjectIdentifier("2.5.29.19");
     64 
     65     /**
     66      * CRL Number
     67      *  @deprecated use X509Extension value.
     68      */
     69     public static final ASN1ObjectIdentifier CRLNumber = new ASN1ObjectIdentifier("2.5.29.20");
     70 
     71     /**
     72      * Reason code
     73      *  @deprecated use X509Extension value.
     74      */
     75     public static final ASN1ObjectIdentifier ReasonCode = new ASN1ObjectIdentifier("2.5.29.21");
     76 
     77     /**
     78      * Hold Instruction Code
     79      *  @deprecated use X509Extension value.
     80      */
     81     public static final ASN1ObjectIdentifier InstructionCode = new ASN1ObjectIdentifier("2.5.29.23");
     82 
     83     /**
     84      * Invalidity Date
     85      *  @deprecated use X509Extension value.
     86      */
     87     public static final ASN1ObjectIdentifier InvalidityDate = new ASN1ObjectIdentifier("2.5.29.24");
     88 
     89     /**
     90      * Delta CRL indicator
     91      *  @deprecated use X509Extension value.
     92      */
     93     public static final ASN1ObjectIdentifier DeltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27");
     94 
     95     /**
     96      * Issuing Distribution Point
     97      *  @deprecated use X509Extension value.
     98      */
     99     public static final ASN1ObjectIdentifier IssuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28");
    100 
    101     /**
    102      * Certificate Issuer
    103      *  @deprecated use X509Extension value.
    104      */
    105     public static final ASN1ObjectIdentifier CertificateIssuer = new ASN1ObjectIdentifier("2.5.29.29");
    106 
    107     /**
    108      * Name Constraints
    109      *  @deprecated use X509Extension value.
    110      */
    111     public static final ASN1ObjectIdentifier NameConstraints = new ASN1ObjectIdentifier("2.5.29.30");
    112 
    113     /**
    114      * CRL Distribution Points
    115      *  @deprecated use X509Extension value.
    116      */
    117     public static final ASN1ObjectIdentifier CRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31");
    118 
    119     /**
    120      * Certificate Policies
    121      *  @deprecated use X509Extension value.
    122      */
    123     public static final ASN1ObjectIdentifier CertificatePolicies = new ASN1ObjectIdentifier("2.5.29.32");
    124 
    125     /**
    126      * Policy Mappings
    127      *  @deprecated use X509Extension value.
    128      */
    129     public static final ASN1ObjectIdentifier PolicyMappings = new ASN1ObjectIdentifier("2.5.29.33");
    130 
    131     /**
    132      * Authority Key Identifier
    133      *  @deprecated use X509Extension value.
    134      */
    135     public static final ASN1ObjectIdentifier AuthorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35");
    136 
    137     /**
    138      * Policy Constraints
    139      *  @deprecated use X509Extension value.
    140      */
    141     public static final ASN1ObjectIdentifier PolicyConstraints = new ASN1ObjectIdentifier("2.5.29.36");
    142 
    143     /**
    144      * Extended Key Usage
    145      *  @deprecated use X509Extension value.
    146      */
    147     public static final ASN1ObjectIdentifier ExtendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37");
    148 
    149     /**
    150      * Freshest CRL
    151      *  @deprecated use X509Extension value.
    152      */
    153     public static final ASN1ObjectIdentifier FreshestCRL = new ASN1ObjectIdentifier("2.5.29.46");
    154 
    155     /**
    156      * Inhibit Any Policy
    157      *  @deprecated use X509Extension value.
    158      */
    159     public static final ASN1ObjectIdentifier InhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54");
    160 
    161     /**
    162      * Authority Info Access
    163      *  @deprecated use X509Extension value.
    164      */
    165     public static final ASN1ObjectIdentifier AuthorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1");
    166 
    167     /**
    168      * Subject Info Access
    169      *  @deprecated use X509Extension value.
    170      */
    171     public static final ASN1ObjectIdentifier SubjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11");
    172 
    173     /**
    174      * Logo Type
    175      *  @deprecated use X509Extension value.
    176      */
    177     public static final ASN1ObjectIdentifier LogoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12");
    178 
    179     /**
    180      * BiometricInfo
    181      *  @deprecated use X509Extension value.
    182      */
    183     public static final ASN1ObjectIdentifier BiometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2");
    184 
    185     /**
    186      * QCStatements
    187      *  @deprecated use X509Extension value.
