1package org.bouncycastle.asn1.x509; 2 3import org.bouncycastle.asn1.ASN1Boolean; 4import org.bouncycastle.asn1.ASN1EncodableVector; 5import org.bouncycastle.asn1.ASN1Object; 6import org.bouncycastle.asn1.ASN1Primitive; 7import org.bouncycastle.asn1.ASN1Sequence; 8import org.bouncycastle.asn1.ASN1TaggedObject; 9import org.bouncycastle.asn1.DERSequence; 10import org.bouncycastle.asn1.DERTaggedObject; 11 12/** 13 * <pre> 14 * IssuingDistributionPoint ::= SEQUENCE { 15 * distributionPoint [0] DistributionPointName OPTIONAL, 16 * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, 17 * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, 18 * onlySomeReasons [3] ReasonFlags OPTIONAL, 19 * indirectCRL [4] BOOLEAN DEFAULT FALSE, 20 * onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE } 21 * </pre> 22 */ 23public class IssuingDistributionPoint 24 extends ASN1Object 25{ 26 private DistributionPointName distributionPoint; 27 28 private boolean onlyContainsUserCerts; 29 30 private boolean onlyContainsCACerts; 31 32 private ReasonFlags onlySomeReasons; 33 34 private boolean indirectCRL; 35 36 private boolean onlyContainsAttributeCerts; 37 38 private ASN1Sequence seq; 39 40 public static IssuingDistributionPoint getInstance( 41 ASN1TaggedObject obj, 42 boolean explicit) 43 { 44 return getInstance(ASN1Sequence.getInstance(obj, explicit)); 45 } 46 47 public static IssuingDistributionPoint getInstance( 48 Object obj) 49 { 50 if (obj instanceof IssuingDistributionPoint) 51 { 52 return (IssuingDistributionPoint)obj; 53 } 54 else if (obj != null) 55 { 56 return new IssuingDistributionPoint(ASN1Sequence.getInstance(obj)); 57 } 58 59 return null; 60 } 61 62 /** 63 * Constructor from given details. 64 * 65 * @param distributionPoint 66 * May contain an URI as pointer to most current CRL. 67 * @param onlyContainsUserCerts Covers revocation information for end certificates. 68 * @param onlyContainsCACerts Covers revocation information for CA certificates. 69 * 70 * @param onlySomeReasons 71 * Which revocation reasons does this point cover. 72 * @param indirectCRL 73 * If <code>true</code> then the CRL contains revocation 74 * information about certificates ssued by other CAs. 75 * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates. 76 */ 77 public IssuingDistributionPoint( 78 DistributionPointName distributionPoint, 79 boolean onlyContainsUserCerts, 80 boolean onlyContainsCACerts, 81 ReasonFlags onlySomeReasons, 82 boolean indirectCRL, 83 boolean onlyContainsAttributeCerts) 84 { 85 this.distributionPoint = distributionPoint; 86 this.indirectCRL = indirectCRL; 87 this.onlyContainsAttributeCerts = onlyContainsAttributeCerts; 88 this.onlyContainsCACerts = onlyContainsCACerts; 89 this.onlyContainsUserCerts = onlyContainsUserCerts; 90 this.onlySomeReasons = onlySomeReasons; 91 92 ASN1EncodableVector vec = new ASN1EncodableVector(); 93 if (distributionPoint != null) 94 { // CHOICE item so explicitly tagged 95 vec.add(new DERTaggedObject(true, 0, distributionPoint)); 96 } 97 if (onlyContainsUserCerts) 98 { 99 vec.add(new DERTaggedObject(false, 1, ASN1Boolean.getInstance(true))); 100 } 101 if (onlyContainsCACerts) 102 { 103 vec.add(new DERTaggedObject(false, 2, ASN1Boolean.getInstance(true))); 104 } 105 if (onlySomeReasons != null) 106 { 107 vec.add(new DERTaggedObject(false, 3, onlySomeReasons)); 108 } 109 if (indirectCRL) 110 { 111 vec.add(new DERTaggedObject(false, 4, ASN1Boolean.getInstance(true))); 112 } 113 if (onlyContainsAttributeCerts) 114 { 115 vec.add(new DERTaggedObject(false, 5, ASN1Boolean.getInstance(true))); 116 } 117 118 seq = new DERSequence(vec); 119 } 120 121 /** 122 * Shorthand Constructor from given details. 