AttributeCertificateIssuer.java revision b61a96e7ef1a78acf013bbf08fe537e5b5f129ca
1b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampackage org.bouncycastle.x509; 2b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 3b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.io.IOException; 4b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.Principal; 5b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.CertSelector; 6b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.Certificate; 7b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.security.cert.X509Certificate; 8b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.ArrayList; 9b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport java.util.List; 10b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 11b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport javax.security.auth.x500.X500Principal; 12b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 13b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.ASN1Encodable; 14b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.DERSequence; 15b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.AttCertIssuer; 16b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.GeneralName; 17b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.GeneralNames; 18b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.V2Form; 19b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.asn1.x509.X509Name; 20b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallamimport org.bouncycastle.jce.X509Principal; 21b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 22b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam/** 23b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Carrying class for an attribute certificate issuer. 24b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 25b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallampublic class AttributeCertificateIssuer 26b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam implements CertSelector 27b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam{ 28b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam final ASN1Encodable form; 29b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 30b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 31b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * @param issuer 32b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 33b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam AttributeCertificateIssuer( 34b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam AttCertIssuer issuer) 35b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 36b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam form = issuer.getIssuer(); 37b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 38b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 39b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public AttributeCertificateIssuer( 40b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X500Principal principal) 41b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throws IOException 42b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 43b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam this(new X509Principal(principal.getEncoded())); 44b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 45b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 46b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public AttributeCertificateIssuer( 47b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Principal principal) 48b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 49b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam form = new V2Form(new GeneralNames(new DERSequence(new GeneralName(principal)))); 50b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 51b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 52b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private Object[] getNames() 53b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 54b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralNames name; 55b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 56b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (form instanceof V2Form) 57b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 58b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam name = ((V2Form)form).getIssuerName(); 59b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 60b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 61b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 62b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam name = (GeneralNames)form; 63b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 64b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 65b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralName[] names = name.getNames(); 66b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 67b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam List l = new ArrayList(names.length); 68b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 69b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != names.length; i++) 70b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 71b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (names[i].getTagNo() == GeneralName.directoryName) 72b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 73b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 74b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 75b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam l.add(new X500Principal(((ASN1Encodable)names[i].getName()).getEncoded())); 76b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 77b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 78b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 79b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam throw new RuntimeException("badly formed Name object"); 80b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 81b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 82b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 83b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 84b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return l.toArray(new Object[l.size()]); 85b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 86b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 87b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /** 88b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * Return any principal objects inside the attribute certificate issuer object. 89b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * 90b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * @return an array of Principal objects (usually X500Principal) 91b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 92b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Principal[] getPrincipals() 93b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 94b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam Object[] p = this.getNames(); 95b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam List l = new ArrayList(); 96b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 97b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != p.length; i++) 98b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 99b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (p[i] instanceof Principal) 100b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 101b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam l.add(p[i]); 102b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 103b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 104b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 105b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return (Principal[])l.toArray(new Principal[l.size()]); 106b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 107b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 108b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam private boolean matchesDN(X500Principal subject, GeneralNames targets) 109b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 110b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralName[] names = targets.getNames(); 111b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 112b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam for (int i = 0; i != names.length; i++) 113b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 114b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralName gn = names[i]; 115b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 116b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (gn.getTagNo() == GeneralName.directoryName) 117b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 118b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam try 119b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 120b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (new X500Principal(((ASN1Encodable)gn.getName()).getEncoded()).equals(subject)) 121b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 122b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return true; 123b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 124b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 125b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam catch (IOException e) 126b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 127b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 128b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 129b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 130b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 131b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 132b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 133b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 134b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /* (non-Javadoc) 135b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * @see java.security.cert.CertSelector#clone() 136b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 137b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public Object clone() 138b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 139b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return new AttributeCertificateIssuer(AttCertIssuer.getInstance(form)); 140b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 141b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 142b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam /* (non-Javadoc) 143b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam * @see java.security.cert.CertSelector#match(java.security.cert.Certificate) 144b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam */ 145b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam public boolean match(Certificate cert) 146b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 147b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (!(cert instanceof X509Certificate)) 148b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 149b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 150b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 151b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 152b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam X509Certificate x509Cert = (X509Certificate)cert; 153b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 154b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (form instanceof V2Form) 155b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 156b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam V2Form issuer = (V2Form)form; 157b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (issuer.getBaseCertificateID() != null) 158b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 159b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return issuer.getBaseCertificateID().getSerial().getValue().equals(x509Cert.getSerialNumber()) 160b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam && matchesDN(x509Cert.getIssuerX500Principal(), issuer.getBaseCertificateID().getIssuer()); 161b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 162b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 163b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralNames name = issuer.getIssuerName(); 164b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (matchesDN(x509Cert.getSubjectX500Principal(), name)) 165b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 166b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return true; 167b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 168b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 169b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam else 170b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 171b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam GeneralNames name = (GeneralNames)form; 172b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam if (matchesDN(x509Cert.getSubjectX500Principal(), name)) 173b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam { 174b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return true; 175b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 176b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 177b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam 178b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam return false; 179b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam } 180b61a96e7ef1a78acf013bbf08fe537e5b5f129caPeter Hallam} 181