    188      */
    189     public static final ASN1ObjectIdentifier QCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3");
    190 
    191     /**
    192      * Audit identity extension in attribute certificates.
    193      *  @deprecated use X509Extension value.
    194      */
    195     public static final ASN1ObjectIdentifier AuditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4");
    196 
    197     /**
    198      * NoRevAvail extension in attribute certificates.
    199      *  @deprecated use X509Extension value.
    200      */
    201     public static final ASN1ObjectIdentifier NoRevAvail = new ASN1ObjectIdentifier("2.5.29.56");
    202 
    203     /**
    204      * TargetInformation extension in attribute certificates.
    205      *  @deprecated use X509Extension value.
    206      */
    207     public static final ASN1ObjectIdentifier TargetInformation = new ASN1ObjectIdentifier("2.5.29.55");
    208 
    209     private Hashtable               extensions = new Hashtable();
    210     private Vector                  ordering = new Vector();
    211 
    212     public static X509Extensions getInstance(
    213         ASN1TaggedObject obj,
    214         boolean          explicit)
    215     {
    216         return getInstance(ASN1Sequence.getInstance(obj, explicit));
    217     }
    218 
    219     public static X509Extensions getInstance(
    220         Object  obj)
    221     {
    222         if (obj == null || obj instanceof X509Extensions)
    223         {
    224             return (X509Extensions)obj;
    225         }
    226 
    227         if (obj instanceof ASN1Sequence)
    228         {
    229             return new X509Extensions((ASN1Sequence)obj);
    230         }
    231 
    232         if (obj instanceof Extensions)
    233         {
    234             return new X509Extensions((ASN1Sequence)((Extensions)obj).toASN1Primitive());
    235         }
    236 
    237         if (obj instanceof ASN1TaggedObject)
    238         {
    239             return getInstance(((ASN1TaggedObject)obj).getObject());
    240         }
    241 
    242         throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
    243     }
    244 
    245     /**
    246      * Constructor from ASN1Sequence.
    247      *
    248      * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString)
    249      */
    250     public X509Extensions(
    251         ASN1Sequence  seq)
    252     {
    253         Enumeration e = seq.getObjects();
    254 
    255         while (e.hasMoreElements())
    256         {
    257             ASN1Sequence            s = ASN1Sequence.getInstance(e.nextElement());
    258 
    259             if (s.size() == 3)
    260             {
    261                 extensions.put(s.getObjectAt(0), new X509Extension(ASN1Boolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2))));
    262             }
    263             else if (s.size() == 2)
    264             {
    265                 extensions.put(s.getObjectAt(0), new X509Extension(false, ASN1OctetString.getInstance(s.getObjectAt(1))));
    266             }
    267             else
    268             {
    269                 throw new IllegalArgumentException("Bad sequence size: " + s.size());
    270             }
    271 
    272             ordering.addElement(s.getObjectAt(0));
    273         }
    274     }
    275 
    276     /**
    277      * constructor from a table of extensions.
    278      * <p>
    279      * it's is assumed the table contains OID/String pairs.
    280      */
    281     public X509Extensions(
    282         Hashtable  extensions)
    283     {
    284         this(null, extensions);
    285     }
    286 
    287     /**
    288      * Constructor from a table of extensions with ordering.
    289      * <p>
    290      * It's is assumed the table contains OID/String pairs.
    291      * @deprecated use Extensions
    292      */
    293     public X509Extensions(
    294         Vector      ordering,
    295         Hashtable   extensions)
    296     {
    297         Enumeration e;
    298 
    299         if (ordering == null)
    300         {
    301             e = extensions.keys();
    302         }
    303         else
    304         {
    305             e = ordering.elements();
    306         }
    307 
    308         while (e.hasMoreElements())
    309         {
    310             this.ordering.addElement(ASN1ObjectIdentifier.getInstance(e.nextElement()));
    311         }
    312 
    313         e = this.ordering.elements();
    314 
    315         while (e.hasMoreElements())
    316         {
    317             ASN1ObjectIdentifier     oid = ASN1ObjectIdentifier.getInstance(e.nextElement());
    318             X509Extension           ext = (X509Extension)extensions.get(oid);
    319 
    320             this.extensions.put(oid, ext);
    321         }
    322     }
    323 
    324     /**
    325      * Constructor from two vectors
    326      *
    327      * @param objectIDs a vector of the object identifiers.