123 * 124 * @param distributionPoint 125 * May contain an URI as pointer to most current CRL. 126 * @param indirectCRL 127 * If <code>true</code> then the CRL contains revocation 128 * information about certificates ssued by other CAs. 129 * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates. 130 */ 131 public IssuingDistributionPoint( 132 DistributionPointName distributionPoint, 133 boolean indirectCRL, 134 boolean onlyContainsAttributeCerts) 135 { 136 this(distributionPoint, false, false, null, indirectCRL, onlyContainsAttributeCerts); 137 } 138 139 /** 140 * Constructor from ASN1Sequence 141 */ 142 private IssuingDistributionPoint( 143 ASN1Sequence seq) 144 { 145 this.seq = seq; 146 147 for (int i = 0; i != seq.size(); i++) 148 { 149 ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(i)); 150 151 switch (o.getTagNo()) 152 { 153 case 0: 154 // CHOICE so explicit 155 distributionPoint = DistributionPointName.getInstance(o, true); 156 break; 157 case 1: 158 onlyContainsUserCerts = ASN1Boolean.getInstance(o, false).isTrue(); 159 break; 160 case 2: 161 onlyContainsCACerts = ASN1Boolean.getInstance(o, false).isTrue(); 162 break; 163 case 3: 164 onlySomeReasons = new ReasonFlags(ReasonFlags.getInstance(o, false)); 165 break; 166 case 4: 167 indirectCRL = ASN1Boolean.getInstance(o, false).isTrue(); 168 break; 169 case 5: 170 onlyContainsAttributeCerts = ASN1Boolean.getInstance(o, false).isTrue(); 171 break; 172 default: 173 throw new IllegalArgumentException( 174 "unknown tag in IssuingDistributionPoint"); 175 } 176 } 177 } 178 179 public boolean onlyContainsUserCerts() 180 { 181 return onlyContainsUserCerts; 182 } 183 184 public boolean onlyContainsCACerts() 185 { 186 return onlyContainsCACerts; 187 } 188 189 public boolean isIndirectCRL() 190 { 191 return indirectCRL; 192 } 193 194 public boolean onlyContainsAttributeCerts() 195 { 196 return onlyContainsAttributeCerts; 197 } 198 199 /** 200 * @return Returns the distributionPoint. 201 */ 202 public DistributionPointName getDistributionPoint() 203 { 204 return distributionPoint; 205 } 206 207 /** 208 * @return Returns the onlySomeReasons. 209 */ 210 public ReasonFlags getOnlySomeReasons() 211 { 212 return onlySomeReasons; 213 } 214 215 public ASN1Primitive toASN1Primitive() 216 { 217 return seq; 218 } 219 220 public String toString() 221 { 222 String sep = System.getProperty("line.separator"); 223 StringBuffer buf = new StringBuffer(); 224 225 buf.append("IssuingDistributionPoint: ["); 226 buf.append(sep); 227 if (distributionPoint != null) 228 { 229 appendObject(buf, sep, "distributionPoint", distributionPoint.toString()); 230 } 231 if (onlyContainsUserCerts) 232 { 233 appendObject(buf, sep, "onlyContainsUserCerts", booleanToString(onlyContainsUserCerts)); 234 } 235 if (onlyContainsCACerts) 236 { 237 appendObject(buf, sep, "onlyContainsCACerts", booleanToString(onlyContainsCACerts)); 238 } 239 if (onlySomeReasons != null) 240 { 241 appendObject(buf, sep, "onlySomeReasons", onlySomeReasons.toString()); 242 } 243 if (onlyContainsAttributeCerts) 244 { 245 appendObject(buf, sep, "onlyContainsAttributeCerts", booleanToString(onlyContainsAttributeCerts)); 246 } 247 if (indirectCRL) 248 { 249 appendObject(buf, sep, "indirectCRL", booleanToString(indirectCRL)); 250 } 251 buf.append("]"); 252 buf.append(sep); 253 return buf.toString(); 254 } 255 256 private void appendObject(StringBuffer buf, String sep, String name, String value) 257 { 258 String indent = " "; 259 260 buf.append(indent); 261 buf.append(name); 262 buf.append(":"); 263 buf.append(sep); 264 buf.append(indent); 265 buf.append(indent); 266 buf.append(value); 267 buf.append(sep); 268 } 269 270 private String booleanToString(boolean value) 271 { 272 return value ? "true" : "false"; 273 } 274} 275