    328      * @param values a vector of the extension values.
    329      * @deprecated use Extensions
    330      */
    331     public X509Extensions(
    332         Vector      objectIDs,
    333         Vector      values)
    334     {
    335         Enumeration e = objectIDs.elements();
    336 
    337         while (e.hasMoreElements())
    338         {
    339             this.ordering.addElement(e.nextElement());
    340         }
    341 
    342         int count = 0;
    343 
    344         e = this.ordering.elements();
    345 
    346         while (e.hasMoreElements())
    347         {
    348             ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)e.nextElement();
    349             X509Extension           ext = (X509Extension)values.elementAt(count);
    350 
    351             this.extensions.put(oid, ext);
    352             count++;
    353         }
    354     }
    355 
    356     /**
    357      * return an Enumeration of the extension field's object ids.
    358      */
    359     public Enumeration oids()
    360     {
    361         return ordering.elements();
    362     }
    363 
    364     /**
    365      * return the extension represented by the object identifier
    366      * passed in.
    367      *
    368      * @return the extension if it's present, null otherwise.
    369      */
    370     public X509Extension getExtension(
    371         ASN1ObjectIdentifier oid)
    372     {
    373         return (X509Extension)extensions.get(oid);
    374     }
    375 
    376     /**
    377      * <pre>
    378      *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
    379      *
    380      *     Extension         ::=   SEQUENCE {
    381      *        extnId            EXTENSION.&amp;id ({ExtensionSet}),
    382      *        critical          BOOLEAN DEFAULT FALSE,
    383      *        extnValue         OCTET STRING }
    384      * </pre>
    385      */
    386     public ASN1Primitive toASN1Primitive()
    387     {
    388         ASN1EncodableVector     vec = new ASN1EncodableVector();
    389         Enumeration             e = ordering.elements();
    390 
    391         while (e.hasMoreElements())
    392         {
    393             ASN1ObjectIdentifier    oid = (ASN1ObjectIdentifier)e.nextElement();
    394             X509Extension           ext = (X509Extension)extensions.get(oid);
    395             ASN1EncodableVector     v = new ASN1EncodableVector();
    396 
    397             v.add(oid);
    398 
    399             if (ext.isCritical())
    400             {
    401                 v.add(ASN1Boolean.TRUE);
    402             }
    403 
    404             v.add(ext.getValue());
    405 
    406             vec.add(new DERSequence(v));
    407         }
    408 
    409         return new DERSequence(vec);
    410     }
    411 
    412     public boolean equivalent(
    413         X509Extensions other)
    414     {
    415         if (extensions.size() != other.extensions.size())
    416         {
    417             return false;
    418         }
    419 
    420         Enumeration     e1 = extensions.keys();
    421 
    422         while (e1.hasMoreElements())
    423         {
    424             Object  key = e1.nextElement();
    425 
    426             if (!extensions.get(key).equals(other.extensions.get(key)))
    427             {
    428                 return false;
    429             }
    430         }
    431 
    432         return true;
    433     }
    434 
    435     public ASN1ObjectIdentifier[] getExtensionOIDs()
    436     {
    437         return toOidArray(ordering);
    438     }
    439 
    440     public ASN1ObjectIdentifier[] getNonCriticalExtensionOIDs()
    441     {
    442         return getExtensionOIDs(false);
    443     }
    444 
    445     public ASN1ObjectIdentifier[] getCriticalExtensionOIDs()
    446     {
    447         return getExtensionOIDs(true);
    448     }
    449 
    450     private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical)
    451     {
    452         Vector oidVec = new Vector();
    453 
    454         for (int i = 0; i != ordering.size(); i++)
    455         {
    456             Object oid = ordering.elementAt(i);
    457 
    458             if (((X509Extension)extensions.get(oid)).isCritical() == isCritical)
    459             {
    460                 oidVec.addElement(oid);
    461             }
    462         }
    463 
    464         return toOidArray(oidVec);
    465     }
    466 
    467     private ASN1ObjectIdentifier[] toOidArray(Vector oidVec)
    468     {
    469         ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[oidVec.size()];
    470 
    471         for (int i = 0; i != oids.length; i++)
    472         {
    473             oids[i] = (ASN1ObjectIdentifier)oidVec.elementAt(i);
    474         }
    475         return oids;
    476     }
    477 }
    478